Thursday, April 28, 2011
Complete DHS Daily Report for April 28, 2011
Daily Report
Top Stories
• KSDK 5 reports it will take a year for full repairs to be made to a Missouri Air National Guard base in St. Louis that suffered more than $10 million in damage from an April 22 tornado. (See item 34)
34. April 26, KSDK 5 St. Louis – (Missouri) National Guard base sustains $10 million in damage. The Missouri Air National Guard determined a tornado April 22 in St. Louis caused more than $10 million in damage, leaving several buildings at the facility in need of serious repair and the base covered in debris. The Missouri Air National Guard base is home to the 131st Mission Support Group and several tenant units — about 350 military personnel. The first round of tornado sirens began at 7:30 p.m. and the storm rolled in around 8 p.m., the Missouri Air National Guard said April 26. While the north side of the base went largely untouched, 16 buildings on the south side were hard hit and sustained damage. Airport luggage carts from nearby Lambert Airport were blown onto the base. An antenna array sitting atop one of the base buildings was bent in half. The base suffered from the same level of damage as the neighborhoods that surround it — downed power lines, collapsed walls, and cars that were tossed around like toys. Nearly 150 civilian and military personnel are involved in cleanup and recovery efforts at the base. A commanding officer said she expects the base to be between 75 and 100 percent operational by no later than May 1. Full repairs are expected to take a year at the 46-acre facility. Source: http://www.ksdk.com/news/article/256437/3/National-Guard-base-sustains-10-million-in-damage
• According to Wired, Sony thinks an “unauthorized person” has access to all PlayStation Network account data and passwords, and may have obtained the credit card numbers of the service’s 70 million users. See item 41 below in the Information Technology Sector
Details
Banking and Finance Sector
15. April 27, BankInfoSecurity.com – (International) New wave of wire fraud strikes banks. Between March 2010 and April 2011, 20 incidents of wire fraud hit small and mid-sized U.S. businesses after online banking credentials were compromised. All of the transfers — typically ranging between $50,000 to $985,000 — were routed to Chinese economic and trade companies located near the Russian border. This news comes from an advisory issued by the FBI, the Financial Services Information Sharing and Analysis Center, and the Internet Crime Complaint Center about the unauthorized wire transfers being routed to China. Most of the small-business victims hold accounts with community banks and credit unions, some of which use third-party service providers for online banking services. So far, the 20 incidents tracked by the FBI total $20 million in fraudulent transfer attempts. Actual losses associated with fraudulent transactions, however, total $11 million. Phishing appears to be the point of entry for most of the attacks. Source: http://www.bankinfosecurity.com/articles.php?art_id=3583
16. April 27, H Security – (International) Zeus trojan adds fake investment adverts. The Zeus trojan toolkit has added a new armament to its weapons of mass deception — advertising. Trusteer has reportedly found a new configuration of the fraudsters digital toolkit which injects banner advertisements offering high rates of interest, from 7 to 32 percent per day, into Google and Bing pages. Those adverts linked to a site at http://ursinvestment(dot)com/ which allowed people to “open” investment accounts and wire transfer money to the fake company. The URS Investment pages are no longer online, but the IP address of the site, as reported by Trusteer, is host to pages of a similarly dubious nature which are fake versions of a legitimate company’s Web presence. For example, a “Trustwave” logo on the page, when clicked for verifications, appears to show the site is trusted but on closer examination, is showing the verification status for the U.S. online retailer NewEgg. The trojan configuration also targeted sites such as Forbes and Yahoo Finance, injecting fake articles into pages suggesting the sites were partnered with “URS Investments” and were recommended by Forbes and Yahoo, and offer links to sign up with the site. Other sites which are targeted by the trojan’s configuration include AOL, Amazon, Apple, CNN, Citibank, and ESPN. Source: http://www.h-online.com/security/news/item/Zeus-trojan-adds-fake-investment-adverts-1233415.html
17. April 26, Newark Star-Ledger – (New Jersey) Whitehouse Station woman pleads guilty to $13.6 million Ponzi scheme. The owner of a Branchburg, New Jersey-based investment firm pleaded guilty April 25 to defrauding investors of more than $13.6 million in a Ponzi scheme, and using $7 million to settle gambling debts and pay for travel and personal expenses, a U.S. attorney announced. The 59-year-old woman of Whitehouse Station solicited investments for her firm, Systematic Financial Associates, Inc., by telling people a number of stories, the most popular being she would use their money to fund loans to doctors for their quarterly pension plans, the attorney said. Some investors thought they were buying Medicare “bonds” and their money would be backed by the federal program. Others believed their money was insured by the Federal Deposit Insurance Corporation, or personally guaranteed by the woman. On occasion, she directed her clients to transfer money from other investments into her scheme. To persuade investors to believe her story, she made up doctors that needed help or forged names of real doctors on promissory notes, sometimes giving investors schedules reflecting when they could expect a return on their money, usually 6 to 11 percent. After maintaining the fraud for more than a decade, she collected about $13.6 million from about 127 investors. She faces a maximum of 20 years in prison and a $5 million fine for the securities fraud count, and 10 years in prison and a $250,000 fine for transacting with money fraudulently obtained. Sentencing is scheduled for August 3. Source: http://www.nj.com/business/index.ssf/2011/04/fraud_ponzi_scheme_investment.html
18. April 26, Detroit News – (Michigan) Farmington investment adviser pleads guilty in $7 million fraud. A Farmington Hills, Michigan investment adviser accused of spending an estimated $7 million in investor funds on strippers, gambling, and personal expenses pleaded guilty April 26 to bank fraud charges in federal court. The 56-year-old man told clients to liquidate their securities investments and invest the money through him, according to court records. The case involves up to 20 victims, many elderly, according to court records. The man, however, deposited the money into his own accounts and made some “interest” payments to other investors to perpetuate the scheme, court records show. He faces up to 30 years in prison. He is currently serving a 1-year sentence in the Macomb County Jail for stealing more than $100,000 from an elderly Macomb County client. Source: http://www.detnews.com/article/20110426/METRO/104260425/1361/Farmington-investment-adviser-pleads-guilty-in-$7-million-fraud
19. April 21, Federal Bureau of Investigation – (New Jersey; New York) Staten Island businessman arrested on fraud charges for operating multi-million-dollar Ponzi scheme. A man from Staten Island, New York, was arrested April 21 on charges arising out of his alleged operation of a $12 million Ponzi scheme from 2007 to 2010. The founder and president of the Great Atlantic Group, Inc., a Staten Island-based real estate and financial consulting company, was charged with securities fraud, wire fraud, and money laundering in a federal indictment unsealed April 21 in federal court in Brooklyn. As alleged in the indictment, the man solicited investments in Third Millennium Enterprises, Inc. and 150 West State Street Corp., both associated with Great Atlantic that supposedly invested in real estate projects and provided private mortgages. He told prospective investors he would invest their money in real estate projects, including projects in Trenton, New Jersey, a warehouse in Utica, New York, and a golf course development project. From 2007 through 2010, investors contributed about $12 million to Third Millennium and 150 West State Street. As of December 2010, the combined closing balance of the bank accounts associated with the two companies was less than $15,000. Some investors were encouraged to obtain mortgages on their homes and to invest the proceeds with Third Millennium or 150 West State Street, and other investors, typically senior citizens, were encouraged to apply for reverse mortgages on their residences and to invest the proceed. The indictment charges that, by as early as January 2007, the suspect had virtually stopped investing in real estate projects, and instead operated Third Millennium and 150 West State Street as a Ponzi scheme. Source: http://www.fbi.gov/newyork/press-releases/2011/staten-island-businessman-arrested-on-fraud-charges-for-operating-multi-million-dollar-ponzi-scheme
For another story, see item 41 below in the Information Technology Sector
Information Technology
38. April 27, Softpedia – (International) SpyEye adds support for Chrome and Opera. According to reports from the cyber criminal underground, the latest version of the SpyEye trojan comes with form grabbing support for Google Chrome and Opera, two browsers largely untouched by malware so far. A security researcher has published a screenshot taken from the trojan’s latest “builder” version and it has checkboxes for the anti-Rapport and Firefox webinjects plugins, as well as for Opera and Chrome form grabbers. These two new components are aimed at stealing information typed into Web forms. While this is not as advanced as injecting code into displayed Web pages, it represents a serious attack against users who believe that using alternative browsers keeps them safe. It is not yet entirely clear how these new form grabbers work, whether the malware hooks into the browsers’ DLLs or is using extensions. The hooking approach appears more likely because the APIs available to Chrome and Opera extensions are limited. In addition, only version 11 of Opera supports extensions. Source: http://news.softpedia.com/news/SpyEye-Adds-Support-for-Chrome-and-Opera-197026.shtml
39. April 27, The Register – (International) Free and subdomain hosting lets phishing sites live longer. A growing numbers of phishers are using free domains and subdomain to register net fraud sites, a move that seem to have allowed phishing sites to stay online longer. Official figures from the Anti-Phishing Working Group records that around 11 percent of all phishing attacks took advantage of either the free .TK domain registration service or the CO.CC subdomain service during the second half of 2010. The Group found that 11,768 phishing Web sites were hosted on subdomain services, up 42 percent from the first half of 2010. The increased use of the sub-domain tactic seems to be designed to make it harder to get offending sub-domains taken down. As a result of this, in part, the time offended domains get to live has increased to a 3-year high. Source: http://www.theregister.co.uk/2011/04/27/phishing_trends_apwg/
40. April 26, Bay City News Service – (California) Explosion at Agilent plant in Santa Rosa injures 3. An explosion at the Agilent Technologies facility in Santa Rosa, California, April 27 left 3 people injured and prompted the evacuation of about 100 employees, a company spokesman said. The explosion happened at about 10:30 a.m. in Building One at 1400 Fountaingrove Parkway. It occurred in a ground-floor laboratory, in an area where integrated circuits are made using molecular beam epitaxy, the Agilent spokesman said. The explosion injured two employees. One was a man who was cleaning a machine when there was a chemical flash, the spokesman said. He said cleaning the machine generally involves wearing a protective body suit, but he did not know whether the man was wearing one when the incident occurred. The other employee, a female contract employee from Volt, was injured when something fell and hit her on the head outside of the laboratory, the spokesman said. A Santa Rosa firefighter who was one of the first to respond to the incident was also injured. About six engines from the Santa Rosa Fire Department responded. Rincon Valley Fire Department offered mutual aid, with four fire engines, one truck and two chief officers. Agilent’s own chemical emergency response team also responded. No flames were found, but there was some damage to the lab, the spokesman said. The cause of the explosion is under investigation. There were about eight chemicals involved, according to a fire inspector. She did not know what those chemicals were. Source: http://www.baycitizen.org/blogs/pulse-of-the-bay/explosion-agilent-plant-santa-rosa-3/
41. April 26, Wired – (International) PlayStation Network hack leaves credit card info at risk. Sony thinks an “unauthorized person” now has access to all PlayStation Network account data and passwords, and may have obtained the credit card numbers of the service’s 70 million users, Wired reported April 26. The PlayStation maker said it believes hackers have access to customers’ vital data, including names, birthdates, physical and e-mail addresses, and PlayStation Network/Qriocity passwords, logins, handles and online IDs. Credit card information, purchase histories and other profile data stored on the PlayStation Network servers also could be compromised, the Japanese company said in a blog post April 26. “While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility,” reads the post, which Sony said it will e-mail to all PlayStation Network account holders, as well as users of its Qriocity streaming-media service. “If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.” The PlayStation Network, which provides online gameplay and digital game shopping for owners of PlayStation 3 and PSP devices, has been down since April 20, following what Sony called an “illegal intrusion” on its servers. The company said it expects to restore “some services” within a week. Source: http://www.wired.com/gamelife/2011/04/playstation-network-hacked/
Communications Sector
42. April 26, Progressive Railroading – (National) NTSB restores online safety recommendations database. The National Transportation Safety Board (NTSB) recently restored Web access to its safety recommendations database, which had been offline for about 5 months. The database has been audited and verified, and features a few non-visible changes designed to improve information accuracy, according to the NTSB. To date, the database includes 13,450 total safety recommendations, 2,156 railroad and transit recommendations, and 239 open-status recommendations from railroads, transit agencies, governments and associations, according to the NTSB. Source: http://www.progressiverailroading.com/news/article/NTSB-restores-online-safety-recommendations-database--26428
No comments:
Post a Comment