Wednesday, September 18, 2013



  
Complete DHS Daily Report for September 18, 2013

Daily Report

Top Stories

 • Several companies shut down hundreds of wells around Colorado September 16 after severe storms and flooding disrupted oil and natural gas production and transportation around the State. – Reuters

1.            September 16, Reuters – (Colorado) Colorado flooding disrupts oil, gas production. Several companies shut down hundreds of wells around Colorado September 

16 after severe storms and flooding disrupted oil and natural gas production and transportation around the State. Source: http://www.reuters.com/article/2013/09/16/energy-natgas-cig-idUSL2N0HC1NA20130916

 • The U.S. Centers for Disease Control and Prevention released a report claiming that the overuse of antibiotics has caused 3 kinds of bacteria to become urgent threats to human health in the U.S. – USA Today

22. September 16, USA Today – (National) 3 germs are urgent threats to USA’s health, CDC says. The U.S. Centers for Disease Control and Prevention released a report September 16 claiming that the overuse of antibiotics has caused 3 kinds of bacteria to become urgent threats to human health in the U.S. The report is the first to categorize the threats in order of immediate importance and it is also the first to quantify the impact, stating the bacteria cause at least 2 million infections and 23,000 deaths a year. Source: http://www.usatoday.com/story/news/nation/2013/09/16/cdc-germ-list/2819577/

  Authorities are investigating after a former Navy reservist killed at least 12 people while 8 others received injuries September 16 in a mass shooting at the Navy Yard in Washington, D.C. – New York Times

27. September 16, New York Times – (Washington, D.C.) Gunman and 12 victims killed in shooting at D.C. Navy Yard. Authorities are investigating after a former Navy reservist killed at least 12 people while 8 others received injuries September 16 in a mass shooting at the Navy Yard in Washington, D.C. The gunman was killed during a gunfire exchange with police officers. Source: http://www.nytimes.com/2013/09/17/us/shooting-reported-at-washington-navy-yard.html?pagewanted=all

 • Researchers analyzed the attacks and campaigns of a sophisticated state-sponsored cybercriminal group dubbed Hidden Lynx, the group behind an attack on Bit9 in 2012. – Softpedia See item 32 below in the Information Technology Sector

Details

Banking and Finance Sector

6. September 17, U.S. Securities and Exchange Commission – (National) SEC charges 23 firms with short selling violations in crackdown on potential manipulation in advance of stock offerings. The U.S. Securities and Exchange Commission announced enforcement actions against 23 firms for short selling violations, with 22 of the companies reaching settlements that totaled $14.4 million in fines. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370539804376

7. September 16, Reuters – (International) U.S. indicts ex-traders in JPMorgan ‘London Whale’ scandal. Two former traders for JPMorgan Chase & Co. were indicted by a U.S. grand jury for their alleged role in a $6.2 billion trading loss. The two, a Spanish national and a French national, allegedly inflated the value of securities to hide the extent of their losses. Source: http://www.reuters.com/article/2013/09/16/us-jpmorgan-whale-indictment-idUSBRE98F13K20130916

Information Technology Sector

32. September 17, Softpedia – (International) Experts analyze operations of state-sponsored cybercriminals behind the Bit9 hack. Symantec researchers analyzed the attacks and campaigns of a state-sponsored cybercriminal group dubbed Hidden Lynx and found that it was split into two teams utilizing two trojans to steal information through various means. The group, that is apparently China-based, was behind an attack on Bit9 in 2012, and has predominantly targeted organizations in the U.S. Source: http://news.softpedia.com/news/Experts-Analyze-Operations-of-State-Sponsored-Cybercriminals-Behind-the-Bit9-Hack-383796.shtml

33. September 17, V3.co.uk – (International) Darkleech campaign targets Java to spread Reveton ransomware. FireEye was alerted to a new Darkleech campaign that is utilizing Java and Adobe vulnerabilities to spread the Reveton ransomware. The campaign redirects users to malware-infected sites that then attempt to infect the user’s system. Source: http://www.v3.co.uk/v3-uk/news/2295107/darkleech-campaign-targets-java-to-spread-reveton-ransomware

34. September 17, Help Net Security – (International) Too long passwords can DoS some servers. A vulnerability in popular open source Web application framework Django was demonstrated where an attacker could create an extremely long password, which Django would then hash with the PBKDF2 algorithm, tying up system resources. Large passwords being repeatedly submitted could thus be used in a denial of service (DoS) attack. Source: http://www.net-security.org/secworld.php?id=15591

35. September 17, Help Net Security – (International) Researchers create undetectable layout-level hardware trojans. A group of researchers published a paper outlining how hardware trojans could be implemented stealthily below the gate level. The trojans can weaken protection in random number generators, create a method for leaking secret keys, and when tested were not detected by common trojan testing methods. Source: http://www.net-security.org/secworld.php?id=15589

36. September 17, SC Magazine – (International) Microsoft reissues Patch Tuesday fixes to address install glitches. Microsoft addressed bugs in several patches released as part of its September 10 Patch Tuesday update bundle after users reported issues with the updates, including issues with Microsoft Office programs and updates attempting to reinstall numerous times. Source: http://www.scmagazineuk.com/microsoft-reissues-patch-tuesday-fixes-to-address-install-glitches/article/311935/

37. September 16, Threatpost – (International) Apple fixes 30 bugs with OS X Mountain Lion, Safari patches. Apple issues patches for OS X Mountain Lion, closing 30 vulnerabilities and adding other improvements. The company also released an update to its Safari browser, fixing multiple memory corruption issues. Source: http://threatpost.com/apple-fixes-30-bugs-with-os-x-mountain-lion-safari-patches/102303

Communications Sector

Nothing to report