Friday, December 30, 2011

My apologies to all regarding the lateness of this post. The associated report from DHS was not available sooner than Noon today!

Complete DHS Daily Report for December 30, 2011

Daily Report

Top Stories

• One person died and at least four others were injured after an explosive crash shut down northbound Interstate 95 in Volusia County, Florida, sparked a fire, and sent toxic smoke into the air, officials said. – WKMG 6 Orlando (See item 13 )

13. December 29, WKMG 6 Orlando – (Florida) 1 dead in fiery I-95 crash near Port Orange. One person is dead and at least four others were injured after an explosive crash involving at least three semi tractor trailers shut down northbound Interstate 95 in Volusia County, Florida, sparked a fire, and sent toxic smoke into the air, officials said. The traffic crash happened about 3:30 a.m. December 29 in the northbound lane of Interstate 95 at mile marker 257. The northbound lane remained closed while the southbound lane of the interstate was open to traffic. The Florida Highway Patrol confirmed that one truck driver was pronounced dead at the scene. The northbound lanes will be closed indefinitely, officials said. The Volusia County Sheriff’s Office said four others were taken to Halifax Health Medical Center. One of the semis was a mail truck that may have been hauling hazardous materials and another semi was carrying logs, traffic authorities said. Volusia County firefighters advised residents in the area to stay inside due to toxic smoke that emanated from a massive fire caused by the crash, officials said. Source: http://www.floridatoday.com/article/20111229/BREAKINGNEWS/111229003/1-dead-fiery-95-crash-near-Port-Orange?odyssey=tab|topnews|text|Local News

• Health officials said December 28 that an Oklahoma baby was the third infant recently sickened by a strain of bacteria sometimes associated with tainted infant formula. – Associated Press (See item 18)

18. December 28, Associated Press – (Oklahoma) 3rd baby ill with rare bacteria associated with formula. An Oklahoma baby is the third infant sickened by bacteria sometimes associated with tainted infant formula. The child was infected with Cronobacter sakazakii but fully recovered, health officials said December 28. An Illinois child also rebounded after being sickened by the bacteria. A Missouri infant who was 10 days old died. The Missouri child had consumed Enfamil Newborn powdered infant formula made by Illinois-based Mead Johnson. Powdered formula has been suspected in illnesses caused by the bacteria in years past. But health officials said the Oklahoma child had not consumed Enfamil. And Mead Johnson this week reported that its own testing found no bacteria in the product. U.S. officials are awaiting results from their own testing of powdered formula and distilled water — also known as ‘nursery water’ — used to prepare it. Source: http://www.msnbc.msn.com/id/45806228/ns/health-childrens_health/#.TvyK7VawXFK

Details

Banking and Finance Sector

8. December 29, U.S. Securities and Exchange Commission – (International) SEC charges Magyar Telekom and former executives with bribing officials in Macedonia and Montenegro. The Securities and Exchange Commission (SEC) December 29 charged the largest telecommunications provider in Hungary and three of its former top executives with bribing government and political party officials in Macedonia and Montenegro to win business and shut out competition in the telecommunications industry. The SEC alleges that three senior executives at Magyar Telekom Plc. orchestrated, approved, and executed a plan to bribe Macedonian officials in 2005 and 2006 to prevent the introduction of a new competitor and gain other regulatory benefits. Magyar Telekom’s subsidiaries in Macedonia made illegal payments of approximately $6 million under the guise of bogus consulting and marketing contracts. The same executives orchestrated a second scheme in 2005 in Montenegro related to Magyar Telekom’s acquisition of the state-owned telecommunications company there. Magyar Telekom paid approximately $9 million through four sham contracts to funnel money to government officials in Montenegro. Magyar Telekom’s parent company Deutsche Telekom AG also is charged with books and records and internal controls violations of the Foreign Corrupt Practices Act (FCPA). Magyar Telekom agreed to settle the SEC’s charges by paying more than $31.2 million in disgorgement and pre-judgment interest. Magyar Telekom also agreed to pay a $59.6 million criminal penalty as part of a deferred prosecution agreement announced December 29 by the U.S. Department of Justice. Deutsche Telekom settled the SEC’s charges, and as part of a non-prosecution agreement with the Department of Justice agreed to pay a penalty of $4.36 million. Source: http://www.sec.gov/news/press/2011/2011-279.htm

9. December 29, Courthouse News Service – (Texas) Judge stops $10 million Ponzi scheme. A federal judge granted the Security and Exchange Commission’s (SEC) request to stop a Ponzi scheme that took more than $10.1 million from 80 investors by falsely claiming it would put the money in “safe government guaranteed assets.” The SEC sued Evolution Capital Advisors, its subsidiary Evolution Investment Group I, and its owner in August on securities fraud charges. The judge did not buy Evolution’s argument that it was not running a Ponzi scheme because early investors have been paid. He pointed out that that is the very nature of a “quintessential Ponzi scheme. And it is of no moment that the investment strategy has not yet collapsed of its own accord.” The SEC claimed the defendants solicited investors for two “secured note offerings” by using confidential private placement memoranda. The SEC said the owner reeled in investors by falsely claiming he would use their money to buy a portfolio of Small Business Administration (SBA) loans “guaranteed by the full faith and credit of the United States.” However, “Instead of investing the funds as promised, defendants purchased Small Business Administration interest only strips (‘SBA IO Strips’), which entitle holders to only a portion of the interest paid on an SBA loan or groups of loans,” the SEC said in its complaint. “That is, the asset underlying the strips is interest paid on the loans, not the guaranteed principal. If the borrower prepays or defaults on the SBA loan underlying the strip, interest payments stop and the value of the strip in effect falls to zero. The SEC claimed: “Defendants further harmed investors by using offering proceeds to pay themselves more than $2.4 million in so-called management fees and expenses.” The judge also granted the SEC’s request to freeze assets and to permanently enjoin the defendants from violating the Securities and Exchange Acts. Source: http://www.courthousenews.com/2011/12/29/42622.htm

10. December 29, WVIT 30 New Britain – (Connecticut) Hundreds of potential debit card scam victims. Nearly 100 people in Wallingford, Connecticut, were affected after thieves stole their debit card information, WVIT 30 New Britain reported December 29. Originally, investigators thought the thefts were from a skimming device scam in which thieves use a card reading mechanism to steal personal information from the magnetic strip. However detectives said the fraud is so wide spread they believe a hacker got into a network and grabbed debit card pin numbers and are selling them on the black market. Cardholders reported fraudulent purchases in states like Louisiana, Florida, even the country of Malaysia. Police called it a large scale operation and said nothing of this magnitude has ever happened before in Wallingford. The information was stolen in recent months when the victims used their card to make legitimate purchases, but the bogus charges did not start popping up until days before December 24. Many of the victims shopped at the West Center Marketplace on South Turnpike Road. It’s one of the places police are looking into saying it too may be a victim of the scam. Police told at least one victim they could be dealing with an organized crime ring. They released three surveillance photos from a Walgreens in Greenwich where one of the fraudulent cards may have been used. A woman and two men were being called persons of interest. Source: http://www.nbcconnecticut.com/news/local/Debit-Card-hacking-scam-Wallingford-136340193.html

11. December 28, U.S. Department of Justice – (California) California federal court blocks bogus tax credit scheme. A federal court in Los Angeles has permanently barred a man from promoting a scheme involving sales of bogus federal tax credits, the Justice Department announced December 28. According to the government’s complaint, the man fraudulently claimed to have billions of dollars in federal research tax credits that the United States supposedly granted him for purported scientific breakthroughs. The suit alleged that he advertised the sale of these bogus credits on the Internet and issued phony documents to people purporting to give them credits that could reduce their tax obligations. The government also alleged that Ellis partnered with the Southwest Louisiana Business Development Center, a nonprofit organization in Jennings, Louisiana, to try to sell $24 billion of the fictitious credits. The civil injunction order entered against the man bars him from telling prospective customers that he can transfer tax credits to them. He is also required to give the government a list of the names, addresses, and social security or tax identification numbers of everyone to whom he purported to distribute tax credits. Source: http://7thspace.com/headlines/402921/usdoj_california_federal_court_blocks_bogus_tax_credit_scheme.html

12. December 28, Lawrenceville Patch – (New Jersey) Lawrence man charged in alleged credit card fraud. An alleged credit card fraud ring was disrupted when Hightstown, New Jersey police made a routine traffic stop December 14. Hightstown officers initially pulled over a car for going speeding and then found the car was stolen, police said. A man was arrested in connection with the stolen car and was subsequently found to have nine Master Cards and five Visa cards in two different people’s names on him, which lead police to believe the cards could be fraudulent or stolen, a Hightstown Police detective said. Over the next few days the detective matched the names and numbers on the cards with the actual account numbers, and found that the cards had been compromised. One victim told the detective he received a letter from his credit card company saying there had been a security breach, and the company told him stolen account information had been pushed to Russia. The Secret Service used a machine to determine that on four of the cards found in Johnson’s possession, the numbers on the cards did not match the numbers read on the strips, the detective said. Based on all this information, Hightstown police obtained a search warrant for both the man’s home and the car, the detective said. An embossing machine used to imprint numbers on credit cards, a skimming machine used to copy information from credit card magnetic strips, 26 additional credit cards, gift cards, and two driver’s licenses with different names but the same photo were found at the house, the detective said. Two additional fraudulent credit cards and a credit card reader/writer were found in the car. Receipts for overseas money transfers were also found, and police are still trying to track down victims whose identities have been compromised, the detective said. The detective said the fraudulent cards were used in Middlesex and Mercer counties, and at least $10,000 was spent that has been identified. That number is expected to increase as more victims are found, the detective said. Hightstown Police charged the man with identify theft, forgery, credit card theft, and possession of stolen property. Police believe others are also involved with the scheme, but no one else had been charged as of the week of December 19. Source: http://lawrenceville.patch.com/articles/lawrence-man-charged-in-alleged-credit-card-fraud

Information Technology

35. December 29, Help Net Security – (International) Beware of password-protected documents carrying malware. Symantec researchers have recently spotted malware masquerading as password-protected document files - Word documents, spreadsheets, Powerpoint presentations, and PDFs - being delivered as e-mail attachments, Help Net Security reported December 29. “Attackers are misusing the password feature to encrypt files, most likely to make it difficult for security products to detect them as malware,” said the researchers. “It also makes reverse-engineering the files difficult because they need to be decrypted before analysis can be performed.” As the contents of the files in question are encrypted, some antivirus solutions might not recognize them for what they are immediately but only after they are opened with the password. Source: http://www.net-security.org/malware_news.php?id=1946&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+HelpNetSecurity+(Help+Net+Security)

36. December 29, Help Net Security – (International) Data-stealing Android Trojan masquerades as greeting-sending app. F-Secure researchers recently spotted a trojan targeting Chinese Android users that masquerades as a pre-written text message app, signed with the same certificate as a Android trojan that sends SMS messages to premium-rate numbers, Help Net Security reported December 29. Dubbed AdBoo, the app seemingly lets users choose a message template (jokes, New Year wishes, and more), then asks them to choose the contact to whom it will be sent. But it doesn’t actually send the message - a dialog box notifying them of a “Sending Fail” pops up instead. In the background, the Trojan harvests information such as phone model and number, Android version, and IMEI number and sends it to a remote server. Source: http://www.net-security.org/malware_news.php?id=1945&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+HelpNetSecurity+(Help+Net+Security)

37. December 29, Dark Reading – (International) Most Facebook scams are designed to feed affiliate marketing programs. Affiliate marketing sites are the final destination in three-fourths of all Facebook deceptions, according to a Commtouch study released December 28. According to the Commtouch Internet Threats Trend Report, visitors to these fraudulent Facebook-promoted sites are induced to fill out surveys that generate affiliate payments for the scammers. Users are induced to click on the scams through a variety of social engineering tactics, such as free merchandise offers, celebrity news, new (fake) Facebook applications, or simply a trusted friend sending a message stating: “You have to see this!” the report stated. After users first click on the scams, malware or malicious scripts are to blame for the further spread of slightly more than half the analyzed scams, the study said. These exploits fall into three main categories: likejacking, rogue applications, and malware or “self-XSS,”. In 48 percent of the cases, unwitting users themselves are responsible for distributing the undesirable content by clicking on “like” or “share” buttons. Source: http://www.darkreading.com/security/attacks-breaches/232301117/most-facebook-scams-are-designed-to-feed-affiliate-marketing-programs.html

38. December 29, Softpedia – (International) Hashes used by PHP, ASP.NET, Java, Python and Ruby vulnerable to DoS attacks. Researchers showed how a common flaw in the implementation of the most popular web programming languages and applications can be used to force servers to use their CPU at full capacity for several minutes, causing a denial-of-service (DoS) condition. Softpedia reported December 29 that two researchers made a presentation at the 28C3 Chaos Communication Congress in Berlin, Germany, showing that the way most popular programming languages such as PHP, Java, Apache Tomcat, ASP.NET, Phyton, Plone, Ruby, and V8, use hash tables make servers susceptible to DoS attacks. Any Web site that runs a technology that provides the option to perform a POST request is highly vulnerable to a DoS attack and since the attack is just a POST request, a Web site can be targeted by using an XSS flaw present on another popular site. Microsoft is expected to release a security update for ASP.NET later December 29, Ruby has provided an update to customers, and Apache Tomcat has also released workarounds for the vulnerability. Source: http://news.softpedia.com/news/Hashes-Used-by-PHP-ASP-NET-Java-Python-and-Ruby-Vulnerable-to-DoS-Attacks-243594.shtml

Communications Sector

39. December 29, CNET News – (National) Verizon fixes latest network outage. Verizon confirmed December 29 via Twitter that it has resolved its latest outage, which hit many of its celluar data customers December 28. Verizon Wireless tweeted that the 4G LTE issue was resolved overnight but that 3G connectivity as well as calling and texting had been unaffected. This latest incident marked the third time this month that Verizon customers across the country have bumped into a network data outage. On December 7, many Verizon 4G LTE customers reported a loss of data service, though some 3G users also said they were affected. A second outage occurred the week of December 19, also hitting data customers across the United States. In all three circumstances, users reported issues connecting to both 4G and 3G networks, however Verizon has insisted that 3G data access has been unaffected. Other than acknowledging the incidents and their resolutions through brief statements, the company has been mum as to the cause of the persistent problem. The founder of the market research firm Recon Analytics, recently told CNET that some growing pains are to be expected as more people hop onto Verizon’s LTE network. But since most of the outages have started in the middle of the night, he believes they are being caused by upgrades and patches to the network. As such, one single glitch can cascade to affect multiple regions of the entire country. Source: http://news.cnet.com/8301-1035_3-57349709-94/verizon-fixes-latest-network-outage/

40. December 29, ABC News – (International) Sun storms may affect radios, cell phones. Intense solar activity may affect Earth December 29, potentially disrupting radio and cell phone frequencies. On December 26, the sun released a coronal mass ejection (CME), which is a “massive eruption of solar plasma,” according to Space.com. The blast is expected to impact the Earth through December 31. “Coronal Mass Ejections from the last few days may cause isolated periods of G1 (Minor) Geomagnetic Storm Activity on December 28-29,” the National Oceanic and Atmospheric Administration’s (NOAA) Space Weather Prediction Center wrote in an update. “R1 (Minor) radio blackouts are expected until 31 December.” If the storms are powerful enough, they could temporarily interrupt radio frequencies, power grids, GPS signals, and cell phone communication. NOAA estimated that there was a 20-40 percent chance of these disruptive polar geomagnetic storms on December 28-29 in response to the impact of one or more CMEs. Experts said the sun’s increased activity is part of an 11-year cyclical pattern. NASA’s Solar Dynamics Observatory tweeted December 28 that two CMEs occurred within 24 hours earlier the week of December 26. Source: http://abcnews.go.com/Technology/sun-storms-affect-radios-cell-phones/story?id=15249373#.TvyXu3r-5YR

Thursday, December 29, 2011

Complete DHS Daily Report for December 29, 2011

Daily Report

Top Stories

Reno, Nevada police arrested and charged a man December 26, connected to a string of violent crimes including a fire that happened at the Verdi Post Office, a shooting at the Sparks Police Department, and shootings and threats made at strip clubs. – KRNV 4 Reno (See item 27)

27. December 27, KRNV 4 Reno – (Nevada) Police: Police station shooting, post office arson & other crimes linked. Reno, Nevada police are connecting a string of violent crimes to one man, including a fire that happened at the Verdi Post Office, a shooting at the Sparks Police Department, and shootings and threats made at strip clubs. Reno police officers told News 4 December 26 that they arrested the man and charged him with arson, assault with a deadly weapon, shooting at an occupied building, and burglary. Police said he was the man behind a December 25 crime spree which started with a drive-by shooting at the Sparks Police Department. Those crimes allegedly continued with threats, shots fired, and fires set. The Bureau of Alcohol, Tobacco, Firearms, and Explosives was called in to investigate and shortly after, there was another report of shots fired with a similar description of the suspect. Police said they were able to track down the suspect after that shooting. They said he was armed but cooperative when arrested. So far, police have not said what the motive might be and more charges could be filed. He is being held in the Washoe County Jail on $50,000 cash-only bail. Source: http://www.mynews4.com/mostpopular/story/sparks-police-verdi-post-office-shooting-arson/yKQ4ZLBP1EuhLp8wdNJncg.cspx

 The WiFi Protected Setup (WPS) PIN is susceptible to a brute force attack, the United States Computer Emergency Readiness Team (US-CERT) reported December 27. – United States Computer Emergency Readiness Team. See item 29 below in the Information Technology Sector

Details

Banking and Finance Sector

9. December 27, WCBS 880 FM New York – (New York; International) Feds recover nearly $300,000 in bogus $100 bills at JFK. U.S. Customs and Border Protection officers at John F. Kennedy International Airport said they found nearly $300,000 in counterfeit cash while inspecting a bag the week of December 19. The fake money was found in the bottom of the suitcases of woman arriving from Medellin, Colombia. The bags contained 46 packets of money. She suspect is a Colombian citizen. She has been turned over to agents of the Secret Service. Source: http://newyork.cbslocal.com/2011/12/27/feds-recover-nearly-300000-in-bogus-100-bills-at-jfk/

10. December 24, Associated Press – (New York; Texas; Florida) NY attorney general, BNY Mellon settle probe into manipulative trading by subsidiary for $1.3M. The Bank of New York (BNY) Mellon Corp. will pay $1.3 million to three states to settle an investigation into manipulative trading of auction rate securities (ARS) facilitated by employees at one of the company’s subsidiaries, the New York attorney general’s office announced December 22. Under the agreement, BNY Mellon agreed to cease any further violations of New York’s Martin Act, which prohibits deception in offering securities. The deal ended a joint investigation with the Texas State Securities Board and the Florida Office of Financial Regulation. The $1.3 million is for penalties, fees, and costs to the three states. According to the agreement, in early 2008, Mellon Financial Markets (MFM) acting as an intermediary broker on behalf of Citizens Property Insurance Corp. enabled the Florida insurer to buy its own auction rate securities by placing bids as though they were from an independent third-party buyer. The bids at below-market rates resulted in the auctions clearing at rates significantly lower than would have resulted otherwise. “During the relevant period, Citizens’ bids through MFM reduced the clearing rate by over 520 basis points on average. Ultimately, this resulted in investors that held Citizens ARS earning approximately $6.7 million less in interest than they would have if Citizens had not bid in its own auctions,” according to the settlement agreement. The trading continued until the company’s compliance staff discovered and stopped it, the agreement noted. MFM earned about $300,000 in fees from that conduct. Source: http://www.washingtonpost.com/business/ny-attorney-general-bny-mellon-settle-probe-into-manipulative-trading-by-subsidiary-for-13m/2011/12/22/gIQALvUfBP_story.html

Information Technology

28. December 28, Softpedia – (International) 40 million Tianya members exposed after data breach. Tianya.cn, one of the largest Chinese social networking Web sites, suffered a data breach as a result of which 40 million users became exposed, Softpedia reported December 28. Usernames and passwords, all in clear text, were stolen by the hackers, Global Times reported. “The released information belongs to users who registered on our Web site before November 2009, when we saved information in clear text format. After that we started using encryption,” a tianya.cn customer service staff member said. The unencrypted data ended up online because the Web site’s administrators failed to delete, or at least secure, the old data stored on their servers before the systems were upgraded. Source: http://news.softpedia.com/news/40-Million-Tianya-Members-Exposed-After-Data-Breach-243215.shtml

29. December 27, United States Computer Emergency Readiness Team – (International) WiFi protected setup PIN brute force vulnerability. The WiFi Protected Setup (WPS) PIN is susceptible to a brute force attack, the United States Computer Emergency Readiness Team (US-CERT) reported December 27 after being notified by a member of the public who uncovered the vulnerability. A design flaw that exists in the WPS specification for the PIN authentication significantly reduces the time required to brute force the entire PIN because it allows an attacker to know when the first half of the 8 digit PIN is correct. The lack of a proper lock out policy after a certain number of failed attempts to guess the PIN on some wireless routers makes this brute force attack that much more feasible. The vulnerability affects all major brands of routers. Source: http://www.kb.cert.org/vuls/id/723755

Communications Sector

30. December 27, Fort Myers News-Press – (Florida) Contractor who died on radio tower in Bonita Springs ID’d. The worker who died December 26 approximately 600 feet above ground on a communications tower in Bonita Springs, Florida, has been identified. Deputies responded to the tower just before 5 p.m. December 26 in reference to man who appeared to be stuck in the tower. Collier County sent an aviation unit to assist and determined the man deceased. The man’s body has been transported to the medical examiner’s office where an autopsy will be conducted to determine his cause of death. Preliminary reports indicate the contractor’s death was accidental, the Bonita Springs deputy fire chief said. He was working on the tower’s electrical system when he died, the fire chief said. At the top, rescuers discovered the man was dead. Four teams of two men scaled the tower to retrieve the body, he said. A camera was hoisted and pictures were taken for workplace safety investigators, the fire chief said. Several radio stations and a couple of TV channels were knocked off the air, because rescuers turned off electricity, the fire chief said. Meridian Broadcasting rents the tower for Fox News 92.5, as do other stations. Source: http://www.news-press.com/article/20111227/NEWS0102/312270028/0/NEWS0102/Contractor-who-died-radio-tower-Bonita-Springs-ID-d?odyssey=nav|head

31. December 27, Spaceflight Now – (International) Six Globalstar satellites on track for liftoff Wednesday. The launch of a Soyuz rocket with six Globalstar mobile communications will go forward December 28 despite the failure of a similar booster December 23, according to Globalstar and Russian officials. The satellites will replenish Globalstar’s fleet of communications satellites linking customers through voice and data messaging services. Investigators are still studying the December 23 mishap, which caused the Soyuz rocket to fall in Siberia a few minutes after blasting off from the Plesetsk Cosmodrome in northern Russia. No injuries were reported, but some Russian news agencies said the crash resulted in property damage. Built by Thales Alenia Space of Italy, the satellites will finish deploying from a specially-built dispenser at about 1:49 p.m. Ground controllers will place each of the 1,543-pound satellites on different trajectories to enter the Globalstar constellation. The process will include raising their orbits to an altitude of 878 miles and carefully piloting the craft into precise positions in the fleet. Globalstar satellites are divided among eight orbital planes to evenly spread the spacecraft across the globe. The Louisiana-based company’s subscribers use the satellite network to make mobile phone calls and data transmissions, especially in rural zones where terrestrial coverage is spotty or non-existent. The December 28 launch is the third of four missions to bolster Globalstar’s satellite network. Six more satellites are due for liftoff on another Soyuz booster in 2012, following up on successful flights in October 2010 and July 2011. Some of the 12 fresh satellites launched in the last two years have shown signs of trouble with their momentum wheels, which maintain the craft’s orientation in space. Globalstar’s existing constellation is mostly comprised of spacecraft launched between 1998 and 2000. Built by Space Systems/Loral and designed for a seven-and-a-half year orbital life, the satellites are aging and need to be replaced. The new satellites are gradually restoring voice and duplex data service as they join the network. Source: http://www.spaceflightnow.com/soyuz/st24/111227preview/

Wednesday, December 28, 2011

Complete DHS Daily Report for December 28, 2011

Daily Report

Top Stories

• A surgeon, a medical technician, and a pilot were killed December 27 when a medical helicopter crashed 12 miles north of Palatka, Florida. – CNN (See item 29)

29. December 27, CNN – (Florida) 3 dead in Florida medical helicopter crash. A surgeon, a medical technician, and a pilot were killed December 27 when a medical helicopter crashed in Florida, the Mayo Clinic said. The helicopter crashed about 12 miles northeast of Palatka, Florida, according to a Federal Aviation Administration (FAA) spokeswoman. The clinic said the helicopter was carrying two employees to theUniversity of Florida in Gainesville to harvest organs when the crash occurred. The helicopter was owned by SK Jets, according to the FAA. The company has not commented on the crash. Source: http://www.cnn.com/2011/12/26/us/florida-medical-helicopter-crash/index.html

• A fight that started in the Mall of America in Bloomington, Minnesota, lead to 10 arrests December 26. Witnesses said the melee had elements of a ―smash and grab‖ flash mob while police verified that more than 200 people total may have been involved. – Minneapolis Star-Tribune (See item 41)

41. December 27, Minneapolis Star-Tribune – (Minnestoa) Moving melee causes chaos at packed Mall of America. A fight that started in a food court quickly spread through the Mall of America in Bloomington, Minnesota, December 26. Several witnesses said the melee had elements of a ―smash and grab‖ flash mob, including heavy use of cellphones. They said those creating the disturbance numbered in the hundreds, some knocked down shoppers and grabbed items from kiosks and other shoppers. Although Bloomington police verified that some groups were as large as 100 people and that more than 200 people total may have been involved, they received no reports of stolen merchandise. Several stores, including Nordstrom, closed internal gates to the mall court, and a few stayed closed for the evening. More than 30 Bloomington Police, as well as Metro Transit and Richfield officers, responded. Bloomington Police and mall security arrested at least 10 juveniles and young adults on suspicion of disorderly conduct. Mall officials said it took more than an hour to quell the disturbance. However, many witnesses reported that fights continued to flare in the mall well after. Metro Transit Police said they broke up several fights outside the mall later in the evening. That agency‘s officers also monitored bus routes from the mall to Minneapolis, St. Paul, and Brooklyn Center. At a downtown St. Paul stop, four juveniles and an adult were arrested on suspicion of disorderly conduct. Source: http://www.startribune.com/local/west/136237398.html?page=all&prepage=1&c=y#continue

Details

Banking and Finance Sector

10. December 27, Federal Bureau of Investigation – (New York) Queens man who orchestrated $10 million commercial bank fraud and bank bribery scheme pleads guilty in Manhattan federal court. The U.S. Attorney for the Southern District of New York announced that a man pleaded guilty December 27 to participating in a bank fraud and bank bribery scheme to defraud several banks of at least $10 million by obtaining commercial loans and lines of credit using false and fraudulent documents. The defendant was previously charged in a superseding indictment along with two accomplices. As part of the scheme, the man allegedly submitted loan applications in the names of shell companies with no assets and straw owners, using fraudulent documents they created to dupe the banks into believing those entities were real. The defendant also paid bribes totaling over $135,000 to an employee of Citibank to obtain $2.45 million worth of loans. From 2009 to November 2010, the three men and others fraudulently obtained at least 16 commercial loans and/or lines of credit, receiving at least $10 million, from eight different lenders—Capital One Bank, NA.; Citibank, NA. (―Citibank‖); First Republic Bank; Herald National Bank; New York Commercial Bank; Signature Bank; Sovereign Bank; and TD Bank, NA. All of these loans are presently in default. The defendant pleaded guilty to one count of conspiracy to commit bank fraud, five substantive counts of bank fraud, and one count of bank bribery. Each count carries a maximum potential penalty of 30 years in prison. He faces a maximum potential penalty of 210 years in prison. In addition, the bank fraud counts each carry a potential fine of $1,000,000, and the bank bribery count carries a potential fine of $1,000,000 or three times the value of the bribe. As part of his agreement, he agreed to forfeit at least $8,200,000. Source: http://7thspace.com/headlines/402865/queens_man_who_orchestrated_10_million_commercial_bank_fraud_and_bank_bribery_scheme_pleads_guilty_in_manhattan_federal_court.html

11. December 27, Financial Industry Regulatory Authority – (National) FINRA fines Credit Suisse Securities $1.75 million for regulation SHO violations and supervisory failures. The Financial Industry Regulatory Authority (FINRA) announced December 27 that it fined Credit Suisse Securities (USA) LLC $1.75 million for violating Regulation SHO (Reg SHO) and failing to properly supervise short sales of securities and marking of sale orders. As a result of these violations, Credit Suisse entered millions of short sale orders without reasonable grounds to believe that the securities could be borrowed and delivered and mismarked thousands of sales orders. FINRA found that from June 2006 through December 2010, Credit Suisse‘s Reg SHO supervisory system regarding locates and the marking of sale orders was flawed and resulted in a systemic supervisory failure that contributed to significant Reg SHO failures across its equities trading business. During the time period, Credit Suisse released millions of short sale orders to the market without locates, including threshold and hard to borrow securities. The locate violations extended to numerous trading systems, aggregation units, and strategies. In addition, Credit Suisse mismarked tens of thousands of sale orders in its trading systems. The mismarked orders included short sales that were mismarked as ―long,‖ resulting in additional violations of Reg SHO‘s locate requirement. As a result of its supervisory failures, many of Credit Suisse‘s violations were not detected or corrected by the firm until after FINRA‘s investigation caused Credit Suisse to conduct a substantive review of its systems and monitoring procedures for Reg SHO compliance. FINRA found that Credit Suisse‘s supervisory framework over its equities trading business was not reasonably designed to achieve compliance with the requirements of Reg SHO and other securities laws, rules, and regulations throughout the period at least June 2006 through at least December 2010. In concluding this settlement, Credit Suisse neither admitted nor denied the charges, but consented to the entry of FINRA‘s findings. Source: http://www.finra.org/Newsroom/NewsReleases/2011/P125300?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+FINRANews+(FINRA+News)&utm_content=Google+Reader

12. December 23, U.S. Securities and Exchange Commission – (California; International) SEC charges securities trader with cross-border fraudulent interpositioning scheme. The Securities and Exchange Commission (SEC) December 23 charged a former securities trader at a San Diego-based brokerage firm with orchestrating an illegal trading scheme. The SEC alleges that the former trader acted in concert with a Mexican investment adviser, InvesTrust, and unnecessarily inserted a separate broker-dealer as a middleman into securities transactions in order to generate millions of dollars in additional fees. The trader agreed to pay $1 million to settle the SEC‘s charges. The SEC also charged his former firm Investment Placement Group (IPG) and its chief executive officer (CEO) with failing to properly supervise the trader. IPG agreed to pay more than $4 million to settle the charges. In an interpositioning scheme, an extra broker-dealer is illegally added as a principal on trades even though no real services are being provided. The SEC alleges that the trader colluded with InvesTrust and needlessly inserted a broker-dealer based in Mexico into securities transactions between IPG and InvesTrust‘s pension fund clients, causing the pension funds to pay approximately $65 million more than they would have without the middleman. According to the SEC‘s order, the scheme occurred from January to November 2008. The trader in coordination with InvesTrust acquired 10 different credit-linked notes in an IPG proprietary account. The SEC alleges that IPG, through the trader, added a markup of roughly 1.5 to 4.5 percent to the purchase price and then sold the notes to the middleman Mexican brokerage firm. IPG, through the trader, then repurchased the notes from the Mexican brokerage firm within a day or so at a slightly higher price. IPG added another markup and then sold the securities to InvesTrust‘s pension fund clients. According to the SEC‘s order, in some instances the trader repeated the buy-sell pattern with the middleman Mexican brokerage firm multiple times, driving up the price with each successive trade before finally selling the notes to the pension funds at artificially inflated prices. He received millions of dollars in additional markups generated from the interpositioned transactions. Source: http://www.sec.gov/news/press/2011/2011-277.htm

13. December 23, U.S. Securities and Exchange Commission – (National) SEC charges GE Funding Capital Market Services with fraud involving municipal bond proceeds. The Securities and Exchange Commission (SEC) December 23 charged GE Funding Capital Market Services (CMS) with securities fraud for participating in a wide-ranging scheme involving the reinvestment of proceeds from the sale of municipal securities. GE Funding CMS agreed to settle the SEC‘s charges by paying approximately $25 million that will be returned to affected municipalities or conduit borrowers. The firm also entered into agreements with the Department of Justice, Internal Revenue Service, and a coalition of 25 state attorneys general and will pay an additional $45.35 million. The settlements arise from extensive law enforcement investigations into widespread corruption in the municipal reinvestment industry. In thpast year, federal and state authorities have reached settlements with four other financial firms, and 18 individuals have been indicted or plead guilty, including three former GE Funding CMS traders. According to the SEC‘s complaint, in addition to fraudulently manipulating bids, GE Funding CMS made improper, undisclosed payments to certain bidding agents in the form of swap fees that were inflated or unearned. These payments were in exchange for the assistance of bidding agents in controlling and manipulating the competitive bidding process. The SEC alleges that from August 1999 to October 2004, GE Funding CMS illegally generated millions of dollars by fraudulently manipulating at least 328 municipal bond reinvestment transactions in 44 states and Puerto Rico. GE Funding CMS won numerous bids through a practice of ―last looks‖ in which it obtained information regarding competitobids and either raised a losing bid to a winning bid or reduced its winning bid to a lower amount so that it could make more profit on the transaction. In connection with other bids, GE Funding CMS deliberately submitted non-winning bids to facilitate bidset up in advance by certain bidding agents for other providers to win. GE Funding CMS‘s fraudulent conduct also jeopardized the tax-exempt status of billions of dollars in municipal securities because the supposed competitive bidding process that establishes the fair market value of the investment was corrupted. Source: http://sec.gov/news/press/2011/2011-276.htm

For more stories, see items 35 and 36 below in the Information Technology Sector, and 39 below in the Communications Sector

Information Technology

33. December 27, Softpedia – (International) Siemens promises to patch SCADA flaws after they angered researcher. Siemens has come forward with a statement reporting that they are planning to fix vulnerabilities in SCADA systems next month after a researcher highlighted the issues earlier in 2011, Softpedia reported December 27. The researcher became upset the week of December 19 after he found out from a Reuters reporter that Siemens officially denied knowing of the authentication flaws he had disclosed to them. Siemens later released an official comment stating that their development team had taken action and the vulnerabilities will be fixed by security updates, the first of which is planned to be issued in January 2012. Source: http://news.softpedia.com/news/Siemens-Promises-to-Patch-SCADA-Flaws-After-they-Angered-Researcher-243014.shtml

34. December 27, Softpedia – (International) HP releases firmware update to prevent unauthorized access. HP released a firmware update to mitigate vulnerabilities that could allow a hacker to remotely control HP LaserJet printers to launch cyberattacks, steal information, and in some scenarios even set them on fire, Softpedia reported December 27. Columbia University researchers discovered the vulnerabilities in November. The vulnerabilities and lack of an HP signature to authenticate firmware updates have concerned security experts since the researchers shared their findings. Source: http://news.softpedia.com/news/HP-Releases-Firmware-to-Prevent-Unauthorized-Access-243039.shtml

35. December 26, MacWorld – (International) Report: Phishing attack targets Apple customers. A ―vast phishing attack‖ that attempts to capture the credit card information of Apple customers was launched December 25, according to a report from Mac security-software company Intego. In a posting on its Mac Security blog, Intego said that the attack was an attempt to fool Apple customers into clicking on a link under the guise of updating the billing information of their Apple accounts. Users who click on the link in the phony e-mail will be taken to a realistic looking sign-in page that asks for the user‘s Apple ID and password. The user is then taken to a page asking them update account profile information, including credit card information. Intego reported that the messages are being sent with the subject ―Apple update your Billing Information‖ from a spoofed email address of ―appleid@id.apple.com.‖ Source: http://www.computerworld.com/s/article/9223023/Report_Phishing_attack_targets_Apple_customers

36. December 26, CNN – (International) Hackers target global analysis company. The global intelligence company Stratfor was hacked and had user information including credit card numbers posted online, CNN reported December 26. Around 4000 credit card numbers were released. Some Stratfor customers reported fraudulent charges being made to their credit cards after the information was posted on Pastebin. It was unclear whether the breach and apparent release of credit card information was the work of the activist hacking group Anonymous. The initial posting on Pastebin credited the AntiSec group, but a later message claiming to represent Anonymous denied any affiliation with the attack. Source: http://europe.cnn.com/2011/12/25/us/stratfor-hacking/?hpt=ibu_c2

Communications Sector

37. December 27, Associated Press – (Texas) West Texas phones out after line severed. All phone service was disrupted for much of December 26 in far West Texas after a fiber-optic line just south of Monahans was severed. An AT&T spokeswoman said a contractor accidentally cut an underground fiber optic line, cutting service in the provider‘s West Central Texas district. That left callers to Fort Stockton, Alpine, Fort Davis, Marfa, and other places getting a persistent busy signal. People in Terlingua in the Big Bend told the Odessa American their landline phones had been fine but cell service was knocked out. The Fort Stockton police chief told television station KOSA his department had to use an emergency backup plan that forwarded calls to a working county, which then relayed the information back. He said AT&T service was restored by the night of December 26. Source: http://abclocal.go.com/ktrk/story?section=news/state&id=8480720

38. December 25, WZVN 7 Fort Myers – (Florida) Copper theft disrupts Port Charlotte phone service. 300 Port Charlotte, Florida residents were without phone service after a copper theft from Century Link telephone equipment the week of December 19. The Charlotte County Sheriff‘s Office said this is the fifth copper theft from phone equipment boxes in Charlotte County in the past several days. The service disruption affected customers within a square mile area. CenturyLink officials said the repairs were completed by 7 p.m. December 24. Source: http://www.abc-7.com/story/16389238/2011/12/24/copper-theft-disrupts-port-charlotte-phone-service

39. December 23, Fort Worth Star-Telegram – (Texas) Feds untangle $20 million scheme in DFW against telecom companies. For years, a dozen or more conspirators ran a scheme in North Texas to rip off some of the nation‘s telecommunication giants, the Fort Worth Star-Telegram reported December 23. The $20 million cybercrime spree crumbled because of evidence painstakingly gathered from businesses and seized from the homes of conspirators. The week of December 19, two conspirators were convicted by a federal jury of one count each of conspiracy to commit wire fraud and mail fraud, federal officials said. One of the men was also convicted on three other counts. Twelve others charged in the case have pleaded guilty to their various roles, including the scheme‘s mastermind and his wife. The fraud went on for years as the conspirators played shell games and ripped off telecommunication giants for services they seldom paid for, court records say. The scheme included using homeless people, fake tax documents, bogus financial statements, and ever-changing addresses. To prosecute the case, the government gathered invoices, contracts, and financials. There were e-mails discussing subjects such as avoiding detection, due process, ―burning cash,‖ ―flaming ferrets,‖ and hiding spam. Federal agents seized tax reports, passports, computers, memory sticks, hard drives, and power supplies. The government presented evidence that, as part of a conspiracy, the men lied to obtain goods, such as computers and telecommunication equipment. They also created and bought shell companies to hide the identities of the owners or operators of the companies. ―The conspirators paid ... homeless persons for the use of their identities to ‗act‘ as the officers, directors or managers of the shell companies,‖ a news release from a U.S. attorney said. The conspirators defrauded companies including AT&T, Verizon, XO Communications, Excel Communications, Waymark Communications, Bandwidth.com, and CommPartners, the government said. Landlords were stiffed. Leasing companies and creditors, including Wells Fargo and AT&T Capital Services, were not paid. Credit-reporting agencies, power companies, insurance and air-conditioning companies, and Web site developers were among those deceived. Source: http://www.star-telegram.com/2011/12/23/3616495/feds-untangle-20-million-scheme.html