Tuesday, May 29, 2012

Complete DHS Daily Report for May 29, 2012

Daily Report

Top Stories

Canadian authorities seized almost $1 million in phony U.S. currency and arrested at least four people they believe ran a counterfeiting ring that distributed fake money in many U.S. cities and several other countries. – Canadian Press See item 11 below in the Banking and Finance Sector

• Pertussis outbreaks in several U.S. States continued to keep health officials busy offering vaccination advice to try and stem the surge. – Center for Infectious Disease Research and Policy

33. May 23, Center for Infectious Disease Research and Policy – (National) Wisconsin reports pertussis surge as U.S. outbreaks continue. Pertussis outbreaks in several U.S. States continued to keep health officials busy offering vaccination advice, according to a news release issued May 23 by the Center for Infectious Disease Research and Policy. A moderator for ProMED mail, the online reporting system of the International Society for Infectious Diseases, commented the current rash of outbreaks probably has multiple causes, including vaccine exemptions, “general undervaccination,” and waning vaccine-induced immunity. The moderator cited studies by Dutch and Australian researchers that revealed antigenic changes in circulating strains of Bordetella pertussis, which may be contributing to a worldwide increase in cases. A New Mexico Department of Health epidemiologist told the Associated Press the vaccine is “the best protection we have against pertussis, but it’s probably somewhere in the neighborhood of 80 to 85 percent effective.” Source: http://www.cidrap.umn.edu/cidrap/content/other/news/may2312pertussis.html

• A Kentucky jail increased security around its perimeter after four inmates escaped in the last 6 months — including two the week of May 14 — by digging a hole and crawling out under the fence. – Associated Press

33. May 23, Center for Infectious Disease Research and Policy – (National) Wisconsin reports pertussis surge as U.S. outbreaks continue. Pertussis outbreaks in several U.S. States continued to keep health officials busy offering vaccination advice, according to a news release issued May 23 by the Center for Infectious Disease Research and Policy. A moderator for ProMED mail, the online reporting system of the International Society for Infectious Diseases, commented the current rash of outbreaks probably has multiple causes, including vaccine exemptions, “general undervaccination,” and waning vaccine-induced immunity. The moderator cited studies by Dutch and Australian researchers that revealed antigenic changes in circulating strains of Bordetella pertussis, which may be contributing to a worldwide increase in cases. A New Mexico Department of Health epidemiologist told the Associated Press the vaccine is “the best protection we have against pertussis, but it’s probably somewhere in the neighborhood of 80 to 85 percent effective.” Source: http://www.cidrap.umn.edu/cidrap/content/other/news/may2312pertussis.html

• More than 95 percent of over 600 SAP systems used by global companies, governments, and defense agencies that were tested by security firm Onapsis were vulnerable to espionage, sabotage, and fraud. The main reason: Patches were not applied. – IDG News Service See item 46 below in the Information Technology Sector

• A flashlight rigged with explosives went off May 24 slightly injuring two employees inside a Salvation Army distribution center in south-central Phoenix, authorities said. Phoenix police suggested the incident may be linked to two other recent flashlight bomb cases in Glendale, Arizona. – KTAR 620 AM Phoenix

55. May 24, KTAR 620 AM Phoenix – (Arizona) Flashlight explosive goes off at Phoenix building. A flashlight rigged with explosives went off May 24 inside a Salvation Army distribution center in south-central Phoenix, slightly injuring two employees, authorities said. Phoenix police said preliminary evidence suggested the incident is linked to two other recent cases in Glendale, Arizona, in which someone left flashlights packed with explosives in open areas of the city. The Salvation Army distribution center and nearby area were evacuated as a precaution and police brought in a bomb squad to investigate the explosion. Agents from the federal Bureau of Alcohol, Tobacco, Firearms and Explosives responded to the scene, as they did to the Glendale incidents. Source: http://ktar.com/6/1546702/Small-bomb-goes-off-in-Phoenix-Salvation-Army-distribution-center

Details

Banking and Finance Sector

9. May 25, U.S. Securities and Exchange Commission – (New York) SEC halts fraudulent investment scheme by New York-based fund manager. The U.S. Securities and Exchange Commission (SEC) May 25 announced charges against a New York-based fund manager and his two firms for luring investors into a trading program that would purportedly maximize their profits but instead spent their money in unauthorized ways. The SEC alleges that since at least November 2011, the fund manager and his firms raised about $11 million by selling investors limited partnership interests in Absolute Fund LP, an investment vehicle the manager claimed had $220 million in trading capital. He and his firms falsely claimed Absolute Fund would allocate millions of dollars in matching investment funds, place the combined funds in brokerage accounts through which investors could trade securities, and operate a “first loss” trading program that would allow investors to dramatically increase potential profits. However, the SEC alleged instead of using investor funds for trading purposes, the manager and his firms Absolute Fund Advisors (AFA) and Absolute Fund Management (AFM) siphoned off about $2 million of the proceeds to pay redemptions from earlier investors and to pay their personal and business expenses. The SEC obtained an asset freeze against the manager and his companies May 24 in a New York City federal court. Source: http://www.sec.gov/news/press/2012/2012-103.htm

10. May 25, Wilkes-Barre Citizens’ Voice – (Pennsylvania) Grandfather charged in bank heists. Investigators said a man turned to robbing banks as a way to climb out of the family’s growing financial burden. May 24, State police in Pennsylvania charged the man in connection with three bank robberies since November 22, 2011 — Luzerne Bank in Dallas Township, First Liberty Bank and Trust in Monroe Township, Wyoming County, and PNC Bank in Mocanaqua. Authorities said the man robbed the Luzerne Bank in Dallas Township armed with balloons he claimed were filled with acid but really contained ammonia. He told investigators he used a pellet gun in the next two robberies because the balloon method “did not work so well,” according to arrest papers. He has been in custody since his arrest May 4 when he crashed his motorcycle fleeing the PNC Bank hold up in Mocanaqua. State police at Wyoming consolidated all three cases into one criminal complaint filed May 24. He was charged with multiple counts of robbery and theft. Source: http://citizensvoice.com/news/grandfather-charged-in-bank-heists-1.1320065

11. May 24, Canadian Press – (International) Police say almost $1 million in fake bills seized in raids in Quebec. Authorities seized almost $1 million in phony U.S. currency as sweeping raids were carried out at six locations in Quebec, Canada, the week of May 21. The Royal Canadian Mounted Police (RCMP) said the investigation involved the U.S. Secret Service, the RCMP, and Surete du Quebec. They said four arrests were made, and the raids made May 23 in the Trois-Rivieres and Drummondville areas dismantled a crime group able to produce millions of dollars in fake currency. “The RCMP alleges that the counterfeiting ring had the capability to produce very high quality counterfeit bank notes that were basically undetectable to the naked eye,” the Mounties said in a release. “Not only is this alleged ring believed to have distributed large amounts of counterfeit bank notes in Quebec, but similar bank notes have also been traced by the U.S. Secret Service in several U.S. cities and in other countries.” Police said they seized $949,000 in phony U.S. $20 bank notes. They said they also uncovered a laboratory mainly used to add finishing touches to counterfeit notes like serial numbers and holographic features. The RCMP release said the fake notes were printed using an offset press with non-sequential serial numbers, which police called “rather uncommon” for a counterfeit operation. RCMP said one suspect faces charges of production, possession, and distribution of counterfeit currency. Police said the other three suspects arrested could face prosecution in Canada or the United States. Source: http://www.brandonsun.com/national/breaking-news/police-say-almost-1-million-in-fake-bills-seized-in-raids-in-quebec-153787035.html?thx=y

12. May 24, U.S. Department of Justice – (Florida) Final defendant convicted in mortgage fraud scheme. A Florida jury May 23 convicted a man on one count of wire fraud for his role in an elaborate mortgage-fraud scheme that spanned from Miami to Panama City. Four co-defendants previously pleaded guilty in the case and testified against the man. Evidence revealed the man touted himself as a real-estate investor with a Miami investment company Right Choice Housing, LLC. In mid-2005, the man traveled to Panama City Beach and walked into a real-estate company and said he wanted to buy five properties in Panama City and Panama City Beach. The meeting kicked off an 8 month, mortgage-fraud spree involving 10 properties. For many properties, the man, through his realtor, also convinced the sellers to agree to loan him money from the proceeds they were to make from the sale. Then the man and his accomplices located “straw buyers” in the Miami area to give their credit information in exchange for between $10,000 and $30,000. The defendants used the difference between the lower and higher sales prices to cover the straw buyer’s required down payment. Over $1.2 million of the remainder was then wired to the man or companies owned by him, such as Gold by Gold and Bates Enterprises. In total, lenders gave more than $9 million in mortgages to purchase nine properties in Panama City and Panama City Beach. By the end of 2006, all of the mortgages were in default, and all of the properties have since been foreclosed on. Source: http://www.wmbb.com/story/18617606/final-defendant-convicted-in-mortgage-fraud-scheme

