Monday, April 18, 2011

Complete DHS Daily Report for April 18, 2011

Daily Report

Top Stories

• According to ABC News, a critical shortage of a leukemia drug has forced some hospitals to turn patients away. (See item 36)

36. April 14, ABC News – (National) Shortage of leukemia drug forcing hospitals to turn some patients away. A critical shortage of a leukemia drug has cancer centers across the country worried about how to treat many of their patients. Oncologists in 30 states have reported a shortage of cytarabine, a drug that is key to treating certain types of leukemia. “If we can’t get the drug, then the patients are going to die,” the chairman of the Department of Leukemia at the University of Texas M.D. Anderson Cancer Center in Houston said. One of the drug’s three U.S. manufacturers, Hospira, said its delays were caused when the company was unable to obtain the active ingredient, cytarabine, from its supplier. Hospira and another manufacturer, APP, also had a problem with crystallization in drug vials. APP recalled a supply in February. Bedford Laboratories said its delays are “due in part to the fact Bedford continues to face increased market share of product demand due to a decrease in competitor’s capacity.” Cytarabine is used as part of a drug regimen against acute myeloid leukemia (AML), a relatively rare cancer. It is sometimes used to treat acute lymphoblastic leukemia (ALL). For patients with AML who take cytarabine, the drug is the difference between a shot at life and certain death. “Since its introduction, we can claim cures in 40 to 50 percent of patients,” the director said. “Without the drug in the treatment regimen, the rate is zero.” Doctors said there are no suitable substitutes for cytarabine, leaving AML patients without a viable alternative. A number of hospitals said they have to ration supply, meaning some patients will not get the doses they need. It also means they must turn new patients away. Nebraska Medical Center in Omaha said, “At one point last week, we were completely out of enough cytarabine for any new patients. We had enough to finish the current patients we had in the hospital but no new ones.” Source: http://abcnews.go.com/Health/shortage-leukemia-drug-cytarabine-forcing-hospitals-turn-patients/story?id=13374817

• The Register reports authorities arrested five people who took part in an armed robbery of a California factory that netted $37 million in Intel flash memory chips. See item 48 below in the Information Technology Sector.

Details

Banking and Finance Sector

16. April 14, Wall Street Journal – (Massachusetts) SEC charges three subprime auto loan executives. The Securities and Exchange Commission (SEC) April 14 charged three executives of Inofin Inc., a subprime auto loan provider based in Massachusetts, with misleading investors and diverting at least $110 million for personal use. The SEC alleges the three individuals illegally raised funds through the sale of unregistered notes. Investors were told the money would be solely used to fund subprime auto loans and that they could expect to receive returns of 9 percent to 15 percent. Instead, two of the suspects used a portion of the funds to open four used car dealerships, and start several real estate property developments. Source: http://www.marketwatch.com/story/sec-charges-three-subprime-auto-loan-executives-2011-04-14-1152350?link=MW_latest_news

17. April 14, KTLA 5 Los Angeles – (California) Tax man scams government of $30 million. A Pasadena, California-based tax preparation company has been forced April 14 to stop providing services after a federal court order. The court order bars the man and his two companies, Retirement Plan Services, Inc. and Lyon Pensions Inc., from preparing federal taxes or representing others before the Internal Revenue Service, the Justice Department (DOJ) announced April 14. The man was sued in August, 2010 by DOJ for allegedly conducting fraudulent tax schemes. According to the lawsuit, his schemes cost the government at least $30 million in tax collections. He reportedly helped small business owners create bogus pension and welfare-benefit plans so they could hide revenue and, therefore, owe less on their corporate income taxes. He also allegedly funneled the fake contributions back to the customers by taking fake loans from the plans. He is also being ordered to stop selling or administering pension or welfare-benefit plans. Source: http://www.ktla.com/news/landing/ktla-tax-man-fraud,0,4362246.story

18. April 13, Wausau Daily Herald – (Wisconsin) Manson Insurance owner pleads guilty in $9.6 million bank fraud conspiracy. The former head of a Wausau, Wisconsin insurance agency pleaded guilty April 13 to his role in a multi-million dollar bank-fraud scheme. The former chief executive officer of Manson Insurance faces maximum penalties of 5 years in prison, a $250,000 fine, and restitution that will be determined at his June 14 sentencing. The former executive was accused of forging customer signatures on loans to finance phony insurance premiums, embezzling credits from insurance companies, and fraudulently billing customers. In court April 13, the assistant U.S. attorney said that on February 18 and December 12 in 2008, the man had a former Manson Insurance vice president draft loan notes for two customers who had not requested the loans. The executive then sold the notes to River Valley Bank, which was located in the same building as Manson Insurance, and deposited the $281,049 proceeds in the Manson agency bank account, a U.S. attorney said. According to court records, the fraudulent insurance premium notes sold to River Valley had a face value of $3,771,799 and resulted in a loss to the bank of approximately $1,926,695. The former vice president who served as an accomplice in the scheme pleaded guilty last month to concealing a felony in connection with her role in the scam. Source: http://www.wausaudailyherald.com/article/20110413/WDH0101/110413040/Updated-Scholfield-guilty-fraud-scam?odyssey=tab|topnews|img|FRONTPAGE|p

19. April 12, Federal Bureau of Investigation – (California; International) Owner of foreign currency exchange trading company charged with defrauding investors out of more than $5 million. A California man was arrested tApril 12 on federal charges that he defrauded investors out of more than $5 million. The 31-year-old Los Angeles, California man is charged with wire fraud arising out of the operation of Green Tree Capital. According to the complaint the man, through Green Tree, solicited more than $5 million from customers, purportedly for the purpose of trading in the foreign currency exchange (FOREX) market. It is alleged the man traded, at most, a small portion of customer funds in FOREX and instead spent most of it on personal expenses, including more than $950,000 at casinos and approximately $130,000 to purchase a car. Between October 2009 and February 2011 he also withdrew more than $2.1 million in cash from Green Tree customer accounts. During that same time period, Green Tree continued to e-mail account statements to customers purporting to show trading gains and losses. In many instances, the account statements showed customers’ accounts had gained value through successful FOREX trading. If convicted on these charges, the man faces up to 20 years in prison to be followed by 3 years of supervised release and a $250,000 fine. Source: http://www.fbi.gov/boston/press-releases/2011/owner-of-foreign-exchange-currency-trading-company-charged-with-defrauding-investors-out-of-more-than-5-million

20. April 12, The Register – (International) Exploit-wielding boffins go on free online shopping binge. Computer scientists have documented serious flaws in software running some of the world’s biggest e-commerce sites and shown how they can be exploited to receive DVDs, digital journals, and other products for free or at sharply reduced prices not authorized by sellers. The findings are an indictment of software makers, e-commerce sites, and third-party cashiers used to process payments. The researchers, from Microsoft and Indiana University, said the vulnerabilities stem from the interconnected communication among the end user making a purchase, the online merchants, and the cashier-as-a-service providers such as PayPal, Amazon Payments, and Google Checkout. The “trilateral interaction” is so complex the two most popular e-commerce programs used to coordinate the communications can easily be fooled into approving the transactions for free, or at a tiny fraction of the price being charged. They said the software they analyzed was vulnerable largely because it was designed to be flexible enough to work with a variety of merchants and payment processors. But they said the payment processors were also culpable. They called out Amazon Payments specifically for a “serious error” in its software developer kit that allowed attackers to provide their own digital certificates during online transactions so they bypassed legitimate certificates used during a verification process. Source: http://www.theregister.co.uk/2011/04/12/free_online_shopping_exploits/

Information Technology

44. April 15, Help Net Security – (International) Epsilon breach leads to more than just phishing. Since the Epsilon breach, customers have had daily reminders that they could expect and be prepared for spear phishing e-mails coming their way. But, phishing is not the only type of attack that can be mounted against them. Websense researchers have recently spotted a Web page spoofing the Epsilon official Web site, i.e. the page with the press release regarding the breach. Screenshots show the attackers have simply taken some of the source code from the legitimate page. Once a user has landed on the page, he/she reads that there has been an “update” to the press release which states that the investigation concluded that personally identifiable information was stolen. In order to check if his information was stolen, the user is urged to download and install a trojan dropper disguised as an “Epsilon Secure Connect Tool.” Source: http://www.net-security.org/malware_news.php?id=1696

45. April 15, Digital Trends – (International) Skype for Android has a major security flaw. A major security flaw has been discovered in the Skype for Android app, which could put users’ private data in danger of being accessed by others. After discovering that a leaked beta version of the VoIP app was vulnerable to an exploit that offers access to all user data, Android Police tried the same tactic with Skype for Android, available since October 2010, and saw the same results. The site notes the Skype Mobile for Verizon app appears to be unaffected, only Skype for Android. Skype stores all user data in a folder bearing that user’s name. The database files contained in that folder have incorrect permissions that are not encrypted. Therefore, these files, which contain everything from contacts and profile information to message logs, can be accessed and read by anyone with minimal trouble. However, potential intruders would require a user’s Skype name to access the private data. Android Police notes there is the danger of a rogue developer releasing a modified version of the app that could pull out and transmit private user information. Source: http://www.digitaltrends.com/mobile/software-mobile/skype-for-android-has-a-major-security-flaw/

46. April 15, Softpedia – (International) Chrome security update patches Flash Player plug-in. Google has released a new stable update for Chrome to address several vulnerabilities in the browser itself, as well as in the bundled Flash Player plug-in. The new Chrome 10.0.648.205 version fixes three critical flaws, which is a unusual because critical bugs are a relatively rare occurrence in Google’s browser. One of them affects only the Windows version and stems from an error in the GPU process. Another critical error in the GPU process triggers a heap overflow. The last patched vulnerability is also located in the GPU process and consists of a use-after-free memory condition. The bundled Adobe Flash Player plug-in was updated to version 10.2.154.27 from 10.2.154.25, to address an actively exploited zero-day flaw. Identified as CVE-2011-0611, the vulnerability was discovered earlier in April in the wild where it was targeted via Flash exploits embedded in rogue Word documents. Source: http://news.softpedia.com/news/Chrome-Security-Update-Patches-Flash-Player-Plug-In-195193.shtml

47. April 14, Computerworld – (International) Apple patches Pwn2Own, Comodo hack bugs. Apple April 14 patched bugs in iOS and Safari used at March’s Pwn2Own hacking contest by three teams of researchers. In an iOS update to version 4.3.2, Apple patched a bug exploited by two researchers, who hacked an iPhone at Pwn2Own. Apple fixed the same flaw in Mac OS X March 21, but had left iOS — the operating system for the iPhone, iPad, and iPod Touch — unprotected until April 14. The same update also patched a vulnerability in WebKit — the browser engine that powers Safari on Mac OS X and iOS, and the browser on BlackBerry devices — that was exploited by a trio of researchers to hack a BlackBerry. iOS 4.3.2 also closed a second WebKit hole that was used by a team from the French security company Vupen to breach Safari on a MacBook Air. Apple quashed the two WebKit bugs in Safari with a separate update that brought Apple’s browser to version 5.0.5. A third update addressed a March theft of digital certificates used to authenticate sites owned by some of the Web’s biggest name, including Google, Microsoft, Mozilla, Skype, and Yahoo. Source: http://www.computerworld.com/s/article/9215826/Apple_patches_Pwn2Own_Comodo_hack_bugs

48. March 14, The Register – (California) Five cuffed over $37m heist of Google flash chips. California law enforcement officials have arrested five people who allegedly took part in a February 27 heist that nabbed $37 million in Intel flash memory chips from memory module manufacturer Unigen in Fremont, California. Silicon Valley’s Rapid Enforcement Allied Computer Team (REACT) –- a task force of local, state, and federal agencies focused on high-tech crime –- has been investigating the heist after taking over from the Fremont police department and working in conjunction with the Santa Clara County district attorney. The director of REACT and a lieutenant in the district attorney’s bureau of investigations, told The Register 1.7 million flash memory chips were stolen from the facility that makes DRAM and flash memory products for Google. Roughly 15 people entered the Unigen factory at 8:30 a.m., dressed in black and armed with handguns and automatic rifles. They tied up employees, locked them up in a room, and loaded up the flash memory on a truck. REACT’s director said 98 percent of the Intel flash chips that had been stolen have been recovered, and that one of the things that the team is trying to ascertain is why the thieves did not immediately try to sell the flash memory. He confirmed reports that about 2 percent of the flash memory that was stolen had been traced to buyers in China. Source: http://www.channelregister.co.uk/2011/04/14/flash_heist_bust/

For another story see Item 20 above in the Banking and Finance Sector

Communications Sector

See Item 45 above in the Information Technology Sector