Tuesday, December 28, 2010

Complete DHS Daily Report for December 28, 2010

Daily Report

Top Stories

• CNN reports the Transportation Security Administration was unable to find a woman who breached a security checkpoint at a Texas airport December 25, despite a manhunt that left more than 100 flights delayed. (See item 23)

23. December 26, CNN – (Texas) TSA error causes big delays for Texas airport. The Transportation Security Administration (TSA) was unable to find a woman who breached a security checkpoint at a Texas airport December 25, despite a manhunt that left more than 100 flights delayed. The TSA said agents spotted something suspicious while an elderly woman went through a full-body scanner at the Dallas/Fort Worth International Airport. By the time security agents tried to pull the woman aside for additional screening, she had already moved into the terminal. TSA described the slip-up as a minor error, although it sparked a manhunt throughout the entire airport. Security agents mobilized the command post. Officers searched terminals for the woman, whose photos were given to gate agents. In the process, officers held dozens of flights in order to search planes. After 2 hours of searching, agents still were not able to locate the woman. Agents said she did nothing wrong and likely did not even realize security had flagged her. Source: http://www.ksla.com/Global/story.asp?S=13741290

• The Centers for Disease Control and Prevention announced December 24 it was investigating a 15-state outbreak of salmonella in alfalfa sprouts, according to the Crystal Lake Northwest Herald. (See item 28)

28. December 24, Crystal Lake Northwest Herald – (National) CDC reports salmonella outbreak affects 15 states. The Centers for Disease Control and Prevention (CDC) announced December 24 it was investigating a multi-state outbreak of salmonella in alfalfa sprouts, with 89 reports of a matching strain across 15 states and the District of Columbia. Preliminary results of the CDC investigation indicate a link to eating alfalfa sprouts at a national sandwich chain, the agency said. The CDC said there were reports of 50 cases in Illinois, 14 in Missouri, and 9 in Indiana. Among the 81 people for whom information was available, the CDC said the start of their illnesses ranged from November 1 to December 14, and ranged in age from 1 to 75 years old, with a median age of 28. Of the information available, the CDC said 23 percent of the people affected were hospitalized, with no deaths reported. The CDC said because the pattern associated with this salmonella type commonly occurred in the U.S., some cases currently identified might not be related to the outbreak. The outbreak first was reported December 17 when the Illinois Department of Public Health (IDPH) reported more than 40 people said they had become ill after eating alfalfa sprouts at Jimmy John’s restaurants. The IDPH’s update December 23 raised the count to 50 confirmed Illinois residents, and one Wisconsin resident, with reports stretching over 11 counties in the state. The CDC said the investigation was ongoing, and the agency would continue to monitor new cases, along with the Food and Drug Administration, and state and local public health partners. Source: http://www.nwherald.com/2010/12/23/cdc-reports-salmonella-outbreak-affects-15-states/agxgy43/

Details

Banking and Finance Sector

15. December 27, Slashgear – (International) Chip and PIN security hack prompts censorship rebuke from researchers. Cambridge University has refused to censor a masters student’s thesis on the security flaws in the Chip and PIN security system, rebuking calls from the UK Cards Association trade body to bury the research after allegations it “breaches the boundary of responsible disclosure.” According to s security group researcher, not only is the paper lawful and already in the public domain, it will soon be followed by a similarly-detailed paper on the subject. The Association claimed the loophole utilized has already been fixed when using Barclays bank cards at a Barclays merchant, though that still leaves Chip and PIN systems managed by other banks open to attack. The research had led to the creation of a card-sized monitoring device that can track transactions and flag up — among other things — cases where illegally modified card-readers show one value on-screen and then charge a higher amount to the card. Source: http://www.slashgear.com/chip-and-pin-security-hack-prompts-censorship-rebuke-from-researchers-27121248/

16. December 27, London Telegraph – (International) Online stores insure against cyber-hacking after Wikileaks protest. Online retailers will be offered insurance against cyber-hacking following the recent attack by supporters of Wikileaks. IMRG, a trade body in England, will provide protection against politically-driven “denial of service” attacks that threaten Britain’s 57.8 billion pound online shopping industry. It follows the targeting of payment services PayPal, Visa and Mastercard earlier in December by “hacktivists” who accused them of bowing to U.S. pressure to hinder the release of embarrassing diplomatic cables. Amazon was also attacked because it had removed Wikileaks information from its servers. Christmas shopping was not disrupted, but the movement behind the attacks, calling itself Anonymous, said it would mount similar campaigns in the future. A member of the online security organization ISACA and chief executive of security consultants First Base Technologies, said: “Politically-motivated denial of service is a new threat to online retail because previously the threat has only been from criminals.” Source: http://www.telegraph.co.uk/finance/newsbysector/retailandconsumer/8224968/Online-stores-insure-against-cyber-hacking-after-Wikileaks-protest.html

17. December 26, Kansas City Star – (Missouri) Springfield company files lawsuit over hacker loss. A Springfield, Missouri escrow company has filed a lawsuit against BancorpSouth Bank, accusing the bank of failing to prevent a hacker from stealing $440,000 from the escrow company. The owner of Choice Escrow and Land Title said his company had to take out a loan to cover the loss because the bank wouldn’t refund any of the money. He said it appears criminals infected the escrow company’s computer and stole its user ID and password for its BancorpSouth trust account. The Bancorp senior vice president and director of marketing in Tupelo, Mississippi, said the bank would present its side during court proceedings. He declined further comment. Source: http://www.kansascity.com/2010/12/26/2542677/springfield-company-files-lawsuit.html

18. December 25, Krebs on Security – (International) Carders.cc, Backtrack-linux.org and Exploit-db.org Hacked. Carders.cc, a German security forum that specializes in trading stolen credit cards and other purloined data, has been hacked by security vigilantes for the second time this year. Also waking up to “you’ve been owned” calling cards this Christmas are exploit database exploit-db.org and backtrack-linux.org, the home of Backtrack, an open source “live CD” distribution of Linux. The hacks were detailed in the second edition of “Owned and Exposed,” an ezine whose first edition in May included the internal database and thousands of stolen credit card numbers and passwords from Carders.cc. The Christmas version of the ezine does not feature credit card numbers, but it does list the user names and hashed passwords of the carders.cc forum administrators. The main administrator for exploit-db.org and backtrack-linux.org, confirmed the hacks against the sites were legitimate. In an e-mail, he provided a link to a short statement, noting a hacking team called inj3ct0r initially took credit for the attack, only to find itself also targeted in the current edition of Owned and Exposed. Source: http://krebsonsecurity.com/2010/12/carders-cc-linux-exploit-org-and-exploit-db-org-hacked/

19. December 25, Hillsdale Daily News – (Michigan) Hillsdale-area authorities seek bank robbery suspect. Authorities now believe the same man is responsible for three separate bank robberies of two Southern Michigan Bank and Trust branches in the past year. The most recent robbery occurred December 21 at the Camden branch. A witness at the bank described a car similar to the one spotted near the North Adams branch on the bank’s video surveillance system around the time it was robbed November 22. The car closely matched a mid-90s Buick Regal. A composite sketch of the suspect as described by a witness, has been released. The witness saw the man before the first robbery of the North Adams branch February 17. The witness said the man was acting suspiciously in the parking lot. A detective with the Hillsdale County Sheriff’s Depart-ment said the Camden bank’s last customer before the robbery saw a car parked in the bank lot facing out toward the street near the entrance. The detective said it struck the witness as odd that the vehicle was not in a parking space. As the customer approached the bank, a man started to get out of the car, but stopped when he saw them and got back into the car. The car was described as a white, four-door sedan with a dirty grey trim on the lower door from front to back which is similar in appearance to a mid-90s Buick Regal. The Hillsdale sheriff’s department is investigating the robberies in conjunction with the Michigan State Police and the FBI. Source: http://www.lenconnect.com/news/x1651495527/Hillsdale-area-authorities-seek-bank-robbery-suspect

20. December 25, White Mountain Independent – (Arizona) ‘Skeletor Bandit’ indicted - Defendant charged with robbing banks in Northern AZ. A federal grand jury in Phoenix, Arizona returned a six-count indictment against a 51-year-old male suspect, who hails from Lincoln, California, charging him with multiple bank robberies in Arizona. He is accused of being the “Skeletor Bandit” responsible for robbing six banks. The indictment alleges that between October 22, and December 11, 2010, the suspect robbed six banks in Flagstaff, Phoenix, Prescott, and Surprise. In the first four robberies, the suspect wore a Halloween-style rubber mask with a black hooded sweatshirt while displaying a gun. The robber was dubbed the “Skeletor Bandit” based on the mask’s resemblance to a cartoon character from the 1980’s. In the last two robberies, he wore a fake beard, wig and nose along with a New York Yankees cap, and told witnesses he was armed. The suspect is in custody and will go to trial February 1, 2011 before a U.S. district judge in Phoenix. Source: http://www.wmicentral.com/police/article_94b7b6d8-0ee8-11e0-9397-001cc4c002e0.html

For another story, see item 39 below

Information Technology

38. December 27, SpamfighterNews – (National) Kindsight research reveals 33% home PCs hacked. Kindsight, the developer of “Identity Protection” recently announced 30-day research outcomes after surveying about 200,000 North American households that use the Internet. As a result, it was revealed that 33 percent of household personal computers contracted malware infections and were in severe danger of cyber-crime, ID-theft, and other attacks. Furthermore, after classifying the attacks into four groups, the research found spyware was behind 47 percent of the assaults, whilst Trojans along with other malware leading to ID-theft was behind 21 percent. Botnet attacks, which enable malefactors to seize control over home computers, successfully targeted 26 percent of the contaminated home PCs, while conventional viruses accounted for merely 6 percent of the assaults. Source: http://www.spamfighter.com/News-15556-Kindsight-Research-Reveals-33-Home-PCs-Hacked.htm

39. December 23, Federal Bureau of Investigation – (Minnesota; Texas) Texas man indicted for hacking into computer network, stealing $274,000. A federal indictment unsealed December 23 alleged a 35-year-old Texas man hacked into the computer network of an Eden Prairie, Minnesota, business and stole approximately $274,000. The indictment, which was filed in Minneapolis October 13, 2010, charges the suspect, of Houston, Texas, with one count of unauthorized access to a protected computer in furtherance of fraud, and one count of wire fraud. The indictment was unsealed following the suspect’s initial appearance in United States District Court. The indictment alleges that from December 23, 2008, through October 15, 2009, the suspect hacked into the computer network in order to obtain money belonging to Digital River, Inc., a cyber-based business, through a subsidiary, SWReg., Inc. Source: http://7thspace.com/headlines/367783/texas_man_indicted_for_hacking_into_computer_network_stealing_274000__.html

For another story, see item 40 below.

Communications Sector

40. December 26, eWeek – (National) Verizon, RIM investing in mobile security to protect phones from attackers. Carriers, developers, and phone makers are rolling out new services and features to protect mobile devices from malicious attacks and data breaches. As people increase their use of smartphones to check e-mail, do their banking, and access documents, the wireless industry is addressing mobile device security. The effort is not limited to IT administrators within the enterprises, as carriers and phone makers are deploying new features and services to bring security to the mobile devices, according to the Wall Street Journal. “Everyone is realizing that this is an uncontrolled environment. We don’t want to have the same problems that we had with PCs,” the chief security officer of AT&T, told the Wall Street Journal. Several security vendors have raised the alarm, predicting that various types of mobile threats will appear in 2011. Researchers at Panda Security said there will be new attacks on mobile devices, “but not on a massive scale,” which will target Symbian- and Android-based phones. In many cases, some of the security features are already available within the smartphone operating system. For example, one of the most frequently touted mobile security features for preventing data breaches, remote wipe, is available in the latest version of the Android operating system, as well as for the BlackBerry and iPhone. Source: http://www.eweek.com/c/a/Security/Verizon-RIM-Investing-in-Mobile-Security-to-Protect-Phones-from-Attackers-391875/

41. December 25, Associated Press – (Hawaii) Heavy rain disrupts Oahu landline phone service. Hawaiian Telcom said heavy rain the weekend of December 18 and 19 on the island of Oahu, Hawaii caused water to seep into the company’s cables, shorting circuits and disrupting landline service. The company said cables must be dried out and replaced. This means some customers were expected to temporarily lose service or notice static on the line. The Honolulu Star-Advertiser said readers in Makiki, Pearl City, and Aiea reported phone outages December 23. A Hawaiian Telcom spokesman said crews were working every day in 10- to 12-hour shifts, and would be working through December 25. Technicians from the neighbor islands were flown in to assist with repair efforts. Source: http://www.kpua.net/news.php?id=21886

42. December 25, KDVR 31 Denver – (Colorado) Englewood Police investigate molotov cocktail attack. Authorities recovered as many as 10 explosive devices from inside an Englewood, Colorado cell phone store December 24 after what appears to be a failed attempt to set fire to the business. Officers responded to CTG Wireless, located at 4720 South Santa Fe Circle, at about 7 a.m. after someone called Englewood Police to report several windows had been broken. Inside the store, authorities found as many as 10 explosive devices similar to a “Molotov Cocktail,” said an officer with Englewood Police. “The decision was made to call the Arapahoe County bomb squad just as a precaution,” he said. None of the devices detonated and damage to the store was minimal. Still, neighboring businesses in the strip mall were evacuated until the bomb squad determined the devices no longer posed a threat. Englewood police said the Bureau of Alcohol, Tobacco, Firearms and Explosives is assisting the investigation. Source: http://www.kwgn.com/news/kdvr-explosive-devices-found-in-eng-122410,0,5203900.story

43. December 24, KYMA 11 Yuma/El Centro – (Arizona) Bomb threat called into call center. San Luis, Arizona police officers told News 11 someone called the police department around noon, December 24, claiming there was a bomb at the ACT call center in San Luis. Officers said hundreds of people were at work and had to be evacuated for about two and a half hours. Police brought in a military police bomb detection dog. At about 2:30 p.m., police gave the all clear, and everyone was let back in the building. Police are looking for the person or persons who called in the bomb threat. Source: http://www.kyma.com/slp.php?idN=4519&cat=Local News

Monday, December 27, 2010

Complete DHS Daily Report for December 27, 2010

Daily Report

Top Stories

• According to the BBC News, Microsoft has issued a warning about a serious vulnerability in all versions of its Internet Explorer (IE) browser. If exploited by a booby-trapped Web page, the bug would allow attackers to take control of an unprotected computer. See item 56 below in the Information Technology Sector.

• Reuters reports that the Governor of California declared a state of emergency for several counties December 21 following several days of steady downpours. Lifeguards in rubber boats rescued dozens of hotel guests and homeless people stranded by surging floodwaters in San Diego. And high water swamped the parking lot and football field at nearby Qualcomm Stadium. News sources also reported levee problems and water pollution in Southern California (See items 34, 35, 62, 69, 71, and 72)

34. December 23, Associated Press – (California) California storm leaves mudslides, polluted water. California residents who endured flooding, mudslides, and evacuations during a week-long onslaught of rain now have another problem: contaminated water and fouled beaches. The rain washed trash, pesticides, and bacteria into waterways, prompting health warnings. Four beaches were closed in Northern California’s San Mateo County, and another 12 miles of beach from Laguna Beach to San Clemente in Southern California’s Orange County were off-limits because of sewer overflows. After days of relentless rain, long-awaited sunshine was finally in the forecast for December 23, but officials said Californians may want to resist the urge to head to the ocean. Experts normally recommend waiting 72 hours after a storm before getting in the water, though in this case some are saying five days might be wiser. The contamination in some areas could last for weeks because of the especially heavy rains. The president of Heal the Bay, a Santa Monica based group that monitors and grades beach water quality, said more rain causes more pollution to get flushed into the region’s water system. Source: http://www.usatoday.com/weather/storms/2010-12-23-calif-storm_N.htm?csp=34news