13. May 24, Federal Bureau of Investigation – (California) Sunnyvale attorney convicted of investment fraud. A Sunnyvale, California attorney was convicted by a federal jury May 23 of conspiracy to commit mail and wire fraud and multiple counts of mail and wire fraud, a U.S. attorney announced. The jury found the man conspired with his business partners to commit fraud on investors in private-money lender JSW Financial Inc. Evidence at trial showed the man and his co-conspirators used funds obtained from investors to arrange and service private money loans to borrowers who built single-family homes. JSW offered investors the opportunity to invest in fractional interests in these loans and in two investment funds: the Blue Chip Realty Fund LLC (Blue Chip) and Shoreline Investment Fund LLC (Shoreline). JSW told Blue Chip and Shoreline investors their investments would be secured by deeds of trust on real property. The evidence at trial, however, showed that those representations were false: JSW did not secure the investments in Blue Chip and Shoreline and used Blue Chip and Shoreline money on failed real estate projects and for other purposes such as interest payments and business expenses. Ultimately, Blue Chip and Shoreline investors suffered a multi-million-dollar loss. The jury convicted the man of all 18 counts alleged in the indictment — 1 count of conspiracy to commit mail and wire fraud, 16 counts of mail fraud, and 1 count of wire fraud. Source: http://www.loansafe.org/sunnyvale-attorney-convicted-of-investment-fraud

14. May 24, U.S. Department of the Treasury – (National) SIGTARP, CFPB, and Treasury issue a fraud alert to the Armed Services community to combat HAMP mortgage modification scams. The Office of the Special Inspector General for the Troubled Asset Relief Program (SIGTARP), the Consumer Financial Protection Bureau (CFPB), and the U.S. Department of the Treasury (Treasury) May 24 issued a fraud alert to the Armed Services community to combat scams targeted at homeowners seeking to apply for mortgage assistance through the Home Affordable Modification Program (HAMP) and other federal programs. Many of these scams are specifically targeting members of the Armed Services community. The fraud alert is designed to raise awareness of the scams and provides a list of resources available for more information and for assistance with mortgage-related questions and how to report fraud. Hallmarks of HAMP mortgage-modification scams include: the unofficial use of official program names or logos of government agencies, non-profit organizations, and/or lenders; the advertising of a very high success rate in achieving modifications; and the guarantee of a successful modification in exchange for an upfront fee. Source: http://www.treasury.gov/press-center/press-releases/Pages/tg1592.aspx

Information Technology

43. May 25, IDG News Service – (International) Untethered jailbreak for iOS 5.1.1 available for download. Absinthe 2.0, the jailbreak for iOS 5.1.1, is ready and available for download, the Jailbreak Dream Team announced at the Hack in the Box conference in Amsterdam, Netherlands, May 25. Absinthe 2.0 can be used to jailbreak iOS 5.1.1 devices, allowing users to gain root access to the operating system and, for example, download applications not authorized by Apple. Absinthe 2.0 is untethered, which is more desirable than tethered jailbreaks because it allows users to reboot their devices without plugging them into external computers. Untethered jailbreaks also allow devices to remain jailbroken after a reboot. Absinthe 2.0 is the first untethered jailbreak for the third generation iPad, and can also be used for the iPhone 4S, 4, and 3GS, the iPad 2 and 1, and the iPod Touch. It is available for download at the team’s Web site. Absinthe 2.0 only works with devices that run iOS 5.1.1. Source: http://www.computerworld.com/s/article/9227495/Untethered_jailbreak_for_iOS_5.1.1_available_for_download

44. May 25, Military Times – (International) 123,000 Thrift Savings Plan accounts hacked. Social Security numbers and other personal data for 123,000 Thrift Savings Plan (TSP) account holders were stolen from a contractor’s computer in 2011, a TSP spokeswoman said May 25. Names, addresses, and financial account and routing numbers of some accounts were also compromised. A spokeswoman for the Federal Retirement Thrift Investment Board, which manages the TSP program, said the hacking incident targeted a computer operated by contractor Serco Inc., which provides record-keeping services for 4.5 million federal employees, service members, and beneficiaries with TSP accounts. “It was a sophisticated attack that overcame the defenses [Serco] had in place,” the spokeswoman said. She aid both TSP and Serco have enhanced their cybersecurity. “We have monitored our TSP accounts, [and] we have no reason to believe that the data was misused in any way.” The attack occurred in July 2011, but the Federal Retirement Thrift Investment Board and Serco were not aware of it until they were notified in April 2012 by the FBI, the spokeswoman said. The infected computer was immediately shut down and the security of all TSP and Serco systems was reviewed. Source: http://www.militarytimes.com/news/2012/05/federal-tsp-accounts-hacked-last-year-052512/

45. May 24, V3.co.uk – (International) Oracle slammed for outdated approach to Java security. Oracle has fallen dangerously behind the times with security policies and practices it utilizes on its Java platform, said a Kaspersky Lab researcher. The senior antivirus researcher told V3.co.uk Oracle has not kept pace with security advances made by other companies in recent years. According to figures from Kaspersky, Java remains a top target for malware writers and cyber criminals. Along with Adobe Reader and Flash, Java vulnerabilities are the most popular for online exploits that lead to malware infections. Adobe has extended the security protections on Reader and Flash. Oracle, however, has only recently installed basic security measures, the researcher said. While Java’s maker was singled out for its practices, Oracle is far from the only vendor the researcher sees ignoring security issues. Source: http://www.v3.co.uk/v3-uk/news/2179375/researcher-needles-oracle-java-security

46. May 24, IDG News Service – (International) Security researcher urges IT to keep up with SAP patches. More than 95 percent of over 600 SAP systems tested by security firm Onapsis were vulnerable to espionage, sabotage, and fraud, mainly because patches were not applied, according to a security researcher. Attackers targeting SAP platforms do not need access credentials to perform these attacks, said the CTO of Onapsis, a consulting firm focused on ERP systems and business-critical infrastructure. The researcher made his remarks at the Hack in the Box conference in Amsterdam, Netherlands, May 24. Global companies, governments, and defense agencies use SAP to manage common tasks like financial planning, managing payrolls, and logistics, he said. If SAP platforms are breached, intruders are able to access customer data, paralyze the company by shutting down the system, or modify financial information for fraud purposes, he added. Source: http://www.computerworld.com/s/article/9227454/Security_researcher_urges_IT_to_keep_up_with_SAP_patches

47. May 24, IDG News Service – (International) Researchers propose TLS extension to detect rogue SSL certificates. A pair of security researchers proposed an extension to the transport layer security (TLS) protocol that would allow browsers to detect and block fraudulently issued secure socket layer (SSL) certificates. Called TACK, short for Trust Assertions for Certificate Keys, the extension was submitted for consideration to the Internet Engineering Task Force, the body in charge of TLS, May 23. TACK tries to resolve the trust-related problems with the public key infrastructure highlighted in 2011 by security breaches at certificate authorities Comodo and Diginotar. Both of those breaches resulted in SSL certificates for high profile domains being issued fraudulently. Source: http://www.computerworld.com/s/article/9227481/Researchers_propose_TLS_extension_to_detect_rogue_SSL_certificates

For another story, see item 49 below in the Communications Sector

Communications Sector

48. May 25, WEAU 13 Eau Claire – (Wisconsin) Radio tower knocked down in storm. An Eau Claire, Wisconsin radio group was off the air for hours May 24 after a storm destroyed a broadcast tower. The vice president and marketing manager for Clear Channel Radio said the storm brought down the 200-foot tower in the backyard of its studios. The radio group is located west of downtown Eau Claire. The storm knocked out power to the station too, causing all seven channels to go off the air for a time. The vice president expected the stations to resume operations later May 24. Source: http://www.weau.com/home/headlines/Radio_tower_destroyed_in_storm_153849915.html

49. May 24, Naked Security – (National) Comcast users phished by Constant Guard spam lure. Naked Security discovered a new phishing scam targeting customers of Comcast XFINITY cable Internet service. They became aware of the scam after the scammers used a reader’s Gmail address to send the scam to their intended victims. A link in the e-mail points at a TinyURL which redirected victims to a compromised higher education institution Web site in India. Like many other sites that are compromised to host phishing pages, this one appears to have been compromised through vulnerable FrontPage server extensions. The fake page is an identical copy of the real Comcast XFINITY log-in page and includes a fully functional TRUSTe logo which may lend further credibility to the site. Source: http://nakedsecurity.sophos.com/2012/05/24/comcast-users-phished-by-constant-guard-spam-lure/

50. May 24, KESQ 3 Palm Springs – (California) KDES-FM back on-the-air after wind toppled tower. KDES 98.5 FM in Palm Springs, California, was back on-the-air May 24 after high winds toppled their transmission tower on Edom Hill in Cathedral City May 23. The station’s program director said engineers put up a temporary tower May 24 and began transmitting a signal again. He said KDES is looking at getting a more permanent and stronger tower in the future. A classical music station that used the same tower was still off-the-air May 24.KPSC 88.5 FM is owned by the University of Southern California and is a repeater of KUSC 91.5 FM, which broadcasts classical music. Engineers said they were working to set up a temporary transmitter as quickly as possible. Source: http://www.kesq.com/news/KDES-FM-back-on-the-air-after-wind-toppled-tower/-/233092/14145144/-/q61l9g/-/index.html

For another story, see item 43 above in the Information Technology Sector