Monday, May 10, 2010
Complete DHS Daily Report for May 10, 2010
Daily Report
Top Stories
The Associated Press reports that Freshway Foods of Sidney, Ohio has recalled lettuce sold in 23 states and the District of Columbia because of an E. coli outbreak that has sickened at least 19 people in Michigan, Ohio, and New York. The FDA is focusing its investigation on lettuce grown in Arizona as a possible source for the outbreak. (See item 31)
31. May 7, Associated Press – (National) E. coli outbreak sickens 19 people in three states. A food company has recalled lettuce sold in 23 states and the District of Columbia because of an E. coli outbreak that has sickened at least 19 people, three of them with life-threatening symptoms. The Food and Drug Administration (FDA) said May 6 that 12 people had been hospitalized and the federal Centers for Disease Control and Prevention (CDC) said it was looking at 10 other cases probably linked to the outbreak. Freshway Foods of Sidney, Ohio, said it was recalling romaine lettuce sold under the Freshway and Imperial Sysco brands because of a possible link to the E. coli outbreak. College students at the University of Michigan in Ann Arbor, Ohio State in Columbus and Daemen College in Amherst, New York, are among those affected, according to local health departments in those states. The FDA is focusing its investigation on lettuce grown in Arizona as a possible source for the outbreak, according to two people who have been briefed by the agency. Freshway Foods said the lettuce was sold to wholesalers, food service outlets, in-store salad bars and delis. The company issued a statement May 6 that said the FDA informed it about the positive test in New York, May 5. The statement said “an extensive FDA investigation” of Freshway Foods’ facility in Sidney has not uncovered any contamination at the plant. The recalled lettuce has a “best if used by” date of May 12 or earlier. The recall also affects “grab and go” salads sold at Kroger, Giant Eagle, Ingles Markets, and Marsh grocery stores. The lettuce was sold in Alabama, Connecticut, the District of Columbia, Florida, Georgia, Illinois, Indiana, Kansas, Kentucky, Maryland, Massachusetts, Michigan, Missouri, New Jersey, New York, North Carolina, Ohio, Pennsylvania, Rhode Island, South Carolina, Tennessee, Virginia, West Virginia, and Wisconsin. Source: http://www.foxnews.com/story/0,2933,592365,00.html?test=latestnews
The U.S. Department of Justice announced on May 6 that Operation Network Raider, a domestic and international enforcement initiative targeting the illegal distribution of counterfeit network hardware manufactured in China, has resulted in 30 felony convictions and more than 700 seizures of counterfeit Cisco network hardware and labels with an estimated retail value of more than $143 million. (See item 48)
48. May 6, U.S. Department of Justice – (International) Departments of Justice and Homeland Security announce 30 convictions, more than $143 million in seizures from initiative targeting traffickers in counterfeit network hardware. Operation Network Raider, a domestic and international enforcement initiative targeting the illegal distribution of counterfeit network hardware manufactured in China, has resulted in 30 felony convictions and more than 700 seizures of counterfeit Cisco network hardware and labels with an estimated retail value of more than $143 million. In addition, nine individuals are facing trial and another eight defendants are awaiting sentencing. This operation is a joint initiative by the Federal Bureau of Investigation, U.S. Immigration and Customs Enforcement, and U.S. Customs and Border Protection working with the U.S. Department of Justice. On May 6, as a part of this joint initiative, a Saudi citizen who resides in Sugarland, Texas, was sentenced in the Southern District of Texas to 51 months in prison and ordered to pay $119,400 in restitution to Cisco Systems. A federal jury found him guilty on January 22 of charges related to his trafficking in counterfeit Cisco products. He purchased counterfeit Cisco Gigabit Interface Converters (GBICs) from an online vendor in China with the intention of selling them to the U.S. Department of Defense for use by U.S. Marine Corps personnel operating in Iraq. The computer network for which the GBICs were intended is used by the U.S. Marine Corps to transmit troop movements, relay intelligence and maintain security for a military base west of Fallujah, Iraq. ICE and CBP seized more than 94,000 counterfeit Cisco network components and labels during the course of the operation. There has been a 75 percent decrease in seizures of counterfeit network hardware at U.S. borders from 2008 to 2009. Source: http://www.justice.gov/opa/pr/2010/May/10-crm-534.html
Details
Banking and Finance Sector
16. May 7, V3.co.uk – (National) Input error leads to huge Dow Jones fall. The Dow Jones fell by nearly 1,000 points, and the Nasdaq and New York Stock Exchange announced that all trades more than 60 per cent above or below market that occurred between 2.40pm and 3.00pm New York time would be cancelled. The dramatic fall in the Dow Jones industrial average appears to have been caused by a trader hitting the button for ‘billion’ not ‘million’. Proctor & Gamble shares fell by over a third on the day’s trading. A report on CNBC said that the problem came when a deal involving Proctor & Gamble shares was incorrectly entered. “We, along with the rest of the financial industry, are investigating to find the source of today’s market volatility,” Citigroup said in a statement. “At this point we have no evidence that Citi was involved in any erroneous transaction.” “We don’t know what caused it,” said a Procter & Gamble spokeswoman. “We know that that was an electronic trade, and we’re looking into it with Nasdaq and the other major electronic exchanges.” Source: http://www.v3.co.uk/v3/news/2262620/computer-input-error-leads
See items 19 and 51
17. May 7, Krebs on Security – (International) Fun with ATM skimmers, part III. According to the European ATM Security Team (EAST), a not-for-profit payment security organization, ATM crimes in Europe jumped 149 percent form 2007 to 2008, and most of that increase has been linked to a dramatic increase in ATM skimming attacks. During 2008, a total of 10,302 skimming incidents were reported in Europe. A short video authorities in Germany released recently showing two men caught on camera there installing a skimmer and a pinhole camera panel above to record PINs. EAST estimates that European ATM fraud losses in 2008 were nearly 500 million Euros, although roughly 80 percent of those losses resulted from fraud committed outside Europe by criminals using stolen card details. EAST believes this is because some 90 percent of European ATMs now are compliant with the so-called “chip and pin” or EMV (an initialism for Europay, Mastercard and VISA) standard. U.S. based financial institutions do not require chip-and-PIN, and that may be a contributor to the high fraud rates in the United States. The U.S. Secret Service estimates that annual losses from ATM fraud totaled about $1 billion in 2008, or about $350,000 each day. Source: http://krebsonsecurity.com/
18. May 7, WBBM 780 Chicago – (National) Sad stories as mortgage scam complaints leap. The number of complaints involving mortgage foreclosure scams is up 126 percent, according to the Better Business Bureau. Officials with the organization say consumers need to continue to research the potential company offering to help, talk to the lender involved, and take time before signing a contract. Source: http://www.wbbm780.com/Sad-stories-as-mortgage-scam-complaints-leap/6994297
19. May 7, Marketwatch – (National) Stock sell-off leads to probe of faulty trade. Securities and futures regulators said they were working with exchanges to examine “unusual” trading activity during the day’s massive sell-off, which saw bellwethers such as Procter & Gamble Co. plunge nearly 40%, and prompted a senator to call for tighter trading controls. The U.S. Commodity Futures Trading Commission and the U.S. Securities & Exchange Commission said in a joint statement late May 6 that they are working closely with other financial regulators and exchanges “to review the unusual trading activity that took place briefly this afternoon.” The regulators said they would make the findings of their review public. In a brief statement, the Nasdaq OMX Group Inc. said later in the evening that it will cancel all trades made between 2:40 p.m. Eastern time and 3 p.m. Eastern time which were “greater than or less than 60% away from the consolidated last print in that security at (2:40 p.m.) or immediately prior.” Reports said the New York Stock Exchange would also cancel some trades. Source: http://www.marketwatch.com/story/stocks-sell-off-leads-to-faulty-trade-probe-2010-05-06?reflink=MW_news_stmp
20. May 6, KDAF 33 Dallas – (Texas) Woman warns of bombs during bank robbery; Wal-Mart evacuated. McKinney , Texas, police are looking for a woman who robbed bank inside of a Wal-Mart and caused the entire store to be evacuated by saying there were two bombs in the store. According to police, she entered a Woodforest National Bank just before 11 a.m. and handed a teller a note demanding money. The teller gave the suspect an undisclosed amount of money. Police say she also told the teller there were bombs in the store. She then left the bank inside the Wal-Mart in a silver, four-door sedan. Wal-Mart management evacuated customers from the store. Officers on the scene helped management walk through the store to look for any suspicious packages or devices in the store. Nothing suspicious was found. Source: http://www.the33tv.com/news/kdaf-woman-bomb-robs-mckinney-bank-walmart-story,0,6220710.story
21. May 6, Bloomberg – (National) Freddie Mac falls after seeking $10.6 billion from Treasury. Freddie Mac fell 8 percent in New York trading after requesting $10.6 billion more in Treasury Department aid while reporting a first-quarter loss. Freddie Mac asked for aid and reported a $6.7 billion first-quarter loss in a Securities and Exchange Commission filing May 5. The new request would add to the $50.7 billion in taxpayer aid the company has received since November 2008. The company’s shares fell 11 cents to $1.32 at 12:21 p.m. in New York Stock Exchange composite trading. Freddie Mac and Fannie Mae have borrowed almost $137 billion from the Treasury since U.S. regulators seized the two government-sponsored enterprises in September 2008, after rising delinquencies and foreclosures pushed them to the brink of collapse. However, the Treasury Secretary said the current Administration “made a choice” not to seek legislation to address Fannie Mae and Freddie Mac this year. Source: http://www.bloomberg.com/apps/news?pid=20601206&sid=aS5g.vrcsoZM
Information Technology
45. May 7, V3.co.uk – (International) Microsoft planning two critical fixes in May update. Microsoft has published its advance notification for this month’s Patch Tuesday update on 11 May, revealing fixes for two critical vulnerabilities in Windows and Office. A group manager for response communications at Microsoft said in a blog post that both issues allow for the remote execution of code. Windows 7 and Windows Server 2008 R2 customers will be offered the Windows-related update, but the manager claimed that “they are not vulnerable in their default configurations.” A recently uncovered problem with SharePoint will not be patched this month, as Microsoft is continuing to work on a solution. Administrators have been advised to apply an access control list to the SharePoint Help.aspx file to prevent unauthorized users gaining access to the vulnerable components, or to disable certain features in Internet Explorer. Source: http://www.v3.co.uk/v3/news/2262645/microsoft-plans-slight-patch
46. May 7, IDG News Service – (International) Chinese companies join to rid handsets of poisoned apps. More than a dozen mobile phone makers in China have teamed up to tackle a growing problem of poisoned applications that are designed to slowly bleed money from a user in a number of ways, either by increasing phone usage charges, such as charging to the monthly bill every time a user clicks on the app, or offering products or services that are paid for but never delivered. The group of companies, which includes Lenovo, Haier, TCL and chip maker MediaTek, pledged to answer the call by China’s Ministry of Industry and Information Technology to crack down on the illegal applications. They signed an agreement not to pre-install any such applications on the cell phones they make and to take appropriate action if they discover any such malicious software in their products. The government has worked to clean up the industry and the companies formed the group to support the efforts. Source: http://www.networkworld.com/news/2010/050710-chinese-companies-join-to-rid.html?hpg1=bn
47. May 6, DarkReading – (International) Breaches rise in U.K. firms along with wireless, VoIP, social networking. According to recent survey by Pricewaterhouse Coopers, more than 90 percent of large organizations (more than 250 employees) say they suffered a data breach in the past year, up from 72 percent in 2008, the last time the survey was conducted. About 83 percent of small organizations (50 or fewer employees) were hit last year, up from 45 percent in 2008. On average, large U.K. firms were hit with 45 breaches in the past year, three times as many incidents as they reported in 2008. Small firms were hit with an average of 14 breaches, more than two times the number they logged two years ago. At the same time, U.K. organizations are rapidly adopting new technologies and services. Nearly half use voice-over-IP (VoIP) — up from 17 percent two years ago — and 85 percent run wireless networks, twice as many as in ‘08. Social networking is important to business for 32 percent of the organizations, and 34 percent say they are “critically dependent” on cloud-based, hosted software services. Meanwhile, staffers lost or leaked confidential data in 46 percent of the large organizations, with 45 percent of those saying the information exposed was “very serious” or “extremely serious.”
Source: http://www.darkreading.com/database_security/security/attacks/showArticle.jhtml?articleID=224701015
48. May 6, U.S. Department of Justice – (International) Departments of Justice and Homeland Security announce 30 convictions, more than $143 million in seizures from initiative targeting traffickers in counterfeit network hardware. Operation Network Raider, a domestic and international enforcement initiative targeting the illegal distribution of counterfeit network hardware manufactured in China, has resulted in 30 felony convictions and more than 700 seizures of counterfeit Cisco network hardware and labels with an estimated retail value of more than $143 million. In addition, nine individuals are facing trial and another eight defendants are awaiting sentencing. This operation is a joint initiative by the Federal Bureau of Investigation, U.S. Immigration and Customs Enforcement, and U.S. Customs and Border Protection working with the U.S. Department of Justice. On May 6, as a part of this joint initiative, a Saudi citizen who resides in Sugarland, Texas, was sentenced in the Southern District of Texas to 51 months in prison and ordered to pay $119,400 in restitution to Cisco Systems. A federal jury found him guilty on January 22 of charges related to his trafficking in counterfeit Cisco products. He purchased counterfeit Cisco Gigabit Interface Converters (GBICs) from an online vendor in China with the intention of selling them to the U.S. Department of Defense for use by U.S. Marine Corps personnel operating in Iraq. The computer network for which the GBICs were intended is used by the U.S. Marine Corps to transmit troop movements, relay intelligence and maintain security for a military base west of Fallujah, Iraq. ICE and CBP seized more than 94,000 counterfeit Cisco network components and labels during the course of the operation. There has been a 75 percent decrease in seizures of counterfeit network hardware at U.S. borders from 2008 to 2009. Source: http://www.justice.gov/opa/pr/2010/May/10-crm-534.html
49. May 5, DarkReading – (International) Red Condor warns of ‘Adobe Security Update’ malware campaign. Red Condor on May 5 issued a warning of a new malware threat crafted to appear as an email thread discussing vulnerabilities in Adobe software. The campaign targets Adobe customers and consists of a fake thread of forwarded emails that begins with a security update message from an employee in “Adobe Risk Management.” The campaign warns recipients of a “Denial of Service Vulnerability” in the Adobe software and “strongly advises” that companies running the software update their systems with the “latest security patch.” The most convincing and potentially damaging aspect of the campaign is the structure of the forwarded thread, which is spoofed and customized per message and recipient. The thread contains what appear to be the full names and email addresses of people in higher positions in the recipient’s organization, possibly a technique to make the message and call to action seem legitimate. Embedded in the body of the email are links to a PDF file that contains the update instructions for the security patch, and an executable, which has been identified as a Trojan virus. Red Condor is the first to detect the malware campaign; the vast majority of AV engines failed to recognize the malicious download.
For another story, see item 52
Communications Sector
50. May 7, Los Angeles Times – (National) FCC chooses a middle ground in enforcing net neutrality. The Federal Communications Commission has come up with a new way to apply some net neutrality rules that would force Comcast Corp., AT&T Inc. and other broadband Internet service providers to handle all Web traffic the same, without imposing limits on users or blocking websites. Its proposal released May 6 is aimed at blunting an April federal appeals court ruling involving Comcast that found the agency had limited authority to regulate broadband Internet service. FCC Chairman said in a statement that the Comcast decision had created a “serious problem” and that his agency believes more regulation of broadband Internet service is needed, though not the heavier restrictions that apply to telephone companies.The Democratic appointee to the commission said existing law allows the agency to apply a “narrowly tailored broadband framework” to regulate Internet traffic. His proposal seeks to give the agency direct authority over broadband service. Source: http://www.latimes.com/business/la-fi-internet-fcc-20100507,0,3891841.story
51. May 7, Computerworld – (International) Stock market crash takes down financial sites. The stock market crash on Thursday afternoon took financial Web sites down with it, as people hurried online to make trades and check their investments. Yahoo Finance, Fidelity.com, and Google Finance are among the sites that people complained were unavailable or slow for a period during the afternoon. A Yahoo spokeswoman would say only that Yahoo Finance experienced intermittent issues. Google said a small percentage of visitors may have experienced “sluggishness” for a brief period of time. Fidelity said it saw near-record peak transaction volumes and had intermittent slowness but no interruption throughout the day. Source: http://blogs.computerworld.com/16064/stock_market_crash_takes_down_financial_sites
See item 16
