Thursday, September 12, 2013

  
Complete DHS Daily Report for September 12, 2013

Daily Report

Top Stories

 • Pennsylvania’s attorney general announced Exxon Mobil Corp. was charged with illegally dumping over 50,000 gallons of wastewater at the Marquandt shale-gas drilling site. – Bloomberg News

2. September 11, Bloomberg News – (Pennsylvania) Exxon charged with illegally dumping waste in Pennsylvania. Pennsylvania’s attorney general announced Exxon Mobil Corp. was charged with illegally dumping over 50,000 gallons of wastewater at the Marquandt shale-gas drilling site in Lycoming County in 2010. Authorities ordered Exxon unit XTO Energy Inc. to remove 3,000 tons of soil to clean up the area and charged them for violating the Clean Streams Law and Solid Waste Management Act. Source: http://www.bloomberg.com/news/2013-09-11/exxon-charged-with-illegally-dumping-waste-water-in-pennsylvania.html

 • A Romanian national and New York City resident pleaded guilty to his role in a payment card skimming scheme that stole around $985,000 from victims in several States. – NJToday.net (See item 7) below in the Banking and Finance Sector

 • The University of Puerto Rico Hospital’s intensive care unit was closed following an outbreak of a resistant bacteria strain that affected at least 10 patients. – Associated Press

29. September 10, Associated Press – (Puerto Rico) Bacteria outbreak forced closure of Puerto Rico hospital’s intensive care unit, officials say. The University of Puerto Rico Hospital’s intensive care unit was closed following an outbreak of a resistant bacteria strain that affected at least 10 patients, officials stated September 10. Authorities are investigating the cause of death of at least 10 of the patients infected with the bacteria. Source: http://www.washingtonpost.com/world/the_americas/official-bacteria-forces-closure-of-puerto-rico-hospital-intensive-care-unit/2013/09/10/18cc2dc8-1a5d-11e3-80ac-96205cacb45a_story.html

 • Microsoft released its September Patch Tuesday round of patches addressing 13 vulnerabilities. – Help Net Security See item 42 below in the Information Technology Sector

Details

Banking and Finance Sector

6. September 10, St. Louis Post-Dispatch – (National) ‘I-55 Bandit’ started robbing banks in St. Louis area, now wanted in five states. The FBI asked for the public’s help in locating a suspect known as the “I-55 Bandit” believed responsible for 10 bank robberies and 2 attempted bank robberies throughout Missouri, Maryland, West Virginia, Illinois, and Tennessee. Source: http://www.stltoday.com/news/local/crime-and-courts/i--bandit-started-robbing-banks-in-st-louis-area/article_7cd60eb7-5825-57c4-b8ba-05a2db83cf2a.html

7. September 10, NJToday.net – (New York; New Jersey; Connecticut) NY man pleads guilty to role in ATM skimming scheme. A Romanian national and New York City resident pleaded guilty September 9 to his role in payment card skimming scheme that stole around $985,000 from victims in New York, New Jersey, and Connecticut. Source: http://njtoday.net/2013/09/10/ny-man-pleads-guilty-to-role-in-atm-skimming-scheme/

8. September 10, SC Magazine – (International) Shopping cart malware compromises credit card information. Two Web sites belonging to the Outdoor Network had their shopping cart systems infected with malware, possible compromising customers’ names, addresses, credit card numbers, CVV codes, and card expiration dates. The compromise affects transaction made between December 2012 and July 2013. Source: http://www.scmagazine.com/shopping-cart-malware-compromises-credit-card-information/article/311006/

For another story, see item 39 below in the Information Technology Sector

Information Technology Sector

36. September 11, Computerworld – (International) Buggy Microsoft update hamstrings Outlook 2013. A non-security update for Microsoft Office 2013 was found to cause issues with Outlook 2013’s folder pane on systems running Windows 7 and Windows 8. Source: http://www.computerworld.com/s/article/9242322/Buggy_Microsoft_update_hamstrings_Outlook_2013

37. September 11, Softpedia – (International) PoC and details published for Microsoft SharePoint Server 2013 flaw (MS13-067). A proof of concept (PoC) for a vulnerability in Microsoft SharePoint Server 2013 was released by Vulnerability Lab researchers following the publication of a patch that addresses the vulnerability. The vulnerability can be remotely exploited to inject malicious script and perform several malicious actions. Source: http://news.softpedia.com/news/POC-and-Details-Published-for-Microsoft-SharePoint-Sever-2013-Flaw-MS13-067-382088.shtml

38. September 11, Softpedia – (International) BlackBerry fixes vulnerabilities in Webkit, libefix, and Flash Player. BlackBerry released patches that address several vulnerabilities affecting a variety of products including the Webkit browser engine, installations of Adobe Flash Player, and the libefix library. . Source: http://news.softpedia.com/news/BlackBerry-Fixes-Vulnerabilities-in-Webkit-libefix-and-Flash-Player-382177.shtml

39. September 11, Softpedia – (International) Multiplayer video game servers abused for DDoS attacks, experts warn. Prolexic warned that cybercriminals are increasingly abusing multiplayer gaming servers to make their distributed denial of service (DDoS) attacks more efficient. Prolexic observed instances of gaming servers being used to launch DDoS attacks against financial services and online gaming targets. Source: http://news.softpedia.com/news/Multiplayer-Video-Game-Servers-Abused-for-DDOS-Attacks-Experts-Warn-382138.shtml

40. September 11, Softpedia – (International) Syrian Electronic Army hacks large number of FOX Twitter accounts via HootSuite. Members of the Syrian Electronic Army hacktivist group compromised dozens of Twitter accounts belonging to FOX after they gained access to a HootSuite account that links the profiles. Source: http://news.softpedia.com/news/Syrian-Electronic-Army-Hacks-Large-Number-of-FOX-Twitter-Accounts-via-HootSuite-381970.shtml

41. September 10, SC Magazine – (International) Saboteurs target OAuth protocol to compromise HootSuite users. Around 7,000 HootSuite accounts were compromised and used to send spam through Twitter after attackers targeted a third-party application that uses OAuth to gain access. Source: http://www.scmagazine.com/saboteurs-target-oauth-protocol-to-compromise-hootsuite-users/article/311109/

42. September 10, Help Net Security – (International) Microsoft releases 13 bulletins, axes .NET patch. Microsoft released its September Patch Tuesday round of patches, which included 13 bulletins that address issues in Microsoft Office, Windows, SharePoint Server, and Internet Explorer. Source: http://www.net-security.org/secworld.php?id=15547

43. September 10, Help Net Security – (International) C&C PHP script for staging DDoS attacks sold on underground forums. A security researcher at Webroot discovered a command and control (C&C) PHP script designed to integrate multiple compromised servers for use in distributed denial of service (DDoS) attacks for sale on an underweb forum. The script appears to be in early stages of development and has a current listed price at $800. Source: http://www.net-security.org/malware_news.php?id=2585

Communications Sector

44. September 11, Worcester Telegram & Gazette – (Massachusetts) Shrewsbury cable company works on TV blackouts. Approximately 8,000 of 11,000 Shrewsbury Electric and Cable Operations (SELCO) customers suffered intermittent blackouts of their basic and extended basic cable beginning in May 2013, which became more pronounced the weekend of September 7. The blackout occurs every 6 to 8 minutes for 1-3 seconds and while a patch has been created for 80 percent of the affected channels, the remaining percentage needs to remain in the interruption mode to permit SELCO to troubleshoot the problem. Source: http://www.telegram.com/article/20130911/NEWS/309119909/1116