35. December 22, San Bernardino County Sun – (California) Water district declares emergency. The San Bernardino Valley Municipal Water District declared a local emergency in Highland December 22 after a pipeline that transports water to the city, Yucaipa, Redlands and communities in the San Gorgonio Pass was threatened by high flow running through City Creek. The pipe runs under the creek, but was exposed after high flow from heavy rains eroded the creek bed in 2005, said the district General Manager. Flow in the creek measured 6,000 cubic-feet per second the morning of December 22. It is unknown if that flow rate will continue the entire day. If it does, 12,000 acre-feet of water would flow from the creek, enough water to meet the needs of 100,000 people for a year. The flow was enough to possibly erode material securing the pipe to the creek bottom. If that happened, the pipe would sink and crack. A contractor visited the site the morning of December 22, and work was expected to begin to solidify the bed by dumping large rocks around the pipe. Source: http://www.sbsun.com/breakingnews/ci_16920688

62. December 22, Reuters – (California) Hotel guests, homeless rescued from California floods. Lifeguards in rubber boats rescued dozens of hotel guests and homeless people stranded by surging floodwaters in San Diego December 22, as the latest in a string of storms drenched rain-soaked Southern California. A sixth day of heavy downpours — rare for the normally sunny, dry region — flooded streets, knocked out electricity to thousands of homes and businesses, and prompted evacuations in foothill areas prone to mudslides. Heavy rains and flooding prompted a rare closure of the SeaWorld aquatic theme park in San Diego. And high water swamped the parking lot and football field at nearby Qualcomm Stadium, where the Poinsettia Bowl college football game was scheduled for December 23. The Governor of California declared a state of emergency for several counties December 21 following five straight days of steady downpours. In the Mission Valley area of San Diego, lifeguards piloting inflatable boards with outboard motors ferried more than 50 people to safety from the Premier Inn, a hotel surrounded by floodwaters that ran waist-deep in places. Police in the upscale, seaside village of Laguna Beach shut down a seven-block area after more than 3 feet of muddy water swept through downtown streets and ran up against storefronts there, said a police lieutenant. Source: http://www.reuters.com/article/idUSTRE6BL4WX20101222?pageNumber=1

69. December 23, KTTV 11 Los Angeles – (California) Levee problems in San Juan Capistrano. Emergency crews are shoring up a portion of a levee that failed, threatening 400 homes along the banks of Trabuco Creek in San Juan Capistrano. Residents had been advised to leave their homes when rushing water caused concrete along both sides of the creek to give way, but an evacuation order was lifted at 3 p.m. on December 22. Amtrak said the Pacific Surfliner train service between San Diego and San Juan Capistrano was being suspended December 23 because of threats of mudslides and high water. Source: http://www.myfoxla.com/dpp/weather/levee-problems-in-san-juan-capistrano-20101222

71. December 22, San Diego Union Tribune – (California) Levee breached, causes flooding in Tijuana River Valley. Farmers and ranchers were drying out late December 22 after a deluge of rain and flood water from a series of storms hit the low lying Tijuana River Valley. Earlier, heavier storms have subsided but intermittent storms were expected through the evening, forecasters said. Silty brown flood water breached the levee west of Hollister Street near the Tijuana River at 6 a.m. December 22, causing moderate flooding to a few ranches. Eighteen horses were moved to higher ground at Kimzey Ranch at Hollister Street and Monument Road. There were no reported injuries to people or animals due to the flooding. However, San Diego Lifeguards made at least one rescue in the Tijuana River near Dairy Mart Road. The latest downpour battering San Diego County drenched border-area farms and ranches. Veterans of floods in the valley said the situation could still worsen if the river continues to crest. The owner of the Sea Horse Ranch on Hollister Street said the flooding is not as devastating this year as it has been in the past, partly because of city dredging projects and large berms built by the federal government. Source: http://www.signonsandiego.com/news/2010/dec/22/levy-breaks-causing-flooding-tijuana-river-valley/

72. December 22, KSBY 6 San Luis Obispo – (California) Guadalupe’s fire chief says city needs Santa Maria Levee extended. Guadalupe city leaders say the flooding is proof that the Santa Maria levee needs to be extended. The heavy December 19 storms resulted in flooding in the 800 block of Pioneer Street. The Red Cross opened a shelter for families at Guadalupe City Hall that night. On December 21, the city declared a State of Emergency. Guadalupe’s fire chief said, “Along Highway 1 and the north side of Guadalupe, that side we have the levee and that’s the end of the Santa Maria Levee. On the other side, we have no levee at all. “The water has now receded. But when the Santa Maria River filled up, it overflowed through private property, flooding Pioneer Street. It left four apartments, two houses, and a local church flooded. Owen says a similar situation took place in that area seven years ago. He said, “We’re going to have to look at more options than just the levee. But at this point right now, we’re going to try and aim for a levee extension and see where it goes.” Source: http://www.ksby.com/news/guadalupe-s-fire-chief-says-city-needs-santa-maria-levee-extended/

Details

Banking and Finance Sector

15. December 23, Chicago Tribune – (Illinois) Cops ask for help finding Aurora bank robbers. Aurora Police asked for the public’s help today in catching two men who robbed a branch bank in a grocery store that may be linked to a Kendall County, Illinois bank robbery earlier this week. The TCF Bank branch in the Jewel Food store at 1270 N. Lake St., Aurora, was robbed by two men about 1 p.m. December 23, police said. Police and FBI agents are trying to determine if the robbery is connected to another TCF bank robbery by two men at a Jewel in Oswego on December 20, police said. The robbery started when the two men entered the store and one went up to a teller at the bank branch and gave her a note demanding money, according to a police news release. As the one stood near the teller, a second stood near the bank counter, apparently acting as a lookout. Neither one showed or implied he had a weapon, according to police. The teller gave the men cash, and they fled the building, leaving the area on foot. Police described the first man as a black man about 20 to 25 years old, between 5-foot-9 and 6 feet tall and weighing between 140 and 160 pounds, according to police. A surveillance photo shows him wearing a new-style Atlanta Braves hat with a red brim and the letter “A” on the front and a dark-colored hooded jacket. The lookout was described as having about the same physical description but being between 25 and 30 years old. The surveillance photo shows the lookout wearing a dark blue or black padded winter vest, a gray hooded sweatshirt and a dark stocking cap. Source: http://www.chicagobreakingnews.com/2010/12/cops-ask-for-help-finding-aurora-bank-robbers.html

16. December 23, BankInfoSecurity.com – (National) EMV, mobile and the payments landscape. The senior director of risk management policy for the American Bankers Association says a number of emerging technologies, such as the EMV chip standard, mobile payments, and peer-to-peer or person-to-person payments, will soon change the way U.S. financial institutions and merchants connect and transact. And it could all happen in 2011, much sooner than most industry experts expect. Making significant moves payments technology will require discussion and collaboration, among banking institutions, merchants, and regulators, to name a few. “The discussion about EMV will move forward rapidly,” the official says. But it will have many caveats. “I think the U.S. may, in fact, move to adopt EMV, and may move relatively soon,” he says. “I think it may be a unique version of EMV, which would, of course, have to be compatible with EMV, globally.” What about social networks? They, too, are expected to have a big impact in 2011, the official says. “We have seen some social networks begin offering payment facilities,” he says. “These may offer consumers some convenience and certainly familiarity, but they also open them up to the fraudsters, so I think this is something that banks are going to have to watch.” Source: http://www.bankinfosecurity.com/articles.php?art_id=3204

17. December 20, Virginia Gazette – (Virginia) Trio convicted in counterfeit check ring. Three members of a counterfeit check ring conspiracy were sentenced last week for running a two-year fraud scheme throughout the Tidewater, Virginia area that caused more than $50,000 in losses. Banks and businesses, including some in James City County, were among the victims. Each defendant was also ordered to pay restitution in the amount of $55,182.39. In June, a federal grand jury returned a superseding indictment charging all three defendants with a conspiracy to commit bank fraud, substantive counts of bank fraud, possession of counterfeit securities, and aggravated identity theft. According to the evidence introduced at trial, between 2007 and 2010, the three conspirators engaged in a scheme to create and pass counterfeit company checks at various banks throughout the Tidewater area. The scheme extended for more than two years and involved banks and companies in James City County, Norfolk, Hampton, Suffolk, Portsmouth, and other cities in Tidewater. Two of the conspirators recruited dozens of individuals to provide copies of legitimate checks that were then used by one of the conspirators to create counterfeit checks on a computer. That conspirator also recruited individuals, including the third conspirator, to present and cash these counterfeit checks at various financial institutions and other businesses. Source: http://www.vagazette.com/articles/2010/12/20/news/doc4d101e66cae5a606670672.txt

Information Technology

53. December 23, The Register – (Minnesota) Hacker charged over siphoning off funds meant for software devs. An alleged hacker has been charged with breaking into the e-commerce systems of Digital River before redirecting more than $250,000 to an account under his control. The hacker, of Houston, Texas, 35, is charged with fraudulently obtaining more than $274K between December 2008 and October 2009 following an alleged hack against the network of SWReg Inc, a Digital River subsidiary. SWReg specializes in running e-commerce fulfillment systems for smaller software developers who do not want the hassle of developing and maintaining their own online store. An indictment in the case, filed in a federal court in Minnesota, was unsealed December 21. A separate computer intrusion earlier this year obliged Digital River to obtain a court order against an individual who was allegedly planning to sell 200,000 records from a stolen database, net security firm Sophos notes. Source: http://www.theregister.co.uk/2010/12/23/digital_river_hack_charges/

54. December 23, Associated Press – (International) Skype CEO: 21 million Skype users back online. Skype SA is still recovering from an outage caused by undisclosed technology problems. The Internet calling and messaging service was unavailable to almost all of its users starting midday December 22. By the afternoon of December 23, some people still could not log on to Skype. Voice calling, video-chatting, and instant messaging are now working. Group video chats and other features are still down. The Skype CEO says about 21 million users are now logged on. That is about 90 percent of Skype’s usual count for this time of day. The CEO would not say what exactly caused the outage. Skype is still investigating the problem. About 124 million people use the service each month. Source: http://www.google.com/hostednews/ap/article/ALeqM5iUQ-n99E-qoELScynPDTycnvn5PQ?docId=0d9386e53c944aeab4c8eed4b39cb99c

55. December 23, Softpedia – (International) IM worm abuses Facebook’s open redirector. Security researchers from Kaspersky warn that a new instant messaging worm abuses Facebook’s open redirect script in order to add legitimacy to rogue links. Known as Zeroll and detected as IM-Worm.Win32.XorBot.a by Kaspersky’s anti-malware products, the worm spreads via Yahoo! Messenger by posting multi-language spam messages. The messages usually reference a photo and different variants were seen in English, German, Dutch and Romanian. “This is the funniest photo ever! [link]” or “seen this?? :D [link]” are just two examples. The links are of the form http://www(dot)facebook(dot)com/l.php?u=[removed].org/Jenny.jpg. Despite the .jpg termination, the links do not lead to an image as one might expect. Instead they serve a file called PIC1274214241-JPG-www(dot)facebook(dot)com.exe for download. When ran, this executable downloads another file called srce.exe and opens an image depicting two attractive women in order to avoid raising suspicion. Source: http://news.softpedia.com/news/IM-Worm-Abuses-Facebook-s-Open-Redirector-174467.shtml

