• slide-1
  • slide-2


Intel Briefing – January 2013

(Continued)

Fu San Machinery recalls low lead ball valves installed in flammable gas lines due to fire and explosion hazards.
The U.S. Consumer Product Safety Commission, in cooperation with Fu San Machinery Co., December 11 announced a voluntary recall of about 163,000 Low Lead Ball Valve/Shut-Off Gas Valves. The valves can crack and cause gas to leak. This poses fire and explosion hazards. The recall involves seven brands of sweat and threaded, low lead ball valves used in flammable gas piping systems used in commercial or residential settings. The valves were sold by Fu San Machinery directly to seven distributors nationwide from April 2011 through January 2012. Consumers should turn off the gas supply until a replacement gas valve has been professionally installed.

…………………………………………………………………………

Transfer of bomb-sensitive uranium could start within months.
The U.S. Department of Energy (DOE) hopes within months to start transferring a cache of aging, weapon-usable atomic material from the Oak Ridge National Laboratory in Tennessee to the Nevada National Security Site, the Knoxville News Sentinel reported December 7. More than a ton of material covered by the Consolidated Edison Uranium Solidification Project encompasses high-temperature uranium 232 as well as fission- capable uranium 233 and uranium 235. Transportation of the substance by hired firms could start around the beginning of 2013. The uranium is slated for placement more than 40 feet below the Earth’s surface, under a separate quantity of disused radiological material, a DOE official said.

…………………………………………………………………………

Jet fuel mistakenly pumped into cars in NJ.
Officials said aviation fuel was pumped into cars after it was delivered to three Mercer County, New Jersey gas stations by mistake, the Associated Press reported December 11. Authorities closed a Lukoil station in Lawrence, an Express Fuel in Hamilton, and a Lukoil in Hamilton. A Mercer County spokeswoman said the stations would remain closed until all underground storage tanks, lines, and filters are emptied and cleaned. State officials were investigating how the mistake happened. Also, several cars stalled December 7 when a gas station in Keyport and one in Manasquan unknowingly pumped jet fuel into their tanks.

…………………………………………………………………………

State of Calif. mistakenly publishes thousands of SSN online.
Officials confirmed that the State of California mistakenly published thousands of Social Security numbers on the Internet, KCRA reported December 11. The confidential information was available on the State’s Medi-Cal Web site for anyone to see for a period of 9 days, before the mistake was discovered and the numbers removed. The list includes Medi-Cal providers in 25 California counties. State officials from the Department of Health Care Services admitted in an interview to the posting of nearly 14,000 Social Security numbers belonging to Medi-Cal providers working for In-Home Supportive Services. “This was inadvertent and we sincerely regret this has happened,” said the deputy director for public affairs for the Department of Health Care Services.

…………………………………………………………………………

Hackers breached heating system via industrial control system backdoor.
Hackers broke into the industrial control system (ICS) of a New Jersey air conditioning company earlier this year, using a backdoor vulnerability in the system, according to a FBI memo made public the week of December 10. The intruders first breached the company’s ICS network through a backdoor in its Niagara AX ICS system, made by Tridium. This gave them access to the mechanism controlling the company’s own heating and air conditioning, according to a memo prepared by the FBI’s office in Newark. The individual had used the Shodan search engine to locate Tridium Niagara systems that were connected to the internet and posted a list of URLs for the systems online. One of the IP addresses posted led to the New Jersey company’s heating and air conditioning control system. The company used the Niagara system not only for its own HVAC system, but also installed it for customers, which included banking institutions and other commercial entities, the memo noted. An IT contractor who worked for the company told the FBI that the company had installed its own control system directly connected to the internet with no firewall in place to protect it. Although the system was password protected in general, the backdoor through the IP address apparently required no password and allowed direct access to the control system. The backdoor URL gave access to a Graphical User Interface (GUI), “which provided a floor plan layout of the office, with control fields and feedback for each office and shop area,” according to the FBI. “All areas of the office were clearly labeled with employee names or area names.” Forensic logs showed that intruders had gained access to the system from multiple IP addresses in and outside the U.S.
…………………………………………………………………………

<< previous 1 2 3

Posted by FanningCommunications on Jan 2nd, 2013 and filed under Intel Brief. You can follow any responses to this entry through the RSS 2.0. You can leave a response by filling following comment form or trackback to this entry from your site

Leave a Reply