Tuesday, July 19, 2011

Complete DHS Daily Report for July 19, 2011

Daily Report

Top Stories

• Officials found vandals had removed 44 spikes from train tracks in Bellingham, Washington, July 11. But the discovery was made before any trains could derail, according to KAPS 660 AM Mount Vernon. (See item 31)

31. July 14, KAPS 660 AM Mount Vernon – (Washington) Spikes removed from train tracks in Bellingham. Forty-four spikes were removed from train tracks in Bellingham, Washington, but railroad officials said they discovered the vandalism before any trains could derail. A Burlington Northern Santa Fe Railway spokesman said the removal of spikes discovered July 11 could have caused significant damage if an alert inspector had not noticed the track tampering. The spikes were taken from the main track along Bellingham Bay, about 1 mile south of the Alaska Ferry terminal in Fairhaven. The theft took place near a trestle that was damaged by a fireworks-ignited fire July 4. The company is investigating both incidents, and is offering rewards of up to $5,000 for information leading to arrests in either case. Source: http://www.kapsradio.com/kaps-radio-660am-news-headlines/spikes-removed-from-train-tracks-in-bellingham/

• A court July 15 charged 14 suspected al-Qa'ida militants for allegedly planning to attack the U.S. Embassy in Turkey, the Associated Press reports. (See item 44)

44. July 18, Associated Press – (International) Turkey court files charges against 14 militants in anti-U.S. plot. A court has charged 14 suspected al-Qa'ida militants for allegedly planning to attack the U.S. Embassy in the Turkish capital, Ankara. The charges — which were filed by an Ankara court July 15, come as the U.S. Secretary of State visits Turkey’s cultural capital of Istanbul for a meeting on religious tolerance. The 14 suspects were captured just before her arrival. A 15th suspect was released, though may later also face trial. Turkish media have speculated homegrown radical Islamist militants affiliated with al-Qa'ida were preparing to avenge the May 2 killing of the group's leader in Pakistan by U.S. forces. The state-run Anatolia news agency reported July 16 one of the suspects had carried out surveillance around the U.S. Embassy in Ankara, and some other foreign missions, including taking photos. It said police seized 1,500 pounds of chemicals, bomb-making instructions, assault rifles, ammunition, and maps of Ankara. Police captured the suspects after tracking one of them for 6 months, according to Anatolia. Police captured the suspect less than a week ago on a street in Sincan, a town on the outskirts of the capital where he is believed to have received weapons training. The others were rounded up July 12. In June, police arrested 10 suspected al-Qa'ida militants in the city of Adana, home to the Incirlik Air Base used by the United States to transfer noncombat supplies to Iraq and Afghanistan. Authorities have said Muslim militants tied to al-Qa'ida planned to attack Incirlik in the past, but were deterred by high security. Source: http://www.businessmirror.com.ph/home/world/13915-turkey-court-files-charges-against-14-militants-in-anti-us-plot


Banking and Finance Sector

20. July 18, Bloomberg News – (National) Former commodities trader McCrudden will plead guilty in death-threat case. A former commodities trader accused of threatening to kill financial regulators has agreed to plead guilty, his lawyer said July 18. The man will plead guilty to two counts of transmission of threats to injure, his lawyer said in federal court in Central Islip, New York, before opening arguments were scheduled to begin in his trial. The charges carry a maximum sentence of 10 years in prison. The 50-year-old, who also ran his own hedge funds, was accused of threatening the lives of 47 current and former officials, including the SEC chairwoman, and the Commodity Futures Trading Commission (CFTC) chairman. The man has been held without bail since he was arrested January 13 returning from Singapore. He is charged with threatening the regulators in profanity-filled e-mails and, after the CFTC sued him in December, Web postings. He had said he was being persecuted for fighting back against unfair regulatory actions that destroyed his career. Source: http://www.bloomberg.com/news/2011-07-18/former-commodities-trader-mccrudden-will-plead-guilty-in-death-threat-case.html

21. July 17, Memphis Commercial Appeal – (National) Man arrested in Bank of Bartlett robbery accused of robberies in four states. One of two men arrested in the Bank of Bartlett robbery in Tennessee July 15 is also accused of robbing banks in Arkansas, Alabama, Georgia, and Mississippi. The two suspects are accused of robbing the Bank of Bartlett at 9915 Highway 64 in Cordova, Tennessee. Both men were armed when they entered the bank and approached a teller. One suspect demanded money while the other ordered employees and customers to lie on the floor, according to the Safe Street Task Force. As the two men left in a getaway vehicle with an undisclosed amount of money, a customer followed and called Memphis Police. Police chased the getaway vehicle and stopped it at Macon Road and Tennessee Highway 385. The men were arrested without incident. One is a known fugitive, the task force said. He is also wanted in Tupelo, Mississippi, for the July 7 armed robbery of a Trustman’s Bank office. Federal authorities have also been seeking him in connection with bank robberies in Conway and Marion, Arkansas, in early July. Source: http://www.commercialappeal.com/news/2011/jul/17/man-arrested-bank-bartlett-robbery-accused-robberi/

22. July 16, Daily Yomiuri Online – (International) Thieves raid evacuation areas / Unguarded ATMs robbed of 684 million yen; empty homes violated. Some 56 ATM thefts have been reported in the three disaster-hit Tohoku prefectures in Japan since the March 11 earthquake and tsunami, with the amount of money stolen totaling 684 million yen, according to the National Police Agency (NPA). About 420 million yen, or 60 percent of the money, was stolen from within 20 kilometers of the Fukushima No. 1 nuclear power plant. Deserted in the wake of the disaster, ATMs in convenience stores and financial institutions in the area in particular have become targets for theft. According to the NPA, further ATM thefts are unlikely to occur as cash left at empty stores and banks has now been collected. Arrests have been made in connection with only one of the thefts. About 28 cases took place in the zone within 20 kilometers of the crippled nuclear power plant, which was largely deserted after an evacuation advisory was issued March 12. One reason for the police's lack of progress in investigating the thefts is that alarm systems and security cameras at many stores and banks were not operating at the time of the robberies, due to power outages caused by the disaster. Source: http://www.yomiuri.co.jp/dy/national/T110715004927.htm

23. July 15, Cardratings.com – (National) Study: Banks fall short on credit card fraud protection. A new study conducted by Javelin Strategy & Research showed that while banks are good at handling credit card fraud once it has occurred, they could be doing more to protect their customers' information from hackers and to prevent identity theft. The study ranked America's largest banks on a scale out of 100: 45 points for fraud prevention, 35 for detection, and 20 for resolving problems after they've occurred. While the average for problem resolution was 18 out of 20, the scores for prevention and detection were much more troubling: only 24 out of 45 and 17 out of 35, respectively. Source: http://community.nasdaq.com/News/2011-07/study-banks-fall-short-on-credit-card-fraud-protection.aspx?storyid=85682

24. July 15, United Press International – (International) SEC alleges foreign currency Ponzi scheme. The U.S. Securities and Exchange Commission (SEC) filed charges July 14 against the head of a purported foreign currency trading firm, alleging he ran a Ponzi scheme. The SEC alleged the man, who led First Capital Savings & Loan, raised $21 million from investors in at least 26 states and promised monthly returns of up to 7.15 percent through foreign currency trading, the watchdog agency said July 15 in a release. The agency said the man, who fled to Peru and was arrested there earlier this year, used most of the money to fund a start-up newspaper called "USA Tomorrow," according to the SEC. His scheme began to fall apart in June 2008, and he and First Capital had lost all of the investors' money by September 2008, the SEC said. Still, the suspect solicited at least an additional $1 million from at least 36 investors between June 2008 and February 2009 by pushing First Capital's fictitious high returns, the SEC alleged. The agency's lawsuit asked for court orders to bar the defendants from engaging in securities fraud, and to require them to disgorge their ill-gotten gains and pay financial penalties. Source: http://www.upi.com/Business_News/2011/07/15/UPI-NewsTrack-Business/UPI-97641310762841/

25. July 15, KGTV 10 San Diego – (California) Man in 'Dapper Bandit' series convicted. A man dubbed the "Dapper Bandit" was convicted July 15 of holding up a Mira Mesa check-cashing business and a bank in Point Loma, California, December 2010. Authorities believe the 42-year-old also committed four earlier robberies in Fresno, King County, and Westlake Village. He was convicted of two counts of robbery following a 1-day trial. He robbed the check-cashing store December 20 and got away with $1,000, according to a deputy district attorney (DA). He held up a U.S. Bank branch a week later. The defendant, who got his moniker because he was well-dressed when he committed the crimes, was arrested New Year's Eve as he tried to cross into the United States from Mexico. He told investigators that he was on his way back to rob the same bank because he ran out of money, the deputy DA said. The defendant has a 1992 robbery and prior escape convictions and was on parole prior to his arrest at the border. Jurors were unable to agree on whether he used a gun during the heists, which would have increased his punishment. Source: http://www.10news.com/news/28557897/detail.html

26. July 15, U.S. Department of Justice – (Virginia; Maryland) Virginia real estate businessman pleads guilty to mortgage and investment fraud schemes. A Virginia real estate businessman pleaded guilty July 15 to fraud charges in connection with mortgage and investment schemes to obtain more than $12 million in fraudulent loans. He pleaded guilty in a U.S. District Court in the Eastern District of Virginia to one count of bank fraud, and one count of wire fraud. In his guilty plea, the man admitted that between November 2005 and May 2011, he orchestrated at least three mortgage fraud schemes where he used “straw borrowers” with good credit scores to apply for and obtain nearly $11.5 million in fraudulent loans relating to three Northern Virginia residential properties. He did so by causing lenders to receive false and inflated income information about the straw borrowers, and he submitted forged and fraudulent documentation to lenders purporting to verify that false data. After attempting to refinance the loans and forestall foreclosure, he ultimately defaulted on loans for all three properties. He also admitted in his plea that between June 2008 and October 2010, he engaged in a fourth scheme to obtain more than $800,000 in fraudulent loans from at least eight residents of Maryland, and Virginia. He obtained the loans by promising high rates of return over short periods of time in exchange for money he claimed he would invest in various property ventures. He later defaulted on each loan, generally paying back no more than 10 percent of the borrowed amounts. At sentencing, he faces a maximum penalty of 30 years on the bank fraud count, and 20 years on the wire fraud count. For each count, he also faces a fine of the greater of $250,000 or twice the value gained or lost from the scheme. In his plea, he agreed to forfeit $7.9 million, pay back about $5.3 million. Source: http://www.justice.gov/opa/pr/2011/July/11-crm-927.html

Information Technology Sector

52. July 18, H Security – (International) VLC Media Player 1.1.11 closes heap overflow holes. The VideoLAN project announced the release of version 1.1.11 of VLC Media Player. The twelfth release of the 1.1.x branch of VLC is a maintenance and security update that fixes two previously reported heap overflow vulnerabilities in the Real Media and AVI file parsers. Other changes include improvements to the VLC interface on Mac OS X systems and fullscreen fixes for the Win32 Web plug-in, as well as several codec and translation updates. Extensions support and the AVI mixer for converting and transcoding also received fixes. Source: http://www.h-online.com/security/news/item/VLC-Media-Player-1-1-11-closes-heap-overflow-holes-1280716.html

53. July 18, Softpedia – (International) Toshiba confirms loss of customer data following Website hack. Toshiba confirmed one of its U.S. Web sites was compromised the week of July 11, which led to the loss of user account information. A spokesperson for the consumer electronics company told the Wall Street Journal its U.S. unit observed issues with its Web server July 11 and began investigating. The company confirmed the server was compromised July 13, and user data was stolen. This coincided with a hacker leaking data extracted from the Web site on pastebin. According to Toshiba, the hacked site housed personal information of more than 7,500 customers, but only data belonging to 681 of them was compromised. This is somewhat consistent with what the hacker claimed. He said one database table called "Tbl_Gb_Users" had 5,203 entries, and he eventually leaked about 800 of them. The Toshiba spokesperson stressed no financial data or credit card details were exposed as a result of the breach. Source: http://news.softpedia.com/news/Toshiba-Confirms-Loss-of-User-Data-Following-Website-Hack-212115.shtml

54. July 15, IDG News Service – (International) Intel investigating possible bug in SSD 320 drives. Intel said it was investigating a potential bug that may be causing SSD 320 solid-state drives to fail. The company was offering replacement drives to affected customers until the issue is resolved, a customer service representative said. In Intel forums, users were complaining about SSD 320 drives crashing due to power issues, causing data loss. In some instances, the storage capacity on the drive was being reported as only 8MB after the crash. An Intel technical support representative said that until the issue is resolved, affected customers will be sent a replacement drive. The SSD 320 was released in March and is being used in PCs and Apple Mac computers. Source: http://www.computerworld.com/s/article/9218463/Intel_investigating_possible_bug_in_SSD_320_drives

