Thursday, August 2, 2012
Daily Report
Top Stories
• A suspicious item prompted the crew of a
United Airlines flight to Switzerland to divert it to Boston, as two F-15
fighters shadowed the plane July 31. – CNN
18.
August 1, CNN – (New Jersey;
Massachusetts) Suspicious object that forces plane to divert is unclaimed
camera. A suspicious item prompted the crew of a United Airlines flight to
Switzerland to divert it to Boston, as two F-15 fighters shadowed the plane
July 31, CNN reported August 1. The item, found inside an airsickness bag,
turned out to be an unclaimed camera, officials said. United Airlines flight
956 took off from Newark, New Jersey, and was headed to Geneva, Switzerland,
when it was diverted to Boston’s Logan International Airport “out of an
abundance of caution,” according to a Transportation Security Administration
statement. Two fighter jets intercepted and shadowed the plane “as a prudent
precaution” after its diversion from Newark, said a spokeswoman at North
American Aerospace Defense Command. Source: http://www.cnn.com/2012/08/01/travel/united-flight-diverted/index.html?hpt=hp_t2
• Air Canada said a passenger found what
appeared to be a sewing needle in a catered sandwich on board a flight July 30
from Victoria, British Columbia, to Toronto. –Associated Press
22.
August 1, Associated Press –
(International) Air Canada passenger finds needle in sandwich on flight. Air
Canada said a passenger found what appeared to be a sewing needle in a catered
sandwich on board a flight July 30 from Victoria, British Columbia, to Toronto.
A spokesman for the airline said that the airline was “working closely with our
caterers to ensure heightened security measures have been put in place.” He
said the airline contacted the caterers immediately after the discovery July
30. He said a police investigation was under way. A spokesman for Dutch police
investigating how needles got into six turkey sandwiches on Delta Air Lines
flights from Amsterdam to U.S. cities last July said it was too early to say
whether there was any connection with the new incident on Air Canada. A Dutch
police officer said Dutch investigators have been interrogating witnesses in
the chain of people who had access to the Delta sandwiches, and were examining
the actual sandwiches August 1. He said it was too early to rule out a copycat
or link with the Air Canada incident, which was also being investigated.
Source: http://www.foxnews.com/world/2012/08/01/air-canada-passenger-finds-needle-in-sandwich-on-flight/
• A man was held without bail July 31 after
prosecutors said they found evidence he plotted to kill students and
administrators at a high school in Irvine, California, where his son was
disciplined before committing suicide. – Associated Press
36. July 31,
Associated Press – (California) No bail for UC Irvine professor charged with
arson. A University of California professor was held without bail July 31
after prosecutors said they found evidence he plotted to kill students and
administrators at a high school in Irvine, California, where his son was
disciplined before committing suicide. He is charged with arson for a series of
five fires set in early July at University High School, a school
administrator’s house, and a nearby park, where his son killed himself in the
spring. After his arrest July 24, authorities found emails on his cellphone
describing a plot to burn down the high school, commit sexual assaults, and
purchase weapons to murder school officials and students there before killing
himself, said an Orange County district attorney spokesperson. “I can only at
this point tell you, he laid out in sufficient detail plans to purchase guns
and murder lots of people,” the deputy district attorney said. Prosecutors
believe the suspect was acting alone but it was not clear if he was targeting
anyone specifically. After the emails were discovered, the Orange County
district attorney spokesperson said the suspect, who was free on bail, was
arrested again. “[The emails] support our argument that he should be denied
bail because he’s dangerous,” she said. Source: http://www.google.com/hostednews/ap/article/ALeqM5jC5P2_Y49QBHXucDBGMy5BGWHQgg?docId=e5926ecf1f304440aed04dc59dfb6a8f
• Dropbox said July 31 that one of its
employee’s accounts was compromised, leading to a raft of spam in July that
irritated users of the cloud-storage service. – IDG News Service See item 42 below in the Information Technology Sector
• In Colorado alone, insurers estimated that
wildfires have caused some $450 million in damage to personal property.
Nationally, the U.S. Forest Service is on track for another possible record
with nearly $28 million spent so far on burned-area recovery work. –Associated
Press
56.
July 31, Associated Press – (Colorado;
National) Western wildfire recovery likely to take years. In Colorado
alone, insurers estimated that wildfires have caused some $450 million in
damage to personal property, and that number is expected to grow, the
Associated Press reported August 1. Nationally, the U.S. Forest Service is on
track for another possible record with nearly $28 million spent so far on
burned-area recovery work. The U.S. Department of Agriculture undersecretary
said the Federal Government tries to get into burned areas as quickly as
possible to predict what some of the fallout might be. The number of fires and
total acreage burned in the West this summer was roughly within range of the
past decade’s average. But the fires were bigger, they were burning with
greater severity, and they were burning areas where the potential impacts were
greater. Burned-area response specialists were working in Arizona, Nevada,
Utah, and Wyoming to finalize contracts for seeding and mulching, stabilize
roads and trails, prep culverts for higher flows of water, and put up warning
signs. Charred hillsides are vulnerable to erosion during downpours because
they have less vegetation to soak up rain, increasing the likelihood of
flooding. In July, a wall of water rushed down New Mexico’s Santa Clara Canyon,
washing away months of restoration work done by Santa Clara Pueblo and
government contractors. National forests and grasslands provide about 20
percent of the nation’s water supply, according to the Forest Service, and the
cost of treating drinking water increases by about 20 percent for every loss of
10 percent of forest land in a watershed. Source: http://www.google.com/hostednews/ap/article/ALeqM5hLHmJrYRzyBBYdr5RbNs3e3FvtRw?docId=60d00504d9f44b7bbd6a7732ddc5
Details
Banking and Finance Sector
13. August
1, Wilkes-Barre Times-Leader – (Pennsylvania) Lupas stole
$6M, feds now allege. Aided by co-conspirators, a Plains Township,
Pennsylvania attorney defrauded investors of more than $6 million over an
18-year period, federal prosecutors alleged in a new indictment filed July 31.
The man convinced clients to invest in a purported trust account with the
promise they would earn 5 to 7 percent interest. There was no trust account and
he diverted the money for his personal use, according to the indictment. The
attorney was originally indicted in March on one count of mail fraud. The new
indictment listed eight victims, and charged him with 29 counts of mail fraud
and one count each of conspiracy to commit mail fraud and conspiracy to commit
money laundering. The indictment also revealed that he had help in perpetrating
the alleged scheme, which prosecutors said began as early as November 1993. The
attorney and unidentified co-conspirators created false documents that depicted
checks he mailed to clients as being “interest” on their trust account as part
of a Ponzi scheme. Source: http://www.timesleader.com/stories/Lupas-stole-6M-feds-now-allege,184338
14. August
1, NBC News; Reuters – (International) 2 poker sites agree to forfeit $731 million
after prosecutors allege ‘global Ponzi scheme’. The world’s largest poker
company and its rival have settled federal money laundering and fraud charges,
agreeing to pay $731 million, most of which will be used to reimburse online
gamblers, NBC News reported August 1. PokerStars, which is based on the Isle of
Man in the United Kingdom, agreed to forfeit the money, including $547 million
that will be available to reimburse U.S. customers of the rival, Full Tilt
Poker. Full Tilt also agreed to settle and will cease independent operations.
Prosecutors said both companies had used false billing codes to deceive banks
that would not process gambling transactions, and they said Full Tilt had
devolved into a “global Ponzi scheme,” with the big-name players and other
owners pocketing hundreds of millions of dollars that were owed to players.
Prosecutors accused Full Tilt of lying when it told customers that their
accounts were “segregated and held separately” from the company’s operating
funds. In the end, it owed more than it could repay without a sale. Source: http://www.msnbc.msn.com/id/48433962/ns/us_news-crime_and_courts/#.UBlB3GGe6NA
15. July 31,
Newark Star-Ledger – (New Jersey) Elizabeth man charged in string of 6 armed bank
robberies. Federal authorities arrested and charged a man with committing a
string of six armed bank robberies during the last nine months, including three
in Middlesex County and two in Somerset County, New Jersey, during which he
stole more than $105,000, according to officials and a criminal complaint filed
July 30. In several of the robberies, the man also sent an accomplice into the
bank to case it just moments before he walked in, authorities said. Two
accomplices who allegedly worked with the suspect were also arrested and
charged. Source: http://www.nj.com/news/index.ssf/2012/07/elizabeth_man_charged_in_strin_1.html
16. July 31,
U.S. Department of the Treasury – (International) Treasury
sanctions Kunlun Bank in China and Elaf Bank in Iraq for business with
designated Iranian banks. The U.S. Department of the Treasury July 31
announced the imposition of sanctions under the Comprehensive Iran Sanctions,
Accountability, and Divestment Act of 2010 (CISADA), against two financial
institutions for knowingly facilitating significant transactions and providing
significant financial services for designated Iranian banks. The financial
institutions sanctioned were Bank of Kunlun in China and Elaf Islamic Bank in
Iraq. Bank of Kunlun and Elaf Islamic Bank provided financial services to
designated Iranian banks and facilitated the movement of millions of dollars
worth of international transactions, the statement read. The action against
Bank of Kunlun and Elaf Islamic Bank effectively bars them from directly
accessing the U.S. financial system. As a result of the sanctions imposed under
CISADA, financial institutions may not open correspondent or payable-through
accounts for Bank of Kunlun or Elaf Islamic Bank in the United States and any
financial institutions that currently hold such accounts must close them within
10 days. Source: http://www.treasury.gov/press-center/press-releases/Pages/tg1661.aspx
17. August
1, Associated Press – (Ohio) Last defendant admits guilt in central Ohio mortgage
fraud scheme. The last of 12 defendants pleaded guilty to participating in
a $9 million central Ohio mortgage-fraud scheme, the Associated Press reported
August 1. The Columbus Dispatch reported that the man pleaded guilty to one
count of theft. Prosecutors said the 12 defendants were part of a wide-ranging
plot to fraudulently obtain mortgages for homes with inflated values. Most of
the loans ended in foreclosure. At the time the indictments came out in 2009,
prosecutors estimated that $9 million in loans had been obtained with
fraudulent documents for about 24 properties. Source: http://www.therepublic.com/view/story/21e23ba29c78403688187bde050a6011/OH--Mortgage-Fraud-Scheme
Information Technology Sector
41. July 31,
Computerworld – (International) Microsoft warns of critical Oracle code bugs
in Exchange. The week of July 23, Microsoft warned IT administrators that
critical vulnerabilities in code licensed from Oracle could give attackers
access to Exchange Server 2007 and Exchange Server 2010 systems. Oracle patched
the vulnerabilities in its “Oracle Outside In” code libraries as part of an
update July 17 thatfixed nearly 90 flaws in its database software. Exchange, as
well as Microsoft’s FAST Search Server 2010 for SharePoint, use the Oracle
Outside In libraries to display file attachments in a browser rather than to
open them in a locally-stored application, like Microsoft Word. The
vulnerabilities are within the code that parses those attachments. “An attacker
who successfully exploited these vulnerabilities could run arbitrary code under
the process that is performing the parsing of the specially crafted files,”
said Microsoft in the security advisory it issued the week of July 23. A
successful exploit ofan Exchange server would let hackers “install programs;
view, change, or delete data; or take any other action that the server process
has access to do.” In the absence of an immediate patch — Microsoft said it is
working on an update, but gave no release timetable — the company’s Security
Research and Defense blog and the advisory recommended IT administrators
temporarily disable those Exchange Server and FAST Search Server features that
relied on the Oracle Outside In libraries. Source: http://www.computerworld.com/s/article/9229816/Microsoft_warns_of_critical_Oracl_code_bugs_in_Exchange
42. July 31,
IDG News Service – (International) Dropbox blames employee account breach for
spam attack. Dropbox said July 31 that one of its employee’s accounts
wacompromised, leading to a raft of spam in July that irritated users of the
cloud-storage service. A stolen password was used to access the employee’s
account, which contained “a project document with user email addresses,” a
Dropbox engineer said. The
company also found that usernames and passwords that
were stolen from other Web sites were used to access “a small number of Dropbox
accounts,” he said. In response to the breach, Dropbox said it in a few weeks,
it plans to introduce two-factor authentication, such as a system that would
send a temporary code to a user’s phone. Source: http://www.computerworld.com/s/article/9229856/Dropbox_blames_employee_account_breach_for_spam_attack
43. July 31,
Threatpost – (International) Google Chrome 21 fixes six high-risk
vulnerabilities. Google released Chrome 21, the most recent stable version
of its browser. The new release includes more than two dozen security fixes,
among them patches for six high-priority flaws. Chrome 21 is the rare release
from Google that includes fixes for mainly low and medium-severity
vulnerabilities. There is only one critical flaw fixed in this release, and
that one is present only on Linux. Source: http://threatpost.com/en_us/blogs/google-chrome-21-fixes-six-high-risk-vulnerabilities-073112
44. July 31,
Threatpost – (International) Cross-platform flaws a boon for attackers. Microsoft
researchers came across a series of malware samples and exploits that show some
attackers are beginning to target the same vulnerability across multiple
platforms as a way to make the most out of their efforts. Even though Windows
and Mac are still separated as platforms, there are a number of applications
that run on both operating systems, including Adobe Flash, Reader, and Java.
Attackers, not wanting to waste time on small target bases and looking to
maximize their profits, are focusing their efforts on vulnerabilities in these
applications. Microsoft’s investigation of the way attackers are using
cross-platform vulnerabilities began about a year ago when the company’s
researchers discovered a backdoor aimed at Mac users. The malware disguised
itself as a Google app on the infected machine and then initiated a remote
connection to a command-and-control server. Source: http://threatpost.com/en_us/blogs/cross-platform-flaws-boon-attackers-073112
45. July 30,
Dark Reading – (International) ‘Luckycat’ APT campaign building Android
malware. Windows has been the favorite target of cyberespionage actors for
a long time, but newly discovered evidence shows they are also targeting mobile
platforms, namely the Android. The attackers behind the recent Luckycat
advanced persistent threat (APT)-type attack campaign are in the process of
developing malware aimed at the Android, a researcher with Trend Micro said in
a presentation at the Black Hat conference the week of July 23. Luckycat, an
attack campaign with ties to Chinese hackers that targets Indian and Japanese
military research institutions and the Tibetan community, also began targeting
Mac OS X users in 2011. Trend Micro researchers found two Android applications
in the early phase of development that can communicate with Luckycat’s command
and control (C&C) server. The malware is currently capable of gathering
information on the mobile device and uploading and downloading files as
directed by the C&C server. Source: http://www.darkreading.com/mobile-security/167901113/security/attacks-breaches/240004623/
Communications Sector
46. August
1, Shawnee News-Star – (Oklahoma) Internet disruption: Severed cables disconnect
many from World Wide Web. Internet service was down for hundreds, if not
thousands, of Allegiance Communications customers in Shawnee, Oklahoma, for
most of July 31. A buried fiber optic cable was severed in McLoud, disrupting
communication services for most of the day, while crews worked to get the
service returned for the greater Shawnee area. The outage affected businesses
and residents in Shawnee, including City Hall, as well as customers in Prague,
McLoud, and Tecumseh. The Shawnee/Pottawatomie County Emergency Management
offices were without email communications, but were still able to conduct
business. However, the Shawnee city Web site was down. Allegiance crews completed
the work by the evening of July 31 by locating the severed cable and working to
run an aerial line in order to return services quickly, and then replacing the
buried line later, the Allegiance general manager said. Source: http://www.news-star.com/newsnow/x1814084256/Internet-disruption-Severed-cables-disconnect-many-from-World-Wide-Web
47. July 31,
Northland’s NewsCenter – (Wisconsin) Lightning storm forces
Northland College’s radio station off-air. Due to a lightning storm July
29, the Northland College radio station in Wisconsin — WRNC 97.7 FM Ashland —
is temporarily off the air, Northland’s NewsCenter reported July 31. The
lightning storm is believed to have caused a power surge that resulted in the
failure of the station’s radio transmitter, according to the radio station’s
manager. She said the station may be back on the air by the end of the week of
July 30. Source: http://www.northlandsnewscenter.com/news/nw-wisconsin/Northland-College-Radio-Station-Temporarily-off-air-164510506.html
48. July 31,
Threatpost – (International) Firm sees more DDoS attacks aimed at telecom
systems. Attackers are now using distributed denial-of-service (DDoS)
services that offer attacks on telecommunication systems as part of larger
attack schemes. These attacks, known as TDoS attacks, can be a relatively cheap
option for cyber criminals seeking to diversify their attack vectors.
Researchers have seen a series of advertisements and forum posts promoting
services that can “flood” both mobile and stationary telephone lines. Often
these attacks are used as a distraction while attackers launch simultaneous
attacks on their victims, according to a member of Arbor Networks’ Security
Engineering and Response Team. http://threatpost.com/en_us/blogs/firm-sees-more-ddos-attacks-aimed-telecom-systems-073112