Thursday, June 30, 2011

Complete DHS Daily Report for June 30, 2011

Daily Report

Top Stories

• The Charleston State Journal reports federal investigators said coal dust and the failings of Massey Energy were responsible for an April 2010 explosion in a West Virginia mine that killed 29 miners. (See item 2)

2. June 29, Charleston State Journal – (National) MSHA: Coal dust caused UBB mine disaster not methane gas. Federal investigators said it was a coal dust explosion, not a methane gas inundation reported by Massey Energy, that caused an explosion at the Upper Big Branch (UBB) Mine in Montcoal, West Virginia, in April 2010. The U.S. Mine Safety and Health Administration (MSHA) director, and an agency spokesman, held a news conference to inform the public of their latest findings in the investigation of the UBB disaster that killed 29 miners. Numerous details were released although the report, said to be more than 200 pages in length, will not be finished until October. One of the more shocking revelations was a second set of books kept by management at the Massey owned mine. The MSHA spokesman said there is no violation for having numerous sets of books. However, at issue was the fact that safety violations and hazards were not reported in the main book made available to miners, safety inspectors, and others. A production book turned over to MSHA by Massey showed numerous hazards underground that were not noted in the official log. Three separate examples were shown to the media June 29. The report concluded that the main issue was a lack of rock dusting. In fact, 17 violations tied to rock dusting occurred within a year of the blast that killed 29 miners. The MSHA spokesman stopped short of saying the explosion was preventable, but was adamant that the devastation would not have been as great if Massey had operated properly. “No one should have been injured and definitely no one should died in this explosion," he said. More than a year after the investigation began, the spokesman said he does not feel as confident about the happenings underground in current mining operations. Source:

• According to Computerworld, hackers obtained the names, e-mail addresses, and other personal data of DefenseNews Web site subscribers, including many active and retired U.S. military personnel and defense contractors. See item 47 below in the Information Technology Sector


Banking and Finance Sector

14. June 29, Associated Press – (National) Bank of America in $8.5B mortgage settlement. Bank of America and its Countrywide unit will pay $8.5 billion to settle claims that the lenders sold poor-quality mortgage-backed securities that went sour when the housing market collapsed. The Charlotte, North Carolina, bank said the settlement with 22 investors is subject to court approval and covers 530 trusts with original principal balance of $424 billion. As a result of the settlement, Bank of America put its second-quarter loss at $8.6 billion to $9.1 billion. Excluding the settlement and other charges, the bank expects to post a quarterly loss of $3.2 billion to $3.7 billion. Source:

15. June 29, Charlotte Observer – (North Carolina) 3 others accused of mortgage fraud. In the latest fallout from the housing bubble, federal prosecutors in Charlotte, North Carolina, June 28 filed charges against three more defendants for mortgage fraud-related offenses. One of the cases is part of the wide-ranging mortgage fraud investigation known as Operation Wax House. The other involved two defendants accused of similar offenses. In the Wax House case, an Atlanta, Georgia woman was charged with one count of mortgage fraud conspiracy, according to a criminal bill of information. She is accused of being a "straw buyer" in one of the mortgage cells. Federal prosecutors said Operation Wax House could ultimately net up to 70 defendants, including promoters, mortgage brokers, closing attorneys, notary publics, and straw buyers. The 4-year-old probe has centered on seven high-priced south Charlotte and Union County neighborhoods. It involved about 80 homes and $100 million in loans. Separately, the U.S. attorney's office filed mortgage fraud conspiracy charges against two men for operating a mortgage fraud cell in Mecklenburg and Union counties that targeted the Providence Downs neighborhood, according to a bill of information. Using an entity called Direct Home Service, they arranged for borrowers to buy property at inflated prices and induce lenders to make loans for the purchases, according to the bill. The participants would then split the difference between the true price and the inflated price. They generated proceeds of $5.4 million. The bill also charges one of the men with failure to report income from the scheme to the Internal Revenue Service. Source:

16. June 28, Associated Press – (Connecticut; International) SEC secures $230M in Conn. fraud investigation. Federal financial regulators have secured $230 million from an offshore bank account linked to a Connecticut-based financier who is accused of running a massive investment fraud, authorities said June 28. The U.S. Securities and Exchange Commission said the money should help victims of a Venezuelan-American accused of running a pyramid scheme that exposed investors to hundreds of millions of dollars in potential losses. A pension fund for Venezuela's state oil workers accounted for most of the investment. The financier who lives in New Canaan, Connecticut, faces up to 70 years in prison after pleading guilty in March 2011 to criminal charges, including several counts of fraud and conspiracy to obstruct justice. He was accused of transferring money among investment accounts without telling clients to cover up huge financial losses and then falsifying documents to deceive investors, creditors, and investigators. Source:

17. June 28, Atlanta Journal-Constitution – (Georgia) Atlanta man convicted of credit schemes, ID thefts. A federal jury June 28 found a 37-year-old Atlanta, Georgia man guilty of bank fraud, credit card fraud, and aggravated identity theft in schemes that cost American Express, SunTrust Bank, and hundreds of individuals millions of dollars. He faces maximum sentences of 2 years for aggravated ID theft, 30 years on each of the conspiracy and bank fraud counts, and 50 years total on the credit card fraud counts. He also faces total fines of up to $33 million. From November 2008 through February 2010, the man ran several fraud schemes in Atlanta, prosecutors said. An undercover FBI agent, posing as an employee of a company with financial data, offered to make sensitive data available to the man. He gave the agent dozens of counterfeit credit cards, and discussed a variety of criminal schemes. Trial evidence showed that in one scheme, the man purchased information such as account numbers from a source in the Ukraine, then encoded phony credit cards with the data and used them. Also, he got hold of internal SunTrust account information and impersonated account holders, resulting in money transfers to accounts under his control. In another scheme, he set up fictitious merchant accounts with American Express and used stolen American Express credit card account numbers to run credit card transactions through the accounts, resulting in American Express paying millions of dollars to the fictitious merchants. Source:

18. June 28, Oklahoma City Oklahoman – (Oklahoma) Electrical fire causes evacuation at Arvest Bank in Norman. An electrical wire fire behind Arvest Bank in Norman, Oklahoma, caused a loss of power and the brief evacuation of employees shortly before 1 p.m. June 28. A senior vice president (VP) of operations with the bank said it is the second electrical fire in 2 days in the alley behind the bank at 200 E Main Street. Oklahoma Gas and Electric (OG&E) crews were called to repair lines June 27 when a fire broke out in the alley, the senior VP said. Crews were called back June 28 when another fire erupted, sparking lines and causing a loss of power. Employees were evacuated for about 10 minutes while firefighters extinguished the blaze. An outside back wall of an adjacent building was singed. No one was injured, and no other damage was reported. The senior VP said the bank is continuing to operate with power provided by a generator while OG&E crews repair the lines.


19. June 28, Associated Press – (Pennsylvania) ID theft bandit who romanced bank workers, had them steal victim information, convicted in Pa. A "Don Juan"-style bandit was convicted June 28 in Philadelphia, Pennsylvania, of running a large ID theft ring with the help of girlfriends working on the inside at various banks. Federal prosecutors said the 35-year-old Philadelphia man stole more than $1 million from victims after his paramours slipped him account information. He faces a mandatory 2 years in prison, and up to 330 years in all. Fifteen people have pleaded guilty in the case, including three women friends — a PNC bank branch manager, a Wachovia Bank teller, and a Colonial Penn Insurance Co. employee. The man's lawyer questioned the credibility of fellow defendants who testified against him. They included lieutenants who recruited drug addicts to serve as "check runners". Source:

For more stories, see items 43 and 44 below in the Information Technology Sector

Information Technology Sector

43. June 29, Softpedia – (International) FBI questions Iowa woman about LulzSec Hackers. A 29-year-old woman from Iowa had her home raided by the FBI and was questioned in connection with an investigation into attacks carried out by former LulzSec members. According to Gawker, the woman from Davenport, Iowa, was paid a visit by the FBI June 23. In addition to executing a search warrant, the agents were there to ask her about hackers who broke into HBGary earlier in 2011. She was a person of interest because she hung out in an IRC channel where hackers discussed the attack as it was happening. She later leaked the logs from that chat room, becoming their enemy. That is why when she was proposed to infiltrate the hacker group, she said such a plan would not work. However, the request itself seems to indicate the FBI is seeking to get informants inside Anonymous. Source:

44. June 29, Softpedia – (International) Operation Phish Phry lead defendant jailed for thirteen years. The lead defendant in a major phishing case known as Operation Phish Phry received 13 years in prison. The 27-year-old man from Los Angeles, California, received an 11-year sentence the week of June 20 for his role in an international phishing scheme shut down in 2009 by the FBI and Egyptian law enforcement authorities. More than 100 people were charged with crimes related with the scheme in the fall of 2009 in the United States and Egypt, the largest number of individuals ever to be indicted in a single cyber crime case. The man was named as a defendant together with 52 other individuals in an indictment returned in Los Angeles. He pleaded guilty to 49 counts of bank and wire fraud, aggravated identity theft, computer fraud, and money laundering. A number of 46 other defendants were convicted in the same case so far, many of which were hired by the man to receive money stolen from U.S. accounts and wire it to Egypt. The fraudsters distributed phishing e-mails that instructed recipients to input their account details on fake Bank of America or Wells Fargo Web sites. The losses are estimated at more than $1 million. In addition to the Operation Phish Phry sentence, the man also received 5 years in prison the week of June 27 for growing marijuana in his house. Two years of the second sentence are to run consecutively with his 11-year one, bringing his expected jail time to 13 years. Source:

45. June 28, IDG News Service – (International) Groupon India data published on Internet, said researcher. The user database of Groupon's Indian subsidiary, SoSasta, was published on the Internet and indexed by Google, according to an Australian security consultant. He said he had no clue as to how the database was published on the Internet. The consultant contacted Risky.Biz, a security news and podcast Web site presented by a man in Australia, after the SoSasta discovery to seek advice on disclosure. The Web site contacted the CEO of Groupon who called back personally within 24 hours of initial contact, according to a report on the Web site. SoSasta was acquired by Groupon in January this year, but continues to use the original brand on its group-buying deals Web site. Groupon said it was alerted June 24 about the security issue, and corrected the problem immediately. SoSasta runs on its own platform and servers and is not connected to Groupon sites in other countries, Groupon said. This issue does not affect data from any other country or region, it added. Source:

46. June 28, Softpedia – (International) Hacker group publishes stolen PayPal and MySpace credentials. A group of hackers has leaked tens of MySpace and PayPal login credentials that were allegedly captured by sniffing packets on open wireless networks. Called D3V29, the group has openly declared its affiliation with Operation Anti-Security (AntiSec), the hacking campaign originally started by LulzSec and carried forward by Anonymous. D3V29 posted the "dumps" on pastebin(dot)com, and advertised the links on its Twitter feed. The group told SC Magazine AU that it obtained the credentials by scanning public wireless networks in restaurants and stores with self-made software. The software is described as batch code that connects to the network and intercepts log-in data. The description resembles that of ARP spoofing attacks. Source:

47. June 28, Computerworld – (International) Hackers steal info on military, defense personnel. E-mail addresses and names of subscribers to DefenseNews, a highly-regarded Web site that covers national and international military and defense news, were accessed by hackers and presumed stolen, Gannett announced June 27. DefenseNews' subscribers include active and retired military personnel, defense contractors, and others in the United States' and other countries' defense establishments. "We discovered the attacker gained unauthorized access to files containing information of some of our users," said Gannett Government Media, an arm of the media chain that publishes DefenseNews, and the Military Times and Federal Times Web sites, as well as a number of military-specific magazines and journals, ranging from the Army Times to the Intelligence, Surveillance and Reconnaissance Journal. In a message posted to its site June 27, Gannett acknowledged the accessed information included first and last names, e-mail addresses, account passwords, and duty status branch of service for military personnel. Gannett urged registered users to reset their site passwords, "as well as your other online accounts, particularly those that use the same email address used for your Gannett Government Media Corporation account." The attack was first detected June 7. Source:

Communications Sector

48. June 28, South Florida Sun-Sentinel – (Florida) Will AT&T Wireless reimburse South Florida customers for four-hour outage? AT&T Wireless blames faulty equipment for a 4-hour service outage June 28, affecting many South Florida customers. The equipment failure occurred along the company’s network in southern Broward County, and lasted from 6 p.m. to 10 p.m., the AT&T spokeswoman said. She said the company did not know how many customers were affected, and has no current plan to credit customers for the 4 hours they were not able to make calls or send texts. The service failure affected the company’s mobile broadband customers, which include 3G and HSPA+, the latter being AT&T’s current version of 4G service. Source:

49. June 28, Associated Press – (South Dakota) Severed cable causes outage in Black Hills. An electrical company worker cut a fiber optic line and telephone line in western South Dakota, disrupting phone and Internet service for thousands of people in the Black Hills region June 27. People in Rapid Valley also lost their ability to dial 911, though the Qwest spokesman said that problem was fixed by mid-afternoon. Qwest crews installed a temporary fiber optic line and plan a permanent fix later. State regulators said the incident will be investigated. Source:

No comments: