Tuesday, August 7, 2012 


Daily Report

Top Stories

 Federal transportation officials said two security breaches occurred at Newark Liberty International Airport in New Jersey, August 5. One led to a 3-hour shutdown of a terminal security checkpoint as authorities tried to find a passenger who was not fully screened before boarding a flight. – WNYW 5 New York

13. August 6, WNYW 5 New York – (New Jersey) Security breaches at Newark Airport. Transportation Security Administration (TSA) officials said United Airlines checkpoint operations at Terminal C at Newark Liberty International Airport in New Jersey were shut down August 5 after the TSA and local authorities tried to find a passenger that was not fully screened. The Terminal C shutdown threw vacation plans and flight connections into chaos. Law enforcement sources told WNYW 5 New York there was not just one close call — there were two, and both involved potential bomb making materials. The TSA said a woman who set off an alarm managed to get past a screening point and onto a flight to Cleveland without being checked for what caused the alarm. The TSA said it notified the Port Authority of New York and New Jersey police (Port Authority) after the incident. The Port Authority said every passenger had to be re-screened. United Airlines said after the 3-hour shutdown, flights resumed and they were able to accommodate most passengers. Source: http://www.myfoxny.com/story/19199785/security-breach-at-newark-airport

 Tens of thousands of fish have died in the Midwest as the hot summer dries up rivers and causes water temperatures to spike to nearly 100 degrees. – Associated Press

21. August 5, Associated Press – (National) Thousands of fish die as Midwest streams heat up. Thousands of fish have died in the Midwest as the hot, dry summer dries up rivers and causes water temperatures to climb in some spots to nearly 100 degrees, the Associated Press reported August 5. About 40,000 shovelnose sturgeon were killed in Iowa the week of July 30 as water temperatures reached 97 degrees. Nebraska fishery officials said they have seen thousands of dead sturgeon, catfish, carp, and other species in the Lower Platte River, including the endangered pallid sturgeon. And biologists in Illinois said the hot weather has killed tens of thousands of large- and smallmouth bass and channel catfish, and is threatening the population of the greater redhorse fish, a State-endangered species. So many fish died in one Illinois lake that the carcasses clogged an intake screen near a power plant, lowering water levels to the point that the station had to shut down one of its generators. The fish are victims of one of the driest and warmest summers in history. The federal U.S. Drought Monitor shows nearly two-thirds of the lower 48 States are experiencing some form of drought, and the Department of Agriculture has declared more than half of the nation’s counties — nearly 1,600 in 32 States — as natural disaster areas. Iowa Department of Natural Resource officials said the sturgeon found dead in the Des Moines River were worth nearly $10 million, a high value based in part on their highly sought eggs, which are used for caviar. Source: http://www.pekintimes.com/newsnow/x1253627187/Thousands-of-fish-die-as-Midwest-streams-heat-up

 Federal health officials reported an uptick in cases of a new strain of swine flu in humans. – CNN

31. August 4, CNN – (National) CDC: Increase seen in new swine flu strain. Health officials reported an uptick in cases of a new strain of swine flu in humans. The latest flu report published August 3 by the Centers for Disease Control and Prevention (CDC) stated 16 people have been infected with a new strain of an influenza A (H3N2) swine flu virus in the past 3 weeks, including 12 the week of July 23. Among those 12 newest cases, the CDC said 10 people were infected in Ohio; Indiana and Hawaii have reported one case each as well. So far 29 people have been infected with this new H3N2 strain. Nobody was hospitalized this year, and only three of the 12 cases in 2011 required hospitalization. Nobody has died from this new flu. Everyone diagnosed with the new strain in 2012 reported having contact with pigs. Most of the cases from 2011 also reported contact with pigs — often at county or State fairs. H3N2 flu viruses are common among pigs. They are a subgroup of influenza A viruses and are known to adapt in humans. What makes this new version of the H3N2 flu virus different is that it has picked up a gene from the novel H1N1 flu virus that became a pandemic 3 years ago. Source: http://edition.cnn.com/2012/08/03/health/swine-flu-cases/index.html

 A former U.S. Army veteran opened fire at a Sikh temple in Oak Creek, Wisconsin, killing six members, and critically wounding two other members and a police officer, before being killed by police. – Associated Press

47. August 6, Associated Press – (Wisconsin) Officials: Suspect in Sikh temple shooting led white supremacist bands. The man accused of opening fire at a Sikh temple in Oak Creek, Wisconsin, was a less-than-honorably discharged U.S. Army veteran who may have been a white supremacist, said officials August 6. The suspect was shot and killed by police August 5 after police said he killed six members of the temple’s congregation and seriously injured two others, as well as a police officer. During his 6 years in the Army, he was stationed in Texas and North Carolina in the psychological operations unit. Witnesses said the gunman fired at people in the parking lot, then moved into the temple. The suspect shot the first officer to respond eight or nine times at close range with a handgun. A second officer exchanged fire with the gunman, ultimately bringing him down. The injured congregants and police officer were in critical condition August 6. Source: http://www.kktv.com/home/headlines/Police-dispatcher-Shooting-at-Sikh-temple-in--165064206.html

 Several wildfires raging throughout Oklahoma destroyed dozens of homes and other buildings, and forced hundreds of evacuations August 5. – Associated Press
56. August 6, Associated Press – (Oklahoma) Oklahoma fires burn dozens of homes. Several wildfires raging throughout parched Oklahoma prompted more evacuations August 5 as emergency workers sought to shelter those forced out by flames that destroyed dozens of homes and threatened others in the drought-stricken region. One fire near Luther, about 25 miles northeast of Oklahoma City, destroyed nearly five dozen homes and other buildings before firefighters gained some control August 4. Authorities said several State roads remained closed August 5 because of drifting smoke or nearby fires. A communications supervisor with the Oklahoma State Highway Patrol said evacuations continued through August 6. The Luther fire was one of at least 10 burning August 4 in Oklahoma. The fires include a large one in Creek County that officials said claimed about 78 square miles, and another about 35 miles to the west in Payne County. Emergency management officials ordered residents of Mannford, in Creek County; Glencoe, in Payne County; Drumright, in Lincoln County; Oak Grove, in Pawnee County; and Quinton, in Pittsburg County, to leave their homes, according to an Oklahoma Department of Emergency Management spokeswoman. Authorities suspect the fire near Luther may have been intentionally set. The Oklahoma County sheriff’s department said it was looking for someone in a black pickup truck seen throwing newspapers out a window after setting them ablaze. A spokeswoman for the Red Cross reported about 50 people sought refuge at a shelter. Source: http://www.claimsjournal.com/news/southcentral/2012/08/06/211406.htm

Details

Banking and Finance Sector

8. August 6, Reuters – (International) Standard Chartered left U.S. vulnerable to terrorists. A rogue Standard Chartered Plc banking unit violated U.S. anti-money laundering laws by scheming with Iran to hide more than $250 billion of transactions, and may lose its license to operate in New York State, a State banking regulator said August 6. The superintendent of the State’s department of financial services said Standard Chartered Bank reaped hundreds of millions of dollars of fees by scheming with Iran’s government despite U.S. economic sanctions to hide roughly 60,000 transactions from 2001 to 2010. The superintendent said the unit of the London-based bank was “apparently aided” by its consultant Deloitte & Touche LLP, which hid details from regulators, despite being under supervision by the Federal Reserve Bank of New York and other regulators for other compliance failures. He also said that he was investigating “apparently similar” schemes to conduct business with other countries subject to U.S. sanctions, including Libya, Myanmar, and Sudan. Source: http://www.reuters.com/article/2012/08/06/us-standardchartered-iran-idUSBRE8750VM20120806?feedType=RSS&feedName=topNews&rpc=71

9. August 6, Minneapolis Star Tribune – (Minnesota) Serial robber strikes Mpls. bank — this time wearing rubber nose, sunglasses. Sporting a fake rubber nose and sunglasses, a nattily dressed gunman robbed a Minneapolis Guaranty Bank branch inside a Rainbow Foods store August 3 in what authorities said was at least his fifth bank holdup in recent months. He pointed a semiautomatic handgun at the teller, fled on foot with an undisclosed amount of cash, and remained at large. July 20, also around lunchtime on a Friday, the same man robbed a TCF Bank branch in a Cub Foods grocery store in Fridley. The FBI also suspects the man in bank robberies at banks in grocery stores in Plymouth, St. Louis Park, and Maple Grove. Four of the five have come on Fridays. The suspect’s clothing selection has varied from bank to bank but has been consistently dapper, said an FBI spokesman. Source: http://www.startribune.com/local/minneapolis/165125666.html

10. August 6, Detroit Free Press – (Michigan) Police: Five men have stolen $500K in Detroit area by skimming ATMs. Authorities said five men have stolen about $500,000 from banks and credit unions in metro Detroit by skimming ATMs. The Oakland County Sheriff’s Office released photos of the men August 6 and asked for public assistance to identify them. The first case was reported June 28, police said. The U.S. Secret Service is involved in the investigation, and officials said financial institutions in Commerce Township, West Bloomfield, Livonia, Ferndale, Westland, Novi, and Wixom suffered losses. Source: http://www.freep.com/article/20120806/NEWS05/120806044/Police-500K-stolen-Detroit-area-via-ATM-skimming

11. August 4, Associated Press – (Oregon; National) U.S. Bank ATMs back online after 2-hour power outage. U.S. Bancorp said service was restored at its 8,000 automatic teller machines across the Nation following a 2-hour outage August 4. The bank’s owner said a power failure in Oregon led to the ATM outages. A bank spokesman said the problems were sporadic and power was restored in geographic blocks over time. Not all of the bank’s 8,000 machines were down for the entire 2 hours. Source: http://www.google.com/hostednews/ap/article/ALeqM5jtdfloAMqwQPOZ4uubmYZsYvzSIQ?docId=fa86c68d64cc4aaba9b506fb344df5bc

12. August 3, Los Alamitos-Seal Beach Patch – (California) FBI: ‘Plain Jane’ bandit arrested. The so-called “Plain Jane Bandit” was arrested in Downey, California, August 2 in connection with eight bank heists in the Southland area over the span of 3 weeks, including a holdup at Chase bank in Cerritos. The suspect was taken into custody at her residence. In July, the FBI began releasing numerous bank surveillance images to the media in an effort to identify and locate the suspect. An FBI official said authorities were ultimately able to arrest the woman after receiving multiple tips from the public. Source: http://losalamitos.patch.com/articles/fbi-bank-robber-dubbed-plain-jane-bandit-arrested

Information Technology Sector

41. August 6, H Security – (International) NVIDIA closes hole in proprietary Unix driver. NVIDIA fixed the vulnerability in its proprietary graphics driver for Unix systems that was publicly disclosed by a Linux kernel and X.org developer several days ago, H Security reported August 6. It noted that NVIDIA apparently knew about the hole for a month. To close it, the company, released driver version 304.32, along with other drivers, which was deployed via NVIDIA’s knowledge base.

42. August 6, Softpedia – (International) Experts demonstrate security holes in Android with exploitation framework. XYSEC Labs security experts developed the Android Framework for Exploitation (AFE), an open source project meant to demonstrate the existence of security holes in the popular mobile operating system. According to the researchers, the framework can be easily used to create malware and botnets, find vulnerabilities, use exploits, gain access to apps, steal sensitive data, and execute arbitrary commands on infected devices. Recently, a wave of spam messages received by Android users caused commotion in the security community, with many professionals believing it was the first-ever Android botnet. That assumption proved false, but with AFE the experts want to demonstrate an Android botnet is possible. AFE’s botnet module includes options that allow the malicious element to remain hidden, the capability of re-launching itself in case of a crash, and an automatic startup feature on device boot. Source: http://news.softpedia.com/news/Experts-Demonstrate-Security-Holes-in-Android-with-Exploitation-Framework-285047.shtml

43. August 4, Softpedia – (International) Filter bypass vulnerability found in Kaspersky Password Manager. Vulnerability Lab security researchers identified a medium severity software filter and validation vulnerability that affects Kaspersky’s Password Manager 5.0.0.164 and older variants. According to the experts, the flaw allows a local attacker to inject malicious code during the exportation process of a database. If exploited successfully, the vulnerability can be leveraged for: persistently manipulating the application, phishing, the execution of malware, and stealing the victim’s passwords in clear text. All these operations require only medium interaction on the user’s side. The researchers also provide an example of an exploitation scenario where the attacker sends the victim a fake login page with a specific code in the URL’s parameters. This code calls an HTML or a JavaScript that responds to an URL with a chmod 777 command to exchange the file when processing local requests. The unsuspecting Kaspersky Password Manager customer saves the malicious login page to the application via the AutoFill plugin. Later, when the victim attempts to export the file in HTML format using the standard template, the malicious script is executed and the content of the file is sent back to the server owned by the attacker. For the time being, the issue remains unaddressed. As a solution that should be implemented by the vendor, the researchers recommend the use of XML special characters in item names in the exportation of content as an HTML file. Source: http://news.softpedia.com/news/Filter-Bypass-Vulnerability-Found-in-Kaspersky-Password-Manager-284969.shtml

44. August 3, Threatpost – (International) Volume of malware targeting Java CVE-2012-1723 flaw spikes. It has been nearly 2 months since Oracle patched the CVE-2012-1723 Java vulnerability, a serious remote pre-authentication flaw present in the Java Runtime Environment, Threatpost reported August 3. The first malware samples xploiting this vulnerability started appearing at the start of July, but they were intermittent. However, by the second week of July, the number of attacks on CVE-2012-1723 began to increase dramatically. Microsoft researchers compiled statistics that show the volume of malware targeting the Java flaw increased around July 10, and, surged and decreased in the interim, and it was still very high in early August. The vulnerability itself is in a JRE sub-component called Hotspot. Attackers who are able to exploit it will have the ability to execute arbitrary code on the target machine. Source: http://threatpost.com/en_us/blogs/volume-malware-targeting-java-cve-2012-1723-flaw-spikes-080312

45. August 3, V3.co.uk – (International) Microsoft releases Attack Surface Analyzer anti-malware tool. Microsoft’s Trustworthy Computing unit released the full version of its Attack Surface Analyzer, a service that explains how new applications impact Windows’ ability to repel malicious software. The tool is available as a free download and works by analyzing any new application installed on users’ PCs. Microsoft explained the checks the tool can perform include the analysis of changed or newly added files, registry keys, services, Microsoft ActiveX controls, listening ports, and other parameters that affect a computer’s attack surface. As well as helping IT departments, the tool is also designed to help application developers ensure their products do not affect computers’ cyber defenses. Source: http://www.v3.co.uk/v3-uk/news/2196589/microsoft-releases-attack-surface-analyzer-antimalware-tool

For more stories, see items 46 below in the Communications Sector
Communications Sector

46. August 3, Infosecurity – (National) Text spam bombards US cell phone users. More than two-thirds of cell phone owners that use text messaging have received text spam, with 25 percent receiving spam at least once a week, according to a survey by the Pew Research Center, Infosecurity reported August 3. In addition, 68 percent of cell phone users have received unwanted sales and marketing calls, with one-quarter receiving calls a few times a week or more frequently, according to the survey of 1,954 cell phone owners in the United States. Smartphone users reported higher incidents of text spam and unwanted sales calls. Source: http://www.infosecurity-magazine.com/view/27390/text-spam-bombards-us-cell-phone-users/

For another story, see item 42 above in the Information Technology Sector