Wednesday, October 26, 2011

Complete DHS Daily Report for October 26, 2011

Daily Report

Top Stories

• A Monterey, California real estate lender pleaded guilty to investment fraud for deceiving investors in his firm, Cedar Funding, and will pay nearly $70 million in restitution, federal prosecutors said October 24. – Silicon Valley/San Jose Business Journal See item 14 below in the Banking and Finance Sector

• U.S. regulators issued a mandatory safety directive requiring airlines to check for hazardous corrosion on movable tail parts on hundreds of Boeing 757 jets that could result in pilots losing aircraft control. – Wall Street Journal (See item 20)

20. October 24, Wall Street Journal – (National) Regulators want tails checked on Boeing 757s. U.S. regulators want airlines to check for hazardous corrosion on movable tail parts on hundreds of Boeing 757 jets that could result in pilots losing aircraft control. The Federal Aviation Administration (FAA) proposed October 24 a mandatory safety directive covering devices that control tail sections, called horizontal stabilizers, that help raise and lower the noses of more than 700 Boeing 757s flown by U.S. carriers. Eventually, the checks are expected to apply to hundreds of additional Boeing 757s operated by overseas airlines. A Boeing Co. spokeswoman said it supported the proposal, which builds on its nonbinding safety recommendations that carriers regularly inspect and lubricate the affected parts. She said that Boeing clarified those recommendations last year. The move comes nearly 11 years after a maintenance lapse helped cause a similar device to fail on the tail of an Alaska Airlines McDonnell Douglas MD-83 off the Southern California coast, rendering the plane uncontrollable and sending it into a dive that killed all 88 people aboard. Investigators eventually determined faulty aircraft design, slipshod maintenance, and inadequate federal oversight contributed to the high-profile accident. According to the FAA, part of the 757's horizontal stabilizer-control system is similar to a screw-style mechanism that failed on the Alaska jet, and may be subject to similar types of failures. Since that accident, Chicago-based Boeing's design reviews and safety analyses found "extensive corrosion" on one 757 that "could lead to loss of control of the horizontal stabilizer and consequent loss of control of the airplane," according to the FAA. Source:


Banking and Finance Sector

10. October 25, Financial Industry Regulatory Authority – (National) FINRA fines UBS securities $12 million for regulation SHO violations and supervisory failures. The Financial Industry Regulatory Authority (FINRA) announced October 15 it fined UBS Securities LLC $12 million for violating Regulation SHO (Reg SHO) and failing to properly supervise short sales of securities. As a result of these violations, millions of short sale orders were mismarked and/or placed to the market without reasonable grounds to believe the securities could be borrowed and delivered. Reg SHO requires a broker-dealer to have reasonable grounds to believe the security could be borrowed and available for delivery before accepting or effecting a short sale order. The FINRA found UBS' Reg SHO supervisory system regarding locates and the marking of sale orders was significantly flawed and resulted in a systemic supervisory failure that contributed to Reg SHO failures across its equities trading business. First, FINRA found UBS placed millions of short sale orders to the market without locates, including in securities known to be hard to borrow. These violations extended to many trading systems, desks, accounts and strategies, and impacted UBS' technology, operations, and supervisory systems and procedures. Second, FINRA found UBS mismarked millions of sale orders in its trading systems. Many orders were short sales mismarked as "long," resulting in additional significant violations of Reg SHO's locate requirement. Third, FINRA found UBS had significant deficiencies related to its aggregation units that may have contributed to additional significant order-marking and locate violations. As a result of its supervisory failures, many of UBS' violations were not detected or corrected until after the FINRA's investigation caused UBS to conduct a substantive review of systems and monitoring procedures for Reg SHO compliance. FINRA found UBS' supervisory framework over its equities trading business was not reasonably designed to achieve compliance with the requirements of Reg SHO and other securities laws, rules and regulations until at least 2009. In concluding this settlement, UBS neither admitted nor denied the charges, but consented to the entry of the FINRA's findings. Source:

11. October 25, Associated Press – (Colorado) Police from 17 agencies join task force to investigate credit card scam. Authorities from 17 agencies including the FBI have formed a task force to investigate a credit card scam that has victimized about 600 people in northern Colorado. Law enforcement agencies said the scam is one of the largest that has ever hit that part of the state. The Windsor police chief told KMGH 7 Denver there does not appear to be a single pattern to the crimes. A Loveland police sergeant said the fraudulent charges appeared to be happening in places outside of Colorado. Authorities warned people to be wary of callers claiming to be with a bank asking for account information. Source:

12. October 24, Associated Press – (North Carolina) NC man pleads guilty in $40M Ponzi scheme. A Clayton, North Carolina man pleaded guilty October 24 in federal court to participating in a Ponzi scheme that federal officials said was worth roughly $40 million. A U.S. attorney said the man pleaded guilty October 24 in Charlotte to one count of conspiracy to commit fraud and one count of money laundering conspiracy. Prosecutors said the man recruited people to serve as so-called "hedge fund managers" for a company that solicited investments based on fraudulent information. Once that began to unravel, investigators said he and others set up a separate Ponzi scheme in which investors' money was deposited straight into cash accounts rather than being invested. His conviction is the seventh in the case. He faces up to 15 years in prison. Source:

13. October 24, U.S. Securities and Exchange Commission – (National; International) SEC charges major Portuguese bank for violating registration provisions of U.S. securities laws. The U.S. Securities and Exchange Commission (SEC) October 24 charged multinational banking conglomerate Banco Espirito Santo S.A. (BES) with violations of the broker-dealer and investment adviser registration provisions and the securities transaction registration provisions of the federal securities laws. The SEC's enforcement action finds Lisbon, Portugal-based BES offered brokerage services and investment advice between 2004 and 2009 to about 3,800 U.S.-resident customers and clients who were primarily Portuguese immigrants. However, during this time, BES was not registered with the SEC as a broker-dealer or investment adviser, and it offered and sold securities to its U.S. customers and clients without the intermediation of a registered broker-dealer. None of these securities transactions was registered, and many of the securities offerings did not qualify for an exemption from registration. BES agreed to settle the SEC's charges and pay nearly $7 million in disgorgement, prejudgment interest and penalties. In determining to accept BES's offer to settle, the SEC considered remedial acts promptly undertaken by BES and its cooperation with SEC staff. Source:

14. October 24, Silicon Valley/San Jose Business Journal – (California) Monterey man to pay $70M on fraud charges. A Monterey, California real estate lender pleaded guilty to investment fraud and will pay nearly $70 million in restitution, federal prosecutors said October 24. He pleaded guilty in San Jose federal court to one count of conspiracy to commit mail and wire fraud. In pleading guilty, he admitted to “deceiving” investors who put money into his lending company, Monterey-based Cedar Funding, said the office of the U.S. Attorney for the Northern District of California. He also agreed to pay $69.8 million in restitution. Founded by the man in 1980, Cedar connected residential real estate developers seeking to borrow money, with individual investors who were willing to make such loans. A federal grand jury indicted the man and his co-defendant in September 2009. The co-defendant is a fugitive, and the real estate lender has been charged with 31 counts of conspiracy, mail, wire, and securities fraud, according to the U.S. attorney's office. In his plea agreement, the lender admitted that, from 2004 through 2008, more and more borrowers defaulted on loans funded by Cedar investors. The defaults piled up because of ”market conditions and management and construction problems,” the U.S. attorney's office said. The lender and his loan servicing manager did not tell investors of “certain material facts” about the true condition of their investments. In particular, they failed to tell them that borrowers had defaulted, that the lender had taken over many of the loans, and that Cedar ”had advanced substantial additional investor funds into those loans,” prosecutors said. The maximum penalty for one of the charges he originally faced is 20 years in prison and a fine of at least $250,000, the U.S. attorney's office said. Source:

15. October 24, Reuters – (Texas) Police arrest 24. Police arrested a group of 24 Occupy Dallas protesters October 24 after they sat down and locked arms in front of a downtown Dallas bank and ignored requests to move, protest organizers said. The arrests outside Chase Bank were the first of protesters in the city since Occupy Dallas demonstrations against economic inequality began October 6. A statement from Occupy Dallas put the number of arrests at 24. Protesters were still being released the evening of October 24 from the Dallas County jail, where they were taken following the afternoon arrests. Police confirmed arrests had been made, and said one officer suffered a minor injury in the incident. A video on the Occupy Dallas Facebook page showed officers scuffling with demonstrators during the arrests. The protesters had lined up three rows deep in front of the bank entrance, sat down and locked arms. When they ignored requests from police to move, the arrests began, the statement said. Source:

16. October 24, Bloomberg – (International) Ex-McKinsey consultant’s convictions on Iran embargo violations reversed. A former McKinsey & Co. consultant's convictions for violating the Iran trade embargo and running an unlicensed money-transfer business were thrown out on appeal October 24. A federal appeals court in New York reversed the man's June 2010 conviction on three counts that charged him with violating U.S. regulations barring trade with Iran and running an informal transfer business called a hawala. The court upheld his convictions on two counts of lying in response to a subpoena from the U.S. Treasury Department. The court said prosecutors may retry the man on two of the three overturned counts. The former consultant, who has been in U.S. custody since his arrest in January 2010, has served most of his 30-month sentence and is due to be released no later than March, according to the U.S. Bureau of Prisons Web site. The October 24 decision may affect the government’s attempt to collect $3.3 million in asset forfeitures it’s seeking in connection with the overturned criminal charges. The former consultant used a system called a hawala, popular in the Middle East and South Asia, to transfer funds, according to the appeals court. A U.S. circuit judge, writing for a three-judge appeals panel, said the man's family transferred $3.4 million to him from Iran. He received as many as 56 hawala transfers into his bank account from 44 people and companies over more than 3 years, the judge said. Defense lawyers claimed the former consultant did not violate the law because he got the money from his family and reported the funds to the U.S. government. Source:

Information Technology Sector

39. October 25, IDG News Service – (International) New DOS tool overloads SSL servers with ease. A newly released denial-of-service (DOS) tool can be used to bring down SSL servers using an average laptop computer and a standard DSL connection, IDG News Service reported October 25. The hacking outfit known as THC decided to release the tool, called THC-SSL-DOS, now because it was leaked online a few months ago. Even without SSL renegotiation enabled, attackers can use THC-SSL-DOS successfully against servers. However, such attacks would require more than a single laptop. Source:

40. October 25, The Register – (International) Cryptoboffin: Secure boot a boon for spooks' spyware. A leading computer scientist warned the latest so-called Trusted Computing proposals may restrict the market for anti-virus and security software and leave computers vulnerable to state-sponsored trojans, The Register reported October 25. The Cambridge University professor warned that the secure boot features in the Unified Extensible Firmware Interface (UEFI) firmware specification — understood to be required on certified Windows 8 machines — might even make it easier to smuggle state-sponsored trojans onto victims' machines. The secure boot system is designed to stop malware from being introduced into a computer's boot sequence — but without the secret cryptographic keys, the firmware will also block non-harmful code, such as non-Windows OSes and legit anti-virus software. Intelligence services could also compel Microsoft to include trojan keys in Windows and to issue them a UEFI key to falsely authenticate privacy-compromising trojans. Source:

41. October 25, Softpedia – (International) Autocomplete feature leaves browsers vulnerable. Since it is possible to get key up and key down events through JavaScript when a drop-down autocomplete menu is displayed, an ill-intended cybervillain can steal arbitrary values from a browser's autocomplete feature, Softpedia reported October 25. Researchers from Minded Security Labs believe most browsers are susceptible to the attack. The proof of concept, unfortunately, is easy to integrate in any Web game placed into a simple HTML page. By making a game in which the user has to press the up and down arrows on his keyboard, what seems to be a simple online app, turns out to be a highly effective data stealer. It can practically steal any information ever typed inside a browser, including account names, search words, and more. In order to fix this issue, vendors should “tie the information a site asks via autocomplete inputs to the site itself.” Since so far they do not check the origin of the input tag, the Web application remains vulnerable to a malicious script. Source:

