Wednesday, July 18, 2012
Daily Report
Top Stories
• A third-party review of the “safety culture”
at Palisades Nuclear Power Plant in Covert Township, Michigan, said employees
did not believe management was open to suggestions or made the right decisions.
– Holland Sentinel
8. July 17,
Holland Sentinel – (Michigan) Report blasts poor ‘safety culture’ at Palisades
nuclear plant. A third-party review of the “safety culture” at Palisades
Nuclear Power Plant in Covert Township, Michigan, said employees did not
believe management was open to suggestions for improvement or made the right
decisions, the Holland Sentinel reported July 17. “There is a lack in the
belief that Palisades management really wants problems or concerns reported or
that the issues will be addressed,” the report’s executive summary stated. It
recommended a clarification of expectations and standards and an improvement in
communications. The Nuclear Regulatory Commission (NRC) is reviewing the
assessment, a NRC spokesman said. The assessment was conducted in January and
February and given to Entergy Nuclear Operations, the owner of Palisades, in
April. Entergy had already started to address safety issues at the plant in the
fall of 2011, said a company statement. Source: http://www.hollandsentinel.com/topstories/x736424803/Report-blasts-poor-safety-culture-at-Palisades-nuclear-plant
• Production was stalled after a fire did $1.5
million in damage to the Welspun oil pipe manufacturing plant in Little Rock,
Arkansas, July 14. – Associated Press
11. July 16,
Associated Press – (Arkansas) Fire does $1.5M in damage to Arkansas plant. Production
was stalled after a fire did $1.5 million in damage to the Welspun oil pipe
manufacturing plant in Little Rock, Arkansas, July 14. The company’s president
told KLRT 16 Little Rock July 16 that the company has enough pipes on hand to
continue shipments for weeks. Fire officials said the fire destroyed the
electrical room that runs all the machines used to make oil pipes. Officials
believe electrical equipment in the control room overheated and caught fire.
All of the equipment was destroyed. Source: http://www.katv.com/story/19039407/fire-does-15m-in-damage-to-arkansas-plant
• A “pervasively polluted” culture at HSBC
allowed the bank to act as financier for clients all over the world laundering
money to fund drug deals and terrorist activities. – NBC News See item 12 below in the Banking and Finance Sector
• Traffic was reopened on the Ambassador
Bridge in Detroit July 17, after a U.S.-Canada span closed for hours while
authorities checked out a bomb threat July 16. That closure marked the second
threat in 4 days to a major area international crossing. – Associated Press
15.
July 17, Associated Press – (Michigan)
Ambassador Bridge in Detroit open again after bomb threat. Traffic was
reopened on the Ambassador Bridge July 17, a U.S.-Canada span that was closed
for hours while authorities checked out a bomb threat July 16 on the U.S. side
of the bridge in Detroit. There was a similar threat 4 days earlier to a nearby
tunnel crossing. According to the Michigan Department of Transportation, traffic
was at normal levels as rush hour approached July 17. Detroit police said
someone called 9-1-1 saying a bomb would go off in 10 minutes. The call
prompted authorities in Detroit and Windsor, Ontario, to halt all truck and car
traffic across the bridge. The bridge was reopened July 17 after security
sweeps failed to turn up any incendiary devices. Source: http://www.mlive.com/news/detroit/index.ssf/2012/07/ambassador_bridge_in_detroit_o.html
• Six needles were found in sandwiches aboard
four Delta Air Lines flights from Amsterdam to the United States; now Dutch
authorities and the FBI are conducting criminal investigations. – CNN
22.
July 17, CNN – (National;
International) Dutch, U.S. authorities investigating needles in airline
sandwiches. Dutch authorities joined the FBI in conducting criminal
investigations into the discovery of needles in six sandwiches aboard four
Delta Air Lines flights from Amsterdam to the United States, a military police
spokesman in the Netherlands said July 17. One person was injured when he bit
into a sandwich containing a needle, Delta and Dutch officials said. A second
passenger aboard the same flight told ABC’s “Good Morning America” July 17 that
he not only found a needle, he discovered after landing that his son also found
one in his sandwich aboard another flight from Amsterdam. The objects were
discovered in the sandwiches as the planes were flying July 15 from Schiphol
Airport in the Netherlands to Minneapolis, Seattle, and two flights to Atlanta,
according to a Delta spokeswoman. Two of the needles were found by passengers,
she said. An air marshal aboard another flight found a needle as well. July 16,
the FBI said it launched an investigation. July 17, a spokesman for the
military police in Schiphol said detectives were looking into who put the
needles into the sandwiches and why. Gate Gourmet, which provided prepared
sandwiches to Delta, said the sandwiches originated at the firm’s facility in
Amsterdam. July 16, a Transportation Security Administration spokesman said the
agency notified all U.S. airlines with flights from Schiphol to the United
States of the situation. Delta is now serving sealed prepackaged food on these
flights instead of the sandwiches. Source: http://www.cnn.com/2012/07/17/travel/delta-needles/index.html
• Workers at Department of Energy nuclear
research centers have been putting lives at risk by incorrectly storing
explosives, improperly labeling bunkers, and inspecting explosives at
“populated” main gates, states a new federal report. – Fox News
36.
July 17, Fox News – (National) Nuclear
research screeners checking for explosives at ‘populated’ areas, putting lives
at risk, report says. Workers at Department of Energy (DoE) nuclear
research centers have been putting lives at risk by incorrectly storing
explosives, improperly labeling bunkers, and inspecting explosives at
“populated” main gates, according to a DoE inspector general report, Fox News
reported July 17. The report found “problems with handling and storing
explosives” at four National Laboratory sites, which were examined by the
office. The centers are part of a federal network of sites that research
explosives “detection, effects, and mitigation.” At two sites, the Savannah
River Site in South Carolina and the Idaho National Laboratory, the inspector
general’s office found workers were inspecting explosives shipments at
“populated main gates” during peak hours. Standard practice is for such
inspections to be held in a “remote area and/or during non-peak traffic hours.”
The report said the Savannah crew responded by moving its inspections to an
unpopulated area, but the Idaho staff has not changed its procedures. The
report, though, praised the four sites for making changes after other problems
were flagged. This included a finding that at all four sites, workers were
storing combustible materials with explosives in storage bunkers. It also cited
the facilities for improper labeling and disposal techniques. The two other
sites reviewed were Sandia National Laboratories and Los Alamos National
Laboratory in New Mexico. Source: http://www.foxnews.com/politics/2012/07/17/internal-report-cites-nuclear-centers-for-screening-explosives-at-populated/
• Police said a gunman who fired into a
crowded bar July 17 near the University of Alabama in Tuscaloosa, wounding at
least 17 people, turned himself in to authorities. – Associated Press
50.
July 17, Associated Press – (Alabama) Police:
Gunman in Ala. bar shooting turned self in. Police said the gunman who fired
into a crowded bar July 17 near the University of Alabama in Tuscaloosa,
wounding at least 17 people, turned himself in to authorities. The police chief
said the man went to a business in Jasper, about 45 miles north of the shooting
at the Copper Top bar, and told employees he was the suspect. He said they are
investigating whether the shooting involved a dispute between rival motorcycle
gangs. Police believe the rampage was connected to an earlier shooting at a
home. Two people who lived there were involved in that shooting, and one was
wounded. In the later shooting, the gunman stood outside of the bar for a few
moments, targeted someone inside, and fired through a window, the police chief
said. Customers inside ran outside or crawled away, before the gunman opened
fire again with a military-style assault weapon. Most of the injured were hit
by bullet fragments or debris, said a hospital spokesman. Two people were in
intensive care, one in critical care, and the other in serious condition. Three
people were in fair condition, and the others were treated and released.
Source: http://www.wane.com/dpps/news/national/south/17-people-hurt-in-tuscaloosa-alabama-bar-shooting-nt12-jgr_4240243
Details
Banking and Finance Sector
12. July 17,
NBC News – (International) Report: HSBC allowed money laundering that
likely funded terror, drugs. A “pervasively polluted” culture at HSBC
allowed the bank to act as financier to clients moving shadowy funds from the
world’s most dangerous and secretive corners, including Mexico, Iran, Saudi
Arabia, and Syria, according to a U.S. Senate report issued July 16. The
report, which came ahead of a Senate hearing July 17, said large amounts of
Mexican drug money likely passed through the bank. HSBC’s U.S. division also
provided money and banking services to some banks in Saudi Arabia and
Bangladesh believed to have helped fund al-Qa’ida and other terrorist groups,
according to Al-Jazeera. While the British bank’s problems have been known for
nearly a decade, the Senate probe detailed just how sweeping the problems have
been, both at the bank and at the Office of the Comptroller of the Currency
(OCC), a top U.S. bank regulator that the report said failed to properly
monitor HSBC. The study said the OCC failed to crack down on the bank despite
multiple red flags, allowing money laundering issues “to accumulate into a
massive problem.” Source: http://bottomline.msnbc.msn.com/_news/2012/07/17/12783850-report-hsbc-allowed-money-laundering-that-likely-funded-terror-drugs?
13. July 16,
Federal Bureau of Investigation – (New York) NY attorney
convicted for participating in $66M mortgage fraud scheme. An attorney was
found guilty of conspiring to commit bank fraud and wire fraud in connection
with a $66 million mortgage fraud scheme, the U.S. Attorney for the Southern
District of New York announced July 16. The case involved First Class Equities
(FCE), a mortgage brokerage firm with offices in Oceanside and Old Westbury,
New York. He was the fifth attorney convicted in the scheme. From 2004 to 2009,
FCE arranged home sales between “straw buyers” and homeowners who were often
people in financial distress and willing to sell their homes. Fraudulent
financial statements were prepared for lenders, who approved loans for
properties later allowed to go into foreclosure by the attorney and his
co-conspirators. The attorney typically appeared at closings as the attorney
for the bank but also represented straw buyers and sham sellers. He reviewed
and approved fake checks brought to closings, lied on settlement statements
about distribution of bank funds, and took other steps to ensure the FCE
president/owner and other members of the conspiracy made huge profits from the scheme.
As a result of the scheme, banks were defrauded and dozens of properties all
over the New York area went into foreclosure. Source: http://www.loansafe.org/ny-attorney-convicted-for-participating-in-66m-mortgage-fraud-scheme
14. July 15,
phillyBurbs.com – (New Jersey) Police: Female bandit caught after robbing 4th
bank. Authorities said they arrested a female bank bandit, suspected of
robbing two locations in Burlington County, New Jersey, and a third in Camden
County, after she allegedly ripped off a Cherry Hill bank July 13. She was
charged with two counts of robbery and theft after being taken into custody in
Camden. Authorities apprehended her after she allegedly robbed a Wells Fargo
Bank in Cherry Hill by tracking her license plate back to the address in
Camden. She was also charged with robbing a Susquehanna Bank in Audubon, and
was suspected of hitting another Susquehanna branch in Cinnaminson, and a
Beneficial Bank in Willingboro. She has not been charged with the offenses in
Burlington County but is a suspect, authorities said. Source: http://www.phillyburbs.com/news/local/burlington_county_times_news/police-female-bandit-caught-after-robbing-th-bank/article_03280d1f-73ed-5074-b90c-5db54ba61922.html
Information Technology Sector
44. July 17,
H Security – (International) Google blocks Chrome extensions from third
party servers. Future versions of Google’s Chrome Web browser will block
the installation of extensions, applications, and user scripts hosted on third
party servers. According to a page on the Chrome Web Store Help site, in the
future, developers will have to submit extensions for inclusion in the Chrome
Web Store, where Google will check all files for malicious functionality. Until
now, developers were able to host Chrome extensions on their own servers. This
had the advantage that updates could be made available for installation
immediately after uploading; also developers did not have to adhere to Google’s
terms and conditions for using the Chrome Web Store. However, Google said this
capability was increasingly being used by fraudsters to spread malicious
extensions able to perform functions such as stealing data entered on Web
pages. This meant the firm was not in a position to easily block malicious
extensions. The latest stable version of Chrome, 20.0.1132.57, still allows the
installation of extensions hosted by third parties, but this is likely to
change with the next update. Version 21.0.1180.41, currently in beta, blocks
installation of third party extensions and points users in the direction of the
Chrome Web Store. Source: http://www.h-online.com/security/news/item/Google-blocks-Chrome-extensions-from-third-party-servers-1643537.html
45. July 17,
H Security – (International) Skype confirms privacy bug that sends IMs to
unintended recipients. Skype confirmed its voice-over-IP (VoIP) software
contains a bug that could result in instant messages (IMs) being sent to
unintended recipients. The privacy bug was first reported in the Skype Support
Network forums by a user who, after an update to their Skype client in June,
encountered the problem in which some messages went to another contact.
Following this report, many other users confirmed they experienced the problem.
According to Skype, the problem only occurs following a crash of a user’s Skype
client during an IM session. When the client is restarted or is logged in as a
new user, IM messages entered or sent before the crash can, in some cases, be
sent to a different IM contact in the user’s list. Skype could not determine
the number of users affected, but said it believes it only happens in “very
rare cases.” Affected Skype clients include version 5.10 for Windows, Skype 5.8
for Mac OS X, Skype 4.0 for Linux, and Skype 1.2 for Windows Phone. Skype
released hot-fix updates for the Windows, Mac OS X, and Linux Skype clients to
correct the privacy bug. The company originally stated Skype for Windows 5.9,
Skype 4.0 for iOS, and Skype 2.8 for Android were affected, however, after
further investigation by the developers, these were found not to be vulnerable
to the problem. Source: http://www.h-online.com/security/news/item/Skype-confirms-privacy-bug-that-sends-IMs-to-unintended-recipients-1643401.html
46. July 17,
Threatpost – (International) Dutch authorities knock out Grum botnet
C&C servers. Dutch authorities disconnected two of the
command-and-control (C&C) servers for one of the top spam-producing
botnets, known as Grum. The action was not a complete knockout though, as there
are still two other C&C servers at work, but researchers are optimistic the
volume of spam will drop as a result. Researchers at FireEye tracked the Grum
botnet for a while and pinpointed the four C&C servers being used to
control it. Two of the servers were in the Netherlands, one is in Russia, and
the other in Panama. In the last few days, authorities in the Netherlands
disconnected the two servers in their country, severing half of the Grum
botnet’s command infrastructure. Source: http://threatpost.com/en_us/blogs/dutch-authorities-knock-out-grum-botnet-cc-servers-071712
47. July 17,
H Security – (International) Android 4.1 Jelly Bean includes proper
address randomisation. With the release of Android 4.1 “Jelly Bean,” Google
provided its open source mobile operating system with fully featured address
space layout randomization (ASLR) support. Its predecessor — Android 4.0 (Ice
Cream Sandwich) — contained some ASLR features, but a few areas, such as
application code and the linker, still had fixed addresses. Apple introduced
ASLR for the iPhone, iPod Touch, and iPad over a year ago in version 4.3 of
iOS. ASLR is considered to be a key technique for making it harder for
attackers to exploit security vulnerabilities. By using random addresses for
program code, the stack, the heap, and libraries, it prevents exploit coders
from being able to jump to known memory locations to execute specific code fragments
— return-oriented programming (ROP) becomes impossible. The result is a fully
functional exploit often must make use of multiple vulnerabilities. A security
specialist from Duo Security analyzed the new Jelly Bean security features and
predicts attackers will target vulnerabilities in 32-bit ASLR, where there is
not enough space for proper randomization. Source: http://www.h-online.com/security/news/item/Android-4-1-Jelly-Bean-includes-proper-address-randomisation-1644060.html
Communications Sector
48.
July 16, San Antonio College Ranger –
(Texas) KSYM resumes ‘occupying the airwaves’ after transmitter problems. KSYM
90.1 FM San Antonio was back on the air July 16 after problems with the
transmitter caused interruptions in the broadcast since July 12. The program
director said July 16 the transmitter was operating on low power, sending
signals within a 5-6 mile radius. Listeners who are farther away from the
campus will hear a lot more noise and interference, he said. He stated
listeners are able to stream the station online. The station first went off air
July 12 but was back on the air July 13. It also went down the afternoon of
July 14, but resumed broadcasting again in the low power mode late the morning
of July 16. The transmitter has a transmission line that goes to the radio
tower. The program director said the problem appeared to be that sealant used
to insulate the line had corroded and was touching a wire. Source: http://www.theranger.org/news/ksym-resumes-occupying-the-airwaves-after-transmitter-problems-1.2747625#.UAVyu5FnWtQ
For
more stories, see items 45 and 47 above
in the Information Technology Sector