| Police Arrest Walmart Pharmacy Technician for Stealing Pills First Coast News (09/19/12) A pharmacy technician at a Jacksonville, Fla., Wal-Mart was arrested Monday after she confessed to stealing painkillers from the store. Rebecca Thomas first came to the attention of law enforcement after her supervisor contacted police and told them he suspected her of stealing pills from the pharmacy. The supervisor said an inventory audit of the pharmacy had been performed after Thomas was seen on security camera footage placing a number of pills into her pocket before entering a restroom. The audit revealed that more than 500 tablets of hydrocodone/acetaminophen painkillers worth roughly $2,000 were missing. Thomas confessed to the thefts when confronted by police, saying that she had stolen the pills a few at a time over the course of several months and that she gave them to her terminally ill mother. Thomas is facing a charge of employee theft of less than $5,000 and is being held in the Duval County (Fla.) Pretrial Detention Facility ahead of her first court appearance. Lufkin Woman Pleads Guilty to Stealing $166k From Employer KTRE Channel 9 (Texas) (09/17/12) Washington, Francesca A Lufkin, Texas, woman is facing up to 99 years in prison after pleading guilty this week to stealing $166,000 from her employer over the course of nearly a year and a half. Jamie Deniece Simmons first came to the attention of Lufkin police in January 2012 after an area bank contacted them about possible fraud on one of their accounts. The bank had been informed about the fraud by Simmons' employer, Mike Windsor, who discovered numerous fraudulent checks made out to Simmons. Simmons later confessed to having used the unauthorized checks to steal money from Windsor's account over the course of the 18 months she worked for him, claiming she had cancer and needed the money for her treatments. Simmons pleaded guilty this week to a second-degree theft charge after prosecutors called her claims of having cancer a lie and pointed out a number of previous theft convictions on Simmons' record. Firebomb Attempt at Gelato Factory Montreal Gazette (Canada) (09/17/12) Derfel, Aaron The Ital Gelati gelato factory in St. Leonard, Quebec, was the victim of a firebombing on Sept. 16 that authorities say is the latest in a string of business arsons related to an ongoing mafia war. The Ital Gelati factory is owned by Dominico Arcuri, who Montreal police say has been recorded multiple times in conversation with members of the Montreal mafia regarding financial matters. Arcuri and his associate Domenico Miceli own or have stakes in three other businesses that have been victims of arson since August. On Aug. 17, the building that houses DAMC Construction, of which Miceli was president, was firebombed. On Aug. 22 one of Arcuri's commercial properties was the scene of a small suspected arson and on Sept. 11 cars in the parking lot of Signa + Inc., another company that lists Miceli in a leadership position, were set ablaze. The Montreal mafia war has been ongoing since December 2009, when Nick Rizzuto Jr., the grandson of Montreal Godfather Nicolo Rizzuto Sr., was gunned down in broad daylight, less than a year before the senior Rizzuto was shot to death in his home. Exploring the Value Story Security Technology Executive (08/12) Vol. 22, No. 6, P. 18 Campbell, George Every security program has lists of activities or incidents they sell as "metrics," but "real metrics inform by creating a storyline that implies the need for action," George Campbell, emeritus faculty of the Security Executive Council and former CSO of Fidelity Investments, tells Security Technology Executive. Campbell shares about working with the CSO of a global manufacturing company who began an initiative to identify metrics across the security organization that would tell a story to management and measurably demonstrate where and how security brings value to the company's bottom line. In the case of this company, which oversees industrial operations that carry fire and hazardous materials risks, the security team developed an internal first responder team. The assumption was that senior management would see a first responder program as wasteful, because the company already supported public fire departments through tax dollars, so the CSO categorized several areas where a preventive service and incident response team would add value. The bottom line comparison was impressive: the cost of the company first-responder team was $4.5 million, compared to $16.45 million otherwise. The security team explained the value of the program to the C-suite using the following list: Productivity increases when workers return to work quickly; faster, better-prepared and equipped response results in less production downtime; and faster, high-quality response enhances employee safety and morale. While not every organization can afford its own internal first responder service, Campbell notes that the security department is likely already delivering services that tell a unique value story. These services could include: Protective officers who are trained to respond to health and safety events and have done so in the past; having a program that proactively examines the range of security-related risks to critical assets; and lower losses from security events due to the fast, quality response to risk events by the security team. Managing Expectations in a Changing World Security Magazine (08/12) Vol. 49, No. 8, P. 42 Blades, Marleah "It's rare that you can honestly say 'problem solved' in security," says Security Magazine's Marleah Blades. "Every little shift of the business... has the potential to introduce new threats and vulnerabilities into the organization's risk environment, sending the security leader back to the C-suite to say, 'It's changed. We need more.'" While it is a good thing that C-suite leaders understand the threats facing a business and expect security leaders to efficiently and cost-effectively address those risks, Blades says security leaders must be extra careful in this environment to communicate the limitations of their abilities, lest high expectations turn into unrealistic mandates. John McClurg, VP and CSO at Dell, when speaking at the recent Next Generation Security Leader conference, said that he has found himself appreciating anew the impossibility of complete protection. He explained that in recent years he has been "humbled" of his fresh understanding of the tenacity and discipline of attackers. "Notwithstanding our best efforts and our communication with leadership as to the nature of threats and vulnerabilities, it's not a question of 'if' but 'when' we're compromised," McClurg said. This means that security leaders must pay close attention to how they explain their needs and outline expectations to senior leaders. It also requires a sober, honest declaration of the power and ingenuity of adversaries, he added. In words and action, security must focus not just on mitigating risk, he continued, but "on how resiliently we've positioned ourselves to move and adjust, and how well we have thought through the way we architect our structures and enclaved our most critical assets, to decrease the likelihood that the inevitable compromise will result in unacceptable loss." Miscues Before Libya Assault Wall Street Journal (09/21/12) Coker, Margaret; Entous, Adam; Solomon, Jay; et al. More information is coming to light about the steps that were taken to protect the U.S. consulate in Benghazi, Libya, in the run-up to the deadly attack there on Sept. 11. The consulate had been targeted in an attack involving an improvised explosive device (IED) on June 6, which prompted U.S. officials to ask their Libyan counterparts to boost security around American facilities in the country. Libyan officials did agree to provide the additional security, which consisted of two additional cars of security personnel armed with heavy machine guns, for one week while a wall that was damaged during the attack on the consulate was repaired. Once the repairs were made, the additional security was withdrawn and the consulate was protected by four armed Libyan security guards charged with protecting the perimeter of the facility and four unarmed Libyan guards who were responsible for screening visitors inside. Those eight security guards were part of the normal security detail at the consulate, which the State Department felt was sufficient for protecting against a limited hit-and-run attack or an assault involving rocket-propelled grenades or IEDs. Such attacks were believed to be the most likely threat against the consulate ahead of the assault on Sept. 11, which resulted in the death of Ambassador Christopher Stevens and several other Americans. After that attack began, U.S. officials did not seriously consider sending the military to respond, partly because it was seen as not being likely that personnel would have arrived in time to make a difference. Libya Envoy's Killing Was a Terrorist Attack, the White House Says New York Times (09/21/12) Cooper, Helene White House press secretary Jay Carney on Thursday characterized the attack on the U.S. consulate in Benghazi, Libya, as a terrorist attack, marking the first time that a White House official has done so. Carney's comment followed criticisms from Republican lawmakers who feel the administration has not been using appropriately forceful language to describe the attack. New America Foundation counterterrorism expert Brian Fishman says there are several reasons for the administration's hesitance to immediately label the attack as terrorism. Fishman says that the term "terrorism" itself is very charged and politically loaded, but lacks a universally agreed upon definition, with different government agencies using different definitions. Fishman says that for many people the term suggests organization and planning, and that the administration was in part hesitant to use the word terrorism because it still remains unclear the extent to which those who attacked the consulate were organized and had planned ahead. "According to the best information we have now, we believe it was an opportunistic attack on our mission in Benghazi," Carney said on Thursday, adding that the administration does not have, "any specific intelligence that there was significant advance planning or coordination for this attack." U.S. Names al Qaeda in Libya Attack Wall Street Journal (09/20/12) Gorman, Siobhan; Cameron, Doug Speaking in front of a hearing of the Senate Homeland Security and Governmental Affairs Committee on Wednesday, National Counterterrorism Center Director Matthew Olsen said that the U.S. is investigating the possibility that the militants who carried out last week's deadly attack on the U.S. consulate in Benghazi, Libya, were in contact and possibly affiliated with al-Qaida. Specifically, Olsen said that there was evidence that the Ansar al-Sharia Brigade, a local militant group that Libyan officials have accused of being behind the attack in Benghazi, had contacted members of al-Qaida in the Islamic Maghreb (AQIM), the North African al-Qaida franchise, on the same day as the attack. "The picture that is emerging is one where a number of different individuals were involved," said Olsen, who characterized the attack as an act of terrorism, rather than a spontaneous act of violence. Olsen also pushed back against criticisms from some lawmakers, including Sen. Susan Collins (R-Maine), who suggested that the attack should have been anticipated and that the Benghazi consulate should have been more secure. Olsen said that while intelligence reports had shown growing unrest in the area over the past few months, there had been no specific intelligence warning of a coordinated, armed assault on the consulate as some have suggested. Olsen also noted that much about the attack still remains unknown, and that the FBI is continuing its official investigation of the incident. China Cleans Up After Angry Anti-Japan Protests, Though Tension Remains Associated Press (09/19/12) Chinese police and workers were busy cleaning up and some Japanese businesses and factories reopened for business in China on Wednesday after days of raucous and occasionally violent anti-Japanese protests in China. The protests marked the 81st anniversary of the invasion and occupation of mainland China by the Empire of Japan and were fueled by an ongoing dispute between the two countries over national ownership of a strategic string of islands. Protestors hurled paint bombs at the Japanese Embassy on Tuesday, with some protestors even turning their anger towards the U.S. Some 50 protestors in Beijing surrounded the car of U.S. Ambassador Gary Locke as it tried to enter the U.S. Embassy compound in the Chinese capital, only a week after the death of Ambassador Christopher Stevens in Benghazi, Libya. The U.S. has not taken sides in the fight over the Diaoyu islands, as they are known in China, and Chinese police were quick to divert the protestors away from Locke's vehicle. Even as protests settled down on Wednesday, the rhetoric from both nations remained heated, with officials in China and Japan maintaining their sovereign rights to the islands. Teen Arrested in Chicago Car-Bomb Plot, Authorities Say Wall Street Journal (09/16/12) Carey, Suasn FBI agents arrested an 18-year-old from a Chicago suburb on Friday after he allegedly attempted to detonate a car bomb in front of a packed bar in downtown Chicago. Adel Daoud had been under surveillance by the FBI since fall 2011 when he began sending and receiving jihadist material from an e-mail account. In May of this year a pair of undercover FBI agents made contact with him to discuss his plans for terror attacks, and in July a third undercover agent began to meet with Daoud in person. The teenager allegedly detailed his plans for an attack, for which he was considering targeting shopping malls, concert venues, tourist attractions, movie theaters, and bars. On Sept. 13 the undercover agent showed Daoud what he claimed to be a remotely operated car bomb in a Jeep Cherokee, and on Sept. 15, the two allegedly drove the Jeep into Chicago and parked in front of the bar. Daoud was immediately arrested after allegedly attempting to detonate the bomb, which was inert, when he was roughly a block away from the Jeep. Daoud was charged in federal court Saturday with attempting to use a weapon of mass destruction and attempting to destroy a building with an explosive, and is being held in Chicago's Metropolitan Correctional Center ahead of a Monday afternoon court hearing where he may choose to seek bond. Bank Group Warns of Heightened Risk of Cyber Attacks Reuters (09/19/12) Finkle, Jim; Henry, David; Menn, Joseph; et al. The Financial Services Information Sharing and Analysis Center has raised its cyber threat level in an advisory to members following unexplained blackouts of JPMorgan Chase and Bank of America's public Web sites. The outages started after the posting of an online threat by an unknown party to launch cyberattacks as an initial step in a campaign against U.S. companies. Arbor Networks' Dan Holden reports that several unidentified U.S. banks were under siege by a distributed denial of service campaign. "Often these DDoS attacks are part of a more sophisticated blended threat—one that utilizes DDoS as a diversion for more complex, difficult to detect techniques with the intention to extract customer data or financial information," he says. FS-ISAC, which counts Visa and MasterCard as members, issued its advisory two days after the FBI's publication of an alert warning financial services firms that hackers may be disrupting service to their Web sites in an attempt to keep a recent surge in fraudulent large-sized wire transfers beneath banks' notice. FS-ISAC's advisory called on banks and other industry members to "ensure constant diligence in monitoring and quick response to any malicious events." Breach Exposes POS Vulnerabilities BankInfoSecurity.com (09/19/12) Kitten, Tracy The disclosure by Romanian hackers of their methodology for remotely compromising the point of sale systems of 100 Subway sandwich shops and other U.S. retailers brings attention to common system vulnerabilities that are worrisome for small merchants and their banking institutions. The hackers confessed to breaching POS systems where payment card data was electronically housed by scanning the Internet to identify vulnerable systems marked by certain remote desktop software apps. Petroleum Convenience Alliance For Technology Standards (PCATS) executive director Gray Taylor says merchants using popular POS systems are targeted because "once you've got the keys ... to that popular point of sale device, then all [hackers] have to do is get in and install a keylogger." Taylor says these attacks prove that compliance and certification with the PCI Payment Application Data Security Standard cannot immunize merchants against attacks when networks are left open or common or default account names and passwords are used. PCATS and other groups have outlined a plan for simplifying POS security, touching on common vulnerabilities facing Level 4 retailers. Among the plan's recommendations is for merchants to deploy basic security features such as firewalls and two-factor authentication for remote access to POS devices and systems, and change factory default passwords and set up unique user accounts for network access. Stuxnet Tricks Copied by Computer Criminals Technology Review (09/19/12) Simonite, Tom Security researchers warn that the techniques used in sophisticated, state-supported malware are being used by less-skilled programmers to target Web users. State-backed malware often targets previously unknown software vulnerabilities, known as zero-days, and their methods can be quickly copied by other programmers, notes Kaspersky Lab researcher Roel Schouwenberg. For example, Stuxnet recently installed fake device drivers using digital security certificates stolen from two Taiwanese computer component companies, allowing them to get past any security software. Now, other malware are using fake certificates in a similar way to hide malicious software from antivirus programs. "Stuxnet was the first really serious malware with a stolen certificate, and it's become more and more common ever since," Schouwenberg says. Kaspersky researchers now are studying Flame's modular design, which makes it harder for security companies to track a specific piece of malware. Security researchers say Flame may be the most advanced malware yet developed. "I think we will definitely see more of that [modular] approach," Schouwenberg says. "It provides an up-sell opportunity for these guys if they can sell something, and then offer upgrade kits to improve it later." 2,500 Involved in Kentucky Data Breach Healthcare IT News (09/19/12) McCann, Erin Kentucky's Cabinet for Health and Family Services has said that a data breach that took place at its Department for Community Based Services may have resulted in the release of the personally identifiable information of approximately 2,500 clients. According to Cabinet officials, the data breach took place in July and was caused by an employee who responded to a phishing e-mail sent by a hacker. The Department was able to detect unauthorized activity on the account within half an hour and the account was disabled. The breach may have given the attackers access to the names, addresses, and ID codes of individuals who were in the process of or had recently aged out of the foster care system. The attackers would not have had access to Social Security numbers or health information on diagnoses. However, Gwenda Bond, the assistant communications director for the Cabinet for Health and Family Services, said that she was pretty confident that none of the data was accessed. That said, the hacker did have access to the account for a brief period, requiring the Cabinet to notify those clients who may have been effected. Half of Companies Surveyed Report Web Application Security Problems Network World (09/18/12) Messmer, Ellen A survey of 240 companies conducted by Forrester found that about half experienced at least one Web application security incident since last year, some with "severe negative financial consequences." According to Forrester, 18 percent reported that the breaches cost their organizations at least $500,000, and respondents acknowledged that the breaches had a negative impact on the reputation of their companies as well. Respondents cited some of the various difficulties that contributed to their Web application security issues, including an inability to keep pace with the volume of code they produce, struggling to build a compelling business case for more funding, and lacking adequate tools to handle a breach. The Forrester survey also asked the respondents for details on specific security issues that had increased their risk of enduring a data breach. The answers included default password accounts, SQL injection-related vulnerabilities, and security misconfigurations. Forrester says security professionals should not expect developers to be security experts, and that any approach to Web application security improvement should be risk-based. Abstracts Copyright © 2012 Information, Inc. Bethesda, MD |
No comments:
Post a Comment