Wednesday, July 25, 2012 

Daily Report

Top Stories

 • Insufficient oxygen supply caused some F-22 fighter pilots to get dizzy and disoriented when flying the plane, the Pentagon said July 24. The announcement signaled restrictions that limited F-22 flights for about a year would gradually be lifted. – Reuters

11. July 24, Reuters – (National) Pentagon concludes oxygen supply behind F-22 breathing problems. Insufficient oxygen supply caused some F-22 fighter pilots to get dizzy and disoriented when flying the plane, the Pentagon said July 24, signaling at the conclusion of a U.S. Air Force study that restrictions placed on F-22 flights would gradually be lifted. A Pentagon spokesman said an Air Force analysis concluded symptoms of oxygen deprivation among some pilots of the F-22, built by Lockheed Martin Corp., were caused by problems with the oxygen supply delivered to pilots, not oxygen contamination. To fix those problems, the Air Force will replace a valve in flight suits that restricted breathing at high altitude and increased the oxygen supply to pilots by removing an air filter. The Air Force stopped flying the F-22 completely for 5 months in 2011. It resumed flights in September, but restrictions remained on some high-altitude and long-haul flights. Concern about the aircraft flared again in 2012 after two F-22 pilots told reporters they stopped flying the jet due to safety concerns. The Pentagon spokesman said the Air Force would also complete other steps designed to make the planes safer, including installation of a back-up oxygen system. He said altitude restrictions for F-22s could be lifted as early as the fall after a revamped high-altitude garment is tested and other improvements and studies completed. He said the Pentagon would send a squadron of F-22s to a U.S. air base in Japan, after which officials would recommend resuming most long-haul flights by the fighter. Source:
• Skimmers could use a new, difficult-to-spot technology that uses a wafer-thin card reading device inserted directly into the card acceptance slot, according to two recent reports by the European ATM Security Team. – Krebs on Security See item 13 below in the Banking and Finance Sector

 • Miami-Dade County, Florida’s three main water and sewer treatment plants and 7,700 miles of pipelines are so outdated it would take an initial installment of more than $1.1 billion just to replace the “most deteriorated vulnerable sections” of the system, a new study found. – Miami Herald

27. July 24, Miami Herald – (Florida) Repair bill over $1 billion to fix crumbling sewage system, Miami-Dade report says. Miami-Dade County, Florida’s three main water and sewer treatment plants and 7,700 miles of pipelines are so outdated it would take an initial installment of more than $1.1 billion just to replace the “most deteriorated vulnerable sections” of the system, a 5-month internal study by the water & sewer department showed. According to the Miami Herald July 24, the study found that so much corrosion has occurred that initial repairs could take 3 to 8 years. Miami is the 10th largest utility in the nation. The release of the report comes 5 months after a commissioner demanded it and 2 months after federal regulators swarmed Miami demanding repairs and upgrades. Authorities from the U.S. Environmental Protection Agency, the Department of Justice, and the Florida Department of Environmental Protection are expected to spend up to 4 months discussing how to fix and pay for a system its director said is “being held together by chewing gum.” The study shows the majority of the initial fixes — about $736 million worth of immediate work — is needed for the sewer lines. The aging system is in such disrepair it has ruptured at least 65 times over the past 2 years, spilling more than 47 million gallons of untreated human waste into waterways and streets. Without being specific, the report says some grants should be available but concedes much of the work will likely be paid for through revenue bonds and rate hikes. Source:

 • At least 60 people were hospitalized after they were sickened after eating at a Denver homeless shelter July 22. Officials were trying to pinpoint the source of the outbreak. – Food Safety News

55. July 23, Food Safety News – (Colorado) 60 hospitalized in Denver after eating charity dinner. At least 60 people were hospitalized after eating at a Denver homeless shelter July 22. Less than an hour after eating a turkey dinner served at the Denver Rescue Mission, dozens of meal recipients began to vomit and became dehydrated from fluid loss. Emergency responders were called to Denver Rescue Mission’s Lawrence Street Shelter — where the meal was served — and to the Samaritan House across the street where some people who had eaten the meal were staying. A total of 54 people from the Lawrence Street Shelter and 6 from the Samaritan House were taken to the hospital, said a Denver Rescue Mission representative. Many of those who ate the meal were not staying at either shelter, meaning other homeless individuals in the Denver area may also be sick. The exact source of the food poisoning remained unclear, said health officials. While turkey was the main course, mashed potatoes and vegetables were also served and have not been ruled out as possible contamination sources. Denver Rescue Mission said it is possible the food that made people ill was given to the shelter as a donation. Source:


Banking and Finance Sector

12. July 24, – (International) Japanese Finance Ministry uncovers major trojan attack. Japan’s Finance Ministry uncovered evidence of a major trojan cyber-attack on its computer systems that lay undetected for almost 2 years, reported July 24. Ministry officials admitted that the unspecified trojan, which was not detected by the organization’s security systems, was probably free to steal confidential data from January 2010 to November 2011, after which the attack suddenly stopped. A total of 123 computers inside the Ministry were infected out of around 2,000 so far checked, which prompted the organization to change hard disks on the affected machines. The latest attack bears the hallmark of a large number that have afflicted Japanese government departments in the last year, seemingly only discovered after the damage was done. Source:

13. July 24, Krebs on Security – (International) ATM skimmers get wafer thin. Among the latest and most difficult-to-spot skimmer innovations is a wafer-thin card reading device that can be inserted directly into the ATM’s card acceptance slot, Krebs on Security reported July 24. The new devices were discussed in two recent reports from the European ATM Security Team (EAST). In both reports, EAST said one unnamed country alerted them about these new kinds of devices. They record data stored on the magnetic stripe on the back of the card as it is slid into a compromised ATM. The insert skimmers require some secondary component to record customers entering their PINs, such as a PIN pad overlay or hidden camera. Source:

14. July 23, Reuters – (International) Ex-Anglo Irish finance director charged in fraud probe. Two former top executives at Anglo Irish Bank were the first to be charged July 23 in a long-running fraud investigation into the failed lender synonymous with Ireland’s financial meltdown. The bank’s former finance director was charged on 16 counts, chiefly over his role in loans allegedly given to a group of 10 wealthy clients to buy shares in the bank. The former managing director for Ireland faced the same charges. Ireland’s Office of the Director of Corporate Enforcement and police have been investigating the actions of the bank for more than 3 years, including the loans given to the group, as well as whether deposits were used to mask large withdrawals. Anglo Irish Bank, recently renamed the Irish Banking Resolution Corporation, is slowly being wound down after years of reckless lending left the state with a 30 billion euro bill. Source:

15. July 23, Supermarket News – (New York; Connecticut; New Jersey) Feds charge NYC store owners in fraud scheme. Federal authorities brought tax fraud charges against the owners of six gourmet food stores based in New York City, saying the operators of Zeytuna, The Amish Market, and Zeytinia Markets failed to report more than $56 million in gross receipts during the years 2004 through 2009, Supermarket News reported July 23. According to an indictment, two men who together owned a 50 percent or greater stake in stores in New Jersey, Connecticut, and New York diverted cash from the books of the stores to pay business expenses, including payrolls, in cash. The owners also skimmed money for their personal use, according to the indictment. Source:

16. July 23, Accounting Today – (National) Audit confirmations helped unmask Peregrine fraud. Electronic confirmation service said its system helped uncover a more than $200 million fraud perpetrated by Peregrine Financial Group’s PFGBest unit, Accounting Today reported July 23. Peregrine’s Chief Executive Officer (CEO) was charged earlier in July with lying to federal regulators. In a note left behind in a failed suicide attempt, the CEO admitted to using false bank statements to embezzle millions from customer accounts. He had resisted using an electronic confirmation service to verify his firm’s statements, but was ultimately forced to allow access under pressure from the firm’s regulator, the National Futures Association, which wanted to use the online system to verify accounts at his and other firms. The day after he allowed the electronic confirmation system to be used at his firm, he was discovered unconscious in his car. The founder and chief marketing officer of said in a statement the CEO “resisted using our service for months, presumably because he knew that as soon as electronic confirmation went into effect, he would be exposed.” Source:

For another story, see item 46 below in the Information Technology Sector
Information Technology Sector

40. July 24, – (International) Grum botnet briefly returns from the dead. The creators of the Grum botnet managed to briefly bring the spam network back from the dead before it was once again shut down. Security vendor FireEye reported the attempt to get the botnet back online took place July 23. “Over the weekend we found that the Ukrainian internet service provider (ISP) SteepHost removed the null route on three [command and control servers] that were taken down last week,” a FireEye researcher said. “We immediately noticed this change and contacted SteepHost once again. After hours of negotiations, they eventually shut down these CnCs once more.” Source:

41. July 24, Technology Review – (International) The latest threat: A virus made just for you. The Flashback computer virus gained notoriety earlier in 2012 as the first malware to make headway against Apple’s relatively untouched operating system, Mac OS X, infecting 600,000 victims’ machines at the peak of the outbreak. However, computer scientists and security professionals were more worried about another aspect of the malware. The authors of Flashback used a technique that Hollywood often employs to prevent movie and music files from being copied — they added functions that bound the virus to each infected system. The use of that technique prevented security companies from running the virus in their labs. New research shows that a refinement to the technique could make automated analysis of malware nearly impossible. Source:

42. July 24, New Hampshire Union Leader – (New Hampshire) Acid spill forces evacuation of homes in Laconia. Approximately a dozen homes near ABC Fabricators in the downtown area of Laconia, New Hampshire, were evacuated July 24 after an acid spill. About 250 gallons of nitric acid were believed to have spilled at the factory. Since 1979, ABC Fabricators has been specializing in the manufacture of electronic circuit boards, according to online information about the company. Source:

43. July 23, The Register – (International) Skype: Nearly half of adults don’t install software updates. A new survey commissioned by Skype reveals that 40 percent of adults do not always update their software when prompted to do so, and that 25 percent skip software updates because they think they offer no real benefit. The survey was offered on Skype’s behalf to 350,000 individuals in the United States, United Kingdom, and Germany by Internet pollster YouGov. A quarter of the adults surveyed said they did not understand the benefits of software updates or what they were supposed to do. About the same number said they did not know how to check for updates, and another quarter said they would need to be prompted to upgrade their software at least twice before they would do it. The respondents gave various reasons for shying away from updates. Some said they expected new versions of software would have “lots of bugs” or would crash too often, while others said they thought the updates would slow down their computers. More than a quarter of respondents said the process of updating their software just takes too long. Forty-five percent of survey participants said they did not upgrade their software because they worry about the security of their computers. Source:

44. July 23, Reuters – (International) Web-connected industrial controls stoke security fears. Until several days ago, anyone who researched the security of industrial control systems could have accessed the Web site of a Kansas agricultural concern and turned off all its windmills. The owner left the system connected to the open Internet without any password protections, despite warnings from Canadian manufacturer Endurance Wind Power. A cyber researcher found the vulnerability along with thousands of other exposed industrial controls, many of them in critical facilities. The research that found the lapse came from one of two new studies on the security of industrial controls that were provided to Reuters in advance of their public release at the Black Hat security conference being held the week of July 23 in Las Vegas. The research buttress concerns that critical national infrastructure in the West is more vulnerable to hacking attacks now than 2 years ago, despite its status as a top cybersecurity priority for the White House, and other parts of the federal government. Source:

45. July 23, Forbes – (International) Eight million email addresses and passwords spilled from gaming site Gamigo months after hacker breach. Four months after the gaming site Gamigo warned users about a hacker intrusion that accessed some portions of its users’ credentials, more than 8 million usernames, emails, and encrypted passwords from the site were published on the Web, according to the data breach alert service PwnedList. The half-gigabyte collection of stolen user data was posted to the password-cracking forum Inside Pro earlier in July, where it remained online until the week of July 16. Though the passwords were not initially posted in a readable form, they may still be compromised. Source:

46. July 23, ZDNet – (International) Hacker on Apple’s iOS in-app purchase fix: ‘Game is over’. During the week of July 9 a Russian developer hacked Apple’s In-App Purchase program for all devices running iOS 3.0 or later, allowing iPhone, iPad, and iPod touch users to circumvent the payment process and essentially steal in-app content. Apple confirmed the workaround and the week of July 16 announced a temporary fix and that it would patch the holes with the release of iOS 6. July 23, the developer declared Apple’s solution indeed stops his hack. In the meantime, he said the “service will still remain operational until iOS 6 comes out.” Furthermore, the researcher was still working on the Mac in-app purchase hack he disclosed the week of July 16. Source:

47. July 23, Dark Reading – (International) Using chip malfunction to leak private keys. Many financial institutions and other security-conscious organizations rely on RSA authentication to not only authenticate users are who they say they are, but also the other way around — to assure users they are interacting with their vendor’s Web site rather than a spoof. Fundamental to this encrypted method of assurance is that the RSA private key held by the secured organization always remains a secret. The week of July 23 at the Black Hat security conference, a researcher from University of Michigan will show how small electrical malfunctions in server processor chips can make it possible for attackers to secretly glean the contents of an entire private key. Source:

For more stories, see items 12, 13, and 16 above in the Banking and Finance Sector
Communications Sector

48. July 23, Jefferson Post – (North Carolina) SkyLine corrects Internet service outages. Internet outages plagued much of Ashe and Alleghany counties in North Carolina July 19, according to information released by local Internet service provider SkyLine Membership Corporation. Service was restored to those areas impacted by the outage later that day, with only limited intermittent Internet issues remaining in parts of Ashe and Alleghany counties, read a press release issued July 20, by a SkyLine public relations administrator. According to SkyLine, network equipments issues were to blame for the service interruptions and outages, which created a “cascading instability in other parts of the network,” which disrupted Internet, TV, and some voice services across the five-county SkyLine/SkyBest service area, though the public relations administrator said the majority of the company’s customers were not impacted. Source:

For another story, see item 46 above in the Information Technology Sector