52. May 6, BBC – (International) ‘Historic’ day as first non-Latin web addresses go live. Net regulator Icann has switched on a system that allows full web addresses that contain no Latin characters. Egypt, Saudi Arabia and the United Arab Emirates are the first countries to have so-called “country codes” written in Arabic scripts. The move is the first step to allow web addresses in many scripts including Chinese, Thai and Tamil. More than 20 countries have requested approval for international domains from the Internet Corporation for Assigned Names and Numbers (Icann). It said the new domains were “available for use now” although it admitted there was still some work to do before they worked correctly for everyone. However, it said these were “mostly formalities”. Icann’s senior director for internationalized domain names told BBC News that this has been “the most significant day” since the launch of the internet, adding that “it’s been a very big day for Icann, more so for the three Arabic countries that were the first to be introduced”. Icann president described the change as “historic.” Source: http://news.bbc.co.uk/1/hi/technology/10100108.stm
53. May 6, Associated Press – (International) How an unfixed Net glitch could strand you offline. A member of the “hacker think tank” called the L0pht told Congress in 1998 that he could use a Border Gateway Protocol (BGP) vulnerability to bring down the Internet in half an hour by misdirecting data. In recent years, the expert — who now works for the Pentagon’s Defense Advanced Research Projects Agency — has said the exploit would still work. However, it would likely take a few hours. In 2003, the Presidential Administration concluded that fixing this flaw was in the nation’s “vital interest.” Fast forward to 2010, and very little has happened to improve the situation. The flaw still causes outages every year. The crux of the problem is that each carrier along the way figures out how to route the data based only on what the surrounding carriers in the chain say, rather than by looking at the whole path. And while there is some progress being made, there is little industry-wide momentum behind efforts to introduce a permanent remedy. Data carriers regard the fallibility of the routing system as the price to be paid for the Internet’s open, flexible structure. Internet growth has also increased the risks exponentially. Spokesmen at AT&T Inc. and Verizon Communications Inc. said they were unable to find anyone at their companies who could discuss the issue of routing reform. The chief technology officer at Qwest Communications International Inc. says that he would support some simple mechanisms to validate data routes, but he argues that fundamental reform is not necessary. Hijackings are typically corrected quickly enough that they do not pose a major threat, he argues. In the meantime, network administrators deal with hijacking the old-fashioned way: calling their counterparts close to where the hijacking is happening to get them to manually change data routes. Source: http://www.dailymail.com/News/TechnologyNews/201005060418?page=1&build=cache
54. May 5, CNNMoney – (National) AT&T dropping more calls than ever. AT&T announced in January that it was spending $2 billion this year to improve its much maligned cellular network. A survey of smartphone customers was released May 4 by ChangeWave Research, the consumer polling division of InvestorPlace.com. In a poll that asked 4,040 smartphone users in March how many dropped calls they had experienced in the past three months, AT&T — the exclusive U.S. carrier of Apple’s iPhone and iPad mobile devices — came in last among the country’s four largest carriers. Verizon customers reported losing only 1.5 percent of their calls over the past three months, the lowest in the smartphone industry and the lowest percentage for a carrier ever recorded by ChangeWave. AT&T customers, by contrast, reported 4.5 percent of calls dropped in the last three months. That is one out of every 22 calls — three times as many as Verizon’s and the worst percentage ChangeWave has ever seen. Sprint was the country’s second most reliable carrier, with 2.4 percent of calls dropped, and T-Mobile the third, with 2.8 percent of calls dropped. The survey was conducted between March 9 and March 23. Source: http://tech.fortune.cnn.com/2010/05/05/att-dropping-more-calls-than-ever/
55. May 5, St. Paul Pioneer Press – (Minnesota) Qwest investigating cause of local Internet outage. A high-speed Internet network serving the Twin Cities metro area was down for nearly an hour May 5. Qwest Communications International, the state’s largest phone provider, is investigating the cause of the outage, which occurred from about 10:40 to 11:30 a.m., a spokeswoman said. The problem created a “routing loop” in the telecommunication company’s Metro Optical Ethernet, or MOE. “Data was coming in but it couldn’t figure out where to send itself,” she said. “So it was looping and looping and looping and getting stuck.” The outage knocked out Internet access to about 1,000 large-, medium- and small-business customers of Qwest, including the St. Paul Pioneer Press and St. Paul-based Minnesota Public Radio. IPHouse, a Minneapolis Internet service provider that serves MPR and uses the MOE service, was told by Qwest technicians that they could see no single point of failure in the network, the IPHouse CEO said. An unknown number of residential customers using DSL also may have been affected, the Qwest spokeswoman said. Qwest business customers that do not use MOE were not affected by the outage, she said. Source: http://www.twincities.com/business/ci_15023615
No comments:
Post a Comment