Wednesday, February 10, 2010

Complete DHS Daily Report for February 10, 2010

Daily Report

Top Stories

 The Associated Press reports that authorities on Monday arrested six suspected Taliban militants with a suicide vest and hand grenades who allegedly were on their way to attack the five-star Pearl Continental hotel and kill Americans in Lahore, Pakistan. (See item 43)

43. February 9, Associated Press – (International) Militants allegedly targeting Americans at hotel arrested: Police in Pakistan seize detonators, hand grenades. On Monday, authorities arrested six suspected Taliban militants with a suicide vest and hand grenades who allegedly were on their way to attack a five-star hotel and kill Americans in Pakistan’s cultural capital, said police. The eastern city of Lahore has suffered a spate of bombings at markets and security installations in recent years as the Taliban have expanded attacks beyond their main sanctuary in the northwest. Militants have also targeted hotels and restaurants in other parts of Pakistan popular with Westerners. The militants arrested Monday on the outskirts of Lahore included a 14-year-old male and a prayer leader from Pakistan’s Khyber tribal area near the Afghan border, said a police official. The prayer leader was wearing a vest packed with explosives. The two told police they were targeting Americans at the Pearl Continental hotel, he said. Police seized 26 hand grenades and five detonators from the militants, who were traveling by car and motorcycle, he said. Despite their intentions, the men did not know for certain whether any Americans were staying at the hotel, he said. Source:

 KETV 7 Omaha reports that the U.S. Army Corps of Engineers is racing the clock as it shores up a 3-mile levee where Salt Creek meets the Platte River in Nebraska. They are trying to complete their work before the ice melts, bringing the potential for flooding. (See item 48)

48. February 9, KETV 7 Omaha – (Nebraska) Army Corps prepares to battle flooding. The U.S. Army Corps of Engineers is racing the clock as it builds a new line of defense along the Platte and Elkhorn rivers in Nebraska. They are trying to complete their work before the ice melts, bringing the potential for flooding. On Monday, the Corps was shoring up the levee where Salt Creek meets the Platte River. “The levee stretches from Highway 6 over to Thompson Lakes, which is about three miles,” said a spokesman with the Army Corps of Engineers. Plans have been in the works for years to add to the levee. Now it will be eight feet higher. He said that it is important because the potential for flooding is high this year. Engineers said they do not want the ice to melt too fast on the river. That could lead to ice jams and eventual flooding. To avoid that, the Army Corps is planning to spread a material called fly ash on the ice. “We provided the state with recommendations that they dust,” he said. “We’re looking at six locations along the river.” Officials said they intend to start spreading the fly ash next week. Source:


Banking and Finance Sector

11. February 8, Midland Daily News – (Michigan) Midland Police warn of cell phone scam. Midland Police are warning residents of a cell phone scam involving automated calls for information regarding debit cards. Officers recently have been informed of a number of suspicious cell phone calls with an automated voice that states the recipient’s VISA debit card has been suspended or compromised. Police say residents should not give out any sensitive personal information, such as account numbers, Social Security numbers, birth dates or driver license numbers, to anyone that they did not call themselves. Anyone who receives one of the scam phone calls should check on their accounts by calling their local bank or the telephone number on the back of the debit card. Source:

12. February 8, Rome News-Tribune – (Georgia) Floyd police warning citizens about fraudulent online banking e-mails. The Floyd County Police Department has received several calls from citizens about attempted fraud concerning their Wells Fargo checking accounts online. One woman told police that she received an e-mail from Wells Fargo stating that her online access had been locked because of logging in excessively with the incorrect password. Authorities said citizens conducting any type of Internet banking or other business online should pay particular interest to their accounts. A captain with the Floyd County police said the best defense is always prevention. Once unintended people have the secure information, he said the sky is the limit as to how someone can be financially damaged because of it. Source:

Information Technology

35. February 9, – (International) McAfee report highlights inexorable rise of spam. McAfee’s threat report for the fourth quarter of 2009 highlighted a drop in spam, although the year ended with overall amounts rising. Spam levels in the last quarter of the year dropped from a record 175 billion a day in the third quarter to 135 billion, a decline of 24 percent. However, the levels rose again as spammers looked to scoop last minute shoppers. “Even though we saw a decline this quarter, the overall historical trend still points upward. Compared with the fourth quarter of 2008, volume is up 35 percent,” the report said. Around 135.5 billion spam emails were sent every day in 2009, compared with 122 billion a day in 2008 and 76.5 billion a day in 2007. The United States still leads in the production of spam, but by a greatly reduced margin. The country accounted for over a third of all spam at the start of 2009, but this had fallen to 16 percent by the fourth quarter, ahead of Brazil and India. Overall malware threats continued to rise, according to the report, nearly doubling over the year. Source:

36. February 8, Computerworld – (International) Adobe apologizes for 16-month-old Flash bug. Adobe Systems Inc. apologized over the weekend for letting a 16-month-old bug in Flash Player languish without a patch, even though it updated the popular plug-in four times since the flaw was reported. The bug was fixed, said Adobe, in the beta of Flash Player 10.1, which was released last November. The final version of Flash Player 10.1, however, will not ship until later this year. A security researcher first reported the Flash vulnerability September 22, 2008, according to Adobe’s public bug tracking database. When exploited, the flaw causes Internet Explorer 6 and 7, and Firefox and Safari 3 to crash; in other browsers, the browser stays up while Flash Player goes down. Although browser and plug-in crashes may seem relatively innocuous, they are valuable to attackers, who are often able to devise a way to inject malicious code after an application’s crash, said the director of security operations at nCircle Network Security Inc. The researcher has created a site that runs proof-of-concept attack code demonstrating the vulnerability. Source:

37. February 8, eWeek – (International) Oracle patches dangerous WebLogic server flaw. Oracle has released an emergency patch for a security flaw in WebLogic Server in response to the discovery of a vulnerability that leaves users open to attack. The vulnerability lies in the Node Manager component of WebLogic Server, and could be exploited by attackers to remotely gain access to a vulnerable system. According to Vupen Security, the issue is due to a missing authentication within the “Node Manager” (beasvc.exe) process when processing incoming connections to port 5556/TCP, which could allow remote unauthenticated attackers to execute certain commands. The patch, issued February 4, came roughly two weeks after the CEI of Intevydis revealed the bug on a blog. This kind of vulnerability further highlights the need to use ‘least privilege’ as much as possible on operating systems for running sensitive processes and applications.” As a workaround, users can restrict access to the Node Manager port through firewalls or other network access controls to prevent the exploitation by anonymous Internet users. In addition, organizations should consider updating their policies to permit access to this port only by trusted subnet/users, Oracle advised. Source:

38. February 8, – (International) Cyber crooks play on Bill Cosby death hoax. An online hoax claiming that a famous American comedian and actor has died is being used to push a malware attack. Researchers at security vendor Sophos reported seeing a new round of web sites claiming to offer news of the comedian’s death. The pages attempt to mimic CNN’s web site and presents surfers with phony error messages attempting to push fake anti-virus packages. “Hunting for information about the story can lead your computer into a nasty malware infection,” wrote a senior technology consultant of Sophos in a blog posting. The attacks follow a recent hoax which has spread through the web, particularly on Twitter, reporting that the comedian had died. The rumors spread so far that the comedian himself issued a statement on his web site. Source:

39. February 7, TechCrunch – (International) Indian IT giant Tata Consultancy services hacked. The website Tata Consultancy Services, India’s largest software vendor, has been hacked. The hacker has posted a “For Sale” message on the site, which is written in both French and English. Ironically, the company produces security systems software. The hack is believed to be a DNS hijack, which is similar to the breach that Twitter succumbed to last year. TechCrunch was also recently hacked earlier this year. Source:

For another story, see item 40 below

Communications Sector

40. February 8, CNET News – (International) Verizon temporarily blocks some 4chan sites. Verizon temporarily blocked traffic from some Web sites affiliated with the 4chan online forum on February 8 after finding that some affiliate sites were apparently launching network attacks. “Our network security system found traffic from some 4Chan Web sites that had strong potential to disrupt the Verizon Wireless network, affecting our customers’ use of their services,” a Verizon spokesman wrote in an e-mail to CNET. “With continuing investigation, and ensuring no current risk of harm, we are giving the green-light to all 4Chan traffic. We will continue to monitor for any possibility of network harm.” He also posted an explanation on Twitter: “Never a block on 4Chan but some of its other sites were launching network attacks.” It was unclear which sites were affected and exactly what the trouble was. The sites appear to have been “explicitly blocked” for as long as three days, according to the 4chan status page. Source:

41. February 8, Wireless Week – (National) FCC: Heavy traffic ahead. The FCC is thinking about the iPad and does not necessarily like what it means for wireless networks. In a blog post by two FCC officials, the agency said the traffic that could be generated by the iPad was “reminiscent of the congestion dialup users experienced following AOL’s 1996 decision to allow unlimited Internet use. For months, users had trouble connecting and, once they did connect, experienced frequent service outages.” Though the officials did not name AT&T specifically, the iPad’s 3G connectivity is currently only available on AT&T’s network. “With the iPad pointing to even greater demand for mobile broadband on the horizon, we must ensure that network congestion doesn’t choke off a service that consumers clearly find so appealing or frustrate mobile broadband’s ability to keep us competitive in the global broadband economy,” said both the director of scenario planning for the FCC’s Omnibus Broadband Initiative and the deputy chief of the Wireless Telecommunications Bureau. The officials said the operators will only be able to deal with future congestion issues if they have adequate spectrum. Source:

42. February 8, WINK 11 Fort Myers – (Florida) Cut cable causes thousands to miss Super Bowl. Deputies say someone sawed through the Comcast cable on the corner of east Terry Street and Bonita Grande Drive. Comcast says around two thousand people total in the Naples and Bonita Springs area were affected. Comcast was able to restore the cable at around a quarter to 2 a.m. Source: