Monday, November 24, 2008
Complete DHS Daily Report for November 24, 2008
Daily Report
Headlines
Bloomberg reports that Delek U.S. Holdings Inc. temporarily halted production at its Tyler, Texas, refinery after an explosion and fire Thursday that killed one worker. (See item 1)
1. November 21, Bloomberg – (Texas) Delek halts production at Texas refinery, worker dies. Delek U.S. Holdings Inc. temporarily halted production at its Tyler, Texas, refinery after an explosion and fire Thursday that killed one worker, the company said in a statement on its Web site. The blast occurred at approximately 2 p.m. in the saturates gas plant at the Texas refinery, a separate statement from the unit of Israeli holding company Delek Group Ltd. showed. “There has been one fatality resulting from a fire,” the company said. “The cause of the incident and the extent of the damage to the refinery have not yet been established.” The man died overnight after being airlifted to a medical center with burn injuries, KLTV reported. At least six workers were provided medical treatment after the blast. Source:
http://www.bloomberg.com/apps/news?pid=20601207&sid=aPLg0oSgt8W8&refer=energy
According to the Associated Press, Federal Bureau of Investigation officials said Friday they arrested a man who allegedly threatened to blow up the Paul Brown Stadium in Ohio and other area landmarks. (See item 36)
36. November 21, Associated Press – (Indiana; Ohio) Man arrested in Bengals’ stadium bomb threat. FBI officials said Friday they arrested a man who allegedly threatened to blow up the Cincinnati Bengals’ stadium and other area landmarks. The 42 year old man is accused of sending e-mails to two local media outlets and to the FBI threatening Paul Brown Stadium, four bridges over the Ohio River, the Cincinnati/Northern Kentucky International Airport, and an Indiana casino, a FBI spokesman said. The man was arrested Thursday at a hotel in Erlanger, Kentucky, and was being held on federal charges of making bomb threats and distributing a bomb hoax. The man’s father said his son has mental issues and is on medication and he said he doesn’t believe his son really planned to carry out any threats. Source: http://www.msnbc.msn.com/id/27841930/
Details
Banking and Finance Sector
10. November 21, Philadelphia Inquirer – (Pennsylvania) Six charged with bilking settlement funds. Six people, including two from the Philadelphia region, were charged Thursday with fraud in an alleged scheme to use dummy corporations, fake brokerage accounts, and virtual offices to steal $41 million from settlement funds that were themselves set up to resolve earlier securities-fraud cases. An accountant with a firm that was paying out investor claims from those settlement funds was labeled the “eyes and ears” for the group, advising a coconspirator on when to submit fraudulent claims and on the availability of funds. The funds had about $4.5 billion in assets. The acting U.S. Attorney said that the ring went to great lengths to make the claims seem legitimate. One member of the group, she said, even traveled to Singapore to mail documents to help make a fake company. Source: http://www.philly.com/philly/business/20081121_Six_charged_with_bilking_settlement_funds.html
11. November 21, Vicksburg Sun Herald – (Mississippi) Telephone scam targets bank information. Authorities say Trustmark National Bank customers should beware of a telephone scam designed to obtain bank account information. The chief information security officer for the Jackson-based Trustmark said people should not give their information in response to an automated call. The scam consists of an automated message that tells customers their account has been compromised and their debit cards were deactivated as a safety precaution. Listeners are then given the option to reactivate their cards by entering their personal and account information. Source: http://www.sunherald.com/218/story/969452.html
12. November 20, Washington Post – (International) Web fraud 2.0: faking your Internet address. One of the casualties from the unplugging of McColo Corp. is fraudcrew.com, a Web service that offered paying customers the ability to hide their identities online by routing their traffic through computers controlled by others. Fraudcrew, which has not been charged with any crime, offered subscribers a point-and-click way to mask the source of their Internet connections, so that Web sites could not tell the true location of visitors using the service. The site was advertised heavily on Russian online forums catering to computer hacking and identity theft. There are a number of services like those offered by Fraudcrew (Security Fix profiled another one earlier this year) that not only aid in hiding one’s identity online, but could also defeat security measures put in place by financial institutions. These masking services provide a software program that allows the user to pick from a drop down list of Internet addresses to proxy through. For example, if a user in Ukraine has stolen the user name and password that Joe from St. Louis uses to access his bank online, that user can simply select a node in the proxy list that is in St. Louis, and the bank site will be none the wiser that the person logging in is not actually in St. Louis. “Although this type of technology isn’t new, it’s the first time I’ve seen it used like this for obviously criminal reasons,” said the director of security research and communications at McAfee AVERT Labs. Source: http://voices.washingtonpost.com/securityfix/2008/11/web_fraud_20_faking_your_inter.html
13. November 20, Southampton Press – (New York) Quogue mayor’s investment firm also indicted on fraud charges. Melhado, Flynn & Associates (MFA), the Manhattan-based investment firm headed by the Quogue Village mayor, has been indicted by the U.S. Attorney’s Office and charged with felony fraud and altering documents in an attempt to impede the subsequent investigation. The indictment comes several months after the mayor was indicted on the same charges. The indictment accuses the company and the mayor, who owns 9.3 percent of MFA and serves as its chief executive officer, of “cherry-picking” profitable accounts for the investment firm over a four-year period, and altering documents in an attempt to impede a subsequent investigation by the U.S. Securities and Exchange Commission. The mayor and MFA were each charged with one count of security fraud and one count of document alteration for illegally earning more than $1.4 million for the investment company from November 2000 until June 2005, according to a copy of the indictment. Source: http://www.27east.com/story_detail.cfm?id=181701
14. November 20, Expatica.com – (International) European police forces smash international bank card scam gang. Authorities in Belgium, Ireland, Romania have smashed a Romanian crime gang which specialized in copying bank cards and operated worldwide, the Belgian prosecutor’s office said Thursday. The gang acting “on a global level” from their Belgian base, according to the Belgian authorities, is suspected of defrauding card users of millions of Euros. In Europe there were victims of their hi-tech “skimming” operations in Britain, Cyprus, Germany, Ireland, Italy, the Netherlands, Spain, Turkey and Romania itself. There were more suspected victims in Australia, Canada, the Dominican Republic, Morocco and New Zealand, the public prosecutor’s office said in a statement. A total of 34 police raids involving 250 officers were made in six EU nations — Belgium, Britain, Germany, Ireland, Romania and Spain. In those operations a total of 15 people were arrested. Source: http://www.expatica.com/be/articles/news/European-police-forces-smash-international-bank-card-scam-gang.html
Information Technology
32. November 21, ZDNet – (International) Mac OS X targeted by Trojan and backdoor tool. Two pieces of malicious software affecting Apple’s Mac OS X appeared this week: a Trojan horse with the ability to download and install malicious code of an attacker’s choice, and a hacker tool for creating backdoors, according to security vendors. The Trojan — called ‘OSX.RSPlug.D’ by Intego, the Mac security specialist that discovered the threat — is a variant on an older piece of malicious code but with a new installer, Intego said. “It is a downloader, and it contacts a remote server to download the files it installs,” Intego said in an advisory. “This means that, in the future, the downloader may be able to install payloads [other] than the one it currently installs.” In other respects the Trojan is similar to previous versions of RSPlug, which first surfaced in October 2007, Intego said. It installs a piece of malicious code known as DNSChanger, which routes the user’s internet traffic through a malicious DNS server, leading users to phishing websites or pages displaying advertisements. Intego said OSX.RSPlug.D has been widely confused with a separate threat publicised this week by several security firms. That threat is called OSX.TrojanKit.Malez by Intego and OSX.Lamzev.A by other vendors, including Symantec and Trend Micro. Security vendors have long warned that the Mac platform is not as secure as some users might like to believe. Apple had not responded to a request for comment at the time of publication Source: http://news.zdnet.co.uk/security/0,1000000189,39559174,00.htm
33. November 20, IDG News – (International) Researchers find vulnerability in Windows Vista. An Austrian security vendor has found a vulnerability in Windows Vista that it says could possibly allow an attacker to run unauthorized code on a PC. The problem is rooted in the Device IO Control, which handles internal device communication. Researchers at Phion have found two different ways to cause a buffer overflow that could corrupt the memory of the operating system’s kernel. In one of the scenarios, a person would already have to have administrative rights to the PC. In general, vulnerabilities that require that level of access somewhat undermine the risk since the attacker already has permission to use to the PC. But it may be possible to trigger the buffer overflow without administrative rights, said Phion’s director of endpoint security software. The vulnerability could allow a hacker to install a rootkit, a small piece of malicious software that is very difficult to detect and remove from a computer, the director said. Phion notified Microsoft about the problem on October 22. Microsoft indicated to Phion that it would issue a patch with Vista’s next service pack. Microsoft released a beta version of Vista’s second service pack to testers last month. Vista’s Service Pack 2 is due for release by June 2009. Source: http://www.itworld.com/windows/58144/researchers-find-vulnerability-windows-vista
34. November 19, Dark Reading – (International) Broadband explosion in China and India to fuel bots, spam. Botnet operators have begun to quietly expand their recruiting efforts to China and India, as broadband adoption begins to take off in these countries. China and India will reach a nearly 30 percent rate of broadband adoption to the home during the next one to two years, providing botnet operators access to more potential bot victims, chief security analyst for MessageLabs says. “That will have implications that the whole world will feel,” he says, like when the broadband wave hit the United States and Europe around 2003. “The Sobig virus [here] in January of 2003 was no coincidence. It was about exploiting broadband,” he says. Source: http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=212100876
Communications Sector
35. November 21, WSB 750 Atlanta – (Georgia) State outsources IT work. The State of Georgia has decided to contract out its Information Technology operations. The governor announced AT&T and IBM were the sole bidders on two separate contracts worth $346 million and $873 million respectively. “Providing technology services is not a core competency of state government…we’ve tried and its not one of the things that we do best,” he says. He cites crashing servers as well as leaky roofs and rodents in the office building that houses the state’s primary data system. “I was frightened because I could not guarantee Georgia citizens that their data was secure or that we were spending our IT dollars in the best way possible,” he says. Source: http://wsbradio.com/localnews/2008/11/state-outsources-it-work.html
No comments:
Post a Comment