| |
Four Nurses Charged With Drug Theft From St. E's
Vindy.com (05/10/13) Milliken, Peter
Four nurses from Mahoning County, Ohio, have been indicted on charges of stealing drugs from a local hospital. Three of the four nurses worked at St. Elizabeth Health Center in Youngstown at the time of the alleged thefts, while the fourth was a nurse anesthetist working for an outside entity. The charges in the case include multiple counts of drug theft and drug possession. The charges stem from the alleged theft of the painkillers Dilaudid, Fentanyl, Vicodin, and morphine as well as the sedative, Midazolam. The nurses are not believed to have been selling the drugs but were taking them for their own use. Authorities have also said that the suspects were not collaborating with one another in the thefts.
Feds in NYC: Hackers Stole $45M in ATM Card Breach
Associated Press (05/09/13) Long, Colleen
The ongoing use of magnetic stripe cards in the U.S. may be partly to blame for the massive ATM card breach that was recently carried out by a global network of criminals. Seven people have been arrested in the U.S. in connection with the theft, which began when hackers broke into the databases of two Middle Eastern banks, Rakbank in the United Arab Emirates and the Bank of Muscat in Oman, in order to eliminate withdrawal limits on pre-paid debit cards and create access codes that they subsequently encoded onto plastic cards with magnetic stripes. A network of operatives then used the cards to withdraw funds from ATMs around the world in two separate incidents: one in December that netted $5 million, and another in February that brought in $40 million. The stolen funds were held by the banks that backed up pre-paid cards, and did not belong to individuals or businesses. Some say that the theft was enabled by the fact that the U.S. has not adopted cards with built-in chips as many other countries have.
Police Arrest 31 Over Brussels Diamond Heist
Wall Street Journal (05/08/13) Michaels, Daniel
Police in three European countries have arrested 31 people in connection with the theft of more than $50 million worth of diamonds that were being loaded onto an airplane at a Brussels airport in February. The arrests began on Tuesday, when French police arrested one person in connection with the heist, which is believed to have been an inside job and is also thought to have been one of the biggest diamond robberies ever. Swiss police arrested six other people that same day. Two dozen other people, about 10 of whom were already known to police, were arrested in a raid carried out by roughly 250 Belgian police officers on Wednesday. Both cash and diamonds were recovered during the raids, though officials have not given the value of the cash and diamonds that were seized. Meanwhile, officials at the airport where the robbery took place say they have taken steps to improve the security of shipments of valuable items.
Samsung-Apple Patent Fight: Is It Worth It?
Wall Street Journal (05/07/13) Jones, Ashby
Patent fights between technology companies have, for the most part, left plaintiffs with no significant advantages after running up considerable court costs and investing a substantial amount of time. Recent rulings in courts internationally have furthered a notion that "buying up a few patents and trying to get rich off them by suing is a questionable pathway to profitability," according to Mark Lemley, a patent-law expert and law professor at Stanford University. Court battles between tech companies like Samsung and Apple have gained international headlines and spanned the borders of countries. They have amounted to tens of billions of dollars in court costs and increased tension among tech industry competitors that has many questioning if the patent system is snuffing the flame of innovation. Many patent-infringement cases typically get tossed out on review or sidestepped by crafty companies that tweak their technology slightly. In the fast-paced world of technological innovation, tech companies involved in lawsuits have typically designed newer models of their products by the time an infringement case enters its later stages. The only notable payout has been the $1.05 billion doled out from Samsung to Apple for stealing the design and technology behind the iPhone and iPad.
Arson Suspect Threatened to Destroy Employer's Office, Set it on Fire: Davie Police
NBC6.net (South Florida) (05/07/13)
Police in Davie, Fla., arrested Michael Visconti after he allegedly threatened to destroy his employer's office in the town and then set in on fire on May 6. Police said Visconti called his employer, Richard Mallion, and made threats to both Mallion's well-being and his Pro Health Management Inc. office because Mallion allegedly owes Visconti money. Mallion called police, and the officer who arrived on the scene met him in the parking lot of his business before heading upstairs, according to a police report. The officer wrote in his report that he smelled smoke and saw a small fire burning inside the front of the business. Upon going to tell Mallion, the officer saw Visconti move quickly toward the front door of the business. The officer ordered Visconti to open the door, and upon his refusal opened the door himself with a key supplied by Mallion. The officer wrote that he reached inside the door, grabbed Visconti in a head lock, and dragged him from the business. The police report said that Visconti destroyed office equipment worth about $5,000 and "trashed the office." Visconti denied setting the fire. He has been charged with arson and criminal mischief over $1,000 in connection with the incident.
Report Warned Boston Marathon Was Vulnerable to Terrorism
Los Angeles Times (05/10/13) Bennett, Briam; Serrano, Richard A.
A report issued by the Boston Regional Intelligence Center five days before the Boston Marathon bombings warned that that the marathon's finish line could be targeted by terrorists. The report, which is similar to other threat assessments that are distributed to police and first responders in the Boston area before major events take place, noted that the marathon's was an "area of increased increased vulnerability" and that it could be targeted by homegrown violent extremists using improvised explosive devices or small-arms tactics. However, the report noted that the intelligence center did not have any credible information about a specific threat to the marathon. Massachusetts State Police spokesman David Procopio said that the threat assessment was taken into consideration for this year's Boston Marathon, as were warnings in previous years about the marathon's start and finish lines being potential targets. He also noted that the report also discussed the potential threat in a very general way, and did not mention any specific threat. Meanwhile, Boston Police Commissioner Edward Davis testified before Congress on Thursday and said that he would have liked to have known what the FBI and other agencies knew about the bombing suspects before the attack took place. The FBI had investigated one of the suspects in 2011 but determined that he did not pose a threat. Davis said Boston Police would have liked to have talked to the suspect but conceded that his department may not have come to a different conclusion than the FBI.
U.S. is Weighing Wide Overhaul of Wiretap Laws
New York Times (05/08/13) Savage, Charlie
The FBI has revised a proposal that would make it easier for it to perform surveillance on suspected terrorists, spies, and others who use Internet-based technologies to communicate. The revised proposal, which officials say could win the backing of the Obama administration, would require companies that provide instant-messaging systems, peer-to-peer voice-over-Internet protocol (VoIP) calls, and other new communications technologies to comply with wiretap orders or face fines. Current law does not require companies that provide Internet-based communications services to comply with wiretap orders, and instead only requires phone and network carriers to integrate communications interception capabilities in their systems. The FBI has been pushing for the expanded surveillance capabilities since 2010, but has since moved away from requiring all Internet communications services to have a wiretapping capability and is now focusing on fining companies that fail to comply with wiretap orders instead. The change was made in response to concerns that the original proposal could have hurt innovation on the Internet. Officials say that the focus on fines will largely prevent start-up Internet companies from having to worry about wiretapping issues until they become more popular. However, concerns about Internet security and the effect on innovation remain even with the changes. Both the Obama administration and Congress need to sign off on the proposal before it takes effect.
Special Ops Halted From Responding to Benghazi Attacks, U.S. Diplomat Says
Washington Post (05/07/13) Londoño, Ernesto
Gregory Hicks, the deputy head of the U.S. Embassy in the Libyan capital of Tripoli, will testify before the House Oversight and Government Reform Committee on Wednesday about what he says was the inadequate military response to the attack on the U.S. diplomatic compound in Benghazi last fall. Hicks says that he asked the Pentagon to scramble fighter jets over Benghazi during the initial phase of the attack, when the diplomatic outpost was under fire from militants. Hicks says he reasoned that the show of force might have scared off the militants, but was told by the embassy's defense attache, Lt. Col. Keith Phillips, that sending in aircraft would have been impossible given that the nearest American planes were several hours away and that there were no refueling aircraft available. According to Hicks, scrambling fighter jets over Benghazi would have prevented the subsequent attack on the CIA annex. In addition to asking for fighter jets to fly over Benghazi, Hicks says that American officials in Tripoli asked to deploy four Special Operations troops to Benghazi early in the morning after the attack began but that the troops were ordered to not deploy. Pentagon officials have long maintained that they took action immediately after the attack began but that American forces would have been unable to reach Benghazi in time to stop the attacks.
FBI: Raid of Mobile Home Disrupted 'Terror Attack' in Minn.
CBS News (05/06/13)
The FBI arrested a Minnesota man May 3 after searching his mobile home and finding Molotov cocktails, suspected pipebombs, and firearms that might have been part of a planned "localized terror attack," the bureau said. Montevideo resident Buford Roberts was arrested and charged with being a felon in possession of a firearm. A news release from the FBI said the agency believed "the lives of several local residents were potentially saved" by the search and arrest, and said "several guns and explosive devices were discovered." It also said the cooperation of local, state, and federal authorities helped uncover the alleged terror plot. FBI spokesman Kyle Loven declined to comment on the suspected terror plot and did not mention whether Rogers was working alone or as part of a group, or if other arrests were planned. Loven also did not say what the target for the attack may have been, though he did say that it was located in Montevideo, a small city about 130 miles west of Minneapolis. He added that the investigation was still "very active."
A Homemade Style of Terror: Jihadists Push New Tactics
New York Times (05/06/13) Shane, Scott
The strong U.S. response to the Sept. 11 attacks has forced al-Qaida to shift its focus from carrying out spectacular attacks to smaller ones executed by lone wolf terrorists. In an article posted in the online of "Inspire" magazine, Samir Khan of al-Qaida in the Arabian Peninsula said that such small-scale attacks are advantageous because they have a much greater impact, they embarrass the U.S., and because they are nearly impossible to prevent. This shift in focus can be seen in the Boston Marathon bombings, which were carried out by suspects who were radicalized over the Internet rather than terrorist training camps. In addition, the suspects also followed instructions given in "Inspire," which has called on al-Qaida's followers to build bombs made from inexpensive everyday items and to target open-air events like the Boston Marathon that are difficult to secure. Al-Qaida's new focus on smaller-scale attacks has left U.S. counterterrorism officials at a loss about what to do to prevent such attacks. Some say that the Boston Marathon bombings illustrate the need for more undercover sting operations, while others say that the best method of prevention is to focus on radicalized individuals who commit illegal acts.
Small, Medium Businesses Suffer Record Levels of Cyber Attacks
Homeland Security News Wire (05/09/13)
Some 87 percent of small businesses across the United Kingdom experienced a cyber security breach within the last year, according to the 2013 Information Security Breaches Survey conducted by the U.K. Department for Business, Innovation, and Skills. The report noted this is more than a 10 percent increase over last year's figures, and it has cost small businesses up to 6 percent of their turnover. According to data in the report, the average cost of the worst security breach for small companies was between $54,000 and $101,000, while the average cost for larger businesses was between $700,000 and $1.3 million. The median number of breaches for small companies meanwhile stood at 17, up from 11 a year ago, while the number for larger businesses stood at 113, up from 71 a year ago, the report found. Additionally, 81 percent of large businesses and 57 percent of small businesses reported staff-related cyber breaches, and respondents said 12 percent of the worst cyber breaches were caused by senior management not emphasizing cyber security enough. "Keeping electronic information safe and secure is vital to a business's bottom line," said Minister for Universities and Science David Willetts. "Companies are more at risk than ever of having their cyber security compromised, in particular small businesses, and no sector is immune from attack."
Stealthy Web Server Malware Spreads Further
IDG News Service (05/08/13) Kirk, Jeremy
Eset and Sucuri recently found Apache servers infected with Linux/Cdorked, a malware that when running on a Web server redirects victims to another website that tries to compromise their machine. Eset says it has now found versions of Linux/Cdorked geared toward the Lighttpd and Nginx Web servers, both widely used across the Internet. Eset's Marc-Etienne M. Leveille says the company has found 400 Web servers infected so far, of which 50 are ranked in Alexa's top 100,000 websites. He notes that although experts still do not know for certain how this malicious software found its way to Web servers, the malware does not propagate by itself and it does not exploit a flaw in a specific software. Linux/Cdorked redirects visitors to another compromised website hosting the Blackhole exploit kit, a malicious program that tests computers for software flaws. Leveille says the pattern of the domain names where people are redirected suggests the attackers also have compromised some Domain Name System servers.
U.S. Directly Blames China’s Military for Cyberattacks
New York Times (05/07/13) Sanger, David E.
The Pentagon submitted a report to Congress on Monday in which it accused the Chinese military of carrying out cyberattacks on computer systems belonging to the U.S. government and defense contractors. The report, an assessment of Chinese military capabilities that is submitted to lawmakers annually, said that Beijing is investing in cyberwarfare technologies to attack U.S. satellites and other space assets. In addition, the report claimed that China wants to use both cyberweapons as well as traditional weapons to weaken the U.S. military's presence in the Pacific. The report noted that the cyberattacks on U.S. government and defense contractors had several motives, including the theft of industrial technologies, obtaining information about the thinking of American policy makers, and achieving a greater understanding of U.S. defense networks, logistics, and similar military capabilities. The Chinese hope to use the information it obtains about U.S. military capabilities in the event of a crisis, the report said. The release of the report marks the first time that the Obama administration has explicitly accused the Chinese government of carrying out cyberattacks against American targets. National Security Adviser Thomas E. Donilon gave a speech in March in which he said that American companies were growing more concerned about cyberattacks launched from China, but he did not specifically blame the Chinese government for those incidents.
Researchers Hack Building Control System at Google Australia Office
Wired News (05/06/13) Zetter, Kim
Two researchers from the security firm Cylance recently hacked into the building management system of Google Australia's Wharf 7 office in Sydney by exploiting an unpatched vulnerability in the system's Tridium Niagara AX platform. The researchers were able to access multiple control panels that showed buttons marked "active overrides," "active alarms," "alarm console," "LAN Diagram," "schedule," and a button marked "BMS key" for Building Management System key. They were also able to obtain the encrypted passwords of Google Australia employees, including the administrator's password, and were able to decode them using a custom tool. In addition to this, the researchers gained access to floor and roof plans, the layout of water pipes in the building with notations indicating water temperature, and were even able to see the location of a kitchen leak. While the researchers did not disrupt the system in any way, they said they were deep enough into it they could have installed a rootkit that would have allowed them to take over the operating system and access any other building control systems linked to the compromised one. The researchers said this was an example of what could happen when a company allows a third party integrator to set up systems for its office building. They explained such integrators sometimes configure the systems insecurely or fail to install patches, as was the case with Google Australia. Google has confirmed the breach and says that it has since disconnected the system from the Internet.
Man Charged With Hacking Into Former Employer's Computer System
Newsday (05/06/13) Kessler, Robert E.
The FBI arrested a former programmer and systems manager at Spellman High Voltage Electronics Corporation in Hauppauge, N.Y., on May 2 on the charge of hacking into the company's computer system and causing some $90,000 in damage. Michael Meneses was allegedly upset he had been passed over for a promotion and broke into the company's computer system shortly after he quit in December 2011, according to prosecutors. U.S. Attorney Loretta Lynch said in a statement Meneses is alleged to have "engaged in a 21st Century campaign of cyber vandalism and high-tech revenge." According to court papers, Meneses altered the company's business calendar by one month, which prevented employees from processing transactions, and used a former coworker's e-mail account to send messages to new applicants urging them to seek employment elsewhere. Federal agents were able to trace some of the hacking to the IP address at a North Carolina motel at which Meneses was staying, and they traced other hacking to an online account to which he was subscribed, according to court documents. If convicted, Meneses could face 10 years in prison.
Abstracts Copyright © 2013 Information, Inc. Bethesda, MD |
No comments:
Post a Comment