Tuesday, May 3, 2011

Complete DHS Daily Report for May 3, 2011

Daily Report

Top Stories

• According to the Hackensack Record, authorities arrested two men who tried to sell more than $1 trillion in counterfeit U.S. Treasury notes to undercover sheriff’s officers in New Jersey. See item 12 below in the Banking and Finance Sector

• Bloomberg reports the United States and Australia boosted security at their embassies around the world and Interpol told its 188 member countries to be on “full alert” for attacks to avenge the killing of an al-Qaeda leader. (See item 31)

31. May 2, Bloomberg – (International) U.S. raises embassy security as world on alert for bin Laden retaliation. The United States and Australia boosted security at their embassies around the world and Interpol told its 188 member countries to be on “full alert” for attacks to avenge the killing of an al-Qaeda leader. Patrol cars, paramilitary forces, and commandos wearing bulletproof vests searched motorists and pedestrians outside the U.S. consulate in Karachi, Pakistan. “The death of [the al-Qaeda leader] does not represent the demise of al-Qaeda affiliates and those inspired by al-Qaeda, who have and will continue to engage in terrorist attacks around the world,” the secretary general of Lyon, France-based Interpol said in an e-mailed statement. The U.S. President May 1 said the man died in a firefight with U.S. forces in Abbottabad, Pakistan. His death removes the leader of a group that targeted citizens of the United States and its allies in hotels, offices, and embassies around the world. The al-Qaeda leader was wanted by U.S. authorities before the September 11, 2001, attacks on the World Trade Center in New York and the Pentagon outside Washington D.C. that killed almost 3,000 people. He was accused in connection with bombings of American embassies in Tanzania and Kenya on August 7, 1998, which killed 224 people, and linked to the October 2000 bombing of the USS Cole in Aden, Yemen, which killed 17 U.S. sailors. “The Department of State has requested all U.S. embassies to go to a heightened level of alert in the wake of the news,” a spokesman with the U.S. Embassy in Helsinki said. The State Department has also issued a worldwide travel alert to U.S. citizens. Source: http://www.bloomberg.com/news/2011-05-02/u-s-boosts-embassy-security-watches-for-bin-laden-retaliation.html


Banking and Finance Sector

11. April 29, Associated Press – (Michigan; National) Detroit-area man accused of $200M Ponzi scheme pleads guilty, says he defrauded investors. A Detroit, Michigan-area man accused of a $200 million investment scam pleaded guilty April 29, admitting he lied to people for a decade when he promised he was putting their cash into telecommunication deals with hotels across the country. The 74-year-old man appeared in federal court in Detroit a few weeks before trial and pleaded guilty to all 59 counts of fraud in the indictment. He said most money was recycled to earlier investors, a classic Ponzi scheme, but a “substantial amount” was spent on gambling. Starting in 1997, he created false documents to show he had contracts with hotels in California, Nevada, New Jersey, New York, and elsewhere. He said he promised people that in just 20 months, they would earn enough interest to cover their initial investment. Investors’ losses topped $35 million by 2007 when the U.S. Securities and Exchange Commission filed a civil lawsuit. Under sentencing guidelines, the man likely faces 15 years to 20 years in prison. The man told the judge he did not act alone. No one else has been charged, although the SEC has a lawsuit pending against another man, alleging he solicited 30 percent of the money given to the man in charge of the scheme and received $3.8 million in compensation. That man has denied wrongdoing. Source: http://www.therepublic.com/view/story/acd0a110e808409a8b8cce7ceff6aaac/MI--Mich-Ponzi-Scheme/

12. April 29, Hackensack Record – (New Jersey; National) Authorities seize $1.2 billion in counterfeit documents, arrest 2. Two men who tried to sell more than $1 trillion in counterfeit U.S. Treasury notes to undercover sheriff’s officers were arrested, authorities said April 29. The arrests were the culmination of a sting operation at a Bergen County, New Jersey hotel April 28 that authorities said involved numerous officers, including one who posed as a bartender to gain the suspects’ trust. Around $1.2 billion in fake U.S. Treasury notes was found in the suspects’ possession at the time of their arrest, the Bergen County sheriff said, though the two claimed they could produce hundreds of billions of dollars more in similar counterfeit notes. Both men were charged with money laundering and financial facilitation in the first degree, theft by deception, conspiracy, and forgery. After investigators initiated contact, the suspects told them they were willing to sell more than a trillion dollars in U.S. Treasury notes at a fraction of their value, the sheriff said. After some negotiation, both sides agreed to meet April 28 to complete the deal. By the time the suspects arrived, more than a dozen undercover officers were posing as security guards, limo drivers, and prospective buyers. Source: http://www.northjersey.com/news/bergen/042911_Authorities_seize_12_billion_in_counterfeit_documents_arrest_2.html

13. April 29, Associated Press – (Missouri) 2 investment handlers plead guilty to wire fraud. Two St. Louis, Missouri-area financial investment handlers face sentencing July 22 after pleading guilty to federal wire fraud charges April 29. Federal prosecutors said the two men pleaded guilty April 29, admitting they embezzled about $1.5 million from a retired couple. One of the men was an independent representative of Woodbury Financial Services. the other man operated Coral Mortgage Bankers Corp. offices in University City and Chesterfield, Missouri. The representative of Woodbury Financial Services also pleaded guilty to mail fraud for stealing an additional $3.5 million from about two dozen brokerage clients and beneficiaries of a trust fund, many of them elderly people. He said in his plea he used the money for, among other things, jewelry, and trips to adult entertainment clubs in East St. Louis, Illinois. Source: http://www.forbes.com/feeds/ap/2011/04/29/business-us-missouri-investment-handlers-fraud_8442396.html

14. April 29, KXTV 10 Sacremento – (California) Ripon bank robbed, bomb threat reported. A man who allegedly robbed a bank in Ripon, California, and claimed to have a bomb managed to get away with an undisclosed amount of cash April 29. The incident prompted law enforcement officials to evacuate the area and shut down a section of the downtown business district. A Ripon Police spokesman said around 10 a.m., a man walked into the Bank of the West carrying a black bag in which he claimed to have a bomb. He demanded money from a teller after showing a note referring to the “bomb.” The teller said the man was holding a remote control device during the robbery. Once the man had the cash, he fled on foot, leaving the bag on a counter inside. The spokesman said police arrived within minutes but were unable to find the man. The bank, nearby businesses, and homes were evacuated as a San Joaquin Bomb Squad worked to secure whatever was inside the black bag. The bag contained a cement block, not an explosive device. The man was described as a 40-year-old White or Hispanic adult, between 5 feet, 5 inches and 5 feet, 9 inches tall, with a mustache. He was wearing a tan jacket, blue jeans, white shoes, and a white baseball cap with a dark stocking cap underneath. Source: http://www.news10.net/news/article/135699/29/Ripon-bank-robbed-bomb-threat-reported

15. April 28, Federal Bureau of Investigation – (Arizona; National) New York man garners 20-Year sentence for ‘cashless ATM’ Ponzi scheme. A U.S. district court judge in Phoenix, Arizona, sentenced a New York City, New York man April 28 to 20 years in prison for his role in an $8 million Ponzi scheme that sold fictitious “cashless ATM machines” to victims throughout the United States. The 50-year-old pleaded guilty March 2, 2010, to one count of conspiracy to commit mail fraud and wire fraud, one count of wire fraud, and one count of mail fraud. The judge also ordered the man to pay $6,187,735 in restitution. From about March 2003, until about January 2005, the man and other co-defendants deceived about 300 investors into believing they were investing their money in a business opportunity pertaining to “cashless ATM machines.” The perpetrators established two Arizona corporations, Mac Investments, Inc. and MAC Investment Sales, Inc. of the same mailing address in Tempe to accomplish their goals. Source: http://www.loansafe.org/new-york-man-garners-20-year-sentence-for-%E2%80%98cashless-atm%E2%80%99-ponzi-scheme

For another story, see item 43 below in the Information Technology Sector

Information Technology

41. May 2, IDG News Service – (International) Osama bin Laden’s death is key topic on Internet. The announcement May 1 of the death of al-Qaeda’s leader has set the Internet abuzz, as users searched for information and shared their thoughts on the killing of one of the world’s most wanted men. The events will provide an opportunity for malicious Web sites to infect computers by tricking users into visiting their sites for more information, warned security experts. Cybercrooks can trick the search-ranking algorithms of popular search engines by feeding them fake pages to make their sites seem legitimate, increasing the chances Internet users searching for news land on a site dispensing malware, warned head of technology at IT security firm Sophos. An expert at IT security company Kaspersky Lab already had examples of malware-laced pages cropping up in response to a Google image search for “[al-Qaeda’s leader] body.” Users clicking on some of the images in the results are redirected to one of two malicious domains offering a copy of the rogueware known as “Best Antivirus 2011”, he said. Source: http://www.computerworld.com/s/article/9216315/Osama_bin_Laden_s_death_is_key_topic_on_Internet

42. May 2, Next Web – (International) Bogus MacDefender malware campaign targets Mac users using Google Images. Apple computer owners are being subjected to a number of specialized malware attacks that insists Mac users download a malware version of the popular MacDefender antivirus application, infecting their computers as a result. News of the malware campaign surfaced as scores of Mac computer owners flooded the Apple Discussion Forums, asking members for advice on how to delete the MacDefender application from their systems. Early reports show users have been targeted as they search Google Images, one user stating the bogus MacDefender application was automatically downloaded as he browsed images of Piranhas. Further searching through the Apple Discussion boards suggests the malware campaign is targeting users of Apple’s Safari browser, displaying warnings the user’s computer has been infected with viruses that only the unofficial MacDefender application can remove. Safari users can set their browser to automatically open software they trust, it is thought that many have been infected without their knowledge by this route of attack. Upon downloading, the application asks users to pay for protection, possibly giving attackers credit card details as a result. To reassure users of the official MacDefender software, its creator has taken to the official Web site to warn users of the malware campaign. It is not thought the malware application is able to infect Mac computers with a virus, instead it is posing as scareware, which preys on disrupting the confidence of Mac users but also getting them to hand over their credit card details. Source: http://thenextweb.com/apple/2011/05/02/bogus-macdefender-malware-campaign-targets-mac-users-using-google-images/

43. May 1, The Register – (International) Sony: ‘PSN attacker exploited known vulnerability’. Sony is getting ready to return to service some PlayStation Network offerings, amid ongoing analysis to try and identify the source of the April attack on its San Diego data center hosted in an AT&T network facility, The Register reported May 1. While maintaining it has not yet seen any evidence redit card data was compromised in the attack, Sony has said that where customers are charged a fee for reissuing credit cards, it will take responsibility for those charges. The company claimed in the press conference that credit card data was encrypted. Sony’s executive deputy president said while 78 million accounts were compromised, the number of affected individuals is lower than that, since some people operate multiple PlayStation Network accounts. Of these, he said, Sony only held credit card information for around 10 million customers. Sony’s CIO said the attack was based on a “known vulnerability” in the non-specified Web application server platform used in the PSN. However, he declined to stipulate what platform(s) were used or what vulnerability was exploited, on the basis that disclosure might expose other users to attack. He conceded Sony management had not been aware of the vulnerability that was exploited, and said it is in response to this the company has established a new executive-level security position, that of chief information security officer, “to improve and enhance such aspects.” Sony also said it has asked the FBI to investigate the attack. Source: http://www.theregister.co.uk/2011/05/01/psn_service_restoration/

44. April 29, Computerworld – (International) Yahoo says 1M users affected by email outage. A day after Yahoo’s e-mail service suffered a partial outage, the company reported that about 1 million users were affected. The problem began at 7:30 a.m. Pacific time April 28, and was at its worst at 11 a.m., according to the senior product manager for Yahoo Mail. At the problem’s peak, about 1 million users were without e-mail service, she added. It is unclear when Yahoo got e-mail back up for all of its users. Yahoo also did not specify what caused the problem. Source: http://www.computerworld.com/s/article/9216297/Yahoo_says_1M_users_affected_by_email_outage

45. April 29, IDG News Service – (International) Microsoft admits to more Windows Phone update problems. Another problem has cropped up preventing some Windows Phone 7 users from getting two software updates, adding another issue on a list of continuing problems that started in February. Microsoft acknowledged that some Samsung Focus owners in the United States have not yet received notification that the updates are available for them. On a Microsoft forum, some Focus users who have not received the updates noticed they have a more recent build version of the phone. While people with version REV 1.3 have gotten the updates, some of those with REV 1.4 have not. In addition, a Microsoft employee said Microsoft has stopped sending updates to the Omnia 7, a phone available in Europe. “The team discovered a technical issue with the update package for this model. The work of fixing and testing the package is nearly done, and the team hopes to resume update deliveries soon,” he wrote. These are the latest issues to plague Microsoft as it tries to send out new software to Windows Phone 7 handsets. Microsoft started in February by pushing out software designed to make the update process smoother. It pulled that update shortly after because it made some Samsung phones unusable. Source: http://www.computerworld.com/s/article/9216299/Microsoft_admits_to_more_Windows_Phone_update_problems

Communications Sector

46. May 2, WLWT 5 Cincinnati – (Ohio) Man killed trying to climb TV tower. Police said they have discovered a man’s remains at WLWT’s transmitter in Clifton Heights, Ohio, WLWT reported May 2. Officers said witnesses discovered a severed hand near the corner of Rohs and Warner streets May 1. The hand was the first of several disturbing discoveries. “The more we looked into it, we discovered a torso up by the radio tower,” said a sergeant with the Cincinnati Police Homicide Unit. Police said they linked the severed hand to a break-in at WLWT’s transmitter. They said it appeared the man was attempting to climb the tower when he died. Investigators said they did not know whether the man was electrocuted or fell. Source: http://www.wlwt.com/news/27735789/detail.html

47. April 29, Computerworld – (International) Amazon cloud outage was triggered by configuration error. Amazon has released a detailed analysis and apology about the partial outage of its cloud services platform the week of April 25 and identified the culprit: A configuration error made during a network upgrade. During this configuration change, a traffic shift “was executed incorrectly,” Amazon said, noting traffic that should have gone to a primary network was routed to a lower capacity one instead. The error occurred at 12:47 p.m. April 21 and led to a partial outage that lingered through the week of April 25. The outage sent a number of prominent Web sites offline, including Quora, Foursquare, and Reddit, and renewed an industry-wide debate over the maturity of cloud services. Amazon posted updates throughout the outage, but what it offered in its postmortem is entirely different. The nearly 5,700-word document includes a detailed look at what happened, an apology, a credit to affected customers, as well as a commitment to improve its customer communications. Amazon did not say explicitly whether it was human error that touched off the event, but hints at that possibility when it wrote that “we will audit our change process and increase the automation to prevent this mistake from happening in the future.” The initial mistake, followed by the subsequent increase in network load, exposed a cascading series of issues, including a “re-mirroring storm” with systems continuously searching for a storage space. Source: http://www.computerworld.com/s/article/9216303/Amazon_cloud_outage_was_triggered_by_configuration_error

For another story, see item 45 above in the Information Technology Sector

No comments: