Monday, December 15, 2008

Complete DHS Daily Report for December 15, 2008

Daily Report

Headlines

 The Air Force Times reports that a federal court has charged executives of a San Diego titanium supply company with selling bum metal that was used in Air Force F-22s, F-15s, and C-17s and in NASA’s Kepler space probe, according to a December 4 indictment. (See item 6)

6. December 12, Air Force Times – (National) 4 accused of selling bum metal for jet parts. A federal court has charged executives of a titanium supply company with selling bum metal that was used in Air Force F-22s, F-15s, and C-17s and in NASA’s Kepler space probe, according to a December 4 indictment. The federal court of the California’s southern district charged four executives of Western Titanium, a San Diego, California, metal supplier, with 15 counts of fraud and conspiracy for allegedly falsifying the quality certificates of titanium they supplied their customers. The indictment alleges that staff at Western Titanium provided test samples for high-grade titanium that were not the same quality as the bulk orders and sold titanium that was never tested. Among the allegations, the defendants are accused of providing the Air Force, Boeing, and Merco Manufacturing Inc. with substandard engine mounts for F-15s. Source: http://www.airforcetimes.com/news/2008/12/airforce_titanium_fraud_121208/

 According to Cattle Network, the U.S. Department of Agriculture’s Office of Inspector General issued on Tuesday a report that points out serious and continued flaws in the Food Safety and Inspection Service’s ability to mitigate the risks of bovine spongiform encephalopathy in several large facilities across the country that slaughter older cows. (See item 16)

16. December 12, Cattle Network – (National) R-CALF: OIG again slams USDA for BSE mitigation failures at packing plants. The U.S. Department of Agriculture’s (USDA’s) Office of Inspector General (OIG) on Tuesday issued a report about USDA’s Food Safety and Inspection Service (FSIS) that points out serious and continued flaws in FSIS’ ability to mitigate the risks of BSE (bovine spongiform encephalopathy) in several large facilities across the country that slaughter older cows. Through December 6, 2008, nearly 1.4 million Canadian cattle were imported into the United States, including nearly 190,000 older cows and bulls that were imported for slaughter in U.S. slaughter facilities. These older Canadian cattle are known to be of higher risk for BSE, as they are part of the same Canadian cattle population in which nine of Canada’s 16 BSE cases were detected, the latest case being confirmed on November 17, 2008. “This latest OIG report demonstrates that USDA has failed completely to protect the public health from the BSE that the agency itself predicts is being imported into the United States in these older Canadian cattle,” said the R-CALF USA CEO. Source: http://www.cattlenetwork.com/Content.asp?ContentID=275849

Details

Banking and Finance Sector


8. December 12, Newsday – (New York) West Islip man accused of mortgage fraud. An ongoing probe into the home mortgage business by the Suffolk district attorney’s office has led to the indictment of a West Islip man on charges of scheming to defraud lenders out of about $2.5 million. “What we are seeing in Suffolk County is an explosion of fraud involving, depending on the scheme, every facet of the mortgage process,” the District Attorney said. The probe by the Mortgage Fraud Unit has resulted in 27 arrests and nine indictments since June. In the latest case the 39-year-old defendant pleaded not guilty Thursday to 13 counts, including grand larceny. Prosecutors accused the defendant of inflating the value of houses in West Islip, Babylon and Lindenhurst owned by him or his company, LaDonna Properties. Between 2006 and 2007 the defendant contacted people who found “straw buyers” to pretend to buy the houses, prosecutors said. The straw buyers received payments of $10,000 to $20,000 for acting as if they were actually purchasing the houses. “He engaged appraisers to inflate the values of all of the properties well beyond what they were worth,” the District Attorney said at a news conference. Using fake documents, the phony buyers overstated their incomes and assets to qualify for no-down-payment mortgages, prosecutors said. When transactions were complete, the lenders - Mortgage-It and First Franklin Financial Corp. – paid the defendant for the houses. But the lenders only received two or three mortgage payments before the houses went into foreclosure. Source: http://www.newsday.com/news/local/suffolk/ny-limort125961867dec12,0,5810962.story


9. December 12, Salt Lake City Deseret News – (National) Utahns warned of phishing scam with U.S. Bank logos. The state Division of Consumer Protection warned Thursday of an e-mail phishing scam that claims to come from U.S. Bank. According to a news release, the scam e-mail contains U.S. Bank logos and graphics and tells recipients that they are required to sign up for a program called “Verified by Visa” and provide their personal account information through a Web link. The message also tells recipients that if they do not comply with the instructions, their account will be immediately disabled. The Utah Division of Consumer Protection said that the scam was tracked and discovered to have originated in Romania. Consumers in other states who entered their account numbers into the fake Web link had money transferred from their personal accounts, without their authorization, to a pre-paid debit card, the division said. Consumers who have received the phishing e-mail should delete the message from their inboxes without entering any information, the division said. People who have opened the message should run an anti-virus program on their computer immediately. Source: http://deseretnews.com/article/1,5143,705269884,00.html


10. December 12, ITWeb – (International) German bank’s data breached. Warnings appeared of an enormous data breach in Germany this week. According to media reports, a hacking gang is selling the accounts of 21 million German bank account-holders on the black market. In the course of the investigation for Wirtschaftswoche magazine, the two reporters said they were able to get hold of a CD-ROM containing the names, addresses and bank account numbers of 1.2 million people, although they had been offered data on 21 million people if they paid the criminals’ demands of 12 million Euros. “Incidents like this would not be possible if there were tougher data security laws, enforcing the use of encryption and user authentication solutions. In addition, businesses should log and monitor how data is used and moved inside their organization to get greater visibility of potential problem areas,” says the CEO of regional Sophos distributor, Sophos South Africa. Source: http://www.itweb.co.za/sections/techforum/2008/0812120858.asp?S=Malware&A=VIR&O=google


11. December 11, Wall Street Journal – (National) Many banks opt out of FDIC program. More than a fifth of U.S. banks opted out of a new program to guarantee bank debt, casting doubt on the program’s role in combating the financial crisis. Of the 8,384 banks or thrifts insured by the Federal Deposit Insurance Corp., 2,027, or 24 percent, have chosen to drop out of the program, according to a list of the institutions released by the FDIC on Thursday. The 2,027 banks represent a small slice of the overall industry. They have a combined $701.67 billion in assets, representing roughly 5 percent of industry assets. Meanwhile, the bulk of the industry opted to stay in a separate program that provides blanket insurance on certain business transaction accounts. Just 866 banks chose to discontinue the coverage. Banks declining to participate in the debt guarantee program were overwhelmingly smaller institutions. Many smaller firms have no use for the guarantee because they rely on funding sources other than debt issuance. The program’s cost and uncertainty about terms may have also damped participation, industry experts said. Source: http://online.wsj.com/article/SB122904547714200583.html?mod=googlenews_wsj


12. December 11, New York Times – (New York) Prominent trader accused of defrauding clients. On Thursday morning, a trader was arrested at his Manhattan home by federal agents who accused him of running a multibillion-dollar fraud scheme — perhaps the largest in Wall Street’s history. The criminal complaint filed against the man on Thursday in federal court in Manhattan reports that he estimated the losses at $50 billion. “We are alleging a massive fraud — both in terms of scope and duration,” said the director of the enforcement division at the Securities and Exchange Commission (SEC). According to the most recent federal filings, Bernard L. Madoff Investment Securities, the firm the trader founded in 1960, operated more than two dozen funds overseeing $17 billion. These funds have been widely marketed to wealthy investors, hedge funds, and other institutional customers for more than a decade. At the request of the SEC, a federal judge appointed a receiver on Thursday evening to secure the firm’s overseas accounts and warned the firm not to move any assets until he had ruled on whether to freeze the assets. The Madoff funds attracted investors with the promise of high returns and low fees. Competing hedge fund managers have wondered privately for years how the trader generated such high returns, in bull markets and bear, given the generally low-yielding investment strategies he described to his clients. Source: http://www.nytimes.com/2008/12/12/business/12scheme.html?em


Information Technology


25. December 11, CXOtoday.com – (International) Your antivirus can be a backdoor for hackers. According to iViZ, an information security company, antivirus software when processing malformed packed executables can result in bugs that can cause security vulnerability and help back door entry for hackers. The president of iViZ said, “An attacker first crafts an email with malicious payload and sends it to the target user and when the email is scanned by the vulnerable antivirus software it can either crash the antivirus software or execute arbitrary code resulting in complete security bypass and remote system compromise.” iViZ said that it has discovered new classes of vulnerabilities in many popular commercial and open source antivirus software that potentially allow attackers to break into systems using the same antivirus software. The company said that it used various file fuzzing techniques and reported abnormal behavior in several security tools when handling complex or unusual executable header data especially in the case of executables packed with 3rd party packers like UPX, FSG etc. In such events, multiple bugs were found in antivirus software while processing malformed packed executables. Some of these bugs proved to be security vulnerabilities which could make the antivirus itself as a back door for hackers. Source: http://www.cxotoday.com/India/News/Your_Antivirus_can_be_a_Backdoor_for_Hackers/551-96361-909.html


26. December 11, DarkReading – (International) Zero-Day bug discovered in IE7. An unpatched security vulnerability in Internet Explorer 7 is being actively exploited in the wild, and could allow attackers to control remote PCs and access personal information without the user’s knowledge, security researchers say. The vulnerability takes advantage of Internet Explorer’s handling of specially crafted XML tags, which can leave the browser susceptible to a heap spray attack, according to researchers at ScanSafe. A successful exploit could result in the installation of a data theft Trojan with autorun worm capabilities, the company says. Release of the exploit appears to be intentionally timed to fall after Patch Tuesday, when Microsoft typically issues patches for newly discovered vulnerabilities. The first exploits appeared just 48 hours after Microsoft made this month’s patches available. So far the zero-day “does not appear to be wildly used, but the code is publicly available,” according to researchers at Qualys. Still, exploits that take advantage of IE7 — which was supposed to have been Microsoft’s “safer” browser — are a concern, the researchers said. Two other zero-day vulnerabilities were discovered in the Microsoft environment this week. One impacts Microsoft SQL Server 2000 and is alleged to be remotely exploitable via SQL injection attacks. Unlike typical SQL injection attacks, which pose the greatest risk to site visitors, this particular attack would directly impact the server as well. A third zero-day vulnerability has been reported in WordPad’s text conversion feature. Microsoft has reported that there are “targeted attacks seeking to exploit this vulnerability” and released a patch for it on December 9. Source: http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml;jsessionid=2XI1JGOOZJYH2QSNDLPSKH0CJUNN2JVN?articleID=212400508


Communications Sector


27. December 11, KXNT 840 Las Vegas – (Nevada) Most phone service restored after outage. A day after several telephone lines were accidentally cut in Las Vegas, state officials say all communication systems are back on-line. On Wednesday morning, service was disrupted to thousands of Embarq residential customers as well as all state offices, including the DMV. Construction workers were laying sewage lines when they accidentally cut fiber optic wires. It knocked out cell, land-line phone, and Internet services for the eastern half of the valley down to Boulder City and Laughlin. As of Thursday afternoon, service had been restored to all but about 5,000 residential customers. Source: http://www.kxnt.com/Most-Phone-Service-Restored-After-Outage/3476603


28. December 11, Fairbanks Daily News-Miner – (Alaska) Fiber optic cable cut near Sitka prompts satellite switch. The shutdown of KATN in Fairbanks, Channel 2, on Wednesday was caused by a break in a fiber optic cable near Sitka, according to a KATN spokesman. “Alyeska Pipeline has all of their communication links within their system, including specifically the pump stations, through GCI’s fiber optic feed. If there is a disruption anywhere in the GCI system with the fiber optic line, by agreement and for security reasons, Alyeska Pipeline supersedes our television transmission and uses the satellite that we broadcast on to continue their communication links within the TAPS,” he said. Source: http://newsminer.com/weblogs/dermot-cole/2008/dec/11/fiber-optic-cable-cut-near-sitka-prompts-satellite-switch-knocking-katn-off-the-air-signal-expected-to-be-restored-later-today/