Thursday, August 23, 2012 


Daily Report

Top Stories

• Low water levels that are restricting shipping traffic, forcing harbor closures, and causing barges to run aground on the Mississippi River are expected to continue into October, federal officials said. – Associated Press

15. August 21, Associated Press – (National) Corps: Low Miss. River levels to persist into fall. Low water levels that are restricting shipping traffic, forcing harbor closures, and causing barges to run aground on the economically vital Mississippi River are expected to continue into October, U.S. Army Corps of Engineers officials said August 21. Meanwhile, more than 100 tow boats and barges remained backed up near Greenville, Mississippi, due to the low river. The U.S. Coast Guard opened an 11-mile stretch of river that had been closed near Greenville, replacing it with a 5-mile zone where only lighter vessels can pass. Speaking at a meeting of Corps officials, water control managers, and business people in Memphis, a major general said that five harbors — in Tennessee, Missouri, Arkansas, and Mississippi — were closed, and several others have limited access due to low water levels along the nation’s most important inland waterway. The commander of the Corps’ Mississippi Valley Division said that the Corps plans to dredge those harbors as soon as it can to allow tow boats and barges to enter and get close enough to docks to unload their materials. Farms and other businesses rely on materials such as grain, feed, and fuel that usually arrive by barge to smaller harbors. The Corps continues to dredge the river’s navigation channel, making sure it is deep enough to allow barges to pass safely. Source: http://www.ktul.com/story/19334610/corps-low-miss-river-levels-to-persist-into-fall

• A tropical storm pounded the Caribbean, closing schools and government offices, and hampering air and sea travel in Puerto Rico. It is on a track to hit Florida in several days, the same time as the Republican National Convention in Tampa. – Associated Press

29. August 22, Associated Press – (Florida; Puerto Rico) Tropical Storm Isaac getting better organized. Leaders across much of the Caribbean closed schools and government offices August 22 and urged people to stay at home as Tropical Storm Isaac swept toward the region, threatening to soon become a hurricane and perhaps eventually to menace Florida. With maximum sustained winds of 45 mph, Isaac was moving west and expected to become a hurricane by August 23, according to the U.S. National Hurricane Center. In Puerto Rico, the governor declared a state of emergency and activated the National Guard. He also canceled classes and closed government agencies August 22. The U.S. Coast Guard ordered all commercial vessels bigger than 200 gross tons to leave the port or obtain permission to remain in port. American Eagle has already canceled all its flights, according to the CEO of the island’s Air & Seaport Authority. The fast ferry that runs to Guadeloupe and Martinique also will temporarily suspend service, he said. Isaac also poses a possible threat to Florida during the Republican National Convention in Tampa, which is scheduled to take place August 27-30. Source: http://www.usatoday.com/weather/storms/story/2012-08-22/tropical-storm-isaac-caribbean-florida/57206322/1

 • The Windows version of Crisis, a trojan discovered targeting in Mac OS X systems in July, is capable of infecting VMware virtual machine images, Windows Mobile devices, and removable USB drives, researchers found. – IDG News Service See item 37 below in the Information Technology Sector

• The U.S. government is looking into claims by a cybersecurity researcher that flaws in software for specialized networking equipment from Siemens could enable hackers to attack power plants and other critical systems. – Reuters See item 38 below in the Information Technology Sector

• Fire officials said 50 buildings were destroyed in northern California’s Ponderosa Fire, one of about three dozen fires burning in 10 western States. – NBC News; Associated Press; Reuters

44. August 22, NBC News; Associated Press; Reuters – (California; West) Northern California wildfire destroys 50 buildings. Fire officials said dozens of buildings were destroyed in northern California’s Ponderosa Fire, the Associated Press reported August 22. A State fire spokesman said fire crews assessing the rural area outside the community of Manton determined August 21 that 50 buildings had been destroyed. More than 2,100 firefighters were attempting to gain control of the blaze, sparked the weekend of August 18 by lightning strikes. The number of threatened homes was reduced late August 21 to 200, according to the Redding Record Searchlight, while evacuations were still in effect for communities in Manton, Shingletown, and Viola. By late August 21, the fire had burned more than 24,000 acres, the Record Searchlight reported, but was 50 percent contained. It was just one of three dozen dangerous fires currently burning across 10 western States. A fire in the Plumas National Forest was 37 percent contained and threatened about 900 homes. It has engulfed 98 square miles since it began July 29. The evacuated town of Featherville, Idaho, also remained under threat from the Trinity Ridge Fire that has claimed almost 148 square miles in the central part of Idaho, according to the Idaho Statesman. In Washington, dozens of homes fell victim to the Taylor Bridge Wildfire raging near Cle Elum. The fire has charred about 36 square miles of timber, sagebrush, and grass in rural land since it began the week of August 13 at a bridge construction project. In the 2012 wildfire season, fires have consumed more than 6.9 million acres in the United States, according to the National Interagency Fire Center. Source: http://usnews.nbcnews.com/_news/2012/08/21/13394413-northern-california-wildfire-destroys-50-buildings?lite

Details

Banking and Finance Sector

10. August 21, KING 5 Seattle – (Washington) Four police departments join forces to find ‘Duct Tape Bandit’. A bank robber that robbed four banks in less than 3 months in Washington prompted the Edmonds, Poulsbo, Redmond, and Stanwood Police Departments to collaborate in seeking out the ―Duct Tape Bandit‖, KING 5 Seattle reported August 21. The suspect robbed a Whidbey Island Bank in Stanwood May 24; a Key Bank in Poulsbo June 7; a Wells Fargo bank in Edmonds June 20; and a First Citizens Bank in Redmond August 8. In all four robberies, the suspect displayed a handgun and demanded money that he put into a white cloth bag. He assaulted a customer and employee in Stanwood. The suspect had black tape over his nose during the robberies. Source: http://www.king5.com/news/8000-reward-offered-in-Western-Washington-Duct-Tape-Bandit-case-166963866.html

11. August 21, U.S. Securities and Exchange Commission – (Puerto Rico; National) SEC brings charges in Puerto Rico-based Ponzi scheme targeting evangelical Christians and factory workers. The Securities and Exchange Commission (SEC) August 21 charged a Puerto Rico resident and his company with conducting a Ponzi scheme that targeted evangelical Christians and factory workers in Puerto Rico. The SEC alleges that the man and his firm Shadai Yire raised at least $7 million from as many as 200 investors living primarily in Puerto Rico but also in Florida, New York, and North Carolina. The man actively solicited investors through personal discussions with individuals, marketed the investment opportunity in presentations to evangelical Christian groups and factory workers, and hired sales agents to solicit investors. He falsely assured investors their principal contributions were ―100 percent guaranteed‖ and promised returns up to 50 percent, telling them he would invest their money in commodities. But he never actually invested any money and instead used new contributions to repay earlier investors. He stole $700,000 for himself. In a parallel action, the U.S. Attorney’s Office for the District of Puerto Rico announced criminal charges against him. According to the SEC’s complaint, the man and Shadai Yire conducted the scheme from at least August 2005 to February 2009. The man and his company have never been registered with the SEC to offer securities. Source: http://sec.gov/news/press/2012/2012-161.htm

12. August 21, Associated Press – (New York) PA mother, son admit $14M NY credit union fraud. A mother and son from Pennsylvania admitted that they ran an elaborate scam to get $14 million in bogus loans from a New York teacher’s credit union, the Associated Press reported August 21. The U.S. Attorney for the Northern District in New York said that the two pleaded guilty to felony bank fraud. Between July 2009 and February 2011 they created phony documents, forged signatures, and invented fictitious people to get 10 loans from the Broom County Teacher’s Federal Credit Union. They used the money to finance a construction business, buy vehicles, remodel a house, and pay other expenses. Source: http://online.wsj.com/article/AP83b35c06f58d41c58a07792bf2f9ec70.html

Information Technology Sector

36. August 22, The H – (International) Adobe Flash Player update patches six critical holes. Adobe released the second update for its Flash Player software in a week, this time for six critical vulnerabilities. Four of the issues addressed are problems with memory corruption that could lead to remote code execution; additionally, the update fixes an integer overflow vulnerability that could also lead to remote code execution. Another fixed bug is a cross-domain information leak. The problems exist in Flash Player 11.3.300.271 and earlier versions on Windows, Macintosh, and Linux, and in the Android versions 11.1.115.11 (Android 4.0) and 11.1.111.10 (Android 3.x and 2.x) and earlier. All six vulnerabilities were rated critical by Adobe. The company’s security bulletin does not contain any detailed information about the flaws. Users are advised to update their version of Flash as soon as possible. Source: http://www.h-online.com/security/news/item/Adobe-Flash-Player-update-patches-six-critical-holes-1672359.html

37. August 21, IDG News Service – (International) Crisis malware infects VMware virtual machines, researchers say. The Windows version of Crisis, a piece of malware discovered in July, is capable of infecting VMware virtual machine images, Windows Mobile devices, and removable USB drives, according to researchers from antivirus vendor Symantec. Crisis is a computer trojan program that targets Mac OS and Windows users. The malware was discovered by antivirus vendor Intego July 24 and can record Skype conversations, capture traffic from instant messaging programs like Adium and Microsoft Messenger for Mac, and track Web sites visited in Firefox or Safari. Crisis is distributed via social engineering attacks that trick users into running a malicious Java applet. The applet identifies the user’s OS — Windows or Mac OS X — and executes the corresponding installer. Source: http://www.computerworld.com/s/article/9230457/Crisis_malware_infects_VMware_virtual_machines_researchers_say

38. August 21, Reuters – (International) U.S. looks into claims of security flaw in Siemens gear. The U.S. government is looking into claims by a cybersecurity researcher that flaws in software for specialized networking equipment from Siemens could enable hackers to attack power plants and other critical systems. The researcher, an expert in securing industrial control systems, disclosed at a conference in Los Angeles August 17 that he discovered a way to spy on traffic moving through networking equipment manufactured by Siemens’ RuggedCom division. DHS said in an alert released August 21 that it asked RuggedCom to confirm the vulnerability the researcher identified to and identify steps to mitigate its impact. The researcher said the discovery of the flaw is disturbing because hackers who can spy on communications of infrastructure operators could gain credentials to access computer systems that control power plants and other critical systems. Source: http://www.reuters.com/article/2012/08/22/cybersecurity-siemens-idUSL2E8JL1KH20120822

39. August 21, Infosecurity – (International) INF/Autorun malware is most prevalent malware in July. ESET published its statistics on malware in July. The figures are compiled from live data retrieved by ESET systems around the world, and provide an accurate reflection on what malware currently resides on people’s computers. Worldwide, INF/Autorun malware and Conficker take first and third position respectively. ―Somehow INF/Autorun is still top of the pops, in spite of Microsoft’s neutering of the Autorun vector,‖ an ESET senior research fellow said. ―And even though the Conficker botnet is essentially dormant, there are enough residual infections for our telemetry to keep picking up their presence,‖ he said. ―Often the interesting stories are related to comparatively low and often localized infected populations.‖ He singled out ―Dorifel/Quervar in the Netherlands,‖ indicating a new analysis may be published by ESET soon, and ―Stuxnet and its siblings in Iran and the Middle East. Source: http://www.infosecurity-magazine.com/view/27703/

40. August 21, Bloomberg News – (International) U.S. authorities seize three mobile app Websites. U.S. law enforcement officials for the first time seized three Web site domains allegedly used to distribute copyrighted cell phone applications. ―Software apps have become an increasingly essential part of our nation’s economy and creative culture, and the criminal division is committed to working with our law enforcement partners to protect the creators of these apps and other forms of intellectual property from those who seek to steal it,‖ the assistant attorney general for the Justice Department’s Criminal Division said in a statement. The Justice Department (DOJ), FBI, and U.S. attorney’s office in the Northern District of Georgia announced the seizure August 21 as part of a crackdown on infringement of copyrighted cell phone applications. The three Web site domains — applanet.net, appbucket.net, and snappzmarket.com — now belong to the government and visitors to those sites will be greeted with banners announcing the seizure. The move is part of an effort by the DOJ’s Task Force on Intellectual Property and comes after FBI agents downloaded thousands of copies of copyrighted applications for wireless devices using Google Inc.’s Android operating system, said the DOJ. Source: http://www.bloomberg.com/news/2012-08-22/u-s-authorities-seize-three-mobile-app-websites.html

For another story, see item 41 below in the Communications Sector
Communications Sector

41. August 22, Associated Press – (International) All Verizon services restored from Md. derailment. Verizon said all services disrupted by a train derailment near Baltimore were restored. The company said August 22 that all services were operating normally by 9 p.m. August 21. Land-line services to some customers were disrupted the night of August 20 when 21 cars from a CSX coal train derailed in Ellicott City, Maryland. The wreck killed two people and damaged Verizon fiber optic lines hanging from poles along a train bridge. The telecommunication problems reached all the way to the U.S. Navy base in Guantanamo Bay, Cuba. Lawyers there were unable access information on government computers. That forced a 1-day delay in pretrial hearings for five men charged with orchestrating and aiding the September 11 terrorist attacks. Source: http://baltimore.cbslocal.com/2012/08/22/all-verizon-services-restored-from-md-derailment/

For more stories, see items 37 and 40 above in the Information Technology Sector