Complete DHS Daily Report for November 7, 2013
Daily Report
Top Stories
• California regulators fined Pacific Gas and
Electric Co. $8.1 million for flawed pipe inspections of 224 welds on natural
gas pipelines from Petaluma to Lodi. – San Francisco Chronicle
1.
November 5, San Francisco Chronicle –
(California) PG&E fined $8 million for flawed pipe inspections. Pacific
Gas and Electric Co. (PG&E) was fined $8.1 million November 5 by California
regulators for the contractor, TC Inspections Inc.’s, faulty inspections of 224
welds on natural gas pipelines from Petaluma to Lodi during a testing
replacement program that the utility company began after a 2010 San Bruno
explosion that killed eight people. PG&E is excavating and re-inspecting
the lines. Source: http://www.sfgate.com/bayarea/article/PG-amp-E-fined-8-million-for-flawed-pipe-4958491.php
• An Office of
Inspector General and Office of Audits and Inspections audit revealed that 29
new weaknesses emerged from the U.S. Department of Energy’s network in 2013,
which do not include older flaws that were found but have not been addressed. –
Threatpost
29.
November 4, Threatpost – (National) DOE
audit reveals new weaknesses, and unpatched older flaws. An audit
undertaken by the Office of Inspector General and the Office of Audits and
Inspections revealed that 29 new weaknesses emerged from the U.S. Department of
Energy’s network in 2013 in addition to 10 existing that the agency failed to
fix after a 2012 audit. Source: http://threatpost.com/doe-audit-reveals-new-weaknesses-and-unpatched-older-flaws
• Researchers have detected a new variant of
the Shiz remote access trojan (RAT) being used to search infected systems for
SAP applications, potentially as the reconnaissance phase of an attack
campaign. – The Register See item 31
below in the Information Technology
Sector
• A suspicious fire at Hampton Greens in
Bellevue, Washington, destroyed 10 apartments, injured 7 people, and caused an
estimated $1.5 million in damages. – Seattle Times
43.
November 5, Seattle Times –
(Washington) 7 injured as 10 apartments burn in suspicious Bellevue blaze. A
fire at Hampton Greens in Bellevue, Washington, November 5 destroyed 10
apartment units, left 7 people injured, and caused an estimated $1.5 million in
damages to the building as well as $150,000 to the contents. Authorities are
investigating the cause of the fire. Source: http://seattletimes.com/html/latestnews/2022197529_bellevuefirexml.html
Details
Financial Services Sector
5. November 6, Eugene Register-Guard – (Oregon) ‘Tall
Man’ admits robberies. A man known as the “Tall Man Bandit” pleaded guilty
November 5 to robbing four banks in Eugene and two in Springfield during
February and March. Source: http://registerguard.com/rg/news/local/30693095-75/evans-bank-eugene-banks-march.html.csp
6. November 5, Tulsa World – (National) Tulsa
woman admits guilt in six-figure prepaid debit card fraud. A Tulsa,
Oklahoma woman pleaded guilty November 5 to her part in a multistate prepaid
debit card fraud scheme that caused losses of between $200,000 and $400,000.
The woman and her conspirators would induce employees at Walmart stores to
activate prepaid debit cards by falsely claiming to be from the company’s
headquarters or from prepaid debit card company Green Dot. Source: http://www.tulsaworld.com/news/crimewatch/tulsa-woman-admits-guilt-in-six-figure-prepaid-debit-card/article_7fdf9558-4673-11e3-bb78-0019bb30f31a.html
7. November 5, Softpedia – (International) Cybercriminals
use Android trojan Svpeng for mobile phishing. Researchers at Kaspersky
found that the Svpeng Android trojan has been enhanced with the ability to
perform mobile phishing attacks targeting online banking and credit card information.
The trojan currently targets Russian users but is already equipped with the
ability to check for operating system language versions. Source: http://news.softpedia.com/news/Cybercriminals-Use-Android-Trojan-Svpeng-for-Mobile-Phishing-397388.shtml
Information Technology Sector
31. November
6, The Register – (International) It’s the Shiz: Mutant RAT spotted gnawing at
SAP apps. Researchers have detected a new variant of the Shiz remote access
trojan (RAT) being used to search infected systems for SAP applications,
potentially as the reconnaissance phase of an attack campaign. The new variant
includes its usual remote access features, as well as SAP-related capabilities
with an unknown purpose. Source: http://www.theregister.co.uk/2013/11/06/sap_rat_malfeasance/
32. November
6, Softpedia – (International) CSRF vulnerability in Twitter allowed hackers
to read DMs, post tweets. Twitter closed a cross-site request forgery
(CSRF) vulnerability in its “add mobile device” feature after a researcher
reported the issue. The vulnerability could have been leveraged to gain access
to a user’s direct messages and to post tweets. Source: http://news.softpedia.com/news/CSRF-Vulnerability-in-Twitter-Allowed-Hackers-to-Read-DMs-Post-Tweets-397654.shtml
33. November
6, Softpedia – (International) FBI adds 5 hackers to Cyber Most Wanted list.
The FBI added five new alleged cybercriminals to its Cyber Most Wanted
list, including two accused of causing $50 million in damages by hacking into
business telephone systems. Source: http://news.softpedia.com/news/FBI-Adds-5-Hackers-to-Cyber-Most-Wanted-List-397572.shtml
34. November
5, Krebs on Security – (International) Microsoft warns of zero-day attack on Office.
Microsoft warned users of a zero day vulnerability in some versions of
Office on systems running older versions of Windows. Microsoft offered a fix-it
tool until a comprehensive patch can be issued. Source: http://krebsonsecurity.com/2013/11/microsoft-warns-of-zero-day-attack-on-office/
35. November
5, Threatpost – (International) Marketplace for phony Twitter followers is
big business. Researchers at Barracuda Networks reported that
cybercriminals behind fake Twitter accounts used to sell fake followers and
spread malicious links have shifted to duplicating legitimate accounts in order
to avoid detection and get better click-through rates on their malicious links.
Source: http://threatpost.com/marketplace-for-phony-twitter-followers-is-big-business
36. November
5, IDG News Service – (International) Spike in traffic with TCP source port zero
has some researchers worried. Researchers at Cisco Systems reported a
significant increase in TCP traffic with source port zero over the November 2-3
weekend. The increase in traffic could be a precursor to attempts to compromise
networks. Source: http://www.computerworld.com/s/article/9243809/Spike_in_traffic_with_TCP_source_port_zero_has_some_researchers_worried
Communications Sector
37.
November 5, United Press International –
(Washington) Copper thieves knock Spokane radio station off the air. Radio
station KMBI-AM in Spokane ceased broadcasting after copper thieves stole wire
from the transmission tower November 3, disrupting transmission. The theft
resulted in several thousand dollars in repairs needed to rewire the tower and
return service. Source: http://www.upi.com/Odd_News/2013/11/05/Copper-thieves-knock-Spokane-radio-station-off-the-air/UPI-31271383685851/
38.
November 5, Cincinnati Business Courier –
(National) Kroger's wireless phone company faces $8.7M fine. The Federal
Communications Commission proposed fining I-Wireless $8.75 million in penalties
for alleged abuse of the Lifeline program between October 2012 and April 2013.
Source: http://www.bizjournals.com/cincinnati/news/2013/11/05/krogers-wireless-company-faces-87m.html
39.
November 5, San Juan Islander –
(Washington) Estimated 24 to 72 hours to repair broken fiber-optic line. An
underwater break in a fiberoptic line shut down CenturyLink-operated cellphone
service, long distance land-line service, and 911 calls on Orcas, Shaw, and
Lopez islands. Source: http://sanjuanupdate.com/2013/11/internet-outage/
40.
November 5, Broadcasting & Cable –
(National) FCC proposes fining TBS $25,000 over 'Conan' promo. The
Federal Communications Commission (FCC) proposed fining TBS $25,000 for a
simulated Emergency Alert System warning used in a promotion that constituted a
false distress signal in violation of FCC rules. Source: http://www.broadcastingcable.com/article/496427-FCC_Proposes_Fining_TBS_25_000_Over_Conan_Promo.php
For
another story, see item 7 above in the Financial Services Sector