Wednesday, August 7, 2013   

Complete DHS Daily Report for August 7, 2013

Daily Report

Top Stories

 • Authorities arrested two individuals and charged them in connection with stealing lead-acid batteries from 16 separate South Carolina utility transmission units between May 4 and July 25. – WBTW 13 Florence

2. August 5, WBTW 13 Florence – (South Carolina) Florence pair charged with stealing batteries from 16 substations. Authorities arrested two individuals and charged them in connection with stealing lead-acid batteries from 16 separate South Carolina utility transmission units between May 4 and July 25. Officials are continuing to investigate and believe additional arrests are likely. Source: http://www.wbtw.com/story/23048109/pair-charged-with-stealing-metal-from-electrical-substations-in-florence-county

 • An increase of 44 cases in Texas over the weekend of August 3 brought the number of confirmed illnesses from recent Cyclospora outbreaks to 469. – Food Safety News
16. August 5, Food Safety News – (National) New Texas illnesses bring Cyclospora count to 469. According to the Texas Department of State Health Services an increase of 44 cases in Texas over the weekend of August 3 brought the number of confirmed illnesses from recent Cyclospora outbreaks to 469. Source: http://www.foodsafetynews.com/2013/08/new-texas-illnesses-bring-cyclospora-case-count-to-469/

 • A gunman was shot and arrested after he shot through a wall into a monthly meeting of Ross Township in Pennsylvania, killing 3 people and injuring 2 others August 5. – Associated Press

25. August 6, Associated Press – (Pennsylvania) 3 shot dead at Pa. township meeting. A disgruntled gunman was shot and arrested after he shot through a wall into a monthly meeting of Ross Township in Pennsylvania, killing 3 people and injuring 2 others August 5. Two people subdued the gunman after he went his car to get another weapon to continue firing. Source: http://news.msn.com/crime-justice/3-shot-dead-at-pa-township-meeting

 • A gang fight inside a restaurant in Salinas, California, August 5 spilled outside where a man began shooting, killing 3 people and injuring 4 others. – Associated Press

41. August 5, Associated Press – (California) Man, 21, arrested in California taco shop shooting that leaves 3 dead, 4 others injured. A gang fight inside a Taco’s Choice restaurant in Salinas August 5 spilled outside the restaurant where a man began shooting, killing three people and injuring four others. The suspected shooter was arrested August 5. Source: http://www.therepublic.com/view/story/27c65aba330d401ebf58d59f2749972c/CA--Taco-Restaurant-Shootings

Details

Banking and Finance Sector

5. August 6, The Register – (International) Revealed: Cyberthug tool that BREAKS HSBC’s anti-Trojan tech. Group-IB spotted an exploit that bypasses part of Trusteer’s Rapport anti-trojan system on underweb forums. Trusteer stated that the vulnerability only affects one layer of security and that a patch is being distributed to users. Source: http://www.theregister.co.uk/2013/08/06/trusteer_pushes_updates_after_cybercrook_brew_up_browser_lockdown_exploit/

6. August 5, Fort Lauderdale Sun Sentinel – (Florida) Boca mortgage broker pleads guilty to fraud. A Boca Raton mortgage broker pleaded guilty to conspiracy after he diverted loan payments he agreed to service for Fannie Mae and Freddie Mac through his company, Coastal States Mortgage Corporation, defrauding the lenders of more than $28 million. Source: http://www.sun-sentinel.com/fl-mortgage-broker-guilty-20130805,0,4001167.story

Information Technology Sector

32. August 6, Softpedia – (International) Experts identify OAuth bypass vulnerability in Microsoft’s social network Yammer. A Vulnerability Lab researcher identified an OAuth bypass vulnerability in Microsoft’s enterprise social network Yammer that could be used to hijack user accounts. The vulnerability was reported to Microsoft and patched July 2013. Source: http://news.softpedia.com/news/Experts-Identify-OAuth-Bypass-Vulnerability-in-Microsoft-s-Social-Network-Yammer-Video-373394.shtml

33. August 6, The Register – (International) Windows Phones BLAB passwords to hackers, thanks to weak crypto. Microsoft warned users to take precautions after it was found that the encryption Windows Phones use to transmit domain credentials is cryptographically weak, allowing rogue hotspots to intercept and decrypt the information. Microsoft advised IT departments to distribute a special root certificate that allows the phones to confirm that they are connecting to a genuine access point before transmission. Source: http://www.theregister.co.uk/2013/08/06/microsoft_win_phone_wifi_vuln/

34. August 6, Softpedia – (International) OpenX.org hacked, backdoor injected into download files. Download files hosted on OpenX.org were found to be infected with a backdoor that could allow attackers to inject and execute arbitrary code on affected servers. OpenX representatives reported that they have removed the compromised files. Source: http://news.softpedia.com/news/OpenX-org-Hacked-Backdoor-Injected-into-Download-Files-373580.shtml

35. August 6, V3.co.uk – (International) Criminals hosting child pornography on 227 business websites. Researchers at the Internet Watch Foundation found that 227 small and medium-sized businesses’ Web sites were hijacked to store child pornography, possibly the first step in a ransomware or blackmail campaign. Source: http://www.v3.co.uk/v3-uk/news/2287093/criminals-hosting-child-pornography-on-227-business-websites

36. August 6, Softpedia – (International) DNS servers of 3 Dutch hosting firms hijacked, thousands of sites serve malware. Researchers at Fox-IT found that three Dutch Web hosts were compromised, with the servers of Digitalus and Virtual Dynamix configured to serve malware. Source: http://news.softpedia.com/news/DNS-Servers-of-3-Dutch-Hosting-Firms-Hijacked-Thousands-of-Sites-Serve-Malware-373308.shtml

37. August 5, IDG News Service – (International) Botnet-powered distributed file storage system uses JavaScript. A researcher from FusionX presenting at the DEF CON 21 conference demonstrated a botnet-like system called HiveMind which uses a piece of JavaScript code loaded into users’ browsers to build a distributed file storage system. Source: https://www.computerworld.com/s/article/9241364/Botnet_powered_distributed_file_storage_system_uses_JavaScript

Communications Sector

Nothing to report


Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

Contact Information

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

Removal from Distribution List:     Send mail to support@govdelivery.com.


Contact DHS

To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

Department of Homeland Security Disclaimer

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.