Wednesday, December 21, 2011
Complete DHS Daily Report for December 21, 2011
Daily Report
Top Stories
• Fierce winds and snow caused fatal road accidents, stranded dozens of motorists, and shuttered hundreds of miles of highways in five states December 20. – Associated Press (See item 17)
17. December 20, Associated Press – (National) Blizzard closes highways from New Mexico to Kansas. Fierce winds and snow that caused fatal road accidents and shuttered highways in five states, crawled deeper into the Great Plains December 20, with forecasters warning that pre-holiday travel would be difficult if not impossible across the region. Hotels were filling up quickly along major roadways from eastern New Mexico to Kansas, and nearly 100 rescue calls came in from motorists in the Texas Panhandle as blizzard conditions closed part of Interstate 40, a major east-west route, December 19. About 10 inches of snow had fallen in western Kansas before dawn December 20 and several more inches along with strong wind gusts were expected, a National Weather Service meteorologist said. Snowpack and icy conditions forced the closure of roadways across western and southwestern Kansas, including a western section of the I-70, the main thoroughfare that traverses the state. The storm was blamed for at least six deaths December 19, authorities said. Four people were killed when their vehicle collided with a pickup truck in part of eastern New Mexico where blizzard-like conditions are rare, and a prison guard and inmate died when a prison van crashed along an icy roadway in eastern Colorado. In northern New Mexico, snow and ice shuttered all roads from Raton to the Texas and Oklahoma borders about 90 miles away. Travel throughout the region was difficult. New Mexico shut down a portion of Interstate 25, the major route heading northeast of Santa Fe into Colorado. Source: http://www.csmonitor.com/USA/Latest-News-Wires/2011/1220/Blizzard-closes-highways-from-New-Mexico-to-Kansas
• The U.S. Army Corps of Engineers did all it could to cope with record Missouri River flooding in 2011, although proposed changes could help avoid a disastrous repeat, said an expert panel in a new report. – Associated Press (See item 47)
47. December 20, Associated Press – (National) Panel: Corps not to blame for Missouri River flood. The U.S. Army Corps of Engineers did what it could with the record flooding on the Missouri River in 2011, although proposed changes could help avoid a disastrous repeat, especially since such floods could become more frequent, an expert panel said in a report released December 20. The 99-page analysis said “climatic extremes” appear to be getting “bigger and more frequent,” with the experts calling for updated flood probability models and procedures. It did not cite climate change as a factor, saying the issue was “beyond the scope of this report.” The Corps said the floods caused $630 million in damage to levees, dams, and channels built to control the river. The Corps manages the 2,341-mile-long river, which flows from Montana through North Dakota, South Dakota, Nebraska, Kansas, Iowa, and Missouri. The report said the 2011 flood was the “the largest of the period of record in terms of runoff volume, and it stressed the mainstream reservoir system and its operators as never before.” An expert from the panel said May rainfall in Montana exceeded 300 percent of normal, surprising everyone and causing the biggest problems. However, he said such unusual weather may be a more common part of the weather cycle. The experts said their first suggestion would be to ensure more federal money is available to repair and maintain the current system of spillways, tunnels, and other infrastructure. Other recommendations included improved monitoring of pending snowmelt in Plains states, as is done in the northern Rocky Mountain that feed the river. They also suggested better collaboration with weather forecasting and water monitoring agencies, improved monitoring systems for tributaries, and an update of the master manual that guides management for all authorized uses on the river. Source: http://www.sacbee.com/2011/12/20/4135383/panel-corps-not-to-blame-for-missouri.html
Details
Banking and Finance Sector
8. December 20, Denver Post – (Colorado) ‘Wig Out Bandit’ strikes again. A man known as the “Wig Out Bandit” is suspected of robbing his eighth northeast Denver bank. The FBI said the First Bank branch at 2740 S. Colorado Blvd. was held up December 19 by a robber who got his nickname because he wore a wig in his first robbery August 1 at the Public Service Credit Union at 815 Colorado Boulevard. Crime Stoppers is offering a $2,000 reward. Source: http://www.denverpost.com/news/ci_19582239
9. December 19, Cypress Creek Mirror – (Texas) Female bank bandit linked to at least 3 heists. The FBI Bank Robbery Task Force is seeking a woman accused of committing at least three Houston-area bank robberies within the past month. The latest robbery occurred at the Capital One Bank in Houston December 16. The woman was captured in several photos taken by the bank’s security cameras. At about 2:40 p.m., she entered the bank and slid a note to the teller. The note demanded money and threatened the teller. The teller gave the woman some cash, but then the robber asked for more money. The teller told her she gave her all the money. The woman is believed to be responsible for at least two other area bank robberies — the robbery of a Compass Bank November 22, and the robbery of a Capital One Bank November 19. Source: http://www.yourhoustonnews.com/cypresscreek/news/female-bank-bandit-linked-to-at-least-heists/article_993c1076-2a6e-11e1-bb06-001871e3ce6c.html
10. December 19, WHTM 27 Harrisburg – (Pennsylvania) $30M judgment awarded in mortgage fraud case. The president of a now-defunct mortgage company and several of his former employees must pay more than $30 million in restitution to hundreds of central Pennsylvania families victimized by a Ponzi scheme that collapsed in the fall of 2007, WHTM 27 Harrisburg reported December 19. The president and his wife were ordered to pay more than $28.6 million as the result of a lawsuit filed by the state attorney general’s office. The man was owner and president of OPFM, Personal Financial Management, Image Masters, and other related companies that operated in Berks and Lancaster counties. He is currently serving a 12-year prison sentence after pleading guilty to mail fraud. His wife was the human resources manager for the companies. In addition, a former office manager and five mortgage consultants must pay nearly $1.5 million in restitution. State prosecutors said the employees acted “in concert” with the president in a scheme that encouraged families to borrow more money than necessary, with the promise of reducing their interest rate and/or an early loan pay-off. The money instead was used to conceal company losses and for the president’s personal debts and expenses, authorities said. Source: http://www.abc27.com/story/16354333/30m-judgment-awarded-in-mortgage-fraud-case
11. December 19, WRC 4 District of Columbia – (Virginia) Lenders lost $7 million in mortgage fraud scheme: U.S. attorney. An Ashburn, Virginia man has been charged by a federal grand jury with conspiracy and mortgage fraud for allegedly falsifying mortgage loan transitions, WRC 4 District of Columbia reported December 19. The scheme allegedly involved at least 25 homes in northern Virginia, and the lenders lost more than $7 million. He faces a 12-count indictment that accuses him of using his job as a realtor and owner of a title company from 2006 to 2008 to participate in a plan to defraud mortgage lenders and benefit financially from loan proceeds, commissions, and bonus payments. According to court documents, the man and other conspirators recruited unqualified purchasers and used them as nominal buyers in real estate transactions. The unqualified buyers were usually people with good credit but who did not have enough income or property in assets to qualify for the loan they received as a result of doing business with the realtor. He and others are accused of falsifying mortgage loan applications, creating fake documentation to support the applications, and adding unqualified buyers as signatories on their bank accounts to make it appear to lenders the applicants had enough in assets to qualify for the loan. The case is being investigated by the U.S. Postal Inspection Service and the FBI’s Washington Field Office. If convicted, the realtor faces a maximum penalty of 20 years in prison on each count. Source: http://www.nbcwashington.com/news/local/Lenders-Lost-7-Million-in-Mortgage-Fraud-Scheme-US-Attorney-135898033.html
12. December 19, U.S. Securities and Exchange Commission – (New York) SEC charges longtime Madoff employee with falsifying documents to deceive regulators. The Securities and Exchange Commission (SEC) December 19 charged a longtime employee of an investor who ran a Ponzi scheme with falsifying books and records in order to hide his fraudulent investment advisory operations from regulators. The SEC alleges the employee, who worked at Bernard L. Madoff Investment Securities LLC (BMIS), assisted in falsifying BMIS’s internal accounting records to misclassify hundreds of millions of dollars of income purportedly generated by BMIS’s operations. She also falsified financial statements filed with the SEC and other regulators as well as materials prepared to deceive SEC staff examiners, federal and state tax auditors, and other external reviewers. According to the SEC’s complaint, filed in federal court in New York, the woman played a central role in falsifying these records as directed by the firms owner and its director of operations. The woman joined this effort after she was promoted to controller in 1998, when she was instructed to falsely account for these transfers of investor funds as adjustments to certain securities positions on BMIS’s stock record. The SEC’s complaint said she used these figures to calculate and overstate trading income purportedly generated by the firm’s market-making and proprietary trading operations. She included these bogus figures on financial statements, which she then filed with the SEC and other regulators. She and other BMIS personnel then falsified documents provided to regulators to obscure the firm’s advisory operations and the transfer of investor funds to bank accounts. The U.S. Attorney’s Office for the Southern District of New York December 19 announced parallel criminal charges against the employee, who has pled guilty and also consented to the entry of a partial judgment in the SEC’s civil case against her. Subject to court approval, the proposed partial judgment will impose a permanent injunction against the woman and require her to disgorge ill-gotten gains and pay a fine in amounts to be determined at a later date. Source: http://www.sec.gov/news/press/2011/2011-270.htm
13. December 19, threatpost – (National) USAA warns members of sophisticated phishing scam. USAA is warning its members about a sophisticated phishing scam that attempts to install a malicious banking Trojan on members computers. The Texas-based financial services association issued a notice to members December 19 about what it described as an “aggressive email phishing scam” directed at USAA members. The phishing e-mails have the subject line “Deposit Posted” and even include a randomly generated four digit “Security Zone” number that mimics the customer’s actual USAA member number, the firm said. USAA said the e-mail messages do not contain malicious links, but do ask members to open an attachment that, once opened, will install a “malicious banking virus” designed to steal user account information and that would “require a complete reinstall of your computers (sp) operating system.” Source: http://threatpost.com/en_us/blogs/usaa-warns-members-sophisticated-phishing-scam-121911
14. December 16, Bloomberg – (National) Man who inspired ‘Rudy’ film will pay $382,000 to settle sports-drink case. The former walk-on football player at the University of Notre Dame who inspired the 1993 film “Rudy,” agreed to pay $382,000 to resolve U.S. regulatory claims he defrauded investors in his sports-drink company by touting fake taste tests and sales. He and 12 others generated more than $11 million in illicit profits by artificially pumping up the stock of Rudy Nutrition, the firm he founded, the Securities and Exchange Commission (SEC) said in a complaint filed December 16 in a federal court in Las Vegas. The company sent promotional press releases falsely claiming Rudy Nutrition outsold sports-drink Gatorade by 2 to 1 in the Southwest, and outperformed Gatorade and Powerade in several blind taste tests, according to the complaint. At the same time, the promoters traded Rudy Nutrition stock to inflate the price of unregistered shares they were selling to investors, the SEC said. The scheme ended in September 2008, when the SEC halted trading in Rudy Nutrition because of delinquent public filings, the agency said. The suspension blocked the participants’ plan to issue another 2 billion shares at the end of that month, the SEC said. Source: http://www.bloomberg.com/news/2011-12-16/sec-accuses-man-who-inspired-rudy-of-fraud.html
Information Technology
36. December 20, The Register – (International) Mobiles forced to send premium-rate texts in new attack. Cyber criminals may be able to force mobile phones to send premium-rate SMS messages or prevent them from receiving messages due to security weaknesses in mobile telecoms standards. The weakness involves the handling of messages directed towards SIM Application Toolkits — applications preloaded onto SIM cards by mobile operators. The applications can be used for functions such as displaying available credit or checking voice mail, as well as handling value-added services, such as micro-payments. SIM Toolkits receive commands via specially formatted and digitally signed SMS messages. These messages are processed without appearing in a user’s inbox and without triggering any other alert. The encryption scheme is robust, but problems might arise because error messages are automatically sent out if a command cannot be executed. The SIM Toolkit service message can be configured so responses are made via SMS to a sender’s number or to the operator’s message center, creating two possible attack scenarios. Source: http://www.theregister.co.uk/2011/12/20/sim_toolkit_attack/
37. December 20, The Register – (International) Atari and Square Enix cough to exposing users’ privates. Atari apologized to gamers following a security breach that exposed their names and e-mail addresses, leaving users at heightened risk of spam. The gaming company blamed the minor breach (no credit cards or mobile phone numbers were exposed) on problems introduced during a migration to a new cloud-based server platform. Separately, game developer Square Enix admitted the weekend of December 17 and 18 that it lost up to 1.8 million user data records to attackers including names, addresses, and phone numbers following a hack attack on its Web site. Personal details of gamers in the United States and Japan spilled as a result of the breach at Square Enix, which also did not involve credit card details. Source: http://www.theregister.co.uk/2011/12/20/atari_gaming_security_fail/
38. December 20, Softpedia – (International) KOOBFACE botnet uses TDS to ensure a bigger profit. The KOOBFACE botnet, known for using pay-per install and pay-per click mechanisms to help its controllers earn millions, was recently upgraded with a sophisticated traffic direction system (TDS) that handles all traffic referenced to affiliate Web sites. According to Trend Micro researchers, the TDS redirects traffic to locations that earn crooks affiliate cash for each user they fool into accessing the sites. Since Google implemented some security mechanisms that make sure botnets can no longer create fake e-mail accounts useful for spamming and creating social media profiles, the cybercriminals began relying on Yahoo! Mail. Once the e-mail accounts are made, the botnet uses them to create other accounts on social networking sites such as Twitter, Tumblr, FriendFeed, FC2, livedoor, So-net, and Blogger. In the third part of the process, images are collected with the help of a new binary component that gathers pictures of celebrities, cars, and anything else that might attract unsuspecting users. In the next stage, dedicated pieces of malware begin creating blog accounts and retrieve content for them from the command and control server. The posts from these rogue blogs are designed specifically to make sure they will pop up among the first results in search engines. By using an obfuscated JavaScript code that references the botnet’s TDS domain, they are able to track the number of visits to each rogue blog post and redirect victims to the affiliated sites that help them earn money. To make sure as many Internet users as possible land on their Web sites, social media sites are also flooded with links. Source: http://news.softpedia.com/news/KOOBFACE-Botnet-Uses-TDS-to-Ensure-a-Bigger-Profit-241896.shtml
39. December 19, Computer Business Review – (International) Malware authors rush to release Java exploit packs. Researchers at M86 are warning that exploits for a recently-discovered Java vulnerability are available in the wild, meaning cyber criminals could target unpatched systems. The security firm also warned this news shows authors are getting much faster at updating exploit kits when new vulnerabilities are discovered. While it used to take authors a month or more, some authors are now updating their kits even before a patch is released. Although a patch was released to fix the Java vulnerability, any unpatched systems are still at risk, M86 warns. The Blackhole, Phoenix, and Metasploit export kits are the ones that rush-released new versions to exploit the vulnerability, called CVE-2011-3544, which exploits the Rhino Javascript engine. An attacker can use the script to generate an error object, which can then give them full privileges. The attacker can then execute code will full permissions, M86 said. Source: http://security.cbronline.com/news/malware-authors-rush-to-release-java-exploit-packs-191211
40. December 16, IDG News Service – (International) Flash Player scam charges victims for free program via SMS. A scheme that charges people via SMS for what should be a free copy of Adobe Systems’ Flash player is apparently undergoing a test run on a Russian social network, according to security vendor Bitdefender. The scam was uncovered after a Bitdefender customer found a suspicious link to a Flash Player update on Vkontakte, a social networking service for Russian speakers, according to a senior e-threat researcher for Bitdefender. If clicked, the link leads to the Flash Player application, but a drop-down menu then asks what country the user is located in as well as their mobile phone number and operator. Adobe does not ask for any of that information during a normal installation. If the person is located outside of Russia, the installer instructs the person to send a message to a short code to receive an “activation” code for the program, the researcher said. Russian users are not charged, perhaps because the scam would be reported quickly to authorities, he said. The scammers have apparently signed up for SMS payment processing services for countries such as the United Kingdom. According to the drop-down menus, the scammers arranged for SMS payments on networks including O2, Vodafone, and Orange, as well as AT&T in the United States. The scam is not widespread yet, which the researcher said may mean the scammers are conducting a trial run to see how well it works before hitting other social networking sites such as Facebook. Source: http://www.computerworld.com/s/article/9222741/Flash_Player_scam_charges_victims_for_free_program_via_SMS?taxonomyId=17
For another story, see item 13 above in the Banking and Finance Sector
Communications Sector
41. December 19, KMTR 16 Springfield – (Oregon) Hundreds lose 911 service after thieves make off with copper phone lines. Century Link said hundreds in Oregon were left without phone service December 18. Some were unable to call 911 after thieves made off with hundreds of feet of copper phone lines. The wire theft left parts of Douglas, Curry, and Coos County without phone service. They were alerted to the problem at 8 p.m. December 18 after their fiber optic cable began bouncing information back. They say they traced the problem to a portion of the line just outside of Tenmile. Officials said someone climbed a telephone pole and cut the cable, making off with an estimated 600 feet of copper cable. In the process they damaged a fiber optic line, the only outside connection Tenmile and Camas Valley have to the outside world, including 911. Officials said the outage was so severe, even a quick fix wasn’t easy. They said they spliced the line temporarily on the ground so they could get those circuits up and operating. Century Link said all phone lines have been restored. Douglas County sheriff’s deputes said within the last year, three separate phone line jackings have led to widespread outages. Source: http://www.kmtr.com/news/local/story/Hundreds-lose-911-service-after-thieves-make-off/icyVaeCc80uHItoraDJV4w.cspx
For more stories, see items 36, 38, and 40 above in the Information Technology Sector
No comments:
Post a Comment