55. July 15, Softpedia – (International) New mass injection attack distributes zeus. Security researchers from Sophos warn of a widespread Web injection attack that has infected many Web sites with code distributing a variant of the zeus trojan. "Huge numbers of sites have been injected with a malicious JavaScript that attempts to load content from an exploit site when innocent users browse the affected pages," a principal virus researcher at Sophos said. The injection is widespread with the malicious code, detected by Sophos as Mal/ObfJS-AB, currently representing a quarter of all reported threats. The attack does not seem to be limited to any particular type of Web site or Web server, suggesting the compromise vector might be stolen FTP accounts. Since the purpose of the attack is to distribute a variant of the zeus information-stealing trojan, this theory is even more likely. The injected code redirects visitors to a third-party page that launches PDF and Java exploits. Successful attacks install a zeus variant. "Perhaps the most interesting thing about this attack is the exploit site JavaScript (the content we block as Mal/ExpJS-N). We have been seeing the same exploit script at the end of spam links and JS/Sinowal-V redirects in recent weeks," the Sophos researcher said. "The script is heavily obfuscated and uses polymorphic and anti-emulation techniques to attempt to evade detection." He said affected Web sites span over different hosting providers, so it does not appear that any hosting company is targeted in particular, as seen in some mass injection attacks. Source: http://news.softpedia.com/news/New-Mass-Injection-Attack-Distributes-ZeuS-211843.shtml

56. July 15, Macworld – (International) Apple releases iOS updates to fix PDF vulnerabilities. After a report from the German government the week of July 11 regarding PDF-related security vulnerabilities in MobileSafari, Apple released updates for all iOS devices that fix the problem July 15. Though they both fix the same three vulnerabilities, the patch comes in two versions, due to the different versions of the iPhone 4. iOS 4.3.4 applies to the iPad and iPad 2, the third- and fourth-generation iPod touch, the iPhone 3GS, and the iPhone 4 (GSM model); users of the CDMA model of the iPhone 4 instead receive iOS 4.2.9. The issues addressed in the updates include the PDF problem within Apple's CoreGraphics framework, which exploits FreeType's TrueType and Type 1 fonts to execute malicious code, and a conversion problem within the IOMobileFrameBuffer framework, which could allow code to inadvertently gain system privileges by posing as the user. The PDF-related exploits were also being used in the latest jailbreak method for iOS devices, a process that could be accomplished via the jailbreakme.com Web site; Apple's patch reportedly now disables that method. Source: http://www.computerworld.com/s/article/9218449/Apple_releases_iOS_updates_to_fix_PDF_vulnerabilities

Communications Sector

57. July 17, STLtoday.com – (Illinois) Man charged after climbing Millstadt water tower. A 20-year-old Millstadt, Illinois man was charged July 16 with two felonies after he climbed the old city water tower July 15 and had to be brought down by rescue teams from several jurisdictions. He was charged with property damage and interfering with utilities for allegedly damaging communications equipment on the tower. A police lieutenant said the suspect climbed up at 9 p.m. after an argument with a girlfriend. Firefighters from Columbia and a St. Clair County rescue team climbed 120 feet to help him down 3 hours later, he said. The city no longer stores water in the tower. Source: http://www.stltoday.com/news/local/crime-and-courts/article_53da53d0-72a7-55e9-b37b-d990fedf7ecc.html

58. July 15, West Virginia Media – (West Virginia) Phone service restored in Clendenin. Frontier Communications reported July 15 that the phone outage that affected the Clendenin, West Virginia area was repaired. The outage caused the 548 exchange to be without service. Frontier technicians were in the area and trying to locate the problem, according to Kanawha County Metro 911. Residents were asked to use their cell phones to dial 911 for emergencies, but anyone without a cell phone was advised to go to the nearest fire station to report an emergency. Source: http://www.statejournal.com/story.cfm?func=viewstory&storyid=103338

For another story, see item 56 in the Information Technology Sector

No comments: