Monday, August 6, 2012
Daily Report
Top Stories
• The Internal Revenue Service (IRS) may have
delivered more than $5 billion in refund checks to identity thieves who filed
fraudulent tax returns for 2011, Treasury Department investigators said August
2. – Associated Press See item 10
below in the Banking and Finance Sector
• One person was
killed and dozens of others were injured when a double-decker Megabus bound
from Chicago smashed into a concrete pillar of an overpass on Interstate 55
August 2, State police said. – Chicago Tribune
12.
August 2, Chicago Tribune – (Illinois)
Survivor of fatal Megabus crash ‘just wokup to screaming’. One person
was killed and dozens of others were injured when adouble-decker Megabus bound
from Chicago smashed into a concrete pillar of an overpass on Interstate 55
August 2, State police said. The bus, with about 64 passenlisted on the
manifest, apparently blew a tire and skidded into the center pillar near
Litchfield, Illinois, about 60 miles north of St. Louis, shutting down I-55 in
both directions between the Carlinville and Litchfield exits. As many as half
the people othe southbound bus were injured, according to a State Police
captain. Four to five ofinjured were trapped and had to be extricated,
including one who later died, he said.Thirty ambulances and five medical
helicopters responded. Source: http://articles.chicagotribune.com/2012-08-02/news/chi-megabus-from-chicago-crashes-into-i55-overpass-20120802_1_fatal-megabus-crash-southbound-bdouble-decker-bus
• Burch Equipment LLC
expanded their cantaloupe recall initiated July 28 due to the potential for the
fruit being contaminated with Listeria monocytogenes, the U.S. Food and Drug
Administration reported August 2. – U.S. Food and Drug Administration
19.
August 2, U.S. Food and Drug Administration –
(National) Burch Equipment LLC expands cantaloupe recall due to possible
health risk. Burch Equipment LLC, of North Carolina, expanded their
cantaloupe recall initiated July 28, the U.S. Food and Drug Administration
(FDA) reported August 2. The firm voluntarily recalled 13,888 cases of whole
Athena variety cantaloupes and 581 bins of Athena variety cantaloupes due to
the potential for being contaminated with Listeria monocytogenes. Melons
affected by this recall total 188,902. The whole Athena variety cantaloupes
were shipped between July 15-27 and distributed to retail stores operating in
Florida, Georgia, Illinois, Maryland, North Carolina, New Jersey, New York,
Pennsylvania, South Carolina, and Virginia. The FDA and the North Carolina
Department of Agriculture were working with Burch Equipment LLC following a
random sample of an Athena variety cantaloupe testing positive for Listeria
monocytogenes. The recall expansion was based on unsanitary conditions found at
the cantaloupe packing shed during FDA’s ongoing inspection that may allow for
contamination of cantaloupes with Listeria monocytogenes. Source: http://www.fda.gov/Safety/Recalls/ucm314213.htm
• Websense detected a
massive phishing campaign targeting AT&T customers, sending in-excess of
200,000 fake emails masquerading as billing information. – V3.co.uk See item 38 below in the Communications Sector
Details
Banking and Finance Sector
8. August
3, Bloomberg News – (National) Bristol-Myers insider arrest followed probe of
deal. A U.S. Securities and Exchange Commission (SEC) probe, prompted by suspicious
circumstances surrounding Gilead Sciences Inc.’s announcement that it was
buying Pharmasset Inc. for $11 billion, resulted in the arrest of a
Bristol-Myers Squibb Co. executive August 2. The man was charged with making
$311,361 in illegal profit by buying stock options in three pharmaceutical
companies targeted for acquisition. The SEC is continuing its probe, and the
Department of Justice also joined the investigation. The executive held
high-level jobs including executive director of pensions and savings
investments and assistant treasurer for capital markets. He helped the New
York-based drugmaker evaluate whether to buy targeted companies, according to
the FBI arrest complaint. As he conducted due diligence on pension and savings
plans of those companies, he bought options in all three based on insider
information. The chief of the SEC’s Market Abuse Unit said the SEC is concerned
about the ―apparent epidemic of insider trading involving the securities of
pharmaceutical and healthcare companies. Source: http://www.businessweek.com/news/2012-08-03/bristol-myers-insider-arrest-followed-probe-of-deal#p1
9. August
2, The Register – (National) New target for 419 fraudsters: Struggling ‘weak’
banks. Desperate banks have become the target for so-called 419 advance-fee
fraud scams, The Register reported August 2. Banks on the Federal Deposit
Insurance Corporation’s (FDIC) Problem Bank List have been targeted as they
might be prepared to take the risk because poor profits and earnings outlooks
that deter traditional investors, the Problem Bank List blog warned. The FDIC
issued an alert saying it became aware of individuals or purported investment
advisers approaching weak institutions in attempts to defraud them by claiming
access to funds for recapitalization. The scheme requires banks to pay fees in
advance, and, once paid, the parties involved failed to conduct due diligence
or actively pursue the proposed investment. Source: http://www.theregister.co.uk/2012/08/02/struggling_us_banks_warned_over_419_scams/
10. August
2, Associated Press – (National) IRS missing billions in ID theft. The Internal
Revenue Service (IRS) may have delivered more than $5 billion in refund checks
to identity thieves who filed fraudulent tax returns for 2011, Treasury Department
investigators said August 2. They estimated another $21 billion could make its
way to ID thieves’ pockets over the next 5 years. The IRS detected far fewer
fraudulent tax refund claims than actually occur, a government audit stated.
Although the IRS detected about 940,000 fraudulent returns for 2011 claiming
$6.5 billion in refunds, there were potentially another 1.5 million undetected
cases of thieves seeking refunds after assuming the identity of a dead person,
child, or someone else who normally would not file a tax return. Topping the
list of concerns was the IRS’s lack of timely access to third-party information
it needs to verify returns and root out fraud. Due to the gap between when
taxpayers can start filing returns and when employers and financial
institutions are required to submit withholding and income documents to
taxpayers, the IRS often issues refunds before it can confirm the information
on the returns. Of the 1.5 million undetected cases of potential fraud, 1.2
million used direct deposits. Source: http://www.boston.com/business/personal-finance/taxes/2012/08/02/irs-missing-billions-theft/vHJriJPNyuc1NuTANdzLHL/story.html
Information Technology Sector
33. August
3, Help Net Security – (International) Google Play updates developer policies to
tackle rogue apps. Unlike Apple, Google never instituted a vetting process
for the applications submitted to its Android app store, Google Play. Instead,
the company relies on Bouncer — an automated app scanning service that analyzes
apps by running them on Google’s cloud infrastructure and simulating how they
will run on an Android device — to catch and ban malicious apps and developers.
Recently, however, Bouncer has been unable to detect a number of bad apps. As a
result, Google announced it will tighten its app developer policies in an
effort to crack down on rogue and potentially malicious apps that proliferate
on Google Play. Source: http://www.net-security.org/secworld.php?id=13368&utm
34. August
2, The H – (International) Opera 12 update closes important security
holes. The first maintenance update to version 12 of the Opera Web browser
was released closing four important security holes. The first of these is rated
as critical by the company and affects all supported platforms. According to
Opera, certain URL constructs can cause its browser to allocate the incorrect
amount of memory for storing the address; this can be exploited by an attacker
to overwrite unrelated memory with malicious data, possibly leading to the
execution of arbitrary code. Opera 12.01 addresses two high-severity errors
that could lead to cross-site scripting (XSS) attacks when handling certain DOM
elements and HTML characters. A third high-risk problem fixed may result in
downloading and executing a malicious file; this is done by tricking a victim
into clicking a hidden dialog box or by entering a specific keyboard sequence.
Versions up to and including 12.0 are affected; upgrading to 12.01 corrects
these problems. Source: http://www.h-online.com/security/news/item/Opera-12-update-closes-important-security-holes-1659121.html
35. August
2, Dark Reading – (International) Scope of APTs more widespread than thought. A
researcher discovered some 200 different families of custom malware used to spy
and steal intellectual property, with hundreds of attackers in just two groups
out of Shanghai and Beijing, suggesting cyberespionage malware and activity is
far more prolific than imagined. The researcher, the director of malware
research at Dell Secureworks, also identified a private security firm located
in Asia — not in China — that is waging a targeted attack against another
country’s military operations, as well as spying on U.S. and European companies
and its own country’s journalists. He declined to provide details on the firm
or its country of origin, but confirmed it is based in a nation friendly with
the United States. The company has its own malware and is using spear-phishing
and backdoors in its cyberespionage operations. Source: http://www.darkreading.com/threat-intelligence/167901121/security/attacks-breaches/240004827/
36. August
2, SC Magazine UK – (International) Olympics hit by SEO poisoning, as black hat
hackers change tactics. Poisoning of Olympic-related search engine results
has appeared, but big names and events are not the obvious targets, according
to the director of product marketing EMEA at Blue Coat. Black hat hackers
changed their tactics to target lesser known athletes and celebrities and moved
away from big events. He told SC Magazine that while search engine optimization
(SEO) poisoning is still the primary vector for spreading malware, there has
been a move away from poisoning the results of big events to hitting more
mundane targets. Source: http://www.scmagazineuk.com/olympics-hit-by-seo-poisoining-as-black-hat-hackers-change-tactics/article/253088/
37. August
1, Dark Reading – (International) Hacking Oracle database indexes. One of
the world’s top database security researchers disclosed an Oracle database
security blind spot at Black Hat USA the week of July 23. He demonstrated how
manipulating code and permissions within Oracle indexes can lead to privilege
escalation. The highlight of the talk was what the researcher called a zero-day
vulnerability, but which some other security researchers believe may have been
discreetly patched by Oracle in its July 2012 quarterly Critical Path Update
for Oracle 11g revision 2 databases only. According to the chief technology
officer of Application Security Inc., the attack and vulnerability described in
the talk closely resembles many Oracle vulnerabilities found today. Source: http://www.darkreading.com/database-security/167901020/security/news/240004776/
Communications Sector
38.
August 3, V3.co.uk – (National) Massive
phishing scam hits AT&T customers. Websense detected a massive phishing
campaign targeting AT&T customers, sending in-excess of 200,000 fake emails
masquerading as billing information. The phishing emails, pretending to be from
the American communication services provider, were discovered by Websense
August 2. The fake emails look to scam consumers containing bogus claims that
they owe AT&T hundreds of dollars. The email also reportedly houses a
malicious link that lets the scams author’s infect victims’ machines. ―Clicking
on the link in the bogus message sends the user to a compromised web server
that redirects the browser to a Blackhole exploit kit. As a result, malware is
downloaded onto the computer that is currently not detected by most anti-virus products,
according to VirusTotal,‖ read Websense’s blog. Source: http://www.v3.co.uk/v3-uk/news/2196588/massive-phishing-scam-hits-at-t-customers
39.
August 2, Philadelphia Inquirer –
(National) Glitch in the nation’s new weather alert system. The nation’s
new weather alert system experienced an error August 2. The frightening ―Severe
alert! Flash flood warning‖ messages caught the attention of mobile-phone users
across the Philadelphia region. The issue was that most of the people who
received the warnings were in no danger whatsoever. Some of the areas warned
were far removed from the areas endangered. August 2, flood warnings were
issued for selected portions of Philadelphia, Bucks, Chester, and Montgomery
Counties in Pennsylvania. Beamed from cell towers, however, the alerts they
triggered lapped well beyond the targeted areas and into places unaffected by
local weather. A standard free feature on many mobile devices sold
approximately within the last year, the system began operation in April to
carry alerts for assorted natural and unnatural disasters. The weather-alert
piece came online in June. The alerts — for floods, tornadoes or hurricanes —
are announced by special ringtones or vibrations. August 2, mobile users were
told to ―check local media.‖ Source: http://articles.philly.com/2012-08-02/news/33001824_1_alert-system-flood-warnings-weather-alert