Thursday, July 5, 2012 

Daily Report

Top Stories
 • Utility crews struggled to catch up with a backlog of millions of people without electricity in 8 States for a fourth day July 2, as authorities feared the toll of 22 storm deaths could rise because of stifling conditions and generator fumes. – Associated Press 

1. July 3, Associated Press – (National) Nearly 1.4M still without power days after deadly storms. Utility crews struggled to catch up with a backlog of millions of people without electricity for a fourth day July 2 as frustration grew and authorities feared the toll of 22 storm deaths could rise because of stifling conditions and generator fumes. Power was back for more than 1 million customers but lights — and air-conditioning — were still out for about 1.4 million homes and businesses in 7 States and Washington, D.C. The damage was done by powerful wind storms that swept from the Midwest to the Mid-Atlantic June 29, toppling trees and branches into power lines and knocking out big transmission towers and electrical substations. Utilities were warning that many neighborhoods could remain in the dark for much of the week of July 2, if not beyond. Utility companies had to wait days for extra crews traveling from as far away as Quebec and Oklahoma. Workers found that the toppled trees and power lines often entangled broken equipment in debris that had to be removed before workers could even get started. Source:

 • A new Pacific Gas and Electric report identified 500 trouble spots on natural gas pipelines of the sort that led to the 2010 San Bruno, California explosion that killed 8 people and destroyed 38 homes. – KGO 7 San Francisco 

3. July 2, KGO 7 San Francisco – (California) PG&E identifies 239 pipelines at risk of failure. A Pacific Gas and Electric (PG&E) report identified 500 trouble spots of the sort that led to the San Bruno, California disaster. It concerns pipelines that were over-pressurized by the utility company. The report was filed last March with the Public Utilities Commission, but it did not come to light until July 2 after a reporter at the San Francisco Chronicle dug it up. The report identifies 239 gas transmission lines that are at risk of failure similar to the explosion of Line 132 in San Bruno. The 2010 explosion killed 8 people and destroyed 38 homes. “It’s important to remember this is 40-something, about 46 miles out of our entire system, so there is 230 lines that were identified here, but it’s only small segments of those lines. It could be anywhere from a foot to a few thousand feet,” a PG&E spokesman said. He said the utility is taking action to test or repair the trouble spots. A State assemblyman said PG&E hired an outside firm to assess the problem areas. Source:

 • A former federal immigration services’ contractor at the nation’s largest warehouse for immigration forms was charged with selling blank forms to a crime ring that procured driver’s licenses and visas for illegal immigrants and other unauthorized individuals. – Nextgov 

33. July 2, Nextgov – (California; National) Former DHS contractor nabbed in immigrant form forgery plot. A former U.S. Citizenship and Immigration Services contract employee at the Western Forms Center in Montclair, California, — the nation’s largest warehouse storage facility for immigration forms — was charged with selling blank official forms to a crime ring that procured driver’s licenses and visas for illegal immigrants and other unauthorized individuals, Nextgov reported July 2. Justice Department officials announced June 27 the arrests of the former “material document handler” and many of the 21 other individuals allegedly involved in the multistate ploy. “By gaining access to protected, blank government immigration forms, the subjects in this case were able to utilize sophisticated computer software to create false identity documents and subsequently move to receive legitimate driver’s licenses,” the FBI special agent in charge said. “In doing so, they were able to circumvent established safeguards and proper vetting put into place post 9/11.” The former contract employee was charged with conspiracy to steal government property and to transport and receive stolen property in interstate commerce. Source:

 • Fairfax County, Virginia’s 9-1-1 emergency center operated at half capacity July 2, as Verizon struggled to figure out why both its primary and backup power systems failed after the June 29 storm and left much of Northern Virginia without 9-1-1 service through the weekend of June 30. – Washington Post 

37. July 2, Washington Post – (Virginia; Washington, D.C.; Maryland) After storm, 911, phone service remains spotty. Fairfax County, Virginia’s 9-1-1 emergency center operated at just half capacity July 2 as Verizon struggled to figure out why both its primary and backup power systems failed after the June 29 storm and left much of Northern Virginia without 9-1-1 service through the weekend of June 30. Callers with medical and safety emergencies caused by high temperatures, power outages, and downed electric cables received either rapid busy signals, recorded messages saying the line was inoperative, or dead silence, even after Verizon’s service was restored, local officials said. Homes and businesses across Maryland and Virginia lost power the night of June 29 as one of the most powerful storms in months swept across the Washington, D.C. region. Verizon’s director of public relations said the loss of power from primary and backup systems damaged the company’s computer hardware and software, and caused other mechanical problems in a chain reaction that has perplexed and alarmed State and local governments. Apart from the 9-1-1 outage, cell phone service across the Washington, D.C. area remained spotty July 2. AT&T, Sprint, T-Mobile, and Verizon all reported that they were working to get generators to sites that have lost power and repairing storm damage as necessary. Source:


Banking and Finance Sector 

10. July 3, Associated Press – (Illinois) 4 indicted in alleged mortgage fraud. A federal grand jury indicted four people in the Chicago area on charges they fraudulently secured dozens of residential mortgage loans worth $9 million. The U.S. attorney’s office said in a statement July 2 that the indictments were part of an ongoing bid to crack down on mortgage fraud in northern Illinois. It said around 200 defendants have been similarly charged since 2008. The defendants in the most recent case were charged with bank fraud, mail fraud, and wire fraud. A realtor, loan originators, and others allegedly submitted fraudulent loan applications and other documents to land the mortgages. Lenders’ losses totaled nearly $5 million because of mortgages never fully recovered. Source:

11. July 3, Reuters – (International) Full Tilt Poker CEO arrested on fraud charges. The chief of Full Tilt Poker surrendered to authorities July 2 and pleaded not guilty to charges of illegal gambling and that the online poker operator defrauded its players. The man had been working at Full Tilt’s Dublin, Ireland, headquarters, and until July 2 had not returned to the United States since charges against him were first announced in April 2011. At a hearing in Manhattan federal court, the company chief pleaded not guilty to nine criminal counts, including illegal gambling, money laundering, and wire fraud charges. Online gambling has been illegal in the United States since 2006, the year the man moved Full Tilt’s operations to Ireland. Since unveiling the case, prosecutors have expanded both their civil and criminal charges against Full Tilt. They said it operates as a Ponzi scheme and paid its directors more than $440 million while defrauding players, even after the charges were filed. Prosecutors said Full Tilt has taken in about $1 billion from players in the U.S. They estimated that Full Tilt still owes $350 million to customers in the U.S. Federal prosecutors in Manhattan have charged 11 people at the 3 biggest online poker companies: Absolute Poker, Full Tilt Poker, and PokerStars. The U.S. government also seized their Internet domain names. Source:

12. July 2, Atlanta Journal-Constitution – (Georgia) Investment adviser accused of $40 million fraud. An investment adviser who nearly 2 years ago helped send a lifeline to a struggling south Georgia bank is missing, and authorities accuse him of a $40 million fraud, the Atlanta Journal-Constitution reported July 2. In a 22-page letter to investors, the adviser allegedly admitted he made false statements to conceal losses of $20 million to $23 million. Regulators said he told clients he was investing their money in traditional stocks, but he also put money into “illiquid” bets including South American real estate, and shares of Montgomery Bank and Trust. Tens of millions of dollars were placed into an account at Goldman Sachs, which suffered heavy losses, the Securities and Exchange Commission (SEC) complaint said. Securities regulators accuse the adviser of falsifying account data to conceal the losses. The SEC also said frequent transfers of investor funds were made to the operating account of one of his companies. The FBI was among the agencies assisting in the matter. Source:

13. July 2, Reuters – (National) First wave of U.S. ‘living wills’ provides a blueprint for the industry. U.S. bank holding companies with $250 billion or more in total nonbank assets and foreign-based bank holding companies with $250 billion or more in total U.S. nonbank assets were due to submit resolution plans known as the “living wills” to the Federal Reserve and Federal Deposit Insurance Corporation (FDIC) July 2. The first wave of submissions included five of the biggest U.S. banks. Summarized public versions of the resolution plans were due to be released by July 3. The living wills are intended to provide road maps for regulators for the orderly unwinding of firms without spillover effects onto other parts of the economy and without costly bailouts. The firms will have to provide a detailed account of their business lines and legal entities, information systems, capital and cash flows, and an analysis explaining resolution options. The rule will allow the FDIC and the Federal Reserve to impose various restrictions on capital, leverage, or liquidity of the firm if the living wills are found to be deficient or non-credible. When warranted, the regulators will be able to curtail the firm’s operations, and require divestiture of assets, though the FDIC made clear that this route would only be taken as a last resort. Source:

14. July 2, CNET – (International) Microsoft identifies two Zeus botnet crime ring suspects. Microsoft released the identities of two alleged members of the Zeus botnet crime ring, which used an estimated 13 million computers infected with the malware to steal more than $100 million, CNET reported July 2. The botnet operators used the software to show fake or modified Web sites when victims tried to use real banking sites, log their keystrokes to capture victims’ identity information, and then use that information to steal money from victims’ accounts. Microsoft announced it amended a complaint the week of June 25 to add two individuals as defendants. The pair is already serving time in the United Kingdom for other Zeus-related convictions, the company said. The senior attorney with Micorsoft’s digital crimes unit noted that since simultaneous raids in March, Zeus botnet infections declined by about 50 percent. Source:

For another story, see item 33 above in Top Stories

Information Technology Sector

40. July 3, Softpedia – (International) Boxer SMS trojan advertised as Firefox for Android. June 26, Mozilla launched Firefox 14 for devices that run an Android operating system. In response, cyber criminals started masquerading an SMS trojan as the popular Web browser. The malicious element, identified as Trojan.AndroidOS.Boxer.d, is being advertised on many Russian Web sites and comes in various shapes and sizes, GFI experts said. Previously seen variants of Boxer informed users that by accepting a set of “rules” they would be charged for sending SMS messages to premium numbers. However, this version does not give any details regarding its true purpose. Once the rogue application is installed, the malware activates and sends an SMS to several numbers. Another difference, compared to older Boxer variants, is that once the SMS messages are sent, the victim is not redirected to a Web site from which the legitimate app can be downloaded. Instead, it simply loads Researchers believe this may be a tactic to make users think the application is defective. Users might download and install the fake software again, allowing Boxer to perform its malicious tasks more than once. The trojan was spotted posing as other apps as well, not just Firefox. When Instagram was launched on Google Play, Boxer was advertised as the popular photo sharing program. Source:

41. July 3, H Security – (International) Source code for the Zemra crimeware bot released. Source code for the Zemra trojan, which is already being used by criminals for distributed denial-of-service (DDoS) attacks, is circulating online. In contrast to the widely distributed Zeus bot, the source for which is also available online, Zemra is very new. According to security company Symantec, the trojan has only been available to purchase from underground forums since May 2012 and malicious parties are using it for the purpose of extortion. Symantec’s anti-virus solutions have only been able to detect Zemra for a week. Symantec said the crimeware pack is not currently very widespread. However, the availability of the source code means this could rapidly change, since anyone can now modify the bot for their own ends. This is not hard — Zemra was developed using the C# programming language. The source code should be comprehensible to anyone with basic programming skills. As well as various types of DDoS attack, Zemra can also download and run malware from the Web on command. It can also open a SOCKS proxy on an infected computer, allowing the bot herder to use the victim’s Internet connection. Zemra is also able to spread via USB flash drives. Communication between the bot and the PHP-based command-and-control server (also supplied) is encrypted. Source:

42. July 2, Infosecurity – (International) Windows 8 has larger attack surface than Windows 7, researcher warns. The attack surface in Windows 8 is bigger than in Windows 7 because of new components and changed processes, especially with the Metro interface, warns a McAfee researcher. “Security risks from rogue applications and vulnerabilities in applications that interact with the web and handle user data leave lots of room for exploitation — not to mention ever-present malware on the desktop”, he explained. At the same time, Windows 8 has additional security features, which include improvements to Windows anti-malware components, declarative resource access, application vetting via the Microsoft Store, and restrictive resource access for applications. Source:

43. July 2, Agence France-Presse – (International) ‘Leap second’ wreaks Internet havoc. An adjustment of a second in the official global clock sent dozens of Web sites crashing. The “leap second” was added to the Coordinated Universal Time to adjust clocks to the earth’s rotation the night of June 30, delaying for 1 second the transition to July 1. The extra second was too much for some software to handle. Reddit, a social news network, posted a Twitter message indicating its services were experiencing problems. Mozilla, the organization behind the Firefox browser, also had issues. The outages came roughly at the same time as a major storm that knocked out power to an Amazon data storage site which serves as cloud host for many Web sites, including Netflix. Some sites such as the social network Foursquare said they were affected by the Amazon outage. LinkedIn, the professional social network, said its service was down June 30, without elaborating. Source:

For more stories, see items 14 above in the Banking and Finance Sector and 37 above in Top Stories

Communications Sector 

See items 37 above in Top Stories and 40 and 43 above in the Information Technology Sector