Monday, February 7, 2011

Complete DHS Daily Report for February 7, 2011

Daily Report

Top Stories

• According to Reuters, frigid weather across the U.S. Southwest knocked out natural gas production equivalent to nearly 5 percent of daily nationwide demand. (See item 3)

3. February 3, Reuters – (National) Cold weather hits US natgas output, processing plants. Frigid weather across the U.S. Southwest knocked out natural gas production equivalent to nearly 5 percent of daily nationwide demand as wells froze and the cold caused problems for processing plants. At least one storage operator curbed additional draws from storage as utilities grabbed for replacement supplies to meet high heating and power demand as the unusually cold weather forced shut ins across Texas, Oklahoma and New Mexico. Bentek Energy estimated 2.7 billion cubic feet per day (bcfd) of natural gas output remained offline. Spectra Energy limited additional gas withdrawals above contracted volumes from its Moss Bluff and Egan storage facilities in East Texas and southern Louisiana. At least 1.5 bcfd of production was offline in the East Texas, Fort Worth and Texas Gulf Coast basins, Bentek estimates, with at least 900 million cfd offline in the Anadarko Basin, which lays partly in Texas and Oklahoma. Source:

• The Washington Post reports a mental health specialist recommended the U.S. Army private accused of leaking classified material to WikiLeaks not be deployed to Iraq, according to a military official familiar with a new investigation. (See item 39)

39. February 2, Washington Post – (National) Mental health specialist recommended WikiLeaks suspect not be deployed to Iraq. A mental health specialist recommended the U.S. Army private accused of leaking classified material to WikiLeaks not be deployed to Iraq, but his immediate commanders sent him anyway, according to a military official familiar with a new Army investigation. The investigation concluded the commanders’ decision not to heed the specialist’s advice and their failure to properly discipline the Army private may have contributed to one of the most high-profile classified military network breaches in decades, the military official said. The investigation, which is separate from an ongoing criminal inquiry, found the private’s immediate supervisors did not follow procedures for overseeing the secure area where the classified information was kept, greatly increasing the risk of a security breach. A source familiar with the private’s mental health records indicated the stress that led the soldier to seek help was caused primarily by a faltering personal relationship. At Fort Drum, he balled up his fists and screamed at higher-ranking soldiers in his unit. In Iraq, a master sergeant who supervised the private was so concerned about his mental health he disabled his weapon in December 2009. Also in Iraq, in May 2010, the private was demoted a rank for assaulting a fellow soldier, the Army said. The master sergeant charged with overseeing the private’s day-to-day activities kept extensive records of his alleged outbursts and shortcomings as a soldier, but did not discipline him properly or compel him to get help, said the military official familiar with the non-criminal Army investigation. Source:


Banking and Finance Sector

13. February 4, KMGH 7 Denver – (Colorado) Private-fund manager pleads guilty to $5.6 million fraud. A 47-year-old former Boulder, Colorado, private-fund manager and bank chairman pleaded guilty February 1 to several counts of financial fraud in what authorities said was a $5.6 million scheme. The plea included four counts of making false statements to banks and one count each of wire fraud, bank fraud, and money laundering. Authorities said the man used funds for his own benefit while he was chairman of the Boulder-based Flatirons Bank from January 2009 to last July. He was also accused of defrauding Yost Partnership from 2005 to last July. The charges carry a maximum prison sentence of 30 years, but a plea deal with prosecutors recommends a sentence of between 6 and 14 years. He will be sentenced April 15. Source:

14. February 4, St. Tammany News – (Louisiana) Multiple arrests made in credit card fraud ring. Louisiana State Police believe a 19-year-old McDonald’s employee from Lacombe, Louisiana, was recruited by a criminal network to “skim” credit card numbers using a separate credit card swiping device from drive-thru customers at the Mandeville restaurant. The employee would swipe cards once on the restaurant’s machine and then on a separate machine used by the network, and then pass on the electronic credit card information to members of the criminal organization who transferred the information to counterfeit credit cards. Once transferred to the counterfeit cars, members of the criminal network, which is now believed to have operations far beyond this area, used the credit card information on shopping sprees across Louisiana, Mississippi, Alabama, Florida, Georgia and Texas, purchasing a variety of merchandise. In addition, four others have been arrested in connection with this operation, and warrants have been cut for two more. The arrest comes after members of the Louisiana Financial Crimes Task Force concluded a 3-month investigation into numerous credit card fraud complaints from St. Tammany Parish residents. It was discovered that all of the victims had one thing in common, they had all used their card at the same McDonald’s Restaurant. So far the investigation has revealed 57 victims with an estimated financial loss of more than $50,000, but numbers are likely to climb along with the numbers of individuals arrested as the investigation continues. Source:

