Wednesday, September 7, 2011

Complete DHS Daily Report for September 7, 2011

Daily Report

Top Stories

• The tally of digital certificates stolen from a Dutch company in July exploded to more than 500, including ones for intelligence services such as the CIA, England's MI6, and Israel's Mossad, a Mozilla developer said September 4. – Computerworld (See item 46 below in the Information Technology Sector

• A man with an automatic rifle opened fire at an IHOP restaurant in Carson City, Nevada, September 6, killing two National Guard members, another person, and himself, and wounding 6 others. – msnbc.com and Associated Press (See item 51)

51. September 6, msnbc.com and Associated Press – (Nevada) 4 dead, 6 wounded in Nevada shooting. A man with an automatic rifle opened fire at an IHOP restaurant in Carson City, Nevada, September 6, killing two National Guard members, another person, and himself in a hail of gunfire during the morning breakfast hour, authorities and witnesses said. Six people were wounded in the attack. The suspect apparently acted alone and died at a hospital in Reno. Authorities were not saying whether the attack targeted the Guard members, who were meeting at the restaurant in a strip mall on Carson City's main street. Witnesses said the gunman pulled up in a blue minivan around 9 a.m. and shot a man on a motorcycle, then walked inside the restaurant and started shooting. He then walked outside and fired shots at a barbecue restaurant and an H&R Block in the strip mall, and then a casino across the street before turning the gun on himself. The state capitol and supreme court buildings were locked down for about 40 minutes, and extra security measures were put in place at state and military buildings in northern Nevada, but the shooting appeared to be an isolated incident, said the Carson City sheriff. Local, state police, and the FBI responded. The minivan was registered locally. A public relations manager for Care Flight told the Reno Gazette-Journal that three victims were taken to the hospital by helicopter, and that two were in critical condition. Source: http://today.msnbc.msn.com/id/44410882/ns/today-today_news/t/wounded-shooting-nevada-restaurant/

Details

Banking and Finance Sector

16. September 6, Orlando Sentinel – (Florida) Suspected bank robber linked to five hold-ups. A convicted robber suspected of holding up 5 banks in central Florida shortly after he was released from prison was scheduled to be arraigned September 6 in circuit court. The 25-year-old man was charged with robbing banks in Fruitland Park, Lady Lake, and Leesburg by handing tellers a note and warning them that he had a gun and would use it if necessary. Police said he never showed a gun. The Marion County resident also is a suspect in similar bank robberies in Ormond Beach in Volusia, and Wesley Chapel in Hernando. According to an assistant state attorney, the man was released from the state department of corrections June 22, 14 days before he allegedly struck a branch of Bank of America on North 14th Street in Leesburg. He served 3 years for strong-arm robbery in Marion. He also is accused of robbing the BB&T bank branch in Fruitland Park July 22, and a SunTrust Bank branch in Lady Lake 3 days later. He was identified by witnesses who picked his picture from photo lineups. He could face mandatory 15-year prison sentences in each robbery. Source: http://www.orlandosentinel.com/news/local/lake/os-lk-bank-robber-in-court-20110906,0,784192.story

17. September 5, Prescott Daily Courier – (Arizona) 'Skeletor Bandit' pleads guilty to robbing Prescott bank, others. A man charged with robbing the Wells Fargo Bank in Prescott, Arizona, December 8, 2010, plead guilty to four counts of armed bank robbery and two counts of bank robbery the week of August 29 in a federal court in Phoenix. The 51-year-old was charged with robbing banks in Prescott, Flagstaff, Surprise, and Phoenix between October 22 and December 11, 2010, and stealing $42,391. He also was charged in a bank robbery in Chico, California, July 13, 2010, stealing $2,154. The suspect was called the "Skeletor Bandit" because in the first four robberies, he wore a Halloween-style rubber mask, along with a black-hooded sweatshirt, said a spokesman for the U.S. attorney of the district of Arizona. The suspect also allegedly displayed a gun in those robberies. As part of the plea agreement filed August 31, the man faces a federal prison sentence of 8 to 11 years, must pay restitution to victims of as much as $100,000, and could possibly receive a reduction of one to two levels in his sentencing guidelines if certain conditions are met. Phoenix police officers arrested the man December 11, 2010, in connection with a bank robbery at a Bank of America near 50th Avenue and Baseline Road. They stopped the man after using a tracking device, and found a pellet gun that matched the description of the gun used during the robbery, according to the plea agreement. Source: http://www.dcourier.com/main.asp?SectionID=1&SubSectionID=1&ArticleID=97665

18. September 5, Help Net Security – (International) New Zeus-based variant targets banks around the world. Another Zeus-based offering was unearthed September 5 by Trend Micros researchers, and experts surmised this one may be better crafted than the recently discovered Ice IX crimeware. Having analyzed the code, they believe it was created by using version 2.3.2.0. of the Zeus toolkit, and that it was created specifically for a professional gang. Experts note this solution is likely to succeed where Ice IX has failed: an updated encryption/decryption algorithm that should prevent trackers from analyzing its configuration file. Also, an update of the Zeus builder capability of checking for bot information and uninstalling it should make antivirus solutions unable to use it for detecting the bot and automatically purging the system of it. "It is also worth mentioning that this malware targets a wide selection of financial firms including those in the United States, Spain, Brazil, Germany, Belgium, France, Italy, Ireland, etc.," said the researchers. "More interestingly, it targets HSBC Hong Kong, which suggests that this new Zeus variant may be used in a global campaign, which may already include Asian countries." Source: http://www.net-security.org/malware_news.php?id=1828

19. September 2, U.S. Securities and Exchange Commission – (California) SEC halts fraud conducted by purported life settlement company. The U.S. Securities and Exchange Commission (SEC) September 2 announced it obtained an emergency court order to halt an alleged $4.5 million investment scheme by a Los Angeles company that purports to broker life settlements. The SEC alleged a man and his compnay, Christian Stanley Inc., have spent the past 7 years creating the illusion that it was a legitimate company. Contrary to what investors were told, Christian Stanley has never purchased or generated any revenue as a result of brokering the sale of a single life settlement, and has barely derived any revenue from any of its purported business ventures. Instead, the head of the company simply used the Christian Stanley name as a vehicle to raise at least $4.5 million in an unregistered offering of debenture notes, and spent most of the money for purposes unrelated to its ostensible business operations. He misused investor funds to finance his stays at luxury hotels, visits to nightclubs and restaurants, and purchases of high-end vehicles. A judge for the U.S. District Court for the Central District of California September 1 granted the SEC’s request for a temporary restraining order and asset freeze against the man and his companies. According to the SEC’s complaint, the man raised funds from at least 50 investors nationwide, promising investors fixed interest returns ranging from 5 to 15.5 percent annually for 5-year terms. He claimed the notes were backed by assets such as a gold mine in Nevada and a coal mine in Kentucky that he said held coal deposits valued at $11.8 billion. The SEC alleges that instead of using investor money to purchase life settlements or develop the mines, the man and Christian Stanley used investors’ money for such unrelated purposes as sales commissions, and Ponzi-like payments to existing note holders. Source: http://www.sec.gov/news/press/2011/2011-177.htm

20. September 2, IDG News – (National) Internet clothing seller charged with wire fraud. The owner of a defunct online clothing retail operation was arrested and charged September 2 with wire fraud for allegedly overcharging customers by more than $5 million. The owner of New York-based Classic Closeouts allegedly used customer credit and debit card numbers on file to charge accounts multiple times for items customers did not order, the U.S. Department of Justice (DOJ) said in a press release. Between June and December 2008, the operation charged customers for unordered items more than 70,000 times, the DOJ said. In some cases, the same card was charged "multiple" times over many weeks, the agency said. The charges ranged from $59.99 to $79.99, said the U.S. Federal Trade Commission (FTC), which filed its own civil complaint against ClassicCloseouts.com and the owner in June 2009. When customers disputed the unauthorized charges with their credit card companies and banks, Classic Closeouts' owner asserted the charges were valid because the customers had enrolled in an alleged "frequent shopper club," the DOJ said. In some cases, customers were denied credit cards after the disputes or were pressured into paying the fraudulent charges, plus late fees and interest. The FTC announced a settlement with the owner in January, with the owner banned from owning Internet businesses that handle credit or debit accounts. The settlement also imposed a monetary judgment of nearly $2.1 million. It's uncommon for the DOJ to bring criminal charges after the FTC settles a civil case. The suspect faces a maximum sentence of 20 years in prison on the wire fraud charges. Source: http://www.pcworld.com/businesscenter/article/239452/internet_clothing_seller_charged_with_wire_fraud.html

21. August 31, United States Department of Justice – (Connecticut) Former waitress at Stamford restaurante admits role in credit card fraud scheme. The U.S. Attorney for the District of Connecticut announced August 31 a 25-year-old from Georgia, formerly of New York, waived her right to indictment and pleaded guilty August 30 in Bridgeport to one count of conspiracy to commit access device fraud. According to court documents, from September 2008 to January 2009, she worked as a waitress at a restaurant in Stamford. In pleading guilty, the convict admitted that, while working at the restaurant, she and a co-worker stole credit card information from customers through the use of “skimming” devices. When restaurant customers would pay with credit cards, the pair would swipe them through hand-held skimmers before running them through the restaurant’s own legitimate credit card verification system. The skimming devices would copy and store the account data encoded on the magnetic strips on the back of the credit cards. Every few weeks, an individual who supplied the skimming devices would meet with one of the employees so they could turn over to him the credit card information. That person would pay them either $20 or $25 for each credit card they successfully swiped through the device, and then give them new skimmers. The stolen data was later used by members of the conspiracy to make unauthorized purchases. While the pair were employed at the Stamford restaurant, about 92 credit cards were compromised, the majority of which were compromised by the 25-year-old's co-worker, resulting in losses of about $135,888. Source: http://www.justice.gov/usao/ct/Press2011/20110831.html

For another story, see item 45 below in the Information Technology Sector

Information Technology Sector

43. September 6, Softpedia – (International) Incognito exploit kit discovered after Web Directories attack. Users who visited the Web Directories site September 4 may have been redirected to a third party page leveraging the Incognito exploit kit. One of the largest directories on the Internet, the site was compromised after a program line, representing a redirect to a malicious address containing exploit codes, was inserted. An analysis made by Websense Security Labs revealed the hacking tool involved is known as Incognito, which silently infects the client computers with a trojan. According to the Security Labs blog, Incognito is a Malware as a Service (MaaS) which has two versions running in the wild. Underground communities use it to launch automated attacks with the purpose of spreading malware. Source: http://news.softpedia.com/news/Web-Directories-Site-Attacked-220361.shtml

44. September 6, Softpedia – (International) Phishers use new tricks. Internet users are becoming more aware of the dangers of phishing. As a result, phishers are implementing new methods of luring unsuspecting people into their nets. The latest “phishing expedition” was observed by Symantec. The malicious site was masked as a software company that offered considerable discounts. Users were then led to a page where they would be required to give out all their personal information, including credit card details, which would later be used to gain control of the person's financial records. Many people were drawn to the page by the up to 80 percent savings they could make on the site's main page. Researchers indicated the page containing the offers was hosted on a newly registered domain that ranked high in most of the popular search engines. This was achieved by using keywords in the domain name that are very common in related searches. The people behind this practice managed to make fake trust seals. The seals seemed legitimate because of some sub-domain randomization techniques used by the phishers. Source: http://news.softpedia.com/news/Phishers-Use-New-Tricks-220334.shtml

45. September 5, IDG News Service – (International) Turkish hackers strike Websites with DNS hack. A Turkish hacking group managed to tamper with Internet addressing records September 4, redirecting dozens of Web sites belonging to companies including Microsoft, UPS, and Vodafone to a different Web pages controlled by the hackers. According to Zone-H, a Web site that tracks defacements, 186 Web sites were redirected to a page controlled by "Turkguvenligi." All of the Web sites were registered through NetNames, part of NBT group. NetNames provides Domain Name System (DNS) services. Turkguvenligi hacked the servers through a SQL injection attack. In the case of NetNames, the group put a redelegation order into the system and changed the address of the master DNS servers that served data for the Web sites, a statement from NetNames said. The attack occurred around 9 p.m. September 4. Although it appears the goal was just to vandalize the sites for a while, the group could have set up lookalike sites for the real ones, tricking users into thinking they were on the legitimate site and possibly stealing logins and passwords. Two of HSBC's banking sites — one with a country-code Top Level Domain in South Korea and one in Canada — were targeted, according to the list compiled by Zone-H. Other Web sites affected were those belonging to The Telegraph newspaper, The Register technology news site, Coca-Cola, Interpol, Adobe, Dell, several Microsoft country sites, Peugeot, Harvard University, and the security companies F-Secure, BitDefender, and Secunia. Source: http://www.computerworld.com/s/article/9219728/Turkish_hackers_strike_websites_with_DNS_hack

46. September 4, Computerworld – (International) Hackers steal SSL certificates for CIA, MI6, Mossad. The tally of digital certificates stolen from a Dutch company in July exploded to more than 500, including ones for intelligence services such as the CIA, England's MI6, and Israel's Mossad, a Mozilla developer said September 4. The confirmed count of fraudulently-issued secure socket layer (SSL) certificates now stands at 531, said the Mozilla developer, who is part of the team working to modify Firefox to block all sites signed with the purloined certificates. Among the affected domains are those for the CIA, MI6, Mossad, Microsoft, Yahoo, Skype, Facebook, Twitter, and Microsoft's Windows Update service. All the certificates were issued by DigiNotar, a Dutch issuing firm that admitted the week of August 29 that its network had been hacked in July. Source: http://www.computerworld.com/s/article/9219727/Hackers_steal_SSL_certificates_for_CIA_MI6_Mossad

For more stories, see items 18 above in the Banking and Finance Sector and 47 below in the Communications Sector

Communications Sector

47. September 6, New Tampa Patch – (Florida) Bright House Networks outages reported in Tampa Bay area. A Bright House Networks outage left much of the Tampa Bay, Florida area without phone, high-speed Internet and some cable service September 6. Service was reported down in much of the area, including Hillsborough, Pinellas, Pasco and Manatee counties. On Twitter, there were dozens of tweets September 6 by customers reporting outages. The company was aware of the issues, which began around 10:40 a.m. a Bright House spokesman said. It was unclear how widespread the outages were, he said. The company's customer service and public relations phone lines were also down. In Manatee County, several customers drove to the local Bright House Networks office to get updates because they could not reach anyone by phone. Source: http://newtampa.patch.com/articles/bright-house-networks-outages-reported-in-tampa-bay-area

48. September 4, Muncie Star-Press – (National) Local Indiana public radio stations down after lightning strike. A lightning strike was responsible for three Indiana Public Radio (IPR) stations being off the air late September 3 into Septmeber 4. According to a release from IPR, the WBST 92.1 FM transmitter was hit by lightning September 3 around 7:30 p.m., when a wave of thunderstorms rolled through the area. The strike damaged the main blower for the transmitter to the point of three IPR stations — WBST 92.1 in Muncie, WBSB 89.5 in Anderson and WBSH 91.1 in Hagerstown — going off the air, according to the release. A replacement part was being flown in September 4 from Quincy, Illinois, and radio officials believed the earliest these three stations could be back on the air was by 7 p.m. September 4. IPR was still on the air at WBSJ 91.7 in Portland and WBSW 90.9 in Marion, September 4, and listeners could also tune in to the stations online at www.indianapublicradio.org. Source: http://www.thestarpress.com/article/20110904/NEWS06/110904006

49. September 3, Hutchinson News – (Kansas) Fire destroys radio station studios. An early morning fire September 2 destroyed the downtown Hutchinson, Kansas, studios of radio stations KSKU, KXKU, KNZS, and KWHK, and caused smoke damage to Sparks Music and the Wiley Building, which were on opposite sides of the radio stations. Sparks Music and the soda fountain at Fraese Drug Store in the Wiley building were closed, but the downtown development director said other businesses in the 100 block of North Main would be opening later September 2, despite the fact the block was closed to traffic and parking. A fire department inspector September 2 said they were awaiting heavy equipment that would be used to begin tearing the building down. He said the fire was reported at 2:30 a.m. The last employee of the stations had gone home between 10 and 11 p.m. September 1, and the stations were playing automated programming until the fire knocked them off the air. The owner of the stations said he was told firefighters found the back door broken open, and that the fire might be arson. The stations broadcast from four towers scattered around Reno County, but the Main Street studio was the hub for all four. Source: http://www.firefightingnews.com/article-us.cfm?articleID=100439

For more stories, see items 45 and 46 above in the Information Technology Sector

Tuesday, September 6, 2011

Complete DHS Daily Report for September 6, 2011

Daily Report

Top Stories

• Tropical Storm Lee threatened the Louisiana coast with torrential rains and flooding September 2, as offshore energy platforms and refineries braced for high winds and rising waters. – Reuters (See item 1)

1. September 2, Reuters – (National) Oil companies brace for Tropical Storm Lee. Tropical Storm Lee threatened the Louisiana coast with torrential rains and flooding September 2, as offshore energy platforms and refineries along the coast braced for high winds and rising waters. The slow-moving storm is expected to reach the Louisiana coast early September 4 and bring 10 to 15 inches of rain to southeast Louisiana over the weekend, including the low-lying city of New Orleans, the U.S. National Hurricane Center said. Lee was about 200 miles southeast of Cameron, Louisiana, with maximum winds of 40 miles-per-hour, the hurricane center said. It issued tropical storm warnings stretching from Pascagoula, Mississippi, to Sabine Pass, Texas. Louisiana’s governor warned that heavy rains, substantial winds and tidal surges from the Gulf of Mexico could produce flash flooding in parts of New Orleans throughout the Labor Day holiday weekend. Offshore oil and natural gas producers began shutting down platforms and evacuating staff earlier this week. About half the region’s oil production and a third of its gas production was shut September 2, according to the U.S. government. Most of that output should quickly return once the storm passes. Lee is expected to have a minimal long-term impact on the Gulf of Mexico oil patch, which provides about a third of the nation’s oil production, and about 12 percent of its natural gas. The Gulf Coast is home to 40 percent of U.S. refining capacity, and 30 percent of natural gas processing plant capacity. Much of that infrastructure is in southeast Texas, and near the coasts of Louisiana and Mississippi. Source: http://www.reuters.com/article/2011/09/02/storm-usa-gulf-idUSN1E7810KA20110902

• The Poesten Kill Dam in Troy, New York, shifted forward on the northern corner, compromising the spillway and threatening to inundate the city of 50,000. – Albany Times-Union (See item 58)

58. September 2, Albany Times-Union – (New York) Fears over dam shift. The Poesten Kill Dam in Troy, New York, shifted forward on the northern corner, compromising the spillway, the Albany Times-Union reported September 2. Water was coming over the top of the spillway as it should, but the damage from the heavy flow of water and blows from debris after Tropical Storm Irene caused the spillway to leak from underneath. A strong impact, such as from a runway tree, boulder, or other storm debris could cause the dam to burst, potentially endanger homes and property in Troy, which has a population of about 50,000. A city engineer said the city built a temporary structure along the dam to divert the water from the damaged section. Part of the planned repair efforts were aimed at protecting the concrete abutment at the dam’s north end, and the building that is immediately west of the dam. The dam is located to the east of a populated part of the city. No evacuations or street closures were ordered. Source: http://www.timesunion.com/local/article/Fears-over-dam-shift-2151438.ph

Details

Banking and Finance Sector

15. September 1, Cliffview Pilot – (New Jersey) Arrest in $5 million Paragon mortgage scam. Detectives from the Bergen County, New Jersey, prosecutor’s office have cracked a $5 million swindle with the arrest of a Bloomfield man who they said schemed with a loan officer and mortgage brokers to defraud Paragon Federal Credit Union in Montvale. The man is accused of submitting bogus information to qualify for 13 real estate loans for 11 multi-family houses in Bergen and Essex counties, with the help of a loan coordinator at Paragon, two Union City mortgage brokers, and the owner of a Jersey shore appraisal company. “These fraudulent leases combined with inflated property appraisals and a fraudulent Paragon Federal Credit Union membership application were all used to aid [the man] in meeting the loan criteria and ultimately being approved for a real estate loan,” a Bergen County prosecutor said. Two years ago, the defendant registered CNS Enterprises LLC. His sole purpose, the prosecutor said, was for “supplying fictitious invoices to be added to the seller side of the settlement statements,” showing a debt to the company –- even though he was the buyer. He then collected at closing. The suspect used the ill-gotten gains “for down payments on the next purchase,” the prosecutor said. The properties all eventually defaulted, and Paragon investigators began a review. Charges will be brought separately against the man’s alleged accomplices: a Paragon loan officer; two men who work for AOR Consultants in Union City; and the owner of Lighthouse Appraisers in Toms River. Source: http://www.cliffviewpilot.com/bergen/2747-arrest-in-5-million-paragon-mortgage-loan-scam

16. September 1, Bloomberg – (National) Unauthorized workers in U.S. claimed $4.2 billion in tax credits last year. Tax filers who were not authorized to work in the United States collected $4.2 billion in tax credits in 2010, a Treasury Department watchdog reported September 1. Although federal law prohibits people residing illegally in the United States from receiving most public benefits, an increasing number filed tax returns claiming the additional child tax credit intended for working families, according to the September 1 report by the Treasury Inspector General for Tax Administration. “The payment of federal funds through this tax benefit appears to provide an additional incentive for aliens to enter, reside, and work in the United States without authorization, which contradicts federal law and policy to remove such incentives,” the report said. The recipients did not qualify for Social Security numbers, and filed tax returns using individual taxpayer identification numbers supplied by the Internal Revenue Service. Source: http://www.bloomberg.com/news/2011-09-01/tax-credits-of-4-2-billion-claimed-by-unauthorized-u-s-workers.html

17. August 31, U.S. Securities and Exchange Commission – (National) SEC charges hedge fund manager and company insiders in $3.9 million insider trading scheme. On August 31, the U.S. Securities and Exchange Commission (SEC) charged a man and his New Jersey-based hedge fund firm Clay Capital Management, LLC with engaging in an insider trading scheme that involved the securities of three companies –- Moldflow Corporation, Autodesk, Inc., and Salesforce.com, Inc. The SEC also charged the man’s brother-in-law, his friend, and the brother-in-law’s neighbor for their roles in the scheme. In total, the scheme generated illicit gains of nearly $3.9 million. Filed in the U.S. District Court for the District of New Jersey, the SEC’s complaint alleges the brother-in-law was a director of business development for Autodesk and tipped two of the men with inside information about Autodesk’s planned tender offer for Moldflow in advance of Autodesk’s public merger announcement May 1, 2008. In total, the traders made illicit gains of $2.3 million from trading in Moldflow stock. According to the complaint, the brother-in-law also gave inside data about Autodesk’s fourth quarter 2008 earnings in advance of Autodesk’s public earnings announcement February 26, 2008. In total, the traders made illicit gains of $1.1 million. The complaint further alleges a recruiting technology manager for Salesforce tipped one of the men with confidential data about Salesforce’s performance in advance of the company’s public earnings announcement February 27, 2008. In total, the traders made illicit gains of nearly $500,000 from trading in Salesforce securities. Source: http://www.sec.gov/litigation/litreleases/2011/lr22080.htm

Information Technology Sector

43. September 2, Help Net Security – (International) Morto worm surprises again. The recently discovered Morto worm that has been spreading in the wild has more than one never-before-seen characteristic. Not only does it spread by using the Remote Desktop Protocol, but it also uses a novel way to contact its command and control in search for instructions: via DNS (Domain Name System) TXT records. “While examining W32.Morto, we noticed that it would attempt to request a DNS record for a number of URLs that were hard-coded into the binary,” according to a Symantec security response engineer. “This is by no means unusual or unique, but when we examined the URLs, we noticed that there were no associated DNS A records returned from our own DNS requests. On further investigation, we determined the malware was actually querying for a DNS TXT record only –- not for a domain to IP lookup –- and the values that were returned were quite unexpected.” The information provided was a binary signature and an IP address from which the worm can download further malware — the same information that most threats receive using more established communication channels. Source: http://www.net-security.org/malware_news.php?id=1827

44. September 1, Associated Press – (International) US cybersecurity officials warn of malicious email scams links to 9/11 or Hurricane Irene. DHS officials are warning the public to beware of e-mail scams and possible cyberattacks related to Hurricane Irene and the upcoming 10th anniversary of the September 11 attacks, the Associated Press reported September 1. New bulletins issued in recent days by the DHS’s cybersecurity center said computer users should be wary of e-mails with subject lines referring to the recent hurricane or the September 11th attacks, even if they appear to come from reputable sources. The e-mails could be phishing scams that masquerade as legitimate requests for personal information or fund-raising pleas and may include innocent-looking links to video or photos. Clicking on the links could download harmful viruses or take users to malicious Web sites. Source: http://www.washingtonpost.com/politics/courts-law/us-cybersecurity-officials-warn-of-malicious-e-mail-scams-links-to-911-or-hurricane-irene/2011/09/01/gIQAu5J2uJ_story.html

45. September 1, Softpedia – (International) Thunderbird 6.0.1 and Thunderbird 3.1.13 fix compromised root CA issue. Mozilla updated its two supported Thunderbird versions to remove the root certificate of DigiNotar from the list of authorized Certificate Authorities (CA). The CA was the victim of a successful attack and several rogue certificates were issued, signed by it. Mozilla provided updates for Thunderbird 6, the latest stable version of the popular e-mail suite, and for the older Thunderbird 3.1, which is still being supported with security patches. Source: http://news.softpedia.com/news/Thunderbird-6-0-1-and-Thunderbird-3-1-13-Fix-Compromised-Root-CA-Issue-219790.shtml

46. September 1, Associated Press – (International) UK arrests 2 suspected computer hackers. British police September 1 arrested two men as part of a trans-Atlantic investigation into attacks carried out by the hacking groups Anonymous and Lulz Security. Scotland Yard said a 24-year-old and a 20-year-old were arrested at two separate U.K. addresses as part of a continuing investigation in collaboration with the FBI and other law-enforcement agencies. “The arrests relate to our inquiries into a series of serious computer intrusions and online denial-of-service attacks recently suffered by a number of multi-national companies, public institutions and government and law enforcement agencies in Great Britain and the United States,” said a detective inspector from the Metropolitan Police’s Central e-Crime Unit. Police said the two men arrested remain in custody, and a computer seized in the investigation is being examined. Source: https://www.npr.org/templates/story/story.php?storyId=140129430

For more stories, see items 47, 48, and 49 below in the Communications Sector

Communications Sector

47. September 2, Northescambia.com – (Florida) Frontier Internet fails again; company plans big fix. Officials with Frontier Communications said September 1 they were taking steps to prevent hundreds of North Escambia, Florida area residents from losing their Internet service for hours at a time. During the summer, Frontier high speed DSL and dialup Internet customers in Walnut Hill, Bratt, Molino, and Atmore lost their Internet connection for as long as 12 hours at a time. The company has experienced at least 6 major outages since June, including an 8-hour period September 1. Frontier said most of the outages were not their fault, blaming the downtime on AT&T, which provides the Internet connections. A Frontier spokeswoman said the September 1 outage was the result of an AT&T fiber line cut near Bay Minette, interrupting the connection between Atmore and Atlanta. All of the Walnut Hill, Bratt, Molino and Atmore DSL and dial-up services provided by Frontier are connected to the rest of the Internet by a single fiber optic line between Atmore and Atlanta. The spokeswoman said Frontier is working to install a second independent route to the Internet from Atmore, preventing a single fiber cut from cutting the North Escambia area off from the Internet. Source: http://www.northescambia.com/?p=66262

48. September 2, Providence Journal – (Rhode Island) TV, phone, Internet steadily returning in R.I. Rhode Island’s cable television, phone, and Internet providers, said September 1 they were making progress restoring service interrupted by Tropical Storm Irene, but that customers are still cut off across the state. Full Channel, which provides TV, Internet, and phone service in Barrington, Warren, and Bristol, appears to have been hit hardest. The company’s chief executive said more than 90 percent of the company’s customers in Barrington lost service, more than 80 percent in Bristol and somewhat less in Warren. The main issue as of September 1 was Full Channel’s service area was waiting for National Grid to restore the electricity that powers distribution equipment. Downed wires also presented a problem initially, the chief executive said, but most of that has been resolved. A spokeswoman for Cox Communications, which provides TV, Internet, and phone service statewide, said 25 percent of the company’s customers lost connection to Cox’s network, though many more were unable to use those services because power was out in their area. As of September 1, about 94 percent of those who had lost services had been restored. She said Cox’s network has been repaired, but the lack of electricity in some areas and downed wires leading to customers’ homes were lingering issues. Source: http://www.projo.com/news/content/IRENE_TELECOM_09-02-11_9DQ3QU1_v31.76ace.html

49. September 1, Greenwich Time – (Connecticut) Major disconnect: growing discontent over extended cable outage in Greenwich. From homebound residents with special needs to people who telecommute for a living, frustration was mounting September 1 among those reliant on Cablevision for phone, Internet, and TV service because of extended storm-related outages in Greenwich, Connecticut. A Cablevision spokesman released a statement September 1 attributing the disruption to widespread power outages caused by Tropical Storm Irene, at the height of which one out of every two Connecticut Light & Power Co. customers in town lost electricity. The New York-based cable giant would not reveal how many of its local customers lost service or the number of Cablevision crews it deployed to Greenwich. To add insult to injury for Cablevision, a police report was filed at 1 a.m. August 31, stating one of the company’s emergency generators was stolen from Marshall Street, which runs parallel to Havemeyer Lane near the Stamford border. Cablevision had no information about the incident. Source: http://www.greenwichtime.com/news/article/Major-disconnect-Growing-discontent-over-2151781.php

50. September 1, The Hill – (National) FCC fines calling card companies for deceptive marketing. The Federal Communications Commission (FCC) announced September 1 $20 million in fines against 4 prepaid calling card companies for allegedly using deceptive marketing practices. According to the FCC, STi Telecom, Lyca Tel, Touch-Tel USA, and Locus Telecommunications scammed consumers by claiming they could make hundreds of minutes of calls to foreign countries for only a few dollars. In fact, because of hidden fees and surcharges, consumers could only use a fraction of those minutes, the FCC said. The FCC fined the companies $5 million each. In one case the FCC investigated, consumers would have to make a single 13-hour phone call to receive the advertised number of minutes. If the consumers made more than one call, they would receive a smaller fraction of the card value. In another case, a card that promised 1,000 minutes was exhausted after a single 60-minute phone call. According to investigators, the companies targeted low-income and minority communities. The FCC also released an enforcement advisory September 1 to raise awareness about deceptive prepaid calling cards. Source: http://thehill.com/blogs/hillicon-valley/technology/179301-fcc-fines-calling-card-companies-for-deceptive-marketing

51. September 1, Washington Post – (International) Report says space debris past ‘tipping point,’ NASA needs to step up action. Space debris has passed the “tipping point,” according to a report released September 1 by the National Research Council, which called on NASA to find ways to better monitor and clean up the orbiting junk threatening active satellites, and manned spacecraft. “We’re going to have a lot more [debris] collisions, and at an increasingly frequent rate,” said a former NASA scientist who chaired the committee that prepared the report. The orbiting objects include ejected rockets and broken satellites. Recent data underscore the growing problem. Two collisions since January 2007 helped at least double the number of trackable debris fragments that are in Earth’s orbit, according to the report. U.S. Strategic Command said there are more than 22,000 such pieces in orbit. NASA estimates there could be hundreds of thousands — or even millions — of smaller, non-trackable pieces of debris also in space. Active satellites are at risk of damage and “as the amount of debris increases, there will be increases in the cost of operating” satellites, said a technical adviser with the Secure World Foundation. Source: http://www.washingtonpost.com/national/health-science/reports-says-space-debris-past-tipping-point-nasa-needs-to-step-up-action/2011/08/31/gIQAo6WTuJ_story.html