42. October 25, H Security – (International) MyBB downloads were infected. In a blog posting, the MyBB development team confirmed the download package for version 1.6.4 of MyBB had been modified to include malicious code, H Security reported October 25. Unknown attackers were able to exploit a vulnerability in the MyBB Web site's content-management system to inject and execute PHP code. The attackers placed a contaminated version of MyBB, containing a backdoor, on the server. It is unclear exactly when the hack took place, meaning all downloads of 1.6.4 prior to October 6 could be affected. Users with MyBB systems are advised to check their installations and apply a patch. Source:

43. October 24, Network World – (International) New security flaws ID'd in BlackBerry 6 OS, Enterprise IM apps. Research in Motion (RIM) announced October 24 a handful of recently discovered vulnerabilities in its BlackBerry 6 handheld OS and BES for IBM Lotus Notes and Microsoft Exchange. First, RIM reports that three newly discovered vulnerabilities in the BlackBerry 6 Webkit browser could allow a hacker to access and/or modify data stored within a BlackBerry 6 smartphone's internal storage, as well as on its external media card. RIM recommended updating BlackBerry 6 smartphones' OS to v6.0.0.522 to address the issue. Secondly, RIM reported a new BES flaw that could affect organizations that employ Microsoft's Office Communications Server (OCS) 2007 R2 and/or the Microsoft Lync Server 2010 BlackBerry IM Client with certain versions of RIM's BES for Lotus Notes and BES for Microsoft Exchange. The vulnerability could allow a user to log in as another user, enabling them to send and receive messages as that user and prevent the legitimate user from accessing the BlackBerry Collaboration Service. To address the issue, RIM released new security updates for BES in the form of a BES 5.0.3 maintenance release 4 (MR4) software update. Source:

Communications Sector

44. October 25, Associated Press – (West Virginia) Phones back on at W.Va.'s Yeager Airport after days of headaches. The phones were back on at Charleston, West Virginia's Yeager Airport October 24. The airport lost telephone service starting October 21. Lumos Networks restored service by the evening of October 24. A Lumos spokesman told the Charleston Daily Mail the outage was a result of two incidents. A circuit failure that occurred October 21 was fixed by October 22. But another outage occurred the morning of October 24. The airport director called it "unacceptable", and said he is looking into the possibility of changing phone carriers. Phones were affected in the terminal, airport business offices, and the airport police department. The control tower and security and emergency offices never lost phone service. Source:

45. October 25, Jeffersonville News and Tribune – (Indiana) Police: Thieves cutting phone lines. Thieves removed about 2,000 feet of telephone line in Floyd County, Indiana, in the last week, the Floyd County sheriff said October 24. Wires have been cut along Corydon Pike, Borden Road, Budd Road, and twice along Moser Knob Road. According to police, the thefts have cost AT&T about $75,000. The sheriff said the thieves are likely stripping the rubber coating and selling the large-gauge copper. It is estimated the total street value of the stolen copper is $1,500 to $2,500. “It has caused an interruption of service for a lot of people,” the sheriff said. The wires are possibly being cut with a saw where they stretch between poles, police said. While copper thefts have been a growing problem in recent years because of the price of precious metals, these thefts are rare. The sheriff said the only way the thieves could reach the wires is by using a bucket truck and/or utility worker equipment, such as a harness and boots with climbing spikes. Because the wire is so heavy, police believe more than one person is involved. Cutting the wires can also potentially be dangerous since other types of wires are often near telephone lines. The sheriff said AT&T contractors were out the week of October 24 replacing the wires. Source:

For another story see item 43 above in the Information Technology Sector

No comments: