Thursday, October 31, 2013



Complete DHS Daily Report for October 31, 2013

Daily Report

Top Stories

 • Officials are searching for a break in an 8-inch Koch Pipeline Company pipe which spilled 17,000 gallons of crude oil in Fayette County, Texas. – KVUE 24 Austin

1. October 29, KVUE 24 Austin – (Texas) 17,000 gallons of crude oil spill near Smithville. Crews worked to clean up a 17,000 gallon crude oil spill in Fayette County, Texas, after an 8-inch Koch Pipeline Company pipe leaked in Smithville. Officials are searching for the break in the pipeline and do not have an end date for cleanup and repairs. Source: http://www.kvue.com/news/Officials-cleaning-up-400-barrel-oil-spill-near-Smithville-229756751.html

 • An October 29 dust storm contributed to a multiple-fatality accident involving 19 vehicles along Arizona’s Interstate 10, which killed 3, injured 12, and shut down westbound lanes for more than 5 hours. – Associated Press

7. October 30, Associated Press – (Arizona) 3 killed in dust storm crashes on I-10 in Arizona. A dust storm contributed to a multiple-fatality accident involving 19 vehicles in the eastbound lanes of Interstate 10 south of Casa Grande, Arizona, which killed 3 people, injured at least 12, and closed parts of westbound lanes for more than 5 hours October 29. The Arizona Department of Public Safety is investigating the crash. Source: http://news.msn.com/us/3-killed-in-dust-storm-crashes-on-i-10-in-arizona

 • Portland Water Bureau spokesman reported a 100-year old, 24-inch cast-iron water main break October 29 caused significant flooding and surface damage, affecting traffic, flooding the basements of buildings, and knocking out power. – KOIN 12 Portland

13. October 29, KOIN 12 Portland – (Oregon) Water main breaks, floods downtown. A Portland Water Bureau spokesman reported a 100-year old, 24-inch cast-iron water main break October 29 caused significant flooding and surface damage, affecting traffic, flooding the basements of buildings and hotels, and knocking out power. Source: http://www.koin.com/news/water-main-breaks-significant-damage-downtown

 • A suspect in a string of five murders across multiple locations including a gas station was captured October 29 after authorities tracked him following a high-speed chase and crash. – Dallas Morning News

28. October 29, Dallas Morning News – (Texas) Suspect captured after series of five slayings in Terrell. A suspect in a string of five murders across multiple homes and a gas station/convenience store in Terrell was captured October 29 after authorities tracked him to a wooded area following a high-speed chase and crash. An investigation is ongoing. Source: http://www.dallasnews.com/news/20131028-suspect-in-series-of-terrell-slayings-captured.ece

Details

Banking and Finance Sector

4. October 30, Softpedia – (International) Researchers hack counterfeit money detector to accept paper as valid currency. A researcher at IOActive discovered a way to modify the firmware of the Secureuro counterfeit money detector used frequently in Spain so that the device will accept ordinary paper as valid currency. The modifications can be done without hardware hacking and is aided by a lack of encryption in the firmware. Source: http://news.softpedia.com/news/Researchers-Hack-Counterfeit-Money-Detector-to-Accept-Paper-as-Valid-Currency-395507.shtml

5. October 29, Reuters – (International) Dutch Rabobank fined $1 billion over LIBOR scandal. Dutch bank Rabobank was fined approximately $1 billion by U.S., U.K., and Dutch regulators for manipulating the London Interbank Offered Rate (LIBOR) and another rate over a period of 6 years. Source: http://www.reuters.com/article/2013/10/29/us-rabobank-libor-idUSBRE99S0L520131029

6. October 29, Reuters – (Georgia) SEC sues investor over alleged Carter’s insider-trading scheme. The U.S. Securities and Exchange Commission filed a civil complaint against a former hedge fund investment consultant and analyst for allegedly being part of an insider trading scheme that led to around $2.5 million in illegal profits and avoided losses after sharing information in advance of market news regarding clothing maker Carter’s. Source: http://www.reuters.com/article/2013/10/30/us-carters-trading-complaint-idUSBRE99T00M20131030

Information Technology Sector

21. October 30, Softpedia – (International) Expert finds unrestricted file upload vulnerability in Twitter. A researcher at Q-CERT identified and reported two vulnerabilities in Twitter that could have been leveraged to upload malicious files to a Twitter developer Web site and to redirect users to arbitrary Web sites. Twitter has since closed the reported vulnerabilities. Source: http://news.softpedia.com/news/Expert-Finds-Unrestricted-File-Upload-Vulnerability-in-Twitter-Video-395604.shtml

22. October 30, Softpedia – (International) 10 security fixes included in Firefox 25. Mozilla released the newest version of its Firefox browser, Firefox 25, which includes fixes for 10 security issues, 5 of which were rated critical. Source: http://news.softpedia.com/news/10-Security-Fixes-Included-in-Firefox-25-395477.shtml

23. October 29, Threatpost – (International) New injection campaign peddling rogue software downloads. Websense researchers reported that a mass injection campaign dubbed GWload has compromised at least 40,000 Web pages by tricking users into installing a fake version of VLC Media Player by claiming it is required to view content. Users who attempt to install the fake software then have several varieties of bloatware and other unwanted software installed on their systems. Source: http://threatpost.com/new-injection-campaign-peddling-rogue-software-downloads

24. October 29, CNET News – (International) MongoHQ scrambles to address major database hack. Database hosting service MongoHQ reported that it was the victim of a security breach October 28 that compromised users’ email addresses, hashed password data, and other account information. Source: http://news.cnet.com/8301-1009_3-57609938-83/mongohq-scrambles-to-address-major-database-hack/

Communications Sector

25. October 29, Chicago Tribune – (National) AT&T says it has resolved U-verse outage. AT&T announced October 29 it resolved an outage of its Internet and phone U-verse service for an unreported number of affected customers after a software upgrade issue caused the disruption in service. Source: http://www.chicagotribune.com/business/breaking/chi-att-uverse-service-outage-20131029,0,5006084.story

Wednesday, October 30, 2013



Complete DHS Daily Report for October 30, 2013

Daily Report

Top Stories

 • The city of Gatesville, Texas, issued a mandatory water-conservation order October 29 and alerted 20,000 residents and businesses of a possible 24-36 water outage. – Killeen Daily Herald

15. October 29, Killeen Daily Herald – (Texas) 20,000 customers in Gatesville without water. The city of Gatesville issued a mandatory water-conservation order October 29 and alerted 20,000 residents and businesses of a possible 24-36 hour water outage after a faulty cable at an intake structure prevented electrical power from being restored following an October 27 power outage. Source: http://kdhnews.com/news/customers-in-gatesville-without-water/article_65c2e5bc-3ff2-11e3-9d2f-001a4bcf6878.html

 • Authorities are trying to determine the identity of a body and cause of death after multiple body parts turned up at two county sewage plants in San Gabriel Valley, California, October 26. – USA Today

18. October 28, USA Today – (California) Mangled body of woman turns up in L.A. sewage plants. Authorities are trying to identify a dead woman and determine the cause of death after body parts they believe are from the same body turned up at two county sewage plants in San Gabriel Valley October 26. The death is being treated as a homicide. Source: http://www.usatoday.com/story/news/2013/10/28/body-in-sewer-plants/3292857/

 • Authorities recaptured two of the four Caddo County Jail inmates who escaped through the ceiling in the shower at the jail in Anadarko, Oklahoma, October 27. – Columbus Dispatch

29. October 28, CNN – (Oklahoma) 2 of 4 Oklahoma jail shower escapees captured, sheriff says. Authorities recaptured two of the four Caddo County Jail inmates who escaped through the ceiling in the shower at the jail in Anadarko October 27. Officials are still searching for the remaining two inmates who are considered armed and dangerous. Source: http://www.cnn.com/2013/10/28/justice/oklahoma-shower-jailbreak/index.html?hpt=us_c1

 • Adobe confirmed that a recent data breach impacted at least 38 million users, with Adobe ID usernames and hashed passwords obtained by attackers. – Krebs on Security See item 30 below in the Information Technology Sector

Details

Banking and Finance Sector

6. October 28, U.S. Attorney’s Office, District of New Jersey – (New Jersey) Co-owner of company that originated $30 million in fraudulent mortgages pleads guilty. The former co-owner of Premier Mortgage Services pleaded guilty to taking part in a mortgage fraud scheme in New Jersey that caused losses of more than $30 million. Source: http://www.fbi.gov/newark/press-releases/2013/co-owner-of-company-that-originated-30-million-in-fraudulent-mortgages-pleads-guilty

7. October 28, Dallas Morning News – (Texas; Ohio) Dallas identity thief convicted after eating debit card to conceal tax fraud. A Dallas man arrested in Ohio in 2011 was convicted October 25 of 16 counts of fraud in a scheme where he used stolen identities to fraudulently file income tax returns and collect millions of dollars. Four accomplices pleaded guilty to related charges. Source: http://crimeblog.dallasnews.com/2013/10/dallas-identity-thief-convicted-after-eating-debit-card-to-conceal-tax-fraud.html/

Information Technology Sector

30. October 29, Krebs on Security – (International) Adobe breach impacted at least 38 million users. Adobe confirmed that a recent data breach impacted at least 38 million users, with Adobe ID usernames and hashed passwords obtained by attackers. The company also confirmed that the attackers obtained at least some of the source code for Photoshop, as well as previously reported access to the source code of Acrobat, Reader, and ColdFusion. Source: http://krebsonsecurity.com/2013/10/adobe-breach-impacted-at-least-38-million-users/

31. October 29, Softpedia – (International) Hackers can hijack Facebook accounts by exploiting flaw in Android apps. A researcher at Attack Secure found and reported two vulnerabilities in Facebook applications for Android that could allow an attacker to steal access tokens and hijack accounts. Source: http://news.softpedia.com/news/Hackers-Can-Hijack-Facebook-Accounts-by-Exploiting-Flaw-in-Android-Apps-Video-395206.shtml

32. October 29, Softpedia – (International) Dun & Bradstreet starts notifying customers of data breach. Dun & Bradstreet began notifying customers that business information was potentially exposed during an attack in March and April 2013 on their commercial information databases. Source: http://news.softpedia.com/news/Dun-Bradstreet-Starts-Notifying-Customers-of-Data-Breach-395124.shtml

33. October 29, The Register – (International) Syrian Electronic Army claims U.S. President social media hijacking. Members of the Syrian Electronic Army hacktivist group briefly compromised the Twitter and Facebook account of the U.S. President October 28 and sent out links to the group’s Web site. The group obtained access by compromising URL shortening service ShortSwitch and Organizing for Action staff email accounts. Source: http://www.theregister.co.uk/2013/10/29/sea_hijack_obama_twitter_facebook_hack/

34. October 28, Threatpost – (International) Scan shows 65% of ReadyNAS boxes on Web vulnerable to critical bug. A scan by a Rapid7 researcher found that 65 percent of the Netgear ReadyNAS storage devices exposed to the Internet are still vulnerable to a critical remotely exploitable vulnerability despite a patch being issued for it in July. Source: http://threatpost.com/scan-shows-65-of-readynas-boxes-on-web-vulnerable-to-critical-bug/102706

For another story, see item 24 below:

24. October 28, Help Net Security – (International) U.K. man indicted for hacking U.S. govt networks, stealing confidential data. The New Jersey U.S. Attorney’s Office charged a man in the U.K. for allegedly breaching thousands of U.S. government computer systems and stealing confidential data. The man and others allegedly broke into the computer systems of several federal agencies and placed backdoors in their networks that were later used to steal the data. Source: http://www.net-security.org/secworld.php?id=15840

Communications Sector

Nothing to report

Tuesday, October 29, 2013



Complete DHS Daily Report for October 29, 2013

Daily Report

Top Stories

 • Federal authorities seized a bitcoin wallet containing $28 million in bitcoins belonging to the man accused of running the Silk Road online black market. – CNN See item 8 below in the Banking and Finance Sector

 • Authorities arrested a man boarding a flight to Los Angeles from Montreal’s Trudeau airport, after allegedly finding a powder-like substance in his carry-on luggage which delayed flights to the U.S. October 27. – Niagara Falls Review

11. October 27, Niagara Falls Review – (International) Suspicious package at Montreal airport leads to arrest, delays flights. Authorities arrested a man after allegedly finding a powder-like substance in his carry-on luggage at the Montreal's Trudeau airport, while he was boarding a flight to Los Angeles, which delayed 16 flights to the U.S. and caused a nearly 5 hour evacuation of a neighborhood in LaSalle October 27. Source: http://www.niagarafallsreview.ca/2013/10/27/suspicious-package-at-montreal-airport-delays-us-flights

 • Crews began work the week of October 21 on a $1.5 billion, multi-year project designed to repair a critical underground aqueduct leading to New York City which leaks 15-35 million gallons of water a day. – Associated Press

26. October 25, Associated Press – (New York) $1.5B project to fix aqueduct serving NYC begins. Crews began work the week of October 21 on a $1.5 billion, multi-year project designed to repair a critical underground aqueduct leading to New York City which leaks 15-35 million gallons of water a day. The 85 mile long Delaware Aqueduct transports water from upstate New York to New York City, and the project is part of a larger plan to repair the region’s aging water supply system. Source: http://www.njherald.com/story/23788729/15b-project-to-fix-aqueduct-serving-nyc-begins

 • Crews reached full containment October 24 of California’s Rim Fire after it burned 257,314 acres in and around Yosemite National Park and destroyed several structures. – San Francisco Bay City News

38. October 25, San Francisco Bay City News – (California) Rim Fire in Yosemite fully contained this week. Crews reached full containment October 24 of California’s Rim Fire after it burned 257,314 acres in and around Yosemite National Park, destroyed 11 homes, 3 commercial properties, and 98 outbuildings. The fire, which started August 17, is estimated to cost more than $127 million. Source: http://sanbruno.patch.com/groups/politics-and-elections/p/rim-fre-in-yosemite-fully-contained-this-week

Details

Banking and Finance Sector

4. October 28, Softpedia – (International) 4 Dutch men arrested for allegedly using TorRAT to plunder bank accounts. Authorities in the Netherlands arrested four individuals charged with allegedly using the TorRAT remote access trojan and other Tor-based services to perform around 150 fraudulent online banking transactions, steal around $1.4 million, and launder the stolen money. Source: http://news.softpedia.com/news/4-Dutch-Men-Arrested-for-Allegedly-Using-TorRAT-to-Plunder-Bank-Accounts-394827.shtml

5. October 28, IDG News Service – (International) ATM malware may spread from Mexico to English-speaking world. Researchers at Symantec found that the Ploutus banking malware previously used to empty ATMs in Mexico has been translated into English. Two versions made for operating on different ATMs were identified, with the malware spread via manually inserting a CD boot disk into an ATM. Source: http://www.networkworld.com/news/2013/102813-atm-malware-may-spread-from-275276.html

6. October 26, Chicago Sun-Times – (Illinois) Suburban man indicted in $5.5 million fraud scheme. A grand jury in Chicago indicted two men for allegedly running a Ponzi-like scheme that defrauded about 25 investors of at least $5.5 million. Source: http://www.suntimes.com/news/metro/23357801-418/suburban-man-indicted-in-55-million-fraud-scheme.html

7. October 26, Savannah Morning News – (Georgia) Former bank officer pleads guilty in First National fraud. A former officer of the failed First National Bank pleaded guilty before a court in Savannah October 25 to a charge of bank fraud. The failure of the bank in 2010 cost the Federal Deposit Insurance Corporation more than $90 million, according to prosecutors. Source: http://savannahnow.com/news/2013-10-25/former-bank-officer-pleads-guilty-first-national-fraud

8. October 25, CNN – (International) Feds seize $28 million in bitcoins from alleged Silk Road operator. Federal authorities seized a bitcoin wallet containing $28 million in bitcoins belonging to the man accused of running the Silk Road online black market. Source: http://money.cnn.com/2013/10/25/news/economy/bitcoins-silk-road/

Information Technology Sector

43. October 28, Help Net Security – (International) Researchers sinkhole several Cryptolocker C&Cs. Researchers at Kaspersky Labs were able to sinkhole three domains serving as command and control (C&C) servers used by the Cryptolocker ransomware. Source: http://www.net-security.org/malware_news.php?id=2613

44. October 28, Softpedia – (International) Buffer hacked, attackers send out spam via customer accounts. Hackers were able to compromise systems belonging to social media scheduling service Buffer October 26, sending out spam messages through customers’ Twitter and Facebook accounts. Facebook reported that 30,000 of its customers with connected Buffer accounts were affected. Source: http://news.softpedia.com/news/Buffer-Hacked-Attackers-Send-Out-Spam-via-Customer-Accounts-394698.shtml

45. October 28, The Register – (International) IBM warns Storwize arrays can DELETE ALL DATA. IBM warned owners of its Storwize arrays, Flex System V7000, and SAN Volume Controllers that administrator access could be obtained without authentication using vulnerabilities in Apache Struts, allowing an unauthorized user to make modifications to the configuration, including deleting all data. Source: http://www.theregister.co.uk/2013/10/28/ibm_storwize_arrays_at_risk_of_complete_deletion/

46. October 28, The Register – (International) Tenda seals shut router backdoor found by D-Link hole-prober. Tenda released a patch that closes a backdoor vulnerability in three models of routers that could be used to take over a router and execute commands using a UDP packet with a special string. Source: http://www.theregister.co.uk/2013/10/28/tenda_bricksup_router_backdoor/

For another story, see item 4 above in the Banking and Finance Sector

Communications Sector

47. October 28, WCPO 9 Cincinnati – (Ohio) Cincinnati Bell reports most video issues fixed. Cincinnati Bell reported October 27 that the majority of the problems with its CBT Fioptics TV network have been repaired and alerted customers to solutions for partial restoration of service. The sporadic outage problem stemmed from a program guide that did not connect to customer’s set-top boxes and affected phone and Internet services. Source: http://www.wcpo.com/news/local-news/cincinnati-bell-reports-video-service-issues-across-tri-state