Monday, December 27, 2010

Complete DHS Daily Report for December 27, 2010

Daily Report

Top Stories

• According to the BBC News, Microsoft has issued a warning about a serious vulnerability in all versions of its Internet Explorer (IE) browser. If exploited by a booby-trapped Web page, the bug would allow attackers to take control of an unprotected computer. See item 56 below in the Information Technology Sector.

• Reuters reports that the Governor of California declared a state of emergency for several counties December 21 following several days of steady downpours. Lifeguards in rubber boats rescued dozens of hotel guests and homeless people stranded by surging floodwaters in San Diego. And high water swamped the parking lot and football field at nearby Qualcomm Stadium. News sources also reported levee problems and water pollution in Southern California (See items 34, 35, 62, 69, 71, and 72)

34. December 23, Associated Press – (California) California storm leaves mudslides, polluted water. California residents who endured flooding, mudslides, and evacuations during a week-long onslaught of rain now have another problem: contaminated water and fouled beaches. The rain washed trash, pesticides, and bacteria into waterways, prompting health warnings. Four beaches were closed in Northern California’s San Mateo County, and another 12 miles of beach from Laguna Beach to San Clemente in Southern California’s Orange County were off-limits because of sewer overflows. After days of relentless rain, long-awaited sunshine was finally in the forecast for December 23, but officials said Californians may want to resist the urge to head to the ocean. Experts normally recommend waiting 72 hours after a storm before getting in the water, though in this case some are saying five days might be wiser. The contamination in some areas could last for weeks because of the especially heavy rains. The president of Heal the Bay, a Santa Monica based group that monitors and grades beach water quality, said more rain causes more pollution to get flushed into the region’s water system. Source: http://www.usatoday.com/weather/storms/2010-12-23-calif-storm_N.htm?csp=34news

35. December 22, San Bernardino County Sun – (California) Water district declares emergency. The San Bernardino Valley Municipal Water District declared a local emergency in Highland December 22 after a pipeline that transports water to the city, Yucaipa, Redlands and communities in the San Gorgonio Pass was threatened by high flow running through City Creek. The pipe runs under the creek, but was exposed after high flow from heavy rains eroded the creek bed in 2005, said the district General Manager. Flow in the creek measured 6,000 cubic-feet per second the morning of December 22. It is unknown if that flow rate will continue the entire day. If it does, 12,000 acre-feet of water would flow from the creek, enough water to meet the needs of 100,000 people for a year. The flow was enough to possibly erode material securing the pipe to the creek bottom. If that happened, the pipe would sink and crack. A contractor visited the site the morning of December 22, and work was expected to begin to solidify the bed by dumping large rocks around the pipe. Source: http://www.sbsun.com/breakingnews/ci_16920688

62. December 22, Reuters – (California) Hotel guests, homeless rescued from California floods. Lifeguards in rubber boats rescued dozens of hotel guests and homeless people stranded by surging floodwaters in San Diego December 22, as the latest in a string of storms drenched rain-soaked Southern California. A sixth day of heavy downpours — rare for the normally sunny, dry region — flooded streets, knocked out electricity to thousands of homes and businesses, and prompted evacuations in foothill areas prone to mudslides. Heavy rains and flooding prompted a rare closure of the SeaWorld aquatic theme park in San Diego. And high water swamped the parking lot and football field at nearby Qualcomm Stadium, where the Poinsettia Bowl college football game was scheduled for December 23. The Governor of California declared a state of emergency for several counties December 21 following five straight days of steady downpours. In the Mission Valley area of San Diego, lifeguards piloting inflatable boards with outboard motors ferried more than 50 people to safety from the Premier Inn, a hotel surrounded by floodwaters that ran waist-deep in places. Police in the upscale, seaside village of Laguna Beach shut down a seven-block area after more than 3 feet of muddy water swept through downtown streets and ran up against storefronts there, said a police lieutenant. Source: http://www.reuters.com/article/idUSTRE6BL4WX20101222?pageNumber=1

69. December 23, KTTV 11 Los Angeles – (California) Levee problems in San Juan Capistrano. Emergency crews are shoring up a portion of a levee that failed, threatening 400 homes along the banks of Trabuco Creek in San Juan Capistrano. Residents had been advised to leave their homes when rushing water caused concrete along both sides of the creek to give way, but an evacuation order was lifted at 3 p.m. on December 22. Amtrak said the Pacific Surfliner train service between San Diego and San Juan Capistrano was being suspended December 23 because of threats of mudslides and high water. Source: http://www.myfoxla.com/dpp/weather/levee-problems-in-san-juan-capistrano-20101222

71. December 22, San Diego Union Tribune – (California) Levee breached, causes flooding in Tijuana River Valley. Farmers and ranchers were drying out late December 22 after a deluge of rain and flood water from a series of storms hit the low lying Tijuana River Valley. Earlier, heavier storms have subsided but intermittent storms were expected through the evening, forecasters said. Silty brown flood water breached the levee west of Hollister Street near the Tijuana River at 6 a.m. December 22, causing moderate flooding to a few ranches. Eighteen horses were moved to higher ground at Kimzey Ranch at Hollister Street and Monument Road. There were no reported injuries to people or animals due to the flooding. However, San Diego Lifeguards made at least one rescue in the Tijuana River near Dairy Mart Road. The latest downpour battering San Diego County drenched border-area farms and ranches. Veterans of floods in the valley said the situation could still worsen if the river continues to crest. The owner of the Sea Horse Ranch on Hollister Street said the flooding is not as devastating this year as it has been in the past, partly because of city dredging projects and large berms built by the federal government. Source: http://www.signonsandiego.com/news/2010/dec/22/levy-breaks-causing-flooding-tijuana-river-valley/

72. December 22, KSBY 6 San Luis Obispo – (California) Guadalupe’s fire chief says city needs Santa Maria Levee extended. Guadalupe city leaders say the flooding is proof that the Santa Maria levee needs to be extended. The heavy December 19 storms resulted in flooding in the 800 block of Pioneer Street. The Red Cross opened a shelter for families at Guadalupe City Hall that night. On December 21, the city declared a State of Emergency. Guadalupe’s fire chief said, “Along Highway 1 and the north side of Guadalupe, that side we have the levee and that’s the end of the Santa Maria Levee. On the other side, we have no levee at all. “The water has now receded. But when the Santa Maria River filled up, it overflowed through private property, flooding Pioneer Street. It left four apartments, two houses, and a local church flooded. Owen says a similar situation took place in that area seven years ago. He said, “We’re going to have to look at more options than just the levee. But at this point right now, we’re going to try and aim for a levee extension and see where it goes.” Source: http://www.ksby.com/news/guadalupe-s-fire-chief-says-city-needs-santa-maria-levee-extended/

Details

Banking and Finance Sector

15. December 23, Chicago Tribune – (Illinois) Cops ask for help finding Aurora bank robbers. Aurora Police asked for the public’s help today in catching two men who robbed a branch bank in a grocery store that may be linked to a Kendall County, Illinois bank robbery earlier this week. The TCF Bank branch in the Jewel Food store at 1270 N. Lake St., Aurora, was robbed by two men about 1 p.m. December 23, police said. Police and FBI agents are trying to determine if the robbery is connected to another TCF bank robbery by two men at a Jewel in Oswego on December 20, police said. The robbery started when the two men entered the store and one went up to a teller at the bank branch and gave her a note demanding money, according to a police news release. As the one stood near the teller, a second stood near the bank counter, apparently acting as a lookout. Neither one showed or implied he had a weapon, according to police. The teller gave the men cash, and they fled the building, leaving the area on foot. Police described the first man as a black man about 20 to 25 years old, between 5-foot-9 and 6 feet tall and weighing between 140 and 160 pounds, according to police. A surveillance photo shows him wearing a new-style Atlanta Braves hat with a red brim and the letter “A” on the front and a dark-colored hooded jacket. The lookout was described as having about the same physical description but being between 25 and 30 years old. The surveillance photo shows the lookout wearing a dark blue or black padded winter vest, a gray hooded sweatshirt and a dark stocking cap. Source: http://www.chicagobreakingnews.com/2010/12/cops-ask-for-help-finding-aurora-bank-robbers.html

16. December 23, BankInfoSecurity.com – (National) EMV, mobile and the payments landscape. The senior director of risk management policy for the American Bankers Association says a number of emerging technologies, such as the EMV chip standard, mobile payments, and peer-to-peer or person-to-person payments, will soon change the way U.S. financial institutions and merchants connect and transact. And it could all happen in 2011, much sooner than most industry experts expect. Making significant moves payments technology will require discussion and collaboration, among banking institutions, merchants, and regulators, to name a few. “The discussion about EMV will move forward rapidly,” the official says. But it will have many caveats. “I think the U.S. may, in fact, move to adopt EMV, and may move relatively soon,” he says. “I think it may be a unique version of EMV, which would, of course, have to be compatible with EMV, globally.” What about social networks? They, too, are expected to have a big impact in 2011, the official says. “We have seen some social networks begin offering payment facilities,” he says. “These may offer consumers some convenience and certainly familiarity, but they also open them up to the fraudsters, so I think this is something that banks are going to have to watch.” Source: http://www.bankinfosecurity.com/articles.php?art_id=3204

17. December 20, Virginia Gazette – (Virginia) Trio convicted in counterfeit check ring. Three members of a counterfeit check ring conspiracy were sentenced last week for running a two-year fraud scheme throughout the Tidewater, Virginia area that caused more than $50,000 in losses. Banks and businesses, including some in James City County, were among the victims. Each defendant was also ordered to pay restitution in the amount of $55,182.39. In June, a federal grand jury returned a superseding indictment charging all three defendants with a conspiracy to commit bank fraud, substantive counts of bank fraud, possession of counterfeit securities, and aggravated identity theft. According to the evidence introduced at trial, between 2007 and 2010, the three conspirators engaged in a scheme to create and pass counterfeit company checks at various banks throughout the Tidewater area. The scheme extended for more than two years and involved banks and companies in James City County, Norfolk, Hampton, Suffolk, Portsmouth, and other cities in Tidewater. Two of the conspirators recruited dozens of individuals to provide copies of legitimate checks that were then used by one of the conspirators to create counterfeit checks on a computer. That conspirator also recruited individuals, including the third conspirator, to present and cash these counterfeit checks at various financial institutions and other businesses. Source: http://www.vagazette.com/articles/2010/12/20/news/doc4d101e66cae5a606670672.txt

Information Technology

53. December 23, The Register – (Minnesota) Hacker charged over siphoning off funds meant for software devs. An alleged hacker has been charged with breaking into the e-commerce systems of Digital River before redirecting more than $250,000 to an account under his control. The hacker, of Houston, Texas, 35, is charged with fraudulently obtaining more than $274K between December 2008 and October 2009 following an alleged hack against the network of SWReg Inc, a Digital River subsidiary. SWReg specializes in running e-commerce fulfillment systems for smaller software developers who do not want the hassle of developing and maintaining their own online store. An indictment in the case, filed in a federal court in Minnesota, was unsealed December 21. A separate computer intrusion earlier this year obliged Digital River to obtain a court order against an individual who was allegedly planning to sell 200,000 records from a stolen database, net security firm Sophos notes. Source: http://www.theregister.co.uk/2010/12/23/digital_river_hack_charges/

54. December 23, Associated Press – (International) Skype CEO: 21 million Skype users back online. Skype SA is still recovering from an outage caused by undisclosed technology problems. The Internet calling and messaging service was unavailable to almost all of its users starting midday December 22. By the afternoon of December 23, some people still could not log on to Skype. Voice calling, video-chatting, and instant messaging are now working. Group video chats and other features are still down. The Skype CEO says about 21 million users are now logged on. That is about 90 percent of Skype’s usual count for this time of day. The CEO would not say what exactly caused the outage. Skype is still investigating the problem. About 124 million people use the service each month. Source: http://www.google.com/hostednews/ap/article/ALeqM5iUQ-n99E-qoELScynPDTycnvn5PQ?docId=0d9386e53c944aeab4c8eed4b39cb99c

55. December 23, Softpedia – (International) IM worm abuses Facebook’s open redirector. Security researchers from Kaspersky warn that a new instant messaging worm abuses Facebook’s open redirect script in order to add legitimacy to rogue links. Known as Zeroll and detected as IM-Worm.Win32.XorBot.a by Kaspersky’s anti-malware products, the worm spreads via Yahoo! Messenger by posting multi-language spam messages. The messages usually reference a photo and different variants were seen in English, German, Dutch and Romanian. “This is the funniest photo ever! [link]” or “seen this?? :D [link]” are just two examples. The links are of the form http://www(dot)facebook(dot)com/l.php?u=[removed].org/Jenny.jpg. Despite the .jpg termination, the links do not lead to an image as one might expect. Instead they serve a file called PIC1274214241-JPG-www(dot)facebook(dot)com.exe for download. When ran, this executable downloads another file called srce.exe and opens an image depicting two attractive women in order to avoid raising suspicion. Source: http://news.softpedia.com/news/IM-Worm-Abuses-Facebook-s-Open-Redirector-174467.shtml

56. December 23, BBC News – (International) Microsoft warns on IE browser bug. Microsoft has issued a warning about a serious vulnerability in all versions of its Internet Explorer (IE) browser. If exploited by a booby-trapped Web page, the bug would allow attackers to take control of an unprotected computer. Code to exploit the bug has already been published though Microsoft said it had no evidence it was currently being used by hi-tech criminals. A workaround for the bug has been produced while Microsoft works on a permanent fix. The bug revolves around the way that IE manages a computer’s memory when processing Cascading Style Sheets .Microsoft has produced updates that improves memory management, but security researchers discovered that these protection systems are not used when some older parts of Windows are called upon. In a statement Microsoft said it was “investigating” the bug and working on a permanent fix. In the meantime it recommended those concerned use a protection system known as the Enhanced Mitigation Experience Toolkit. Source: http://www.bbc.co.uk/news/technology-12067295

57. December 22, Softpedia – (International) Webmasters largely unresponsive to infection reports from security researchers. Security researchers from Sophos claim that webmasters are generally unresponsive when contacted about their infected Web sites, or if they respond, they do so in a hostile way. Legitimate infected Web sites have become one of the primary vectors for spamming and spreading malware online. They are commonly used as doorway pages in black hat search engine optimization (BHSEO) campaigns or to launch drive-by download attacks. The problem with such Web sites is that they can remain infected over long periods of time if their owners are not persuaded into cleaning them. According to a principal virus researcher at Sophos, adding to the problem is the fact that spotting the signs of infection is not always straight forward. For example, some scripts hide the malicious code unless the user arrives to the site through a search engine. The researcher notes that most Web masters seemed to care only if their Web site was up and appeared normal, without any interest into what happens in the background. Source: http://news.softpedia.com/news/Webmasters-Largely-Unresponsive-to-Infection-Reports-from-Security-Researchers-174394.shtml

Communications Sector

58. December 22, Associated Press – (National) Divided FCC adopts rules to protect Web traffic. Federal regulators adopted new rules December 21 to keep the companies that control the Internet’s pipelines from restricting what their customers do online or blocking competing services, including online calling applications and Web video. The new rules have the backing of the White House and capped a year of efforts by the FCC Chairman to find a compromise. They are intended to ensure that broadband providers cannot use their control of the Internet’s on-ramps to dictate where their subscribers can go. They will prohibit phone and cable companies from favoring or discriminating against Internet content and services that travel over their networks — including online calling services such as Skype, Internet video services such as Netflix, and other applications that compete with their core businesses. The prohibitions, known as “net neutrality,” have been at the center of a Washington policy dispute for at least five years. Source: http://www.google.com/hostednews/ap/article/ALeqM5gyoWGBFkAi1iWOw16boaHXwpf0kg?docId=30e116bd6db54942b7bca7fa8b0b9e11

59. December 21, WBTV 3 Charlotte; Associated Press – (North Carolina) Update: Police identify woman who entered Charlotte TV station With gun. A woman was taken into custody after entering the Charlotte ABC affiliate WSOC-TV with what turned out to be an unloaded gun December 21. Employees of the station were evacuated during the situation. Members of the Charlotte-Mecklenburg SWAT team were called to the station following reports of an individual entering the building with a gun.The female suspect was taken into custody around 5:40pm. The WSOC general manager said that the building was evacuated and went off the air after a woman with a gun was in the lobby. He said no hostages were taken and no one was injured. Source: http://www.digtriad.com/news/local/story.aspx?storyid=152167&catid=57

60. December 20, Network World – (International) WiFi Vulnerabilities: Advances and incidents in 2010. The 802.11n standard was ratified in 2009 and WiFi really took off in 2010, with support showing up in an array of consumer electronic devices. Unfortunately security related issues escalated right along with growing acceptance. Here is a look back at the WiFi security issues that emerged this year: Virtual WiFi leads to rogue access points; MiFi gains popularity; Google’s WiFi snooping controversy; Russian spies and peer-to-peer WiFi links; Fake WiFi stealing data from smartphones; Hole196 uncovered for WPA/WPA WiFi networks; Firesheep turns layman into WiFi hackers; and Smartphone as WiFi attacker. Source: http://www.networkworld.com/news/2010/121020wifiin2010.html?page=1

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)