Complete DHS Report for March 31, 2014
Daily Report
Details
• A Louisiana official reported March 27 that
more than 5 million gallons of gasoline shipped from ExxonMobil’s Baton Rouge,
Louisiana terminal was tainted by something causing valve and intake systems
issues for vehicles. – Baton Rouge Advocate
1.
March 28, Baton Rouge Advocate – (Louisiana) La. official: Exxon’s
bad fuel totals 5 million gallons. Louisiana’s commissioner of agriculture
and forestry reported March 27 that more than 5 million gallons of gasoline
shipped from ExxonMobil’s Baton Rouge terminal was tainted by something causing
valve and intake systems issues for vehicles. The terminal remained closed
while authorities continue testing in order to determine the cause of the bad
fuel. Source:
http://theadvocate.com/news/business/8745898-123/40-or-50-cases-of
• About 8 million pounds of plastic tubing was
damaged by a March 27 fire in a plastic-containing lot at WL Plastics in Mills,
Wyoming, causing an estimated $8 million to $10 million in damage. – Casper
Star-Tribune
3.
March 27, Casper Star-Tribune – (Wyoming) Investigators call in arson
specialists for Mills plastic fire; cause remains unknown. About 8 million
pounds of plastic tubing was damaged by a March 27 fire in a plastic-containing
lot at WL Plastics in Mills, Wyoming, causing an estimated $8 million to $10
million in damage. No injuries were reported and no structures were damaged.
Source: http://billingsgazette.com/news/state-and-regional/wyoming/investigators-call-in-arson-specialists-for-mills-plastic-fire-cause/article_95d03be1-d09f-588d-8a97-a5d8f388c1e2.html
• The Industrial Control Systems Computer
Emergency Response Team (ICS-CERT) issued a notice March 27 advising users of
11 Schneider Electric industrial control system products that a patch is
available for a stack-based overflow vulnerability in Schneider’s modbus
driver. – Threatpost See item 24 below in the Information Technology Sector
• Researchers discovered a new malware worm
that infects systems via an infected Microsoft Word or Excel file and then
gathers information on the compromised system. – Help Net Security See item 25
below in the Information Technology
Sector
Financial Services Sector
4.
March 28, North Andover Eagle-Tribune – (Massachusetts) ‘Massive
credit card counterfeiting’ scheme uncovered. A man was arrested in
Haverhill March 21 on suspicion of being part of a payment card counterfeiting
scheme after he was spotted making several purchases with suspicious cards,
which led to a search of his home where police found blank cards and
card-making materials. Police also found ID card printers and medical grade
security paper that they allege the suspect was using to create counterfeit
prescriptions. Source: http://www.eagletribune.com/haverhill/x1387891499/Massive-credit-card-counterfeiting-scheme-uncovered
5.
March 27, KXTV 10 Sacramento – (California) ‘Bad Beard Bandit’
arrested for area bank robberies. A Half Moon Bay man was arrested March 27
and is suspected of being the “Bad Beard Bandit” responsible for robbing eight
banks in northern and central California between November 2013 and February
2014. Source: http://www.news10.net/story/news/local/manteca/2014/03/27/bad-beard-bandit-bank-robber-arrest/6977439/
Information Technology Sector
24. March 28, Threatpost – (International) Critical
vulnerabilities patches in Schneider Electric serial modbus driver. The
Industrial Control Systems Computer Emergency Response Team (ICS-CERT) issued a
notice March 27 advising users of 11 Schneider Electric industrial control
system products that a patch is available for a stack-based overflow
vulnerability in Schneider’s modbus driver. The vulnerable driver is used in a
variety of industries, including energy, nuclear power, government facilities,
transportation systems, and dams. Source: http://threatpost.com/critical-vulnerabilities-patched-in-schneider-electric-serial-modbus-driver/105100
25. March 28, Help Net Security – (International) Uncommon
new worm targets Word and Excel files. Researchers at Trend Micro
discovered a new malware worm known as Crigent that infects systems via an
infected Microsoft Word or Excel file, communicates with a command and control
(C&C) server via TOR and Polipo to obscure traffic, and then gathers
information on the compromised system. The worm then changes other Word and
Excel files on the infected system to older file formats and uses them to
attempt to spread itself to other systems. Source: http://www.net-security.org/malware_news.php?id=2748
26. March 28, Softpedia – (International) Cybercriminals
hijack WordPress websites with free premium plugins. Sucuri researchers
found that several premium WordPress plugins available for free on some Web
sites contain code that allows the plugins’ creator to create a new
administrator account and gain control of WordPress sites that use the free
premium plugins. Source: http://news.softpedia.com/news/Cybercriminals-Hijack-WordPress-Websites-With-Free-Premium-Plugins-434616.shtml
27. March 27, SC Magazine – (International) WinRAR
spoofing vulnerability being exploited in malware campaign. A vulnerability
in the WinRAR .zip file compressor identified by a security researcher was seen
in a malware campaign targeting government, international, and business
organizations. IntelCrawler researchers spotted the campaign, which uses the
vulnerability to disguise the contents of .zip files, and found that a
Zeus-like trojan is being used to establish remote administration channels and
collect information. Source: http://www.scmagazine.com/winrar-spoofing-vulnerability-being-exploited-in-malware-campaign/article/340135/
28. March 27, U.S. Consumer Product Safety Commission –
(International) Lenovo recalls battery packs for ThinkPad notebook computers
due to fire hazard. Lenovo announced a recall March 27 of about 37,400
battery packs for ThinkPad notebooks in the U.S. and Canada due to an issue
that can cause them to overheat, posing a fire hazard. Source: http://www.cpsc.gov/en/Recalls/2014/Lenovo-Recalls-Battery-Packs-for-ThinkPad-Notebook-Computers/
Communications Sector
Nothing to report