Tuesday, October 25, 2011

Complete DHS Daily Report for October 25, 2011

Daily Report

Top Stories

• A passenger at Dallas-Fort Worth International Airport was caught October 20 trying to smuggle a cache of weapons, including two pistols, eight knives, three ammunition clips, and a handsaw into the facility. – KDFW 4 Dallas-Fort Worth (See item 22)

22. October 21, KDFW 4 Dallas-Fort Worth – (Texas) DFW passenger caught with guns, saw. A passenger at Dallas-Fort Worth International Airport, in Dallas, Texas, was caught October 20 trying to smuggle a cache of weapons into the facility. According to a DHS representative, the suspect had two pistols, three ammunition magazines, eight knives, and a hand saw. The representative said the suspect had divided the items into three carry-ons: a backpack, duffle bag, and sleeping bag. He said the Transportation Security Administration (TSA) spotted a suspicious item while X-raying the bags. The TSA and local police found the contraband and arrested the man on state charges. Source: http://www.myfoxdfw.com/dpp/news/102111-DFW-Passenger-Caught-with-Guns-Saw

• A security researcher demonstrated a hack of an insulin pump without having to first know the device's ID number, where it was instructed to deliver a lethal dose. – CSO (See item 35)

35. October 21, CSO – (International) Lethal medical device hack taken to next level. The wireless hacking of an insulin pump, first demonstrated at the Black Hat 2011 conference in August, has been taken a step further October 21. An insulin pump has been hacked and instructed to deliver a lethal dose without first knowing the device's ID number. Modern pumps are designed to communicate wirelessly with blood glucose measuring devices and the pump's configuration software. The August hack by an IBM cyber threat intelligence analyst required knowledge of the pump's six-digit ID, although that number could potentially be obtained by brute-force guessing or through social engineering. However at the Focus 11 conference in Las Vegas, a McAfee research architect showed how the device ID could be obtained wirelessly — something easier than it should be because the wireless link has no encryption and no authentication. The transmission range is usually only a few feet, but the researcher had constructed a high-gain antenna to boost the range. Within seconds of activating his scanning software, he had obtained the target device's ID number and gained control. Source: http://www.cso.com.au/article/404909/#closeme


Banking and Finance Sector

12. October 22, Los Angeles Times – (California) Man thought to be 'Know-It-All bandit' arrested in Pomona. A man considered to be the “Know-It-All bandit,” reportedly wanted in a series of bank robberies, was arrested in connection with a Pomona bank robbery, police in Pomona, California, said October 22. Pomona police arrested the suspect and turned over his case to the FBI, which was looking for the man in connection with robberies in Ontario and Chino, according to police and media reports. Officers stopped the suspect and a passenger in a 1989 Buick LeSabre about noon October 21, after a radio call that a vehicle and man of his description had robbed the Citizens Business Bank at 1095 N. Garey Avenue, police said. Money and a demand note were found on the front seat of the car, police said. The passenger was not charged. Source: http://latimesblogs.latimes.com/lanow/2011/10/know-it-all-bandit-arrested-in-pomona.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+lanowblog+(L.A.+Now)&utm_content=Google+Reader

13. October 22, KTVL 10 Medford – (California; Oregon) The Dust Mask Bandit strikes again. The Dust Mask Bandit, who has robbed more than five banks in California and Oregon, most recently targeted a Coast Central Credit Union inside a McKinleyville, California, Ray’s grocery store October 20. The bandit entered the credit union, confronted two tellers, showed a handgun, and demanded money. The bandit ran from the bank with an undisclosed amount, and drove off in a green Mazda. He then left his car and ran away on foot into the forest. Witnesses described the suspect as a male with a dark tan complexion; about 5’9“ with a medium to stocky build; wearing a dark colored bandana over his face; a large, felt-style floppy hat; and gray sweater with a bright royal blue shirt. Law enforcement, including the FBI, is asking the public for help in catching the bandit. A reward of up to $1,000 is being offered for information leading to his arrest and conviction. Source: http://www.ktvl.com/articles/-1202254--.html

14. October 21, U.S. Securities and Exchange Commission – (National) SEC charges Denver-area hedge fund manager in expansion of Mariner Energy insider trading case. The Securities and Exchange Commission (SEC) October 21 announced additional charges in its insider trading case against Denver-based traders who traded on confidential data in the securities of Mariner Energy Inc. ahead of the oil and gas company’s $3.9 billion takeover by Apache Corporation in April 2010. In its initial complaint filed August 5, the SEC alleged a Mariner board member tipped his son with confidential details about Mariner Energy’s upcoming acquisition. The son, who was a managing director at a Denver-based investment adviser, then used the data to purchase Mariner stock for himself and others. An amended complaint filed October 21 adds two more defendants –- a money manager who is a friend of the son, and the hedge fund advisory firm he controls, Big 5 Asset Management LLC. The SEC alleges the money manager traded Mariner securities on the basis of inside information he received from the son and reaped illicit profits of more than $5 million combined in his own account, accounts of his relatives, and accounts of two hedge funds managed by Big 5. According to the SEC’s amended complaint, the son repeatedly tipped the money manager about the impending acquisition of Mariner as he learned the information from his father. The money manager caused two Big 5 hedge funds –- the Lion Global Fund LLLP and the Lion Global Master Fund Ltd. –- to purchase large quantities of Mariner stock and call option contracts on the basis of the inside information. This was the first time the Big 5 hedge funds ever traded Mariner stock or options. He also purchased thousands of shares of Mariner stock and call option contracts for the accounts of relatives, and for his personal brokerage account. In the days following the announcement of the deal, he liquidated the positions he had accumulated in Mariner securities. Source: http://www.sec.gov/news/press/2011/2011-218.htm

15. October 21, Bay City News Service – (California) inShar'Plaid Bandit' bank robbery suspect arrested in San Francisco. An arrest was made in connection with a series of bank robberies in San Francisco committed by a man dubbed the "Plaid Bandit," FBI officials announced October 21. The suspect was arrested October 18 at his home in San Francisco. The suspect, who was arrested based on an anonymous tip, has been linked to four bank robberies that occurred October 6, July 27, June 21, and June 10. Three of the four robberies were at banks downtown on Montgomery Street, and one was on California Street. In the most recent robbery October 6 at the East West Bank on the 500 block of Montgomery Street, the suspect walked into the bank, brandished a handgun and demanded money from the teller. The suspect walked with a cane in one of the robberies and was known to wear plaid shirts. The investigation into the robberies was conducted jointly by the FBI and San Francisco police. Source: http://www.mercurynews.com/breaking-news/ci_19165855

16. October 20, Associated Press – (South Carolina; Florida) Wells Fargo customers get others' bank statements. An undetermined number of new Wells Fargo bank customers in South Carolina and Florida received portions of other customers' bank statements in the mail the week of October 17, and a bank spokesman said October 20 the matter was being considered a security breach. He said he could not say how many of the 487,000 households in South Carolina that now have Wells Fargo accounts were affected. He also could not confirm 30,000 affected customers that a Wells Fargo employee estimated for one South Carolina customer. He attributed the error to a single malfunctioning printer in Charlotte, North Carolina., which apparently put multiple customers' account and transaction information on pages, or even single pages, of one statement. Wells Fargo customers told reporters they received their misprinted statements October 19. In many cases, customers' names and account and routing numbers ended up in the hands of strangers. In some cases, where people have set up direct deposit of their paychecks to their accounts, Social Security numbers also ended up on the printouts, the spokesman said. Source: http://www.businessweek.com/ap/financialnews/D9QGD3D81.htm

Information Technology Sector

48. October 24, Help Net Security – (International) Microsoft YouTube channel hacked. A week after the official Sesame Street YouTube channel was compromised and started offering adult content to children, Microsoft's official YouTube channel washacked by an unknown individual who removed all the videos and changed the accompanying text to say: "Wish to Become Sponsored? Message me.“ According to The Hacker News October 23, in the short time that the channel was compromised, the perpetrator uploaded four short clips/advertisements and offered insight into how he managed to hijack the channel. Apparently, he created this particular account in 2006, likely before Microsoft even thought about it, and before the company asked YouTube to delete the account so that it may register it. The channel is now back in Microsoft's hands and is up and running again. Source: http://www.net-security.org/secworld.php?id=11829&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+HelpNetSecurity+(Help+Net+Security)&utm_content=Google+Reader

49. October 24, Softpedia – (International) Steve Jobs charity fund e-mail hides casino payment site. The latest spam e-mail that has been circulating after the passing of the head of Apple Inc. promises a great opportunity for young programmers who can be helped by a small donation on the recipients part, Softpedia reported October 24. The message entitled “Raise money for Steve Jobs Charity Fond!” reveals in bad English that it wants to support ”young webcoders”. Once the link contained in the e-mail is clicked, the unsuspecting user is taken to an online casino payment site, as revealed by Trend Micro. A message at the site continues on in grammatically poor English asking users to donate to the fake charity. Source: http://news.softpedia.com/news/Steve-Jobs-Charity-Fund-Email-Hides-Casino-Payment-Site-229640.shtml

For another story see item 35 above in Top Stories

Communications Sector

50. October 24, Charleston Gazette – (West Virginia) Telephone service disrupted at Yeager Airport. Telephone crews were working October 24 to restore telephone service at Yeager Airport in Charleston, West Virginia. The airport director said telephone service to the airport terminal has been out since October 21. Callers who try to call the airport hear a single ring before the line goes dead. He said the outage affects the airport terminal, airport business offices, and airport police department. Telephones to and from the control tower were operating, and phone lines to the individual airline counters work. Phones to the airport fire department were also operational, the airport director said. Crews for nTelos Inc. were trying to fix the problem, he said. Source: http://wvgazette.com/News/201110240031

51. October 21, San Diego Reader – (California) Manchester busted with illegal radio device. The Federal Communications Commission (FFC), investigating an interferencecomplaint from AT&T Wireless, traced the source to to an 8,000-square-foot Carmel Valley, California residence. AT&T first complained about interference between two oits cell phone towers in March 2011. The phone carrier said it traced the problem to a bidirectional amplifier on the property. Such devices are used to boost spotty cell phoncoverage. The FCC, “using mobile direction-finding techniques, confirmed that source of interference was emanating from that location.” AT&T denied having given the owner of the residence permission to install or use the device on its frequency, and he was given 10 days to remove it. Source: http://www.sandiegoreader.com/weblogs/news-ticker/2011/oct/21/manchester-busted-with-illegal-radio-device/

52. October 21, WSET 13 Lynchburg – (Virginia) Verizon outage hurting businesses in Madison Heights. A phone outage in the business district of Madison Heights, Virginia, has made life difficult for many in the area since October 19. Verizon operates the landlines that went down the afternoon of October 19 and still were not working October 21. A Verizon spokesperson said they determined the outages were the result of a power company doing work in the area. Officials said they do not have a timetable for repairs. That means about 300 phone lines running to many businesses will remain useless for at least the near future. No phone line also meant no credit cards. Some business owners said they have heard the lines could be down until the week of October 24, and the longer it lasts, the more cash they lose. Source: http://www.wset.com/story/15769783/verizon-outage-hurting-businesses-in-madison-heights

For another story, see item 48 above in the Information Technology Sector