Tuesday, January 4, 2011
Complete DHS Daily Report for January 4, 2011
Daily Report
Top Stories
• The New York Daily News reports more than 900 Long Island, New York homes were evacuated, and major highways were shut for hours, January 1, after a propane deliveryman found a leaky valve in a 30,000-gallon tank he was filling. (See item 1)
1. January 2, New York Daily News – (New York) 900 people flee area as propane fumes from leaky tank spark evacuations on Long Island. More than 900 Long Island, New York homes were evacuated January 1 after a propane deliveryman found a leaky valve in a 30,000-gallon tank he was filling, officials said. The gas leak posed a serious enough threat to send 200 Shirley residents to an emergency shelter at William Floyd High School in Mastic. Families rushed from their homes around 2 a.m. Mastic firefighters were first to arrive on the scene near a Kohl’s department store in Shirley. They estimated 7,000 to 9,000 gallons of gas had escaped from the tank, filling the area with an ominous fog. No injuries were reported as a result of the leak, officials said. The broken valve connected to the underground tank was frozen and sealed around 3 p.m., officials said. Police shut down sections of the Sunrise Highway, Montauk Highway and other busy thoroughfares in the area, clogging holiday traffic for miles. Long Island Rail Road service was suspended between Speonk and Patchogue for hours. Fearing a spark would set off an explosion, Suffolk police and fire officials banned cars in the area, and themselves rode bicycles during the emergency effort. It was not immediately clear who owned the tank, a spokesman said. Source: http://www.nydailynews.com/ny_local/2011/01/02/2011-01-02_hundreds_flee_propane_fog_900_evacuate_as_fumes_spew_from_li_tank.html?r=news
• According to WCAU 10 Philadelphia, unidentified fumes at St. Cyril’s Church of Jerusalem in Warwick, Pennsylvania sent 16 parishioners and emergency responders to hospitals January 2. (See item 65)
65. January 2, WCAU 10 Philadelphia – (Pennsylvania) Bucks County church evacuated due to fumes. Unidentified fumes at St. Cyril’s Church of Jerusalem in Warwick, Pennsylvania, sickened 16 parishioners and emergency responders January 2. Bucks County officials are calling this a “mass casualty” incident. A call was placed to emergency services around 9:40 a.m. reporting people fainting at the church on Almshouse Road. Police, fire officials, and haz-mat teams quickly responded to the scene. Members of the first response crew that entered the church were also sickened by the fumes. The county labeled the event “code yellow,” requiring additional emergency workers. The church had been filling up with people who had come for the 10 a.m. service. There were about 300 people inside the church at the time of the incident. While emergency responders went to work, churchgoers held mass outside on the church parking lot. The cause of the illness has not yet been determined. Those who fell ill underwent blood test, and were taken to Doylestown and Abington hospitals. There were no fatalities. Source: http://www.nbcphiladelphia.com/news/local-beat/PHI-Hazmat-Called-to-Church-112771744.html
Details
Banking and Finance Sector
16. January 3, BankInfoSecurity.com – (National) Top 9 security threats of 2011. Mobile banking and social networks are expected to pose new security threats in the payments space in 2011. But security experts said those threats would not displace the Zeus botnet, malware attacks, and phishing threats, which for years have plagued banking institutions. Fraud attempts will escalate, not diminish, as new threats and channels blossom in 2011. As 2010 came to a close, Information Security Media Group caught up with a handful of leading industry experts to get their takes on the top security threats of 2011. The top 9 threats of 2011 include:(1) Mobile Banking Risks, (2) Social Networking Risks, (3) Malware, Botnets, and DDoS attacks, (4) Phising, (5) ACH Fraud that leads to Corporate Account takeovers, (6) Cloud Computing Risks, (7) Insider Threats, (8) First Party Fraud, and (9) Skimming Attacks. Source: http://www.bankinfosecurity.com/articles.php?art_id=3228
17. January 1, Minnneapolis Star Tribune – (Minnesota) Cyber crime trail leads to Winona State students. A U.S. Department of Homeland Security investigation dubbed “Operation eMule” has led federal agents to a pair of 22-year-old foreign-exchange students in Winona, Minnesota, who are suspected to be part of a sophisticated cyber crime ring based in Vietnam that has been misusing the identities of countless Americans to bilk online retailers out of millions of dollars. Numerous major companies have been stung in the scam, including eBay, PayPal, Amazon, Apple, Dell, and Verizon Wireless, according to federal court documents. Authorities said the operation is built around stolen identities used to open accounts with eBay, PayPal, and U.S. banks. Through those accounts, the fraudsters sell popular, expensive merchandise at discounted prices. The sellers fill the orders by purchasing the goods from other vendors using stolen financial accounts. When the identity-theft victims protest the charges, the merchants end up holding the bag. The two Winona State University students controlled more than 180 eBay accounts and more than 360 PayPal accounts opened using stolen identities, according to documents unsealed December 29 by a federal magistrate judge in St. Paul. Source: http://www.startribune.com/local/112754219.html?elr=KArks7PYDiaK7DU2EkP7K_V_GD7EaPc:iLP8iUiD3aPc:_Yyc:aU7DYaGEP7vDEh7P:DiUs
18. January 1, Los Angeles Times and KTLA 5 San Diego – (California) Suspect in six robberies is arrested at San Ysidro border crossing. A 41-year-old man from Fresno, California suspected of committing half a dozen robberies throughout California was arrested on New Year’s Eve trying to enter the United States at the San Ysidro border crossing, the FBI announced January 1. The suspect, a U.S. citizen, was booked into jail in downtown San Diego. He is charged with the robbery of a payday loan business in San Diego December 20, and a bank in San Diego. He is also suspected of robbing banks in Fresno, Tulare, and Thousand Oaks, and robbing a pedestrian outside a hotel/casino in Lemoore, about 30 miles south of Fresno, the FBI said. The name “Dapper Bandit,” bestowed by the FBI, comes from the appearance of the robber during the bank jobs: black golf hat, gray or black sports jacket, and black high-collared shirt. He is accused of threatening tellers with a black semi-automatic pistol. Source: http://latimesblogs.latimes.com/lanow/2011/01/dapper-bandit-suspect-arrested-san-ysidro.html
19. January 1, Raleigh News & Observer – (North Carolina) Female Raleigh bank theft suspect might be serial robber. A woman who robbed a Wachovia bank in West Raleigh, North Carolina, December 30 may be a serial robber who has hit other banks along the East Coast, authorities reported. Police are still searching for the heavy-set woman who passed a note to a bank teller at a Wachovia branch at 4530 Western Blvd. just before 11:30 a.m. and made off with an undisclosed amount of cash. According to the Web site ncbankrobbers.com, federal authorities in North Carolina and South Carolina think the woman is responsible for robberies that occurred in Wilmington and Myrtle Beach, South Carolina, in October. FBI agents in North Carolina reported a woman, wearing a long dark wig and carrying an oversize purse, robbed New Bridge bank in Wilmington October 12. FBI agents in South Carolina think the same woman robbed Conway National Bank in Myrtle Beach October 11. Police have described her as a heavy-set woman in her mid- to late 20s. She was last seen in Raleigh wearing a green hooded sweatshirt, black skullcap, light-colored pants, and dark sunglasses with gold trim. Source: http://www.newsobserver.com/2011/01/01/892752/police-suspect-woman-in-series.html
20. December 31, NBC San Diego – (California) FBI ID’s suspect in 4 bank robberies. A bank robbery suspect, 42, was charged the week of December 27 with two counts of bank robbery in a federal complaint, authorities said in a news release issued December 31. Those incidents took place April 20 at the Chase Bank in the 5800 block of Balboa Avenue in San Diego, California and April 26 at the same bank. The FBI said December 31 “the same unknown male bank robber allegedly” robbed the US Bank at 6325 Adobe Road, in Twentynine Palms, California May 24, and the Bank of America in the 57150 block of Twentynine Palms Highway in Yucca Valley July 22. Investigators said the San Bernardino County Sheriff’s Department received information in June identifying the man in connection to the U.S. Bank robbery in Twentynine Palms. A warrant was issued, and, the week of December 27, San Diego police and the FBI said they connected the suspect to the robberies in San Diego in April. The suspect is 5 feet 9 inches tall and weighs 240 pounds. The FBI is offering a reward of up to $1,000 for information leading to the suspect’s arrest and conviction. Source: http://www.nbcsandiego.com/news/local-beat/FBI-IDs-Man-Connected-to-4-Bank-Robberies-112721379.html
