Tuesday, January 18, 2011

Complete DHS Daily Report for January 18, 2011

Daily Report

Top Stories

• The New York Daily News reports a drowsy traveler set off a scare at LaGuardia Airport in Queens, New York when he dozed off in a restricted area and was found by security 4 hours later, sources said. (See item 20)

20. January 14, New York Daily News – (New York) Sleepy flyer catches some shut eye in LaGuardia Airport terminal, security doesn’t notice. A drowsy traveler set off a scare at LaGuardia Airport in Queens, New York January 13 when he dozed off in a restricted area and was found by security 4 hours later, sources said. The traveler’s Southwest Airlines flight from Chicago landed at LaGuardia at about 11:30 p.m. January 12, sources said. Instead of leaving the terminal, the passenger, a 24-year-old medical student, fell asleep in the waiting area near Gate B1. Private security from AirTran Airways and officers from the federal Transportation Security Administration (TSA) failed to detect the sleeping passenger during two security sweeps, sources said. After the sweeps were done, TSA closed the concourse for the night, sources said. The passenger was undisturbed for 4 more hours, until a TSA supervisor toured the area at about 3:30 a.m. January 13 as staff prepared to reopen Terminal B. “It was a big surprise to find a guy sleeping there; not a good thing, you can imagine,” a source said. TSA staff called Port Authority police, who sent K-9 teams to search the area to make sure no one else was in the restricted area. The passenger was questioned and sent on his way. Source: http://www.nydailynews.com/ny_local/2011/01/14/2011-01-14_security_at_lag_caught_sleeping.html

• According to the Contra Costa Times, a California State University, Northridge student who threatened several people on campus was charged with two felonies after police found a shotgun and explosive materials in his room. (See item 47)

47. January 13, Contra Costa Times – (California) Cal State Northridge student charged after officials find explosives, shotgun in his dormroom. A California State University, Northridge (CSUN) student who threatened several people at the Los Angeles instittution is facing two felony charges after police found a shotgun and explosives materials in his on-campus dorm room, according to officials. The 22-year-old suspect allegedly made threats to students and staff on campus and was taken into custody for mental health evaluation January 11, the chief of CSUN police said. Police arrested the suspect January 12 and he is currently in county jail in lieu of a $150,000 bond, according to inmate records. No injuries were reported. The suspect is no longer enrolled at the university and had no previous reported problems at the school, the chief said. He is charged with possession of ingredients to make a destructive device and bringing a firearm onto a school campus, according to the Los Angeles County District Attorney’s Office. The suspect is set to appear in court for arraignment January 14 at San Fernando Superior Court. Source: http://www.contracostatimes.com/california/ci_17088326?nclick_check=1

Details

Banking and Finance Sector

13. January 14, Waterbury Republican-American – (Connecticut) Bank evacuated for reported gas odor. Northwest Community Bank’s New Hartford, Connecticut branch was evacuated January 13 after employees reported an odor of gas. Firefighters converged on the scene about 10 a.m., and found elevated levels of carbon monoxide that were traced to a malfunctioning furnace. A fire official said no one was seriously hurt, though one member of the bank staff was transported to Winsted Health Center as a precaution. Four staff members declined medical attention. There were no customers in the bank when firefighters arrived, the fire official said. Canton firefighters were called to assist providing a ladder truck that allowed firefighters to get to the snow-covered roof and verify that all of the exhaust vents were clear of snow and ice. The fire official said a bank maintenance worker identified the furnace malfunction as the source, and was working on repairs as firefighters packed up just before noon. The bank was expected to reopen once the problem was corrected. Source: http://www.rep-am.com/articles/2011/01/14/news/local/532830.txt

14. January 14, eNews Park Forest – (Illinois) Six defendants indicted in alleged $15 million mortgage fraud scheme involving more than 40 residences in Chicago area. Six defendants were indicted January 12 on federal charges alleging they participated in a $15 million mortgage fraud scheme involving more than 40 residential properties located in Chicago, Illinois and its south suburbs, federal law enforcement officials announced January 12. The defendants include two licensed realtors and a licensed loan officer who bought and sold homes, recruited others to act as residential purchasers, and allegedly caused various financial institutions to lose approximately $4.5 million on mortgage loans that were not repaid by the borrowers or fully recovered through subsequent foreclosure sales. Source: http://www.enewspf.com/latest-news/police-reports/21063-six-defendants-indicted-in-alleged-15-million-mortgage-fraud-scheme-involving-more-than-40-residences-in-chicago-area.html

15. January 14, Softpedia – (International) FDIC phishing emails scare users with Patriot Act violations. The Federal Deposit Insurance Corporation (FDIC) warns users about an ongoing phishing campaign which produces fake e-mails purporting to come from the organization. “The e-mail informs the recipient that ‘in cooperation with the Department of Homeland Security, federal, state and local governments…’ the FDIC has withdrawn deposit insurance from the recipient’s account ‘due to account activity that violates the Patriot Act’,” the FDIC explains in its alert. Recipients are asked to verify their account information through a system called “IDVerify,” otherwise risk account termination. The link to the ID verification system provided in the e-mail takes users to a phishing page that asks them for personal and financial information. FDIC also notes that malicious software may be loaded onto the recipient’s computer, but does not specify if this is done transparently, in a drive-by download attack, or requires interaction from the user. At least one obank has reiterated FDIC’s alert and is warning their customers about the phishing scam, which, apparently, is not entirely new. Source: http://news.softpedia.com/news/FDIC-Phishing-Emails-Scare-Users-with-Patriot-Act-Violations-178185.shtml

16. January 13, Seattle Post-Intelligencer – (Washington) Suspected ‘Mrs. Doubtfire’ robber arrested. The suspected “Mrs. Doubtfire robber” — a dowdily dressed woman suspected in 10 bank robberies — was arrested the week of January 10 shortly after an 11th robbery in Kent, Washington, the FBI said January 13. A FBI Special Agent said the woman was identified by bank employees and other witnesses and arrested by Kent police officers January 11. An Alaska USA Federal Credit Union had just been robbed, and the woman was in the process of leaving the scene when arrested. A 53-year-old Des Moines, Washington resident, the woman will initially face a charge in the latest robbery at 10201 S.E. 240th St. in Kent, the FBI agent said. But investigators suspect her involvement in 10 other bank robberies in Seattle, Edmonds, Burien, Kirkland, and Des Moines since April 2010. In each case, the suspect worked alone and passed a demand note, the FBI agent said. She showed no weapon, but claimed to have had one in at least one case. Source: http://blog.seattlepi.com/seattle911/archives/235603.asp?from=blog_last3

17. January 13, KMGH 7 Denver – (Colorado) Bank robber escapes in teller’s car. A bank robber took more than money at a bank in Lakewood, Colorado January 13 — he escaped in a teller’s car. Authorities said a white man entered the TCF Bank at 12053 W. Alameda Ave. sometime around 9 a.m. and gave a teller a note claiming to have a gun and demanding money. The man took the teller’s keys and her car, a 1991 green or turquoise Honda Accord. Police said the license plate number on the car was 632 VVU. It was last seen going east on Sixth Avenue at Federal Boulevard. The only description of the man released was that he was wearing white, was unshaven, and was wearing glasses and a green beanie. The FBI’s Safe Streets Task Force has taken over the investigation. The teller’s car has not been located. Source: http://www.thedenverchannel.com/news/26485756/detail.html

18. January 13, KXTV 10 Sacremento – (California) Highway 12 in Lockeford reopens. A San Joaquin County sheriff’s bomb squad has given the all-clear after checking a possibly suspicious item dropped by a bank robber in Lockeford, California, January 13. Authorities cordoned off Highway 12 for the investigation and evacuated Bank of the West at 13299 E. Highway 12, and several neighboring businesses as a precaution. According to a spokesman with the sheriff’s department, the item was left by the bank robber who entered the bank about 9:30 a.m., ordered a teller to give him money which he took and then walked out. No weapon was seen and no one was hurt. The bomb squad sent in a robot to examine the dropped item, which the robber indicated may be an explosive device, a witness said. The sheriff’s department said the item was possibly a computer bag or purse, maybe taken from another robbery. It was destroyed. The robber was described as white, 50 to 60 years of age, and “scruffy,” the spokesman said. Source: http://www.news10.net/news/local/story.aspx?storyid=117378&catid=2

For another story, see item 51 below in the Information Technology Sector

Information Technology

51. January 14, Softpedia – (International) First toolkit resulting from ZeuS-SpyEye merger hits the underground market. Security researchers from McAfee warned the first crimware toolkit to result from the ZeuS-SpyEye merger is now available for purchase on the underground market. Earlier in 2011, the security community was surprised to hear rumors ZeuS and SpyEye, two rival threats in the cybercriminal world, would be joined together under a single developer. This unexpected turn of events was supposedly the result of the ZeuS author’s intention to retire from the malware-writing scene after a successful run. The new “SpyEye / ZS Builder” was released January 11, which is a SpyEye version enhanced with some of ZeuS’ functionality. New features include brute force password guessing, Jabber notification, VNC module, auto-spreading, auto-update, unique stub generation, and an enhanced screenshot system. The builder is much cheaper than ZeuS used to be. The basic version without VNC (remote desktop) and ability to inject code into Firefox pages costs $300, while the price for the full version is $800. Source: http://news.softpedia.com/news/First-Toolkit-Resulting-from-ZeuS-SpyEye-Merger-Hits-the-Underground-Market-178336.shtml

52. January 14, Help Net Security – (International) Ransomware continues to pose a threat. Symantec warns against attackers using ransomware. This type of malware blocks access to computers and then asks users to pay for having that privilege returned. Some ransomware locks the computer’s desktop and asks the user to send a text message to to a premium rate number to receive back a code that will restore access to the system. Other ransomware adds to that a change of the desktop background image, which contains the request for money, instructions on how and where to send it, and an embarrassing pornographic image that makes the user less willing to ask for technical help. There is also ransomware that encrypts user files and holds them ransom. Sometimes the encryption key is stored on the computer and the user can decrypt the files if he knows where to look for it, but other times the files are lost for good because there is no guarantee the criminals will send the key to decrypt them even if the victim sends the money. Some ransomware does not even allow the operating system to boot. Source: http://www.net-security.org/malware_news.php?id=1588

53. January 13, Softpedia – (International) RIM fixes vulnerabilities in BlackBerry OS and BlackBerry Enterprise Server. Research In Motion has released security updates for BlackBerry OS and the BlackBerry Enterprise Server (BES) software in order to address two moderate and high risk vulnerabilities. The vulnerability affecting BlackBerry devices consists of a denial of service condition that can crash the browser application. It affects BlackBerry Device Software versions earlier than 6.0.0 and can be exploited by tricking users to visit a maliciously crafted Web page. The vulnerability has a score of 5.0 on the CVSS scale, which equates to a moderate risk because the DoS condition is only partial. Meanwhile, the vulnerability patched in the BES is critical and caries a CVSS base score of 9.3 out of 10. It stems from a buffer overflow error in the Attachment Service of the portable document format (PDF) distiller component. Exploitation involves tricking a user to open a specially crafted PDF file. Source: http://news.softpedia.com/news/RIM-Fixes-Vulnerabilities-in-BlackBerry-OS-and-BlackBerry-Enterprise-Server-178057.shtml

For another story, see item 15 above in the Banking and Finance Sector

Communications Sector

54. January 13, Ontario Inland Valley Daily Bulletin – (California) Cell tower catches fire, nearby buildings evacuated. A fire station and a post office had to be evacuated January 13 after a nearby cell phone tower caught fire in Rancho Cucamonga, California. Firefighters at Station 171, 6627 Amethyst Ave., reported the blaze about 10:20 a.m. after seeing smoke and flames coming from the top of the tower. About 35 firefighters put out the blaze by 11:20 a.m., the acting battalion chief for the Rancho Cucamonga Fire Department said. No injuries were reported and the cause of the fire has not been determined. The fire station and the neighboring post office at 6649 Amethyst Ave. were evacuated when officials saw the potential for danger. “We were worried the tower would collapse into the fire station and post office,” the chief said. The tower did not fall and evacuees were eventually allowed back into the buildings. BCI Communications West employees were working on the tower when it caught fire. Upland and San Bernardino County fire departments assisted in fighting the blaze. Source: http://www.dailybulletin.com/news/ci_17090415

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)