Search This Blog

Friday, June 29, 2012

Security Management Weekly - June 29, 2012

header

  Learn more! ->   sm professional  

June 29, 2012
 
 
Corporate Security
Sponsored By:
  1. "Madoff Brother to Plead Guilty in NY in Fraud"
  2. "Security Guard Sentenced for Stealing PerkinElmer Equipment, Software" Connecticut
  3. "NYPD: Man Swipes Dali Painting From Art Gallery"
  4. "Researchers Advance Biometric Security"
  5. "Proving the Value of Security to the C-Suite"

Homeland Security
  1. "London 2012 Olympics: Muslim Converts Held Over 'Games Plot'"
  2. "One Soldier Killed, Two Injured in Shooting on Fort Bragg" North Carolina
  3. "UK Domestic Spy Chief Warns of Possible Return of Iran-State Sponsored Terror"
  4. "New Rules Ordered in Crackdown on Leaks"
  5. "India Makes Key Arrest in Mumbai Terror Plot"

Cyber Security
  1. "Web Attackers Start Borrowing Domain Generation Tricks From Botnet-Type Malware"
  2. "Stuxnet Shut Down by Its Own Kill Switch"
  3. "Operation High Roller Targets Corporate Bank Accounts"
  4. "Computer Scientists Break Security Token Key in Record Time"
  5. "Malware Targeting AutoCAD Files Could Be Sign of Industrial Espionage"

   

 
 
 

 


Madoff Brother to Plead Guilty in NY in Fraud
Associated Press (06/28/12) Neumeister, Larry

Larry Madoff, the brother of convicted financier Bernard Madoff, is set to plead guilty to two charges on Friday stemming from his alleged role in Bernard Madoff's Ponzi scheme. Court records show that Larry Madoff will plead guilty to charges of conspiracy and falsifying records. In doing so, Larry Madoff will admit to conspiring to commit securities fraud, falsifying the records of an investment adviser and a broker dealer, and falsifying filings made with the Securities and Exchange Commission. In addition, Larry Madoff will admit to having committed mail fraud and having obstructed the Internal Revenue Service. Peter Madoff reportedly received at least $60 million from the Ponzi scheme, which ran from at least the early 1990s until 2008 and was the biggest Ponzi scheme ever prosecuted in U.S. history. Peter Madoff is believed to have covered up large withdrawals by using fake stock trades. In pleading guilty to the charges against him, Peter Madoff will accept a prison sentence of 10 years and will forfeit $143 billion, an amount that includes all of his real estate and personal property. His decision to plead guilty raises the question of whether other Madoff family members are being targeted by the government for their role in the Ponzi scheme. Bernard Madoff's family reportedly did not know about the fraud.


Security Guard Sentenced for Stealing PerkinElmer Equipment, Software
Hartford Courant (CT) (06/26/12) Mahony, Edmund H.

A security guard who worked for a technology company in Fairfield County, Conn., was sentenced to two and a half years in prison this week for stealing software and computer equipment from his employer. Gabriel Quinones worked as the on-site coordinator for Securitas at PerkinElmer Inc. in Shelton, Conn., in 2008 and 2009. It was during that period that he stole the software, including 11 copies of proprietary software used to operate thermal imaging equipment. The software was worth $7,200 per copy. Quinones also stole equipment, mostly computers and computer accessories, and sold them online using eBay. Prosecutors say Quinones stole 126 items in total, worth a total of $370,000, which U.S. District Judge Janet B. Arterton has ordered Quinones to repay PerkinElmer once he is released from prison.


NYPD: Man Swipes Dali Painting From Art Gallery
Associated Press (06/22/12)

A $150,000 watercolor and ink painting by Salvador Dali was stolen off the wall of a New York city art gallery last week. The Spanish surrealist's "Cartel des Don Juan Tenorio" was part of the opening exhibit of the Venus Over Manhattan art gallery. The thief, described as a slim man with a receding hairline and wearing a black-and-white checked shirt, was caught on surveillance cameras, but was apparently able to remove the painting from the gallery in a large black shopping bag after a security guard stepped away from the exhibit. According to security consultant Robert Wittman, "at some point, when that person was given access to the painting, the guard was not looking. That would be against any kind of protocol." Art galleries tend to be easier targets for art thieves, because, compared to museums, they have much less elaborate and rigorous security. Police, however, are optimistic that the painting, and perhaps the thief, will be recovered once it inevitably finds its way back to the art market.


Researchers Advance Biometric Security
University of Calgary (06/19/12)

A biometric security system developed by researchers at the University of Calgary can simulate the way the brain makes decisions about information from different sources. Professor Marina Gavrilova, head of the university's Biometric Technologies Laboratory, describes the system as a kind of artificial intelligence application that can train itself to learn the most important aspects of new data and incorporate it into the decision-making process. The system is designed to combine measurements from multiple biometric sources, such as fingerprint, voice, gait, or facial features. The system also prioritizes the information by identifying more important or prevalent features to learn, and adapts the decision-making to changing conditions, such as bad quality data samples, sensor errors, or an absence of one of the biometrics. "The neural network allows a system to combine features from different biometrics in one, learn them to make the optimal decision about the most important features, and adapt to a different environment where the set of features changes," Gavrilova says. "This is a different, more flexible approach." The goal of the project is to improve accuracy, which would boost the recognition process, Gavrilova notes.


Proving the Value of Security to the C-Suite
SecurityInfoWatch.com (06/18/12) Lasky, Steven

Among the topics of discussion by CSOs and CISOs at this month's Global Security Operations 2015 conference at Yahoo's Sunnyvale, Calif., headquarters was how to make top management stay interested and invested in security. According to security industry consultants Ray Bernard and James Connor, security risk is owned by management and thus the job of security should be to give management the tools it needs to understand and respond to that risk. Security directors like Yahoo's Greg Jodry and West-Ward Pharmaceuticals' Derrick Wright spoke about getting management to care about security by tailoring security plans to the specific needs of their organization and its industry and making executive communication a cornerstone of security policy. Being educated about your industry and the mission and departmental structure of your organization is key, according to Wright, who adds, "If you add value and you demonstrate strong leadership, there is little selling needed."




London 2012 Olympics: Muslim Converts Held Over 'Games Plot'
Telegraph.co.uk (06/29/12) Gardham, Duncan

Two men were arrested in London on June 28 for allegedly plotting to attack the upcoming 2012 Summer Olympics. The men, who police have said are Muslim converts, came to the attention of authorities after they were seen in a small boat behaving suspiciously near the Olympics canoeing venue in London on Monday night. As many as 30 police officers were called in to investigate the suspicious behavior, though the two men were not arrested until officers from the Metropolitan Police Counter-Terrorism Command launched a raid on a home in east London on Thursday morning. The two individuals were taken into custody on suspicion of committing, preparing to commit, or instigating acts of terrorism. Meanwhile, two additional locations in east London were searched by police on Thursday night as part of the investigation. The arrests come about a month before the July 27 start of the London Olympics. The terror level in the U.K. currently stands at "substantial," which means that there is a strong possibility of a terrorist attack. There are currently no specific or credible threats against the Olympic games, though officials have detected increased communications among extremist organizations.


One Soldier Killed, Two Injured in Shooting on Fort Bragg
Fayetteville Observer (NC) (06/29/12) Brooks, Drew

A soldier at Fort Bragg, N.C., opened fire on and killed one soldier and wounded another on Thursday, before turning the gun on himself. The soldiers belonged to the 525th Battlefield Surveillance Brigade and the shooting apparently took place during a routine safety briefing ahead of a three-day weekend for base soldiers. The shooter is wounded but alive and in custody. Army officials have not yet released his identity or those of the other two soldiers, and it is not known what motivated the shooting. A senior U.S. defense official is said to have told NBC News that the soldier killed in the shooting was a battalion commander, but this has yet to be confirmed. The shooting is the first deadly shooting at the North Carolina military base since October 1995, when Sgt. William J. Kreutzer Jr. opened fire on his brigade during morning calisthenics, killing Maj. Stephen Mark Badger and wounding 18 other soldiers.


UK Domestic Spy Chief Warns of Possible Return of Iran-State Sponsored Terror
MSNBC (06/27/12) Bruton, F. Brinley; Simmons, Kier

Jonathan Evans, the director general of the British internal counter-intelligence and security service MI5, is warning that Iran could once again begin taking part in state-sponsored acts of terrorism. Evans said that the possibility of Iran resuming its campaign of state-sponsored terrorism comes amid concerns that Israel could launch a unilateral military strike against Iran's nuclear program should talks between Tehran and several Western nations fail. An Israeli attack on Iran could cause Tehran or one of its proxies, such as Hezbollah, to retaliate, Evans said. Evans added that MI5 is responding to this potential threat by significantly increasing the size of its counterterrorism team. In addition to warning about a possible threat from Iran, Evans also said that the upcoming London Olympics could be a target for terrorists. However, neither the Olympics or the U.K. in general would be an easy target for terrorists, given the fact that British officials have been able to successfully foil a number of terrorist plots over the past couple of years, Evans said. He added that preparation for both the Olympics and the Paralympic Games have been thorough. Nevertheless, the U.K.'s terrorism threat level is currently substantial, Evans said, meaning that there is a strong possibility of a terrorist attack.


New Rules Ordered in Crackdown on Leaks
Wall Street Journal (06/26/12) Perez, Evan

Director of National Intelligence James Clapper announced new measures on Monday that aim to prevent classified information from being leaked. Among the new measures announced by Clapper is the addition of a question about leaks to the standard lie detector test that is given to employees at the CIA, the FBI, the National Security Agency, and other agencies that deal with classified information. In addition, alleged leakers can now be punished even in cases where the Justice Department refuses to prosecute. In such cases, an investigation and possible sanctions could be handled by the Office of the Inspector General of the Intelligence Community. Finally, all intelligence agencies will be required to review policies governing when certain employees must report interactions with journalists. The results of those reviews will be used by individual agencies to determine if the policies should be made broader or whether they should be enforced more strictly. Clapper's announcement comes amid investigations into several alleged leaks of classified information, including information about the Stuxnet virus and the double agent who was used to foil the recent al-Qaida in the Arabian Peninsula underwear bomb plot. Information about both of those topics was given to various news outlets. Republicans have accused the Obama administration of deliberately leaking the information for political gain, though the White House has denied those charges.


India Makes Key Arrest in Mumbai Terror Plot
CNN.com (06/26/12) Singh, Harmeet Shah

One of the architects of the coordinated 2008 Mumbai terror attacks has been arrested after three years on the run, according to New Delhi police. Abu Jundal, an Indian-born member of the Pakistan-based terror group Lashkar-e-Tayyiba, is believed to have coordinated the November 2008 attacks from Pakistan, with Indian police claiming to have intercepted orders given by Jundal via cellphone to the gunmen who carried out the attacks on the Taj Mahal and Oberoi-Trident Hotels, Victoria Terminus train station, and Chabad House Jewish cultural center. More than 160 people were killed during the attacks, including nine of the 10 gunman. The 10th, Mohammed Ajmal Kasab, was sentenced to death in May 2010 after being found guilty of murder, conspiracy, and waging war against India. New Delhi police have refused to comment on Jundal's arrest since announcing it on June 26, but a Mumbai court has already issued a warrant requesting that he be transferred to their jurisdiction to stand trial.




Web Attackers Start Borrowing Domain Generation Tricks From Botnet-Type Malware
IDG News Service (06/27/12) Constantin, Lucian

The antivirus firm Symantec says it has observed attacks in which hackers use the Black Hole exploit toolkit to infect Web users with malware when visiting compromised Web sites, and that attackers are adopting domain-generation techniques normally used by botnet-type malware in order to extend the shelf life of these attacks. Drive-by download attacks use rogue code inserted into compromised Web sites to stealthily redirect their users to external domains that host exploit toolkits such as Black Hole. Those toolkits then check if the visitors' browsers contain vulnerable plug-ins and if any are found, they load the corresponding exploits to install malware. Web attacks usually do not stay live for very long because security researchers work with domain providers and registrars to shut down attack Web sites and suspend abusive domain names, which has led some malware creators to develop backup methods that let them regain control of infected machines. One of those methods involves the malware contacting new domain names generated daily according to a certain algorithm in case the primary command and control servers become inaccessible. This lets the attackers know which domain names their botnets will try to contact on a certain date, so they can register them ahead of time and use them to issue updates. Symantec researchers report seeing a "small but steady" number of domains using this technique so far, which means attackers could be testing it before expanding its use in the future.


Stuxnet Shut Down by Its Own Kill Switch
Government Computer News (06/26/12) Jackson, William

The Stuxnet computer worm halted its replication on June 24 in response to a built-in kill switch. "The code will still run, but one of the first things it does when it starts running is check the date," says Symantec's Liam Murchu. If that date is after June 24, the malware will cease copying itself to USB sticks, its primary vector for infecting other computers. Murchu and others who have studied Stuxnet are certain that this kill switch was a design feature, meant to limit the potential spread of the worm. The Duqu and Flame malware, thought to be products of the same program that engineered Stuxnet, also exhibited such features. Duqu had only a 30-day life span, which was able to be extended if so desired, and as such has effectively ceased to be a threat. However, the much more advanced Flame appeared to begin removing itself from infected machines in response to "suicide" commands issued by its command server not long after the virus was first discovered.


Operation High Roller Targets Corporate Bank Accounts
Wall Street Journal (06/26/12) King, Rachael

A new report from Guardian Analytics and McAfee says that a series of hacking attacks known as Operation High Roller is targeting corporate bank accounts and has resulted in the theft of at least $78 million from accounts at more than 60 financial institutions. Guardian and McAfee first spotted Operation High Roller earlier this year in Europe. Initially it targeted consumer bank accounts, but quickly shifted to corporate accounts and has since hit targets in Latin America and the United States. Victims are scouted using targeted e-mails containing malicious links or attachments meant to infect a target computer with SpyEye or Zeus malware that would monitor the system and log key strokes, allowing the attackers to obtain online banking account information. Operation High Roller is highly automated, running the illicit transfers through the attacker's server, and has been able to successfully bypass two-factor authentication systems that generate one-time passwords. In the U.S., companies targeted by High Roller have all had commercial bank accounts with minimum balances in the millions of dollars and fraudulent transfers from these accounts have been as large as $130,000 at a time, according to Guardian and McAfee.


Computer Scientists Break Security Token Key in Record Time
New York Times (06/25/12) Sengupta, Somini

A group of computer scientists dubbed Team Prosecco says it has found a way to extract a security key from a widely used RSA electronic token in 13 minutes. The researchers say they can hack into the SecurID 800 RSA Dongle, as well as similar devices produced by other companies. RSA Security is currently using its own computer scientists to determine if the claim is valid. "If there is a potential serious security vulnerability or threat to our customers, RSA will move quickly to address it," says RSA's Kevin Kempskie. Researchers had assumed it would be impractical for hackers to break into RSA security devices because it would take too much time, says Georgia Institute of Technology cryptographer Chris Peikert. Team Prosecco also says it has created another algorithm that enables five types of security hardware devices to be cracked, all in relatively short periods of time. "Cryptography breaks very slowly. It's the molasses of computer science," says security researcher Dan Kaminsky. "There are many technologies we abstractly know are problematic and we prioritize fixing them less than things that are obviously on fire."


Malware Targeting AutoCAD Files Could Be Sign of Industrial Espionage
Network World (06/22/12) Messmer, Ellen

A malware variant discovered earlier this year stealing AutoCAD-based files is being used by attackers to steal design files by architects and engineers as part of an industrial cyberespionage scheme, warns ESET's Pierre-Marc Bureau. ESET notes the malware appears designed to steal sensitive data, such as blueprints, made using AutoCAD software from AutoDesk. Bureau says ESET has seen the design-stealing malware most frequently in Peru, but analysis shows it is operating globally, and is sending stolen AutoCAD files to China. ESET, which captured samples of the computer-aided design malware in February but began studying it again recently after a spike in activity, contacted Chinese service provider Tencent to shut down the malware's point of delivery for stolen data, and shared information it amassed with AutoDesk. Bureau says infections are happening through compromised AutoCAD files, and notes that companies can get infected by exchanging documents with other companies. He says these attacks appear to be targeted at competing design firms, where someone wants to know what a competitor is doing in a bidding situation. The malware does not appear to be spreading, Bureau points out.


Abstracts Copyright © 2012 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

4 comments:

Anonymous said...

I'm gone to say to my little brother, that he should also go to see this web site on regular basis to obtain updated from most up-to-date reports.

Here is my site: link building

Anonymous said...

My develоper is trуing to conνinсe mе to mοve to .
net from PНP. I have alwаyѕ ԁisliked
thе idea because of the exрensеs. Βut he's tryiong none the less. I'ѵе been using WordΡreѕs on numегouѕ websіtеѕ for about
a уeaг anԁ аm neгvouѕ about ѕwitсhing to аnotheг plаtfоrm.

I haνе heard goоd thingѕ abοut blоgenginе.
net. Is there a ωау I can import аll mу wordpress content intο it?
Αnу help wоulԁ be greatly appreсiated!


Visіt my web ѕite; direct lenders for payday loans

Anonymous said...

Magnifіcent beat ! I ωish to apprentice even aѕ yοu amеnd
уouг website, how can i ѕubsсribе for a weblog
websіte? The account aiԁеԁ me а
appropгіаte deal. I had been tinу bіt аcquaіnted οf thiѕ youг broadсast offered
shiny cleаr conceρt

Also vіѕіt my pagе :: vida vacations
Also see my page: vida vacations

Anonymous said...

What a data of un-ambiguity аnd prеserveness of precіous knowlеdge on the
tοpic of unpredіcted emotions.

My blog post esport-wiki.ingame.de