Wednesday, March 28, 2012
Complete DHS Daily Report for March 28, 2012
Daily Report
Top Stories
• A freight train hauling hazardous materials derailed in rural Indiana, causing a tanker to burst into flames, prompting the evacuation of several nearby homes, and delaying two large passenger trains. – Associated Press
3. March 27, Associated Press – (Indiana) Freight train derails, catches fire in NE Indiana. A freight train hauling hazardous materials derailed in rural northeastern Indiana March 27, causing a tanker to burst into flames, and prompting the evacuation of several nearby homes. Twenty-two cars came off the rails near Ligonier. A tanker containing liquid sulphur caught fire and firefighters decided to let it burn because dousing it with water could wash the chemical into the Little Elkhart River, the Noble County sheriff said. The fire was still ablaze after more than 5 hours and it was not clear how long it would continue. A second tanker carrying the gasoline additive toluene was also derailed. Forty-three of the train’s 59 freight cars were loaded, said a Norfolk Southern spokesman. Crews used heavy trucks to lift the derailed cars back onto the track. The sheriff said he did not believe chemicals were reaching the river because they were flowing into stagnant water. He said four cars were leaking chemicals, but officials did not believe they were toxic. A spokeswoman for the Indiana Department of Environmental Management said the area around the track is a wetland that feeds into the Little Elkhart, but said they did not see any impact on aquatic life or waterfowl. She said authorities evacuated residents within a half-mile area. The sheriff said about six homes were evacuated. The Agency for Toxic Substances and Disease Registry Web site said exposure to high levels of the two chemicals that spilled from the derailed cars could cause serious injury or death. More than 300 Amtrak passengers traveling on 2 trains to Chicago were stranded for 3 hours in Ohio as the derailment closed the tracks along the way. Source: http://www.bnd.com/2012/03/27/2117177/ind-train-derailment-strands-amtrak.html
• Web sites that offer consumers a chance to see their credit reports are being used by hackers to steal information, according to Internet security researchers. – MSNBC See item 18 below in the Banking and Finance Sector.
• Federal safety regulators are investigating 4,000 buses made over the past 20 years after equipment failures led to crashes that killed 2 people and injured 50 others. – Associated Press
21. March 26, Associated Press – (National; International) Feds probe bus defect that may have caused crashes. Federal safety regulators have begun investigating buses made by Motor Coach Industries Inc. over the past 20 years because the drive shafts can fall out and cause drivers to lose control. The problem has led to two crashes that killed 2 people and injured 50 others, said documents filed March 26 on the National Highway Traffic Safety Administration’s (NHTSA) Web site. The probe covers about 4,000 MCI D-Series buses with a steerable rear axle made from 1992 until 2012. Schaumburg, Illinois-based MCI said on its Web site it is the leading maker of intercity buses in the United States and Canada. The probe stems from a complaint filed with the NHTSA by transportation company FirstGroup America, parent of Greyhound bus lines. The company said several drive shafts failed on MCI buses starting March 2010, and the shafts were not held up by safety loops that are supposed to keep them in place. In two cases, drivers lost control, causing multiple injuries and fatalities, the complaint said. Source: http://www.businessweek.com/ap/2012-03/D9TOCOHO1.htm
• Information technology supply chains of federal agencies that deal with national security data and programs are vulnerable to malicious or counterfeit software, a new U.S. government report said. – Nextgov
41. March 23, Nextgov – (National) Malicious code in the IT supply chain threatens federal operations. Agencies that deal with national security data and programs must do more to secure their information technology supply chains, said a report released by the Government Accountability Office (GAO) March 23. Federal agencies are not required to track “the extent to which their telecommunications networks contain foreign-developed equipment, software or services,” the report said, and they typically are aware only of the IT vendors nearest to them on the chain, not the numerous vendors downstream. That has left IT systems at the Energy, Homeland Security, and Justice departments more vulnerable to malicious or counterfeit software installed by other nations’ intelligence agencies or by non-state actors and hackers. U.S. enemies could use the software to secretly pull data from government systems, erase or alter information on those systems, or even take control of them remotely. The Justice Department has identified measures to protect its supply chain, but has not developed procedures to implement those measures, the report said. Energy and Homeland Security have not identified measures to protect their supply chains at all, according to the GAO. It also examined the Defense Department, which it said had designed and effectively implemented a supply chain risk management program. Defense has reduced its supply chain risk through a series of pilot programs and expects to have “full operational capability for supply chain risk management” by 2016, the report said. The U.S. Computer Emergency Readiness Team inside the DHS found about one-fourth of roughly 43,000 agency-reported security incidents during fiscal 2011 involved malicious code that could have been installed somewhere along the supply chain, the GAO said. The report recommended that Energy and Homeland Security officials develop and implement firm procedures to protect against supply chain threats. The departments largely agreed with the GAO’s assessments, the report said. Source: http://www.nextgov.com/nextgov/ng_20120323_1655.php
