Wednesday, May 8, 2013
Complete DHS Daily Report for May 8, 2013
Daily Report
Top Stories
• Firefighters reached 85 percent containment
of the Camarillo wildfire by May 6 after 44-square-miles were burned. Officials
believe the fire started from an undetermined ignition of grass and debris
along U.S. 101. – Associated Press
22.
May 7, Associated Press – (California)
Calif. crews mop up wildfire as rain falls. Firefighters reached 85
percent containment of the Camarillo wildfire by May 6 after 44-square-miles
were scorched. Officials believe the fire started from an undetermined ignition
of grass and debris along U.S. 101. Source: http://www.businessweek.com/ap/2013-05-07/calif-dot-crews-mop-up-wildfire-as-rain-falls
• Officials closed 11 Mount Clemens public
schools May 7 in order to clean and disinfect the buildings after 2 staff
members came down with Methicillin-resistant Staphylococcus Aureus (MRSA).
Classes were set to resume May 8 as buses were also cleaned and disinfected. – WWJ-TV
62 Detroit
24.
May 6, WWJ-TV 62 Detroit – (Michigan) Mt.
Clemens schools closed Tuesday due to MRSA outbreak. Officials closed 11
Mount Clemens public schools May 7 in order to clean and disinfect the
buildings after 2 staff members came down with Methicillin-resistant
Staphylococcus Aureus (MRSA). Classes were set to resume May 8 as buses were
also cleaned and disinfected. Source: http://detroit.cbslocal.com/2013/05/06/mt-clemens-schools-closed-tuesday-due-to-mrsa-outbreak/
• The U.S. Department of Defense’s annual
report on China’s military capabilities concluded that the government and
military of China have engaged in cyberattacks to steal information for defense
and industrial purposes. – IDG News Service See item 28 below in the Information Technology Sector
• ZScaler experts discovered at least 10 media
and other Web sites that were compromised by cybercriminals and used to
distribute the ZeroAccess Trojan and fake AV malware to visitors accessing the
site using Internet Explorer. – Softpedia
37.
May 7, Softpedia – (International) Compromised
US media sites used to distribute ZeroAccess, Fake AV malware. ZScaler
experts discovered at least 10 media and other Web sites that were compromised
by cybercriminals and used to distribute the ZeroAccess Trojan and fake AV
malware to visitors accessing the site using Internet Explorer. Source: http://news.softpedia.com/news/Compromised-US-Media-Sites-Used-to-Distribute-ZeroAccess-Fake-AV-Malware-351260.shtml
Details
Banking and Finance Sector
7. May 7, Softpedia – (National) US convenience
store chain Mapco Express hacked, payment cards compromised. The Mapco
Express convenience store chain experienced a breach of customer credit/debit
card information after malware was planted in payment processing systems.
Customers who used credit/debit cards at Mapco Express stores during certain
periods in March and April may be affected. Source: http://news.softpedia.com/news/US-Convenience-Store-Chain-Mapco-Express-Hacked-Payment-Cards-Compromised-351249.shtml
Information Technology Sector
28. May 7,
IDG News Service – (International) Pentagon accuses China government, military
of cyberattacks. The U.S. Department of Defense’s annual report on China’s
military capabilities concluded that the government and military of China have
engaged in cyberattacks to steal information for defense and industrial
purposes. Source: http://www.cso.com.au/article/461117/pentagon_accuses_china_government_military_cyberattacks/
29. May 7,
The H – (International) Exploit for new IE8 0-day vulnerability in
the wild. A Metasploit module that exploits an Internet Explorer (IE) 8
zero-day vulnerability used in recent watering hole attacks is now available,
making the exploit generally accessible. Microsoft suggested several security
measures to implement until a patch is developed. Source: http://www.h-online.com/security/news/item/Exploit-for-new-IE8-0-day-vulnerability-in-the-wild-1857966.html
30. May 7,
Softpedia – (International) Malicious Flash Player updates hosted on
Dropbox. Researchers at Zscaler found and analyzed a fake Flash Player
update attack that stores the malicious update in a Dropbox account. The files
attempt to disable security programs and then drop a Sality variant onto
victims’ systems. Source: http://news.softpedia.com/news/Malicious-Flash-Player-Updates-Hosted-on-Dropbox-351239.shtml
31. May 7,
IDG News Service – (International) AutoIt scripting increasingly used by malware
developers. Researchers at Trend Micro and Bitdefender found that the
AutoIt scripting language is increasingly being used by malware developers due
to its flexibility and accessibility. Source: http://www.computerworld.com/s/article/9238968/AutoIt_scripting_increasingly_used_by_malware_developers
32. May 7,
Softpedia – (International) Syrian Electronic Army hacks “The Onion”
Twitter and Facebook accounts. Members of the Syrian Electronic Army
hacktivist group hijacked several Facebook and Twitter accounts belonging to
satirical news site The Onion. The accounts were later recovered by their
owners. Source: http://news.softpedia.com/news/Syrian-Electronic-Army-Hacks-The-Onion-Twitter-and-Facebook-Accounts-351120.shtml
33. May 6,
Softpedia – (International) Unpatched building management system exposes
Google’s Wharf 7 HQ to hackers. Two security researchers found that the
Tridium Niagara AX building management system at Google Australia’s Wharf 7
headquarters was vulnerable to attack due to Google not having applied a patch
that closed known vulnerabilities. Source: http://news.softpedia.com/news/Unpatched-Building-Management-System-Exposes-Google-s-Wharf-7-HQ-to-Hackers-351043.shtml
34. May 6,
Softpedia – (International) Use of .pw domains for spam campaigns on the
rise, experts find. Symantec found that spam messages containing links to
Palau’s .pw top-level domains have increased greatly since the end of April.
They also that found several of the .pw spam sites were registered to an
address in Nevada. Source: http://news.softpedia.com/news/Use-of-pw-Domains-for-Spam-Campaigns-on-the-Rise-Experts-Find-351045.shtml
35. May 6,
Softpedia – (International) Google fixes CSRF vulnerability in Translator
and clickjacking flaw in Gmail. A security researcher published
proof-of-concept videos for a Google Translate cross-site reference forgery (CSRF)
vulnerability, and for a clickjacking vulnerability in Gmail’s “Tasks” feature,
after Google was informed and addressed the vulnerabilities. Source: http://news.softpedia.com/news/Google-Fixes-CSRF-Vulnerability-in-Translator-and-Clickjacking-Flaw-in-Gmail-Video-351036.shtml
For another story, see
item 37 above in Top Stories
Communications Sector
Nothing to
report
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.