Friday, May 28, 2010

Complete DHS Daily Report for May 28, 2010

Daily Report

Top Stories

• A national consumer group said the U.S. Food and Drug Administration should set minimum sanitary and safety standards for pallets used to transport food, after tests revealed the presence of bacteria and virulent pathogens that cause food poisoning, reports Walletpop.com. “We believe it is essential to ensure that pathogens are not introduced at any step along the food transport system, from farm to fork,” the executive director of the National Consumers League (NCL) said in a statement. (See item 16)

16. May 26, Associated Press – (Indiana) Lawsuit: Contractor approved bad gun parts. A former employee of an Indiana defense contractor has filed a whistleblower lawsuit claiming the company ordered him to approve parts for machine guns used by troops that did not meet quality standards, and that he was fired for complaining about it. In a lawsuit filed in U.S. District Court in Evansville in February 2009 and unsealed in March, an employee accused Dugger-based Northside Machine Company of fraud and wrongful termination. He is seeking reinstatement with back pay and unspecified damages. In a court filing Wednesday, the company contends that it never told the man to falsify test results, and that he never complained to management before he was fired. It asked a judge to dismiss his lawsuit. Northside Machine supplies trigger assemblies and other components to defense contractor FN Manufacturing for use in its M240 and M249 machine guns, which are widely used by the military. FN Manufacturing is not accused of wrongdoing. According to a 2006 report by the Center for Naval Analyses, a federally funded research group that studies military matters, 30 percent of troops surveyed reported that the M249 had stopped firing during combat, a higher percentage than with any other weapon included in the report. Problems with the light machine gun and other weapons were reported during the July 2008 battle in Wanat, Afghanistan, in which nine U.S. troops died and 27 were wounded. Source: http://www.militarytimes.com/news/2010/05/ap_military_lawsuit_triggers_052610/

• According to The Associated Press, a former employee of an Indiana defense contractor has filed a whistleblower lawsuit claiming the company ordered him to approve parts for machine guns used by troops that did not meet quality standards (with the problems resulting in injuries and deaths), and that he was fired for complaining about it. (See item 27)

27. May 27, Walletpop.com – (National) Wooden pallets could be poisoning our food, consumer group’s test show. A national consumer group said the U.S. Food and Drug Administration should set minimum sanitary and safety standards for pallets used to transport food, after tests revealed the presence of bacteria that cause food poisoning. “We believe it is essential to ensure that pathogens are not introduced at any step along the food transport system, from farm to fork,” the executive director of the National Consumers League (NCL) said in a statement. The recommendations follow recent tests conducted by the NCL on pallets to determine whether they may be carriers of pathogens. The NCL tested pallets for a number of food-borne pathogens, including E. coli and Listeria, and found 10 percent of the wooden pallets tested positive for E. coli (though not the most virulent strain, E. coli O157:H7). In addition to the presence of E. coli, 2.9 percent of the wood pallets tested positive for Listeria. Half of these, when further tested, contained Listeria monocytogenes, one of the most virulent pathogens. This strain is linked to a 20 to 30 percent rate of clinical infection resulting in death, and causes approximately 2,500 illnesses and 500 deaths in the United States every year. Listeriosis is also more likely to cause death than any other food-borne bacterial pathogen. “With approximately two billion pallets currently in circulation in the United States, the presence of dangerous pathogens on even a small percentage of those pallets presents a potential threat to the safety of the food supply,” the NCL executive director wrote to the FDA. Although both types of pallets tested positive for pathogens, wooden pallets contained far more for a number of reasons. Unlike plastic, wooden pallets absorb water, harbor bacteria and are difficult to fully clean, making it easier for them to contaminate food. The NCL’s test also revealed wood pallets are more likely to be stored outside and exposed to weather, rodents, bird droppings and insects. Splinters on wooden pallets can also damage packaging, creating an opening for pathogens. In a just-issued report prepared for the FDA, Eastern Research Group, Inc. highlights the use of “good quality pallets” as a preventive measure. The agency has said it will use the report to inform the development of new rules to increase the safety of food during transport. Source: http://www.walletpop.com/blog/2010/05/27/wooden-pallets-could-be-poisoning-our-food-consumer-groups-tes/

Details

Banking and Finance Sector

18. May 27, Windsor Beacon – (Colorado) Payday loan collection calls just another elaborate scam. If anyone has received a call recently from a debt collecting agency telling them to either set up a payment plan or face arrest, the Windsor (Colorado) Police Department asks them to pause. “First of all, private businesses can’t issue arrest warrants,” said a Windsor police corporal. This phone call, which was recently received by a Windsor resident, is a new twist on a familiar scam, according to police officials. The scam was made more frightening, the officer said, because the caller had a lot of this resident’s personal information from a payday loan application she’d previously filled out. “The caller was abrupt and rude, and basically they frightened [a resident] into doing what they said,” the officer said. The resident made only one payment before she was convinced to call the Windsor police, who investigated. Source: http://www.coloradoan.com/article/20100527/WINDSORBEACON01/5270306


19. May 26, WLWT 5 Cincinnati – (Ohio) High-tech credit cards vulnerable to thieves. New no-swipe technology makes using credit cards faster and easier than ever before, but that convenience makes credit cards an easy target for thieves. Companies are now embedding small computer chips into cards in which radio frequencies read the data right off the card. The technology goes by several names including Pay Pass, Express Pay and Tap N Go. But clever thieves can also read that frequency and swipe information. “What you may not know is someone may be looking to glean that off of your card and use it,” said a professor at Webster University and owner of PitViper Industries. Some banks are looking at security options as they add the chip to their banking cards. “The thieves will have a very difficult time compromising the card. That’s some of the technology that is embedded in the card,” a spokesman of Fifth Third Bank Community Relations said. Experts predict that the magnetic strip will be gone from all credit cards, replaced by the chips, within three to five years. Source: http://www.wlwt.com/money/23681530/detail.html


20. May 26, Orlando Sentinel – (Florida) Winter Park police think skimming devices used at Bank of America ATMs. Winter Park, Florida police are investigating the use of skimming devices they think were used to steal credit and debit card information from Bank of America customers. None of the people who lost money had lost or misplaced their cards, but their accounts were accessed in late April, police said. Suspects were seen on surveillance video driving a black or blue Mercury Grand Marquis. Source: http://articles.orlandosentinel.com/2010-05-26/news/os-winter-park-atm-skimming-20100526_1_winter-park-police-bank-of-america-atms-skimming


For another story, see item 46 below in the Information Technology Sector


Information Technology


46. May 27, Softpedia – (International) Romanian authorities shut down ATM-skimmer manufacturing operation. The Romanian organized crime police has dismantled a major cybercriminal ring that specialized in manufacturing and selling ATM skimmers. Law enforcement officials descended at more than 40 locations in several cities and detained 20 suspects. Prosecutors from the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT) are investigating multiple individuals under the suspicion of being members of an organized crime group, unauthorized access to a computer system, possessing card-cloning equipment, access-device fraud, and distributing fake electronic-payment devices. According to DIICOT, the criminal group operated out of Romania’s Dolj county, particularly the city of Craiova, where the ATM skimmers were assembled. However, some of the electronic components used for the devices were manufactured in Bucharest. The devices were either sold to other fraudsters or used by ring members in Italy, Germany, Sweden, or Romania. Teams of Romanian Police special forces raided 38 locations in Craiova, six in Bucharest and three in a neighboring county earlier today, taking a total number of 20 suspects back for questioning. Amongst them are the brother of a local magistrate and the son of a Ministry of Interior official. Source: http://news.softpedia.com/news/Romanian-Authorities-Shut-Down-ATM-Skimmer-Manufacturing-Operation-143204.shtml


