Tuesday, April 17, 2012

Complete DHS Daily Report for April 17, 2012

Daily Report

Top Stories

Federal jurors found a St. Louis-area lawyer and religious leader guilty of bilking hundreds of investors out of more than $50 million in a real estate Ponzi scheme.Associated Press See item 15 below in the Banking and Finance Sector

Seven years after hundreds of people died in nursing homes in New Orleans during Hurricane Katrina, nursing homes are still woefully unprepared to protect frail residents in a natural disaster, a new government report found.Associated Press

37. April 16, Associated Press – (National) Report: Nursing homes unprepared for natural disasters. Tornado, hurricane, or flood, nursing homes are woefully unprepared to protect frail residents in a natural disaster, government investigators say. The investigators from the inspector general’s office of the Department of Health and Human Services noted that nearly 7 years after Hurricane Katrina’s devastation of New Orleans exposed the vulnerability of nursing homes, shortcomings persist. “We identified many of the same gaps in nursing home preparedness and response,” they wrote in the report released April 16. “Emergency plans lacked relevant information … Nursing homes faced challenges with unreliable transportation contracts, lack of collaboration with local emergency management, and residents who developed health problems.” Emergency plans required by the government often lack specific steps such as coordinating with local authorities, notifying relatives, or even pinning name tags and medication lists to residents during an evacuation, according to the findings. The report recommended that Medicare and Medicaid add specific emergency planning and training steps to the existing federal requirement that nursing homes have a disaster plan. Many such steps are in nonbinding federal guidelines that investigators found were disregarded. Source: http://www.washingtonpost.com/politics/report-nursing-homes-unprepared-for-natural-disasters/2012/04/15/gIQAhTP7KT_story.html

Two police officers were injured in New York City April 14 when police clashed with anarchists at a local Starbucks in a wild, hours-long spree.DNAinfo.com

57. April 16, DNAinfo.com – (New York) Anarchists attack NYPD, Starbucks in East Village: police. Two police officers were injured April 14 when police clashed with a throng of anarchists, who attacked them with metal pipes and wreaked havoc at a New York City Starbucks in Manhattan during a wild, hours-long spree, police said. Earlier, members of the group, some wearing masks, had attended an anarchist book fair at Judson Memorial Church and then took to the streets around Washington Square Park, marching against traffic and shouting anti-police slogans. According to police, some members of the group of 150 tipped over garbage cans and spray-painted anarchist symbols on nearby businesses. Source: http://www.huffingtonpost.com/2012/04/16/anarchists-attack-nypd-starbucks-east-village_n_1428018.html


Banking and Finance Sector

13. April 15, Naples Daily News – (Florida) FDIC seeks $62 million from operators of failed Florida Community Bank. The former directors of Florida Community Bank (FCB), including its chief executive officer (CEO) and longtime president, face a multimillion-dollar lawsuit brought by the Federal Deposit Insurance Corp. (FDIC), accusing them of being “grossly negligent” and “reckless” in operating the local bank. The FDIC, which became the receiver for the Collier County, Florida-based bank after it failed in January 2010, seeks damages of more than $62 million based primarily on losses from eight loans, which it says violated the bank’s own lending rules. One of those was a personal loan to the ex-CEO of the failed Orion Bank in Naples, Florida, who has pleaded guilty to bank fraud. The other problem loans were risky commercial real estate loans, mostly made to borrowers property acquisition and development. In its lawsuit, the FDIC alleges the bank’s former directors “created an environment in which unsafe and unsound lending practices abounded.” By the end of 2006, FCB had an “extreme concentration” of acquisition and development loans “quadruple that of the average bank in its peer group,” the lawsuit said. The loans were risky because they were to developers, builders, and speculators who often have several projects and whose incomes are tied to changing real estate values. “Each of the defendants caused or permitted loans to be made to borrowers who were known to be or should have been known to be not creditworthy, or who had demonstrated a lack of ability to repay,” the lawsuit states. Source: http://www.naplesnews.com/news/2012/apr/15/fdic-florida-community-bank-jerry-williams-price/

14. April 15, KIMT 3 Mason City – (Iowa) Fire destroys Titonka Savings Bank office. An April 15 fire destroyed the Titonka Savings Bank office in Titonka, Iowa. Although the building has been reduced to rubble, the vault and safety deposit boxes remain unharmed. The cause of the fire is not yet known. No injuries were reported, but a nearby neighborhood was evacuated. The Titonka Fire Department had help from other area fire crews. Source: http://www.kimt.com/content/localnews/story/Fire-Destroys-Titonka-Savings-Bank-Office/TFiqlzJkykOPFehINEzz-w.cspx

15. April 13, Associated Press – (Missouri; International) Missouri lawyer convicted in Ponzi scheme. Federal jurors found a St. Louis-area lawyer and religious leader guilty April 13 of bilking investors out of more than $50 million in a real estate scheme. Prosecutors alleged the man was the “life source” behind the largest Ponzi scheme the eastern district of Missouri has seen. The St. Louis Post-Dispatch reported the fraud, conspiracy, and money laundering convictions against the man capped a 4-week trial in which prosecutors detailed how more than 150 investors were recruited with promises of rich returns through land investments in England. Prosecutors said the money never made it overseas and that more than 30 percent went toward fees. They said the lawyer used the money to fund a lavish lifestyle. Two partners testified against the man as part of plea deals. An assistant U.S. attorney said the three conspired to create the classic Ponzi scheme, where money from new investors was used to pay off old investors over 10 years ending in 2010. Source: http://www.kansascity.com/2012/04/13/3553173/missouri-lawyer-convicted-in-ponzi.html

16. April 13, Gov Info Security – (National) GAO: SEC’s financial information at risk. Government auditors have identified weaknesses in information security controls at the U.S. Securities and Exchange Commission (SEC) that jeopardize the confidentiality and integrity of the SEC’s financial information, Gov Info Security reported April 13. Government Accountability Office (GAO) auditors uncovered four significant deficiencies in the GAO’s review of 2010 and 2011 commission financial statements, including those involving information systems, according to a letter to the SEC chairwoman dated April 13. The GAO found the SEC had not consistently or fully implemented controls for identifying and authenticating users, authorizing access to resources, ensuring that sensitive data are encrypted or auditing actions taken on its systems. The SEC also had failed to install patch updates on its software, exposing it to known vulnerabilities, which could jeopardize data integrity and confidentiality, the auditors wrote. The SEC also did not configure servers supporting key financial applications to use encryption when transmitting data, resulting in increased risk that transmitted data can be intercepted, viewed, and modified. The GAO recommended the SEC create configuration baselines and related guidance to secure systems and monitor system configuration baseline implementation. Auditors also advised the agemcu to develop and implement a comprehensive vulnerability management strategy that includes routine scanning of systems and evaluation of such scanning. Source: http://www.govinfosecurity.com/secs-financial-information-at-risk-a-4679/op-1

17. April 13, Bloomberg – (New York; Virginia; International) Ex-Synergy Brands chief charged in $26 million bank fraud. The former head of Synergy Brands Inc. was charged with a fraud that led to a $26 million loss for New York-based Signature Bank. Synergy’s former chief executive officer (CEO) was arrested April 13 and pleaded not guilty in federal court in Brooklyn, New York. The fraud arose from a check-kiting scheme meant to inflate Synergy’s sales, according to a statement from a U.S. attorney. He defrauded Signature and McLean, Virginia-based Capital One Financial Corp., according to the indictment. Synergy Brands filed a Chapter 7 liquidation petition in January 2011. The petition listed assets of $21.7 million and debt totaling $44.7 million. The CEO kited about $750 million worth of checks not backed by sufficient funds through banks in the United States and Canada, according to the indictment. He had those checks deposited into accounts of associated food makers and distributors in Canada, which then sent checks in corresponding amounts back to Synergy in the United States, prosecutors said. Because the funds were immediately available, they artificially inflated Synergy’s bank balances. Source: http://www.businessweek.com/news/2012-04-13/ex-synergy-brands-chief-charged-in-26-million-bank-fraud

18. April 13, Associated Press – (Pennsylvania) Ex-CEO of Pa. medical billing firm guilty of fraud. The former chief executive of World Health Alternatives medical billing and staffing firm pleaded guilty to securities fraud and tax evasion in a scheme that cost shareholders about $41 million. Federal prosecutors initially claimed the scheme caused a $200 million loss to World Health Alternatives investors, but they agreed to the $41 million figure at his guilty plea April 13 to wire, securities, and records-keeping fraud, payroll and income tax evasion charges. The executive resigned just before the firm filed Chapter 11 in 2005. The charges claimed that he siphoned money from the company, manipulated records to hide $2.3 million in unpaid payroll taxes, and fudged records overstating loans he made to the company as well as financial statements used to fool auditors and shareholders. Source: http://www.businessweek.com/ap/2012-04/D9U472GG0.htm

19. April 13, Infosecurity – (National) Watchdog finds ongoing information security gaps at Federal Reserve banks. The Government Accountability Office (GAO) has identified ongoing information security gaps at Federal Reserve Banks, Infosecurity reported April 13. During previous audits, GAO identified information security gaps affecting internal control over financial reporting at the Federal Reserve Banks, which maintain and operate financial systems on behalf of the Bureau of the Public Debt. While GAO’s audit for fiscal year 2011 did not identify any new security vulnerabilities, it found many existing gaps had not been fixed by the banks, although corrective actions are planned or in progress. “Additional actions are needed to fully address the open information systems control recommendations from our prior years’ audits,” GAO noted. “Until these information systems control deficiencies are fully addressed, there will be an increased risk that internal control deficiencies may exist and remain unidentified and an increased risk of unauthorized access, loss, or disclosure; modification of sensitive data and programs; and disruption of critical operations,” the audit concluded. In response, the Director of the Reserve Bank Operations and Payment Systems said the banks “intend to implement corrective actions for one of the two remaining [gaps] by September 2012 as part of a transition to a new information security program, and complete actions to address the other [gap] in 2013.” Source: http://www.infosecurity-magazine.com/view/25143/

20. April 13, Financial Advisor – (California) California advisor charged with stealing $7.5M. The U.S. Securities and Exchange Commission (SEC) has charged a financial advisor with stealing more than $7.5 million from 11 investors in a Ponzi scheme that targeted members of the Persian-Jewish community in Los Angeles. The SEC alleges the advisor in the past 2 years raised more than $7.5 million from investors who bought into his hedge fund, Neman Financial L.P. He claimed the fund invested in foreclosed residential properties that would be quickly flipped for profit as well as in Facebook shares and other highly anticipated initial public offerings, including Groupon, LinkedIn, and Angie’s List. The SEC claims that essentially all the money he raised was used either to pay existing investors or fund his lavish lifestyle. A federal court in California granted the SEC’s request for a temporary restraining order and asset freeze against the advisor and the entities he controlled. Source: http://www.fa-mag.com/fa-news/10613-california-advisor-charged-with-stealing-over-75-million-in-ponzi-scheme.html

21. April 13, Pasadena Star-News – (New York; National) Pasadena man admits role in insider trading scheme. A former research analyst at the Whittier Trust Co. pleaded guilty April 13 in a New York City federal court to his involvement in an insider trading scheme. He pleaded guilty to one count of conspiracy to commit securities fraud and two counts of securities fraud. The scheme included multiple analysts and portfolio managers at different hedge funds and investment firms and involved inside information about Dell, Inc. and NVIDIA Corporation. Using inside information about Dell, federal officials said the man helped his firm avoid $78,000 in losses, and the firms where his co-conspirators worked earned profits of more than $61.8 million. Authorities said he was part of a group of analysts at different investment firms and hedge funds who obtained inside information directly, or indirectly, from employees at publicly traded companies. The group shared the inside information with each other and also with their hedge fund portfolio managers. Source: http://www.pasadenastarnews.com/ci_20392729/pasadena-man-admits-role-insider-trading-scheme

Information Technology

49. April 16, PC World – (International) Two more Mac trojans discovered. Following the outbreak of the Flashback Mac trojan, security researchers spotted two more cases of Mac OS X malware. Both cases are variants on the same trojan, called SabPub, said a Kaspersky Lab researcher. The first variant is known as Backdoor.OSX.SabPub.a. Like Flashback, this new threat was likely spread through Java exploits on Web sites, and allows for remote control of affected systems. It was created roughly 1 month ago. However, the malware is not a threat to most users. It may have only been used in targeted attacks, the researcher said, with links to malicious Web sites sent via e-mail, and the domain used to fetch instructions for infected Macs has since been shut down. Furthermore, Apple’s security update for Flashback helps render future Java-based attacks harmless. In addition to removing the Flashback malware, the update automatically deactivates the Java browser plug-in and Java Web Start if they remain unused for 35 days. Users must then manually re-enable Java when they encounter applets on a Web page or a Web Start application. Instead of attacking through malicious Web sites, the second SabPub variant uses infected Microsoft Word documents as vector, distributed by e-mail. Like the other SabPub variant, this one was used only in targeted attacks. Source: http://www.computerworld.com/s/article/9226234/Two_More_Mac_Trojans_Discovered

50. April 16, Softpedia – (International) Malicious ‘the Movie’ apps served on Google Play. A number of 29 Android applications found on Google Play (the new Android Market) were identified as being malicious by Symantec. The pieces of malware, identified as Android.Dougalek, pretend to be popular games or games-related videos. First discovered in February, the elements were advertised as recipe apps, diet assistant apps, content management apps, and adult apps. At the end of March, the same cybercriminals were believed to have launched another series of malicious programs, the names of which all end in “the Movie.” Experts reveal that at least 70,000 users may have installed the pieces of software, but the true number of victims may be as high as 300,000. Initial analysis of the malevolent applications showed they mainly target Japanese Android users. Also, it is likely those who started the campaign are the same cybercriminals that spread the malware known as Android.Oneclickfraud. Once installed, the apps request the rights to access personal data and the phone’s identity. While in the foreground it seems as they connect to an external server from which they download the promised videos, but in reality they gather information and send it back to the server. Once the malicious apps are installed, they will appear on the Android device under a different name than the one presented on Google Play. Currently, Google removed the applications from the Play site. Source: http://news.softpedia.com/news/Malicious-The-Movie-Apps-Served-on-Google-Play-264672.shtml

51. April 16, The H – (International) Oracle accidentally release MySQL DoS proof of concept. Oracle accidentally released a MySQL denial-of-service (DoS) proof of concept in the process of fixing the same problem. In March, the company released updates to MySQL, versions 5.5.22 and 5.1.62, which referred in their changes to “Security Fix: Bug #13510739 and Bug #63775 were fixed” with no other details on the problems. It is a common practice to keep secret details of issues that could be used against older versions of software; even the bug reports for 13510739 and 63775 were not yet publicly available. However, as a security researcher found, Oracle also shipped the new MySQL versions with a development script “mysql-test/suite/innodb/t/innodb_bug13510739.test” in the source that appeared to be not only part of the automated testing for MySQL, but also a proof of concept for the flaw that crashes MySQL 5.5.21 and earlier versions. The researcher posted the script on Pastebin; it requires authenticated access and appropriate privileges to be run, which mitigates the problem to a certain degree. Source: http://www.h-online.com/security/news/item/Oracle-accidentally-release-MySQL-DoS-proof-of-concept-1526146.html

52. April 14, Softpedia – (International) Researchers reveal flaws in Microsoft Partner Network Cloud Service. Experts from Vulnerability Lab have been helping Microsoft patch serious vulnerabilities that affected some services. The most important security hole was a persistent script code inject vulnerability found in Microsoft Partner Network Cloud service. To demonstrate their findings, the researchers made a video proof-of-concept that showed how easily an attacker can leverage the persistent script code injection flaws on a Microsoft Cloud aspx service to execute their own malicious code. Microsoft was notified regarding the presence of medium severity flaws in the Company & Mobile Phone Number (Profile) and the Company Name Profile Listing modules February 11. After collaborating with the Microsoft Security Response Center team and after ensuring the issues were addressed, Vulnerability Lab made available the video and a proof-of-concept in text format. Source: http://news.softpedia.com/news/Researchers-Reveal-Flaws-in-Microsoft-Partner-Network-Cloud-Service-264644.shtml

53. April 13, SecurityWeek – (International) Ransomware infects master boot record, Trend Micro finds. Researchers at Trend Micro uncovered a piece of ransomware targeting the master boot record (MBR) to take control of a system. The move is a step beyond typical pieces of ransomware, which usually encrypt files or restricts user access to the infected system. In this case, however, the malware copies the original MBR and overwrites it with its own malicious code. “Right after performing this routine, it automatically restarts the system for the infection to take effect,” a threat response engineer at Trend Micro said. When the system restarts, the users are greeted with a message telling them their PC is now blocked and that they should pay 920 hryvnia (UAH) via the QIWI payment service to a purse number. Once that is done, the attacker promises to hand over a code to unlock the system, the researcher added. Source: http://www.securityweek.com/ransomware-infects-master-boot-record-trend-micro-finds

For more stories, see items 16, 19 and 21 above in the Banking and Finance Sector and 55 below in the Communications Sector

Communications Sector

54. April 16, Pittsburgh Post-Gazette – (Pennsylvania) Power outage knocks local radio stations off air. A power outage in Green Tree, Pennsylvania, caused intermittent broadcasts for a number of CBS local stations the morning of April 16, including KDKA 93.7 FM Pittsburgh. The vice president and CBS Pittsburgh market manager said an electrical panel blew out at the station’s facility in Green Tree. The panel included the circuitry that prompts an automatic switch to generator power. Until the power link could be accessed manually, broadcasts on KDKA, WBZZ 100.7 FM New Kensington, and WDSY 107.9 FM Pittsburgh were mostly off the air. The event was resolved in about 2 hours. KDKA 1020 AM Pittsburgh was not affected. Source: http://old.post-gazette.com/pg/12107/1224644-67.stm

55. April 15, PC World – (National) Google hit with $25K fine, but FCC finds street view data collection not illegal. Google was issued a $25,000 fine by the Federal Communications Commission (FCC) for impeding the agency’s investigation of some of the Internet search leader’s data-gathering practices, PC World reported April 15. At issue is the finding nearly 2 years ago that Google Street View cars were collecting payload data from unprotected Wi-Fi networks via code written for an experimental project. Now, the FCC, which is looking into what happened with the data and why it was gathered, ordered Google to open its checkbook because the company “deliberately impeded and delayed” its investigation, the New York Times reported. Google said it was “profoundly sorry for having mistakenly collected payload data — including personal information such as passwords and emails — from unencrypted networks.” The FCC was initially satisfied with that response, but it said over time Google has repeatedly not responded to requests for information, took the position that searching employees’ e-mails would be burdensome, and would not name the employees involved. Even so, the FCC decided Google’s data collection was not illegal because the information the company gleaned was not encrypted. Source: http://www.cio.com/article/704305/Google_Hit_with_25K_Fine_but_FCC_Finds_Street_View_Data_Collection_Not_Illegal?taxonomyId=3234

For more stories, see items 50 and 52 above in the Information Technology Sector