Monday, November 22, 2010

Complete DHS Daily Report for November 22, 2010

Daily Report

Top Stories

• reported a Malaysian man was arrested at an airport in New York City and charged with hacking into the Cleveland Federal Reserve Bank and stealing more than 400,000 credit and debit card numbers. See item 12 below in the Banking and Finance Sector.

• Fifteen curbside baggage handlers at Miami International Airport were arrested for accepting cash payoffs from travelers to check in extra or overweight and/or unaccompanied bags or boxes, according to the Miami Herald. See item 25 below.

25. November 17, Miami Herald – (Florida) Miami International Airport ‘skycaps’ caught in baggage scam. Dozens of curbside baggage handlers at Miami International Airport in Miami, Florida accepted cash payoffs from travelers to check in extra or overweight bags or boxes — creating a possible security risk and adding extra, unrecorded pounds to airliners, authorities said. Miami-Dade police arrested 15 baggage handlers November 17 employed by Eulen America, the company contracted to check in luggage for American Airlines. The sweep concluded a 9-month investigation spearheaded by Miami-Dade police airport district detectives, American Airlines security, and state prosecutors. Investigators believe the travelers were mostly business operators shipping goods to Latin America who had cultivated relationships with skycaps over months or years. The probe revealed the travelers would call and arrange the deals with skycaps days in advance. In some cases, unaccompanied bags were sent through — an apparent violation of federal transportation regulations for international flights. Source:

Banking and Finance Sector

12. November 19, – (International) Cleveland Federal Reserve hacked. A 32-year-old Malaysian man was arrested shortly after his arrival last month at John F. Kennedy International Airport in New York City. Authorities said he hacked into the Cleveland Federal Reserve Bank and several other computer systems, including a defense contractor. The Malaysian national faces a four-count indictment that charges him with hacking into computer systems, and the possession of more than 400,000 stolen credit and debit card numbers. “Cybercriminals continue to use their sophistication and skill as hackers to attack our financial and national security sectors,” said the United States Attorney for the Eastern District of New York. The suspect’s arrest comes just 1 month after authorities arrested a big cyber crime gang in the United States and Europe for similar crimes. When the suspect arrived in New York October 21, he was arrested hours later by Secret Service agents. The suspect, who is being held in pre-trial detention, “made a career of compromising computer servers belonging to financial institutions, defense contractors and major corporations, among others, and selling or trading the information,” said the United States Attorney for the Eastern District of New York. Source:

13. November 19, Madison Capital Times – (Wisconsin) Former Park Bank official indicted for embezzling $227,764. The former assistant manager of Park Bank’s Sun Prairie, Wisconsin branch was indicted November 18 on accusations that he embezzled $227,764 from the bank last year. The 26-year-old male, of Sun Prairie, who left the bank for unrelated reasons in June, appeared November 18 in U.S. District Court in Madison, where the U.S. Magistrate Judge ordered him jailed until an arraignment is held at a later date. According to a one-paragraph indictment unsealed November 18, the suspect took the money from the bank on or about August 27, 2009. If convicted, the suspect faces up to 30 years in prison. The case is being investigated by the FBI. An agency spokesman said he could not provide any further information. The Park Bank’s vice president of marketing said the suspect worked for Park Bank for more than 4 and a half years. Source:

14. November 19, Reuters – (National) U.S. bars advance fees to loan modification companies. Foreclosure rescue companies and loan modification firms, many of which have been accused of taking money from desperate homeowners and doing little for them, will no longer be allowed to require payment in advance, the Federal Trade Commission (FTC) said November 19. The firms will be barred from asking for payment until home owners receive a written offer from a lender or other mortgage servicer that they decide to accept, the agency said. “At a time when many Americans are struggling to pay their mortgages, peddlers of so-called mortgage relief services have taken hundreds of millions of dollars from homeowners without ever delivering results,” the FTC Chairman said in a statement. The agency has brought more than 30 cases against the companies, which often promise to negotiate with lenders on the homeowners’ behalf and then fail to deliver. A report by the Government Accountability Office completed in July 2010 found home owners were often scammed out of several thousand dollars. Source:

15. November 19, Cherry Hill Courier-Post – (Pennsylvania; New Jersey) South Jersey robbery suspect strikes Philadelphia bank. A bank robber, who is suspected of at least six holdups in New Jersey, on November 18 targeted a Center City bank in Philadelphia, Pennsylvania for the second time in 1 week. The robber took an undisclosed amount of cash from a Republic Bank office in the 800 block of Chestnut Street around 1:20 p.m. Authorities believe he robbed the same office November 11. The man also is suspected of robbing a TD Bank on the Black Horse Pike in Bellmawr, New Jersey September 30 and October 24. He is believed to have robbed New Jersey offices of Sun National Bank in Cherry Hill and Glendora, and a TD Bank in Cherry Hill during a spree that began September 21, according to the FBI. The man, who also robbed a 3rd Federal Savings branch in Philadelphia, attempted to hold up a Beneficial Bank in Audubon, New Jersey authorities said. The suspect, who is considered armed and dangerous, is described as a black man in his mid 20s, about 5-foot-7, with a medium build, a mustache and a goatee. Source:

16. November 17, Toronto Globe and Mail – (International) Classified documents stolen from Bank of Canada Governor Mark Carney’s car. The Bank of Canada is dealing with a serious security breach after a thief smashed the window of the Central Bank Governor’s unattended car in Montreal, Quebec, Canada, and made off with a travel bag containing classified documents. Confirming the theft on November 16, a Bank of Canada spokesman said the stolen documents had differing levels of security classification, and included staff reports and briefing notes that would not affect markets. None of the documents were related to sensitive policy areas such as the direction of interest rates. Source:

Information Technology

46. November 19, IDG News Service – (National) Wiseguy scalpers bought tickets with CAPTCHA-busting botnet. Three California men have pleaded guilty to charges they built a network of CAPTCHA-solving computers that flooded online ticket vendors and snatched up the very best seats for Bruce Springsteen concerts, Broadway productions, and even TV tapings of Dancing with the Stars. The men ran a company called Wiseguy Tickets, and for years they had an inside track on some of the best seats in the house at many events. They scored about 1.5 million tickets after hiring Bulgarian programmers to build “a nationwide network of computers that impersonated individual visitors” on Web sites such as Ticketmaster,, and LiveNation, the U.S. Department of Justice (DOJ) said November 18 in a press release. The suspects pleaded guilty to hacking and wire fraud charges November 18 in U.S. District Court for the District of New Jersey. Two convicts face a maximum of 5 years in prison. The third, who pleaded guilty to just one count of hacking, faces 1 year in prison. The suspects were indicted in February and are set to be sentenced March 15, 2011. A fourth Wiseguy Tickets partner, the chief financial officer, is still at large, DOJ said. Source:

47. November 19, ITProPortal – (International) German hacks national security agency’s hashing algorithm. A German hacker has claimed to have hacked the national security agency’s Secure Hashing Algorithm (SHA1) using rented computing resources. The hacker used GPU-powered rented computing resources to crack 10 out of the 14 SHA1 passwords he was aiming for. He used brute force attacks to achieve the hack in 49 minutes. He managed to hire the computing resources used to hack the SHA1 encryption for $2. Security experts have warned for quite some time that the once powerful password encryption technique is no longer safe to use. Source:

48. November 19, First Post – (International) Murdoch website hacked by Iranian Cyber Army. The Web site of the popular Iranian satellite channel Farsi1 was reportedly hacked November 18 by a group calling itself the Iranian Cyber Army, which is thought to operate under the aegis of the revolutionary guard. The hacking was timed for the start of the Muslim festival of Eid — otherwise known as the festival of sacrifice. Moby runs Farsi1 in partnership with Star TV, the Hong Kong-based TV service owned by News Corp. Farsi1 has been constantly criticized by the Iranian regime, which sees its mix of comedy, soap opera, and U.S.-born programing as corrupting and destructive of family life. As for the Iranian Cyber Army, according to the Persian Letters blog on Radio Free Europe’s Web site, it is almost certain that it is run by the Iranian Revolutionary Guard. Source:,news-comment,technology,murdoch-tv-website-hacked-by-iranian-cyber-army

49. November 18, Computerworld – (International) Apple patches critical ‘drive-by’ Safari bugs. Apple November 18 patched 27 vulnerabilities in Safari for Mac OS X and Windows, 85 percent of them critical bugs that could be exploited to hijack Macs or PCs. Of the 27 flaws fixed in Safari 5.0.3 for Mac and Windows, four were patched by Apple in September in its iOS mobile operating system, and at least three had been addressed by Google in its Chrome browser as far back as mid-August. Chrome and Safari share the open-source WebKit browser engine. Apple identified all 27 vulnerabilities it patched as within WebKit. Most of the vulnerabilities addressed in the Safari updates — Apple also patched the older Safari 4 that runs in Mac OS X 10.4, aka Tiger — were accompanied by the phrase “arbitrary code execution,” which is Apple’s way of saying “critical.” According to Apple, the 23 critical bugs can be exploited by “drive-by” attacks that launch as soon as a victim browses to a malicious Web site. Among the non-critical vulnerabilities was one that could be used by unscrupulous site owners to secretly track users’ browsing habits, even when Safari has disabled cookies. Another flaw could let identity thieves spoof the URL showing in Safari’s address bar, a common tactic of phishers who feed bogus sites to users in the hope of capturing passwords to online bank accounts. Source:

50. November 18, The Street – (International) Yahoo! Finance back up. The Yahoo! Finance Web site was back up and running after going down November 18. The company acknowledged the outage via its Twitter feed. At about 10:45 a.m., Yahoo! Finance tweeted, “Our apologies for the quotes outage. Working to resolve ASAP.” Visitors that tried to view the Yahoo! Finance quote page saw a white screen with the message, “internal error - server connection terminated.” Source:

51. November 17, Computer Business Review – (National) McAfee warns users against 12 online scams this Christmas. McAfee has revealed the 12 most dangerous online scams computer users should be cautious in this holiday season. The “Twelve Scams of Christmas” include iPad offer scams, “Help! I’ve Been Robbed” scam, fake gift cards, holiday job offers, “Smishing”, suspicious holiday rentals, recession scams, Grinch-like greetings, low price traps, charity scams, dangerous holiday downloads, and hotel and airport wi-fi. McAfee Labs director of security research said scams continue to be big business for cybercriminals who have their sights set on capitalizing on open hearts and wallets. McAfee advised Internet users to follow five tips to protect their computers and personal information in lieu of these cyber threats. The security firm has advised users to stick to well-established and trusted sites, and not to respond to offers that arrive in a spam e-mail, text, or instant message. McAfee also advised online users to preview a link’s Web address before clicking, to stay away from vendors that offer prices well below the norm, and to only use trusted wi-fi networks. Source:

For another story, see item 12 above in the Banking and Finance Sector

Communications Sector

52. November 19, Champaign News-Gazette – (Illinois) Complete AT&T fix may take a couple of days. An outage of phone and Internet service was caused by a break in an AT&T line on the University of Illinois campus November 18. An AT&T spokeswoman indicated in an e-mail that the fix might take days to complete. “There is extensive damage to several cables and we expect this rather tedious process of splicing pairs of cables together to take some time. We’d expect some customers will begin coming back online as soon as November 19, but complete restoration could take several days,” the spokeswoman said. She was unable to give the number of affected customers. The break happened shortly after 8:30 a.m. when a third-party contractor was taking core samples near Illinois Street and Mathews Avenue in Urbana and an auger struck the cables. At METCAD, the center that dispatches emergency personnel in most of Champaign County to calls for service, the first hint that there was something wrong came when the deputy director’s computer went “haywire.” The 911 phone lines were rerouted to the Rantoul Police Department by 9:30 a.m. METCAD officials called in extra employees to help field calls there and began notifying the media to let the public know about the glitch. Source:

53. November 19, Tech Herald – (International) Nokia N8 smartphone struck by terminal power malfunction. Nokia’s flagship N8 smartphone has been struck by a mysterious malfunction that causes it to abruptly power down permanently. According to Nokia, the problem points to an installation conflict connected to the handset’s power management system and its internal engine. “We have dressed it down to the way we assemble the engines,” commented the executive vice president in an AFP report, adding that “precautionary measures” have already been deployed in order to fully isolate the issue. However, although admitting there is an issue, a spokesman for the Finland-based company has been quick to note that the power outage has only affected an extremely small number of N8 devices. He also said the problem is covered by the handset’s existing warranty and any device that cannot be properly repaired will be replaced with a new unit at no extra charge. Source:

54. November 19, The Register – (International) Chinese retailers sell Apple-only white iPhone 4s. Chinese resellers are offering locals the white iPhone 4. According to Web site Giz-China, one can pay between $828-$1,205 for the 16GB version, and more for the 32GB model. The handset was labeled in Chinese that the product is for Apple use only and not to be sold. The site said the phones are locked to the AT&T network, suggesting they were destined for the U.S. market rather than the domestic one. That Apple has stocks of the much-delayed — and possibly doomed never to be released — white iPhone was suggested October 2010 when one of the things was spotted in the hands of a user in New York. He said he got it from a friend who works at Apple. Whether the China-sold white iPhones come from there, from Apple’s Chinese operation, or from one of its manufacturing partners is not known. The latter were certainly the source for the parts an enterprising New York teenager used as the basis for the black-to-white iPhone 4 conversion kits he has done rather well selling — to the extent he was accused of fencing stolen goods. Source: