Thursday, July 5, 2012
Daily Report
Top Stories
• Utility crews struggled to catch up with a
backlog of millions of people without electricity in 8 States for a fourth day
July 2, as authorities feared the toll of 22 storm deaths could rise because of
stifling conditions and generator fumes. – Associated Press
1.
July 3, Associated Press – (National) Nearly
1.4M still without power days after deadly storms. Utility crews struggled
to catch up with a backlog of millions of people without electricity for a
fourth day July 2 as frustration grew and authorities feared the toll of 22
storm deaths could rise because of stifling conditions and generator fumes.
Power was back for more than 1 million customers but lights — and
air-conditioning — were still out for about 1.4 million homes and businesses in
7 States and Washington, D.C. The damage was done by powerful wind storms that
swept from the Midwest to the Mid-Atlantic June 29, toppling trees and branches
into power lines and knocking out big transmission towers and electrical
substations. Utilities were warning that many neighborhoods could remain in the
dark for much of the week of July 2, if not beyond. Utility companies had to
wait days for extra crews traveling from as far away as Quebec and Oklahoma.
Workers found that the toppled trees and power lines often entangled broken
equipment in debris that had to be removed before workers could even get
started. Source: http://www.foxnews.com/us/2012/07/03/utility-crews-making-headway-but-not-fast-enough/
• A new Pacific Gas and Electric report
identified 500 trouble spots on natural gas pipelines of the sort that led to
the 2010 San Bruno, California explosion that killed 8 people and destroyed 38 homes.
– KGO 7 San Francisco
3. July 2,
KGO 7 San Francisco – (California) PG&E identifies 239 pipelines at risk of
failure. A Pacific Gas and Electric (PG&E) report identified 500
trouble spots of the sort that led to the San Bruno, California disaster. It
concerns pipelines that were over-pressurized by the utility company. The
report was filed last March with the Public Utilities Commission, but it did
not come to light until July 2 after a reporter at the San Francisco Chronicle
dug it up. The report identifies 239 gas transmission lines that are at risk of
failure similar to the explosion of Line 132 in San Bruno. The 2010 explosion
killed 8 people and destroyed 38 homes. “It’s important to remember this is
40-something, about 46 miles out of our entire system, so there is 230 lines
that were identified here, but it’s only small segments of those lines. It
could be anywhere from a foot to a few thousand feet,” a PG&E spokesman
said. He said the utility is taking action to test or repair the trouble spots.
A State assemblyman said PG&E hired an outside firm to assess the problem
areas. Source: http://abclocal.go.com/kgo/story?section=news/local&id=8721830
• A former federal immigration services’
contractor at the nation’s largest warehouse for immigration forms was charged
with selling blank forms to a crime ring that procured driver’s licenses and
visas for illegal immigrants and other unauthorized individuals. – Nextgov
33.
July 2, Nextgov – (California;
National) Former DHS contractor nabbed in immigrant form forgery plot. A
former U.S. Citizenship and Immigration Services contract employee at the
Western Forms Center in Montclair, California, — the nation’s largest warehouse
storage facility for immigration forms — was charged with selling blank
official forms to a crime ring that procured driver’s licenses and visas for
illegal immigrants and other unauthorized individuals, Nextgov reported July 2.
Justice Department officials announced June 27 the arrests of the former
“material document handler” and many of the 21 other individuals allegedly
involved in the multistate ploy. “By gaining access to protected, blank
government immigration forms, the subjects in this case were able to utilize
sophisticated computer software to create false identity documents and
subsequently move to receive legitimate driver’s licenses,” the FBI special
agent in charge said. “In doing so, they were able to circumvent established
safeguards and proper vetting put into place post 9/11.” The former contract
employee was charged with conspiracy to steal government property and to
transport and receive stolen property in interstate commerce. Source: http://www.nextgov.com/defense/2012/07/former-dhs-contractor-nabbed-immigrant-form-forgery-plot/56572/?oref=ng-channelriver
• Fairfax County, Virginia’s 9-1-1 emergency
center operated at half capacity July 2, as Verizon struggled to figure out why
both its primary and backup power systems failed after the June 29 storm and
left much of Northern Virginia without 9-1-1 service through the weekend of
June 30. – Washington Post
37. July 2,
Washington Post – (Virginia; Washington, D.C.; Maryland) After storm, 911,
phone service remains spotty. Fairfax County, Virginia’s 9-1-1 emergency
center operated at just half capacity July 2 as Verizon struggled to figure out
why both its primary and backup power systems failed after the June 29 storm
and left much of Northern Virginia without 9-1-1 service through the weekend of
June 30. Callers with medical and safety emergencies caused by high
temperatures, power outages, and downed electric cables received either rapid
busy signals, recorded messages saying the line was inoperative, or dead
silence, even after Verizon’s service was restored, local officials said. Homes
and businesses across Maryland and Virginia lost power the night of June 29 as
one of the most powerful storms in months swept across the Washington, D.C.
region. Verizon’s director of public relations said the loss of power from
primary and backup systems damaged the company’s computer hardware and
software, and caused other mechanical problems in a chain reaction that has
perplexed and alarmed State and local governments. Apart from the 9-1-1 outage,
cell phone service across the Washington, D.C. area remained spotty July 2.
AT&T, Sprint, T-Mobile, and Verizon all reported that they were working to
get generators to sites that have lost power and repairing storm damage as
necessary. Source: http://www.washingtonpost.com/local/after-storm-911-phone-service-remains-spotty/2012/07/02/gJQA33dHJW_story.html?hpid=z1
Details
Banking and Finance Sector
10. July 3,
Associated Press – (Illinois) 4 indicted in alleged mortgage fraud. A
federal grand jury indicted four people in the Chicago area on charges they
fraudulently secured dozens of residential mortgage loans worth $9 million. The
U.S. attorney’s office said in a statement July 2 that the indictments were
part of an ongoing bid to crack down on mortgage fraud in northern Illinois. It
said around 200 defendants have been similarly charged since 2008. The
defendants in the most recent case were charged with bank fraud, mail fraud,
and wire fraud. A realtor, loan originators, and others allegedly submitted
fraudulent loan applications and other documents to land the mortgages.
Lenders’ losses totaled nearly $5 million because of mortgages never fully
recovered. Source: http://www.sfgate.com/news/article/4-indicted-in-alleged-mortgage-fraud-3680534.php
11. July 3,
Reuters – (International) Full Tilt Poker CEO arrested on fraud
charges. The chief of Full Tilt Poker surrendered to authorities July 2 and
pleaded not guilty to charges of illegal gambling and that the online poker
operator defrauded its players. The man had been working at Full Tilt’s Dublin,
Ireland, headquarters, and until July 2 had not returned to the United States
since charges against him were first announced in April 2011. At a hearing in
Manhattan federal court, the company chief pleaded not guilty to nine criminal
counts, including illegal gambling, money laundering, and wire fraud charges.
Online gambling has been illegal in the United States since 2006, the year the
man moved Full Tilt’s operations to Ireland. Since unveiling the case,
prosecutors have expanded both their civil and criminal charges against Full
Tilt. They said it operates as a Ponzi scheme and paid its directors more than
$440 million while defrauding players, even after the charges were filed.
Prosecutors said Full Tilt has taken in about $1 billion from players in the
U.S. They estimated that Full Tilt still owes $350 million to customers in the
U.S. Federal prosecutors in Manhattan have charged 11 people at the 3 biggest
online poker companies: Absolute Poker, Full Tilt Poker, and PokerStars. The
U.S. government also seized their Internet domain names. Source: http://today.msnbc.msn.com/id/48058369/ns/business-us_business/#.T_MbQxee659
12. July 2,
Atlanta Journal-Constitution – (Georgia) Investment adviser
accused of $40 million fraud. An investment adviser who nearly 2 years ago
helped send a lifeline to a struggling south Georgia bank is missing, and
authorities accuse him of a $40 million fraud, the Atlanta Journal-Constitution
reported July 2. In a 22-page letter to investors, the adviser allegedly
admitted he made false statements to conceal losses of $20 million to $23
million. Regulators said he told clients he was investing their money in
traditional stocks, but he also put money into “illiquid” bets including South
American real estate, and shares of Montgomery Bank and Trust. Tens of millions
of dollars were placed into an account at Goldman Sachs, which suffered heavy
losses, the Securities and Exchange Commission (SEC) complaint said. Securities
regulators accuse the adviser of falsifying account data to conceal the losses.
The SEC also said frequent transfers of investor funds were made to the
operating account of one of his companies. The FBI was among the agencies
assisting in the matter. Source: http://www.ajc.com/business/investment-adviser-accused-of-1469306.html
13. July 2,
Reuters – (National) First wave of U.S. ‘living wills’ provides a
blueprint for the industry. U.S. bank holding companies with $250 billion
or more in total nonbank assets and foreign-based bank holding companies with
$250 billion or more in total U.S. nonbank assets were due to submit resolution
plans known as the “living wills” to the Federal Reserve and Federal Deposit
Insurance Corporation (FDIC) July 2. The first wave of submissions included
five of the biggest U.S. banks. Summarized public versions of the resolution
plans were due to be released by July 3. The living wills are intended to
provide road maps for regulators for the orderly unwinding of firms without
spillover effects onto other parts of the economy and without costly bailouts.
The firms will have to provide a detailed account of their business lines and
legal entities, information systems, capital and cash flows, and an analysis
explaining resolution options. The rule will allow the FDIC and the Federal
Reserve to impose various restrictions on capital, leverage, or liquidity of
the firm if the living wills are found to be deficient or non-credible. When
warranted, the regulators will be able to curtail the firm’s operations, and
require divestiture of assets, though the FDIC made clear that this route would
only be taken as a last resort. Source: http://blogs.reuters.com/financial-regulatory-forum/2012/07/02/first-wave-of-u-s-living-wills-provides-a-blueprint-for-the-industry/
14. July 2,
CNET – (International) Microsoft identifies two Zeus botnet crime
ring suspects. Microsoft released the identities of two alleged members of
the Zeus botnet crime ring, which used an estimated 13 million computers
infected with the malware to steal more than $100 million, CNET reported July
2. The botnet operators used the software to show fake or modified Web sites
when victims tried to use real banking sites, log their keystrokes to capture
victims’ identity information, and then use that information to steal money
from victims’ accounts. Microsoft announced it amended a complaint the week of
June 25 to add two individuals as defendants. The pair is already serving time
in the United Kingdom for other Zeus-related convictions, the company said. The
senior attorney with Micorsoft’s digital crimes unit noted that since
simultaneous raids in March, Zeus botnet infections declined by about 50
percent. Source: http://news.cnet.com/8301-1009_3-57465470-83/microsoft-identifies-two-zeus-botnet-crime-ring-suspects/
For another story,
see item 33 above in Top Stories
Information Technology Sector
40. July 3,
Softpedia – (International) Boxer SMS trojan advertised as Firefox for
Android. June 26, Mozilla launched Firefox 14 for devices that run an
Android operating system. In response, cyber criminals started masquerading an
SMS trojan as the popular Web browser. The malicious element, identified as Trojan.AndroidOS.Boxer.d,
is being advertised on many Russian Web sites and comes in various shapes and
sizes, GFI experts said. Previously seen variants of Boxer informed users that
by accepting a set of “rules” they would be charged for sending SMS messages to
premium numbers. However, this version does not give any details regarding its
true purpose. Once the rogue application is installed, the malware activates
and sends an SMS to several numbers. Another difference, compared to older
Boxer variants, is that once the SMS messages are sent, the victim is not
redirected to a Web site from which the legitimate app can be downloaded. Instead,
it simply loads google.com. Researchers believe this may be a tactic to make
users think the application is defective. Users might download and install the
fake software again, allowing Boxer to perform its malicious tasks more than
once. The trojan was spotted posing as other apps as well, not just Firefox.
When Instagram was launched on Google Play, Boxer was advertised as the popular
photo sharing program. Source: http://news.softpedia.com/news/Boxer-SMS-Trojan-Advertised-as-Firefox-for-Android-278863.shtml
41. July 3,
H Security – (International) Source code for the Zemra crimeware bot
released. Source code for the Zemra trojan, which is already being used by
criminals for distributed denial-of-service (DDoS) attacks, is circulating
online. In contrast to the widely distributed Zeus bot, the source for which is
also available online, Zemra is very new. According to security company
Symantec, the trojan has only been available to purchase from underground
forums since May 2012 and malicious parties are using it for the purpose of
extortion. Symantec’s anti-virus solutions have only been able to detect Zemra
for a week. Symantec said the crimeware pack is not currently very widespread.
However, the availability of the source code means this could rapidly change,
since anyone can now modify the bot for their own ends. This is not hard —
Zemra was developed using the C# programming language. The source code should
be comprehensible to anyone with basic programming skills. As well as various
types of DDoS attack, Zemra can also download and run malware from the Web on
command. It can also open a SOCKS proxy on an infected computer, allowing the
bot herder to use the victim’s Internet connection. Zemra is also able to
spread via USB flash drives. Communication between the bot and the PHP-based
command-and-control server (also supplied) is encrypted. Source: http://www.h-online.com/security/news/item/Source-code-for-the-Zemra-crimeware-bot-released-1631420.html
42. July 2,
Infosecurity – (International) Windows 8 has larger attack surface than
Windows 7, researcher warns. The attack surface in Windows 8 is bigger than
in Windows 7 because of new components and changed processes, especially with
the Metro interface, warns a McAfee researcher. “Security risks from rogue
applications and vulnerabilities in applications that interact with the web and
handle user data leave lots of room for exploitation — not to mention
ever-present malware on the desktop”, he explained. At the same time, Windows 8
has additional security features, which include improvements to Windows
anti-malware components, declarative resource access, application vetting via
the Microsoft Store, and restrictive resource access for applications. Source: http://www.infosecurity-magazine.com/view/26727/
43. July 2, Agence France-Presse – (International) ‘Leap
second’ wreaks Internet havoc. An adjustment of a second in the official
global clock sent dozens of Web sites crashing. The “leap second” was added to
the Coordinated Universal Time to adjust clocks to the earth’s rotation the
night of June 30, delaying for 1 second the transition to July 1. The extra
second was too much for some software to handle. Reddit, a social news network,
posted a Twitter message indicating its services were experiencing problems.
Mozilla, the organization behind the Firefox browser, also had issues. The
outages came roughly at the same time as a major storm that knocked out power
to an Amazon data storage site which serves as cloud host for many Web sites,
including Netflix. Some sites such as the social network Foursquare said they
were affected by the Amazon outage. LinkedIn, the professional social network,
said its service was down June 30, without elaborating. Source: http://news.yahoo.com/leap-second-wreaks-internet-havoc-172756529.html
For more stories, see items 14 above in the Banking and Finance Sector and 37 above in Top Stories
Communications Sector
See
items 37 above in Top Stories and 40
and 43 above in the Information Technology Sector
No comments:
Post a Comment