Wednesday, December 21, 2011

Complete DHS Daily Report for December 21, 2011

Daily Report

Top Stories

• Fierce winds and snow caused fatal road accidents, stranded dozens of motorists, and shuttered hundreds of miles of highways in five states December 20. – Associated Press (See item 17)

17. December 20, Associated Press – (National) Blizzard closes highways from New Mexico to Kansas. Fierce winds and snow that caused fatal road accidents and shuttered highways in five states, crawled deeper into the Great Plains December 20, with forecasters warning that pre-holiday travel would be difficult if not impossible across the region. Hotels were filling up quickly along major roadways from eastern New Mexico to Kansas, and nearly 100 rescue calls came in from motorists in the Texas Panhandle as blizzard conditions closed part of Interstate 40, a major east-west route, December 19. About 10 inches of snow had fallen in western Kansas before dawn December 20 and several more inches along with strong wind gusts were expected, a National Weather Service meteorologist said. Snowpack and icy conditions forced the closure of roadways across western and southwestern Kansas, including a western section of the I-70, the main thoroughfare that traverses the state. The storm was blamed for at least six deaths December 19, authorities said. Four people were killed when their vehicle collided with a pickup truck in part of eastern New Mexico where blizzard-like conditions are rare, and a prison guard and inmate died when a prison van crashed along an icy roadway in eastern Colorado. In northern New Mexico, snow and ice shuttered all roads from Raton to the Texas and Oklahoma borders about 90 miles away. Travel throughout the region was difficult. New Mexico shut down a portion of Interstate 25, the major route heading northeast of Santa Fe into Colorado. Source: http://www.csmonitor.com/USA/Latest-News-Wires/2011/1220/Blizzard-closes-highways-from-New-Mexico-to-Kansas

• The U.S. Army Corps of Engineers did all it could to cope with record Missouri River flooding in 2011, although proposed changes could help avoid a disastrous repeat, said an expert panel in a new report. – Associated Press (See item 47)

47. December 20, Associated Press – (National) Panel: Corps not to blame for Missouri River flood. The U.S. Army Corps of Engineers did what it could with the record flooding on the Missouri River in 2011, although proposed changes could help avoid a disastrous repeat, especially since such floods could become more frequent, an expert panel said in a report released December 20. The 99-page analysis said “climatic extremes” appear to be getting “bigger and more frequent,” with the experts calling for updated flood probability models and procedures. It did not cite climate change as a factor, saying the issue was “beyond the scope of this report.” The Corps said the floods caused $630 million in damage to levees, dams, and channels built to control the river. The Corps manages the 2,341-mile-long river, which flows from Montana through North Dakota, South Dakota, Nebraska, Kansas, Iowa, and Missouri. The report said the 2011 flood was the “the largest of the period of record in terms of runoff volume, and it stressed the mainstream reservoir system and its operators as never before.” An expert from the panel said May rainfall in Montana exceeded 300 percent of normal, surprising everyone and causing the biggest problems. However, he said such unusual weather may be a more common part of the weather cycle. The experts said their first suggestion would be to ensure more federal money is available to repair and maintain the current system of spillways, tunnels, and other infrastructure. Other recommendations included improved monitoring of pending snowmelt in Plains states, as is done in the northern Rocky Mountain that feed the river. They also suggested better collaboration with weather forecasting and water monitoring agencies, improved monitoring systems for tributaries, and an update of the master manual that guides management for all authorized uses on the river. Source: http://www.sacbee.com/2011/12/20/4135383/panel-corps-not-to-blame-for-missouri.html

Details

Banking and Finance Sector

8. December 20, Denver Post – (Colorado) ‘Wig Out Bandit’ strikes again. A man known as the “Wig Out Bandit” is suspected of robbing his eighth northeast Denver bank. The FBI said the First Bank branch at 2740 S. Colorado Blvd. was held up December 19 by a robber who got his nickname because he wore a wig in his first robbery August 1 at the Public Service Credit Union at 815 Colorado Boulevard. Crime Stoppers is offering a $2,000 reward. Source: http://www.denverpost.com/news/ci_19582239

9. December 19, Cypress Creek Mirror – (Texas) Female bank bandit linked to at least 3 heists. The FBI Bank Robbery Task Force is seeking a woman accused of committing at least three Houston-area bank robberies within the past month. The latest robbery occurred at the Capital One Bank in Houston December 16. The woman was captured in several photos taken by the bank’s security cameras. At about 2:40 p.m., she entered the bank and slid a note to the teller. The note demanded money and threatened the teller. The teller gave the woman some cash, but then the robber asked for more money. The teller told her she gave her all the money. The woman is believed to be responsible for at least two other area bank robberies — the robbery of a Compass Bank November 22, and the robbery of a Capital One Bank November 19. Source: http://www.yourhoustonnews.com/cypresscreek/news/female-bank-bandit-linked-to-at-least-heists/article_993c1076-2a6e-11e1-bb06-001871e3ce6c.html

10. December 19, WHTM 27 Harrisburg – (Pennsylvania) $30M judgment awarded in mortgage fraud case. The president of a now-defunct mortgage company and several of his former employees must pay more than $30 million in restitution to hundreds of central Pennsylvania families victimized by a Ponzi scheme that collapsed in the fall of 2007, WHTM 27 Harrisburg reported December 19. The president and his wife were ordered to pay more than $28.6 million as the result of a lawsuit filed by the state attorney general’s office. The man was owner and president of OPFM, Personal Financial Management, Image Masters, and other related companies that operated in Berks and Lancaster counties. He is currently serving a 12-year prison sentence after pleading guilty to mail fraud. His wife was the human resources manager for the companies. In addition, a former office manager and five mortgage consultants must pay nearly $1.5 million in restitution. State prosecutors said the employees acted “in concert” with the president in a scheme that encouraged families to borrow more money than necessary, with the promise of reducing their interest rate and/or an early loan pay-off. The money instead was used to conceal company losses and for the president’s personal debts and expenses, authorities said. Source: http://www.abc27.com/story/16354333/30m-judgment-awarded-in-mortgage-fraud-case

11. December 19, WRC 4 District of Columbia – (Virginia) Lenders lost $7 million in mortgage fraud scheme: U.S. attorney. An Ashburn, Virginia man has been charged by a federal grand jury with conspiracy and mortgage fraud for allegedly falsifying mortgage loan transitions, WRC 4 District of Columbia reported December 19. The scheme allegedly involved at least 25 homes in northern Virginia, and the lenders lost more than $7 million. He faces a 12-count indictment that accuses him of using his job as a realtor and owner of a title company from 2006 to 2008 to participate in a plan to defraud mortgage lenders and benefit financially from loan proceeds, commissions, and bonus payments. According to court documents, the man and other conspirators recruited unqualified purchasers and used them as nominal buyers in real estate transactions. The unqualified buyers were usually people with good credit but who did not have enough income or property in assets to qualify for the loan they received as a result of doing business with the realtor. He and others are accused of falsifying mortgage loan applications, creating fake documentation to support the applications, and adding unqualified buyers as signatories on their bank accounts to make it appear to lenders the applicants had enough in assets to qualify for the loan. The case is being investigated by the U.S. Postal Inspection Service and the FBI’s Washington Field Office. If convicted, the realtor faces a maximum penalty of 20 years in prison on each count. Source: http://www.nbcwashington.com/news/local/Lenders-Lost-7-Million-in-Mortgage-Fraud-Scheme-US-Attorney-135898033.html

12. December 19, U.S. Securities and Exchange Commission – (New York) SEC charges longtime Madoff employee with falsifying documents to deceive regulators. The Securities and Exchange Commission (SEC) December 19 charged a longtime employee of an investor who ran a Ponzi scheme with falsifying books and records in order to hide his fraudulent investment advisory operations from regulators. The SEC alleges the employee, who worked at Bernard L. Madoff Investment Securities LLC (BMIS), assisted in falsifying BMIS’s internal accounting records to misclassify hundreds of millions of dollars of income purportedly generated by BMIS’s operations. She also falsified financial statements filed with the SEC and other regulators as well as materials prepared to deceive SEC staff examiners, federal and state tax auditors, and other external reviewers. According to the SEC’s complaint, filed in federal court in New York, the woman played a central role in falsifying these records as directed by the firms owner and its director of operations. The woman joined this effort after she was promoted to controller in 1998, when she was instructed to falsely account for these transfers of investor funds as adjustments to certain securities positions on BMIS’s stock record. The SEC’s complaint said she used these figures to calculate and overstate trading income purportedly generated by the firm’s market-making and proprietary trading operations. She included these bogus figures on financial statements, which she then filed with the SEC and other regulators. She and other BMIS personnel then falsified documents provided to regulators to obscure the firm’s advisory operations and the transfer of investor funds to bank accounts. The U.S. Attorney’s Office for the Southern District of New York December 19 announced parallel criminal charges against the employee, who has pled guilty and also consented to the entry of a partial judgment in the SEC’s civil case against her. Subject to court approval, the proposed partial judgment will impose a permanent injunction against the woman and require her to disgorge ill-gotten gains and pay a fine in amounts to be determined at a later date. Source: http://www.sec.gov/news/press/2011/2011-270.htm

13. December 19, threatpost – (National) USAA warns members of sophisticated phishing scam. USAA is warning its members about a sophisticated phishing scam that attempts to install a malicious banking Trojan on members computers. The Texas-based financial services association issued a notice to members December 19 about what it described as an “aggressive email phishing scam” directed at USAA members. The phishing e-mails have the subject line “Deposit Posted” and even include a randomly generated four digit “Security Zone” number that mimics the customer’s actual USAA member number, the firm said. USAA said the e-mail messages do not contain malicious links, but do ask members to open an attachment that, once opened, will install a “malicious banking virus” designed to steal user account information and that would “require a complete reinstall of your computers (sp) operating system.” Source: http://threatpost.com/en_us/blogs/usaa-warns-members-sophisticated-phishing-scam-121911

14. December 16, Bloomberg – (National) Man who inspired ‘Rudy’ film will pay $382,000 to settle sports-drink case. The former walk-on football player at the University of Notre Dame who inspired the 1993 film “Rudy,” agreed to pay $382,000 to resolve U.S. regulatory claims he defrauded investors in his sports-drink company by touting fake taste tests and sales. He and 12 others generated more than $11 million in illicit profits by artificially pumping up the stock of Rudy Nutrition, the firm he founded, the Securities and Exchange Commission (SEC) said in a complaint filed December 16 in a federal court in Las Vegas. The company sent promotional press releases falsely claiming Rudy Nutrition outsold sports-drink Gatorade by 2 to 1 in the Southwest, and outperformed Gatorade and Powerade in several blind taste tests, according to the complaint. At the same time, the promoters traded Rudy Nutrition stock to inflate the price of unregistered shares they were selling to investors, the SEC said. The scheme ended in September 2008, when the SEC halted trading in Rudy Nutrition because of delinquent public filings, the agency said. The suspension blocked the participants’ plan to issue another 2 billion shares at the end of that month, the SEC said. Source: http://www.bloomberg.com/news/2011-12-16/sec-accuses-man-who-inspired-rudy-of-fraud.html

Information Technology

36. December 20, The Register – (International) Mobiles forced to send premium-rate texts in new attack. Cyber criminals may be able to force mobile phones to send premium-rate SMS messages or prevent them from receiving messages due to security weaknesses in mobile telecoms standards. The weakness involves the handling of messages directed towards SIM Application Toolkits — applications preloaded onto SIM cards by mobile operators. The applications can be used for functions such as displaying available credit or checking voice mail, as well as handling value-added services, such as micro-payments. SIM Toolkits receive commands via specially formatted and digitally signed SMS messages. These messages are processed without appearing in a user’s inbox and without triggering any other alert. The encryption scheme is robust, but problems might arise because error messages are automatically sent out if a command cannot be executed. The SIM Toolkit service message can be configured so responses are made via SMS to a sender’s number or to the operator’s message center, creating two possible attack scenarios. Source: http://www.theregister.co.uk/2011/12/20/sim_toolkit_attack/

37. December 20, The Register – (International) Atari and Square Enix cough to exposing users’ privates. Atari apologized to gamers following a security breach that exposed their names and e-mail addresses, leaving users at heightened risk of spam. The gaming company blamed the minor breach (no credit cards or mobile phone numbers were exposed) on problems introduced during a migration to a new cloud-based server platform. Separately, game developer Square Enix admitted the weekend of December 17 and 18 that it lost up to 1.8 million user data records to attackers including names, addresses, and phone numbers following a hack attack on its Web site. Personal details of gamers in the United States and Japan spilled as a result of the breach at Square Enix, which also did not involve credit card details. Source: http://www.theregister.co.uk/2011/12/20/atari_gaming_security_fail/

38. December 20, Softpedia – (International) KOOBFACE botnet uses TDS to ensure a bigger profit. The KOOBFACE botnet, known for using pay-per install and pay-per click mechanisms to help its controllers earn millions, was recently upgraded with a sophisticated traffic direction system (TDS) that handles all traffic referenced to affiliate Web sites. According to Trend Micro researchers, the TDS redirects traffic to locations that earn crooks affiliate cash for each user they fool into accessing the sites. Since Google implemented some security mechanisms that make sure botnets can no longer create fake e-mail accounts useful for spamming and creating social media profiles, the cybercriminals began relying on Yahoo! Mail. Once the e-mail accounts are made, the botnet uses them to create other accounts on social networking sites such as Twitter, Tumblr, FriendFeed, FC2, livedoor, So-net, and Blogger. In the third part of the process, images are collected with the help of a new binary component that gathers pictures of celebrities, cars, and anything else that might attract unsuspecting users. In the next stage, dedicated pieces of malware begin creating blog accounts and retrieve content for them from the command and control server. The posts from these rogue blogs are designed specifically to make sure they will pop up among the first results in search engines. By using an obfuscated JavaScript code that references the botnet’s TDS domain, they are able to track the number of visits to each rogue blog post and redirect victims to the affiliated sites that help them earn money. To make sure as many Internet users as possible land on their Web sites, social media sites are also flooded with links. Source: http://news.softpedia.com/news/KOOBFACE-Botnet-Uses-TDS-to-Ensure-a-Bigger-Profit-241896.shtml

39. December 19, Computer Business Review – (International) Malware authors rush to release Java exploit packs. Researchers at M86 are warning that exploits for a recently-discovered Java vulnerability are available in the wild, meaning cyber criminals could target unpatched systems. The security firm also warned this news shows authors are getting much faster at updating exploit kits when new vulnerabilities are discovered. While it used to take authors a month or more, some authors are now updating their kits even before a patch is released. Although a patch was released to fix the Java vulnerability, any unpatched systems are still at risk, M86 warns. The Blackhole, Phoenix, and Metasploit export kits are the ones that rush-released new versions to exploit the vulnerability, called CVE-2011-3544, which exploits the Rhino Javascript engine. An attacker can use the script to generate an error object, which can then give them full privileges. The attacker can then execute code will full permissions, M86 said. Source: http://security.cbronline.com/news/malware-authors-rush-to-release-java-exploit-packs-191211

40. December 16, IDG News Service – (International) Flash Player scam charges victims for free program via SMS. A scheme that charges people via SMS for what should be a free copy of Adobe Systems’ Flash player is apparently undergoing a test run on a Russian social network, according to security vendor Bitdefender. The scam was uncovered after a Bitdefender customer found a suspicious link to a Flash Player update on Vkontakte, a social networking service for Russian speakers, according to a senior e-threat researcher for Bitdefender. If clicked, the link leads to the Flash Player application, but a drop-down menu then asks what country the user is located in as well as their mobile phone number and operator. Adobe does not ask for any of that information during a normal installation. If the person is located outside of Russia, the installer instructs the person to send a message to a short code to receive an “activation” code for the program, the researcher said. Russian users are not charged, perhaps because the scam would be reported quickly to authorities, he said. The scammers have apparently signed up for SMS payment processing services for countries such as the United Kingdom. According to the drop-down menus, the scammers arranged for SMS payments on networks including O2, Vodafone, and Orange, as well as AT&T in the United States. The scam is not widespread yet, which the researcher said may mean the scammers are conducting a trial run to see how well it works before hitting other social networking sites such as Facebook. Source: http://www.computerworld.com/s/article/9222741/Flash_Player_scam_charges_victims_for_free_program_via_SMS?taxonomyId=17

For another story, see item 13 above in the Banking and Finance Sector

Communications Sector

41. December 19, KMTR 16 Springfield – (Oregon) Hundreds lose 911 service after thieves make off with copper phone lines. Century Link said hundreds in Oregon were left without phone service December 18. Some were unable to call 911 after thieves made off with hundreds of feet of copper phone lines. The wire theft left parts of Douglas, Curry, and Coos County without phone service. They were alerted to the problem at 8 p.m. December 18 after their fiber optic cable began bouncing information back. They say they traced the problem to a portion of the line just outside of Tenmile. Officials said someone climbed a telephone pole and cut the cable, making off with an estimated 600 feet of copper cable. In the process they damaged a fiber optic line, the only outside connection Tenmile and Camas Valley have to the outside world, including 911. Officials said the outage was so severe, even a quick fix wasn’t easy. They said they spliced the line temporarily on the ground so they could get those circuits up and operating. Century Link said all phone lines have been restored. Douglas County sheriff’s deputes said within the last year, three separate phone line jackings have led to widespread outages. Source: http://www.kmtr.com/news/local/story/Hundreds-lose-911-service-after-thieves-make-off/icyVaeCc80uHItoraDJV4w.cspx

For more stories, see items 36, 38, and 40 above in the Information Technology Sector

Tuesday, December 20, 2011

Complete DHS Daily Report for December 20, 2011

Daily Report

Top Stories

• A powerful storm dumped heavy snow across the Southwest and Great Plains, stranding motorists in several states, and closing major highways, including at least 90 miles of roads in New Mexico. – Associated Press (See item 14)

14. December 19, Associated Press – (National) Snowstorm halts travel in New Mexico, moves east. A powerful storm dumped heavy snow across sections of the Southwest and Great Plains December 19, stranding motorists in New Mexico in whiteout conditions and wreaking havoc on holiday travel just 2 days before the start of winter. Blizzard warnings forecasting snowfalls of up to 18 inches stretched across the region as the storm barreled through New Mexico toward the Texas and Oklahoma Panhandles and parts of Kansas and Colorado. In southern Colorado, blizzard conditions were expected to drop between 8 and 16 inches of snow. In northern New Mexico, all roads from Raton to the Texas and Oklahoma borders about 90 miles east were closed, and an unknown number of motorists were stuck in a blizzard along rural highways, a Clayton police dispatcher said. A portion of Interstate 25, the major route heading northeast of Santa Fe into Colorado, was among the roads closed, and even where highways remained open, some drivers were forced to pull off. Snow and strong winds also created blizzard-like conditions in far western Kansas and the Oklahoma Panhandle as the storm moved east. Source: http://www.google.com/hostednews/ap/article/ALeqM5hA-BjlvkPqgoFaQK_xEfO1wiZSYA?docId=2ddaf532fed44ff3acdd9ab607ab8f8c

• A Southern California Edison employee shot four people, killing two, at the firm’s office east of Los Angeles before turning the gun on himself, December 16. – Associated Press (See item 38)

38. December 17, Associated Press – (California) Employee, 48, shoots 4, self at LA-area office. A man who shot four people, killing two, at a utility office east of Los Angeles before turning the gun on himself was a company employee, authorities said December 17. Investigators ruled his death a suicide, a Los Angeles County coroner’s official said. Two men were killed in the December 16 shooting. Two other shooting victims were in critical condition at a hospital, the sheriff’s department said. All five people worked for Southern California Edison in the same area of the same building at an office park in Irwindale, authorities said. Employees barricaded themselves behind locked doors and hid under desks as the shooter walked through the office firing a semi-automatic handgun, authorities said. Four of the victims were Edison employees and one was a contract worker, authorities said. The office complex and nearby schools were locked down as the Los Angeles County Sheriff Department’s SWAT team responded. Source: http://www.newsday.com/news/nation/employee-48-shoots-4-self-at-la-area-office-1.3395050

Details

Banking and Finance Sector

7. December 18, Detroit Free Press – (Michigan) Bomb squad blows up grenade at bank. The Detroit Police Bomb Squad detonated a grenade found outside a bank’s drive-through window December 17 on Detroit’s east side. A Detroit police sergeant said the grenade was found about 1 p.m. outside a Comerica Bank on the 20500 block of Mound Road. It was quickly contained and no one was injured, the sergeant said. Source: http://www.freep.com/article/20111218/NEWS05/112180462/Bomb-squad-blows-up-grenade-at-bank

8. December 17, Chicago Sun-Times – (Illinois) Streamwood bank back to normal after anthrax scare. A woman who went into a Streamwood, Illinois, bank December 16 and told an employee she had exposed people in the bank to anthrax set off a scare. At 11:05 a.m., the Streamwood Fire Department (SFD) responded to a hazardous materials incident at a Bank of America branch, according to a release from the SFD. A bank employee reported a woman entered and stated she had exposed the occupants to anthrax. The woman then walked out and drove away. SFD officials isolated the building and hazardous materials technicians wearing chemical protective clothing went in to obtain samples. As a precaution, an additional haz-mat unit from the South Elgin Fire Protection District, and a mobile decontamination unit from the Arlington Heights Fire Department were requested. A chemical test kit produced negative results for biological agents, and the building was returned to normal operation. Source: http://couriernews.suntimes.com/news/9486833-418/streamwood-bank-back-to-normal-after-anthrax-scare.html

9. December 16, Attleboro Sun Chronicle – (Massachusetts) Woman guilty in bank theft. A former assistant manager of the North Easton Savings Bank in Mansfield, Massachusetts, pleaded guilty December 15 in federal court to embezzling almost $175,000 from the bank through unauthorized withdrawals from customers’ accounts. The woman was an assistant bank manager when she began withdrawing funds in October 2010 and continued the scheme until January. She was employed by the bank from 2007 until February 2011 when the scheme was discovered. She pleaded guilty to embezzlement, bank fraud, and aggravated identity theft, according to court records. Authorities said she used some funds to pay for a 2004 Cadillac CTS luxury sport sedan that the U.S. attorney’s Office isseeking to seize through forfeiture laws. She faces up to 27 months in prison and 3 years’ probation, according to a plea agreement filed with the court. Prosecutors are also seeking $174,515 in restitution. Bank auditors identified 126 fraudulent transactions linked to the assistant manager involving withdrawals of cash or bank checks, and withdrawals from customer CD accounts, according to federal authorities. She covered up the thefts by manipulating bank records, authorities said. In one transaction, she took $12,530 in cash from a customer for a bank check to pay the tuition of a customer’s daughter. But instead of depositing the cash she allegedly stole it and then balanced her ledger by electronically withdrawing funds from another customer’s account, federal authorities said. Source: http://www.thesunchronicle.com/articles/2011/12/16/news/10660777.txt

10. December 16, KUSI 18 San Diego – (California) Four plead guilty in loan modification scam. Four men pleaded guilty in federal court in San Diego December 16 to stealing more than $11 million in a loan modification scam that preyed on desperate homeowners trying to save their homes from foreclosure. The men pleaded guilty to conspiracy charges. One of the men also admitted he failed to report about $489,308 in taxable income received in 2009 from 1st American Law Center. An employee of 1st American pleaded guilty a year ago and was sentenced in March to 21 months in custody for his involvement in the conspiracy. According to court documents, one of the men opened up the loan modification business in North County in 2008. The defendants used high-pressure sales tactics and outright lies to induce customers to purchase loan modification services — for payments of $1,995 to $4,495 — such as falsely claiming to have a team of attorneys who pre-screened clients and having a 98 percent success rate in obtaining loan modifications. The telemarketers even persuaded homeowners to pay the company’s fees instead of using their limited funds to stay current on mortgage payments, prosecutors said. They said 1st American fraudulently obtained more than $11 million in client payments between 2008 and 2010 from more than 4,000 homeowners across the country. Source: http://www.kusi.com/story/16344126/four-plead-guilty-in-loan-modification-scam

11. December 16, Huffington Post – (Nevada; Florida) Nevada sues lender processing services, mortgage giant, for foreclosure fraud. In a move likely to further Nevada’s growing reputation for rigorously pursuing mortgage fraudsters, the state’s attorney general is suing Lender Processing Services, a Florida-based company that allegedly foreclosed illegally on thousands of struggling borrowers, according to a press release. The company, which processes more than half of all foreclosures annually, faces a number of charges: fraudulently notarizing documents; intentionally disrupting communication between distressed borrowers and the attorneys attempting to help them; kickbacks concealed as “attorney’s fees,” and “robo-signing;” in which employees signed foreclosure documents without verifying the information. The state alleges Lender Processing Services “required employees to execute and/or notarize up to 4,000 foreclosure related documents every day.” Lender Processing Services “engaged in a pattern and practice of deceptive conduct that willfully misled consumers, courts and the public, resulting in countless foreclosures that were predicated upon false, deceptive and deficient documents that [the company] prepared and/or executed,” the attorney general said in the complaint. Source: http://www.huffingtonpost.com/2011/12/16/lender-processing-services-nevada_n_1154437.html

12. December 16, Consumer Reports – (National) Defendants in fraudulent mortgage relief case settle with FTC. Six defendants have agreed to settle Federal Trade Commission (FTC) charges they participated in a fraudulent mortgage modification and foreclosure relief scheme. The settlement orders ban all six from selling mortgage assistance or debt relief products, and to pay back millions of dollars. According to the FTC, the defendants advertised a mortgage relief program that would reduce a homeowner’s payments as part of the “Obama Act” or the “federal stimulus program,” despite no government affiliation. Consumers were charged up to $4,250, and promised a reduction to their mortgage payments, interest rates, and sometimes even principal loan amounts. The FTC alleged the defendants also promised refunds if they were unsuccessful, but that once consumers paid the fee, they got nothing, and the defendants did not respond to consumer calls or e-mails. According to the complaint, the defendants disconnected their telephones and changed the name of their business while continuing to make promises and collect payment from other consumers. The settlement order against one defendant and New Life Solutions imposes a $3.9 million judgment. The order against another defendant, DLD Consulting, and D.G.C. Consulting, imposes a judgment of $2.1 million. The settlement order against a third defendant imposes a $3.6 million judgment that is suspended. Litigation continues against a fourth man, and defaulting corporate defendants U.S. Homeowners Relief, Waypoint Law Group, and American Lending Review. Source: http://news.consumerreports.org/money/2011/12/defendants-in-fraudulent-mortgage-relief-case-settle-with-ftc.html

13. December 16, Softpedia – (International) Influential Ukrainian general arrested for international cybercrimes. The FBI in collaboration with the Romanian Intelligence Service (SRI) apprehended a 54-year-old Ukrainian retired general and two of his accomplices while they were trying to withdraw $1 million from CEC Bank, money obtained as a result of cyberfraud. The former general, an Israeli business man, and a 37-year-old Moldavian were arrested December 16 in Iasi, Romania, while they were trying to obtain the money, reports local newspaper Adevarul. After they managed to obtain Internet banking account credentials belonging to business owners from Italy and the United States, the group transferred large sums of money into the accounts of companies they owned. “Later, to wash the money trail, fictitious commercial transactions were made, while in reality the funds were being transferred to other accounts or withdrawn in cash by the members of the criminal group,” reads a statement from Romanian anti-crime and terrorism unit DIICOT. A day before the operation was busted, the three men tried to withdraw from the same financial institution the sum of $450,000, which they obtained from the accounts of an Italian company. Since the men looked suspicious, the bank postponed the transaction and alerted authorities. The general, who has been living in Belgium for the past few years, claims the $1 million was given to him by a company that wanted to buy shares at the TV station he owned. Source: http://news.softpedia.com/news/Influential-Ukrainian-General-Arrested-for-International-Cybercrimes-241298.shtml

Information Technology

31. December 17, The Register – (International) Security mandates aim to shore up shattered SSL system. A consortium of companies published a set of security practices they want all Web authentication authorities to follow for their secure sockets layer (SSL) certificates to be trusted by browsers and other software. The baseline requirements, published the week of December 12 by the Certification Authority/Browser Forum, are designed to prevent security breaches that compromise the tangled Web of trust that forms the underpinning of the SSL certificate system. Its release follows years of mismanagement by individual certificate authorities permitted to issue credentials trusted by Web browsers. Most notable is this year’s breach of DigiNotar, which led to the issuance of a fraudulent certificate used to snoop on 300,000 Gmail users in Iran. Source: http://www.theregister.co.uk/2011/12/17/ssl_certificate_security_requirements/

For another story, see item 13 above in the Banking and Finance Sector

Communications Sector

32. December 19, Erie Times-News – (Pennsylvania) Police investigate theft of wire in McKean Township. Pennsylvania State Police at Lawrence Park Township are asking the public’s help in solving the theft of copper wire for a Verizon Wireless cell-phone tower. Police said someone removed the copper wire, which was used as ground wires for the tower, between November 16 at noon and 12:55 p.m December 16. The theft occurred in the 5000 block of California Road in McKean Township, police said. Source: http://www.goerie.com/article/20111219/NEWS02/312199954/Police-investigate-theft-of-wire-in-McKean-Township

For another story, see item 31 above in the Information Technology Sector