15. February 4, – (Alabama; Texas; Mississippi) Tax preparer indicted on tax, mortgage fraud charges; $68 million scheme. A former Alabama tax preparer has been indicted by a federal grand jury on 80 counts charging her with conspiracy, preparing and filing false tax returns, mortgage fraud, and wire fraud in connection with the filing of false tax returns through her business, Preyear Tax and Check Cashing, LLC, located in Monroeville with offices in Atmore and Thomasville. She also is charged for her work with two other businesses, Kimble and Preyear Tax Service in Greenville, Mississippi and Henry’s Tax Service in Longview, Texas. Federal court documents show FBI and IRS agents seized more than $300,000, boxes of tax documents, computers, and vehicles after they raided her businesses and Monroeville home. The scheme involved filed tax returns claiming some $68 million in tax refunds, largely for earned income credit and other tax credits, according to the Department of Justice (DOJ). She would falsely claim dependent credits, and either charged her clients an extra fee for using the false dependents or pocketed the extra funds herself. She also “split” dependents, using the identity of some children on one return to obtain the earned income credit, and on other returns to obtain the child and dependent care credits. Her firm also prepared returns which claimed business tax deductions for businesses which did not exist, and farm tax deductions for clients who did not have farms, DOJ said. She was also charged with mortgage fraud and wire fraud in connection with fraud in regard to applications she made for mortgages to CitiBank and Wells Fargo. Source:

16. February 4, Washington Post – (Virginia) Va. banker accused of stealing $8 mil. A 25-year-veteran Wells Fargo bank business relationship manager in Loudoun County, Virginia, has been arrested and held in federal custody without bond after allegedly embezzling nearly $8 million from one customer’s account. One of her longtime clients, identified in the affidavit as “MDM,” opened a “wealth management account” in 2003 that would allow MDM to avoid federal taxes on its earnings. Periodically, MDM instructed the manager to transfer funds from a checking account to the wealth management account, in amounts ranging from $600,000 to $2.2 million. But beginning in January 2010, the manager would instead transfer the funds into one of several accounts controlled by herself and her husband. Last month, a Wachovia employee grew suspicious of the $2.2 million transfer and contacted MDM, the affidavit states. MDM acknowledged requesting the transfer and produced her wealth management account statement. The bank determined the statement was phony. The bank and federal agents found the manager transferring hundreds of thousands of dollars to accounts with names such as Majestic Premo Enterprises, Virginia Gentleman Auctioneering Firm, and Sight, Sound & Smile Angel Association. MDM had never heard of any of these groups. The suspect was arrested last week at Dulles International Airport in Dulles, Virginia, and ordered held without bond, federal authorities said. Source:

17. February 3, Orange County Register – (California) ‘Stick figure bandit’ suspected in 6 robberies. A thin man who robbed an Aliso Viejo, California, bank is believed to be a serial bank robber whom authorities have dubbed the “stick figure bandit.” The bandit is believed to have hit two Orange County banks, as well as four other banks in the Inland Empire. The robber showed tellers a handgun in his waistband during the robberies and counted down, an FBI special agent said. The latest robbery occurred at School’s First Credit Union inside a Stater Bros. supermarket in Aliso Viejo. The FBI is investigating whether he may be connected to the four other bank robberies that occurred in January. All six robberies have occurred in bank branches inside supermarkets. Source:

18. February 3, KTXL 40 Sacramento – (California) Man accused of ripping off real estate investments. An Elk Grove, California, man has been indicted for wire fraud for a Ponzi Scheme involving $11 million. The U.S. Attorney in Sacramento said the man ran a company, Genesis Innovations, that took $11 million from 75 people for real estate investments, but only invested $2.5 million. The case was investigated by the FBI. The maximum penalty for a violation of wire fraud is 20 years in prison and a $25,000 fine. The man is facing 6 counts. Source:,0,7323410.story

19. February 3, San Diego Union-Tribune – (California) Suspected ‘Drywaller Bandit’ arrested in Encinitas. The “Drywaller Bandit” suspected in 11 bank robberies was chased and caught by sheriff’s deputies within minutes of a holdup at Chase bank on North El Camino Real in Encinitas, California, February 3. The robber, wearing what was described by authorities as a dust mask, had been seen walking into the bank, where he displayed a pistol and demanded cash from a teller. He left walking east as a witness relayed his direction to deputies. They chased him to Village Square Drive and Encinitas Boulevard and took him into custody, authorities said. The robber, also known for wrapping his lower face in a black cloth, was nicknamed the “Drywaller Bandit” by the FBI. Authorities believe he robbed two banks in Pasadena in August, then three in Oceanside and six in Encinitas in subsequent months. Source:

Information Technology

45. February 3, Computerworld – (International) Microsoft to patch 22 bugs, 3 zero-days next week. Microsoft February 3 said it will issue 12 security updates the week of February 6 to patch 22 vulnerabilities in Internet Explorer (IE), Windows, its Internet server, and Visio, the company’s data diagramming tool. The company also announced it will provide patches February 8 for three bugs it has already acknowledged, including one that has been exploited by criminals for several weeks. Of the three unpatched-but-admitted vulnerabilities, one is in IE, a second is in Windows’ rendering of thumbnail images, and the third is in Internet Information Server, Microsoft’s popular Web server software. Source:

46. February 3, Softpedia – (International) Several vulnerabilities fixed in newly released Google Chrome 9 stable. Google has released the first stable build of Chrome version 9 which, in addition to enhancements and new features, contains patches for several vulnerabilities. In total, there are nine security issues addressed by the new Chrome 9.0.597.84, six of which have a low severity rating, two high, and one critical. Both high-impact vulnerabilities were discovered by a member of the Oulu University Secure Programming Group, a regular security contributor to the Chromium project. Flaws consist of an use-after-free memory error in image loading and an exploitable crash in the PDF event handler related to printing. Two of the low-rated flaws affect the Mac version of Chrome only. They consist of a minor sandbox leak via stat() discovered by a member of the Chromium development community, and a crash in the Mac OS 10.5 SSL libraries. Two other low-impact crashes, one due to an extension with missing key and one due to a bad volume setting, were discovered by external researchers. The other two vulnerabilities with low severity ratings were credited to members of the Google Security Team or the Google Chrome Security Team and involve restrictions to cross-origin drag & drop, and a more graceful merging of autofill profiles. Source:

47. February 3, H Security – (International) Mailing list application Majordomo reveals file content. A bug in the way path names are evaluated means it is possible to view the content of arbitrary files on a Majordomo mailing list system using the help command. The vulnerability can be exploited via both the web and e-mail interfaces in Mojordomo2. According to a security advisory, simply sending an e-mail with the content help ../../../../../../../../../../../../../etc/passwd to the Majordomo account is sufficient to receive a response containing the content of the /etc/password file. The bug is fixed in snapshot versions majordomo-20110125 (direct download) and later. Source:

Communications Sector

48. February 4, – (Tennessee) Vandals cause $1 million damage to Tennessee radio station. Nashville’s WVOL-AM (1470) was taken off the air after vandals cut the transmission lines to all six of their towers, causing an estimated $1 million in damage. The station is back on, but only one of the six towers has been repaired. Both the local police and the FBI were contacted to investigate. There was concern that the vandalism may be tied into on-air discussions about the U.S. President, health care and religion, regular topics on some shows. One poster on the Nashville Board of heard the vandal “took all the coils and busted all the capacitors at all six towers.” Source:

49. February 4, Reuters – (International) Internet addresses depletion reflects wired world. The transition to a new version of Internet addresses under IPv6 is already well under way and should occur without even being noticed. At a special ceremony in Miami, Florida, February 3, the organization that oversees the global allocation of Internet addresses distributed the last batch of so-called IPv4 addresses, underscoring the extent to which the Web has become an integral and pervasive part of modern life. The explosion of Web-connected gadgets, and the popularity of Web sites from Google Inc to Facebook, means the world has now bumped up against the limit of roughly 4 billion IP addresses that are possible with the IPv4 standard introduced in 1981. Under IPv6, there are 340 undecillion addresses available. That’s 340 trillion, trillion, trillion addresses. Source: