Friday, August 24, 2012 


Daily Report

Top Stories

 • About 200 retail outlets in Northwest Indiana and the Chicago area were supplied with off-specification regular grade gasoline, which can damage vehicles that use it, and is part of BP’s 2.1 million gallon recall. – Merrillville Post-Tribune

4. August 22, Merrillville Post-Tribune – (Indiana; Illinois) More than 200 gas stations had bad gas. About 200 retail outlets in Northwest Indiana and the Chicago area were supplied with the off-specification regular grade gasoline that is part of BP’s 2.1 million gallon recall. The tainted gasoline contained a higher than normal level of polymeric residue, which can lead to hard starting and other drivability issues, Merrillville Post-Tribune reported August 22. ―The company continues to go through its shipping records and is contacting retailers who may have loaded tanker trucks with the off-specification fuel and is replacing it with on-specification product,‖ BP said in the statement. A BP spokesman said all of the company’s resellers have been instructed to bag their pumps and not sell regular or mid-grade gasoline until BP is able to pump out the tanks. The spokesman said midgrade gasoline is included in the order not to sell because most gas stations only have two underground storage tanks, one for regular and one for premium grade fuels. Midgrade fuel is mixed from those two tanks on site. The polymeric substance causing the problems is a naturally occurring byproduct of the refining process. BP has not yet been able to identify how the larger than normal levels of the polymeric substance got into the two cargos of fuel, the larger at the BP Whiting terminal and the smaller at the Milwaukee terminal. Drivers from around the region have been seeking repairs after filling up at stations including but not limited to BP, Speedway, Luke Oil, Costco, and Family Express. Source: http://posttrib.suntimes.com/news/lake/14661181-460/more-than-200-gas-stations-had-bad-gas.html

• Authorities blew two holes in a tanker truck containing isobutane August 23, to ignite and vent the truck more than 24 hours after an accident on Interstate 10 in Baton Rouge, Louisiana. The crash forced authorities to close the highway for nearly 7 hours, and evacuate many homes and businesses. – Baton Rouge Advocate

14. August 23, Baton Rouge Advocate – (Louisiana) Tanker wreck burns in BR; I-10 open both directions. Authorities blew two holes in a tanker truck containing isobutane August 23, igniting a huge fireball as they prepared to move the damaged rig from the accident scene on Interstate 10 near Essen Lane in Baton Rouge, Louisiana. Interstate 10 reopened in both directions by August 23, after being closed for nearly 7 hours. Authorities’ evacuated residents within 500 yards of the accident prior to the controlled ―vent and burn.‖ Traffic in the capital city was snarled throughout the day after both the eastbound and westbound lanes were closed on I-10 between Essen and Bluebonnet Boulevard following the accident. The truck was carrying 8,700 gallons of isobutane. Two people involved in the accident were hospitalized with minor injuries. The Red Cross opened a shelter for evacuated residents, a spokeswoman said. Local businesses were struggling with the logistics of moving products and materials. A shelter-in-place in effect August 22 at nearby Our Lady of the Lake Regional Medical Center on Essen Lane was lifted early August 23, said a deputy director of the East Baton Rouge Parish Emergency Medical Services. Source: http://theadvocate.com/home/3698836-125/evacuation-set-for-10-pm

• A week of torrential rain in Alaska delayed air traffic, flooded a landfill, and caused problems for a village’s supply of drinking water. – Anchorage Daily News

30. August 21, Anchorage Daily News – (Alaska) Torrential rains cause numerous woes in Northwest Alaska. Recent torrential rain in northwest Alaska delayed air traffic, flooded a landfill, and caused problems for one village’s supply of drinking water. An unusual low pressure front over the Chukchi Sea poured rain on the region beginning August 13, said a National Weather Service (NWS) hydrologist and meteorologist. Nine inches fell at the Red Dog Mine area between August 13 and 19, he said, half the rain the area normally gets for an entire year. In Ambler, rains almost washed out a bridge used to access subsistence hunting areas, said a member of the Northwest Arctic Borough. In Kiana, four unopened shipping containers were partly underwater because of high waters on the Kobuk River. Planes ferrying workers to and from the Red Dog Mine were delayed August 15 to 19 due to poor visibility. In the village of Kivalina, a flooded landfill contaminated berry-picking grounds, and a lack of safe drinking water delayed the start of the school year. The rain-swollen Wulik and Kivalina rivers washed into the lagoon to the east of the village, and high water in the lagoon flooded the landfill, contaminating water. Delays in replenishing the village’s water supply were compounded by the rains because the tanks can not be filled with water from the river because it is muddy and filled with debris. Source: http://www.adn.com/2012/08/20/2594837/torrential-rains-cause-numerous.html

• Two inmates housed at different Indiana prisons ran a drug ring that distributed methamphetamine, heroin, and other drugs thanks to cellphones smuggled in by guards, according to a federal indictment that charged 40 people. – Associated Press

43. August 22, Associated Press – (Indiana; National) 40 indicted in drug ring run from Indiana prisons. Two inmates housed at different Indiana prisons ran a drug ring that distributed methamphetamine, heroin, and other drugs thanks to cellphones smuggled in by guards, according to a federal indictment unsealed August 22 that charged 40 people in connection with the scheme. The indictment alleged that the purported ringleader and an inmate at another prison even held a conference call with a third man using smuggled cellphones to discuss ―pooling their financial resources‖ to get a discount on heroin. At least 17 people appeared in court August 22 in Indianapolis after about 300 FBI agents fanned out across the State and made arrests. A judge ordered them to remain in custody. Only one prison guard was among those charged, though the indictment alleged several were involved. The indictment detailed a series of alleged phone calls the two men placed to people outside the prisons, including to oversee the purchase of ―large amounts‖ of heroin from a source in Chicago. They also instructed people how and where the drugs should be sold. Source: http://www.abc6.com/story/19344753/40-indicted-in-meth-ring-run-from-ind-prison

• The reservoir at the former Piney Point fertilizer plant near Port Manatee, Florida, is in jeopardy of overflowing and spilling millions of gallons of polluted water into Bishop Harbor and Tampa Bay due to recent rains and the threat of Tropical Storm Issac. – Sarasota Herald Tribune

58. August 22, Sarasota Herald Tribune – (Florida) Isaac could flood Piney Point reservoir, sending toxic water into Tampa Bay. The reservoir at the former Piney Point fertilizer plant near Port Manatee, Florida, is in jeopardy of overflowing due to recent rains and the threat of Tropical Storm Issac. The reservoir could potentially spill millions of gallons of polluted water into Bishop Harbor and Tampa Bay, the Sarasota Herald-Tribune reported August 22. To avoid a spill, the Florida Department of Environmental Protection (DEP) is allowing HRK Holdings LLC, which owns the plant, to pipe some of the toxic water into another reservoir at the site although it was not intended to hold such water. The main reservoir is not in danger of imminent collapse, officials said, but recent rain is adding to the problem and if a tropical storm or hurricane dumps more, the situation would become more tenuous. Further raising concerns, HRK has not provided the DEP with any assurance that the site is secure to avoid an unauthorized release of contaminated water during ideal conditions. The water is above the level considered safe for the reservoir to hold and the DEP has not received an inspection report from HRK showing that the reservoir walls are structurally sound. A DEP spokeswoman said that while the ―maximum water design water level‖ was reached, there is 3.2 feet of freeboard remaining in the reservoir. Source: http://www.heraldtribune.com/article/20120822/ARTICLE/120829855?p=1&tc=pg

Details

Banking and Finance Sector

9. August 23, Naples Daily News – (Florida) Judge orders ex-CEO to pay $31 million to FDIC. The ex-CEO of Naples, Florida-based Orion Bank was ordered to pay more than $31 million to the Federal Deposit Insurance Corporation (FDIC) for his leading role in a bank fraud conspiracy. At a restitution hearing in Orlando August 22, a judge decided on the amount the ex-CEO should pay the FDIC, which became the receiver for the local bank when it failed. The amount was based on the losses the agency suffered when it took over the bank’s fraudulent loans after selling most of Orion’s assets to IberiaBank. The ex-CEO and his co-conspirators made the loans as part of a scheme to trick regulators and make the bank appear in better financial shape than it was as it teetered on the edge of collapse. The ex-CEO is currently serving a 6-year sentence after pleading guilty to his involvement in the scheme. Source: http://www.naplesnews.com/news/2012/aug/23/judge-orders-jerry-williams-to-pay-31-million-to/

10. August 22, U.S. Securities and Exchange Commission – (New York) SEC charges New York-based firm and owner in penny stock scheme. The U.S Securities and Exchange Commission (SEC) August 22 charged a White Plains, New York-based firm and its owner with conducting a penny stock scheme in which they bought billions of stock shares from small companies and illegally resold those shares in the public market. The SEC alleges that E-Lionheart Associates LLC (which also does business under the name Fairhills Capital) and its owner reaped more than $10 million in unlawful profits from selling shares they bought at deep discounts from approximately 100 penny stock companies. No registration statement was filed or in effect for any of the securities that he and E-Lionheart resold to the investing public, and no valid exemption from the registration requirements of the federal securities laws was available. Acting at the owner’s direction, E-Lionheart personnel systematically ―cold called‖ penny stock companies to ask if they were interested in obtaining capital. If the company was interested, E-Lionheart personnel would offer to buy stock at a rate deeply discounted from the trading price of the company’s stock at that time. The owner and E-Lionheart purported to rely on an exemption from registration under Rule 504(b)(1)(iii) of Regulation D, which exempts transactions in compliance with certain types of State law exemptions. However, no such State law exemptions were applicable. Source: http://www.sec.gov/news/press/2012/2012-165.htm

11. August 21, Reuters – (National) Crowdfunding scams top investor threat — regulators. State securities regulators have put the relatively new investment phenomenon of crowdfunding at the top of their annual investment scams list, highlighting a recent U.S. law that relaxed capital raising rules on small firms, Reuters reported August 21. The North American Securities Administrators Association (NASAA) evaluated emerging and ongoing threats to investors in its 2012 list of top investor traps. The list also included mid-size investment advisers and oil and gas drilling schemes. Crowdfunding, which allows fundraising for projects via Web sites, is relatively new, and scams are just getting started, the regulators said. Portions of the Jumpstart Our Business Startups Act (JOBS Act), which go into effect in 2013, will push crowdfunding from a ―donation‖ model to a true investment model, and that will make it even more of a lure for swindlers, NASAA said. It also expressed concern about mid-size investment advisers, who recently transferred to supervision by State authorities instead of the Securities and Exchange Commission (SEC). The most common scam NASAA highlighted was the ―Reg D/Rule 506 Private Offerings‖ that involves marketing investments not registered with the SEC. The JOBS Act also relaxed regulations on this type of investment, and allowed much broader advertising of these types of investment opportunities, which NASAA said will make fraud easier. Source: http://www.reuters.com/article/2012/08/21/investing-scams-threats-idUSL2E8JLCVB20120821

Information Technology Sector

44. August 23, The H – (International) A $5,000 vulnerability in Facebook. A security researcher disclosed a security hole in Facebook’s Web site. The cross-site request forgery (CSRF) flaw allows an attacker to execute actions as a logged-in user by accessing specific URLs. After Facebook introduced its App Center functionality, the researcher found the anti-CSRF tokens in HTTP requests are not validated on the server side and an attacker is therefore able to add applications on the platform as another user. To execute this attack, the attacker needs the victim to visit a specially crafted Web site, after which malicious applications can be planted on the App Center. Anti-CSRF measures like the ones employed by Facebook are supposed to prevent this kind of attack by generating a token with every valid session that must be sent with every request. Scripts on other Web sites have no access to this token and therefore can not generate valid requests. In Facebook’s case, the App Center pages did not actually check the token for validity, which allowed anyone to send bogus requests and have them accepted. The Facebook Security team fixed the vulnerability within 1 day of being contacted by the researcher. Source: http://www.h-online.com/security/news/item/A-5-000-vulnerability-in-Facebook-1673573.html

45. August 22, Softpedia – (International) RSA: Phishing attacks worldwide cause losses of $687M in H1 2012. RSA’s FraudAction Research Labs revealed that in the first half of 2012, phishing attacks caused businesses worldwide to lose $687 million. While this represents an increase compared to the same period of 2011, it is actually a slight decrease to what companies experienced in the second half of the same year. Other figures from the report show that compared to the second half of 2011, the number of phishing attacks increased by 19 percent. Experts from the Anti-Phishing Working Group noticed the attack duration median actually went down to 11.72 hours per attack from 15.3 hours. If the duration were to remain the same, the total losses would have been approximately $897 million. The main targets of the attacks recorded in the first 6 months of 2012 were the United Kingdom, the United States, Canada, Brazil, and South Africa. Source: http://news.softpedia.com/news/RSA-Phishing-Attacks-Worldwide-Cause-Losses-of-687M-556M-in-H1-2012-287534.shtml

46. August 22, NBC News – (International) ‘Frankenstein’ virus could assemble itself from app snippets. Two researchers at the University of Texas at Dallas analyzing how malware disguises itself in order to propagate more widely developed an experimental virus that builds itself out of pieces a user’s computer knows to be safe. Many pieces of malware and viruses can be identified by detection software because of known bits of malicious code. As such, malware authors and security experts have tried different ways to camouflage malicious code, such as encrypting it or adding garbage data to confuse the scanners. The two researchers take these techniques a step further: their virus builds itself out of bits of applications like a user’s word processor, image editor, or Web browser. Currently, the malware is just a proof of concept, however, it is a tactic hackers may try to implement in the future. The researchers labeled their experimental malware ―Frankenstein.‖ Source: http://www.nbcnews.com/technology/technolog/frankenstein-virus-could-assemble-itself-app-snippets-959004

47. August 22, SecurityWeek – (International) Flash Player bug exploited by malicious Word documents. Adobe patched the remote code execution vulnerability (CVE-2012-1535) in Flash Player that could cause the application to crash and potentially allow an attacker to take control of the compromised computer August 14 as part of its regularly scheduled update. At the time, the company said there were reports of the vulnerability being exploited in the wild in ―limited attacks‖ using malicious Word documents. Symantec researchers have observed such attacks since August 10. The attacks used different email subject lines, body text, and attachment file names, a Symantec researcher said. The names and subject lines cover political and other newsworthy items, topics of interest, as well as topics that may be of interest to specific industries and companies. Source: http://www.securityweek.com/flash-player-bug-exploited-malicious-word-documents

48. August 22, PC Magazine – (International) McAfee fixes buggy antivirus update, resolves errors. McAfee fixed the buggy update that disabled the security software for many home and enterprise users the weekend of August 18. Users who received the latest updates for McAfee’s consumer and enterprise versions of its antivirus software August 17 found themselves unable to access the Internet or encountering errors within the application, said messages posted on McAfee’s community forums. Source: http://securitywatch.pcmag.com/none/301809-mcafee-fixes-buggy-antivirus-update-resolves-errors

49. August 22, PC Magazine – (International) Poor passwords cracked in seconds. A Sophos researcher who reported on the initial hack of Phillips Electronics recently, noted the plaintext password collection contained some extremely simple choices. He also conducted an experiment cracking those password hashes. He downloaded the free open-source tool John the Ripper to a basic laptop and input the list of hashed passwords into the cracking tool. It cracked a quarter of the passwords in 3 seconds or less, and fully half of them in 50 minutes. When the researcher ended the test at 2 hours, John the Ripper had cracked 53 percent of the hashed passwords. Source: http://securitywatch.pcmag.com/none/301807-poor-passwords-cracked-in-seconds

50. August 22, Ars Technica – (International) Password hints easily extracted from Windows 7, 8. A password reminder feature built in to recent versions of Microsoft’s Windows operating system was recently discovered by a vulnerability researcher from SpiderLabs. The password clues for Windows 7 and 8 are stored in the OS registry in a scrambled format that can be easily converted into human-readable form. That information would be useful to hackers who intercept a cryptographic hash of a targeted computer, but are unable to crack it. The researcher who documented the new Windows behavior wrote a script that automates the attack and added it to Metasploit, an open-source toolkit popular among whitehat and blackhat hackers. Source: http://arstechnica.com/security/2012/08/windows-8-password-hints/

51. August 22, Threatpost – (International) Fake Flash Player, laden with malware, making rounds. Scammers began to take advantage of Adobe’s decision to remove its Flash Player from Android’s Google Play marketplace the week of August 13. The removal prompted scammers to start promoting fake versions of the software to unsuspecting smartphone owners. While researching the scamware, security firm GFI Labs uncovered a separate fake version of the Flash Player that is not only fake, but an SMS trojan that comes bundled with adware. Source: http://threatpost.com/en_us/blogs/fake-flash-player-laden-malware-making-rounds-082212

Communications Sector

52. August 22, Athens News – (Ohio) Phone service being restored after cables severed. City officials estimating that phone service to the north of Carpenter Street/Stimson Avenue in Athens, Ohio, that had been out for 1 week would be restored August 23. Two phone cables were cut August 16 when a contractor working for Columbia Gas drilled through them. The outage, according to a release from Athens deputy service-safety director, affected customers of Frontier north of Carpenter/Stimson, as well as all Frontier customers on East State Street as far east as The Market On State. The release said Frontier was ―working around the clock‖ to restore service to the approximately 3,300 affected customers. ―This process is time-consuming due to the nature of the communication lines that were destroyed, as each line in the cable must be individually tested,‖ the release said. Source: http://www.athensnews.com/ohio/article-37603-phone-service-being-restored-ater-cables-severed.html

For more stories, see items 44 and 51 above in the Information Technology Sector