56. December 23, BBC News – (International) Microsoft warns on IE browser bug. Microsoft has issued a warning about a serious vulnerability in all versions of its Internet Explorer (IE) browser. If exploited by a booby-trapped Web page, the bug would allow attackers to take control of an unprotected computer. Code to exploit the bug has already been published though Microsoft said it had no evidence it was currently being used by hi-tech criminals. A workaround for the bug has been produced while Microsoft works on a permanent fix. The bug revolves around the way that IE manages a computer’s memory when processing Cascading Style Sheets .Microsoft has produced updates that improves memory management, but security researchers discovered that these protection systems are not used when some older parts of Windows are called upon. In a statement Microsoft said it was “investigating” the bug and working on a permanent fix. In the meantime it recommended those concerned use a protection system known as the Enhanced Mitigation Experience Toolkit. Source: http://www.bbc.co.uk/news/technology-12067295

57. December 22, Softpedia – (International) Webmasters largely unresponsive to infection reports from security researchers. Security researchers from Sophos claim that webmasters are generally unresponsive when contacted about their infected Web sites, or if they respond, they do so in a hostile way. Legitimate infected Web sites have become one of the primary vectors for spamming and spreading malware online. They are commonly used as doorway pages in black hat search engine optimization (BHSEO) campaigns or to launch drive-by download attacks. The problem with such Web sites is that they can remain infected over long periods of time if their owners are not persuaded into cleaning them. According to a principal virus researcher at Sophos, adding to the problem is the fact that spotting the signs of infection is not always straight forward. For example, some scripts hide the malicious code unless the user arrives to the site through a search engine. The researcher notes that most Web masters seemed to care only if their Web site was up and appeared normal, without any interest into what happens in the background. Source: http://news.softpedia.com/news/Webmasters-Largely-Unresponsive-to-Infection-Reports-from-Security-Researchers-174394.shtml

Communications Sector

58. December 22, Associated Press – (National) Divided FCC adopts rules to protect Web traffic. Federal regulators adopted new rules December 21 to keep the companies that control the Internet’s pipelines from restricting what their customers do online or blocking competing services, including online calling applications and Web video. The new rules have the backing of the White House and capped a year of efforts by the FCC Chairman to find a compromise. They are intended to ensure that broadband providers cannot use their control of the Internet’s on-ramps to dictate where their subscribers can go. They will prohibit phone and cable companies from favoring or discriminating against Internet content and services that travel over their networks — including online calling services such as Skype, Internet video services such as Netflix, and other applications that compete with their core businesses. The prohibitions, known as “net neutrality,” have been at the center of a Washington policy dispute for at least five years. Source: http://www.google.com/hostednews/ap/article/ALeqM5gyoWGBFkAi1iWOw16boaHXwpf0kg?docId=30e116bd6db54942b7bca7fa8b0b9e11

59. December 21, WBTV 3 Charlotte; Associated Press – (North Carolina) Update: Police identify woman who entered Charlotte TV station With gun. A woman was taken into custody after entering the Charlotte ABC affiliate WSOC-TV with what turned out to be an unloaded gun December 21. Employees of the station were evacuated during the situation. Members of the Charlotte-Mecklenburg SWAT team were called to the station following reports of an individual entering the building with a gun.The female suspect was taken into custody around 5:40pm. The WSOC general manager said that the building was evacuated and went off the air after a woman with a gun was in the lobby. He said no hostages were taken and no one was injured. Source: http://www.digtriad.com/news/local/story.aspx?storyid=152167&catid=57

60. December 20, Network World – (International) WiFi Vulnerabilities: Advances and incidents in 2010. The 802.11n standard was ratified in 2009 and WiFi really took off in 2010, with support showing up in an array of consumer electronic devices. Unfortunately security related issues escalated right along with growing acceptance. Here is a look back at the WiFi security issues that emerged this year: Virtual WiFi leads to rogue access points; MiFi gains popularity; Google’s WiFi snooping controversy; Russian spies and peer-to-peer WiFi links; Fake WiFi stealing data from smartphones; Hole196 uncovered for WPA/WPA WiFi networks; Firesheep turns layman into WiFi hackers; and Smartphone as WiFi attacker. Source: http://www.networkworld.com/news/2010/121020wifiin2010.html?page=1