Daily Report
Top Stories
• U.S. authorities charged four Russians and
one Ukrainian for allegedly running a massive data theft hacking scheme that
stole at least 160 million credit and debit card numbers and sold them,
resulting in hundreds of millions of dollars in losses. – Associated Press;
NBC News See
item 12 below in the Banking and Finance Sector
• Federal prosecutors indicted SAC Capital
Advisors for allegedly obtaining and trading on insider information between
1999 and 2010, allowing the firm to make profits and avoid losses in the
hundreds of millions of dollars. – Forbes See item 13 below in the Banking and Finance Sector
• A severe thunderstorm July 24 damaged
several medical facilities around northeast Oklahoma as assisted living centers
and hospitals lost power and were forced to evacuate. – Tulsa World
27. July 25, Tulsa World – (Oklahoma) Powerful storms cause
major problems for Okla. firefighters. A severe thunderstorm July 24
damaged several medical facilities around northeast Oklahoma as assisted living
centers and hospitals lost power and were forced to evacuate. Source: http://www.firehouse.com/news/11062699/powerful-storms-cause-major-problems-for-okla-firefighters-in-tulsa-hurricane-winds
• Federal authorities indicted 10 people July
24 for their roles in the May 2012 Adams County Correctional Center prison riot
in Natchez, Mississippi. – Associated Press
34.
July 24, Associated Press –
(Mississippi) 10 indicted in Adams County prison riot. Federal
authorities indicted 10 people July 24 for their roles in the May 2012 Adams
County Correctional Center prison riot in Natchez. Several correctional
officers were assaulted during the riot and one officer died from injuries as
other guards were held hostage for several hours. Source: http://www.timesunion.com/news/crime/article/10-indicted-in-Adams-County-prison-riot-4684926.php
Details
Banking and Finance Sector
12. July 25, Associated Press; NBC News –
(International) 5 charged in ‘largest hacking and data breach scheme’ bust
in US. U.S. authorities charged four Russian nationals and one Ukrainian
national for allegedly running a massive data theft scheme that stole at least
160 million credit and debit card numbers and sold them, resulting in hundreds
of millions of dollars in losses. The members allegedly hacked into the
computer systems of major companies and payment processors to obtain the
financial information. Source: http://www.nbcnews.com/business/5-charged-largest-hacking-data-breach-scheme-bust-us-6C10744872
13. July 25, Forbes – (New York) Feds indict SAC
Capital alleging hedge fund firm encouraged insider trading. Federal
prosecutors in New York City indicted SAC Capital Advisors for allegedly
obtaining and trading on insider information between 1999 and 2010 and
encouraging employees to utilize non-public information, allowing the firm to
make profits and avoid losses in the hundreds of millions of dollars. Source: http://www.forbes.com/sites/nathanvardi/2013/07/25/feds-indict-sac-capital-alleging-hedge-fund-firm-encouraged-insider-trading/
Information Technology Sector
36. July 25,
The Register – (International) LinkedIn snaps shut OAuth login token
snaffling vulnerability. A software developer found and reported a
vulnerability in LinkedIn’s customer help Web site that give out the OAuth
token of the logged-in user, which could be used to potentially access profile
information. The vulnerability was then fixed by LinkedIn. Source: http://www.theregister.co.uk/2013/07/25/linkedin_oauth_token_snaffling_vuln/
37. July 24,
Softpedia – (International) New Xpiro infectors are persistent and can
infect both 32-bit and 64-bit files. Symantec researchers found that the
latest versions of the Xpiro family of file infectors include a number of
capabilities, including the ability to infect 32-bit and 64-bit files, add
browser extensions, and prevent browser updates. Source: http://news.softpedia.com/news/New-Xpiro-Infectors-Are-Persistent-and-Can-Infect-Both-32-bit-and-64-bit-Files-370715.shtml
38. July 24, V3.co.uk – (International) First active
Google Android Master Key exploit discovered in the wild. Researchers at
Symantec found the first attacks leveraging the ‘Master Key’ exploit for
Android in the wild. Two legitimate Chinese apps were modified to control
devices, disable mobile security apps, sends SMS messages, and steal
information. Source: http://www.v3.co.uk/v3-uk/news/2284568/first-active-google-android-master-key-exploit-discovered-in-the-wild
For another story, see item 12 above in the Banking and Finance Sector
Communications Sector
39.
July 24, WGEM 10 Quincy – (Illinois) Cut
fiber optic cable leads to widespread cell phone service outage. U.S.
Cellular and Sprint customers across several cities in Illinois suffered a
20-hour outage before cellular service was restored. The outage was likely
caused by a severed fiber optic line July 23. Source: http://www.wgem.com/story/22920722/2013/07/24/cut-fiber-optic-cable-leads-to-widespread-cell-phone-service-outage
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.