Wednesday, May 11, 2011
Complete DHS Daily Report for May 11, 2011
Daily Report
Top Stories
• Associated Press reports federal regulators ordered in-depth inspections at Browns Ferry Nuclear Power Plant in Alabama, after deciding the failure of an emergency cooling system could have been a serious safety problem. (See item 6)
6. May 10, Associated Press – (Alabama) Ala. nuclear plant cited for safety. Federal regulators ordered in-depth inspections May 10 at Browns Ferry Nuclear Power Plant run by the Tennessee Valley Authority (TVA) in Alabama, after deciding the failure of an emergency cooling system there could have been a serious safety problem. The U.S. Nuclear Regulatory Commission (NRC) issued a red finding — the most severe ranking the agency gives to problems uncovered in its inspections — against the plant after it investigated how a valve on a residual heat removal system became stuck shut. Safety regulators said only five red findings have been issued nationwide in the past decade. In an emergency, the failure of the valve could have meant that one of the plant’s emergency cooling systems would not have worked as designed. The problem, which was identified as the plant was being refueled in October 2010, was fixed before the reactor was returned to service. “The valve was repaired prior to returning the unit to service and Browns Ferry continued to operate safely,” said the NRC’s Region II administrator. “However, significant problems involving key safety systems warrant more extensive NRC inspection and oversight.” It was not clear whether TVA officials would appeal the finding. TVA officials attributed the valve failure to a manufacturer’s defect, and said they inspected all similar valves in the facility. NRC officials were critical of the utility for not identifying the problem sooner through routine inspections and testing. The valve failed sometime after March 2009, but was not discovered until more than a year later. As part of the upcoming inspections, the NRC said it will review the plant’s performance, its safety culture and its organization. Source: http://www.google.com/hostednews/ap/article/ALeqM5hXNh72muUm_euidsqjuArVZrZJTw?docId=34f76c9a06a64585b9f953f61acd441e
• According to the Associated Press, nearly four dozen drivers of tour buses, taxis, and other commercial vehicles were charged with felonies for holding commercial licenses even though they had other licenses suspended under different names. (See item 18)
18. May 9, Associated Press – (New York) NY crackdown ensnares 46 bus drivers. Nearly four dozen drivers of tour buses, New York City buses, taxis, and other commercial vehicles were charged with felonies for holding commercial licenses even though they had other licenses suspended under different names, New York’s governor announced May 9. The latest and broadest crackdown on commercial drivers comes after a tour bus crash in March that killed 15 people returning to New York City from a Connecticut casino. The licensed drivers include four working for the Metropolitan Transportation Authority (MTA), one of whom is a mechanic who also drives buses in MTA facilities. Their driver’s licenses are suspended pending court action. “Many of the individuals arrested today obtained multiple driver licenses in order to collect benefits, and even worse, to conceal violent criminal histories,” said the New York City police commissioner. He told the Associated Press the arrests were the result of partnerships with authorities from the New York City Police Department and U.S. Customs, along with prosecutors in suburban Westchester, Rockland, and Nassau counties, and in the New York City boroughs of Queens, the Bronx, and Brooklyn. The state department of transportation has made 1,960 surprise roadside inspections since March 17. State police issued 197 tickets and 173 bus drivers and 143 buses were sidelined.The department of motor vehicle facial recognition technology, first used last year, has so far identified more than 3,000 people with multiple licenses. More than 600 were arrested on felony charges. Source: http://www.google.com/hostednews/ap/article/ALeqM5hB300YeY6lf80RVAMPX9PuXiPFvQ?docId=d39882209d7a4a88b8b9db0009799c36
Details
Banking and Finance Sector
11. May 10, Wall Street Journal – (National) Reports of mortgage fraud reach record level. Reports of mortgage fraud, which have been increasing since the housing boom, rose to their highest level on record in 2010, Treasury Department figures showed May 9. The Financial Crimes Enforcement Network, a Treasury agency, reported 70,472 “suspicious activity reports” related to suspected mortgage fraud, up from 67,507 in 2009, or a 5 percent increase. That is the highest number recorded by the government since tracking began in 1996. At the height of the U.S. housing boom, in 2006, more than 37,000 fraud reports were recorded. In 2001, before the housing market heated up, there were 4,695 reports of suspected mortgage fraud. Much of the suspected fraud being reported took place several years ago and is only now coming to light, according to Lexis-Nexis’s Mortgage Assert Research Institute, a data service, which issued a report May 9 highlighting the statistics. Last July, the Obama administration began a broad effort to investigate and prosecute mortgage fraud that resulted in 485 arrests and 1,215 criminal defendants in cases that resulted in the recovery of about $147 million of $2.3 billion in losses, according to the Department of Justice. Source: http://online.wsj.com/article/SB10001424052748704681904576313591278154546.html?mod=googlenews_wsj
12. May 10, Associated Press – (California) 6 charged in LA with ID theft, $3m bank fraud. A federal grand jury in Los Angeles, California, has charged six people with an identity theft fraud that cost banks more than $3 million. The U.S. attorney’s office said the jury returned a 29-count bank fraud indictment the week of May 2 against an Arkansas woman and six associates from Los Angeles, Beverly Hills, and Carson. Prosecutors said they stole Social Security numbers and other personal information from people with good credit scores, then used the information to set up phony businesses and obtain more than 70 lines of credit from Bank of America and Wells Fargo. The money was used for personal expenses. All six have been arrested. If convicted, they could be could be sentenced to hundreds of years in federal prison. Source: http://www.mercurynews.com/portal/breaking-news/ci_18031938?nclick_check=1&_loopback=1
13. May 10, Spokane Spokesman-Review – (Washington) ‘Bad Hair Bandit’ strikes again. A bank robber dubbed the “Bad Hair Bandit” and linked to as many as 15 holdups across Puget Sound and Eastern Washington, struck May 9 in Spokane, Washington. Deputies were dispatched at 12:17 p.m. to the Chase bank branch at 822 W. Francis Avenue after employees said a woman entered the building and demanded money while implying she had a weapon, a sheriff’s spokesman said. Witnesses described the woman as a 5-foot-6, 220-pound white female. Tellers said she had dark brown hair with bangs and possibly a wig. She wore a blue hooded sweatshirt. The FBI has linked the robber to 14 holdups across Washington, the spokesman said. The bandit may be staying in lower-cost motels, said the spokesman, who also announced a special reward by Crime Stoppers for information that leads to her arrest. Source: http://www.spokesman.com/stories/2011/may/10/bad-hair-bandit-strikes-again/
14. May 9, AnnArbor.com – (International) Chelsea State Bank, FBI investigating ‘widespread’ fraud attack on debit card accounts. Chelsea State Bank (CSB) in Chelsea, Michigan is investigating a suspected incident of debit card fraud that caused bank officials to temporarily shut down the accounts of about 5,000 customers May 7. The CEO of CSB said the bank and the FBI are actively trying to determine how many customers were affected. The CEO said the bank has about 5,000 debit card holders — and those accounts were frozen after the bank discovered suspicious purchases that started May 7 in Australia. He said that bank customers whose funds were misused would not be forced to accept losses, and that the bank’s losses would be covered by insurance. The bank notified its customers over the weekend of May 7 and 8 that their accounts had been temporarily frozen. He said it was too early to estimate how much money was affected. The attacker tried to “duplicate existing debit card accounts” by acquiring “a good (account) number” and running “sequential numbers after that” to make purchases, the CEO said. The CEO emphasized the attacker did not gain inside access to the customer’s accounts. Instead, the suspect successfully forged account numbers to make purchases. He said it is too early to know how the attacker acquired the numbers. “It’s not a computer system breach,” he said. Source: http://www.annarbor.com/business-review/chelsea-state-bank-investigating-widespread-fraud-attack-on-debit-card-accounts/
15. May 9, Federal Bureau of Investigation – (Arkansas) Arkansas banker charged in fraud conspiracy with Northport Farm Credit manager. Federal prosecutors May 9 charged an Arkansas man with conspiring with the branch manager of a Northport farm credit institution to profit from fraudulent loans, announced a U.S. attorney and the FBI Special Agent in Charge. A one-count information filed in U.S. district court charges the 44-year-old man with conspiracy to commit bank fraud. He is charged with conspiring with an accomplice to defraud First South Farm Credit in Northport of $271,190 by creating false loans. In March, prosecutors charged the accomplice with four counts of defrauding First South Farm Credit of about $1.9 million between 2007 and 2010. The man pleaded guilty to the charges April 25. Those $1.9 million in fraudulent loans do not include the false loans to the Arkansas man charged on May 9. Source: http://www.loansafe.org/arkansas-banker-charged-in-fraud-conspiracy-with-northport-farm-credit-manager
Information Technology
44. May 10, Help Net Security – (International) Fake Patch Tuesday alert leads to Zeus infection. As the latest patches are supposed to be released May 11, scammers have initiated a low-volume spam campaign that holds a link to a zeus trojan variant masquerading as the update. “The executable (the fake patch) is being hosted on a compromised domain and at the time of writing holds an 11 percent detection rate on VirusTotal,” warned Websense researchers. The message looks legitimate, as the headers were made to look like it is coming from Microsoft Canada, the text in the message is written in both English and French, and there are very few spelling errors. What could tip off the users to the fact that this is a fake message is the subject line (“URGENT: Critical Security Update”), with which the attackers try to generate a sense of urgency with the intent of making users less careful. Source: http://www.net-security.org/malware_news.php?id=1717
45. May 10, Help Net Security – (International) Fake AV spreading via Yahoo! Answers. Bkis researchers have recently spotted some new fake AV variants being distributed under the guise of legitimate questions on Q&A sites such as Yahoo! Answers and public forums. What they discovered is a number of questions answered with a variant of “Anyway, I think this will help you [LINK]” The offered link takes the users to a site (answers-yahoo-z(dot)tk) mimicking the Yahoo! Answers site (answers.yahoo.com). The user is supposed to download the file with the answer, but in reality it is an executable — a fake AV downloader. Similarly poisoned are other Q&A sites and forums. The offered links consistently drive the traffic to the same Web site. The link is likely to be changed in the future. Source: http://www.net-security.org/malware_news.php?id=1716
46. May 9, Computerworld – (International) Security firm exploits Chrome zero-day to hack browser, escape sandbox. French security company Vupen said May 9 that it has figured out how to hack Google’s Chrome by sidestepping not only the browser’s built-in “sandbox” but also by evading Windows 7’s integrated anti-exploit technologies. Google said it was unable to confirm Vupen’s claims. “The exploit ... is one of the most sophisticated codes we have seen and created so far, as it bypasses all security features including ASLR/DEP/Sandbox,” Vupen said in a blog post May 9. “It is silent (no crash after executing the payload), it relies on undisclosed (‘zero-day’) vulnerabilities and it works on all Windows systems.” According to Vupen, its exploit can be served from a malicious Web site. If a Chrome user surfed to such a site, the exploit executes “various payloads to ultimately download the Calculator from a remote location and launch it outside the sandbox at Medium integrity level.” Source: http://www.computerworld.com/s/article/9216542/Security_firm_exploits_Chrome_zero_day_to_hack_browser_escape_sandbox
47. May 9, IDG News Service – (International) WebGL hit by hard-to-fix browser security flaw. The WebGL graphics technology turned on by default in Firefox and Chrome poses a serious security risk and IT managers should consider disabling it, a security consultancy has recommended. The flaws researched by U.K. consultancy Context Information Security are serious enough, the company said, to allow an attacker to compromise the attacked PC through the poorly defended graphics card layer, or at least crash the system to make it more vulnerable. The company confirmed that it was able to exploit systems using proof-of-concept attacks with certain graphics cards in a way — kernel mode — that breached the most secure ring of an OS. “The risks stem from the fact that most graphics cards and drivers have not been written with security in mind so the interface (API) they expose assumes the applications are trusted,” a Context research and development manager said. “While this may be true for local applications, the use of WebGL-enabled, browser-based applications with certain graphics cards now poses serious threats from breaking the cross-domain security principle to denial of service attacks, potentially leading to full exploitation,” he said. The most serious of Context’s claims is the flaws in WebGL are inherent to its architecture and will be extremely difficult to fix. “In the short term, individual end users or IT departments can avoid potential problems by simply disabling WebGL within their browsers; but the only long-term solution is for the developers of WebGL itself to ensure the specification is designed and tested to prevent these types of risks,” the Context research and development manager said. The company believes WebGL was not suitable for mass adoption. Source: http://www.computerworld.com/s/article/9216539/WebGL_hit_by_hard_to_fix_browser_security_flaw
48. May 9, Associated Press – (International) Sony aims to fully restore PlayStation Network, down by hacker attack, by end of May. Sony said May 10 it aims to fully restore its PlayStation Network, shut down after a massive security breach affecting over 100 million online accounts, by the end of May. Sony also confirmed personal data from 24.6 million user accounts was stolen in the hacker attack in April. Personal data, including credit card numbers, might have been stolen from another 77 million PlayStation accounts, a Sony Computer Entertainment Inc. spokesman said. He said Sony has not received any reports of illegal uses of stolen data, and the company is continuing its probe into the hacker attack. He declined to give details on the investigation. Sony shut down the PlayStation network, a system that links gamers worldwide in live play, April 20 after discovering the security breach. Source: http://www.washingtonpost.com/business/sony-aims-to-fully-restore-playstation-network-down-by-hacker-attack-by-end-of-may/2011/05/10/AFY3C0dG_story.html
49. May 8, The Register – (International) Think file-hosting sites guard your private data? Think again. Academic researchers said they have uncovered weaknesses in dozens of the most popular file hosting sites that allow people to gain unauthorized access to data that is supposed to be available only to those selected by the user. The services, which include sites such as RapidShare, FileFactory, and Easyshare, allow users to upload large files and make them available to anyone who knows the unique Uniform Resource Identifier (URI) bound to each one. Users may post the link on Web sites or forums available to the public or share it in a single e-mail to prevent all but the recipient from downloading it. RapidShare, for instance, said it can be used to “share your data with your friends, colleagues or family.” But according to academics in Belgium and France, a “significant percentage” of the 100 file hosting services (FHS) they studied made it trivial for outsiders to access the files simply by guessing the URLs that are bound to each uploaded file. They presented evidence that such attacks, far from being theoretical, are already happening in the wild. Source: http://www.theregister.co.uk/2011/05/08/file_hosting_sites_under_attack/
Communications Sector
50. May 9, Florida Times-Union – (Florida) Digital billboards light up in Jacksonville; opponents plan lawsuit. Clear Channel Outdoor has installed three of the eight digital billboards it plans for Jacksonville, Florida giving motorists a view of the technology that lit up city council debate and appears headed for a showdown in court. Though smaller electronic signs in front of Jacksonville businesses and churches have used similar technology for years, the billboards being built by Clear Channel are the first of their kind in the city. The division president for Clear Channel Outdoor, said advertisers can purchase time slots for digital billboards and customize messages for different times of the day. Digital billboard opponents are preparing to go to court to make the signs go dark. A Jacksonville attorney who represents Scenic Jacksonville, said a 1995 settlement agreement with the billboard industry does not allow construction of digital billboards. The settlement agreement followed a 1987 city charter election where voters approved reducing the number of billboards in Jacksonville. He said each time a digital billboard goes into operation, “it’s a violation of the settlement and the charter, under our position.” He said rather than amend a lawsuit each time another digital billboard goes up, opponents will wait until the billboards are up and then make a final decision on challenging them in court. The city’s general counsel’s office has taken the position the settlement agreement does not bar digital billboards. Source: http://jacksonville.com/business/2011-05-09/story/digital-billboards-light-jacksonville-opponents-plan-lawsuit
No comments:
Post a Comment