• Fire management officials battled an uncontrolled wildfire in Jefferson County, Colorado, that killed 2 people, scorched more than 4,500 acres, and burned 16 structures. – Denver Post (See item 52)
52. March 27, Denver Post – (Colorado) Colorado wildfire: New spot blaze prompts warnings to 6,500 homes. Authorities have sent out a pre-evacuation notice to 6,500 homes after a spot fire flared up one mile northwest of Waterton Canyon in Colorado, March 27. The homes are just north of the uncontrolled Lower North Fork Fire in Jefferson County where 4,500 acres have burned and two people have died. Several helicopters and tankers were being flown in to Jefferson County to drop water and flame retardant on the wildfire. Investigators said a second person was found dead within the Lower North Fork Fire zone, and they were searching for a third person unaccounted for in the same area. The Jefferson County Sheriff’s Office said the fire has burned 16 structures. Fire crews were bracing for a wind-swept day with winds expected up to 45 mph. About 900 telephone notifications telling residents to evacuate their homes were made March 26. Most of the homes destroyed were in the northeast section of the fire. About 25 evacuees stayed at a shelter at Conifer High School, March 26. Some chose to spend the night in their vehicles, in the parking lot to be with their pets. The Federal Emergency Management Agency has authorized the use of federal funds to help with firefighting costs, a spokesman said. Source: http://www.denverpost.com/breakingnews/ci_20264330/colorado-wildfire-no-containment-lower-north-fork-fire
Details
Banking and Finance Sector
12. March 27, San Antonio Express-News – (Texas; California; International) Bogus plastic used at high-end stores. Fraudsters dressed like tourists have been shopping at high-end stores on San Antonio’s northwest side, buying iPods, iPhones, computers, and designer clothes, among other luxuries, according to authorities, the San Antonio Express-News reported March 27. Agents with a U.S. Secret Service-led task force have arrested 3 men from Mexico’s capital who possessed more than 200 fake credit cards. Court records show they had been in San Antonio a few times before, making similar weekend trips for products they could sell back home. The men were indicted the week of March 19 on credit card fraud charges carrying penalties of up to 20 years. The case came to a head in February when U.S. Customs and Border Protection, helped by the South Texas Regional Task Force, tracked packages delivered to San Antonio from Mexico, with two of the suspects as the recipients. The agents found one suspect with 99 fake credit cards, a second with 52, and the third with 56, the indictment said. A criminal complaint said one suspect admitted he had made four trips to make fraudulent purchases, while another admitted he traveled to San Diego twice and to San Antonio three times for fake card sprees. The men told investigators they bought the fake cards in Mexico. The special agent in charge of the Secret Service in San Antonio said whoever made the cards encoded them with stolen numbers. Source: http://www.mysanantonio.com/news/local_news/article/More-than-200-fake-credit-cards-seized-3435962.php
13. March 27, U.S. Department of the Treasury – (International) Treasury targets Iranian arms shipments. The U.S. Department of the Treasury March 27 announced the designation of an Iranian cargo airline, Yas Air; Behineh Trading; three Iranian Islamic Revolutionary Guard Corps-Qods Force (IRGC-QF) officials; and one Nigerian shipping agent – all pursuant to Executive Order 13224 for acting for, on behalf of, or providing support to, the IRGC-QF, a designated terrorist entity. The airline, the trading company, and the IRGC-QF officials were involved, respectively, in shipments of weapons to the Levant and Africa, further demonstrating Iran’s determination to evade international sanctions. Based in Tehran, Yas Air is an Iranian cargo airline that acts for or on behalf of the IRGC-QF to transport illicit cargo – including weapons – to Iran’s clients in the Levant. Yas Air has moved IRGC-QF personnel and weapons under the cover of humanitarian aid. Behineh Trading and the Nigerian agent were involved in a weapons shipment seized in Nigeria in late October 2010. This weapons shipment – orchestrated by the IRGC-QF and intended for The Gambia – is part of a larger pattern of Iranian lethal aid shipments to clients in Africa and around the world. Source: http://www.treasury.gov/press-center/press-releases/Pages/tg1506.aspx
14. March 26, Dow Jones Newswires – (National) JP Morgan Chase says banking Web site issues resolved. J.P.Morgan Chase & Co. said its consumer banking Web site experienced technical difficulties March 26 that slowed online banking for several hours, and intermittently made access to the site unavailable, including through mobile devices. However, the bank said the issues had been resolved by the early afternoon. At issue was a glitch related to an upgrade made over the weekend of March 24, a spokesman said. The bank sent a social media alert via Twitter at around 10 a.m. saying it was “working to restore access ASAP & will keep you updated.” Online services continued to be spotty until about 1 p.m. Technology in Chase bank branches was not impacted. Source: http://www.foxbusiness.com/news/2012/03/26/jp-morgan-chase-says-banking-website-issues-resolved/
15. March 26, FBI – (Missouri) Car dealership owner pleads guilty to multi-million-dollar bank fraud conspiracy. A U.S. attorney has announced that the owner of several used car dealerships in the Kansas City, Missouri metropolitan area pleaded guilty in federal court March 26 to his role in a bank fraud conspiracy that resulted in losses of millions of dollars by several financial institutions. Between May 2000 and February 2009, the man operated several used car dealerships including Better Than New Automobiles LLC, On Time Auto, and Hart Family Motors. He and others obtained loans and lines of credit from various financial institutions in connection with vehicles. He admitted he provided false and fraudulent financial data to obtain loans and lines of credit. He also admitted he obtained multiple loans in which the same vehicle was pledged as collateral. He also said he and his wife borrowed more than $1 million from First Missouri National Bank between November 15, 2006 and March 26, 2008. They provided copies of their 2004 and 2005 income tax returns to the bank. However, the plea agreement said they did not actually file those returns until 2009. The filed returns were materially different from those submitted to the bank in support of their loan application, claiming a much lower adjusted gross income. The government believes the loss attributed to the man is between $2.5 million and $7 million. Source: http://www.loansafe.org/car-dealership-owner-pleads-guilty-to-multi-million-dollar-bank-fraud-conspiracy
16. March 26, Associated Press – (New York; International) Guilty plea entered in NY online poker case. One of two men nearing trial in a case that shut down U.S. operations for three Internet poker companies has admitted he conspired with others to deceive U.S. financial institutions so they would process hundreds of millions of dollars in gaming transactions. The defendant entered his guilty plea March 26 in a U.S. district court in Manhattan to a count of conspiracy to commit bank fraud and to operate illegal gambling businesses. A plea deal reached between prosecutors and the defendant recommends a sentence of 6 months to a year in prison. He also agreed to forfeit $500,000 along with his interest in more than $25 million held in payment-processing accounts in the United States and abroad. Prosecutors have sought $3 billion in money laundering penalties and forfeiture after targeting three companies based overseas: PokerStars, Full Tilt Poker, and Absolute Poker. The defendant admitted serving as a payment processor for all three companies at various times from 2008 through early 2011. The government said he and others created phony corporations and Web sites to disguise payments to the poker companies. Source: http://www.businessweek.com/ap/2012-03/D9TOGQO80.htm
17. March 26, KGTV 10 San Diego – (California) Woman says she stole from ATMs after cartel threat. A couple is facing at least 4 years in prison for allegedly stealing $150,000 from a Chula Vista, California bank. Local prosecutors said the scheme had the woman stealing money from automated teller machines at the Chase Bank where she was the lead teller. It was her responsibility to stock the machines with money. According to a search warrant, the woman stole upwards of $150,000 from three ATMs at the bank during a 4-month stretch in 2010. In November 2010, an audit was done incorrectly on one of those machines. An investigation revealed the woman was allegedly overstocking the ATMs and skimming off the top. The search warrant said she admitted taking $150,000 from the machines, but she and her husband said they did it to protect their daughter. The search warrant said: “[They] claimed they had been approached by a male who identified himself as a member of a Mexican drug cartel. The male threatened to kidnap [their] 14-year-old daughter unless they paid the cartel $150,000.” Each member of the couple is facing multiple felonies including grand theft and conspiracy. Source: http://www.10news.com/news/30766716/detail.html
18. March 26, MSNBC – (International) Hackers turn credit report websites against consumers. The most important tool consumers have to fight against identity theft has been turned against them by hackers, MSNBC reported March 26. Web sites that offer consumers a chance to see credit reports are being brazenly used by hackers to steal information. The prices of the reports rise and fall depending on the credit score of the victim. For consumers with credit scores in the 750s, report data might fetch $80; reports from victims with scores in the low 600s sell for about half that, according to “for sale” pages viewed by MSNBC. The most troubling part of these markets however –- many hosted in the .su domain, which stands for the now-defunct Soviet Union –- is the ready availability of credit reports and the hackers’ bragging about how easy it is to infiltrate Web sites such as AnnualCreditReport.com or CreditReport.com. Criminals with stolen credit cards can obtain background reports, credit reports, and ultimately open new accounts using the data, a researcher with Internet security firm CloudEyez.com said. In one how-to posted on a bulletin board, a hacker describes one brute-force attack used to gain access to credit report Web sites. Most sites are protected by “challenge” questions such as, “Which bank holds the mortgage on your home?” But there us a critical flaw, the hacker said: “Normally all ... of them will ask you the same question,” the hacker wrote. Because the sites use the multiple choice format, it is easy to use the process of elimination and determine the correct answers, he claims. Source: http://redtape.msnbc.msn.com/_news/2012/03/26/10875023-exclusive-hackers-turn-credit-report-websites-against-consumers
Information Technology
43. March 27, V3.co.uk – (International) LulzSec hackers return to target CSS Corp and military dating sites. Hacker group LulzSecReborn targeted CSS Corp and Military Singles’ sites, publishing data reportedly taken in the cyber raid online. The hackers claim to have obtained the e-mail details for all staff at IT services firm CSS Corp, and published some details online. Prior to the attack March 25, LulzSecReborn published what it claims are the names, usernames, passwords, and e-mails of 170,937 accounts on MilitarySingles.com. The group has since suggested it still has access to the two sites’ networks and could delete CSS’s information at will. LulzSecReborn said it is not affiliated with the original LulzSec group and has no knowledge regarding the authenticity of LulzSec’s rumored April 1 return. Source: http://www.v3.co.uk/v3-uk/news/2163902/lulzsec-hackers-return-target-css-corp-military-dating-sites
44. March 26, Dark Reading – (International) FTP ubiquitous and dangerously noncompliant. FTP servers might be easy to provision and a convenient means for users to share information across corporate boundaries, but the way most organizations use the protocol introduces unnecessarily high levels of security and compliance risks to organizations. Despite the risks, a new survey shows that more than half of enterprises still depend on insecure and non-compliant FTP connections to collaborate with business partners and customers. Not only do insecure FTP deployments make organizations more prone to detection by regulatory auditors, but as several high-profile incidents over the last year demonstrated, they are very likely to expose sensitive information stores. Source: http://www.darkreading.com/compliance/167901112/security/news/232700273/
45. March 25, ZDNet – (International) Study: More than 50% of Global 500 use vulnerable open source components. According to a joint research report issued March 25 by Sonatype and Aspect Security, more than 50 percent of the world’s largest corporations have open source applications with security vulnerabilities. That is because more than 80 percent of software applications built in-house by enterprise developers incorporate open source components and frameworks that may be vulnerable. The report — based on a survey of 2,550 developers, architects and analysts — maintains that the widely held view that open source software is consistently high quality “overlooks ecosystem flaws,” chiefly the lack of a notification system alerting developers about vulnerabilities and new versions with fixes. Source: http://www.zdnet.com/blog/open-source/study-more-than-50-of-global-500-use-vulnerable-open-source-components/10660
For more stories, see items 14, 16 and 18 above in the Banking and Finance Sector and 41 above in the Top Stories
Communications Sector
46. March 26, WBNG 12 Binghamton – (New York) Phone service interruptions for Southern Tier. TW Telecom said March 26 its crews were out trying to fix a damaged line that left customers in the Oneonta, Johnson City, and Norwich, New York areas without landline phone service. The company said the outage was impacting some of its TW Telecom customers, primarily business customers. TW Telecom said it was not sure where, but somehow a fiber line was cut in the region. Most service was restored through rerouting calls. Emergency service providers and hospitals were attended to first. Source: http://www.wbng.com/news/local/Phone-Service-Interruptions-for-Southern-Tier-144230945.html
47. March 26, Taos News – (New Mexico) Major cell phone and internet failure reported in Taos County. At 6:50 p.m. March 24 cell phones all over Taos, New Mexico, suddenly went dead. Then, reports started coming in that Internet services also were down. Land line telephones, however, appeared to not be affected. According to a recorded message at TaosNet, a local Internet service provider, the incident was termed a “major circuit outage ... affecting all circuits out of Taos.” According to a TaosNet spokesman, the outage was due to a CenturyLink cable that was severed 17 miles east of Taos. It is not known at this time what caused the line to be cut. Taos police dispatch said March 24 that calls started pouring in sometime after 7 p.m. from concerned citizens unable to use their cell services. Some of their own services were being routed through Red River. The TaosNet spokesman said CenturyLink was working to have the line fixed by March 25. Source: http://www.taosnews.com/news/article_a8bc36ee-769e-11e1-8243-0019bb2963f4.html
No comments:
Post a Comment