21. January 1, United Press International – (Texas) Bail set for Texas bank holdup suspects. Bail was set at $13 million each January 1 for two men accused in a failed holdup of a Houston, Texas-area bank, while additional suspects were sought, police said. A spokesman with the Pearland Police Department said the two suspects were each charged with 13 counts of aggravated robbery, the Houston Chronicle reported. The number of counts corresponded to the number of people they are accused of having taken hostage December 31 at a Chase Bank branch, the newspaper said. The botched robbery turned into a nearly 5-hour hostage situation before the two suspects were taken into custody. Authorities were looking for at least two additional suspects seen fleeing the scene but were not certain exactly how many people were involved in the holdup, ABC News reported. “We are working with the FBI and a task force in order to apprehend the suspects,” the spokesman told ABCNews.com. A bank employee was assaulted and shots were fired during the episode, but no one was seriously injured and no money was taken from the bank branch, the Chronicle said. Source: http://www.upi.com/Top_News/US/2011/01/01/Bail-set-for-Texas-bank-holdup-suspects/UPI-11471293931021/
Information Technology
55. January 3, Computerworld – (International) Chinese hackers dig into new IE bug, says Google researcher. An accidental leak may have confirmed Chinese hackers’ suspicions that Internet Explorer has a critical unpatched vulnerability, a security researcher said January 1. The bug was one of about 100 found by a noted browser vulnerability researcher and Google security engineer using a new “fuzzing” tool. The vulnerabilities were in IE, Firefox, Chrome, Safari, and Opera. According to the researcher’s account, a developer working on WebKit — the open-source browser engine that powers Apple’s Safari and Google’s Chrome — “accidentally leaked” the location of the then-unreleased fuzzing tool. Google’s search engine then added that location to its index. “On December 30, I received ... search queries from an IP address in China, which matched keywords mentioned in one of the indexed cross_fuzz files,” the researcher said. Those searches were looking for information on a pair of functions in “Mshtml.dll,” IE’s browser engine, that he said were unique to the vulnerability, and that had “absolutely no other mentions on the Internet at that time.” The person or persons searching for the functions then downloaded all the available cross_fuzz files. Source: http://www.computerworld.com/s/article/9202959/Chinese_hackers_dig_into_new_IE_bug_says_Google_researcher
56. December 31, H Security – (International) 27C3: danger lurks in PDF documents. At the 27th Chaos Communication Congress (27C3) in Berlin, Germany a security researcher from the U.S. company FireEye noted security problems in connection with Adobe’s PDF standard. A PDF can reportedly contain a database scanner that becomes active and scans a network when the document is printed on a network printer. Also, it is reportedly possible to write PDFs that display different content in different operating systems, browsers, or PDF readers – or even depending on a computer’s language settings. The researcher said other risks are generated through the support of inherently insecure script languages such as JavaScript, formats such as XML, RFID tags and digital rights management (DRM) technologies. Source: http://www.h-online.com/security/news/item/27C3-danger-lurks-in-PDF-documents-1162166.html
57. December 30, Softpedia – (International) Windows phone marketplace hack demoed. A whitehat hacker has cracked the digital rights management system enforced by Microsoft on Windows Phone 7 and demonstrated a simple method that allows users to install any application from the Windows Phone Marketplace for free. The Windows Phone Marketplace is Microsoft’s online store for Windows Phone 7 applications and allows users to browse, try and install free or commercial apps. During the week of December 26, a user posted on the XDA forums a guide covering is needed to crack the protection of the Windows Phone Marketplace. Most of the steps in that guide were already doable to some extent except one — removing the XAP (app installer format) signature. WPCentral reports a developer created a simple application, which allow people to download and crack any XAP file from the official marketplace. The tool was demoed in a video, but has not been publicly released. Source: http://news.softpedia.com/news/Windows-Phone-Marketplace-Hack-Demoed-175566.shtml
58. December 30, Computerworld – (International) Microsoft warns of Word attacks. Hackers are exploiting a vulnerability in Microsoft Word to plant malware on Windows PCs, Microsoft said December 28. The bug in Microsoft Word 2002, 2003, 2007, and 2010 was patched November 9 as part of Microsoft’s monthly security update. Word 2008 and 2011 for the Mac have also been patched, but Microsoft has not yet issued a fix for the same flaw in the older Word 2004. The circulating attacks affect only Windows versions of the suite, however. According to the Microsoft Malware Protection Center (MMPC), the group that investigates attack code and issues signature updates for the company’s antivirus software, the first in-the-wild exploits were detected the week of December 19. When Microsoft shipped the Word patch in November, it rated the bug as “1” on its exploitability index, meaning it believed a working attack would pop up within 30 days. The attack uses a malicious RTF (Rich Text Format) file to generate a stack overflow in Word on Windows, said an MMPC researcher. Following a successful exploit, the attack code downloads and runs a Trojan horse on the compromised computer. Source: http://www.computerworld.com/s/article/9202819/Microsoft_warns_of_Word_attacks
59. December 30, Help Net Security – (International) The significant decline of spam. In October 2010, Commtouch reported an 18 percent drop in global spam levels (comparing September and October). This was largely attributed to the closure of Spamit around the end of September. Spamit is the organization allegedly behind a fair percentage of the worlds pharmacy spam. Analysis of the spam trends to date reveals a further drop in the amounts of spam sent during Q4 2010. December’s daily average was around 30 percent less than September’s. The average spam level for the quarter was 83 percent down from 88 percent in Q3 2010. The beginning of December saw a low of nearly 74 percent. The nature of the spam attacks has also clearly changed. The pre-October graph shows large fluctuations in the amounts of spam sent. In Q4 2010 there were generally lower fluctuations — aside from two large outbreaks in mid-October and mid-December. The large amounts of pre-Christmas spam are something of a tradition, but the outbreak was smaller than most of the large outbreaks in 2010. In the past, spam levels have decreased only to return to even higher levels within short periods. Source: http://www.net-security.org/secworld.php?id=10381
Communications Sector
60. January 3, BBC News – (International) New year mobile bug strikes French texters. Hundreds of French mobile phone users said a bug prompted them to send dozens of unintended new year messages. French mobile operators have already revealed that 930 million texts were sent on New Year’s Eve (December 31) and New Year’s Day (January 1). Now it has emerged that individual Orange customers unwittingly sent as many as 130 text or picture messages — potentially at a high extra cost. Orange has blamed a “network operator failure” for the bug, saying it affected only a few hundred people. Dozens of customers complained the problem led to them being charged hundreds of euros extra. Multimedia (MMS) messages tend to be charged at a higher rate than text only (SMS) messages. One user wrote on an Orange user forum that he had been billed for 300 picture messages. Another complained his family and friends had received the same MMS text 15 times. Orange, which is owned by France Telecom, pledged that no-one would be overcharged. A spokesman for the company said that one “of the network operators had had technical problems during the night” and refused to name the operator in question. However, other operators insisted they had not encountered any difficulties. Source: http://www.bbc.co.uk/news/world-europe-12107920
61. January 2, eWeek – (International) Google Android Trojan, FBI raid linked to Operation Payback lead security news. During the final week of 2010, researchers at Lookout Mobile Security uncovered a sophisticated Trojan in the wild dubbed “Geinimi” going after Android devices in China. According to Lookout, the Trojan displays “botnet-like capabilities” and is being grafted onto repackaged versions of legitimate applications distributed in third-party Chinese Android app stores. The firm advised Android users to only download apps from trusted sources, and to always check the permissions an application requests. Source: http://www.eweek.com/c/a/Security/Google-Android-Trojan-FBI-Raid-Linked-to-Operation-Payback-Lead-News-406931/
62. December 31, Telemanagement – (International) Hackers breach Motorola phones. Researchers at the Chaos Computer Club Congress (CCC) in Berlin, Germany demonstrated a relatively easy hack of a Motorola mobile device by acquiring its ID and grabbing text and voice messages as they pass between a handset and a base station. The researchers’ work builds on earlier research that found holes in many parts of GSM technology, the most widely used in the world today. The pair spent a year putting together the various parts of their simple system. Much of the capabilities are not new, but the clincher was the ability to record data off the air, as well as the fact that the inexpensive Motorola phones can have their onboard software swapped for an open source alternative. This was made possible when a description of the firmware leaked to the Internet. Source: http://www.tele-management.ca/content/23539-hackers_breach_motorola_phones
For another story, see item 57 above in the Information Technology Sector
No comments:
Post a Comment