Monday, February 27, 2012
Complete DHS Daily Report for February 27, 2012
Daily Report
Top Stories
• More than one in three counties in the United States are at risk for extreme shortages of fresh water for drinking, farming, and other uses due to climate change, a new study found. – Homeland Security Newswire (See item 25)
25. February 24, Homeland Security Newswire – (National) U.S. water shortages loom. More than one in three counties in the United States could face a “high” or “extreme” risk of water shortages due to climate change by the middle of the twenty-first century, according to a new study in the American Chemical Society’s (ACS) journal Environmental Science & Technology. Homeland Security Newswire said February 24, the new report concluded 7 in 10 of the more than 3,100 U.S. counties could face “some” risk of shortages of fresh water for drinking, farming, and other uses. An American Chemical Society release reports that population growth is expected to increase the demand for water for municipal use and for electricity generation beyond existing levels. Global climate change threatens to reduce water supplies due to decreased rainfall and other factors compared to levels in the twentieth century. The group developed a “water supply sustainability risk index” that takes into account water withdrawal, projected growth, susceptibility to drought, projected climate change, and other factors in individual U.S. counties for the year 2050. It takes into account renewable water supply through precipitation using the most recent downscaled climate change projections and estimates future withdrawals for various human uses. The team used the index to conclude climate change could foster an “extreme” risk of water shortages that may develop in 412 counties in southern and southwestern states and in southern Great Plains states. Source: http://www.homelandsecuritynewswire.com/dr20120224-u-s-water-shortages-loom
• A former McAfee cybersecurity researcher used a previously unknown hole in smartphone browsers to deliver malware that can commandeer the device, record calls, pinpoint its location, and access messages. – Los Angeles Times. See item 44 below in the Information Technology Sector.
Details
Banking and Finance Sector
12. February 24, WOAI 4 San Antonio – (Texas) Secret Service arrests three men accused of using fake credit cards. February 22, the Secret Service in San Antonio arrested 3 men who they said had more than 150 fake credit cards in their possession. February 23, the Secret Service said three foreign nationals were accused of going into local businesses and buying merchandise using counterfeit credit cards. Agents said they were arrested while picking up a package at FedEx and were found with more than 150 credit cards on them. Source: http://www.woai.com/news/local/story/Secret-Service-arrests-three-men-accused-of-using/YJc3FT6F2kii_NUumvChMA.cspx
13. February 23, Associated Press – (National) ‘Fake Beard Bandit’ admits robberies in 4 states. An Oklahoma man nicknamed the “Fake Beard Bandit” pleaded guilty to eight bank robberies in Arkansas, Missouri, Oklahoma, and Kansas. He entered his plea February 23 in federal court in Fort Smith, Arkansas. He was arrested August 26, 3 days after a Liberty Bank in Fort Smith was robbed. Court records show he was accused of taking more than $70,000 from banks in Fort Smith; Oklahoma City and Coweta, Oklahoma; Shawnee and Olathe, Kansas; and Joplin, Missouri. Prosecutors said he entered the banks wearing a large, fake beard. He demanded money while brandishing what police later learned was a BB gun that looked like a handgun. Source: http://www.wmctv.com/story/17003578/fake-beard-bandit-admits-robberies-in-4-states
14. February 23, U.S. Department of the Treasury – (International) Treasury imposes sanctions on leading members of Indonesia-based terrorist group. February 23, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated three individuals for acting for or on behalf of the terrorist group Jemmah Anshorut Tauhid (JAT) pursuant to Executive Order (E.O.) 13224. These individuals include JAT’s acting Emir, a spokesperson, and a JAT leader involved in recruiting and fundraising activities. This action coincides with the action taken February 23 by the U.S. Department of State to designate JAT as a Foreign Terrorist Organization. JAT is an Indonesia-based group responsible for multiple coordinated attacks that have killed civilians, police, and military personnel. JAT’s founder and leader is co-founder of Jemaah Islamiya (JI), a Southeast Asia-based designated terrorist network with links to al-Qa’ida. Since 2002, more than 20 JI terrorists have been designated pursuant to E.O. 13224. As a result of the February 22 action, all property in the United States or in possession or control of U.S. persons in which the designees have an interest is blocked, and U.S. persons are prohibited from engaging in transactions with them. Source: http://www.treasury.gov/press-center/press-releases/Pages/tg1429.aspx
15. February 23, Arizona Republic News – (Arizona) ‘Bearded Bandit’ still being sought in Phoenix-area bank robberies. A man described as the “Bearded Bandit” is still on the loose after his latest bank robbery at a Chase Bank in Phoenix February 22, authorities said. The man was also suspected of robbing M&I Banks in Peoria and Gilbert, a Chase Bank in Avondale, and a Washington Federal Bank in Litchfield all in Arizona since late December, a FBI special agent said. Source: http://tucsoncitizen.com/arizona-news/2012/02/23/bearded-bandit-still-being-sought-in-phoenix-area-bank-robberies/
For another story, see item 41 below in the Information Technology Sector.
Information Technology
41. February 24, The Register – (International) New password-snatching Mac trojan spreading in the wild. Security watchers warned February 24 that a new variant of a Mac-specific password-stealing trojan is spreading in the wild. Flashback-G initially attempts to install itself via one of two Java vulnerabilities. Failing that, the malicious applet displays a self-signed certificate (claiming to be from Apple) in the hope users just install the malware. Once in place, the malware attempts to capture the log-in credentials users enter on bank Web sites, PayPal, and many others. OS X Lion did not come with Java preinstalled, but Snow Leopard does, so users of Mac’s latest OS are more at risk of attack. Mac security specialist Intego warns the variant is infecting Mac users and spreading in the wild. Symptoms of infection can include the crashing of browsers and Web applications, such as Safari and Skype. Source: http://www.theregister.co.uk/2012/02/24/flashback_mac_trojan/
42. February 24, H Security – (International) PacketFence 3.2.0 brings new features, closes XSS hole. The PacketFence development team has published version 3.2.0 of its open source network access control system. The update includes fixes for 18 bugs. It addresses a “high” priority vulnerability in the Web Admin printing system (printer.php) that can be exploited by an attacker to conduct cross-site scripting attacks. Source: http://www.h-online.com/security/news/item/PacketFence-3-2-0-brings-new-features-closes-XSS-hole-1442180.html
43. February 23, V3.co.uk – (International) Philips Electronics suffers website security breach as hackers strike. Philips Electronics has become the latest high-profile company to be hit by hackers after huge amounts of data stored on its internal systems were compromised, according to reports. According to the Hacker News, the hackers, named ‘bch195’ and ‘HaxOr,’ claimed to have compromised a server owned by the company that contained huge swaths of data, including 200,000 e-mail addresses, that they intend to try and sell. The firm also posted links to screen grabs of the information it hacked on Pastebin. A spokesperson for the company told V3.co.uk it was aware of the incident and has taken action to minimize its impact. Source: http://www.v3.co.uk/v3-uk/news/2154743/philps-electronics-suffers-website-security-breach-hackers-strike
44. February 23, Los Angeles Times – (International) Smartphone security gap exposes location, texts, email, expert says. A former McAfee cybersecurity researcher has used a previously unknown hole in smartphone browsers to deliver an existing piece of China-based malware that can commandeer the device, record its calls, pinpoint its location, and access user texts and e-mails. He conducted the experiment on a phone running Google’s Android operating system, although he said Apple’s iPhones are equally vulnerable. He is scheduled to demonstrate his findings February 29 at the RSA conference in San Francisco. The researcher said he and his team commandeered an existing piece of malware called Nickispy, a remote access tool identified in 2011 by anti-virus firms as a trojan. The malware was disguised as a Google+ app that users could download. However, Google quickly removed it from its Android Market app store, which meant few users were hit. The researcher and his team reversed engineered the malware and took control of it. He then conducted an experiment in which malware was delivered through a “spear phishing” attack — in this case, a text message from what looks like a mobile phone carrier. He said he exploited a zero-day vulnerability in smartphone browsers to secretly install the malware. “The minute you go the site, it will download a real-life Chinese remote access tool to your phone,” he said. “The user will not see anything. Once the app is installed, we’ll be intercepting voice calls. The microphone activates the moment you start dialing.” The malware also intercepts texts and e-mails and tracks the phone’s location, he said. In theory, it could be used to infiltrate a corporate network with which the phone connects. There is no security software that would thwart it, he said. Source: http://www.latimes.com/business/technology/la-fi-tn-cyber-security-crowdstrike-20120223,0,4645028.story
45. February 23, Dark Reading – (International) New Oracle ERP vulnerabilities unmasked. Researchers issued security advisories February 23 for eight vulnerabilities, some of them critical, in a popular Oracle enterprise resource planning (ERP) application — but they do not expect many users to actually apply the patches for them. The flaws discovered by researchers at security firm Onapsis range from holes that could allow an attacker to access all business information and files, query for passwords, and alter business information processed by the ERP, essentially taking complete control of the system. Patches for the vulnerabilities were included in Oracle’s latest Critical Patch Update release, and these are the first public details of the flaws. Source: http://www.darkreading.com/database-security/167901020/security/application-security/232601382/
Communications Sector
46. February 24, WDTV 5 Bridgeport – (West Virginia) Major outage in downtown Morgantown. Some people had a tough time getting work done in Monongalia County, West Virginia, February 23. They were left without phone and Internet service for several hours. Frontier officials said around 1,500 feet of cable was pulled out of the ground the morning of February 23. Mon Power was trying to set a new power pole when one of its machines ripped the line out of the ground. Frontier was still working on getting the problem fixed the evening of February 23 and they hoped to have it back on that night. Source: http://www.wdtv.com/wdtv.cfm?func=view§ion=5-News&item=Major-Outage-in-Downtown-Morgantown1044
For another story, see item 44 above in the Information Technology Sector.
