Tuesday, July 23, 2013



Daily Report

Top Stories

 • The U.S. Securities and Exchange Commission filed charges against the founder and CEO of SAC Capital Advisors for allegedly failing to prevent two portfolio managers from engaging in $275 million of insider trading. – Associated Press See item 6 below in the Banking and Finance Sector

 • Several States have begun privacy audits and reviews of their health data collection policies after a report uncovered some patients at Washington hospitals could be easily identified when a State database was combined with publicly available information. – Bloomberg News

24. July 22, Bloomberg News – (National) States review rules after patients identified via health records. Several States have begun privacy audits and reviews of their health data collection policies to ensure patients cannot be identified in publicly available databases of hospital records after a report uncovered some patients at Washington hospitals could be easily identified when a database sold by the State was combined with news articles and other public information. Washington suspended distribution of the information and developed a confidentiality agreement that all buyers must now sign as a result. Source: http://www.businessweek.com/news/2013-07-22/states-review-rules-after-patients-identified-via-health-records

• Firefighters reached 68 percent containment of California’s Mountain Fire July 21 after it burned over 27,000 acres. – Palm Springs Desert Sun

27. July 22, Palm Springs Desert Sun – (California) Rains subdue California’s Mountain Fire. Firefighters reached 68 percent containment of California’s Mountain Fire July 21 after it burned over 27,000 acres. Authorities lifted evacuation orders for roughly 4,000 residents in the Idyllwild-Fern Valley area and expected to fully surround the fire by July 24. Source: http://www.usatoday.com/story/news/nation/2013/07/22/calif-wildfire-rain-containment/2574105/

• A researcher reported that millions of mobile phones may be vulnerable to being tricked into granting access to information due to old encryption methods in SIM cards. – IDG News Service See item 42 below in the Information Technology Sector

Details
Banking and Finance Sector

5. July 22, Associated Press – (Florida) SEC charges Miami, official with fraud over bonds. The U.S. Securities and Exchange Commission charged the City of Miami and the city’s former budget director with making false and misleading statements regarding money transfers in three 2009 bond offerings totaling $153.5 million. Source: http://www.omaha.com/article/20130722/MONEY/130729846/1697

6. July 21, Associated Press – (National) SEC files charges against hedge fund founder. The U.S. Securities and Exchange Commission filed civil charges against the founder and CEO of SAC Capital Advisors for allegedly failing to prevent two portfolio managers from illegally using insider information to make profits and avoid losses totaling $275 million. Source: http://www.scnow.com/news/politics/article_a27b67f6-f24d-11e2-9c7f-001a4bcf6878.html

7. July 20, Softpedia – (New Hampshire) St. Mary’s Bank warns 115,775 New Hampshire residents after malware incident. St. Mary’s Bank notified 115,775 customers after malware was found on 23 of the bank’s workstations. The screenshot-capturing malware had been in place since February. Source: http://news.softpedia.com/news/St-Mary-s-Bank-Warns-115-775-New-Hampshire-Residents-After-Malware-Incident-369711.shtml

8. July 20, Associated Press – (Washington) Wash. man pleads guilty in Peru investment scheme. A Seattle man pleaded guilty to running a Ponzi scheme through his NDG Investment Group company between 2006 and 2009, raising more than $30 million from 200 investors. Source: http://www.bradenton.com/2013/07/20/4617656/wash-man-pleads-guilty-in-peru.html

9. July 20, KION 46 Salinas – (California) Authorities link Central Coast Bandit to fifth robbery. The suspect known as the “Central Coast Bandit” was linked to a July 18 robbery of a Farmers Merchants Bank branch in Modesto, her fifth robbery. Source: http://www.kionrightnow.com/story/22889835/authorities-link-central-coast-bandit-to-fifth-robbery

10. July 19, Woodinville Patch – (Washington) Authorities seeking info on serial bank robbery known as “Elephant Man Bandit”. Authorities in Seattle are seeking information on a suspect dubbed the “Elephant Man Bandit” suspected of robbing three banks in the area. Source: http://woodinville.patch.com/groups/police-and-fire/p/authorities-seek-info-on-elephant-man-bandit-alleged-woodinville-bothell-bank-robber

Information Technology Sector
41. July 22, Softpedia – (International) Spam botnet StealRat uses 2 hijacked sites, 1 computer to evade detection. Trend Micro researchers identified a spam botnet dubbed StealRat which uses two compromised Web sites and one computer infected with malware to disguise spam emails and make them appear as if they were sent by the infected computer rather than a spam server. Source: http://news.softpedia.com/news/Spam-Botnet-StealRat-Uses-2-Hijacked-Sites-1-Computer-to-Evade-Detection-370004.shtml

42. July 22, IDG News Service – (International) SIM cards vulnerable to hacking, says researcher. A researcher due to present his findings at the annual Black Hat conference reported that millions of mobile phones may be vulnerable to being tricked into granting access to information due to old encryption methods in SIM cards. Source: https://www.computerworld.com/s/article/9240927/SIM_cards_vulnerable_to_hacking_says_researcher

43. July 22, CNET News – (International) Researcher: Apple developer site hack? I meant no harm. Apple reported that an intruder attempted to gain access to its Developer Center Web site, and the site was shut down as a precaution. However, a security researcher claimed he was reporting vulnerabilities in the site to Apple shortly before it was shut down. Source: http://news.cnet.com/8301-1009_3-57594804-83/researcher-apple-developer-site-hack-i-meant-no-harm/

44. July 21, IDG News Service – (International) Ubuntu forum defaced, breached by hackers. The Ubuntuforums.org Web site was breached and defaced by hackers July 20, with salted, encrypted passwords and email addresses exposed. The CEO of Canonical stated that the site would remain offline until it can be fixed. Source: https://www.computerworld.com/s/article/9240932/Ubuntu_forum_defaced_breached_by_hackers

45. July 20, Softpedia – (International) Cybercriminals increasingly use .lc domains in their attacks, experts say. Researchers at Kaspersky found that Santa Lucia .lc domains are increasingly being used in malicious campaigns. Source: http://news.softpedia.com/news/Cybercriminals-Increasingly-Use-LC-Domains-in-their-Attacks-Experts-Say-369692.shtml

46. July 19, IDG News Service – (International) Panasonic pleads guilty to laptop battery pack price fixing. Panasonic, a subsidiary, and LG Chem pleaded guilty to their role in laptop battery cell price fixing and agreed to pay about $12 million in fines. Panasonic will also pay $45.8 million for an automotive parts price fixing conspiracy. Source: https://www.networkworld.com/news/2013/071913-panasonic-pleads-guilty-to-laptop-272008.html

Communications Sector
47. July 20, Hanover Evening Sun – (Pennsylvania) Verizon wireless outage caused by cut fiber wire. Verizon Communication confirmed July 19 outages in southcentral Pennsylvania were caused by a fiber-optic cable cut by a down tree in Harrisburg and impacted as many as 65 cellular towers and wireless services in multiple areas throughout central Pennsylvania. Source: http://www.eveningsun.com/nationworldnews/ci_23695038/reports-verizon-wireless-outage

 

 


 

Department of Homeland Security (DHS)

DHS Daily Open Source Infrastructure Report Contact Information

 

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

 

Contact Information

 

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

 

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

 

Removal from Distribution List:     Send mail to support@govdelivery.com.

 

 

Contact DHS

 

To report physical infrastructure incidents or to request information, please contact the National Infrastructure

Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

 

To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

 

Department of Homeland Security Disclaimer

 

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.