Tuesday, November 1, 2011

Complete DHS Daily Report for November 1, 2011

Daily Report

Top Stories

• About 1.8 million people in at least five states remained without power October 31 after a rare October snowstorm buried parts of the Northeast under more than 2 feet of snow. – CNN (See item 1)

1. October 31, CNN – (National) Nearly 2 million without power as Northeast recoversfrom storm. About 1.8 million people in at least five states remained without power early the afternoon of October 31 after a rare October snowstorm buried parts of the Northeast under more than 2 feet of snow. Utilities throughout the region reported significant progress in restoring power, but the cold, snowy conditions and house-by-house nature of the damage was slowing the work, officials said. The October 29 and 30 storm prompted emergency declarations from the governors of New York, New Jersey, Connecticut, and Massachusetts. The Massachusetts governor said some roads in the state were expected to ice up again after dark, and he warned that downed power lines continue to pose a threat of electrocution in the wake of a storm he said warrants a federal disaster declaration. Connecticut power officials told reporters October 31 that about 756,000 people were without power, down from a peak of more than 900,000. Power crews from across the country were converging on the state to help restore power, according to the spokesman, who said every town Connecticut Light and Power serves was adversely affected. In Massachusetts, state officials said utility crews had come from as far as Louisiana and Texas to help. The Massachusetts governor said utility crews had made a 23 percent dent in the number of buildings without power as of Monday morning. Elsewhere, about 90,000 customers were without power October 31 in Pennsylvania; 277,000 in New Jersey; 180,000 in New York, and 191,000 in New Hampshire, according to figures from emergency managers and power companies in those states. Thousands also lost power in Maryland, Virginia, and West Virginia. Source: http://www.cnn.com/2011/10/31/us/east-coast-storm/index.html?hpt=hp_t2

• Six people were killed and two others injured in an October 29 grain elevator blast in Atchison, Kansas, that destroyed parts of a grain-distribution building, and a concrete silo. – Associated Press (See item 27)

27. October 31, Associated Press – (Kansas) Three more victims found after explosion at Kansas grain facility. The bodies of the final three victims of an October 29 grain elevator blast that killed six people and injured two others were recovered October 31 in Kansas, a company official said. Three victims were found during the weekend of October 29 and 30, but unstable concrete, hanging steel beams, and other damage had forced crews to temporarily call off their search at the Bartlett Grain Co. facility in Atchison. The explosion was a reminder of dangers workers face inside elevators brimming with combustible grain dust at the end of harvest season. The blast fired an orange fireball into the night sky, shot off a chunk of the grain distribution building directly above the elevator, and blew a large hole in the side of a concrete silo. The search for three people presumed dead — another worker and two grain inspectors — was temporarily halted October 30 because of fears the building could fall on rescuers. The Bartlett Grain president said in a statement that workers were loading a train with corn when the explosion occurred, but the cause of the explosion remained unclear. The company brought in a South Dakota-based engineer with expertise in such accidents to help federal safety investigators. Over the past four decades, there have more than 600 explosions at grain elevators, killing more than 250 people and injuring more than 1,000, according to the U.S. Occupational Safety and Health Administration. Source: http://www.foxnews.com/us/2011/10/29/grain-elevator-explodes-in-kansas/?test=latestnews


Banking and Finance Sector

13. October 31, Bloomberg – (National) Finra sanctioned by SEC for altering records before inspection. The U.S. Securities and Exchange Commission (SEC) October 27 ordered the Financial Industry Regulatory Authority (Finra) to improve its internal procedures after accusing a Finra employee of altering records before an SEC inspection. The director of Finra's Kansas City office caused the alteration of three records of staff meeting minutes in 2008 hours before producing them to SEC inspectors, making the documents inaccurate and incomplete, the SEC said in a statement. Finra, the industry-funded brokerage regulator, was ordered to hire a consultant and undertake steps to improve policies, procedures and training for inspections, the SEC said. Finra consented to the SEC order without admitting or denying wrongdoing, the SEC said. The production of altered documents cited in the order was the third instance in 8 years, the SEC said. Source: http://www.sfgate.com/cgi-bin/article.cgi?f=/g/a/2011/10/31/bloomberg_articlesLTQFQB6S972F.DTL

14. October 28, Associated Press – (New York) NYSE price mix-up causes headaches. A technical glitch caused New York Stock Exchange (NYSE) Euronext to release incorrect price information on more than 1,000 stocks and other securities October 27. The error resulted in some online sites showing closing prices for some securities that were actually based on trades that had occurred in electronic trading after markets had closed. The problem started at 7:27 p.m. October 27 when NYSE's Arca platform sent incorrectly coded share price information. An e-mail sent to traders on October 28 said the problem involved prices from aftermarket trades October 28 that were incorrectly coded as if they had happened during regular trading that day. The e-mail said the mix-up affected the closing price in some shares that trade on the NYSE as well as its Arca platform. The error affected some stocks, exchange-traded funds, and mutual funds that started with the letters A though T. Symbols starting with U through Z were not affected. A NYSE spokesman said more than 1,000 ticker symbols were affected. He said the mix-up was under investigation. Source: http://www.businessweek.com/ap/financialnews/D9QLICQO2.htm

15. October 28, WBTV 3 Charlotte – (North Carolina) Former Beazer Homes executive guilty of fraud, jury finds. The former chief accounting officer for Beazer Homes was convicted of fraud October 28. He was found guilty by a federal jury of seven crimes relating to a 7-year accounting fraud conspiracy at Beazer, according to a news release from the U.S. District Attorney's Office for the Western District of North Carolina. The charges arise from an ongoing government investigation involving Beazer and its employees that began in March 2007. Beazer accepted responsibility for the charges and, in a deferred prosecution agreement, agreed to pay restitution of $50 million.The chief accounting officer was convicted of directing an accounting fraud conspiracy to falsify reported profits at Beazer by lying to Beazer's auditors, fraudulently achieving earnings targets, falsifying Beazer's books and records, and deceiving the public by boosting and lowering earnings. According to the evidence at trial, he executed the conspiracy in two ways: Between 2005 and 2006, he entered into a hidden oral side agreement with another company through one of its employees, which was designed to allow Beazer to obtain cash and to improperly report revenue from purported "sales" of model homes. Between 2000 and 2007, he directed a scheme to commit securities fraud and create false books and records at Beazer by practicing "cookie jar accounting," which allowed the accounting officer and others to falsely report profits in Beazer's publicly reported financial statements. He was convicted of conspiracy to: commit securities fraud; make false and misleading statements to auditors and accountants; circumvent Beazer's internal accounting controls; falsify the books, records, and accounts. He was also convicted of engaging in a wire fraud conspiracy, and securities fraud upon Beazer investors in connection with the sale of Beazer's common stock. The jury also convicted him of two charges of obstruction of a federal grand jury investigation and a charge of destroying documents. Finally, the jury convicted the man of lying to hinder an investigation by the FBI and the U.S. attorney's office, by making numerous false statements to investigators on behalf of the Audit Committee of Beazer's Board of Directors. Source: http://www.wbtv.com/story/15901633/former-beazer-homes-executive

16. October 27, U.S. Commodity Futures Trading Commission – (North Carolina) North Carolina federal court orders Rodney W. Whitney, Nicholas T. Cox, and Integra Capital Management, LLC, to pay over $6.9 million for Ponzi scheme. The U.S. Commodity Futures Trading Commission (CFTC) October 27 announced it obtained federal court orders requiring two men and Integra Capital Management, LLC (Integra) to pay more than $6.9 million in restitution, disgorgement, and civil monetary penalties. The orders found they defrauded investors in a commodity pool Ponzi scheme involving commodity futures and off-exchange foreign currency transactions. The orders stem from a CFTC complaint filed in September 2010, charging the men and Integra with fraud and misappropriation in connection with the scheme. The orders require one of the men and Integra jointly and severally to pay restitution of $2,185,063, disgorgement of $1,198,316, and a civil monetary penalty of $3,594,948, and require the other man to pay restitution of $2,185,063, and a $2,185,063 civil monetary penalty. The orders provide for a dollar-for-dollar credit for the men and Integra for any restitution or civil monetary penalty payments paid by the other party. The orders also permanently prohibit the men and Integra from engaging in any commodity-related activity, including trading, and from registering or seeking exemption from registration with the CFTC. A judge found that, beginning in or about September 2006 and continuing through at least August 2009, the men and Integra violated the anti-fraud provisions of the Commodity Exchange Act by misrepresenting Integra’s trading performance and by misappropriating pool participants’ funds, among other violations. Source: http://www.cftc.gov/PressRoom/PressReleases/pr6130-11

17. October 27, U.S. Department of Treasury – (International) Treasury targets Sinaloa Cartel narcotics distribution network under the Kingpin Act. The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) October 27 announced the designation of a key Sinaloa Cartel lieutenant, his two brothers, and two companies located in Mexico pursuant to the Foreign Narcotics Kingpin Designation Act (Kingpin Act). The lieutenant controls a money laundering and narcotics distribution network based in Culiacan, Mexico, that is supplied by the Sinaloa Cartel leader and facilitates the importation of narcotics from Mexico into the U.S. with the assistance of his brothers. The leader and the Sinaloa Cartel were previously identified by the U.S. President as significant foreign narcotics traffickers pursuant to the Kingpin Act in 2002 and 2009. Treasury also designated Autos Mini, a car dealership in Ensenada, Baja California, and Autodromo Culiacan, an auto race track lin Culiacan, Sinaloa, owned by the lieutenant and his brother. As a result of the action, U.S. persons are prohibited from engaging in transactions with the designees, and any assets they may have under U.S. jurisdiction are frozen. Source: http://www.treasury.gov/press-center/press-releases/Pages/tg1341.aspx

For another story, see item 46 below in the Information Technology Sector

Information Technology Sector

45. October 31, Marketwire – (National) Symantec survey finds global critical infrastructure providers less aware and engaged in government programs. Symantec Corporation October 31 released the findings of its 2011 Critical Infrastructure Protection (CIP) Survey, which found a drop in awareness and engagement on a global basis as measured by the CIP Participation Index. Compared to 2010, companies surveyed this year show a CIP Participation Index of 82 percent in government protection programs, down 18 points from last year. Critical infrastructure providers come from industries that are of such importance that if their cyber networks were successfully attacked and disabled, it would result in an actual threat to national security. Source: http://www.marketwire.com/press-release/symantec-survey-finds-global-critical-infrastructure-providers-less-aware-engaged-government-nasdaq-symc-1579434.htm

46. October 29, Softpedia – (International) DevilRobber OS X malware mines for bitcoins while stealing your data. Certain torrents that should contain legitimate Mac OS X applications were found to serve a copy of OSX/Miner-D, a new piece of malware that eats up resources to take part in a Bitcoin mining pool. The threat, also known as DevilRobber, was spotted alongside a Mac image editing app made available on popular file-sharing services. The first clue that gives away the presence of the malware is the fact an infected system will start consuming a lot of resources without the user running large programs. That happens because the Trojan will steal most of the resources supplied by the computer's GPU to solve Bitcoin blocks. It is not uncommon for Bitcoin mining bots to use the GPU to fulfill their tasks, but it is the first time they have targeted Macs. Besides using the device as a mining unit, the malicious element will also take screenshots of the system to try to procure sensitive data one might type while surfing the web. To make sure nothing is left of the user's computing power, it also runs a script that copies data such as browser history and bash history to a text file. Source: http://news.softpedia.com/news/DevilRobber-OS-X-Malware-Mines-For-Bitcoins-While-Stealing-Your-Data-230960.shtml

47. October 28, threatpost.com – (National) New Tor release fixes de-anonymization attack. The Tor Project has released a new version of its client software to fix a serious vulnerability that allows an attacker to strip users of their anonymity on the network. The new version also includes many other security and privacy fixes. The attack that enables the anonymity stripping requires a specific set of conditions to be in place, and the new version of Tor removes two of those components from the equation, which is enough to prevent the attack. It relies on the fact user clients will reuse their TLS certificates when connecting to different Tor relays, which can enable an attacker to identify a specific user by his certificate. "The attack relies on four components: 1) Clients reuse their TLS cert when talking to different relays, so relays can recognize a user by the identity key in her cert. 2) An attacker who knows the client's identity key can probe each guard relay to see if that identity key is connected to that guard relay right now. 3) A variety of active attacks in the literature ... allow a malicious Web site to discover the guard relays that a Tor user visiting the website is using. 4) Clients typically pick three guards at random, so the set of guards for a given user could well be a unique fingerprint for her. This release fixes components #1 and #2, which is enough to block the attack; the other two remain as open research problems," a Tor Project's spokesman said in a message announcing version Source: http://threatpost.com/en_us/blogs/new-tor-release-fixes-de-anonymization-attack-102811

For another story see item 48 below in the Communications Sector

Communications Sector

48. October 31, Salisbury Post – (North Carolina) Fibrant working to restore phone service. Fibrant’s Internet and cable TV services were down for about 2 hours October 31 in Salisbury, North Carolina. Phone service was still out for some customers, but was expected to be restored by 12 p.m. About 1,200 customers were affected, the interim director for the city’s new fiber-optic utility said. Internet and TV services were restored by 9 a.m., and Fibrant staffers were manually resetting phone service for about 850 telephone customers one customer at a time. All three services went down at 7 a.m. due to a problem with one of Fibrant’s suppliers, the director said. He said he suspected the problem was with the supplier who provides the equipment that allows the network’s brain center, called the headend, to communicate with technology installed at each home. Source: http://www.salisburypost.com/News/103111-WEB-Fibrant-outage-this-morning-qcd

49. October 30, Middletown Times Herald-Record – (New York) Warwick dealing with telephone outages, power outages. As snow blanketed Warwick, New York, October 29, a land-line telephone outage prevented the town's emergency officials and residents to make and receive phone calls. The town supervisor said landlines across the town were down, and the primary carrier, WVT Communications, was searching for the problem. Town and emergency officials were communicating with Orange County Emergency Services and the 911 Center via radio, and Warwick Police officers were patrolling through neighborhoods keeping an eye out for people needing assistance, the supervisor said. Source: http://www.recordonline.com/apps/pbcs.dll/article?AID=/20111030/NEWS/111039996/-1/SITEMAP

50. October 29, Vacaville Reporter – (California) Cable outages keep Comcast crews busy. Several Vacaville Reporter readers reported a Comcast service outage in Vacaville, California, October 27 during the World Series broadcast. Though Comcast officials could not confirm the incident, they said that technicians were on the scene October 28 of an outage in the area of Nut Tree Road. An estimated 3,000 subscribers were affected when a lawn mower reportedly took out seven nodes on a Comcast line. Service to all customers was restored by 5:50 p.m. Source: http://www.thereporter.com/news/ci_19222055

No comments: