Monday, February 13, 2012

Complete DHS Daily Report for February 13, 2012

Daily Report

Top Stories

• An air freight company will pay a $1 million fine and three employees face conspiracy charges for not screening all air cargo for explosives, in what federal officials say is the largest penalty ever assessed for such intentional violations. – Government Security News (See item 15)

15. February 10, Government Security News – (Indiana; National) Million dollar fine and conspiracy charges at company avoiding cargo screening laws. In what federal authorities say is the largest penalty ever assessed by the Transportation Security Administration (TSA) against a cargo company for intentional security violations, an air freight company will pay a $1 million civil fine and three employees face conspiracy charges. OHL Solutions, Inc., formerly called ActivAir, Inc., agreed to the $1 million fine and other remedial steps for shirking their responsibility to screen cargo destined for passenger aircraft for explosives prior to December 2010, the U.S. Attorney for the Southern District of Indiana said February 8. The charges follow a lengthy TSA investigation. Prosecutors allege that before December 2010, employees working for the New York-based company’s Indianapolis facility engaged in a systemic pattern of record-keeping violations by failing to properly screen 100 percent of air cargo for explosives as required by their security program. Employees are alleged to have continued to certify that air cargo had been screened and later shipped on passenger aircraft. As a result of the TSA investigation, three Indianapolis residents each agreed to plead guilty to charges of conspiracy to commit federal reporting and record-keeping violations. Source: http://www.gsnmagazine.com/node/25618?c=airport_aviation_security

• Anonymous hackers breached the sites of the Alabama Department of Public Safety, the Texas Department of Public Safety, and the Mobile Police Department, and leaked information from their databases. – Softpedia (See item 35)

35. February 10, Softpedia – (Alabama; Texas; International) Hackers breach Alabama and Texas law enforcement sites. As part of their operations against law enforcement agencies, Anonymous hackers breached the sites of the Alabama Department of Public Safety, the Texas Department of Public Safety, and the Mobile Police Department, also based in Alabama, leaking information from their databases, Softpedia reported February 10. DataBreaches summed up the hacks, revealing the hackers managed to obtain tons of sensitive data, but published only enough to prove the sites are vulnerable, making sure no innocent individual suffers. The main hackers were CabinCr3w and w0rmer, but it seems they were assisted by Kahuna in the breach that targeted the Mobile Police Department. The database contained information on offenders such as ID, case number, names, physical descriptions, and other data, but the hackers redacted all the sensitive information. From the public safety departments of Texas and Alabama there was not much data leaked, except for a few database structures, the hackers urging the site’s administrators to patch them up. DataBreaches notified the Mobile Police Department of the hack. Source: http://news.softpedia.com/news/Hackers-Breach-Alabama-and-Texas-Law-Enforcement-Sites-251967.shtml

Details

Banking and Finance Sector

11. February 9, KCRA 3 Sacramento – (California) Prosecutors: Antelope man used 20,000 credit cards. An Antelope, California man was indicted by a federal jury February 9 on suspicion of fraudulently using more than 20,000 credit cards at a small business 40,000 times. The U.S. attorney’s office said the suspect will be charged on 11 counts of wire fraud and money laundering. According to the indictment, the man’s corporation — 24 Hour Corp. — processed nearly $1 million in fraudulent charges. Some of the income was used to buy a residence in Sacramento, the indictment said. If convicted, the man faces up to 20 years behind bars and a $250,000 fine. Source: http://www.kcra.com/news/30422623/detail.html#ixzz1lwo2rgrk

12. February 9, Las Vegas Sun – (Nevada; Arizona) FDIC seeks $86 million from officers of failed Nevada bank. Regulators filed suit February 9 in Las Vegas against four officers of the failed Silver State Bank, demanding more than $86 million in damages for “gross negligence and breaches of fiduciary duty.” The Federal Deposit Insurance Corp. (FDIC) filed suit in a U.S. district court to recover loan losses at Silver State, which failed in 2008 at an estimated cost to the FDIC of more than $550 million. Silver State was known for making aggressive and risky commercial real estate loans that later went into default during the recession. With 17 branches in Nevada and Arizona, it had loans and other assets of $1.887 billion. The lawsuit was filed against the chief executive officer of the bank, an executive vice president heavily involved in real estate lending, a senior vice president and loan officer, and another vice president. It claims the former bank officers were negligent in originating, approving, and administering several unsound real estate loans. Source: http://www.loansafe.org/fdic-seeks-86-million-from-officers-of-failed-nevada-bank

13. February 9, Cleveland Plain Dealer – (Ohio) Pepper Pike financier indicted in Croatian fund swindle. A Pepper Pike, Ohio financier who raised millions of dollars for development in Northeast Ohio fleeced the St. Paul Croatian Federal Credit Union of $16.7 million in fraudulent loans, a federal indictment says. The former leader of the Cleveland International Fund, was charged with 34 counts related to bank fraud in an indictment unsealed February 8. He is one of 19 people charged in one of the largest credit union failures in American history. In the spring of 2010, the National Credit Union Administration liquidated the credit union, which at the time served about 5,400 members with assets of about $239 million. “[The financier] was the single largest recipient of fraudulent loans and significantly contributed” to the credit union’s collapse, the leader of the FBI in Cleveland said. He has been charged with two counts of conspiracy, two counts of bank fraud, one count of bank bribery, 11 counts of money laundering, 17 counts of making false statements to a bank, and one count of making false statements to law enforcement. Authorities said he and others submitted false loan documents to the credit union and many cash payments to the credit union’s chief operating officer. He and others also are accused of providing Park View Federal Savings Bank with fake personal statements that overstated their net worth and failed to disclose their debt to the credit union. Source: http://blog.cleveland.com/metro/2012/02/pepper_pike_financier_a_eddy_z.html

14. February 8, U.S. Department of Justice – (Alabama) U.S. court bars two in Alabama from preparing federal tax returns. A federal court has permanently barred two Montgomery, Alabama accountants from preparing federal tax returns for others, the Justice Department announced February 8. The government complaint alleged the pair, through businesses called Miami Tax, Paul’s Tax Service, and Advance Taxes Inc., prepared tax returns for customers that reported phony business expenses for fictitious businesses, inflated earned income, and falsely claimed dependents to increase refunds based on the earned income tax credit. The complaint also alleged that at least 48 returns the pair prepared for the 2008 tax year contained false claims for the first-time home-buyer tax credit. According to the complaint, the pair’s misconduct has thus far resulted in $1 million of lost tax revenue, plus resources spent by the Internal Revenue Service (IRS) to assess and collect unpaid taxes from the customers. Source: http://www.justice.gov/tax/2012/txdv12177.htm

For another story, see item 40 below in the Information Technology Sector.

Information Technology

38. February 10, Softpedia – (International) MyBB 1.6.6 security release fixes 15 vulnerabilities. The open-source forum script’s developers released the MyBB 1.6.6 security update for the 1.6 series to address 1 major and 14 low-risk issues that may have exposed their customers. A non-critical security hole that was resolved refers to the ability to import a non-CSS stylesheet. Prior to this update, the theme files were not verified to see if they were CSS, the only file types that could be added as a theme. Other low-risk issues included CSRF vulnerabilities on control panel administrator logout, when a stored password was being cleared, when removing a buddy, and while performing Admin CP join requests. Three similar flaws were identified in the administrator control panel while enabling or disabling Group Promotions, while activating a user, and also, avatars could be changed without permissions. Cross-site scripting vulnerabilities are also present in previous variants. They were found to affect users when moving an event in the Calendar, but also in the Akismet plugin, in User CP Forum Subscriptions, Mod CP Moderator Logs, when editing attachments in posts, and in the Mod CP Edit Announcement. Source: http://news.softpedia.com/news/MyBB-1-6-6-Security-Release-Fixes-15-Vulnerabilities-251925.shtml

39. February 9, ZDNet – (International) Patch Tuesday heads-up: 21 vulnerabilities, including ‘critical’ IE bulletin. Microsoft plans to ship 9 security bulletins February 14 with fixes for at least 21 documented flaws in the Windows operating system. February’s Patch Tuesday batch will cover security holes in Microsoft Windows, Microsoft Office, Internet Explorer, and .NET/Silverlight. The Internet Explorer bulletin is rated “critical” and should be considered a high-priority update because of the risk of code execution attacks via drive-by downloads. Source: http://www.zdnet.com/blog/security/patch-tuesday-heads-up-21-vulnerabilities-including-critical-ie-bulletin/10265

40. February 9, Android and Me – (International) Google Wallet hacked again, no root access required this time. On February 9, security firm Zvelo revealed a hack for Google Wallet that exposed a user’s PIN. The vulnerability only affected rooted phones, according to Google. Now, however, a second hack was posted online that works on non-rooted devices and requires no special hacking skills. All someone has to do to access a user’s funds is clear the data in app settings, which will force Google Wallet to prompt them to enter a new PIN. Once the new PIN has been entered, they can add a Google Prepaid Card that is tied to the device and access any available funds. Source: http://androidandme.com/2012/02/applications/google-wallet-hacked-again-no-root-access-required-this-time/

41. February 9, Threatpost – (International) Google: Bug bounty program has made users safer. In the 15 months since Google began offering rewards to researchers who report vulnerabilities in its Web applications, the company paid out more than $400,000 in bug bounties. As such, the company is counting the program as a huge success. Google’s reward program was not the first of its kind, but because of the scope of it and the reach of the company, it attracted much attention in the community and a lot of submissions. In the first week of the program, Google received more than 40 legitimate submissions, which only went up since then. In total, Google has taken in more than 1,100 bug reports, of which 730 qualified for a reward of some kind. Source: http://threatpost.com/en_us/blogs/google-bug-bounty-program-has-made-users-safer-020912

42. February 9, InformationWeek – (International) DDoS tools flourish, give attackers many options. According to a research analyst at Arbor Networks, there is now a thriving distributed denial of service (DDoS) tool and botnet ecosystem that includes single user flooding tools, small host booters, shell booters, remote access Trojans (RATs) with flooding capabilities, simple DDoS bots, complex DDoS bots, and some commercial DDoS services. Many types of threats can be blended into any given tool to make the tool more attractive and financially lucrative for whoever is renting out the DDoS capabilities. The researcher recently counted 55 different DDoS tools, which are just a fraction of what is publicly and commercially available. Some are more dangerous than others. For example, Fg Power DDOSER is designed to flood a gaming competitor with packets, slowing connection speed or knocking them offline, although the DDoS toolkit also includes a Firefox password stealer, he said. Another simple tool, Silent-DDoSer, can launch UDP, SYN, and HTTP attacks, and also offers “triple-DES and RC4 encryption, IPv6 capabilities, and password-stealing functions,” he said. At the other end of the spectrum, there are many complex DDoS toolkits and related bots, and typically also Web-based command-and-control interfaces. These toolkits sport names such as Darkness/Optima, DeDal, Dirt Jumper, G-Bot, and Russian Armageddon. Finally, services such as Death DDoS Service and Totoro offer commercial DDoS options, meaning that rather than running the tools themselves, attackers can outsource the job. Source: http://www.informationweek.com/news/security/attacks/232600497

For another story, see item 35 above in Top Stories.

Communications Sector

43. February 9, KTSM 9 El Paso – (Texas) Power restored after outage knocks KTSM, radio stations off air. Power was restored at 11:36 a.m. February 9 after a power outage just before 10 a.m. knocked out KTSM 9 El Paso, its sister station KDBC, and several local radio stations off of the air in El Paso, Texas. The outage, according to an El Paso Electric spokesperson, was due to a malfunction in equipment at the Sunset substation. About 900 customers were affected, most of them near downtown El Paso. Source: http://www.ktsm.com/el-paso-electric/power-restored-after-outage-knocks-ktsm-radio-stations-off-air

44. February 9, KAPP 35 Yakima – (Washington) Charter Communications service restored. Thousands of Charter Communications customers in Washington state have had their service restored after vandalism caused a service interruption to cable TV, Internet, and phone services February 9. A vandal believed to be looking for copper wiring cut a fiber optic line the morning of February 9 disrupting Charter Communications service to thousands of customers in the Pasco, Walla Walla, and Ellensburg areas. A spokesman for Charter Communications said a utility box was broken into near the Blue Bridge sometime around 10 a.m. and crews noticed a fiber optic line had been cut and removed. Source: http://www.kapptv.com/article/2012/feb/09/vandalism-disrupts-charter-communication-service/

45. February 9, Charleston Post and Courier – (South Carolina) About 5,000 Comcast customers lost cable service Wednesday. About 5,000 Comcast cable television customers went without service for most of February 8 after an equipment malfunction, a spokesman for the company said February 9. The outage began the evening of February 7 and lasted until the night of February 8. It mainly affected customers in Mount Pleasant, a Comcast spokesman said. Service was fully restored late February 8, he said. Source: http://www.postandcourier.com/news/2012/feb/09/about-5000-comcast-customers-lost-cable-service-we/

46. February 9, WSLS 10 Roanoke – (Virginia) Halifax County phone outage hits 2,000. Halifax County Emergency Services (HCES) said a phone outage that impacted more than 2,000 people in the Clover, Virginia area February 9 had their phone services restored around 3 a.m., February 10. The HCES reported late February 9 that the outage people in Clover, and those with the phone number prefix “454.” During the outage, county officials asked people with an emergency to call 911 with a cell phone. Source: http://www2.godanriver.com/news/2012/feb/09/halifax-county-phone-outage-hits-2000-ar-1677728/

47. February 9, IDG News Service – (National) Business owner sentenced for E-Rate fraud. The former owner of two Illinois technology companies was sentenced February 9 to serve 30 months in prison for participating in a conspiracy to defraud a Federal Communications Commission (FCC) program to help schools and libraries in poor areas connect to the Internet, the U.S. Department of Justice (DOJ) said. The former owner of Global Networking Technologies and Computer Training Associates conspired to provide bribes and kickbacks to school officials and employees responsible for procuring bids for Internet access services under the federal E-Rate program, the DOJ said. School districts in Arkansas, Florida, Illinois and Louisiana were affected. In return for bribes and kickbacks, school officials ceded control of the competitive bidding process to the woman and a co-conspirator, allowing them to ensure E-Rate contracts at these schools were awarded to their companies, the DOJ said. The conspiracy lasted from December 2001 to September 2005. An ongoing investigation into fraud and anti-competitive conduct in the E-Rate program by the DOJ’s Antitrust Division has led to seven companies and 24 people either pleading guilty, being convicted at trial, or entering into civil settlements. The defendants havebeen sentenced to pay fines and restitution of more than $40 million. Source: http://www.computerworld.com/s/article/9224127/Business_owner_sentenced_for_ERate_fraud?taxonomyId=17

For another story, see item 40 above in the Information Technology Sector.

No comments: