Thursday, June 9, 2011
Complete DHS Daily Report for June 9, 2011
Daily Report
Top Stories
• Bloomberg reports that a large power company was seeking alternative energy sources because an Arizona wildfire threatened to destroy high-voltage lines that deliver power to 371,000 homes, a 1,700-square-mile army base, and an oil refinery. (See item 1)
1. June 8, Bloomberg – (Arizona; Texas; New Mexico) Ariz. fire threatens 40% of El Paso’s power. El Paso Electric Co., supplier of power to an oil refinery and the U.S. Army’s Fort Bliss, said it is seeking alternative power supplies should an Arizona wildfire cut electrical lines from Palo Verde, the nation’s largest nuclear generating plant located in Wintersburg, Arizona. The Wallow Fire is on track to reach within 3 days high-voltage links that deliver 40 percent of the power used by 371,000 homes and businesses in western Texas and southeastern New Mexico, including the 1,700-square-mile Fort Bliss base, a spokeswoman for the El Paso, Texas-based utility owner said June 8. The blaze, which started May 29, has scorched an area 21 times larger than Manhattan. The utility warned June 7 it would begin cutting power temporarily to parts of its service area as a “last resort” to avoid a wider blackout. Residents of Springerville, Arizona, near El Paso’s lines, have been urged to prepare for evacuation by the sheriff of Apache County, according to the Web site of the incident command for the fire. None of the fire is contained, the June 8 report said. Fire damage to the lines from Palo Verde in Arizona may knock out 633 megawatts of supply, the utility owner said June 7. That is enough for about a half million average U.S. homes, according to statistics from the Energy Department in Washington. The Wallow Fire has raged over 311,491 acres south and west of Alpine, Arizona. The fire has destroyed 10 structures and damaged one. The Apache County Sheriff’s Office has ordered evacuation of at least four towns. The fire has not yet interrupted the power grid, a spokeswoman for the Western Electricity Coordinating Council said June 8. Source: http://www.bloomberg.com/news/2011-06-08/arizona-fire-threatens-40-of-el-paso-electric-s-supply-as-lines-in-path.html
• According to the Associated Press, a troubled small-town insurance agent in Louisiana shot two unarmed state fraud investigators to death at his office June 7, before killing himself. See item 15 below in the Banking and Finance Sector.
Details
Banking and Finance Sector
15. June 8, Associated Press – (Louisiana) La. state police: Insurance agent fatally shot 2 fraud investigators, then himself. Authorities worked June 8 to figure out why a troubled small-town insurance agent shot two unarmed state investigators to death at his office in Ville Platte, Louisiana before killing himself. They believe the man killed two veteran insurance fraud investigators June 7 after they had come to collect information, said the Louisiana State Police superintendent. It was not clear what the investigators were looking for. The man barricaded himself in his office and a SWAT team and negotiators spent hours outside before bursting in to find him dead. Authorities said he had been in business for almost 40 years but had a history of troubles. The Louisiana Department of Insurance in 2009 had suspended his insurance license and fined him $16,500, saying he provided fraudulent proof of vehicle insurance several times. In January, state police arrested the man and charged him with unfair trade practices. Source: http://www.washingtonpost.com/national/2-la-insurance-fraud-investigators-fatally-shot-man-barricades-himself-inside-business/2011/06/07/AGKGMSLH_story.html
16. June 8, San Francisco Chronicle – (California) S.F. cops hunting ‘Gen X bandit’ kill suspect. A suspected bank robber shot and killed June 7 by San Francisco, California police may be the so-called “Gen X bandit” because of his distinctive attire while robbing two banks in Southern California, authorities said. The man was shot dead in the Lower Haight neighborhood June 7 after the suspect tried to run over officers with his vehicle, authorities said. A spokesman for the police department said officers responded to the unit block of Buena Vista Avenue East around 5:40 p.m. in an attempt to apprehend the robbery suspect. The FBI had tipped local police that the suspect, wanted in connection with two bank robberies in Irvine (Orange County), had fled to the city in a stolen BMW. The FBI said it tracked the vehicle using the car’s on-board GPS unit, a navigation computer system. The bank robbery suspect was dubbed the “Gen X bandit” by the FBI. He robbed a Chase Bank and Comerica Bank in Irvine within a half-hour May 17. Source: http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2011/06/08/BASI1JR97L.DTL
17. June 8, Lansing State Journal – (Michigan) Credit union robbery leads to man’s capture. A Lansing, Michigan man who police said admitted to multiple bank robberies is behind bars after allegedly robbing a Clinton County credit union June 7, and leading police on a multi-county pursuit. The man was slated to be arraigned June 7 in district court in connection with the incident that started at about 9:05 a.m. 7 at Portland Federal Credit Union in Westphalia, and ended more than a half hour later outside Cooley Law School Stadium in Lansing. The suspect took an undisclosed amount of cash from the credit union, and an employee saw him leave in a vehicle, a county sheriff’s detective said. A DeWitt police command officer spotted the car shortly after 9:30 a.m. The suspect drove into Lansing when police attempted to stop him near Interstate 69, the detective said. He was arrested outside the Lansing Lugnuts baseball stadium after bailing on foot, the detective said. Police said the man told Clinton County sheriff’s detectives and FBI agents he robbed banks in Lansing, Fowler, and Middleton. Source: http://www.lansingstatejournal.com/article/20110608/NEWS01/106080317/Credit-union-robbery-leads-to-man-s-capture?odyssey=tab|mostpopular|text|FRONTPAGE
18. June 7, KREM 2 Spokane – (Washington) ‘Bad Hair Bandit’ suspected in Moses Lake bank heist. Detectives believe a serial bank robber called the “Bad Hair Bandit” hit a Moses Lake, Washington Sterling Servings Bank at 12 p.m. June 7. Bank workers said the woman handed the teller a piece of paper telling her to put her hands up. The suspect demanded cash and implied she had a weapon. Officers said she got away with an undisclosed amount of money. The robber matches the description of the “Bad Hair Bandit,” a white woman about 35-years-old, 5-feet, 6-inches, and 220 pounds with a heavy build. She has hit banks in the Puget Sound area, as well as in Spokane, and Ellensburg. Source: http://www.nwcn.com/home/?fId=123426849&fPath=/news/local&fDomain=10222
19. June 7, Los Gatos Patch – (California) Man arrested for bomb threat and robbery. A 28-year-old man was arrested and charged for robbery, attempted robbery, extortion, and making a bomb threat June 6, after a police investigation linked him to a series of bomb threats and attempted robberies at two banks, Los Gatos/Monte Sereno police reported. The investigation took place over the weekend of June 4 and 5, after the man was positively identified in connection with multiple bomb threats and attempted robberies at Chase Bank June 3 and Wells Fargo Bank June 4. Police later conducted a photo lineup where witnesses at Wells Fargo positively identified him as the suspect from the attempted Chase Bank robbery, and a previous robbery at the same Wells Fargo branch March 17. Police also determined the simulated explosive devices found at each location were nearly identical. Source: http://losgatos.patch.com/articles/man-arrested-for-bomb-threat-robbery-and-attempted-robbery
20. June 6, Federal Bureau of Investigation – (National) FBI releases bank crime statistics for first quarter of 2011. During the first quarter of 2011, there were 1,092 reported violations of the Federal Bank Robbery and Incidental Crimes Statue, a decrease from the 1,183 reported violations in the same quarter of 2010. According to statistics released June 6 by the FBI, there were 1,081 robberies, 9 burglaries, 2 larcenies, and 1 extortion of financial institutions reported between January 1, 2011 and March 31, 2011. Source: http://www.fbi.gov/news/pressrel/press-releases/fbi-releases-bank-crime-statistics-for-first-quarter-of-2011
For another story, see item 47
Information Technology
50. June 8, Softpedia – (International) Java 6 update 26 fixes critical security issues. Oracle has released update 26 for its Java SE 6 platform to address a number of 17 remotely exploitable vulnerabilities, many of which could result in arbitrary code execution. Of the included patches, 11 apply only to the Java SE client and 1 only to the server version. The rest affect both of the platform’s flavors. Nine vulnerabilities carry the maximum score of 10 on the CVSS scale. This means that they can be exploited remotely with ease and no authentication resulting in a complete confidentiality, integrity, and availability compromise. The scores were calculated under the presumption users have administrative privileges, typically on Windows, and are capable of running Java applets or Java Web Start applications that is default behavior. Three of the remaining vulnerabilities carry a CVSS base score of 7.6, four of 5.0, and one of 2.6. Java vulnerabilities are commonly exploited in drive-by download attacks to infect users with malware. In fact, according to statistics grabbed from live Web exploit kit installations, Java exploits are the most effective ones. Source: http://news.softpedia.com/news/Java-6-Update-26-Fixes-Critical-Security-Issues-204840.shtml
51. June 8, IDG News Service – (Arizona) Intel investigating fire at Arizona plant. Intel said June 8 it is investigating a fire at the company’s manufacturing facilities in Chandler, Arizona, that left 13 people injured. The fire June 7 was in a support building handling solvents outside the Fab 22 chip-manufacturing site, which is currently under construction. Reasons for the fire have not been determined and are under investigation, an Intel spokesman said. Five people were sent to hospital for evaluation, but the company declined to comment on the extent of their injuries or medical progress. Another manufacturing facility in the complex, Fab 32, was evacuated briefly as a precaution. There was no impact to chip production on the sites, and the factories have now returned to normal operation, the spokesman said. The company produces millions of chips a year, and maintains major manufacturing operations in Chandler, where it has about 9,700 employees. Many chip facilities there are continuously upgraded to make smaller and faster chips for future laptops, desktops, and servers. Source: http://www.computerworld.com/s/article/9217425/Intel_investigating_fire_at_Arizona_plant
52. June 8, Softpedia – (International) New MacShield variants spotted in the wild. Three new variants of the MacShield scareware were identified June 8, suggesting that Apple’s efforts so far have not discouraged Mac malware development. “F-Secure Labs located three new samples today, and added detection for today’s in-the-wild versions of MacShield,” a security advisor at the Finnish antivirus vendor said. The volume of new Mac scareware has increased and so has the number of distribution vectors. At first, there were Google Images black hat search engine optimization campaigns. Then the malware distributors switched to Facebook. It is unclear if the new variants bypass Apple’s XProtect blacklist, but it is a very likely possibility given the technology works by comparing hashes. Users should use a full-featured security product that offers layered protection. For example, antivirus programs contain Web filters that block users from accessing scareware distribution sites in the first place. However, if a site is very new and the Web filter does not know about it, an antivirus product can still leverage heuristic signatures to identify new variants of a certain threat. Source: http://news.softpedia.com/news/Mac-Scareware-Development-Continues-204986.shtml
53. June 7, Softpedia – (International) Chrome 12 brings many security fixes and enhancements. Google released the first stable build of Chrome 12 that addresses many vulnerabilities and brings several new security enhancements. A total of 14 security flaws have been patched in the new Chrome 12.0.742.91 build, in addition to the ones fixed during the development cycle. Five of the vulnerabilities are rated with high severity. Aside from the vulnerability patches, Chrome 12 allows users to delete Flash cookies from the browser’s own interface. Flash Player’s local storage can be abused to respawn tracking cookies. Another security-related feature in Chrome 12 provides protection against malicious downloads by using data from Google’s Safe Browsing service. Source: http://news.softpedia.com/news/Chrome-12-Brings-Many-Security-Fixes-and-Enhancements-204796.shtml
54. June 7, The Register – (International) Hackers jailbreak iOS 5 in under 24 hours. Hackers said they have jailbroken the latest version of Apple’s iOS so it will run applications not officially sanctioned by the company. iOS 5 was unveiled June 6, and a beta version was made available to a limited number of developers. Within hours, members of the iPhone Dev Team posted pictures that showed it had been jailbroken. They said the OS, which runs iPhones, iPod Touches, and iPads, had been unlocked using “limera1n,” a technique devised by serial jailbreaker “GeoHot.” The jailbreak is of the tethered-boot variety, meaning jailbroken iDevices must be connected to a computer each time they reboot. There was no mention of an untethered jailbreak coming to the new OS. Source: http://www.theregister.co.uk/2011/06/07/ios_five_jailbroken/
55. June 6, Darkreading – (International) New malware can launch multiple types of advertising fraud. A new coordinated malware attack can enable cybercriminals to launch multiple types of online advertising fraud, according to researchers. According to researchers at Adometry (formerly Click Forensics), the attack, called “ad hijacking,” uses similar malware and infection delivery methods to create a network of computers aimed at committing advertising fraud through different kinds advertisements and channels. “In the past, advertising fraudsters have mainly set their sights on the search advertising industry,” the CEO of Adometry said. “This is the first attack we’ve seen that coordinates advertising fraud across many different online ad channels.” Rather than requiring a user to download malware via a fake antivirus program, Adometry said the ad-hijacking malware injects itself into the rootkit of a user’s computer through an advertisement on a popular Web site. Once it infects the computer, the malware receives instructions from a host to perform multiple kinds of advertising fraud, including search hijacking, display advertising impression inflation, and video advertising fraud. Source: http://www.darkreading.com/security/vulnerabilities/230200004/new-malware-can-launch-multiple-types-of-advertising-fraud.html
Communications Sector
See item 54 above in the Information Technology Sector
No comments:
Post a Comment