Tuesday, July 31, 2012
Daily Report
Top Stories
• By the week of July
23, more than 63 percent of the contiguous United States was considered in
moderate to exceptional drought. Specifically, 1,369 counties across 31 States
were declared drought-disaster areas. The drought, the most severe since the
1950s, is expected to cost at least $12 billion. – Ag Professional
21. July 27, Ag Professional – (National) Drought expanding
rapidly, now covers 63 percent of U.S. The week of July 23, the U.S.
Department of Agriculture’s Drought Monitor to showed the largest 1-week jump
in extreme drought growth during the report’s 12-year history. Nationally,
drought conditions grew for the 10th consecutive week. More than 63 percent of
the contiguous United States were considered in moderate to exceptional drought.
Specifically, 1,369 counties across 31 States were declared drought-disaster
areas. “We’ve seen tremendous intensification of drought through Illinois,
Iowa, Missouri, Indiana, Arkansas, Kansas and Nebraska, and into part of
Wyoming and South Dakota in the last week,” the author of the Drought Monitor
said. The Weather Channel noted that the growth of extreme drought in the
country expanded this week by 219,000 miles, an area slightly larger than the
States of California and New York combined. The percentage of the continental
U.S. in severe to exceptional drought set a new high for the second week
straight. The drought, the most severe since the 1950s, is expected to cost at
least $12 billion. Source: http://www.agprofessional.com/news/Drought-expanding-rapidly-now-covers-61-of-US---163874336.html
• French security
firm Intego discovered a new Mac Trojan horse the week of July 23 that is being
used to target specific individuals. The Trojan, dubbed “Crisis” by Intego — a
Mac-only antivirus developer — and called “Morcut” by Sophos, is espionage
malware that spies on victims using Mac instant messaging clients, browsers,
and Skype. – Computerworld View 41 below in the Information Technology Sector
• Police in Missouri
investigating bomb threats that triggered evacuations and searches for
dangerous devices at eight Walmart stores in Missouri and two store locations
in Kansas, said they have the phone number from at least one of the calls that
was made between July 27 and July 29. – ABC News
50.
July 30, ABC News – (Missouri; Kansas)
Police believe Walmart bomb threats are connected. Police in Missouri
investigating bomb threats that triggered evacuations and searches for
dangerous devices at 10 Walmart stores said they have the phone number from at
least one of the calls that was made between July 27 and July 29. In total
eight stores across Missouri received bomb threats, while two more store
locations, in Kansas, also received similar calls. No devices were found at any
of the stores. Walmart locations in Jefferson City, Nixa, Ozark, Raytown,
Gladstone, and Fredericktown in Missouri, and in Leavenworth and Lawrence,
Kansas, were shut down due to bomb threats. In each case, the caller said
explosive devices were on the premises. Source: http://abcnews.go.com/US/police-walmart-bomb-threats-connected/story?id=16884459#.UBZ7rqAbamg
• About 60 million
gallons of water is leaking through the 101-year-old Peterson Dam in Las Vegas,
New Mexico, each year. Consultants recommended that the dam, responsible for
holding the city’s water supply, be raised to provide more than 391 million
gallons of storage, a project estimated at $20 million. – Associated Press;
Las Vegas Optic
57.
July 27, Associated Press; Las Vegas Optic –
(New Mexico) 101-year-old northern NM dam on brink of failure. About 60
million gallons of water is leaking through the 101-year-old Peterson Dam in
Las Vegas, New Mexico, each year, the Associated Press reported July 27.
Consultants recommended that the dam, responsible for holding the city’s water
supply, be raised to provide more than 391 million gallons of additional
storage, a project estimated at $20 million. Its current capacity is 211
acre-feet, or 68 million gallons — a small fraction of the water the city uses
in a year. The governor of New Mexico said she would make the dam’s repair a
priority in the next legislative session with a proposed $2 million in funding,
the Las Vegas Optic reported. The dam is a symbol of the city’s dilapidated
water infrastructure, but officials said the entire system needs an overhaul.
The city already is planning stark water rate increases to fund improvement
projects that go beyond the dam and could cost $120 million over 40 years.
Rebuilding the dam will take at least 2 years. In the meantime, the city will
undergo a project in October to recapture most of the leaking water and pump it
back into the water system. The city and the federal government have reached an
agreement to let 5 percent of the water leak through the dam to maintain a
wetland that serves as a habitat for the Southwestern willow flycatcher.
Source: http://www.alamogordonews.com/ci_21173910/101-year-old-northern-nm-dam-brink-failure
Details
Banking and Finance Sector
7. July 28, Ogden
Standard-Examiner –
(National) Bucket List Bandit hits N.C. bank, now wanted in 5 states. The
‘Bucket List Bandit’ was named as a suspect in a July 20 robbery at a Bank of
America in Winston-Salem, North Carolina, the Roy, Utah police chief said July
27. Based on security camera photos, the robber wore identical clothing in both
heists. The Bucket List Bandit is also suspected of robbing Chase Bank branches
in Arvada, Colorado, June 21, and Flagstaff, Arizona, June 27, as well as the
Pocatello Ireland Bank in Pocatello, Utah, July 6, according to the FBI.
Source: http://www.standard.net/stories/2012/07/27/bucket-list-bandit-hits-nc-bank-now-wanted-5-states
8. July 27, WFXT 25 Boston – (Rhode Island;
Massachusetts) ‘Bearded Bandit’ believed to have robbed bank in RI. The
man known to the FBI as the “Bearded Bandit” was believed to have robbed a bank
in Barrington, Rhode Island, July 26. He was also suspected in four bank
robberies in Rhode Island and Massachusetts. A FBI special agent said that in
each robbery the bearded man tells the teller he has a weapon, talks on his
cell phone, and leaves when he has the money. Source: http://www.myfoxboston.com/story/19133244/bearded-bandit-believed-to-have-robbed-bank-in-ri
9. July 27, Associated Press – (National;
International) German fugitive sought for $100 million financial fraud
scheme arrested in Vegas. Federal officials said a German man sought for
five years in a more than $100 million financial fraud scheme was arrested in
Las Vegas, the Associated Press reported July 27. U.S. Immigration and Customs
Enforcement officials said the man was arrested July 25 on a U.S. immigration
violation. He was in custody pending his transfer to Germany. The man is
accused of using false names, and of using a company in Cape Coral, Florida, to
defraud investors in a pyramid scheme. U.S. Marshall found the man living in
Nevada under one of his false names. Source: http://www.foxnews.com/us/2012/07/27/german-fugitive-sought-for-100-million-financial-fraud-scheme-arrested-in-vegas/
Information Technology Sector
39. July 30, Help Net
Security –
(International) 1,500 severe security events detected on Black Hat WLAN. The
WLAN network at Black Hat was accessed by 3,155 attendees with a maximum of 904
simultaneous clients detected and quickly contained a total of 1,561 severe
independent security events. These events included more than 280 rouge access
points (AP) — with some rogue APs attempting to impersonate the official event
network. Other wireless attacks that were detected included Block ACK DoS
attacks, Power Save DoS attacks, Deauth Broadcast, AP Spoofing, and
“Hotspotter” attacks. The network also detected some malicious
fragmentation-based attacks from the wired side, which were all contained very
quickly. The network, which covered a 200,000 square foot facility, consisted
of 23 mesh point Aruba AP-134 APs and 16 mesh portal Aruba AP-134 APs. The 16
mesh portal APs were wired into the hotel’s infrastructure. Also included in
the network were an Aruba 3600 Mobility Controller and an Aruba S3500 Mobility
Access Switch. Source: http://www.net-security.org/secworld.php?id=13339&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+HelpNetSecurity+(Help+Net+Security)&utm_content=Google+Reader
40. July 29, IDG News Service
– (International) Researcher
creates proof-of-concept malware that infects BIOS, network cards. A
security researcher created a proof-of-concept hardware backdoor called
Rakshasa that replaces a computer’s Basic Input Output System (BIOS), and can
compromise the operating system at boot time without leaving traces on the hard
drive. Rakshasa, named after a demon from the Hindu mythology, is not the first
malware to target the BIOS, however, it differentiates itself from similar
threats by using new tricks to achieve persistency and evade detection.
