Wednesday, February 29, 2012

Complete DHS Daily Report for February 29, 2012

Daily Report

Top Stories

• The U.S. Department of Energy said fuel markets in the Northeast could be significantly impacted if Sunoco closes a Philadelphia refinery in June. The closure could lead to tight supplies and price spikes. – Philadelphia Inquirer (See item 2)

2. February 28, Philadelphia Inquirer – (Northeast) U.S. report: Fuel markets ‘significantly impacted’ by refinery shutdowns. The U.S. Department of Energy February 27 said fuel markets in the Northeast “could be significantly impacted” if Sunoco closes its Philadelphia refinery in June, leading to tight supplies and price spikes in some areas. The report from the U.S. Energy Information Administration (EIA) said supplies of ultra-low sulfur diesel would be most affected by refinery shutdowns and transportation constraints. The potential loss of the Sunoco Philadelphia refinery “presents a complex supply challenge, and no single solution has been identified by industry participants that will address all of the logistical hurdles that must be overcome.” Pittsburgh and western New York state, which now are supplied through pipelines from the Philadelphia refineries, would most likely suffer if supplies of diesel and heating oil were constrained. Sunoco, headquartered in Philadelphia, announced in 2011 it would shut down its 335,000 barrel-per-day refinery if it could not find a buyer by June. The plant along the Schuylkill accounts for 24 percent of the refining capacity in the Northeast. Source: http://www.philly.com/philly/news/homepage/140663913.html

• Iowa’s underground water supply may not be able to meet the future demand from industry and urban sprawl, according to a state agency. It said communities must now plan to drill wells or pipe in water from new sources. – Associated Press (See item 23)

23. February 28, Associated Press – (Iowa) Iowa may not have enough water to meet future need. Iowa’s underground water supply may not be able to meet the future demand from industry and urban sprawl, according to the Iowa Department of Natural Resources, saying some communities must start planning now to drill new wells or to pipe in water from new sources. The agency has been surveying water supplies in the state’s aquifers over the past 4 years, the Associated Press reported February 28. An Iowa State University geologist said Iowa has the poorest water planning in the Midwest, with plans that have not been fully updated since 1985. He said that could be a problem with water needed for ethanol production, geothermal systems, growing towns, and new industries. The DNR’s survey uses the latest computer modeling techniques to show which places will have water in coming years and which will not. Geologists need another 5 to 10 years to complete the project, which costs about $500,000 a year. Iowa gets most of its water from the Jordan and Silurian aquifers. Both are showing signs of stress, and geologists are already concerned about whether the Cedar Rapids-Iowa City area, one of the fastest growing parts of the state, will have enough water decades from now. Source: http://www.timesrepublican.com/page/content.detail/id/159240/Iowa-may-not-have-enough-water-to-meet-future-need.html?isap=1&nav=5013

Details

Banking and Finance Sector

9. February 28, Detroit Free Press – (Michigan) Former city official indicted on $84 million kickback scheme. A former Detroit city treasurer has been indicted on charges he took bribes and kickbacks in a scheme that cost two Detroit pension funds $84 million in losses, the U.S. attorney’s office announced February 28. According to the indictment, the former treasurer took the bribes in exchange for approving more than $200 million in investments by the two City of Detroit pensions. It said the bribes, paid to the treasurer and his co-conspirators, came from individuals with business before the General Retirement System and the Police and Fire Retirement System of the City of Detroit. As city treasurer, the man was a member of the boards of trustees of the pension systems, and he had a responsibility to make decisions in the best interests of retirees and beneficiaries, authorities said. According to the indictment, between January 2006 and September 2008, when the treasurer conspired with others to defraud current and retired City of Detroit employees who contributed to the two pension funds. It alleges he deprived the employees of their right to honest services free of bribery and corruption. He is also charged with five counts of extortion or attempted extortion. Source: http://www.freep.com/article/20120228/NEWS01/120228031/Former-city-official-Kilpatrick-administration-indicted-84-million-kickback-scheme

10. February 28, Associated Press – (Maryland; International) Feds seize gambling site Bodog, indict founder. The sports gambling site Bodog was shut down and four Canadians indicted, including the site’s founder, for illegal gambling that generated more than $100 million in winnings, federal prosecutors announced February 28. The Web site’s domain name was seized February 27 and the indictments, which were handed down February 22, were unveiled February 28 in Baltimore, prosecutors said. The indictments follow federal prosecutions in 2010 of three of the biggest Web sites involved in online poker. More than 75 company bank accounts in 14 countries have been frozen, and authorities are seeking $3 billion in fines and restitution, in that investigation. Gamblers in Maryland and elsewhere were sent at least $100 million by wire and check from 2005 to 2012, the U.S. attorney’s office said, adding Bodog conducted a $42 million advertising campaign between 2005 and 2008 to attract gamblers to its Web site. The operation allegedly moved funds from Bodog’s accounts in Switzerland, England, Malta, Canada, and elsewhere to pay winnings to gamblers. The four Canadians face up to 5 years for conducting an illegal gambling business, and 20 years for money laundering. Bodog.com faces a fine of up to $500,000 for gambling and money laundering. The four indicted Canadians are not in custody, but arrest warrants have been issued for them, officials said. Source: http://www.google.com/hostednews/ap/article/ALeqM5hk2TSKU_ngpZh08aq9Mk5paER5EA?docId=30c1a9a400a5472398189415ee8a4458

11. February 28, Washington Post – (Maryland) Suspect used nuclear threat to rob Pr. George’s banks. Prince George’s County, Maryland police are on the lookout for a man they believe has committed a string of bank robberies by threatening to detonate a nuclear weapon, the Washington Post reported February 28. Police have released surveillance images of the suspect, who they believe has robbed at least four banks in the county since late December. The most recent robbery occurred February 27 at a M&T Bank branch in Clinton. The suspect walked into the bank and passed a note to a teller demanding money. Police said the same suspect is linked to three previous bank robberies — February 9 at a Capital One Bank branch in Largo; January 10 at a SunTrust Bank branch in Upper Marlboro; and December 29, 2010 at a Wells Fargo Bank branch in District Heights. In each incident, police said, the suspect handed a note to a teller demanding money and fled on foot. Each note contained a threat to detonate a nuclear weapon. The suspect did not show any visual evidence of such a device, according to a police spokesman. Source: http://www.washingtonpost.com/blogs/crime-scene/post/police-suspect-used-nuclear-threat-to-rob-pr-georges-banks/2012/02/28/gIQAtB7vfR_blog.html

12. February 27, Fort Lauderdale Sun-Sentinel – (Florida; Tennessee) Palm Beach County residents charged with mortgage fraud. The U.S. attorney’s office in south Florida said it filed charges February 27 against several Palm Beach County residents alleging a multi-million dollar mortgage fraud. A former Wachovia Bank vice president and a local lawyer are among those charged. The defendants sought financing higher than the sales price for 17 properties in Florida and Tennessee, according to a press release from the attorney’s office. One of the defendants submitted loan applications containing false information and documentation, including false verifications of bank deposits from a Port St. Lucie man, who was then an assistant vice president for Wachovia, the U.S. attorney’s office said. The defendants were charged with one count of conspiracy to commit mail fraud in connection with the plan that involved $8 million in loan proceeds and $500,000 diverted for personal benefit, according to the press release. If convicted, the defendants face a statutory maximum sentence of 30 years in prison. Source: http://www.sun-sentinel.com/business/fl-mortgage-fraud-charges-palm-beach-20120227,0,4065512.story

13. February 27, U.S. Commodity Futures Trading Commission – (Illinois) Federal court in Illinois orders former futures trader to pay over $6.6 million for cheating customers. The U.S. Commodity Futures Trading Commission (CFTC) announced February 27 it had obtained a federal court order requiring a former Chicago Board of Trade (CBOT) floor trader and registered floor broker to pay a disgorgement and civil monetary penalty of $6,608,750 for aiding and abetting another trader’s scheme to cheat customers who placed orders in Five-Year Treasury Note futures contracts. The order stems from a complaint filed in January 2008 charging the man with fraud and non-competitive trading. The order permanently prohibits him from engaging in any commodity-related activity and from registering or seeking exemption from registration with the CFTC. A floor trader sold 2,274 Five-Year Treasury Note futures contracts on behalf ofcustomers to the broker at an arranged price that was much lower than the market price in a manner that was not executed openly and competitively as required by CFTC and CBOT rules. Following the purchase, the broker sold 485 of the contracts back to the trader in another noncompetitive trade and sold the remaining 1,789 contracts on the CBOT’s electronic trading platform at the prevailing, higher market price, realizing a personal gain of about $1.65 million. The court concluded the other trader’s customers were “disadvantaged to the tune of $2,048,781.” Source: http://www.cftc.gov/PressRoom/PressReleases/pr6189-12

14. February 27, Bloomberg – (National) FBI fraud probes increase as insider trading ‘widespread’. Open FBI investigations into corporate, securities and commodity fraud increased 8.8 percent as of September 30, 2011, compared to 2010, the agency said in a report released February 27. The FBI had 2,572 such cases open at the end of the 2011 fiscal year, according to the report, up from 2,364 in 2010. The FBI report included data on financial crime probes during 2010 and 2011. There was an increase in insider trading probes, which are a “widespread problem” that has plagued the “fair and orderly operation” of securities markets, the report noted. The FBI is making greater use of wiretaps and undercover operations, which may provide the “best evidence” to prosecute financial crimes, the chief of the FBI’s financial crimes section said at a briefing in Washington, D.C. The FBI used wiretaps or undercover operations in more than 40 corporate, securities, and commodity cases in 2011, compared to less than 20 in 2008. The number of cases involving falsified financial data “remains relatively stable,” according to the report. The number of pending mortgage fraud cases declined 14 percent to 2,691 in 2011 from the 2010 fiscal year. Fraud targeting distressed homeowners has displaced loan originations as the biggest source of fraud in many FBI field offices, the report said. The FBI also had 2,690 pending health care fraud investigations at the end of fiscal 2011, up from 2,573 in 2010. Source: http://www.businessweek.com/news/2012-02-27/fbi-fraud-probes-increase-as-insider-trading-widespread-.html

Information Technology

34. February 28, H Security – (International) PostgreSQL updates close security holes. The PostgreSQL development team published updates for all actively supported branches of its open source relational database to fix bugs and close security holes found in the previous releases. Versions 9.1.3, 9.0.7, 8.4.11, and 8.3.18 correct a problem that prevented permission checks from being performed and a bug that may result in the successful verification of a spoofed SSL certificate. An input sanitization error that could be used to execute code when loading a pg_dump file was also fixed. These vulnerabilities could be exploited by an attacker to bypass security restrictions or conduct spoofing attacks and manipulate data. Versions up to and including 9.1.2, 9.0.6, 8.4.10, and 8.3.17 are affected; all users were advised to upgrade. Source: http://www.h-online.com/security/news/item/PostgreSQL-updates-close-security-holes-1444327.html

35. February 27, Ars Technica – (International) SSL fix aims to mend huge cracks in ‘Net’s foundation of trust. An open-source software developer proposed an overhaul to the Internet’s secure sockets layer (SSL) authentication system, aiming to minimize damage that would result from the compromise of one of the authorities trusted by major browsers. Under version two of his Mutually Endorsing Certificate Authority (CA) Infrastructure proposal, people connecting to Google Mail, Twitter, and other sites protected by SSL would draw on one of three randomly selected notaries to verify that the digital credential being presented is valid. By comparing the SSL certificate’s contents to data contained in the voucher returned by the notary, the person’s Web browser or e-mail program could quickly spot credentials that have been forged, even when they have been signed using the private key of a legitimate certificate authority. The notaries — or “voucher authorities” as they are called — would be made up of existing CAs. Source: http://arstechnica.com/business/news/2012/02/ssl-fix-aims-to-mend-huge-cracks-in-nets-foundation-of-trust.ars

36. February 27, IDG News Service – (International) Malware authors expand use of domain generation algorithms. Malware authors are increasingly adopting flexible domain generation algorithms (DGAs) to evade detection and prevent their botnets from being shut down by security researchers or law enforcement agencies. DGAs are generally used as a fallback mechanism for sending instructions to infected computers when the hard-coded command and control servers become unavailable. The algorithms generate a list of unique pseudo-random domain names every day. Clients ina botnet attempt to connect to them and receive commands when the primary servers cannot be reached. Knowing the algorithm allows malware authors to predict which domain names infected computers will attempt to access on a certain date, so they can register one of them in advance. Source: http://www.computerworld.com/s/article/9224700/Malware_authors_expand_use_of_domain_generation_algorithms?taxonomyId=17

For more stories, see items 10 above in the Banking and Finance Sector and 37, 38, and 39 below in the Communications Sector.