47. May 27, IDG News Service – (International) Europe warns Google, Microsoft, others about search-data retention. Google, Microsoft, and Yahoo are retaining detailed search engine data for too long and not making it sufficiently anonymous later, in violation of European law, the European Union’s data-protection advisory body has warned. The three companies received letters May 26 from the Article 29 Data Protection Working Party, which oversees data-protection issues in the E.U. Since 2008 the working party has pressured search companies to retain highly detailed search records for no longer than six months. Google, Yahoo, and Microsoft all agreed to modify how long they store the detailed data, which varied up to 18 months. The data collected by search engines can include a host of details, including the search terms, the date and time of the search, the searcher’s IP (Internet Protocol) address and the brand of browser, operating system and language used. Google keeps the full data for nine months and then obscures the last octet of the IP address. The working party wrote to Google stating that that policy does not protect the “identifiability of data subjects.” Also, Google retains cookies — data files used to track how a person moves around a Web site — for 18 months, which would also allow for the correlation of search queries, the working party said. In a news release, the working party singled out Google, saying that that company’s 95 percent market share in some European countries means it “has a significant role in European citizens’ daily lives.” Source: http://www.computerworld.com/s/article/9177424/Europe_warns_Google_Microsoft_others_about_search_data_retention


48. May 26, The Register – (International) Cisco bugs surrender control of building’s critical systems. Cisco Systems has warned of serious vulnerabilities in a device that connects a building’s ventilation, lighting, security, and energy supply systems so they can be controlled by IT workers remotely. The networking giant May 26 urged users of the Cisco Network Building Mediator products to patch the vulnerabilities, which among other things allow adversaries to obtain administrative passwords. No authentication is required to read the system configuration files, making it possible for outsiders to take control of a building’s most critical control systems. “Successful exploitation of any of these vulnerabilities could result in a malicious user taking complete control over an affected device,” a Cisco advisory stated. The notice also warned that the vulnerabilities are present in the legacy products from Richards-Zeta, the Cisco-acquired company that originally designed the system. The bugs were discovered during internal testing. Another flaw makes it possible for low-level employees to gain full control of the device by accessing default administrative accounts. Other bugs allowed malicious insiders to intercept traffic as it travels between an administrator and the building mediator and to escalate limited privileges. Source: http://www.theregister.co.uk/2010/05/26/cisco_building_control_bugs/


49. May 26, IDG News Service – (National) U.S. need to fight online terrorism recruiting, expert says. The U.S. government lacks a plan to counter terrorist recruiting efforts online, even though such efforts by jihad groups are growing, one terrorism expert told U.S. lawmakers. The U.S. government does not make an effort to engage with people who may be open to terrorist recruiting efforts and dissuade them from joining, a professor in the School of Foreign Service at Georgetown University told lawmakers May 26. The U.K. government has a program that works with local communities to identify possible targets for terrorism recruiting, said the professor, a former scholar in residence at the U.S. Central Intelligence Agency. Instead of on-the-ground programs working with potential targets of terrorism recruiting, U.S. agencies have, in some cases, tried to control terrorism communications on the Internet. “We shouldn’t be censoring the Internet,” he said. “I think the problem is we default toward these very intrusive approaches.” Internet service providers should have protection from lawsuits if they take down terrorism-related Web sites, said a former counterterrorism official with the CIA and the U.S. Federal Bureau of Investigation. Source: http://www.computerworld.com/s/article/9177404/U.S._need_to_fight_online_terrorism_recruiting_expert_says


50. May 26, The New New Internet – (International) Self-published authors warned about phishing attack. BookWhirl.com, a book-marketing site, has issued a warning on recent phishing attacks that have hit self-published authors. According to the BookWhirl management, this scam includes fraudsters sending e-mails that appear to be from an official BookWhirl.com e-mail. These e-mails embody fake names and contact information that only uses the BookWhirl.com’s name to extract personal information for monetary gain. Recipients of these fraudulent e-mails have been advised to verify the e-mail address and contact information of all e-mails received, even if the e-mail appears to be from an official or familiar source. BookWhirl management has emphasized that only e-mail addresses with the domain name of “bookwhirl.com” and the contact details stated on their Web site are considered authentic. Source: http://www.thenewnewinternet.com/2010/05/26/self-published-authors-warned-about-phishing-attack/


51. May 26, ComputerWorld – (International) Amid backlash, Facebook unveils simpler privacy controls. Amid mounting criticism that Facebook lacks adequate privacy controls, the CEO May 26 worked hard during the unveiling of new, simplified privacy controls to drive home the point that the company cares about protecting the personal information of its users. The CEO acknowledged during a press conference this afternoon that executives at the phenomenally successful social networking firm have made mistakes and have communicated badly with users about their privacy concerns. He also said that Facebook heard the loud user complaints about the site’s complicated and frustrating privacy controls, and noted that tools have been built to correct those issues. The criticism that the social networking firm is playing fast and loose with user information mounted significantly in recent weeks after Facebook unveiled a bevy of tools that allow user information to be shared with other Web sites. One of the new settings rolled out May 26 is a single control that limits who can see the content posted by a Facebook user. Source: http://www.computerworld.com/s/article/9177399/Amid_backlash_Facebook_unveils_simpler_privacy_controls


52. May 26, DarkReading – (International) Researchers find new ways to eavesdrop via mobile devices. Cell phones and other handheld devices could become a great way to listen in on spoken conversations, researchers at George Mason University said this week. In a paper, two researchers describe several new plays on the concept of “microphone hijacking,” which has been used for years. The idea is to put spyware on mobile devices — including laptops, cell phones, and PDAs — that can use their built-in microphones to eavesdrop on nearby conversations. In the past, this eavesdropping has usually been done via the victim’s own cell phone or other device. But the two describe a way to bug nearby devices belonging to nearby users to achieve similar results. Under the researchers’ concept, called a “roving bugnet,” the eavesdropper would use a piece of malware called a “bugbot” to listen in on in-person interactions via a nearby smartphone or laptop. Such attacks would be more likely to target specific people (such as an executive or a spouse) than as a broad attack, the researchers said. Source: http://www.darkreading.com/vulnerability_management/security/privacy/showArticle.jhtml?articleID=225200320&subSection=Privacy


53. May 26, DarkReading – (International) Anti-Clickjacking defenses ‘busted’ in top Web sites. Turns out the most common defense against clickjacking and other Web framing attacks is easily broken: Researchers were able to bypass frame-busting methods used by all of the Alexa Top 500 Web sites. The new research from Stanford University and Carnegie Mellon University’s Silicon Valley campus found that frame-busting, a popular technique that basically stops a Web site from operating when it’s loaded inside a “frame,” does not prevent clickjacking. Clickjacking attacks use malicious iFrames inserted into a Web page to hijack a user’s Web session. “There are so many different ways to do frame-busting, and that’s a problem with it,” said one of the lead researchers in the project and assistant research professor at CMU-Silicon Valley. The researcher said he had suspected that frame-busting was weak since it was mainly an “ad-hoc” solution. “But we didn’t know the magnitude of the problem,” he said. “We had trouble finding any sites that were secure against all the attacks we identified.” One of the Stanford researchers, said the toughest frame-busting method of all was Twitter’s, which had some back-up checks in case its frame-busting defense was to fail. Source: http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=225200337&subSection=Vulnerabilities+and+threats


54. May 26, TrendLabs – (International) Windows WMI abused for malware operations. TrendLabs recently handled a client case last March wherein two peculiar malware leveraged a Windows service — Windows Management Instrumentation (WMI) — to execute their malicious routines. WMI lets users access and retrieve information about their OSs. It is particularly useful for administrators, especially in enterprise environments, as it manages applications found on systems connected to a network using any one of various coding languages. It can be considered a database that contains information on anything and everything related to a system’s OS and its users. As WMI contains a huge chunk of data, cybercriminals find it a very likely target for their malicious creations. They can, for instance, introduce specialized pragma to the service to make affected systems do their malicious bidding. Source: http://blog.trendmicro.com/windows-wmi-abused-for-malware-operations/


Communications Sector

55. May 27, Darien Times – (Connecticut) Darien Police phones fail for the third time in 2010. The routine phone system at the Darien, Connecticut Police Department failed for the third time this year on Tuesday. While 911 capability remained intact, the police’s main phone system was rendered useless due to a technology glitch, according to the police chief. “Last year, the town’s IT department installed a new voice-over-Internet phone system so that all of the town agencies were using the same system,” The Darien Times was told Wednesday. “For some unknown reason we have had a couple of failures with the system,” the chief said. “They did identify one problem previously and fixed it, and it did not appear that yesterday’s failure was of the same variety.” Source: http://www.acorn-online.com/joomla15/darientimes/news/local/59853-darien-police-phones-fail-for-the-third-time-in-2010.html

For another story, see item 52 above in the Information Technology Sector