Monday, June 15, 2009
Complete DHS Daily Report for June 15, 2009
Daily Report
Top Stories
· The Associated Press reports that Cargill Inc.’s Wilbur Chocolate plant in Lancaster County, Pennsylvania is shut down while federal officials look into a possible case of product tampering. (See item 24)
32. June 11, Sky News – (International) G8 attack plot: suspects arrested in raids. Italian police have thwarted a suspected plot to attack the G8 summit which world leaders including the U.S. President and the U.K. prime minister are due to attend. Six people were arrested and accused of criminal association for the purposes of terrorism and arms possession, an anti-terrorist police chief said. Officers reportedly seized weapons including a bomb during the raids in Rome, Milan, and Genoa. The suspects had maps of the summit’s closed-circuit surveillance system and “were trying to figure out how to bypass the security systems,” the police chief said. The investigation into the alleged plot started two years ago. According to ANSA.it, the group had plotted to attack the original venue of next month’s G8 summit, a former U.S. Navy base on the Sardinian island of La Maddalena, police said. The venue was recently moved to the Abruzzo capital L’Aquila to help it recover from a devastating earthquake in April. The suspected plotters shifted their attention to target the new venue, according to Italian newspapers Corriere della Sera and La Stampa. They were trying to “reconstitute a formation similar to the Red Brigades,” a terrorist group who carried out attacks in Italy in the 1970s and 1980s, the police chief said. Source: http://news.sky.com/skynews/Home/World-News/G8-Summit-Police-In-Italy-Arrest-Suspects-Over-Plot-On-Meeting-Moved-From-La-Maddalena-To-LAquila/Article/200906215301562?lpos=World_News_Second_World_News_Article_Teaser_Region_0&lid=ARTICLE_15301562_G8_Summit%3A_Police_In_Italy_Arrest_Suspects_Over_Plot_On_Meeting_Moved_From_La_Maddalena_To_LAquila
See also: http://www.ansa.it/site/notizie/awnplus/english/news/2009-06-11_111383347.html
Details
12. June 12, Courthouse News Service – (International) SEC alleges cold-blooded bank scam. Four people and their three companies defrauded investors of millions of dollars in a prime-bank scam, claiming their investment plan had to be kept secret because if people knew about it, it would encourage “the flight of capital from the United States,” the SEC claims in Federal Court. The SEC sued the four defendants, Morgan European Holdings ApS aka Money Talks, ApS, and Bowman Marketing Group. According to the SEC complaint, the defendants raised $14 million or more by promising monthly returns of 14 to 70 percent. The defendants sent $4.5 million to Denmark, and then sent it back to themselves in the United States. The SEC says the defendants’ pitches “describe the operation of a class prime bank scheme.” They used apparently sophisticated, conspiratorial language to gull 150 or more victims. For example, some of these materials describe how the ‘top fifty financial institutions’ or the U.S. Federal Reserve trade with each other to ‘artificially inflate the money supply’ for international commerce. According to the offering materials distributed by one of the defendants, participants were to provide money to supply ‘the margin’ for a trader to pass a ‘debenture or treasury’ to the end user, generating returns through the leveraging of financial instruments. “The materials distributed by one of the defendants stated that these programs were secret but real, even though the ‘official position’ of the U.S. government was that such trading programs did not exist so as ‘to increase the participation in traditional investments and reduce the flight of capital from the United States.” After the fraud was discovered, the defendants “urged investors not to cooperate with the Commission or other authorities.” Source: http://www.courthousenews.com/2009/06/12/SEC_Alleges_Cold-Blooded_Bank_Scam.htm
Source: http://www.reuters.com/article/domesticNews/idUSTRE55A72J20090611
37. June 12, The Register – (International) Chrome update completes busy browser patch week. Google has pushed out an update designed to fix a pair of vulnerabilities involving the WebKit application framework that underpins its Chrome browser. The most severe of the two flaws involved a “high risk” memory corruption flaw in WebKit, which creates a potential means for hackers to inject hostile code into the sandbox used by the browser. The second flaw involves a less severe information disclosure risk, involving the Drag and Drop functionality built into WebKit. The update completes a busy week on the browser security front with a significant cumulative update for Internet Explorer on June 9 and a Firefox update on June 11. In addition, Apple released a beta version of its Safari 4 browser. Outside the browser security arena, Adobe released the first of its scheduled patch updates on June 9, and FreeBSD dropped an update designed to defend against a stack-based buffer-overflow that poses a potential code injection risk. It is becoming more difficult for hard-pressed system administrators to keep track of updates, especially when many arrive without any indication a fix is in development. Some security patching experts, such as the director of security operations at nCircle, advocate the creation on a general industry patching day to make the patching process easier to plan and manage. Source: http://www.theregister.co.uk/2009/06/12/google_chrome_update/
38. June 11, VNUNet.com – (International) Symantec warns of wireless keyboard security threat. Security firm Symantec has uncovered a new form of attack aimed at users of wireless keyboards. The warning follows the release of Keykeriki, an open-source “sniffer” project that allows users to remotely decode wireless transmissions. Symantec said that this effectively creates a new type of key-logger that could be used by cybercriminals to steal sensitive data such as user names, passwords and bank details. The project was created by a site called remote-exploit.org. “This open-source hardware and software project enables every person to verify the security level of their own keyboard transmissions, and/or demonstrate the sniffing attacks (for educational purpose only),” the site notes. Symantec warned that, although the creator’s intentions appear honorable, making the software code and hardware schematics open to everyone means that criminals could use the software to eavesdrop on wireless keyboard inputs. The criminals would not have to install anything on the host system, but would simply have to be in range of the keyboard’s wireless signal. Symantec said that future wireless keyboards should introduce encrypted communication between the device and the receiver, and warned those working on office or public computers to resort to wired keyboards for the time being. Source: http://www.enterprise-security-today.com/story.xhtml?story_id=67095
39. June 11, InformationWeek – (International) Microsoft to launch Morro antivirus ‘soon.’ Microsoft on June 11 confirmed plans to kill off its Windows Live OneCare subscription security service in favor of a free offering that will feature a core of essential anti-malware tools while excluding peripheral services, such as PC tune-up programs, found in OneCare. A spokesman for the company told news agency Reuters that Microsoft will launch the free product, code-named Morro, “soon” but did not provide further details. Microsoft has said previously that Morro will be suitable for use on low-cost, low-powered netbooks that are growing in popularity in emerging markets and in some segments of the North American computer market. Microsoft also is planning to launch versions of Windows 7 that are netbook-compatible. The definition of malware covers a range of computer threats, including viruses, spyware, rootkits, and Trojans. Hackers, many of them connected to organized crime, often use such tools to extract sensitive data like bank account numbers and passwords from users’ PCs. Microsoft announced in November that it will launch Morro in this month, at which time it will discontinue the $49.95-per-year OneCare service. As of June 11, Microsoft was still selling OneCare subscriptions. Morro will be compatible with Windows XP, Windows Vista, and the forthcoming Windows 7 operating systems, the company has said. While users and analysts may welcome Microsoft’s offer of free antivirus software, competitors such as Symantec and McAfee and government competition watchdogs may not. Microsoft could draw antitrust complaints if it integrates Morro so tightly into Windows that it makes security software from third parties difficult to install or use. Source: http://www.informationweek.com/news/security/antivirus/showArticle.jhtml?articleID=217800827
40. June 11, New York Times – (International) More scamming and spamming on Twitter. Twitter is seeing a surge in activity from the scamming and spamming classes. A spate of phishing attacks have been followed by myriad other efforts to soak Twitter’s enthusiastic and rapidly growing user base. Recently, attackers have tapped into popular topics and latched onto popular people to get in front of big Twitter audiences. Their goal: to persuade people to click and visit their Web sites and then hand over personal information, be sold a bill of goods or become infected with a malicious program. The first strategy capitalizes on Twitter users’ penchant for searching for random commentary on news subjects. Lately, attackers have been using hundreds of dummy accounts to tweet messages about popular subjects. Links in the messages pointed to malicious video sites pretending to show porn. Visitors who clicked to download a program supposedly needed to watch videos actually installed a fake security application called Privacy Center, which tried to hit them up for money for a full version of the bogus product. Pop culture buzz and shocking breaking news are not the only lures, though. Users should beware any topic that hits Twitter’s list of “Trending Topics.” The hashtag #smx, used to call out news about a search-marketing conference, reached the list recently and was summarily added to blasts of spam tweets. In a blog post, an irritated conference host said: “We knew this would happen, but it is annoying and becoming a growing problem. Question is, will Twitter do anything about it, beginning with removing its ‘Trends’ feature?” Source: http://gadgetwise.blogs.nytimes.com/2009/06/11/more-scamming-and-spamming-on-twitter/
41. June 11, Victoria Advocate – (Texas) Phone service out Wednesday due to cut fiber optic line. A fiber cut on June 10 left several people in the Crossroads region without phone service. The cut affected both wireless and wireline services, an AT&T spokesman for South Texas said in an e-mail. “The cut was repaired about 1:45 a.m. on June 11, and all service should be running normally for customers,” he wrote on June 11 in the e-mail. It is difficult to determine how many customers were affected by the outage and where the outages took place, the spokesman said, explaining that, with different cables serving different customers, one home could be fine while the home next door loses service. The outage affected customers in the Victoria area, he said, and possibly others in Yorktown and DeWitt County. Other areas most likely remained unaffected. Source: http://www.victoriaadvocate.com/news/2009/jun/11/am_phones_061209_54265/?news