Communications Sector

37. February 28, Wall Street Journal – (International) Ship accidents sever data cables off East Africa. Undersea data cables linking East Africa to the Middle East and Europe were severed in two separate shipping accidents in February, causing telecommunications outages in at least nine countries and affecting millions of Internet and phone users, telecom executives, and governments, officials said. A ship dragging its anchor off the coast of the Kenyan port city of Mombasa severed a crucial Internet and phone link for the region February 25, crippling electronic communications from Zimbabwe to Djibouti, according to a public-private consortium that owns the cable. The Indian Ocean fiber-optic cable, known as The East African Marine Systems (Teams) was the fourth cable to be severed in the region since February 17. The Teams cable wsd rerouting data from three other cables severed 10 days ago in the Red Sea between Djibouti and the Middle East. Together, the four fiber-optic cables form the backbone of East Africa’s telecom infrastructure. Telecom companies were reeling the weekend of February 25 as engineers attempted to reroute data. The chief executive of West Indian Ocean Cable Co. said the Eastern Africa Submarine Cable System, the Europe India Gateway, and the South East Asia Middle East Western Europe-3 cables were severed at the same time, about 650 feet below the Red Sea. The cables were severed far out to sea, but he said a passing ship could have caused the damage because the Red Sea is unusually shallow. He said cable ships would repair the Red Sea cables within about 3 weeks. The general manager of Teams said plans were also under way to fix the Mombasa cable. Source: http://online.wsj.com/article/SB10001424052970203833004577249434081658686.html?mod=googlenews_wsj

38. February 27, Pensacola News Journal – (Florida) Internet outage fixed. Cox Cable has fixed an outage that affected 3,000 to 5,000 customers who live in Pensacola, Florida, the Pensacola News Journal reported February 27. The customers lost Internet and cable service. The outage appeared to be the result of a construction crew inadvertently cutting a Cox fiber line, a Cox public affairs manager said. Source: http://www.pnj.com/article/20120227/BUSINESS/120227008/Internet-outage-affects-3-000-5-000?odyssey=mod|newswell|text|FRONTPAGE|s

39. February 27, North Kitsap Herald – (Washington) Fiber cable cut, phone service out for 1,100 CenturyLink customers. A fiber optic cable was cut in the Kingston, Washington area, February 27, causing an outage affecting 1,100 CenturyLink customers. A CenturyLink spokeswoman said she did not know who or what was responsible. “The outage impacts inbound, outbound and Internet services as well as 911 services,” she said. “It is CenturyLink’s priority to restore 911 services as soon as possible.” Source: http://www.northkitsapherald.com/news/140637333.html

40. February 27, KCSR 610 AM Chadron – (Nebraska) KBPY back on air. Western Nebraska’s Real Rock KBPY 107.7 FM Hay Springs is back on the air February 27, but was running at lower power. After assessing the situation, engineers were able to get the station back up and running. However, the station will go off air for a brief time February 28 for final repairs to be made. The expected down time will be just 30 minutes. The station had been off the air since late February 25 when two problems were found at the transmitter site. KBPY is expected to be operating at full power by February 28. Source: http://www.chadrad.com/newsstory.cfm?story=23868

Tuesday, February 28, 2012

Complete DHS Daily Report for February 28, 2012

Daily Report

Top Stories

• The cost of repairing and expanding U.S. drinking water infrastructure will top $1 trillion in the next 25 years, an expense that will be covered by higher water bills and fees, a new study found. – PRWeb (See item 26)

26. February 27, PRWeb – (National) Water infrastructure bill to top $1 trillion: AWWA ‘Buried No Longer’ report highlights cost of repair, expansion; shows impact on U.S. households. The cost of repairing and expanding U.S. drinking water infrastructure will top $1 trillion in the next 25 years, an expense that will be met primarily through higher water bills and local fees, according to a study by the American Water Works Association (AWWA), PRWeb reported February 27. The report, titled “Buried No Longer: Confronting America’s Water Infrastructure Challenge,” analyzes many factors, including timing of water main installation and life expectancy, materials used, replacement costs, and shifting demographics. Nationally, infrastructure needs are almost evenly divided between replacement and expansion requirements. Cities will be impacted in different ways depending on size and geography. Many small communities will face the greatest challenges because they have smaller populations across whom to spread expenses. Source: http://www.prweb.com/releases/prweb2012/2/prweb9222932.htm

• A teenager at a high school in Chardon, Ohio, opened fire in the cafeteria February 27, killing one student and wounding four others before being caught, according to FBI officials. – Associated Press (See item 31)

31. February 27, Associated Press – (Ohio) 1 dead, 4 wounded in Ohio school shooting. A teenager at Chardon High School in Chardon, Ohio, opened fire in the cafeteria February 27, killing one student and wounding four others before being caught a short distance away, authorities said. A student who witnessed the attack from just a few feet away said it appeared the gunman was targeting a group of students sitting at a cafeteria table, and the student who was killed was trying to duck under the table. Panicked students screamed and ran through the halls after the gunfire broke out at the start of the school day at the 1,100-student school, about 30 miles from Cleveland. The suspect was arrested near his car a half-mile away, the FBI said. He was not immediately charged. FBI officials would not comment on a motive. Five students were taken to Cleveland-area hospitals, and one later died, officials said. At least one other victim was listed in serious condition. Parents thronged the streets around the school as they heard from students via text message before official word came of the attack. Officers investigating the shooting blocked off a road in a heavily wooded area several miles from the school. Source: http://www.google.com/hostednews/ap/article/ALeqM5hztXIBuN1ZWUvDZBE7Pq41lejdLw?docId=2c15575fa3a34a4a91bd90b0dc0eaf44

Details

Banking and Finance Sector

10. February 26, Louisville Courier-Journal – (Kentucky) Five Occupy Louisville members arrested in protest at Chase bank. Five people were arrested at an Occupy Louisville demonstration in Louisville, Kentucky, that turned into a confrontation with Louisville Metro Police February 25 at a Chase bank branch. Several people at the demonstration described what they saw as physical encounters between the police and protesters. Officers were called to the bank on a report demonstrators were blocking the entrance, a police spokesman said. He said they were told by management protesters tried to occupy the inside of the bank. He stated officers advised the demonstrators they could protest but could not block the bank entrance or prevent customers from entering. After a few customers were let inside the bank, several protesters tried to rush the door. The officers called for backup and arrested five people. An Occupy Louisville spokeswoman estimated there were 35 demonstrators. Source: http://www.courier-journal.com/article/20120225/NEWS01/302250052?odyssey=mod|mostcom

11. February 25, Fort Launderdale Sun Sentinel – (Florida) FBI searching for possible serial bank robber. A TD Bank was robbed in Boca Raton, Florida, February 24 and the robber may be responsible for seven other bank heists since December 25, 2011, the FBI said. Agents released surveillance photographs from the February 24 bank robbery. The robber entered the bank and demanded money from an employee. An undisclosed amount of cash was taken. Customers were in the bank at the time of the robbery, officials said. The FBI believes the robber may be involved in other bank robberies that included the Amtrust Bank and Valley Bank in Hollywood, Regent Bank in Davie, a TD Bank and Bank of America in Fort Lauderdale, Comerica Bank in Boca Raton, and the IberiaBank in Pompano Beach. Source: http://www.orlandosentinel.com/news/local/fl-boca-bank-robbery-20120224,0,5301551.story

12. February 24, San Diego Union-Tribune – (California) ‘Well-dressed Bandit’ admits 9 heists. A San Diego man dubbed the “Well-Dressed Bandit” by the FBI pleaded guilty in federal court February 21 to nine bank and credit union robberies, the San Diego Union -Tribune reported February 24. He faces up to a 20-year prison term at sentencing, federal officials said. The suspect did not plead guilty to a 10th count, involving what the FBI believes was the beginning of the holdup series May 18, 2010, at an Escondido Wells Fargo Bank. The other nine cases included three San Diego holdups in 2010 and four in 2011. One of the banks, in the Carmel Valley area, was hit three times, including the final case in the series September 23, 2011. A Solana Beach credit union was robbed twice in 2011. The robber got his FBI nickname for sometimes wearing a suit jacket, leather coat, or a dapper hat. In the September holdup, witnesses saw the robber leave in a black luxury sedan and noted some of the license plate numbers. the suspect was arrested by FBI agents and San Diego police October 19. Source: http://www.utsandiego.com/news/2012/feb/24/well-dressed-bandit-admits-nine-bank-robberies/

13. February 24, Bloomberg – (International) Russian man pleads guilty to cyber-fraud conspiracy in U.S. A Russian national charged by U.S. authorities with orchestrating a cyber-fraud scheme from Europe has pleaded guilty to illegally gaining computer access to bank accounts via Web sites claiming to offer goods and merchandise, Bloomberg reported February 24. He pleaded guilty in federal court in Manhattan February 17 to a count of conspiracy and a count of wire fraud, records show. Federal prosecutors alleged a scheme from 2004 to 2005 involving the man, his son, and others preying on U.S. consumers who believed the unauthorized charges were for legitimate goods. They said the father, son, and unidentified accomplices controlled U.S.-registered companies Sofeco LLC, Pintado LLC, and Tallit LL that appeared to be legitimate Internet merchants. The defendants took unauthorized charges on customers’ credit cards, prosecutors said. They also got credit card numbers by buying them from people or by using computer programs surreptitiously installed on victims’ computers. The pair engaged in a scheme from June 2004 to February 2005 to access financial services accounts of U.S. victims and attempted to transfer hundreds of thousands of dollars into bank accounts they controlled, prosecutors said. The defendants also bought and sold securities in publicly traded companies through a firm called Rim Investment Management Ltd. Source: http://www.businessweek.com/news/2012-02-24/russian-man-pleads-guilty-to-cyber-fraud-conspiracy-in-u-s-.html

14. February 24, San Diego Union-Tribune – (California) Photos of ‘Insistent Bandit’ released. Security camera photos of a scruffy-bearded man who robbed an El Cajon, California bank February 21, believed to be his fifth heist, were released by the FBI February 24. Investigators have dubbed him the “Insistent Bandit” because of his manner of demanding money from tellers. He held up a Pacific Western Bank in El Cajon February 21 and rode away on a red mountain bike. He is suspected of robbing a US Bank in Santee February 10, January 23, and January 17, and a Home Bank of California in Pacific Beach February 6, the FBI said. The robber carried a pistol in his waistband in the most recent case and lifted his shirt so the teller could see it. Source: http://www.utsandiego.com/news/2012/feb/24/photos-insistent-bandit-released/

15. February 24, Detroit Free Press – (National) Flagstar mortgage fraud lawsuit settled for $133 million. The U.S. government announced February 24 it had reached a $133-million settlement with Troy, Michigan-based Flagstar Bank that resolves a civil fraud lawsuit accusing the bank of fraudulent mortgage lending practices. The lawsuit, filed in New York, alleged Flagstar used unqualified employees to approve mortgage loans backed by the U.S. Department of Housing and Urban Development (HUD) that did not comply with HUD and Federal Housing Administration (FHA) underwriting requirements, and made false certifications on mortgage loans. Under terms of the settlement, Flagstar agreed to pay $15 million within 30 business days and will pay an additional $118 million as soon as it meets certain financial benchmarks. An independent third party, paid for by Flagstar, will monitor compliance with HUD and FHA lending rules for at least 1 year. Flagstar also agreed to implement a training program for employees involved in the originating and underwriting of FHA loans, and to terminate the senior managers who had been overseeing the bank’s manual underwriting process. Source: http://www.freep.com/article/20120224/BUSINESS06/120224054/Flagstar-mortgage-fraud-lawsuit-settled-133-million

16. February 24, U.S. Securities and Exchange Commission – (National; International) Court accepts guilty plea in $72 million Ponzi scheme. The U.S. Securities and Exchange Commission (SEC) announced February 24 that a U.S. district judge in Michigan accepted a February 16 guilty plea from a Flint-area resident to 1 count of wire fraud for his role in orchestrating a $72 million Ponzi scheme involving at least 3,000 investors. He faces a potential maximum penalty of 20 years in federal prison. The criminal charges arose out of the same facts that were the subject of an emergency action the SEC filed against him and others May 5, 2008. The SEC’s complaint alleged that from December 2005 through November 2007, the defendant, through his company Legisi Holdings, conducted a fraudulent, unregistered offering of securities in which he raised about $72 million from more than 3,000 investors in all 50 states and several foreign countries. According to the complaint, he said he would invest the offering proceeds in various investment vehicles and pay interest of as much as 15 percent per month from the resulting profits. The complaint charged that he invested less than half of the offering proceeds, and that these investments resulted in millions of dollars in losses. The Commission’s complaint further charged he used investor funds to make Ponzi payments to investors and for his own use. Source: http://www.sec.gov/litigation/litreleases/2012/lr22269.htm

Information Technology

37. February 27, H Security – (International) ASLR to be mandatory for binary Firefox extensions. A patch recently introduced to the Firefox repository is designed to make the browser more secure by forcing certain binary extensions to use address space layout randomization (ASLR) under Windows. Mozilla developers said the change, which will prevent cross platform component object module (XPCOM) component dynamic link libraries (DDLs) without ASLR from loading, should be included in Firefox 13 “if no unexpected problems arise.” This could, for example, affect products from anti-virus firms Symantec and McAfee. As recently as 2011, these products were noted installing DLLs compiled without ASLR in the browser, enabling malware to predict with relative ease the memory addresses used for heap and stack areas by the DLLs. ASLR is designed to randomize all memory addresses, so the program components in question will be placed in different locations each time they start. Source: http://www.h-online.com/security/news/item/ASLR-to-be-mandatory-for-binary-Firefox-extensions-1443131.html

38. February 24, The Register – (International) Anti-phishing DMARC adoption gathers (free) steam. The world’s biggest names in the consumer Web mail space are sharing security intelligence with businesses for free to help drive adoption of the Domain-based Message Authentication, Reporting, and Conformance (DMARC) e-mail authentication system. In January, Google, Microsoft, AOL, Facebook, and Yahoo! joined up with service providers such as PayPal to push the DMARC standard, which integrates with Sender Policy Framework (SPF) and Domain Keys Identified Mail (DKIM) systems. The advantage of participating in DMARC for businesses is that they, as domain name holders, can specify e-mail handling policy via DMARC, which acts as an overlay for SPF and DKIM checking. By confirming an e-mail message is actually coming from a firm’s servers and not from a spammer, spoofed e-mails are cut out, and info about that spam-blocking is then fed back into the DMARC register to identify the e-mail systems being used by the spammers. The open flow of information between DMARC and businesses ensures both sides benefit from more efficient spam blocking. The week of February 20, the e-mail intelligence firm and founding member of the DMARC consortium Agari opened up its Receiver Program, making it free to all comers. Businesses can sign up to get the latest anti-spam and anti-phishing intelligence from members of DMARC, and can use it to refine filtering techniques. Source: http://www.theregister.co.uk/2012/02/24/dmarc_spam_phishing_free/

Communications Sector

39. February 26, Diamond Bar Patch – (California) Cut cable knocks out service to DB residents. A cut cable February 26 affected service to customers in Diamond Bar, Walnut, and Rowland Heights, California, a Time Warner Cable spokesperson said. It was not immediately clear how or where the cable was cut. Less than 5,000 customers in all three cities were affected by the outage, officials said. Services were restored by February 26, the spokesperson said. However, no explanation of how a cable was cut had been offered. Source: http://diamondbar.patch.com/articles/cut-cable-knocks-out-service-to-db-residents

40. February 25, Sarasota Patch – (Florida) Verizon VoIP phone outage resolved. Verizon was working to fix a disruption in its Voice over Internet Protocol phone service that happened February 25, but 9-1-1 calls were not affected, according to the Sarasota County Sheriff’s Office. Customers who use the Internet phone service can still dial 9-1-1 as the call will be routed through a third party system to the sheriff’s office 9-1-1 call center, they said. Verizon was aware of the problem and was working to resolve the outage, according to the sheriff’s office. “According to the Public Safety Communications Center there have not been any issues since midnight and Verizon believes the problem has been resolved,” a spokeswoman for the sheriff’s office said. Source: http://sarasota.patch.com/articles/verizon-experiencing-voip-phone-outages

41. February 24, Orange County Register – (California) Cox home voice mail to be restored by tonight. Cox Communications customers have been without residential voice mail for 4 days, the Orange County Register reported February 24. The company expected the problem to be fixed February 24, a company spokeswoman said. Residential customers in Orange County, San Diego, and Santa Barbara had been unable to get voice mail since February 21, a spokeswoman said. Other phone service, such as call-forwarding, was not affected, she stated. When service is restored, the spokeswoman said all the voice messages received since the outage should also be restored. Source: http://www.ocregister.com/articles/phone-341841-restored-service.html

For another story, see item 38 above in the Information Technology Sector.