Rakshasa replaces the motherboard BIOS, but can also infect the PCI firmware of
other peripheral devices like network cards or CD-ROMs, in order to achieve a
high degree of redundancy. Rakshasa was built with open source software. It
replaces the vendor-supplied BIOS with a combination of Coreboot and SeaBIOS,
alternatives that work on a variety of motherboards from different
manufacturers, and also writes an open source network boot firmware called iPXE
to the computer’s network card. All of these components have been modified so
they do not display anything that could give their presence away during the
booting process. Coreboot even supports custom splashscreens that can mimic the
ones of the replaced BIOSes. The only way to get rid of the malware is to shut
down the computer and manually reflash every peripheral, a method that is
impractical for most users because it requires specialized equipment and
advanced knowledge. Source: http://www.networkworld.com/news/2012/072912-researcher-creates-proof-of-concept-malware-that-261243.html?source=nww_rss
41. July 27, Computerworld – (International) New Mac Trojan
hints at ties to high-priced commercial hacking toolkit. French security
firm Intego discovered a new Mac Trojan horse the week of July 23 that is being
used to target specific individuals, Computerworld reported July 27. The
Trojan, dubbed “Crisis” by Intego — a Mac-only antivirus developer — and called
“Morcut” by Sophos, is espionage malware that spies on victims using Mac
instant messaging clients, browsers, and Skype. According to Intego, which
published an initial analysis July 24, and has followed up with more
information, Crisis sports code that points to a connection with an Italian
firm that sells a $245,000 espionage toolkit to national intelligence and law
enforcement agencies. The malware tries to hide from security software by
installing a rootkit, and also monkeys with OS X’s Activity Monitor — a utility
bundled with the operating system that displays the working processes and how
much memory each is consuming — as another lay-low tactic. Once on a Mac,
Crisis monitors Adium and MSN Messenger, a pair of instant messaging clients;
Skype; and the Safari and Firefox browsers. It captures a variety of content
transmitted by those programs, including audio from Skype, messages from Adium
and MSN Messenger, and URLs from the browsers. It also can turn on the Mac’s
built-in webcam and microphone to watch and listen, take snapshots of the
current Safari and Firefox screens, record keystrokes, and steal contacts from
the machine’s address book. The French firm pegged Crisis as “a very advanced
and fully-functional threat,” in part because of signs that some of the
malware’s code originated with commercial spying software. Source: http://www.computerworld.com/s/article/9229725/New_Mac_Trojan_hints_at_ties_to_high_priced_commercial_hacking_toolkit?source=rss_security&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+computerworld/s/feed/topic/17+(Computerworld+Security+News)&
42. July 27, Threatpost – (International) Study: SQL
attacks jump 69 percent in recent months. The number of SQL attacks jumped
by nearly two thirds earlier in 2012, according to cloud hosting firm FireHost
who recorded over 450,000 blocked SQL injection attacks between the first and
second quarter. According to a report in ComputerWeekly, the firm claimed the
week of July 23 that it protected its users from 17 million cyber attacks from
April to June 2012. 469,983 of those attacks were SQL injections, up from
277,770 attacks earlier this year, a 69 percent jump. While security statistics
have an intrinsic ebb and flow to them, FireHost’s numbers mark a spike. In
this year’s X-Force Trend and Risk Report, IBM noted a 46 percent drop in SQL
injections in 2011 while a study by WhiteHat Security earlier this year noted
the number of SQL injections in sites was also decreasing. After analyzing
7,000 websites, the firm found that only 11 percent of the sites contained SQL
injection vulnerabilities while only 4 percent of the sites carried at least
one SQL injection flaw compared to the overall vulnerability population.
Source: http://threatpost.com/en_us/blogs/study-sql-attacks-jump-69-percent-year-072712
43. July 27, IDG News Service
– (International) Twitter
suffers malware spam outbreak. A widespread spam attack linking to malware
has broken out on Twitter, according to the security firm Sophos. The malicious
tweets often read “It’s you on photo?” or “It’s about you?” The tweets and URLs
often include a user’s Twitter handle. Many of the links Sophos discovered have
a .RU domain name. “The attack itself is very simple, relying on people’s
natural curiosity about anything they think mentions them. Including the
target’s Twitter username in the link is an added hook to reel people in,” the
head of Sophos’ U.S. labs, said in a statement. The links in the spammed tweets
lead to a Trojan that ultimately redirects users to Russian Web sites
containing the Blackhole exploit kit, Sophos said. The Blackhole exploit kit
first emerged in 2010, and its use is widespread. The version of the kit being
promoted on Twitter targets vulnerabilities in Adobe Reader and Shockwave
Flash, according to Sophos. Source: http://www.computerworld.com/s/article/9229733/Twitter_suffers_malware_spam_outbreak
Communications Sector
44. July 30, CNET Asia – (International) Text messages and
tweets blamed for Olympic TV coverage hiccups. Overwhelming text messages
and tweets by hundreds of thousands of fans in London, England, had apparently
disrupted the Olympics coverage of the recent men’s cycling road race, CNET
Asia reported July 30. According to the International Olympics Committee (IOC),
this sudden surge in data had resulted in a network outage, blocking GPS
navigation information of the cyclists from reaching the Olympics commentators
covering the event. The issue was attributed to oversubscription of a
particular network, added an IOC spokesperson. Olympics fans in London have
also been told not to send non-urgent text messages and tweets to mitigate this
problem. Source: http://asia.cnet.com/text-messages-and-tweets-blamed-for-olympic-tv-coverage-hiccups-62218171.htm
45. July 29, WIBW 13 Topeka – (Kansas) Crews working on phone
outage in Osage County. Phone services were down in Osage County, Kansas,
July 29, after a backhoe operator cut one of the company’s fiberoptic cables. A
CenturyLink spokeswoman told WIBW 13 Topeka the backhoe operator cut a
fiberoptic cable between Alma and Alta Vista. She said the outage affected
communities in Osage County, Wabaunsee County, and Coffey County. The Wabaunsee
County sheriff’s office also released a statement, “Wabaunsee County is
experiencing widespread telephone outage. Incoming and outgoing long-distance
has been interrupted, as well as 911 telephone coverage.” Source: http://www.wibw.com/home/localnews/headlines/Crews-Working-On-Phone-Outage-In-Osage-County-164210156.html
46. July 27, Maysville Ledger
Independent –
(Kentucky) Communications slammed by storms. Storms that rolled through
Kentucky July 26 and July 27, left some area residents without electricity and
others with limited phone service. Lightning caused most of the problems, said
the Mason County, Kentucky emergency manager. “It knocked out some phones and
local television,” he said. According to the Germantown fire chief, access to
Bracken County 9-1-1 dispatch from land-based phone lines was affected by the
storms for a time. Callers to the non-emergency number for Bracken County 9-1-1
also continued to get a busy signal through the afternoon of July 27. In
Robertson County, phone service to the courthouse annex was not working.
Residents also reported phone outages in Mount Olivet and Piqua July 27. Source:
http://www.maysville-online.com/news/local/communications-slammed-by-storms/article_1f6e4933-2e30-5977-b990-378d77366c86.html
47. July 27, Casper
Star-Tribune –
(Wyoming) FCC slaps Casper radio station owner with $68,000 fine. Nearly
a year ago, a Federal Communications Commission (FCC) inspector tuned in to
several radio frequencies in Casper, Wyoming, and heard music where it did not
belong, the Casper Star-Tribune reported July 27. The music, from four Casper
radio stations belonging to Mt. Rushmore Broadcasting Inc., sang from the
company’s studios in downtown Casper to its transmission facilities for
rebroadcast on regular FM radio frequencies. In Casper August 17, 2011, Mt.
Rushmore Broadcasting did not have the right to broadcast using the radio links.
In the case of two of the radio stations, the company had been using the
unlicensed radio links for 16 years. The FCC, July 26 said on its Web site it
is fining the company $68,000 for “willfully and repeatedly” violating the law,
and it gave the stations’ owner 30 days to get the licenses its needs for
stations KMLD 94.5 FM Casper, KASS 106.9 FM Casper, KQLT 103.7 FM Casper, and
KHOC 102.5 FM Casper. Source: http://billingsgazette.com/news/state-and-regional/wyoming/fcc-slaps-casper-radio-station-owner-with-fine/article_bb05c009-9f38-5971-a85f-fe798697cdc1.html