Wednesday, December 28, 2011

Complete DHS Daily Report for December 28, 2011

Daily Report

Top Stories

• A surgeon, a medical technician, and a pilot were killed December 27 when a medical helicopter crashed 12 miles north of Palatka, Florida. – CNN (See item 29)

29. December 27, CNN – (Florida) 3 dead in Florida medical helicopter crash. A surgeon, a medical technician, and a pilot were killed December 27 when a medical helicopter crashed in Florida, the Mayo Clinic said. The helicopter crashed about 12 miles northeast of Palatka, Florida, according to a Federal Aviation Administration (FAA) spokeswoman. The clinic said the helicopter was carrying two employees to theUniversity of Florida in Gainesville to harvest organs when the crash occurred. The helicopter was owned by SK Jets, according to the FAA. The company has not commented on the crash. Source: http://www.cnn.com/2011/12/26/us/florida-medical-helicopter-crash/index.html

• A fight that started in the Mall of America in Bloomington, Minnesota, lead to 10 arrests December 26. Witnesses said the melee had elements of a ―smash and grab‖ flash mob while police verified that more than 200 people total may have been involved. – Minneapolis Star-Tribune (See item 41)

41. December 27, Minneapolis Star-Tribune – (Minnestoa) Moving melee causes chaos at packed Mall of America. A fight that started in a food court quickly spread through the Mall of America in Bloomington, Minnesota, December 26. Several witnesses said the melee had elements of a ―smash and grab‖ flash mob, including heavy use of cellphones. They said those creating the disturbance numbered in the hundreds, some knocked down shoppers and grabbed items from kiosks and other shoppers. Although Bloomington police verified that some groups were as large as 100 people and that more than 200 people total may have been involved, they received no reports of stolen merchandise. Several stores, including Nordstrom, closed internal gates to the mall court, and a few stayed closed for the evening. More than 30 Bloomington Police, as well as Metro Transit and Richfield officers, responded. Bloomington Police and mall security arrested at least 10 juveniles and young adults on suspicion of disorderly conduct. Mall officials said it took more than an hour to quell the disturbance. However, many witnesses reported that fights continued to flare in the mall well after. Metro Transit Police said they broke up several fights outside the mall later in the evening. That agency‘s officers also monitored bus routes from the mall to Minneapolis, St. Paul, and Brooklyn Center. At a downtown St. Paul stop, four juveniles and an adult were arrested on suspicion of disorderly conduct. Source: http://www.startribune.com/local/west/136237398.html?page=all&prepage=1&c=y#continue

Details

Banking and Finance Sector

10. December 27, Federal Bureau of Investigation – (New York) Queens man who orchestrated $10 million commercial bank fraud and bank bribery scheme pleads guilty in Manhattan federal court. The U.S. Attorney for the Southern District of New York announced that a man pleaded guilty December 27 to participating in a bank fraud and bank bribery scheme to defraud several banks of at least $10 million by obtaining commercial loans and lines of credit using false and fraudulent documents. The defendant was previously charged in a superseding indictment along with two accomplices. As part of the scheme, the man allegedly submitted loan applications in the names of shell companies with no assets and straw owners, using fraudulent documents they created to dupe the banks into believing those entities were real. The defendant also paid bribes totaling over $135,000 to an employee of Citibank to obtain $2.45 million worth of loans. From 2009 to November 2010, the three men and others fraudulently obtained at least 16 commercial loans and/or lines of credit, receiving at least $10 million, from eight different lenders—Capital One Bank, NA.; Citibank, NA. (―Citibank‖); First Republic Bank; Herald National Bank; New York Commercial Bank; Signature Bank; Sovereign Bank; and TD Bank, NA. All of these loans are presently in default. The defendant pleaded guilty to one count of conspiracy to commit bank fraud, five substantive counts of bank fraud, and one count of bank bribery. Each count carries a maximum potential penalty of 30 years in prison. He faces a maximum potential penalty of 210 years in prison. In addition, the bank fraud counts each carry a potential fine of $1,000,000, and the bank bribery count carries a potential fine of $1,000,000 or three times the value of the bribe. As part of his agreement, he agreed to forfeit at least $8,200,000. Source: http://7thspace.com/headlines/402865/queens_man_who_orchestrated_10_million_commercial_bank_fraud_and_bank_bribery_scheme_pleads_guilty_in_manhattan_federal_court.html

11. December 27, Financial Industry Regulatory Authority – (National) FINRA fines Credit Suisse Securities $1.75 million for regulation SHO violations and supervisory failures. The Financial Industry Regulatory Authority (FINRA) announced December 27 that it fined Credit Suisse Securities (USA) LLC $1.75 million for violating Regulation SHO (Reg SHO) and failing to properly supervise short sales of securities and marking of sale orders. As a result of these violations, Credit Suisse entered millions of short sale orders without reasonable grounds to believe that the securities could be borrowed and delivered and mismarked thousands of sales orders. FINRA found that from June 2006 through December 2010, Credit Suisse‘s Reg SHO supervisory system regarding locates and the marking of sale orders was flawed and resulted in a systemic supervisory failure that contributed to significant Reg SHO failures across its equities trading business. During the time period, Credit Suisse released millions of short sale orders to the market without locates, including threshold and hard to borrow securities. The locate violations extended to numerous trading systems, aggregation units, and strategies. In addition, Credit Suisse mismarked tens of thousands of sale orders in its trading systems. The mismarked orders included short sales that were mismarked as ―long,‖ resulting in additional violations of Reg SHO‘s locate requirement. As a result of its supervisory failures, many of Credit Suisse‘s violations were not detected or corrected by the firm until after FINRA‘s investigation caused Credit Suisse to conduct a substantive review of its systems and monitoring procedures for Reg SHO compliance. FINRA found that Credit Suisse‘s supervisory framework over its equities trading business was not reasonably designed to achieve compliance with the requirements of Reg SHO and other securities laws, rules, and regulations throughout the period at least June 2006 through at least December 2010. In concluding this settlement, Credit Suisse neither admitted nor denied the charges, but consented to the entry of FINRA‘s findings. Source: http://www.finra.org/Newsroom/NewsReleases/2011/P125300?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+FINRANews+(FINRA+News)&utm_content=Google+Reader

12. December 23, U.S. Securities and Exchange Commission – (California; International) SEC charges securities trader with cross-border fraudulent interpositioning scheme. The Securities and Exchange Commission (SEC) December 23 charged a former securities trader at a San Diego-based brokerage firm with orchestrating an illegal trading scheme. The SEC alleges that the former trader acted in concert with a Mexican investment adviser, InvesTrust, and unnecessarily inserted a separate broker-dealer as a middleman into securities transactions in order to generate millions of dollars in additional fees. The trader agreed to pay $1 million to settle the SEC‘s charges. The SEC also charged his former firm Investment Placement Group (IPG) and its chief executive officer (CEO) with failing to properly supervise the trader. IPG agreed to pay more than $4 million to settle the charges. In an interpositioning scheme, an extra broker-dealer is illegally added as a principal on trades even though no real services are being provided. The SEC alleges that the trader colluded with InvesTrust and needlessly inserted a broker-dealer based in Mexico into securities transactions between IPG and InvesTrust‘s pension fund clients, causing the pension funds to pay approximately $65 million more than they would have without the middleman. According to the SEC‘s order, the scheme occurred from January to November 2008. The trader in coordination with InvesTrust acquired 10 different credit-linked notes in an IPG proprietary account. The SEC alleges that IPG, through the trader, added a markup of roughly 1.5 to 4.5 percent to the purchase price and then sold the notes to the middleman Mexican brokerage firm. IPG, through the trader, then repurchased the notes from the Mexican brokerage firm within a day or so at a slightly higher price. IPG added another markup and then sold the securities to InvesTrust‘s pension fund clients. According to the SEC‘s order, in some instances the trader repeated the buy-sell pattern with the middleman Mexican brokerage firm multiple times, driving up the price with each successive trade before finally selling the notes to the pension funds at artificially inflated prices. He received millions of dollars in additional markups generated from the interpositioned transactions. Source: http://www.sec.gov/news/press/2011/2011-277.htm

13. December 23, U.S. Securities and Exchange Commission – (National) SEC charges GE Funding Capital Market Services with fraud involving municipal bond proceeds. The Securities and Exchange Commission (SEC) December 23 charged GE Funding Capital Market Services (CMS) with securities fraud for participating in a wide-ranging scheme involving the reinvestment of proceeds from the sale of municipal securities. GE Funding CMS agreed to settle the SEC‘s charges by paying approximately $25 million that will be returned to affected municipalities or conduit borrowers. The firm also entered into agreements with the Department of Justice, Internal Revenue Service, and a coalition of 25 state attorneys general and will pay an additional $45.35 million. The settlements arise from extensive law enforcement investigations into widespread corruption in the municipal reinvestment industry. In thpast year, federal and state authorities have reached settlements with four other financial firms, and 18 individuals have been indicted or plead guilty, including three former GE Funding CMS traders. According to the SEC‘s complaint, in addition to fraudulently manipulating bids, GE Funding CMS made improper, undisclosed payments to certain bidding agents in the form of swap fees that were inflated or unearned. These payments were in exchange for the assistance of bidding agents in controlling and manipulating the competitive bidding process. The SEC alleges that from August 1999 to October 2004, GE Funding CMS illegally generated millions of dollars by fraudulently manipulating at least 328 municipal bond reinvestment transactions in 44 states and Puerto Rico. GE Funding CMS won numerous bids through a practice of ―last looks‖ in which it obtained information regarding competitobids and either raised a losing bid to a winning bid or reduced its winning bid to a lower amount so that it could make more profit on the transaction. In connection with other bids, GE Funding CMS deliberately submitted non-winning bids to facilitate bidset up in advance by certain bidding agents for other providers to win. GE Funding CMS‘s fraudulent conduct also jeopardized the tax-exempt status of billions of dollars in municipal securities because the supposed competitive bidding process that establishes the fair market value of the investment was corrupted. Source: http://sec.gov/news/press/2011/2011-276.htm

For more stories, see items 35 and 36 below in the Information Technology Sector, and 39 below in the Communications Sector

Information Technology

33. December 27, Softpedia – (International) Siemens promises to patch SCADA flaws after they angered researcher. Siemens has come forward with a statement reporting that they are planning to fix vulnerabilities in SCADA systems next month after a researcher highlighted the issues earlier in 2011, Softpedia reported December 27. The researcher became upset the week of December 19 after he found out from a Reuters reporter that Siemens officially denied knowing of the authentication flaws he had disclosed to them. Siemens later released an official comment stating that their development team had taken action and the vulnerabilities will be fixed by security updates, the first of which is planned to be issued in January 2012. Source: http://news.softpedia.com/news/Siemens-Promises-to-Patch-SCADA-Flaws-After-they-Angered-Researcher-243014.shtml

34. December 27, Softpedia – (International) HP releases firmware update to prevent unauthorized access. HP released a firmware update to mitigate vulnerabilities that could allow a hacker to remotely control HP LaserJet printers to launch cyberattacks, steal information, and in some scenarios even set them on fire, Softpedia reported December 27. Columbia University researchers discovered the vulnerabilities in November. The vulnerabilities and lack of an HP signature to authenticate firmware updates have concerned security experts since the researchers shared their findings. Source: http://news.softpedia.com/news/HP-Releases-Firmware-to-Prevent-Unauthorized-Access-243039.shtml

35. December 26, MacWorld – (International) Report: Phishing attack targets Apple customers. A ―vast phishing attack‖ that attempts to capture the credit card information of Apple customers was launched December 25, according to a report from Mac security-software company Intego. In a posting on its Mac Security blog, Intego said that the attack was an attempt to fool Apple customers into clicking on a link under the guise of updating the billing information of their Apple accounts. Users who click on the link in the phony e-mail will be taken to a realistic looking sign-in page that asks for the user‘s Apple ID and password. The user is then taken to a page asking them update account profile information, including credit card information. Intego reported that the messages are being sent with the subject ―Apple update your Billing Information‖ from a spoofed email address of ―appleid@id.apple.com.‖ Source: http://www.computerworld.com/s/article/9223023/Report_Phishing_attack_targets_Apple_customers

36. December 26, CNN – (International) Hackers target global analysis company. The global intelligence company Stratfor was hacked and had user information including credit card numbers posted online, CNN reported December 26. Around 4000 credit card numbers were released. Some Stratfor customers reported fraudulent charges being made to their credit cards after the information was posted on Pastebin. It was unclear whether the breach and apparent release of credit card information was the work of the activist hacking group Anonymous. The initial posting on Pastebin credited the AntiSec group, but a later message claiming to represent Anonymous denied any affiliation with the attack. Source: http://europe.cnn.com/2011/12/25/us/stratfor-hacking/?hpt=ibu_c2

Communications Sector

37. December 27, Associated Press – (Texas) West Texas phones out after line severed. All phone service was disrupted for much of December 26 in far West Texas after a fiber-optic line just south of Monahans was severed. An AT&T spokeswoman said a contractor accidentally cut an underground fiber optic line, cutting service in the provider‘s West Central Texas district. That left callers to Fort Stockton, Alpine, Fort Davis, Marfa, and other places getting a persistent busy signal. People in Terlingua in the Big Bend told the Odessa American their landline phones had been fine but cell service was knocked out. The Fort Stockton police chief told television station KOSA his department had to use an emergency backup plan that forwarded calls to a working county, which then relayed the information back. He said AT&T service was restored by the night of December 26. Source: http://abclocal.go.com/ktrk/story?section=news/state&id=8480720

38. December 25, WZVN 7 Fort Myers – (Florida) Copper theft disrupts Port Charlotte phone service. 300 Port Charlotte, Florida residents were without phone service after a copper theft from Century Link telephone equipment the week of December 19. The Charlotte County Sheriff‘s Office said this is the fifth copper theft from phone equipment boxes in Charlotte County in the past several days. The service disruption affected customers within a square mile area. CenturyLink officials said the repairs were completed by 7 p.m. December 24. Source: http://www.abc-7.com/story/16389238/2011/12/24/copper-theft-disrupts-port-charlotte-phone-service

39. December 23, Fort Worth Star-Telegram – (Texas) Feds untangle $20 million scheme in DFW against telecom companies. For years, a dozen or more conspirators ran a scheme in North Texas to rip off some of the nation‘s telecommunication giants, the Fort Worth Star-Telegram reported December 23. The $20 million cybercrime spree crumbled because of evidence painstakingly gathered from businesses and seized from the homes of conspirators. The week of December 19, two conspirators were convicted by a federal jury of one count each of conspiracy to commit wire fraud and mail fraud, federal officials said. One of the men was also convicted on three other counts. Twelve others charged in the case have pleaded guilty to their various roles, including the scheme‘s mastermind and his wife. The fraud went on for years as the conspirators played shell games and ripped off telecommunication giants for services they seldom paid for, court records say. The scheme included using homeless people, fake tax documents, bogus financial statements, and ever-changing addresses. To prosecute the case, the government gathered invoices, contracts, and financials. There were e-mails discussing subjects such as avoiding detection, due process, ―burning cash,‖ ―flaming ferrets,‖ and hiding spam. Federal agents seized tax reports, passports, computers, memory sticks, hard drives, and power supplies. The government presented evidence that, as part of a conspiracy, the men lied to obtain goods, such as computers and telecommunication equipment. They also created and bought shell companies to hide the identities of the owners or operators of the companies. ―The conspirators paid ... homeless persons for the use of their identities to ‗act‘ as the officers, directors or managers of the shell companies,‖ a news release from a U.S. attorney said. The conspirators defrauded companies including AT&T, Verizon, XO Communications, Excel Communications, Waymark Communications, Bandwidth.com, and CommPartners, the government said. Landlords were stiffed. Leasing companies and creditors, including Wells Fargo and AT&T Capital Services, were not paid. Credit-reporting agencies, power companies, insurance and air-conditioning companies, and Web site developers were among those deceived. Source: http://www.star-telegram.com/2011/12/23/3616495/feds-untangle-20-million-scheme.html

Tuesday, December 27, 2011

Complete DHS Daily Report for December 27, 2011

Daily Report

Top Stories

• Federal regulators have approved a nuclear reactor that could power the first nuclear plants built from scratch in the United States in more than three decades. – Associated Press (See item 4)

4. December 22, Associated Press – (National) NRC approves new nuclear reactor design. Federal regulators have approved a nuclear reactor designed by Westinghouse Electric Co. that could power the first nuclear plants built from scratch in the United States in more than three decades. The Nuclear Regulatory Commission (NRC) unanimously approved the AP1000 reactor December 22. The certification, to take effect within 2 weeks, will be valid for 15 years. The NRC chairman said the newly approved design would ensure safety through simplified, passive security functions and other features. He said plants using the design could withstand damage from an airplane crash without significant release of radioactive materials — an issue that gained attention after the 2001 terrorist attacks. Approval of the design is a major step forward for utility companies in Georgia, Florida, and the Carolinas that have billions of dollars riding on plans to build AP1000 reactors in the Southeast. Without NRC approval, the utilities could not have received a license to build their plants. Federal officials approved an earlier version of the AP1000 reactor in 2006, but it was never built in the United States. The $14 billion effort is the pilot project for the new reactor and a major test of whether the industry can build nuclear plants without the endemic delays and cost overruns that plagued earlier rounds of building years ago. The U.S. Presidential administration offered the project $8 billion in federal loan guarantees as part of its pledge to expand nuclear power. Source: http://www.foxnews.com/us/2011/12/22/nrc-approves-new-nuclear-reactor-design/

• Half of San Francisco’s on-duty firefighting force battled a wind-fueled, five-alarm fire December 22 that tore through four buildings in the Western Addition neighborhood and displaced about 60 people. – San Francisco Chronicle (See item 33)

33. December 23, San Francisco Chronicle – (California) 5-alarm S.F. fire engulfs apartments, injures two. Half of San Francisco’s on-duty firefighting force battled a wind-fueled, five-alarm fire December 22 that tore through two residential buildings in the Western Addition neighborhood and displaced about 60 people. Two other buildings, including a school, were damaged in the fire, which at its height was fought by 150 firefighters and support personnel. At one point, firefighters had to retreat from both buildings, fearing they would collapse. The fire started shortly in the back of a Victorian three-story condominium building, said the fire chief. The flames jumped quickly to an adjacent four-story apartment building. The chief described a fire that was so hot and intense that firefighters were unable to search the top floor of the Golden Gate condos for trapped residents. The nearby Creative Arts Charter School, which is closed for winter break, suffered water damage from sprinklers and blown-out windows. Source: http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2011/12/22/BAPP1MG051.DTL&tsp=1

Details

Banking and Finance Sector

7. December 23, BankInfoSecurity – (Connecticut; International) 14 indicted in phishing scheme. The Federal Bureau of Investigation and the U.S. Attorney for the District of Connecticut have indicted 14 Romanians for their involvement in an identity-theft scheme that relied on phishing attacks to target unwitting consumers. According to a statement issued by the Department of Justice, the 14 suspects been charged with conspiracy, fraud and identity theft. The indictment claims that in June 2005, one or more of the accused sent an e-mail to consumers, including a resident of Madison, Connecticut, that appeared to come from Connecticut-based People’s Bank. The generic e-mail said recipients’ online banking accounts had been locked; in order to remedy the issue, the recipients were instructed to click on links and enter specific bank account details and personal information. In addition to People’s Bank, Citibank, Capital One, Bank of America, JPMorgan Chase, Comerica Bank, Regions Bank, LaSalle Bank, U.S. Bank, Wells Fargo, eBay and PayPal also were targeted. According to court documents, the Web page to which the Connecticut e-mail recipient was directed appeared to originate from People’s Bank’; in actuality, the site was hosted on a compromised computer. In all of the cases of all of the fraudulent e-mails sent, once recipients entered personal or financial information, their entered information was routed to one or more of the defendants, or to a so-called collector account, an e-mail account used to receive and collect the stolen information. Several collector accounts containing thousands of e-mails with credit or debit card numbers, expiration dates, CVV codes, PINs and other personal information, such as names, addresses, telephone numbers, dates of birth, and Social Security numbers, were discovered during the FBI’s investigation. The co-conspirators used the information to access bank accounts and lines of credit, as well as withdraw funds from ATMs, which most often were in Romania. On December 12, following the extradition from Romania of three of the 14 suspects, a magistrate judge in Bridgeport unsealed the indictment. Each of the 14 defendants could face up to 35 years in prison. So far, two defendants have pleaded not guilty and are expected to go to trial in March. Source: http://www.bankinfosecurity.com/articles.php?art_id=4358

8. December 23, Bloomberg – (Florida; National) Rothstein says TD Bank played ‘critical’ role in ponzi scheme. The Florida lawyer convicted in a $1.2 billion investment fraud said Toronto-Dominion Bank (TD Bank) played a “critical” role in his Ponzi scheme, according to a transcript of a sworn deposition made public December 22. “They were assisting me in putting fake balance statements into the hands of my investors,” he said. The Florida lawyer plead guilty in January 2010 to five counts of racketeering, money laundering, and wire fraud after admitting he sold investors interests in bogus settlements of sexual-harassment and whistle-blower lawsuits. He also said that the size of TD Bank was important to the scheme because some investors worried about the solvency of a smaller bank he had been using. The bankruptcy trustee liquidating the law firm sued TD Bank in July, alleging that the institution let the Florida lawyer use its name, facilities, and accounts to deceive investors. The trustee accused the bank of ignoring “red flags” and letting the lawyer open accounts and transfer “huge sums” of money among them. Eight people have been charged in the probe by the U.S. Of those, six have been convicted. Two of the men who pleaded guilty worked as technology assistants at the law firm and set up a fake TD Bank Web site showing the Florida lawyer had $1.1 billion in a trust account, according to prosecutors. Investors who relied on that information ended up investing more than $35 million, an assistant U.S. attorney said in June in federal court in Fort Lauderdale. The lawyer testified in the deposition that he often brought investors to TD Bank branches so they could see bank employees handing him envelopes with a cover letter a bank employee wrote at his behest and a fake balance statement his office produced. He described how these “shows” would work at the bank and how bank employees allowed him to use conference rooms. He also testified that he employed an associate to pose as a banker; that man has also pleaded guilty in connection with the scam. TD Bank denies these claims. Source: http://www.businessweek.com/news/2011-12-23/rothstein-says-td-bank-played-critical-role-in-ponzi-scheme.html

9. December 22, KHOU 11 Houston – (Texas) Police: Man threatens bank tellers with fake bomb wrapped as Christmas gift. A man presented a propane bottle with red wires wrapped up in Christmas wrapping paper to a Citibank in Humble, Texas, December 22, according to Humble police. The man carried the present into the bank and tilted the present toward the teller. He told the teller it was a bomb and demanded money. After receiving two rounds of cash from the teller, the robber left the propane bottle and walked out of the bank. The bomb squad came in, and area businesses had to be evacuated. The police were surprised after they learned the device was a fake. “This time of the year it’s not uncommon to see someone walking in the bank with a present, so no one really suspected anything, at that time,” a spokesperson for the Humble Police Department said. Source: http://www.kens5.com/news/Police-Man-threatens-bank-tellers-with-fake-bomb-wrapped-as-Christmas-gift-136110568.html

10. December 22, Los Angeles Times – (California) FBI searches costume store in ‘Geezer Bandit’ investigation. Authorities probing the case of the Geezer Bandit have served a search warrant at a costume store in the San Luis Obispo, California area, demanding a list of all customers who bought a mask known as The Elder. Based on surveillance video and witness interviews at the site of the bandit’s latest heist, the FBI is now working on the theory that the prolific bank robber is not an elderly man but a younger man wearing an elaborate mask. “The robber was described as someone who appeared to be an elderly white male, but may have been wearing a synthetic-like mask and gloves to conceal his true physical characteristics,” the FBI said in a statement December 21. Unlike in the 15 previous bank robberies, a quick-thinking teller slipped an exploding dye pack into the plastic bag that the robber used to carry off the loot. A few steps outside the bank, the pack exploded, spewing red dye all over the robber, the money and possibly his mask and gloves. A surveillance camera shows that the robber “sprinted away across the bank parking lot.” He may have escaped in a white BMW, according to the FBI. In previous robberies, there did not appear to be any good clues about the Geezer Bandit’s mode of escape. Source: http://latimesblogs.latimes.com/lanow/2011/12/fbi-searches-costume-store-in-geezer-bandit-investigation.html

Information Technology

27. December 23, Softpedia – (International) Phishing has two sisters: vishing and smishing. While most Internet users are familiar with the term phishing and its dangerous effects, security researchers are recording a considerable increase in two related malicious schemes, vishing and smishing. Vishing is a variant of phishing, its name portmanteau of the words voice and phishing, reports the Windows Club. Vishing attacks involve an unsuspecting user called via phone by someone who pretends to represent an important organization such as a bank or a utility company. In these situations, the crooks request large amounts of personal information allegedly needed for certain operations, financial or otherwise. An alternative to this method implies an e-mail which urges the recipient to call a certain phone number. Usually these e-mails come with threats and they are more advantageous for the cybercriminals since they do not have to pay for the calls they make. Smishing involves SMSs. In these types of schemes, the victim receives an SMS that warns of the fact that he/she has been automatically enrolled in a paid service. In order to terminate the subscription, the recipient has to visit a URL and select a click a certain button, which instead of canceling the phony subscription, downloads a piece of malware infecting the phone. From here on, keyloggers or premium-SMS-sending trojans are free to do as they like. Source: http://news.softpedia.com/news/Phishing-Has-Two-Sisters-Vishing-and-Smishing-242767.shtml

28. December 23, H Security – (International) Microsoft confirms Windows vulnerability. Microsoft posted on its German-language Chief Security Advisor Blog about the Windows vulnerability reported December 20. The post states the company was able to reproduce a situation in which a specially crafted HTML page could cause a blue screen when opened with Safari on a 64-bit system. However, “at this time, our colleagues in the US do not believe that the vulnerability is capable of infecting Windows systems with malware”, so the company will “most likely not publish a security advisory for this vulnerability.” Security firm Secunia rated the vulnerability as “highly critical.” There is no exploit yet and the Microsoft posting states the company considers any wide-ranging exploitation of this vulnerability to be unlikely. Source: http://www.h-online.com/security/news/item/Microsoft-confirms-Windows-vulnerability-1400353.html

29. December 23, ITProPortal – (International) Rift developer Trion Worlds hacked. Trion Worlds, the developer behind the massive multiplayer online game Rift, had its servers hacked, losing information that includes user names, passwords, e-mail addresses, billing addresses, and credit card information. The announcement was made on the official Trion Web site and through an e-mail sent to subscribers and anyone who previously held an account with the firm. It describes that almost every piece of stored information about the company’s users was taken, including: “user names, encrypted passwords, dates of birth, email addresses, billing addresses, and the first and last four digits and expiration dates of customer credit cards.” Trion was quick to point out “There is no evidence, and we have no reason to believe, that full credit card information was accessed or compromised in any way.” The e-mail describes the hack as “recent” but not providing a time frame of when it might have occurred or how long Trion has known about it. Source: http://www.itproportal.com/2011/12/23/rift-developer-trion-worlds-hacked/

30. December 22, Computerworld – (International) Mozilla re-releases Firefox 9, backs out fix causing crashes. Mozilla issued another update December 21 — Firefox 9.0.1 — after backing out a bug fix that was causing some Mac, Linux, and Windows browsers to crash. Although Mozilla did not specify in 9.0.1’s release notes why it needed to re-release the browser, developers said the update was prompted by crash reports, primarily from Mac users, although the Linux and Windows versions were also affected. To fix the problem — which caused crashes when users ran certain add-on toolbars — Mozilla’s developers removed a patch that was applied earlier. Source: http://www.computerworld.com/s/article/9222972/Mozilla_re_releases_Firefox_9_backs_out_fix_causing_crashes?taxonomyId=17

31. December 22, Infosecurity – (International) Holiday season is fertile ground for most malware infections. Data released by SpywareRemove.com shows the holiday season, beginning with the Thanksgiving holiday in the United States through Christmas, is the most active time for malware infections. Research data compiled by the site over the last year (late 2010 — present) showed December 27, 2010 to have the largest spike in malware infections it tracked, with a 56 percent increase over the previous day. The company believes the December 27 date was prolific among cybercriminals due to the after Christmas rush of gift exchange and post-holiday deals by retailers. The Web site compiled its list of the top five malware infection dates according to its tracking data: December 27, 2010; February 27, 2011 (malware and phishing attacks attributed to the New Zealand earthquake); March 28, 2011 (breaking news of the Arab Spring protests); April 4, 2011 (the Monday after April Fool’s day); and November 28, 2011 (Cyber Monday). The top five malware infection dates indicate malware writers use a two-pronged strategy to deliver their malicious payloads to computers by taking advantage of one-time major events, as well as fixed dates on the calendar during the holiday season. Source: http://www.infosecurity-magazine.com/view/22839/

For another story, see item 7 above in the Banking and Finance Sector

Communications Sector

Nothing to report