Wednesday, May 29, 2013
Complete DHS Daily Report for May 29, 2013
Daily Report
Top Stories
• U.S. law enforcement authorities seized
virtual currency provider LibertyReserve and filed charges against its founder
and five others for allegedly facilitating money laundering and other criminal
activity totaling $6 billion. – Krebs on Security See item 4 below in the Banking and Finance Sector
• A Union Pacific train hit the side of a
Burlington Northern Santa Fe train at a rail intersection in Scott County May
25 which caused rail cars to derail then hit columns supporting the Highway M
overpass, causing the collapse and injury of seven people and $3 million in
estimated damages. – Associated Press
10.
May 27, Associated Press – (Missouri) Freight
trains collide in Scott County damaging highway overpass. A Union Pacific
train hit the side of a Burlington Northern Santa Fe train at a rail
intersection in Scott County May 25 which caused rail cars to derail then hit
columns supporting the Highway M overpass, causing the collapse and injury of
seven people and $3 million in estimated damages. Source: http://www.ksdk.com/news/article/382168/3/Freight-trains-collide-in-Scott-County-damaging-highway-overpass-
• A fire broke out aboard a Royal Caribbean
cruise ship prompting officials to order passengers to evacuate their rooms and
take shelter in the ship’s casino May 27. The ship remained docked in the
Bahamas while passengers determined whether they would continue on the cruise.
– Associated Press
13. May 27,
Associated Press – (International) Fire breaks out aboard Royal Caribbean cruise
ship. A fire broke out aboard a Royal Caribbean cruise ship prompting
officials to order passengers to evacuate their rooms and take shelter in the
ship’s casino May 27. The ship remained docked in the Bahamas while passengers
determined whether they would continue on the cruise. Source: http://www.cbsnews.com/8301-201_162-57586282/fire-breaks-out-aboard-royal-caribbean-cruise-ship/
• Firefighters reached 5 percent containment
May 28 of a wildfire that scorched 1,000 acres in the Los Padres National
Forest and caused the evacuation of 4,000 to 6,000 campers. Between 50 and 75
residents were evacuated as the fire threatened about 50 homes. – Associated
Press
28.
May 28, Associated Press –
(California) California wildfire forces thousands to evacuate. Firefighters
reached 5 percent containment May 28 of a wildfire that scorched 1,000 acres in
the Los Padres National Forest and caused the evacuation of 4,000 to 6,000
campers. Between 50 and 75 residents were evacuated as the fire threatened
about 50 homes. Source: http://news.msn.com/us/california-wildfire-forces-thousands-to-evacuate
Details
Banking and Finance Sector
4. May 28,
Krebs on Security – (International) U.S. government seizes LibertyReserve.com. U.S.
law enforcement authorities seized virtual currency provider LibertyReserve and
filed charges against its founder and five others for allegedly facilitating
money laundering and other criminal activity totaling $6 billion. Source: http://krebsonsecurity.com/2013/05/u-s-government-seizes-libertyreserve-com/
5. May 24,
WATE 6 Knoxville – (Tennessee) Indictment details investment scheme that cost
investors $18M. Four individuals were indicted for allegedly running an
investment fraud scheme under three company names in Knoxville that lost
investors more than $18 million. Source: http://www.wate.com/story/22416022/4-indicted-in-investment-scheme-that-cost-investors-18m
6. May 24,
Reuters – (Virginia) Ex-Virginia bank executives guilty in financial
crisis case. The former chief executive of Bank of the Commonwealth and
three others were convicted of conspiracy to commit bank fraud and other
charges relating to their actions at the failed Norfolk bank. Source: http://articles.chicagotribune.com/2013-05-24/business/sns-rt-us-bankofthecommonwealth-guiltybre94n0y5-20130524_1_southern-bank-bank-fraud-bank-customer
7. May 24,
Pacific Business News – (Hawaii) Maui owners of The Mortgage
Store charged with operating Ponzi scheme. The two owners of The Mortgage
Store based in Maui were charged with allegedly running a Ponzi scheme that
stole $8.6 million from investors over 5 years. Source: http://www.bizjournals.com/pacific/blog/morning_call/2013/05/maui-owners-of-the-mortgage-store.html
8. May 24,
IDG News Service – (International) Researchers warn of increased Zeus malware
activity this year. Researchers from Trend Micro warned that activity
associated with the Zeus/ZBot financial malware has increased in recent months,
with new Zeus variants and capabilities. Source: http://www.networkworld.com/news/2013/052413-researchers-warn-of-increased-zeus-270142.html
Information Technology Sector
39. May 28,
The H – (International) PayPal vulnerable to cross-site scripting
again. A student in Germany disclosed a cross-site scripting (XSS)
vulnerability in PayPal’s German language version of the site. Source: http://www.h-online.com/security/news/item/PayPal-vulnerable-to-cross-site-scripting-again-1871763.html
40. May 28,
Softpedia – (International) Experts find multiple security flaws in Trend
Micro’s DirectPass 1.5.0. A researcher from Vulnerability Lab found two
vulnerabilities in Trend Micro’s DirectPass password management software that
could allow arbitrary code injection, hijack sessions, or perform other
actions. Source: http://news.softpedia.com/news/Experts-Find-Multiple-Security-Flaws-in-Trend-Micro-s-DirectPass-1-5-0-356425.shtml
41. May 28,
SC Magazine – (International) ITV and Sky both hit by the Syrian Electronic
Army. Members of the Syrian Electronic Army hacktivist group compromised
the Twitter account of U.K. broadcaster ITV News and hacked at least six
Android apps for U.K. broadcaster Sky in the Google Play Store. Google later
removed the compromised apps. Source: http://www.scmagazineuk.com/itv-and-sky-both-hit-by-the-syrian-electronic-army/article/295053/
42. May 27,
The H – (International) 0-days in Novell Client for Windows. Two
zero day vulnerabilities were discovered by eEye researchers in Novell Client
for Windows that can allow local code execution within the kernel. Source: http://www.h-online.com/security/news/item/0-days-in-Novell-Client-for-Windows-1870712.html
43. May 24,
IDG News Service – (International) Researchers find unusual malware targeting
Tibetan users in cyberespionage operation. ESET researchers found a piece
of cyberespionage malware dubbed Win32/Syndicasec that bypasses Windows User
Account Control (UAC) to run arbitrary commands without prompting users to
confirm. Source: http://www.networkworld.com/news/2013/052413-researchers-find-unusual-malware-targeting-270133.html
44. May 24,
SC Magazine – (International) Attackers use Skype, other IM apps to spread
Liftoh trojan. The Liftoh trojan is being spread via shortened links in
Skype instant messages, with malicious links being clicked more than 170,000
times, according to Symantec researchers. Source: http://www.scmagazine.com/attackers-use-skype-other-im-apps-to-spread-liftoh-trojan/article/294860/
For additional stories, see items 8 above in the Banking and Finance Sector and immediately
below item 9:
9.
May 28, Akron Beacon Journal – (Ohio) Turkish
group hacks into Akron-Canton Airport website. A cyber group from Turkey
hacked into Ohio’s Akron-Canton Airport Web site May 25 and leaked the personal
information of about 15,000 customers online that had entered a contest for
travel giveaways. Social Security numbers and financial information were not
exposed. Source: http://www.ohio.com/news/break-news/turkish-group-hacks-into-akron-canton-airport-website-1.400738
Communications Sector
45.
May 23, Duluth News Tribune–
(Minnesota) 911 service disrupted in northern St. Louis County. A fiber
optic line cut in St. Louis County left six areas without long distance and
9-1-1 emergency services with an unknown time for service restoration. Fire
departments added staff for in-person emergencies and recommended those in
emergencies use their cell phone or contact other posted local numbers. Source:
http://www.duluthnewstribune.com/event/article/id/268016/group/homepage/
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.