Thursday, July 19, 2012
Daily Report
Top Stories
• Government safety regulators were
investigating complaints that throttles can stick on older-model Ford Escape
and Mazda Tribute sport utility vehicles and cause them to crash. They said the
probe affects 730,000 vehicles, and that they received 99 complaints from
owners alleging 13 crashes, 9 injuries, and 1 death. – Associated Press
5. July 18,
Associated Press – (National) Feds probe Ford Escapes for sticky throttles. Government
safety regulators were investigating complaints that throttles can stick on
older-model Ford Escape and Mazda Tribute sport utility vehicles (SUV) and
cause them to crash, the Associated Press reported July 18. The probe by the
National Highway Traffic Safety Administration affects 730,000 SUVs from the
2001 to 2004 model years that are powered by V-6 engines. The safety agency
said it has received 99 complaints from owners of the SUVs alleging 13 crashes,
9 injuries, and 1 death caused by the problem. The throttles on the SUVs can
fail to return to idle when the driver takes his foot off the gas pedal,
according to agency documents. Sixty-eight of the complaints were about the
Escape, and 31 involved the Tribute, a nearly identical vehicle made by Ford
for Mazda. Investigators are looking into whether the sticky throttles could
have been caused by repairs made as part of a 2004 recall of the same vehicles.
About 590,000 of the vehicles were recalled in December of 2004 to fix an
accelerator cable defect, and the documents said the repairs could have damaged
the cruise control cable. Source: http://www.manufacturing.net/news/2012/07/feds-probe-ford-escapes-for-sticky-throttles
• Cybercriminals are taking advantage of cheap
tools to send mass emails, SMS, and phone calls to prevent banks from alerting
customers about fraudulent high-value transactions, researchers found. – Softpedia See item 6 below in the Banking and Finance Sector
• A murder suspect from Colorado Springs,
Colorado, attempted to hot-wire a SkyWest Airlines regional jet at the airport
in St. George, Utah, then crashed it into a fence before killing himself,
federal law enforcement authorities said. – NBC News
18.
July 16, Associated Press –
(Pennsylvania) Charleroi locks closed on Monongahela River through Aug. 3
for repairs of valves. The locks on the Monongahela River near Charleroi,
Pennsylvania, will close through August 3, meaning cargo barges and pleasure
boaters will not be able to pass through the river at that point, about 20
miles south of Pittsburgh. The U.S. Army Corps of Engineers said the chamber of
Lock No. 4 would be drained starting July 23 so crews could fix the miter gate
sills, the filling valves, and related machinery. Source: http://www.therepublic.com/view/story/aa62b2b0c52b4edeaa7cff6f50731988/PA--Monongahela-Lock-Closing
• The Indiana Department of Homeland Security
extended a water shortage warning to all 92 counties in the State July 17.
Officials asked for voluntary water conservation and for high-volume users to
reduce usage by 10-15 percent. – Associated Press; WISH 8 Indianapolis
25. July 17,
Associated Press; WISH 8 Indianapolis – (Indiana) Entire state under
water shortage warning. The Indiana Department of Homeland Security
extended a water shortage warning to all 92 counties July 17 after placing less
than half the state in that category a week ago. State officials asked for
voluntary water conservation, specifically asking high-volume users to reduce
the volume they use by 10-15 percent. If conditions worsen, the governor could
declare an emergency and put mandatory rules into place. In central Indiana,
Citizens Water draws from three reservoirs, all of which are down from their
usual levels at this time of year. Morse Reservoir is down nearly 6 feet, Geist
Reservoir and Eagle Creek are both nearly 2 feet below normal. Citizens said it
will increase filtration at its Fall Creek treatment plant, which will enable
it to reduce the amount being drawn from Morse Reservoir for its White River
treatment plant. Source: http://www.wishtv.com/dpp/news/indiana/entire-state-under-water-shortage-warning
• Some 30 people, 28 firefighters and 2
civilians, suffered minor injuries in a 6-alarm fire that gutted an apartment
building in New York City, making about 60 of 180 units unlivable. – WCBS 2
New York
39.
July 18, WCBS 2 New York – (New York) Dozens
injured in six-alarm Bronx blaze near Yankee Stadium. Thirty individuals,
28 firefighters, and 2 civilians, suffered minor injuries while involved with a
6-alarm fire in New York City. The fire began July 18 at a building near Yankee
Stadium in the Bronx. The entire building was evacuated as crews worked to
contain the fire, which broke out in the back of the building on the sixth
floor. More than 200 firefighters responded. The historic building was part of
the Grand Concourse Preservation Society. The fire chief said about a third of
the 180 units are not livable. The Red Cross has been helping displaced
residents with food and shelter at All Hallows High School. Source: http://newyork.cbslocal.com/2012/07/18/dozens-injured-in-six-alarm-bronx-blaze-near-yankee-stadium/
Details
Banking and Finance Sector
6. July 18,
Softpedia – (International) SMS, email, and phone call floods used by
fraudsters to hide illegal money transfers. Cybercriminals have come up
with a new way of ensuring banks can not alert customers when fraudulent
high-value transactions are taking place using mass emails, mass SMSs, and
phone call floods, Softpedia reported July 18. When a bank requests
confirmation of an unusual transfer via SMS, phone call, or email, cybercriminals
will block those lines of communication by flooding them with spam messages.
For instance, if the bank usually sends the confirmation notice via email, the
crooks would flood the victim’s email address with thousands of emails, making
it almost impossible to find the one important message. Krebs On Security
stumbled upon a number of tools – advertised on underground forums – that could
easily perform these tasks. Prices for such tools were found to be low. For
instance, for flooding a single email account with 25,000 emails, the customer
pays $25. For one day of flooding one phone number – service available for any
country and any operator – the price was $20. Mass SMS sending was even
cheaper. For the price of $5 fraudsters can send 100 text messages. Source: http://news.softpedia.com/news/SMS-Email-and-Phone-Call-Floods-Used-by-Fraudsters-to-Hide-Illegal-Money-Transfers-281882.shtml
7. July 17,
Fresno Bee – (California) Fresno's 'Smelly Bandit' pleads no contest in
bank robberies. A man dubbed by police as the "Smelly Bandit"
pleaded no contest July 17 in Fresno County Superior Court to robbing five
banks and a Subway sandwich shop in Fresno and Clovis, California. Police said
more than $15,000 was taken in the five bank robberies between January 6 and
April 23. The man also admitted to robbing a Subway sandwich shop in 2011. The
man would hand a note to the bank teller and demand money during the robberies.
He was alleged to have used a knife to rob the sandwich shop. Source: http://www.fresnobee.com/2012/07/17/2912197/fresnos-smelly-bandit-pleads-no.html
8. July 17,
Federal Bureau of Investigation – (Illinois) Alton man commits
bank fraud and pleads guilty in check kiting scheme. An Alton, Illinois man
pleaded guilty in federal court in Illinois, July 16 to one-count of bank fraud
by engaging in a check kiting scheme that cost two lenders $212,423. The man
admitted that while he was serving as president of two companies, Topflight
Logistics Inc. and TFV Trucking LLC, he engaged in a check kiting scheme
through which he cross-deposited 208 checks between accounts for each firm. He
admitted that he was responsible for managing the financial records of
Topflight Logistics and TFV Trucking when he cross-deposited the 208 checks totaling
$2,186,214.75. The scheme resulted in a total loss of $212,423.14 to the two
financial institutions involved. Source: http://www.loansafe.org/alton-man-commits-bank-fraud-pleads-guilty-in-check-kiting-scheme
9. July 17,
Long Island Newsday – (New York) LI man charged in alleged $7.5 million mortgage
scam. An Old Westbury, New York man was charged with running a $7.5 million
mortgage scam, prosecutors said July 17. He was arrested July 16 along with a
co-conspirator. They each were charged with conspiracy to commit wire, bank,
and mail fraud, and two counts of conspiracy to make false statements.
Prosecutors said that from 2007 until October 2010, the man ran a real estate
brokerage in Queens known as Buy-a-Home LLC or First Home Brokerage, where he hired
the co-conspirator as a sales manager. The pair recruited buyers to purchase
homes at prices that were inflated by $100,000 above the original sales price.
The duo improperly funneled money to the buyers to make it appear they could
qualify for loans insured by the Federal Housing Administration (FHA). The
co-conspirators allegedly defrauded the federal Department of Housing and Urban
Development into issuing $7.5 million in loans that were then purchased by
banks. In addition, many homes went into foreclosure, forcing FHA to make
nearly $1 million in insurance payments. Source: http://www.newsday.com/business/inside-long-island-business-1.811933/li-man-charged-in-alleged-7-5-million-mortgage-scam-1.3844241
10. July 17,
Chicago Sun-Times Media Wire – (Illinois) ‘Skimmers’
targeted credit-card users from Wrigley Field to Mag Mile. A Chicago man
pleaded guilty July 17 to organizing an ATM skimming ring that stole more than
$200,000 from diners using bank or credit cards at restaurants and attractions
across the city, including Wrigley Field baseball stadium. The man pleaded
guilty to felony conspiracy to commit a financial crime, according to the
Illinois attorney general’s office. He paid employees of the restaurants and
eateries to skim customer credit card information using a small card reader,
prosecutors said. Employees would swipe customers’ cards, giving him access to
account information, with which he created counterfeit credit cards and made
phony purchases. Compromised in the scheme were accounts from Chase, U.S. Bank,
Citibank, Harris Bank, American Express, Bank of America, and Fifth Third Bank,
all of which assisted in the investigation and notified potential victims. Source:
http://www.suntimes.com/news/metro/13837177-418/skimmers-targeted-credit-card-users-from-wrigley-field-to-mag-mile.html
11. July 17,
Airzona Republic – (Arizona) 'Baseball Babe Bandit' sought in bank heists. FBI
officials were searching for a woman they suspect was involved in multiple bank
robberies in Mesa, Arizona, the Arizona Republic reported July 17. Officials
dubbed her the "Baseball Babe Bandit." She usually wears a baseball
style hat with latex gloves. During the incidents, the woman hands the teller a
demand note and threatens bank employees. After receiving money, she has been
seen leaving on a bicycle, officials said. The woman is believed to have robbed
a Compass Bank March 27, another Compass Bank April 27, and a Bank of America
June 28. Source: http://tucsoncitizen.com/arizona-news/2012/07/17/baseball-babe-bandit-sought-in-bank-heists/
Information Technology Sector
32. July 18,
H Security – (International) Critical holes closed in Firefox, Thunderbird
and SeaMonkey. Following the latest round of updates to its suite of
Internet applications, Mozilla detailed all of the security fixes in the new
versions of its Firefox Web browser, Thunderbird news and email client, and the
SeaMonkey "all-in-one internet application suite." As they are all
based on the same Gecko platform, version 14.0 of Firefox and Thunderbird, and
version 2.11 of SeaMonkey close a number of the same security holes, some of
which are rated as "Critical" by the project; updates were also published
for the "enterprise" versions of Firefox and Thunderbird to address
these issues. According to Mozilla, some of these vulnerabilities could be
exploited remotely by an attacker to, for example, execute arbitrary code on a
victim's system. Source: http://www.h-online.com/security/news/item/Critical-holes-closed-in-Firefox-Thunderbird-and-SeaMonkey-1644530.html
33. July 18,
Help Net Security – (International) Android malware is booming. Trend Micro's
January prediction that 11,000 pieces of Android malware will be detected by
June of 2012 proved completely inaccurate, as the number of malicious
applications in the wild for Google's mobile operating system exploded and now
is at more than 25,000. Forty-eight percent of these malicious apps are premium
service abusers, followed by 22 percent that are adware, and 21 percent that
are data stealers. Malicious downloaders are offered in 19 percent of cases,
while rooters, click fraudsters, and spying tools are at the bottom of the
ladder. The apps are pushed onto users through third-party online stores and
even the official Google Play app store. Usually, they masquerade as legitimate
and popular software such as Angry Birds, Skype, and Instagram. This unexpected
boom in Android malware made the researchers revise their expectations — they
believe there may be a total of 129,000 different malicious apps by the end of
2012. Source: http://www.net-security.org/malware_news.php?id=2192&utm
34. July 18,
CSO – (International) Android malware steals location data from
mobile devices. BitDefender Labs discovered Android malware that regularly
broadcasts the location of the infected mobile device to a remote server. What
the malware creators intend to do with the privacy-invading information is
unclear. The application operates in the background and appears on the
smartphone or tablet as an icon with the word "store" written on it.
The store icon is apparently meant to fool the device user into thinking that
it is only an e-commerce app, according to Bitdefender. In actuality, the
malware broadcasts latitude and longitude of the device, as well as the name of
the wireless carrier. It also attempts to enable the device's Wi-Fi connection
and scan for access points. All of the data is transmitted to the remote server
via the device's Internet connection. The spyware has no user interface and
transmits location information every few seconds. Because the malware runs so
effectively in the background, Bitdefender believes it will eventually be
bundled with other apps. Source: http://www.computerworld.com/s/article/9229328/Android_malware_steals_location_data_from_mobile_devices
35. July 18,
H Security – (International) Oracle's July patch day brings 87 security
updates. In its planned July Critical Patch Update (CPU), Oracle released
87 security updates to fix various vulnerabilities across many product
families. The updates affect products including Oracle Fusion Middleware 11g,
Oracle Database 10g and 11g, and MySQL. One of the holes was given the highest
possible CVSS score of 10.0; it was closed in the JRockit Java Virtual Machine,
which is part of Oracle Fusion. Holes were also closed in other Fusion
components including Enterprise Manager for Fusion Middleware, Oracle HTTP
Server, MapViewer, Outside In Technology, and Portal. The vulnerabilities that
affect the Database Server were fixed in the Enterprise Manager for Oracle
Database, in Core RDBMS, and in the network layer. Here, the highest CVSS score
is 6.8; none of the holes in MySQL exceed this rating either. The company
released security updates for Oracle Siebel CRM, Enterprise Manager Grid
Control 10g and 11g, Hyperion BI+, Solaris, Solaris Cluster, the SPARC
T-Series, the Glassfish Enterprise Server, and the Oracle iPlanet Web Server.
Many of the closed holes can be exploited by remote attackers without
authentication. Java is not affected by this CPU, as Oracle is planning to
provide the next Java update with its October CPU. Source: http://www.h-online.com/security/news/item/Oracle-s-July-patch-day-brings-87-security-updates-1644934.html
36. July 17,
Krebs on Security – (International) Spammers target Dropbox users. July 17,
users had difficulty logging into Dropbox, the online file storage service. The
outages came amid reports that many European Dropbox users were being blasted
with spam for online casinos, suggesting some kind of leak of Dropbox user
email addresses. The trouble began earlier July 17, when users on Dropbox
support forums began complaining of suddenly receiving spam at email addresses
they created specifically for use with Dropbox. Various users in Germany, the
Netherlands, and United Kingdom reported receiving junk email touting online
gambling sites. At around 3 p.m. ET, the company's service went down in a rare
outage, blocking users from logging into and accessing their files and
displaying an error message on dropbox.com. Source: http://krebsonsecurity.com/2012/07/spammers-target-dropbox-users/
37. July 17,
Threatpost – (International) Malware tied to Blackhole exploit kit appears
as Facebook tag alert. SophosLabs discovered malware infecting machines by
getting users to open a malicious link in a fake Facebook email notification.
Everything looks legitimate about the alert with one exception: the domain name
for the sender's URL is Faceboook(dot)com, not Facebook.com. "If you click
on the link in the email, you are not taken immediately to the real Facebook
website," said a Sophos researcher. "Instead, your browser is taken
to a website hosting some malicious iFrame script (which takes advantage of the
Blackhole exploit kit, and puts your computer at risk of infection by
malware)." Those who click the "See Photo" button in the email
are taken to the malicious site and before they can react, their browser
redirects them to a random, unknowing person's Facebook page and not the page
of the person who supposedly sent the email. Sophos said the malicious code is
Troj/JSRedir-HW. Source: http://threatpost.com/en_us/blogs/malware-tied-blackhole-exploit-kit-appears-facebook-tag-alert-071712
38. July 17,
Dark Reading – (International) 'Waldo' finds ways to abuse HTML5 WebSockets.
HTML 5's WebSocket feature is susceptible to a wide range of abuses by
attackers, as researchers will demonstrate the week of July 23 at the Black Hat
USA conference. In particular, two researchers will release a hacking tool
called Waldo for researchers to test for WebSocket vulnerabilities and
potential attack vectors. WebSocket is a faster, more efficient way for browsers
and Web servers to communicate (bi-directionally); it supports real-time
applications such as customer-support chat features and online gaming, for
example. Most major browsers support it. The problem is that current firewalls,
next-generation firewalls, unified threat management (UTM), and IDS/IPS
products are not WebSocket-aware, the researchers say. In other words, they
cannot detect WebSocket traffic. Source: http://www.darkreading.com/advanced-threats/167901091/security/application-security/240003877/
For more stories, see item 6 above in the Banking and Finance Sector
Communications Sector
See
items 6 above in the Banking and Finance Sector and 33, 34,
and 37 above in the Information Technology Sector