Tuesday, February 14, 2012

Complete DHS Daily Report for February 14, 2012

Daily Report

Top Stories

• A Utah man, who police said threatened to assassinate the governor of Utah and was captured with a truck full of weapons as he conducted surveillance on the governor’s mansion while the governor was home, is facing multiple felony charges. – Associated Press (See item 35)

35. February 12, Associated Press – (Utah) Man charged in assassination plot of Utah governor. A Utah man who police said threatened to assassinate the governor of Utah and conducted surveillance on the governor’s mansion is facing multiple felony charges, the Associated Press reported February 12. The suspect was charged February 10 in Salt Lake City with felony counts of drug and weapons possession, along with a misdemeanor count of threatening elected officials. The man sent text messages to a friend February 2 stating that he was in the bushes and intended to kill the governor, court records said. The recipient of the texts reported the messages to police, and the suspect was arrested the same day. The texts also included a threat to kill a police officer who had driven past the mansion more than once during the suspect’s period of surveillance. Police also said the governor was at home during the time the man was conducting surveillance and was removed from the premises for safety reasons. Investigators enlisted the help of the message recipient to get him to come to a nearby gas station, where he was arrested. Police found containers of ammunition, a large knife, explosives, illegal fireworks, and small plastic bags of methamphetamine in the suspect’s truck. Security camera video from the area around the mansion also showed him conducting his surveillance. Source: http://www.huffingtonpost.com/2012/02/13/gary-herbert-utah-governor-assassination-brian-biff-baker_n_1272870.html?1329141901&ncid=edlinkusaolp00000008

• Digital Assurance warned mobile communications operating over radio systems such as GSM, WiMax, and DECT are likely to become more heavily targeted as Software Defined Radio (SDR) technology becomes cheaper and more widely available. – Help Net Security. See item 45 below in the Communications Sector.

Details

Banking and Finance Sector

9. February 13, New York Post – (New York; International) B’klyn credit-card ‘fraud factory’. FBI agents arrested a group that allegedly operated a fraud ring out of a luxury high-rise condo in Brooklyn, New York, the New York Post reported February 13. FBI agents were tipped by an informant that the leader of the ring was allegedly using ICQ, a European instant-messaging service, to obtain stolen credit-card numbers during chats with contacts in Russia, officials said. During the course of an ID-theft probe that began more than a year ago, investigators intercepted e-mails sent by the man that contained numbers for more than 100 credit cards, according to a FBI report. The ringleader bought “numerous specialty printers,” used to emboss numbers and other encoded information on plastic credit-card blanks and create counterfeits, the feds said. He and several accomplices used the cards to make purchases and later sold the goods for cash, officials said. So far, American Express alone says it has identified more than $500,000 in losses from cardholders in multiple states who are directly connected to the fraud scheme — and the totals are expected to grow considerably, the feds said. Source: http://www.nypost.com/p/news/local/brooklyn/klyn_credit_card_fraud_factory_Mx4LbVSdoUw2ESRAX7LsqO

10. February 13, Bloomberg – (National) Ex-Bear Stearns managers to pay $1.05 million in SEC suit. Two former Bear Stearns Cos. hedge-fund managers, acquitted in 2009 of criminal charges they misled investors, agreed February 13 to pay $1.05 million to settle a related civil case brought by the U.S. Securities and Exchange Commission (SEC). One manager agreed to pay $800,000 and accept a 3-year ban from the securities industry, and the other agreed to pay $250,000 and to a 2-year ban, an SEC attorney told a federal judge in Brooklyn, New York. In November 2009, a jury found the men not guilty of conspiracy and securities and wire fraud in the first criminal trial stemming from a federal probe of the collapse of the subprime-mortgage market. The government said investors lost $1.6 billion. Source: http://www.bloomberg.com/news/2012-02-13/ex-bear-stearns-managers-cioffi-tannin-to-pay-1-05-million-in-sec-suit.html

11. February 11, KFMB 8 San Diego – (California) ‘Insistent Bandit’ tied to robberies at 4 local banks. Authorities are asking for help identifying a serial bank robber they have dubbed the “Insistent Bandit,” KFMB 8 San Diego reported February 11. The suspect held up a US Bank in Santee, California, February 10. He showed the teller he had a gun tucked into his waistband and demanded cash. The FBI believes the same man is responsible for three other bank robberies in Santee and San Diego since mid-January. Source: http://www.cbs8.com/story/16915210/insistent-bandit-tied-to-robberies-at-4-local-banks

12. February 10, U.S. Department of Justice – (Texas) Former IRS employee from Texas sentenced to nearly nine years in prison on theft of government property and aggravsted identity theft convictions. A former Internal Revenue Service (IRS) employee was sentenced February 9 by a U.S. district judge in Dallas to 105 months in prison and ordered to pay $30,649 in restitution following his guilty plea to one count of theft of government property, and one count of aggravated identity theft, the Justice Department announced February 10. The defendant was a former IRS employee who used his inside knowledge of IRS operations to commit his crime. He admitted that within a 2-day period, April 15, 2006 to April 17, 2006, he filed or caused to be filed 29 fraudulent 2005 individual income tax returns. Each federal income tax return claimed a refund of between $215,801 and $473,832. He admitted the refunds claimed by all 29 tax returns totaled $7,922,657. He admitted the tax returns were prepared without the authorization of the 58 taxpayers listed on thems. All of the returns directed the IRS to pay the money to one of the man’s bank accounts. According to the factual resume filed in the case, the IRS paid out seven refunds totaling $1,865,401 between May 12, 2006 and May 19, 2006. Source: http://www.justice.gov/tax/2012/txdv12193.htm

13. February 9, Bloomberg – (New York) Great Atlantic Group president found guilty in Ponzi scheme. The president of Great Atlantic Group Inc., a Staten Island, New York-based real estate consulting firm, was convicted February 9 of running a Ponzi scheme that cost investors more than $14 million. Prosecutors told jurors he solicited money by falsely claiming he would invest client money in real estate projects, including a warehouse and golf course in upstate New York. The jurors found the man guilty of securities fraud, wire fraud, and money laundering, a U.S. attorney said in a statement. The defendant used investor money to pay his mortgage, make payments on a Porsche, and cover other expenses, the attorney said. He took in more than $14 million from January 2007 to December 2010, telling investors he would provide a fixed rate of return, she said. He faces as much as 25 years in prison when sentenced. Source: http://www.bloomberg.com/news/2012-02-09/great-atlantic-group-president-found-guilty-in-ponzi-scheme-1-.html

For another story, see item 43 below in the Information Technology Sector.

Information Technology

41. February 13, Softpedia – (International) Daemon Tools collects image file details, even without permission. The latest variant of the Daemon Tools software comes with a service that monitors the user’s activity and records data such as the .iso file’s details. According to Within Windows, MountSpace, which is designed to keep track of user statistics, sends the device’s IP address along with other information, even identifying if the customer is new. Daemon Tools’ privacy policy does not mention anything about collecting data and MountSpace does not have a policy. Their official site only displays general guidelines, but nothing specific regarding monitoring or tracking. While MountSpace is an optional service that theoretically can be disabled during the installation process of Daemon Tools, in reality, even if users chose not to install it, it is not turned off. The data received or sent is stored in a folder found in AppData\Daemon Tools\ImageInfoCache. Experts suggest there is a workaround that can be implemented to make sure MountSpace does not violate privacy. By blocking the IPs 212.117.184.51 and 212.117.185.149 in the operating system’s firewall, the service is prevented from connecting to the server. Source: http://news.softpedia.com/news/Daemon-Tools-Collects-Image-File-Details-Even-Without-Permission-252393.shtml

42. February 13, H Security – (International) Mozilla closes critical security hole in Firefox, Thunderbird and Seamonkey. Mozilla released Firefox 10.0.1, Firefox ESR 10.0.1, Thunderbird 10.0.1, Thunderbird ESR 10.0.1, and SeaMonkey 2.7.1 to fix a single critical security hole in the browsers and mail clients that appeared in version 10. The security advisory said versions previous to Firefox 10, Thunderbird 10, and Seamonkey 2.7 are unaffected by the use after free problem. The problem was discovered by Mozilla developers and causes a “potentially exploitable” crash in nsXBLDocumentInfo::ReadPrototypeBindings. Source: http://www.h-online.com/security/news/item/Mozilla-closes-critical-security-hole-in-Firefox-Thunderbird-and-Seamonkey-1433248.html

43. February 13, H Security – (International) Valve: Hackers may have gained access to Steam transactions. Valve Software confirmed unknown intruders that gained access to the database for its Steam game distribution platform in an attack late in 2011 may have obtained a copy of a backup file of customer transactions. In a news post, Valve’s co-founder and managing director said the backup file included transactions from between 2004 and 2008, adding it contained user names and e-mail addresses, as well as encrypted billing addresses, and credit card information. However, this data did not include Steam account passwords, which were reportedly not accessed. He went on to note Valve has no evidence the credit card numbers and billing details were compromised, but again advises users to carefully watch their credit card activity and statements as a precaution. The company is still investigating the intrusion and is working with law enforcement authorities. Source: http://www.h-online.com/security/news/item/Valve-hackers-may-have-gained-access-to-Steam-transactions-1433423.html

44. February 10, IDG News Service – (International) Google expands its vulnerability reward programs to cover Chromium OS. Google decided to expand the scope of its Chromium security rewards program to also reward researchers who discover high-severity vulnerabilities in Chromium OS, a Linux-based OS built around the browser. This is an important decision for the company, because Chromium OS has a large code base and much of it was borrowed from Linux and other open source projects. This means the likelihood of vulnerabilities being discovered in the entire OS is significantly higher for the Chromium browser. Source: http://www.computerworld.com/s/article/9224175/Google_expands_its_vulnerability_reward_programs_to_cover_Chromium_OS?taxonomyId=17

For another story, see item 45 below in the Communications Sector.

Communications Sector

45. February 13, Help Net Security – (International) Mobile hacks to increase with SDR adoption. Digital Assurance warned that mobile communications operating over radio systems such as GSM, WiMax, and DECT are likely to become more heavily targeted as Software Defined Radio (SDR) technology becomes more sophisticated, cheaper, and more widely available, Help Net Security reported February 13. Those attempting to compromise wireless communications systems in the past used expensive equipment coupled with advanced signal analysis skills. In contrast, SDR devices typically use a standard PC to capture and manipulate radio spectrum potentially allowing an attacker to capture and demodulate advanced radio systems that were previously inaccessible. SDR uses software rather than hardware circuitry to process the signal and can be used on a far wider scale to eavesdrop, intercept, or disrupt communications over any of today’s mobile networks such as GSM, WiFi, WiMAX, and DECT. SDR can also be used to compromise obscure and insecure radio systems deployed to transmit data between sensor devices and controller units found in many critical systems including traffic lights and matrix boards, air traffic control, railway signal systems, and most distributed process control or SCADA networks. Often these types of critical system use propriety wireless communication devices many of which were not designed with security in mind. Given the attractiveness and diversity of these targets and the rapidly lowering cost of entry, Digital Assurance expects SDR-based hacking to increase dramatically in the foreseeable future. Source: http://www.net-security.org/secworld.php?id=12386

46. February 12, Savannah Morning News – (Georgia) WJCL back on the air. Savannah, Georgia’s ABC affiliate WJCL was back on the air February 12 after more than 24 hours of disrupted service. The operations manager for WJCL/WTGS said February 12 that winds damaged the station’s transmission lines the afternoon of February 11. Source: http://savannahnow.com/latest-news/2012-02-12/wjcl-temporarily-air#.Tzkjr8ghyuI

47. February 10, U.S. Environmental Protection Agency – (National) Settlement with New Cingular Wireless to resolve violations of community right-to-know law. The U.S. Environmental Protection Agency (EPA) February 10 announced an agreement with New Cingular Wireless to resolve violations of the Emergency Planning and Community Right-to-Know Act (EPCRA). New Cingular voluntarily disclosed reporting violations to the EPA, which related to the presence of sulfuric acid, diesel, and lead at 642 cellular facilities in 35 states and Puerto Rico, after performing a comprehensive audit. The settlement concerned violations occurring at legacy Cingular Wireless sites from 2001 to 2003, and at New Cingular sites from October 2004 to 2006, specifically, violations at cellular sites, transmitter sites, switching stations, and warehouses. All of the violations disclosed by the company have been corrected, and the firm has made improvements to its battery inventory, recordkeeping, and management systems to prevent the reoccurrence of these violations. Under the settlement, New Cingular will pay a civil penalty of $125,728. Source: http://yosemite.epa.gov/opa/admpress.nsf/0/5619b8760cf44c10852579a00069af2f?OpenDocument

No comments: