Wednesday, December 4, 2013



Complete DHS Daily Report for December 4, 2013

Daily Report

 • Data recovered from two event recorders showed that a Metro-North train that derailed in New York City, which killed 4 passengers and injured 63 others, was speeding at 82 miles per hour when the accident occurred. – Associated Press

8. December 3, Associated Press; Middletown Times Herald-Record – (New York) Train speed was 82 mph prior to wreck. The National Transportation Safety Board investigators reported that the Metro-North Hudson line commuter train that derailed in the Bronx area of New York City December 1, killing 4 passengers and injuring 63 others, was speeding at 82 miles per hour when the accident occurred. The preliminary findings are based on data recovered from the train's two event recorders. Source: http://www.recordonline.com/apps/pbcs.dll/article?AID=/20131203/NEWS/312030333

 • The U.S. Food and Drug Administration shut down Alfred Louie Inc., operations following the discovery of Listeria in sprouts processed and distributed at the facility. – KERO 23 Bakersfield

16. December 2, KERO 23 Bakersfield – (California) Alfred Louie, Bakersfield soybean sprout company, shut down by FDA. Alfred Louie Inc., of Bakersfield was told to shut down operations by the U.S. Food and Drug Administration following the April discovery of Listeria in sprouts processed and distributed at the facility. Source: http://www.turnto23.com/news/local-news/alfred-louie-bakersfield-soybean-sprout-company-shut-down-by-fda-120213

 • A gas leak at Princeton University prompted the evacuation of about 500 people and 11 university buildings for more than 2 hours. – WCBS 2 New York City

26. December 2, Associated Press; WCBS 2 New York City – (New Jersey) Gas leak prompts evacuation at Princeton University. Eleven Princeton University buildings were evacuated for more than 2 hours December 2 due to a gas leak after a backhoe struck a gas line near the McCosh Health Center. Source: http://newyork.cbslocal.com/2013/12/02/gas-leak-prompts-evacuation-at-princeton-university/

 • Microsoft stated that a recently discovered zero-day vulnerability affecting Windows XP and Windows Server 2003 was being actively exploited.– SC Magazine See item 33 below in the Information Technology Sector

Details

Financial Services Sector

6. December 2, Las Vegas Review-Journal – (Nevada) Company owners plead guilty in scheme to clear credit histories. Five people, out of 10 charged, pleaded guilty to their role in running a Las Vegas-based credit score forgery scheme that used fake police documents and other methods to falsely improve the credit scores of customers. Source: http://www.reviewjournal.com/news/company-owners-plead-guilty-scheme-clear-credit-histories

7. December 2, WNYT 13 Albany – (New York) Fifth arrest made after credit card skimming in Glenmont. A New York City man was charged along with four employees of the Golden Town Buffet in Glenmont with allegedly running a $55,000 payment card skimming scheme at the restaurant. Source: http://wnyt.com/article/stories/S3232957.shtml?cat=300

For another story, see item 30 below in the Information Technology Sector

Information Technology Sector

28. December 3, Softpedia – (International) Flaw in Android 4.3 can be exploited to remove device locks with rogue apps. Researchers at Curesec identified a vulnerability in Android 4.3 that can be exploited using a rogue app to disable a device’s security features such as PINs and passwords. The researchers produced a proof-of-concept app demonstrating the issue. Source: http://news.softpedia.com/news/Flaw-in-Android-4-3-Can-Be-Exploited-to-Remove-Device-Locks-with-Rogue-Apps-405536.shtml

29. December 3, Help Net Security – (International) Huge quantity of Bitcoins stolen from Sheep Marketplace. The administrators of the Sheep Marketplace underweb market reported to their users that a vendor allegedly broke into the market and stole 5,400 Bitcoins. Source: http://www.net-security.org/secworld.php?id=16037

30. December 3, Softpedia – (International) 706 domains used to sell counterfeit items seized by international law enforcement. U.S., European Union, and Hong Kong authorities seized a total of 706 domain names used to advertise and sell counterfeit goods. Source: http://news.softpedia.com/news/706-Domains-Used-to-Sell-Counterfeit-Items-Seized-by-International-Law-Enforcement-405611.shtml

31. December 3, Threatpost – (International) Acoustical mesh network used to infect air-gapped computers. Researchers published a paper demonstrating how acoustic devices such as speakers and microphones can be used to send data between computers that are ‘air-gapped’ and not connected to the Internet or a network. Source: http://threatpost.com/acoustical-mesh-network-used-to-infect-air-gapped-computers/103079

32. December 3, Dark Reading – (International) Study: 340,000 new malicious websites detected in past 30 days. A study conducted by Commtouch found that the number of malicious Web sites is growing quickly, with an average of 11,500 new threats identified each day. Malware sites made up the majority of malicious sites, followed by phishing and spam sites. Source: http://www.darkreading.com/study-340000-new-malicious-websites-dete/240164387

33. December 2, SC Magazine – (International) Windows XP zero-day under active attack. Microsoft stated that a recently discovered zero-day vulnerability affecting Windows XP and Windows Server 2003 has been observed being exploited in targeted attacks. The vulnerability can allow privilege escalation, kernel mode code execution, and administrator account creation. Source: http://www.scmagazine.com/windows-xp-zero-day-under-active-attack/article/323303/

34. December 2, Help Net Security – (International) Legitimate apps bundled up with secret Bitcoin miner. Malwarebytes researchers identified a Bitcoin miner added to Mutual Public’s YourFreeProxy software that can drain users’ system resources and strain hardware. Source: http://www.net-security.org/malware_news.php?id=2639

35. December 2, SC Magazine – (International) Popular Bitcoin forum targeted in DNS and DDoS attack. The administrators of the BitcoinTalk forum advised their users to avoid logging in for a time December 2 after the site was hit by domain name system (DNS) redirection and distributed denial of service (DDoS) attacks. Source: http://www.scmagazine.com//popular-bitcoin-forum-targeted-in-dns-and-ddos-attack/article/323311/

Communications Sector

Nothing to report