Friday, September 23, 2011

Complete DHS Daily Report for September 23, 2011

Daily Report

Top Stories

• “Incorrect manufacturing” of the fuselage led to the in-flight rupture of an American Airlines Boeing 757 in 2010, and similar damage was found on two other 757s, the National Transportation Safety Board reported. – seattlepi.com (See item 9)

9. September 21, seattlepi.com – (National) ‘Incorrect manufacturing’ led to hole in Boeing 757. ”Incorrect manufacturing” of a panel led to the rupture of an American Airlines Boeing 757 in flight last year and similar cracking in the fuselage of two other 757s, the National Transportation Safety Board (NTSB) reported September 19. But investigators could not find a cause of the defect because Boeing had not kept manufacturing records and was not required to, the NTSB said. An approximately 18-inch-by-7-inch hole opened in the 757-200 about 16 minutes after takeoff from Miami International Airport October 26, 2010, decompressing the cabin at about 32,000 feet. The airplane returned to Miami with no injuries among the 160 people aboard. Investigators found fatigue cracking of the upper fuselage skin above the forward left passenger door led to the rupture. They found skin thickness of 0.034 to 0.035 inches, less than Boeing’s specified minimum of 0.037 inches. A second American 757 and a United Airlines 757 were found to have similar cracking, the NTSB reported, adding the planes had skin thinner than manufacturing specs. The 757 that developed the hole entered service in 1990 and had flown 63,010 hours on 22,450 flights. Starting April 16, the government required companies to keep manufacturing records for 5 years in general, up from 2, and 10 years for critical components. This rule would not have affected the availability of records on the 757 that developed the hole, given its age. Source: http://blog.seattlepi.com/aerospace/2011/09/21/incorrect-manufacturing-led-to-hole-in-boeing-757/

• The Securities and Exchange Commission fined the co-founder of institutional money manager AXA Rosenberg $2.5 million for securities fraud for concealing a computer code error that caused clients to lose $217 million. – U.S. Securities and Exchange Commission See item 12 below in the Information Technology Sector

Details

Banking and Finance Sector

11. September 22, Associated Press – (New York) NY woman convicted in Va. bank fraud case. A New York woman was convicted September 22 in Virginia for participating in a scheme to fraudulently tap into home equity lines of credit and credit card accounts. A federal jury in Richmond convicted the 41-year-old on a dozen conspiracy, bank fraud, and money laundering counts. A U.S. attorney said she faces up to 30 years on seven counts and up to 20 years on five counts when she is sentenced December 19. According to the government, the woman and others transferred large amounts of money from home equity and credit card accounts to bank accounts controlled by so-called “money mules,” who would withdraw the proceeds to be shared by the conspirators. The woman’s role was to recruit the money mules and distribute the money. Source: http://www.chron.com/news/article/NY-woman-convicted-in-Va-bank-fraud-case-2182991.php

12. September 22, U.S. Securities and Exchange Commission – (National) SEC charges Quant manager with fraud. The U.S. Securities and Exchange Commission (SEC) September 22 charged the co-founder of institutional money manager AXA Rosenberg with securities fraud for concealing a significant error in the computer code of the quantitative investment model he developed and provided to the firm’s entities for use in managing client assets. According to the SEC’s order instituting administrative proceedings, the money manager learned of the error in June 2009, but directed others to keep quiet about it and not fix it immediately. He denied the existence of any significant errors during an October 2009 board meeting discussion about performance. AXA disclosed the error to SEC examination staff in March 2010 after being informed of an impending SEC examination. The error was not disclosed to clients until April 2010, causing them $217 million in losses. The money manager has agreed to settle the SEC’s charges by paying a $2.5 million penalty, and consenting to a lifetime securities industry bar. The SEC previously charged AXA and its affiliated investment advisers, and they agreed to pay $217 million to harmed clients plus a $25 million penalty. According to the SEC’s order, the manager created the model, oversaw research projects to improve and enhance it, and exercised significant authority. The material error in the computer code disabled a key component for managing risk, and affected the model’s ability to perform. The SEC’s order found that due to the man’s misconduct, AXA and its affiliated investment advisers misrepresented to clients that the model’s underperformance was attributable to factors other than the error, and inaccurately stated the model was controlling risk correctly. His instructions to delay fixing the error caused additional client losses. In its order, the SEC found the man willfully violated anti-fraud provisions of the Investment Advisers Act of 1940, Sections 206(1) and 206(2). Source: http://www.sec.gov/news/press/2011/2011-189.htm

13. September 21, Modesto Bee – (National) Mortgage fraud indictment has Stanislaus ties. A Utah man was indicted September 21 by federal authorities in connection with a multimillion-dollar mortgage fraud scheme in West Virginia, and alleged mail fraud linked to a similar scam involving 20 properties in Stanislaus County, California. A man from Sandy, Utah, was charged with one count of mail fraud linked to the Stanislaus County properties, according to the U.S. attorney’s office in Sacramento. Federal prosecutors said he used “The Gift Program” to fraudulently obtain more than $14 million in loans that caused California lenders to lose $7.2 million. A second suspect in the California scheme was indicted in late July and is awaiting trial. He also is facing a 30-count federal indictment in connection with wire fraud and criminal forfeiture in which he is accused of targeting victims in at least 8 states who were seeking multimillion-dollar loans for large construction projects that were in danger of being foreclosed on. Federal prosecutors said the California “Gift Program” scam was operated similarly to the mortgage fraud scheme in West Virginia. The scheme involved illegal property “flipping” to out-of-state borrowers at inflated prices using the man’s company “The Gift Program” or “Advanced Capital Services,” according to prosecutors. He was charged with one count of conspiracy to commit wire fraud and bank fraud in the U.S. Southern District of West Virginia. A 51-year-old man from South Weber, Utah, was arrested September 19. He was named in an 18-count indictment that included wire fraud, bank fraud, and conspiracy charges. The pair are believed to be co-conspirators, prosecutors said. Source: http://www.modbee.com/2011/09/21/1871244/mortgage-fraud-indictment-has.html

Information Technology Sector

32. September 22, H Security – (International) Adobe publishes emergency patch to fix critical Flash vulnerabilities. Adobe published an unscheduled emergency patch for Flash Player to address many critical security issues. The Flash Player updates, version 10.3.183.10 for desktop operating systems and 10.3.186.7 for Android, are the company’s response to a recently discovered universal cross-site scripting (XSS) hole. According to Adobe, the vulnerability is already being actively exploited by attackers to bypass the same origin policy, allowing them to, for example, take actions on a user’s behalf on any Web site, or steal a victim’s cookies. For an attack to be successful, a victim must click on a malicious link. The company said the Authplay.dll component included in Reader and Acrobat is not affected. The updates also close five other holes. Four of the vulnerabilities are said to allow an attacker to remotely execute arbitrary code on a victim’s system. A security control bypass flaw that could lead to information disclosure has also been fixed. Flash Player versions up to and including 10.3.183.7 for Windows, Mac OS X, Linux, and Solaris, as well as 10.3.186.6 and earlier for Android, are affected. Source: http://www.h-online.com/security/news/item/Adobe-publishes-emergency-patch-to-fix-critical-Flash-vulnerabilities-1348193.html

33. September 22, Help Net Security – (International) Fake stores dominant threat due to blackhat SEO. ”Searches for buying software online remains 90 percent malicious, redirecting users to fake stores,” a Zscaler, researcher said after he analyzed the first 10 pages of Google search results for popular terms. “There has been no significant improvement on that front, with 60 different fake store domains observed in July 2011.” He pointed out this is a problem shared by all search engines. Among the trust-increasing techniques used by the developers of these fake stores is the copying of the look of a well known online store/service. Source: http://www.net-security.org/malware_news.php?id=1848

34. September 22, Softpedia – (International) 50,000 Web sites infected with spam from ‘Wplinksforwork’. A large WordPress poisoning was discovered after the infection-spreading Web site was shut down and error messages began appearing on the compromised pages. A Google search returned 53,000 links that belong to locations that contain the error message. The error message revealed itself in place of some malicious links that were supposed to show up in the exploited HTML documents at the bottom of the page. After the location was taken out of service, error alerts appeared instead of the illegal ads. Besides the “wplinksforwork” domain, there is another malevolent address called “hemoviestube,” which appears to be not functional at the moment. Source: http://news.softpedia.com/news/50-000-Websites-Infected-with-Spam-From-Wplinksforwork-223004.shtml

35. September 21, Help Net Security – (International) Bluetooth vulnerabilities becoming easier to exploit. Codenomicon warns consumers about the poor quality and security of Bluetooth equipment. Based on Codenomicon’s robustness test results using smart model based fuzzing tools, 80 percent of tests against various Bluetooth devices find critical issues. Every device failed with at least one test suite against a critical communication profile. Bluetooth is particularly vulnerable against malformed input. Such input may cause Bluetooth device operation to slow down or to show unusual behavior or crash. In a worst case scenario, malformed input can be used by an outside attacker to gain unauthorized access to the Bluetooth. When vulnerabilities are in low-level communication profiles such as L2CAP, they are not protected by the pairing process. These flaws can be exploited without the user accepting or even noticing the connection. So far, Bluetooth quality and security has not been perceived as a problem. The pairing process and conformance testing is thought to provide enough protection. Bluetooth applications have not offered access to confidential data so there has been little motivation to attack the Bluetooth interface. However, Bluetooth is becoming more and more critical. Modern car kits and healthcare equipment, for example, use Bluetooth technology. Source: http://www.net-security.org/secworld.php?id=11663

36. September 21, The Register – (International) Google preps Chrome fix to slay SSL-attacking BEAST. Google has prepared an update for its Chrome browser that protects users against an attack that decrypts data sent between browsers and many Web sites protected by the secure sockets layer (SSL) protocol. The fix, which has already been added to the latest developer version of Chrome, is designed to thwart attacks from BEAST, a proof-of-concept code its creators said exploits a serious weakness in the SSL protocol millions of Web sites use to encrypt sensitive data. The creators said they have been working with browser makers on a fix since May, and public discussions on the Chromium.org Web site show Chrome developers proposing changes as early as late June. It is unknown how effective BEAST will be at quickly and secretly cracking the encryption protecting online bank passwords, Social Security numbers, and other sensitive data, but Google appears to be taking no chances. The code creators released limited details of their attack ahead of a presentation scheduled for September 23. Source: http://www.theregister.co.uk/2011/09/21/google_chrome_patch_for_beast/

37. September 21, Infosecurity – (International) Facebook attacks get automated, says Imperva. Cybercriminals have started using complex scripting techniques to automate their attacks on the Facebook social networking platform. According to Imperva researchers, with the advent of social networking, hackers have turned to sites such as Facebook to create another attack channel. However, the attacks seen to date have been typically manual, such as uploading malware or creating fake pictures. But now, according to Imperva, social engineering may be entering the next phase: automation. Recently, a new tool emerged that automates social engineering on Facebook. Unlike hacking software, this tool does not demonstrate any new theoretical security vulnerability, but its existence proves the case that automated attacks on Web 2.0 services are a real threat. Source: http://www.infosecurity-us.com/view/20862/facebook-attacks-get-automated-says-imperva/

For more stories, see items 38, 39, and 42 below in the Communications Sector

Communications Sector

38. September 22, encToday.com – (North Carolina) CenturyLink customers without Internet Wednesday morning. CenturyLink customers throughout Kinston and Eastern North Carolina were without Internet service part of September 22. A company spokeswoman described it as a “widespread outage.” It was centered in Greenville and occurred around 9 a.m. As many as 3,700 customers were affected. A CenturyLink spokeswoman said the outage was limited to DSL and Ethernet services. “A micro-bend was found in the fiber that resulted in disruption of service,” she reported. “We are currently conducting an in-depth review to determine the root cause.” The outage was the second time in a month CenturyLink customers have been without service. Following Hurricane Irene, phone, and Internet services were out after an 18-wheeler tore through downed lines near Skinner’s Bypass. The spokeswoman said the September 22 problem, which originated in Washington, North Carolina, was not related to storm damage. Most customers had Internet restored by 1 p.m., but the morning outage did briefly hinder communication with Lenoir County Schools. Phone lines continued to work through the outage, but several schools — which are transitioning to VoIP phone systems — use the Internet to make calls. Parents calling those schools were greeted with a busy signal while the service was down. The Lenoir County Public Schools chief technology officer said the central office was able to maintain contact with all of the schools through the outage. The Kinston interim city manager said city offices did not experienced any outages. Source: http://www.enctoday.com/news/customers-76457-kfpress-internet-centurylink.html

39. September 21, ARLnow.com – (Virginia) Verizon outage hits Clarendon/Courthouse area. Hundreds of Verizon landline phone and DSL internet customers in the Courthouse/Clarendon area of Arlington, Virginia, were without service September 21 after two underground cables were accidentally cut. According to a Verizon spokesman, a contractor taking a soil sample in the area of Fairfax Drive and N. Barton Street cut through a pair of large underground cables containing 4,500 copper lines. Of those, about 1,600 active lines that carry phone and Internet service were affected, he said. The spokesman confirmed that crews were working in two 12-hour shifts to repair the lines. They have reached the cables — 20 feet below ground — but were just beginning the “very labor intensive” process of splicing all 1,600 lines together. Service will gradually be restored to customers “over the next several days,” the Verizon spokesman said. Source: http://www.arlnow.com/2011/09/21/verizon-outage-hits-clarendoncourthouse-area/

40. September 21, Radio-info.com – (Florida; Puerto Rico) The FCC hands down one $15,000 pirate fine, and reduces another one to $300. The Federal Communications Commission (FCC) meted out a $15,000 fine, $5,000 above the baseline amount, to a man in Guayama, Puerto Rico. He was operating an unlicensed FM station at 88.5, and the FCC said it adjusted the amount of the forfeiture up from $10,000 due to “the fact that [he] continued to operate after being put on notice.” The agency said that showed “a deliberate disregard” for the rules. Meanwhile, the FCC revisited an earlier $15,000 fine involving a pirate radio operator on 94.7 in Orange Park, Florida. The operator explained that he didn’t know it was illegal, which the FCC doesn’t find persuasive. But he also pleaded financial hardship, and the FCC agreed to reduce the forfeiture from $15,000 to $300. Source: http://www.radio-info.com/news/the-fcc-hands-down-one-15000-pirate-fine-and-reduces-another-one-to-300

41. September 20, Corpus Christi Caller-Times – (Texas) Phone service restored in Aransas County. Phone service was on the fritz September 20 in Aransas County, Texas, affecting land lines and cell phones. A fiber optic line was cut about 10:30 a.m. in the Corpus Christi area, according to the State of Texas Operations Center. AT&T technicians repaired the cut line and had everything restored by 4:50 p.m., a South Texas AT&T manager said. He said technicians are investigating where and how the line was cut. During the outage, land lines and cell phone service was unavailable, but 911 service was maintained, Rockport city officials said. Affected areas included Corpus Christi, Beeville, Refugio, Rockport, and Sinton. The problems did not affect radio communications or Internet service. Source: http://www.caller.com/news/2011/sep/20/phone-service-disrupted-in-aransas-county/

42. September 20, Contra Costa Times – (California) Phone service in areas of Moraga interrupted. Phone service in the Carroll Ranch and Campolindo areas of California was interrupted September 20 when PG&E work crews drilled into an AT&T phone line. PG&E was replacing a telephone pole on Moraga Road and Buckingham Place when the line was disconnected, according to an e-mail from a spokeswoman with the town of Moraga. She said the lines were disconnected around 9 a.m., noting repair work expected to take at least 3 hours began around 4:45 p.m. An AT&T spokesman said about 250-300 customers were without land-line service, and that some Internet service may have been interrupted, too. Source: http://www.mercurynews.com/news/ci_18939282

For more stories, see items 35, and 37 above in the Information Technology Sector

No comments: