Friday, August 12, 2011

Complete DHS Daily Report for August 12, 2011

Daily Report

Top Stories

• Authorities rendered harmless and removed a possible explosive device consisting of black powder, propane, and a timer that was found on a gas line in Okemah, Oklahoma, August 10. – Bartlesville Radio (See item 2)

2. August 10, Bartlesville Radio – (Oklahoma) Possible bomb removed from gas pipeline. A possible explosive device found August 10 on a gas line in Okemah, Oklahoma, was rendered harmless and removed from the site. An FBI special agent said the FBI and Oklahoma Highway Patrol bomb technicians had recovered the device and determined there were no secondary devices at the scene. The agent said the device's contents would be taken to a laboratory and examined to see if they were active or inert. A law enforcement official told CNN the device was made up of black powder, propane, and a timing device. The official could not assess how effective the device may have been, or how much damage it might have caused. Source:

• St. Louis-based brokerage firm Stifel, Nicolaus & Co., and a former senior executive were charged with defrauding 5 Wisconsin school districts by selling them risky investments that resulted in $200 million in losses. – Reuters. See item 17 below in the Banking and Finance Sector


Banking and Finance Sector

12. August 11, Minneapolis/St. Paul Business Journal – (Minnesota) Edina mortgage broker pleads guilty to $20M scam. An Edina, Minnesota mortgage broker pleaded guilty August 10 to fraud involving $20 million and 57 properties, according to the U.S. attorney's office in Minneapolis. The 40-year-old man had been charged with one count of fraud July 22. He faces up to 20 years in prison. Government lawyers said the man conspired with others from 2004 to 2007 to obtain mortgage loan proceeds based on fake documents, and received about $200,000 in the scheme. Source:

13. August 10, Bloomberg News – (International) U.S. Treasury to freeze assets of Syrian bank. The U.S. Treasury Department said August 10 it will freeze the assets of the Commercial Bank of Syria; the Syrian Lebanese Commercial Bank, a subsidiary; and the mobile phone company Syriatel for supporting Syrian and North Korean weapons programs. “We are taking aim at the financial infrastructure that is helping provide support” to the Syrian president, the under secretary for terrorism and financial intelligence, said in a Treasury press statement. The United States is interested in tougher sanctions on the country, including possible action on oil and gas, a U.S. State Department spokeswoman said August 9. In the statement, Treasury said it sanctioned the Commercial Bank of Syria because it provided financial services to Syria’s Scientific Studies and Research Center and North Korea’s Tanchon Commercial Bank. The Syrian research center controls the country’s missile production facilities, and manages Syria’s development of unconventional weapons, according to the Treasury statement. Tanchon is the primary financial agent for the Korea Mining Development Corp., North Korea’s main arms dealer, the statement said. The bank also has had dealings with several Iranian banks that have been sanctioned by the United States. Syriatel is owned and run by a ”regime insider” who has contributed to the corruption of Syrian public officials, the Treasury Department said. Source:

14. August 10, KATC 3 Lafayette – (Louisiana) Suspicious substance on money at bank investigated by Haz-Mat. At 11:32 a.m. August 10, a Lafayette, Louisiana Haz-Mat team along with Louisiana State Police responded to Capitol One Bank at 213 W. Vermilion Street to a reported suspicious substance on money being deposited. Haz-mat teams evacuated the lobby of the bank. The hands of two employees with the bank were decontaminated as a precaution. They were sent to a local hospital for evaluation. Their conditions were unknown August 10. The 62nd Civil Support Team with the National Guard responded to assist in determining what the substance may have been. The Lafayette Police Department is assisting in interviewing the individual who dropped off the money. Both investigations are ongoing. Source:

15. August 10, WABC 7 New York – (New York) Wal-Mart and Citibank credit scam. Between Wal-Mart and Citibank alone, Nassau County, New York police said over $225,000 was lost at the hands of crafty thieves using stolen credit card information. Six suspects were arrested and charged with grand larceny in what Nassau County police said was a sophisticated theft ring. Investigators said credit card information was stolen from unsuspecting card holders in California, using a device called a skimming block. That information, investigators reveal, was then re-encoded to the magnetic strip on gift cards, where they say they were used at Wal-Mart to purchase electronics and other items. This resulted in a loss of more than $125,000 to Wal-Mart and more than $100,000 to Citibank. But what Wal-Mart security personnel first discovered, according to police, was four employees were also allegedly involved in the ring. All six are charged with multiple counts of grand larceny. Two of the men also face multiple counts of possessing a forged instrument. Source:

16. August 10, U.S. Department of Justice – (International) Brooklyn man pleads guilty to online identity theft involving more than $700,000 in reported fraud. A Brooklyn, New York man pleaded guilty August 10 in U.S.district court in Alexandria, Virginia, for his role in managing a credit card fraud operation that operated throughout the east coast of the United States, the Assistant Attorney General of the Justice Department’s Criminal Division and a U.S. attorney from the Eastern District of Virginia announced. The 26-year-old pleaded guilty to a two-count criminal information charging him with wire fraud and aggravated identity theft. He admitted to managing a scheme to purchase stolen credit card account information through the Internet from individuals believed to be in Russia. The man also admitted to distributing the purchased information to individuals in New York, New Jersey, and the Washington D.C. metropolitan areas so it could be used to make fraudulent purchases. In pleading guilty, he admitted to illegally possessing information from 2,341 stolen credit card accounts as well as equipment to put that data onto counterfeit credit cards. According to information presented in court, companies have reported to the government more than 4,400 fraudulent charges totaling $770,674 on accounts illegally possessed by the man. He also possessed 409 gift, debit, or credit cards used as part of the scheme, which had a total stored value of $42,688. He faces a maximum penalty of 20 years in prison and a fine of $1,541,349 on the wire fraud charge, and 2 years in prison and a $250,000 fine on the identity theft charge. Source:

17. August 10, Reuters – (Wisconsin) SEC charges Stifel with fraud in Wisconsin deals. The U.S. Securities and Exchange Commission (SEC) August 10 charged St. Louis-based brokerage firm Stifel, Nicolaus & Co. and a former senior executive with defrauding 5 Wisconsin school districts by selling them risky investments funded largely with borrowed money. The SEC said the firm, a unit of Stifel Financial Corp., and its former senior vice president (VP) created a proprietary program to help the districts fund retiree benefits by investing in notes linked to the performance of synthetic collateralized debt obligations (CDOs). The schools invested $200 million in three transactions from June to December 2006, paid for largely with borrowed funds. The investments were a "complete failure, but generated significant fees for Stifel and the VP," the SEC said in its complaint, filed in federal court in Milwaukee. According to the complaint, the five school districts are Kenosha Unified School District No. 1, Kimberly Area School District, School District of Waukesha, West Allis-West Milwaukee School District, and School District of Whitefish Bay. The SEC alleges Stifel and the former VP made sweeping assurances to the districts, telling them it would take "15 Enrons" — a catastrophic, overnight collapse — for the investments to fail. But they failed to disclose material facts, including that the portfolio in the first transaction performed poorly from the outset, and that credit rating agencies placed 10 percent of the portfolio on negative watch within 36 days of closing. The SEC alleges the heavy use of leverage and the structure of the synthetic CDOs exposed the school districts to a heightened risk of catastrophic loss. The investments steadily declined in value in 2007 and 2008 as the CDO portfolios suffered a series of downgrades. By 2010, the school districts learned the second and third investments were a complete loss, and that the lender had seized all of the trusts' assets. The school districts suffered a complete loss of their investment and suffered credit rating downgrades for failing to provide additional funds to the trusts they established. Source:

18. August 10, New York Times – (National) U.S. charges former executive of Marvell with fraud. Federal prosecutors announced charges August 10 against a former employee at the Marvell Technology Group, accusing him of participating in an insider trading scheme that funneled corporate secrets to hedge fund traders. He was charged with one count of conspiring to commit securities fraud. The former employee previously played a starring role at the insider-trading trial of a consultant with Primary Global Research (PGR). The PGR consultant, according to testimony from a former Nvidia employee, recruited the Nvidia and Marvell employees to join an “investment club.” The condition for admittance was simple; the corporate employees must leak inside information to the PGR consultant. They obliged her request, prosecutors said, turning over detailed earnings reports for Marvell and Nvidia ahead of public release. In turn, the PGR consultant shared secret stock tips with the men, according to a complaint unsealed August 10 in the U.S. District Court in Manhattan, New York. The scheme heated up during the summer of 2008, prosecutors said, when the PGR consultant sought advance word on Marvell’s quarterly earnings. The two talked a few days later, each on cellphones. About two minutes after the call, the PGR consultant contacted a hedge fund manager, selling inside information to him and a former trader at SAC Capital Advisors. The former SAC trader said the illegal stock tips earned him and his funds millions of dollars. The former Nvidia employee, has already pleaded guilty to one count of conspiracy to commit securities fraud and wire fraud. The Marvell employee was well-positioned to dole out corporate secrets, prosecutors said. As the reporting manager to the U.S. Securities and Exchange Commission (SEC), he was allowed to thumb through earnings reports before their release. Source:

Information Technology Sector

34. August 11, Help Net Security – (International) Multiple vulnerabilities in Symantec Endpoint Protection Manager. Multiple vulnerabilities have been discovered in Symantec Endpoint Protection Manager that can be exploited by malicious people to conduct cross-site scripting and request forgery attacks, according to Secunia. They include: Input appended to the URL after /console/apps/sepm is not properly sanitized before being returned to the user; Input passed via the "token" parameter to portal/Help.jsp is not properly sanitized before being returned to the user; The portal application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. The vulnerabilities are confirmed in version 11.0.6 Maintenance Patch 2 (11.0.6200.754). Other versions may also be affected. Source:

35. August 11, Softpedia – (International) Fix Windows 7 SP1 Intermittent Crashes. A fix from Microsoft Support is designed to resolve stop error message "0x0000007E" that causes Windows 7 and Windows Server 2008 R2 computers to crash intermittently. It appears Windows 7 Service Pack 1 (SP1) and Windows Server 2008 R2 SP1 can also crash intermittently. According to Microsoft, the full error message reads: “Stop 0x0000007E (parameter1, parameter2, parameter3, parameter4) - "SYSTEM_THREAD_EXCEPTION_NOT_HANDLED” Microsoft said the issue usually occurs on a file server, and does not occur when Server Message Block (SMB) Version 2 is disabled. "This issue occurs because of a race condition that is triggered when a NULL lease handle is accessed after the lease spinlock is released,” Microsoft noted. The company is not providing a manual workaround or an update. The plan is to integrate KB 2528614 hotfix into Service Pack 2 (SP2) for Windows 7 and Windows Server 2008 R2. Source:

36. August 10, Softpedia – (International) Critical updates available for Flash Media Server, Photoshop CS5 and RoboHelp. Adobe has released security updates for Flash Media Server, Photoshop CS5 and RoboHelp to address critical security vulnerabilities in the products. The flaw patched in Flash Media Server (FMS) can be exploited by an attacker to achieve a denial of service condition and prevent legitimate users from accessing content. A memory corruption vulnerability that can lead to arbitrary code execution was also addressed in Adobe Photoshop CS5 and CS5.1. It can be exploited by tricking victims into opening maliciously-crafted GIF files. Finally, a cross-site scripting (XSS) weakness was identified and patched in RoboHelp, Adobe's help authoring tool. The flaw (CVE-2011-2133) can be exploited by opening a specially-crafted URL. Patches have been released for RoboHelp 9 (versions and earlier), RoboHelp 8, RoboHelp Server 9 and RoboHelp Server 8 for Windows. Adobe has also released critical security updates for Flash Player and Shockwave Player that users are advised to install as soon as possible. Source:

Communications Sector

Nothing to report