Wednesday, August 10, 2011

Complete DHS Daily Report for August 10, 2011

Daily Report

Top Stories

• A malware injection that targets e-commerce Web pages called willysy, has ballooned from 90,000 infected pages to more than 6 million, in less than 2 weeks. – PC World. See item 38 below in the Information Technology Sector

• Verizon Communications Inc. reported multiple incidents of sabotage to cables cut in the wake of a massive strike, disrupted service for customers in Massachusetts and New York. – Boston Business Journal. See item 39 below in the Communications Sector

Details

Banking and Finance Sector

10. August 9, Associated Press – (New York; Ohio) NY fund announces proposed fraud settlement. The New York State Common Retirement Fund announced August 8, a proposed $168 million settlement of its securities fraud class-action lawsuit against National City Corp. alleging misrepresentations to investors. The New York State Comptroller, the trustee of the $146.5 billion fund and lead plaintiff, said the defendants agreed to the settlement but admitted no wrongdoing. PNC Financial Services Group Inc., which bought Cleveland-based National City in 2008, declined to comment. The suit alleges National City misrepresented the quality of its mortgages and home equity loans, and the severity of its losses. The settlement is expected to go before a U.S. district judge in the Northern District of Ohio for preliminary approval in the next few weeks, with all class members notified after that. Source: http://www.cnbc.com/id/44074752

11. August 8, Reuters – (International) Ex-Citi senior trader fined $1.5 mln for fraud-CFTC. A former trader and vice president for Citigroup was ordered by a federal court to pay over $1.49 million for unlawful trading, misappropriation, and fraud, the U.S. Commodities Futures Trading Commission (CFTC) said August 8. The Moroccan national engaged in a series of “fictitious trades” starting on November 23, 2010 to steal money from Citibank and deposit it into his own account, according to the court order. The man worked for Citigroup Global Markets Limited in the United Kingdom. The former Citi trader engaged in noncompetitive palladium and platinum futures transactions on the New York Mercantile Exchange’s Globex trading platform that moved $373,860 from the Citi account to his own. The court order, which was entered July 29 in the U.S. District Court for the Southern District of New York, requires the former trader to pay $373,860 in restitution, and a $1,121,580 civil monetary penalty. The order also imposes permanent trading and registration bans against the man. Source: http://www.reuters.com/article/2011/08/08/cftc-citigroup-trader-idUSN1E7770Q620110808

12. August 8, KSAZ 10 and KUTP 45 Phoenix – (Arizona) FBI: ‘Billfold Bandit’ strikes again. The FBI said August 8 the “Billfold Bandit” struck again in Phoenix, Arizona. He robbed the Desert Schools Federal Credit Union near Tatum and Cactus Road. When he approached the teller, he showed a demand note that was concealed in his wallet, indicating a robbery. A weapon was not shown. The teller complied and the suspect fled with an unknown amount of money on foot. Police said he is now responsible for 7 robberies in the past 2 months. He is described as a white man in his 20s, 5’ 9” to 5’ 10” tall, with short brown hair, and a trimmed beard. He was wearing a black baseball cap with a white design on it, dark sunglasses on top of the hat, a long sleeved black t-shirt, and dark-colored pants. Source: http://www.myfoxphoenix.com/dpp/news/crime/billfold-bandit-strikes-again-08082011

13. August 8, United Press International – (International) U.S. lawmakers to target Iran’s bank. The U.S. President has been asked to take dramatic steps against Iran’s central bank as part of an effort to sideline the regime, lawmakers said August 8. A letter, put together by two U.S. Senators said more economic action is needed against Iran. “In our view, the United States should embark on a comprehensive strategy to pressure Iran’s financial system by imposing sanctions on the Central Bank of Iran,” a copy of the letter, part of which was published by The Wall Street Journal, stated. “If our allies are willing to join, we believe this step can be even more effective.” The letter was expected to arrive on the President’s desk August 9, the Journal noted. More than 90 Senators signed the letter. The report said that if sanctions against Bank Markazi, the central bank, are adopted, it would nearly lock Iran out of the international market. U.S. officials say Tehran is using the bank to hide activity involving sanctioned goods, and to funnel money to U.S. adversaries in Lebanon and the Palestinian territories. One of the Senators, a Republican from Illinois, told the Journal he would introduce a measure to effectively force the President’s hand on the issue. Source: http://www.upi.com/Top_News/Special/2011/08/08/US-lawmakers-to-target-Irans-bank/UPI-56881312828111/

14. August 8, CBS St. Loius and KMOX 1120 AM St. Louis – (Missouri; Hawaii) Wentzville woman indicted for credit repair scam. The U.S. attorney’s office in St. Louis reported August 8 a woman allegedly falsely represented she operated a “mortgage rescue” or “foreclosure rescue” service. According to the indictment, the woman owned and operated both 1st Financial Resource, LLC, (First Financial) and 1st Federal Resource, LLC, (First Federal). She created and operated First Financial from September 2008 until March 2009, at which time the business became known as 1st Federal Resource, LLC (First Federal). She registered the business as 1939 Wentzville Parkway, Suite 178, in Wentzville, Missouri, which is actually a UPS store that provides commercial mailbox services. The indictment alleges she researched and identified groups of homeowners in the state of Hawaii that were one or more mortgage payments behind, or were in imminent risk of home foreclosure. She then targeted that group of vulnerable home owners, and sent out a large number of unsolicited mailings to prospective clients representing she operated a “mortgage rescue” or foreclosure rescue” service. More than 80 clients responded to her mailings and wired funds to First Financial and to First Federal. The suspect converted these funds to her own use. None of the client funds were ever sent to lenders. The 41-year-old woman was indicted by a federal grand jury on four felony counts of wire fraud and one felony counts of mail fraud. If convicted, each count carries a maximum penalty of 20 years in prison and/or fines of up to $250,000. Source: http://stlouis.cbslocal.com/2011/08/08/wentzville-woman-charged-in-credit-repair-scam/

Information Technology Sector

38. August 6, PC World – (International) Speedy malware infects more than 6 million Web pages. In less than 2 weeks, a malware injection that targets e-commerce Web pages, called willysy, has ballooned from 90,000 infected pages to more than 6 million. The malware exploits a vulnerability in a popular online merchant platform, osCommerce, according to Web application security provider Armorize of San Francisco. Although Arorize could not identitfy the attack perpetrators, it did trace the forays to eight IP addresses, all located in the Ukraine. Armorize said the attacks exploit three known vulnerabilities in version 2.2 of osCommerce. The exploits allow the attackers to place an invisible frame (iFrame) on the page and then inject malicious code (JavaScript) into the page, where it will infect visitors to the online store. Once the infection makes it to a shopper’s computer, it targets vulnerabilities in Java, Adobe Reader, Windows Help Center and Internet Explorer. Although the flaws in the programs targeted by the infection are known and have been patched, the attackers are betting that the user has not patched all the programs. Attacks such as this can be especially harmful to small and medium-size businesses (SMB), asserts a former Gartner analyst and vice president of Global Strategy at Ipswitch, a file transfer security company. SMBs typically don’t have the financial resources of larger firms so they’re attracted to open source programs such as osCommerce and use off-the-shelf software. “Whenever you use off-the-shelf software, you have to understand there are data issues and all types of security vulnerabilities that exist,” the analyst said. While the makers of off-the-shelf software patch programs often, he continued, the business still must invest in resources to insure proper patch work is done. “That requires an outlay of capital that SMBs are not willing to deal with or don’t have within their margins,” the analyst said. Source: http://www.pcworld.com/article/237457/speedy_malware_infects_more_than_6_million_web_pages.html

Communications Sector

39. August 8, Boston Business Journal – (Massachusetts; New York) Verizon: Sabotage hits service in Massachusetts. Verizon Communications Inc reported no Massachusetts rate payers without service as 6,000 Bay State workers entered their second day of a strike, August 8. However, the company reported multiple incidents of sabotage in Massachusetts, including one that cut service to some customers in Tewksbury, Billerica, and possibly in other communities. “We’ve discovered a number of cables have been cut, and it’s affecting service on our networks,” a Verizon spokesman said. A spokesman for Boston’s largest local chapter of the International Brotherhood of Electrical Workers (IBEW) –- one of two Verizon unions that called the strike –- dismissed the report, saying outages are occurring due to a lack of maintenance staff during the strike. The Verizon spokesman said other than isolated incidents of vandalism, Verizon continues to “operate as usual.” He said he was not yet able to determine “several hundred” customers were affected by 7 incidents of cables cut in Billerica and Tewksbury. An incident of sabotage was also reported in the New York town of Queensbury. The strike involves 45,000 workers in the IBEW and Communications Workers of America unions, who work on cable, Internet, and phone services. Source: http://www.bizjournals.com/boston/news/2011/08/08/verizon-sabotage-hits-tewksbury-service.html?page=all

40. August 8, CNET – (International) Amazon cloud outage downs Netflix, Quora. Amazon Web Services’ (AWS) cloud-computing infrastructure experienced a brief network outage August 8 that knocked offline popular sites such as Netflix, Quora, Reddit, and Foursquare. The network connectivity issues struck Amazon’s Elastic Compute Cloud (EC2) at Amazon’s northern Virginia site, which handles AWS operations for the U.S. East Coast at 7:39 p.m. PDT, and were resolved about 25 minutes later, according to the Amazon Web Services Health Dashboard. AWS is a flagship example of one facet of cloud computing, a flexible collection of online computing services that can ramp up and down according to varying needs, with customers getting a flexible infrastructure, and paying only for what they consume. At the same time, though, when a widely used service goes down, many suffer. In April, the cloud storage service experienced a 2-day outage that brought many Web site operations to a halt. Source: http://news.cnet.com/8301-1023_3-20089866-93/amazon-cloud-outage-downs-netflix-quora/

No comments: