Tuesday, December 28, 2010

Complete DHS Daily Report for December 28, 2010

Daily Report

Top Stories

• CNN reports the Transportation Security Administration was unable to find a woman who breached a security checkpoint at a Texas airport December 25, despite a manhunt that left more than 100 flights delayed. (See item 23)

23. December 26, CNN – (Texas) TSA error causes big delays for Texas airport. The Transportation Security Administration (TSA) was unable to find a woman who breached a security checkpoint at a Texas airport December 25, despite a manhunt that left more than 100 flights delayed. The TSA said agents spotted something suspicious while an elderly woman went through a full-body scanner at the Dallas/Fort Worth International Airport. By the time security agents tried to pull the woman aside for additional screening, she had already moved into the terminal. TSA described the slip-up as a minor error, although it sparked a manhunt throughout the entire airport. Security agents mobilized the command post. Officers searched terminals for the woman, whose photos were given to gate agents. In the process, officers held dozens of flights in order to search planes. After 2 hours of searching, agents still were not able to locate the woman. Agents said she did nothing wrong and likely did not even realize security had flagged her. Source: http://www.ksla.com/Global/story.asp?S=13741290

• The Centers for Disease Control and Prevention announced December 24 it was investigating a 15-state outbreak of salmonella in alfalfa sprouts, according to the Crystal Lake Northwest Herald. (See item 28)

28. December 24, Crystal Lake Northwest Herald – (National) CDC reports salmonella outbreak affects 15 states. The Centers for Disease Control and Prevention (CDC) announced December 24 it was investigating a multi-state outbreak of salmonella in alfalfa sprouts, with 89 reports of a matching strain across 15 states and the District of Columbia. Preliminary results of the CDC investigation indicate a link to eating alfalfa sprouts at a national sandwich chain, the agency said. The CDC said there were reports of 50 cases in Illinois, 14 in Missouri, and 9 in Indiana. Among the 81 people for whom information was available, the CDC said the start of their illnesses ranged from November 1 to December 14, and ranged in age from 1 to 75 years old, with a median age of 28. Of the information available, the CDC said 23 percent of the people affected were hospitalized, with no deaths reported. The CDC said because the pattern associated with this salmonella type commonly occurred in the U.S., some cases currently identified might not be related to the outbreak. The outbreak first was reported December 17 when the Illinois Department of Public Health (IDPH) reported more than 40 people said they had become ill after eating alfalfa sprouts at Jimmy John’s restaurants. The IDPH’s update December 23 raised the count to 50 confirmed Illinois residents, and one Wisconsin resident, with reports stretching over 11 counties in the state. The CDC said the investigation was ongoing, and the agency would continue to monitor new cases, along with the Food and Drug Administration, and state and local public health partners. Source: http://www.nwherald.com/2010/12/23/cdc-reports-salmonella-outbreak-affects-15-states/agxgy43/

Details

Banking and Finance Sector

15. December 27, Slashgear – (International) Chip and PIN security hack prompts censorship rebuke from researchers. Cambridge University has refused to censor a masters student’s thesis on the security flaws in the Chip and PIN security system, rebuking calls from the UK Cards Association trade body to bury the research after allegations it “breaches the boundary of responsible disclosure.” According to s security group researcher, not only is the paper lawful and already in the public domain, it will soon be followed by a similarly-detailed paper on the subject. The Association claimed the loophole utilized has already been fixed when using Barclays bank cards at a Barclays merchant, though that still leaves Chip and PIN systems managed by other banks open to attack. The research had led to the creation of a card-sized monitoring device that can track transactions and flag up — among other things — cases where illegally modified card-readers show one value on-screen and then charge a higher amount to the card. Source: http://www.slashgear.com/chip-and-pin-security-hack-prompts-censorship-rebuke-from-researchers-27121248/

16. December 27, London Telegraph – (International) Online stores insure against cyber-hacking after Wikileaks protest. Online retailers will be offered insurance against cyber-hacking following the recent attack by supporters of Wikileaks. IMRG, a trade body in England, will provide protection against politically-driven “denial of service” attacks that threaten Britain’s 57.8 billion pound online shopping industry. It follows the targeting of payment services PayPal, Visa and Mastercard earlier in December by “hacktivists” who accused them of bowing to U.S. pressure to hinder the release of embarrassing diplomatic cables. Amazon was also attacked because it had removed Wikileaks information from its servers. Christmas shopping was not disrupted, but the movement behind the attacks, calling itself Anonymous, said it would mount similar campaigns in the future. A member of the online security organization ISACA and chief executive of security consultants First Base Technologies, said: “Politically-motivated denial of service is a new threat to online retail because previously the threat has only been from criminals.” Source: http://www.telegraph.co.uk/finance/newsbysector/retailandconsumer/8224968/Online-stores-insure-against-cyber-hacking-after-Wikileaks-protest.html

17. December 26, Kansas City Star – (Missouri) Springfield company files lawsuit over hacker loss. A Springfield, Missouri escrow company has filed a lawsuit against BancorpSouth Bank, accusing the bank of failing to prevent a hacker from stealing $440,000 from the escrow company. The owner of Choice Escrow and Land Title said his company had to take out a loan to cover the loss because the bank wouldn’t refund any of the money. He said it appears criminals infected the escrow company’s computer and stole its user ID and password for its BancorpSouth trust account. The Bancorp senior vice president and director of marketing in Tupelo, Mississippi, said the bank would present its side during court proceedings. He declined further comment. Source: http://www.kansascity.com/2010/12/26/2542677/springfield-company-files-lawsuit.html

18. December 25, Krebs on Security – (International) Carders.cc, Backtrack-linux.org and Exploit-db.org Hacked. Carders.cc, a German security forum that specializes in trading stolen credit cards and other purloined data, has been hacked by security vigilantes for the second time this year. Also waking up to “you’ve been owned” calling cards this Christmas are exploit database exploit-db.org and backtrack-linux.org, the home of Backtrack, an open source “live CD” distribution of Linux. The hacks were detailed in the second edition of “Owned and Exposed,” an ezine whose first edition in May included the internal database and thousands of stolen credit card numbers and passwords from Carders.cc. The Christmas version of the ezine does not feature credit card numbers, but it does list the user names and hashed passwords of the carders.cc forum administrators. The main administrator for exploit-db.org and backtrack-linux.org, confirmed the hacks against the sites were legitimate. In an e-mail, he provided a link to a short statement, noting a hacking team called inj3ct0r initially took credit for the attack, only to find itself also targeted in the current edition of Owned and Exposed. Source: http://krebsonsecurity.com/2010/12/carders-cc-linux-exploit-org-and-exploit-db-org-hacked/

19. December 25, Hillsdale Daily News – (Michigan) Hillsdale-area authorities seek bank robbery suspect. Authorities now believe the same man is responsible for three separate bank robberies of two Southern Michigan Bank and Trust branches in the past year. The most recent robbery occurred December 21 at the Camden branch. A witness at the bank described a car similar to the one spotted near the North Adams branch on the bank’s video surveillance system around the time it was robbed November 22. The car closely matched a mid-90s Buick Regal. A composite sketch of the suspect as described by a witness, has been released. The witness saw the man before the first robbery of the North Adams branch February 17. The witness said the man was acting suspiciously in the parking lot. A detective with the Hillsdale County Sheriff’s Depart-ment said the Camden bank’s last customer before the robbery saw a car parked in the bank lot facing out toward the street near the entrance. The detective said it struck the witness as odd that the vehicle was not in a parking space. As the customer approached the bank, a man started to get out of the car, but stopped when he saw them and got back into the car. The car was described as a white, four-door sedan with a dirty grey trim on the lower door from front to back which is similar in appearance to a mid-90s Buick Regal. The Hillsdale sheriff’s department is investigating the robberies in conjunction with the Michigan State Police and the FBI. Source: http://www.lenconnect.com/news/x1651495527/Hillsdale-area-authorities-seek-bank-robbery-suspect

20. December 25, White Mountain Independent – (Arizona) ‘Skeletor Bandit’ indicted - Defendant charged with robbing banks in Northern AZ. A federal grand jury in Phoenix, Arizona returned a six-count indictment against a 51-year-old male suspect, who hails from Lincoln, California, charging him with multiple bank robberies in Arizona. He is accused of being the “Skeletor Bandit” responsible for robbing six banks. The indictment alleges that between October 22, and December 11, 2010, the suspect robbed six banks in Flagstaff, Phoenix, Prescott, and Surprise. In the first four robberies, the suspect wore a Halloween-style rubber mask with a black hooded sweatshirt while displaying a gun. The robber was dubbed the “Skeletor Bandit” based on the mask’s resemblance to a cartoon character from the 1980’s. In the last two robberies, he wore a fake beard, wig and nose along with a New York Yankees cap, and told witnesses he was armed. The suspect is in custody and will go to trial February 1, 2011 before a U.S. district judge in Phoenix. Source: http://www.wmicentral.com/police/article_94b7b6d8-0ee8-11e0-9397-001cc4c002e0.html

For another story, see item 39 below

Information Technology

38. December 27, SpamfighterNews – (National) Kindsight research reveals 33% home PCs hacked. Kindsight, the developer of “Identity Protection” recently announced 30-day research outcomes after surveying about 200,000 North American households that use the Internet. As a result, it was revealed that 33 percent of household personal computers contracted malware infections and were in severe danger of cyber-crime, ID-theft, and other attacks. Furthermore, after classifying the attacks into four groups, the research found spyware was behind 47 percent of the assaults, whilst Trojans along with other malware leading to ID-theft was behind 21 percent. Botnet attacks, which enable malefactors to seize control over home computers, successfully targeted 26 percent of the contaminated home PCs, while conventional viruses accounted for merely 6 percent of the assaults. Source: http://www.spamfighter.com/News-15556-Kindsight-Research-Reveals-33-Home-PCs-Hacked.htm

39. December 23, Federal Bureau of Investigation – (Minnesota; Texas) Texas man indicted for hacking into computer network, stealing $274,000. A federal indictment unsealed December 23 alleged a 35-year-old Texas man hacked into the computer network of an Eden Prairie, Minnesota, business and stole approximately $274,000. The indictment, which was filed in Minneapolis October 13, 2010, charges the suspect, of Houston, Texas, with one count of unauthorized access to a protected computer in furtherance of fraud, and one count of wire fraud. The indictment was unsealed following the suspect’s initial appearance in United States District Court. The indictment alleges that from December 23, 2008, through October 15, 2009, the suspect hacked into the computer network in order to obtain money belonging to Digital River, Inc., a cyber-based business, through a subsidiary, SWReg., Inc. Source: http://7thspace.com/headlines/367783/texas_man_indicted_for_hacking_into_computer_network_stealing_274000__.html

For another story, see item 40 below.

Communications Sector

40. December 26, eWeek – (National) Verizon, RIM investing in mobile security to protect phones from attackers. Carriers, developers, and phone makers are rolling out new services and features to protect mobile devices from malicious attacks and data breaches. As people increase their use of smartphones to check e-mail, do their banking, and access documents, the wireless industry is addressing mobile device security. The effort is not limited to IT administrators within the enterprises, as carriers and phone makers are deploying new features and services to bring security to the mobile devices, according to the Wall Street Journal. “Everyone is realizing that this is an uncontrolled environment. We don’t want to have the same problems that we had with PCs,” the chief security officer of AT&T, told the Wall Street Journal. Several security vendors have raised the alarm, predicting that various types of mobile threats will appear in 2011. Researchers at Panda Security said there will be new attacks on mobile devices, “but not on a massive scale,” which will target Symbian- and Android-based phones. In many cases, some of the security features are already available within the smartphone operating system. For example, one of the most frequently touted mobile security features for preventing data breaches, remote wipe, is available in the latest version of the Android operating system, as well as for the BlackBerry and iPhone. Source: http://www.eweek.com/c/a/Security/Verizon-RIM-Investing-in-Mobile-Security-to-Protect-Phones-from-Attackers-391875/

41. December 25, Associated Press – (Hawaii) Heavy rain disrupts Oahu landline phone service. Hawaiian Telcom said heavy rain the weekend of December 18 and 19 on the island of Oahu, Hawaii caused water to seep into the company’s cables, shorting circuits and disrupting landline service. The company said cables must be dried out and replaced. This means some customers were expected to temporarily lose service or notice static on the line. The Honolulu Star-Advertiser said readers in Makiki, Pearl City, and Aiea reported phone outages December 23. A Hawaiian Telcom spokesman said crews were working every day in 10- to 12-hour shifts, and would be working through December 25. Technicians from the neighbor islands were flown in to assist with repair efforts. Source: http://www.kpua.net/news.php?id=21886

42. December 25, KDVR 31 Denver – (Colorado) Englewood Police investigate molotov cocktail attack. Authorities recovered as many as 10 explosive devices from inside an Englewood, Colorado cell phone store December 24 after what appears to be a failed attempt to set fire to the business. Officers responded to CTG Wireless, located at 4720 South Santa Fe Circle, at about 7 a.m. after someone called Englewood Police to report several windows had been broken. Inside the store, authorities found as many as 10 explosive devices similar to a “Molotov Cocktail,” said an officer with Englewood Police. “The decision was made to call the Arapahoe County bomb squad just as a precaution,” he said. None of the devices detonated and damage to the store was minimal. Still, neighboring businesses in the strip mall were evacuated until the bomb squad determined the devices no longer posed a threat. Englewood police said the Bureau of Alcohol, Tobacco, Firearms and Explosives is assisting the investigation. Source: http://www.kwgn.com/news/kdvr-explosive-devices-found-in-eng-122410,0,5203900.story

43. December 24, KYMA 11 Yuma/El Centro – (Arizona) Bomb threat called into call center. San Luis, Arizona police officers told News 11 someone called the police department around noon, December 24, claiming there was a bomb at the ACT call center in San Luis. Officers said hundreds of people were at work and had to be evacuated for about two and a half hours. Police brought in a military police bomb detection dog. At about 2:30 p.m., police gave the all clear, and everyone was let back in the building. Police are looking for the person or persons who called in the bomb threat. Source: http://www.kyma.com/slp.php?idN=4519&cat=Local News

No comments: