| |
Ex-Home Depot Worker Convicted in $2M Extortion Plot
Atlanta Journal-Constitution (06/19/13) Seward, Christopher
A federal jury on Monday convicted Daniel Sheehan, a former part-time handy man at a Home Depot on Long Island, with attempting to extort $2 million from Home Depot by threatening to detonate a pipe bomb one of the chain's stores in 2012. According to the FBI complaint, the pipe bomb threat was made via a letter sent to the manager of a Home Dept in Huntington, N.Y. The letter said that if the company did not pay $2 million, Sheehan would shut down all Home Depot stores on Long Island by detonating pipe bombs filled with roofing nails. There was also another letter where Sheehan wrote that he intended to be "wired up like a Christmas tree with 2 devices strapped to a belt and one to a neck chain" that he planned to wear. A pipe bomb was subsequently found at the Home Depot in Huntington and was detonated. Sheehan was arrested by authorities in November after the GPS in the TracFone he used to call in some of the bomb threats was traced. At sentencing, Sheehan could face as many as 30 years in prison.
Belgian Diamond Theft, Filled With Cinematic Thrills, Also Has a Blooper Reel
New York Times (06/16/13) Carvajal, Doreen
Experts say that while the theft of packets of diamonds from the cargo hold of plane at Brussels airport in February was marked with meticulous planning, inside information and swift execution that left investigators marveling, the efforts to sell the diamonds were ham-handed. The mistakes made in the effort to sell the stones has many of the opinion that the robbers were not after diamonds, but were after cash. When arrested trying to sell the stones, many of the more than 30 suspects denied involvement. What had appeared to be meticulous planning on the part of the robbers dissolved when they attempted to sell the diamonds in Geneva, which as Edahn Golan, an analyst in Israel specializing in the economics of the diamond industry, noted "is not a big diamond center." He added that "if [the thieves] knew what they were doing, they should have waited for a trade show." A connection between two suspects, real estate investor Pascal Pont and Casablanca restaurateur Marc Bertoldi, was the key that helped crack the case and enabled investigators to find the diamonds, which where in Pont's cellar. Though Pont and Bertoldi have been released, they remain suspects. Of the 30 others, most have been released on bail, though seven remain jailed and four have challenged their arrests. Another prime suspect, identified only as "Tarek B," is believed to be in Morocco, and investigators are currently searching for him.
Gartner: Pay Less Attention to Security Technology
Security Magazine (06/13)
Gartner's Paul Proctor advises that security professionals should not purchase big-box appliances without first talking to upper-level executives to ensure that security decisions are made based on careful assessments of risks to the data being protected. This is preferred to blindly defending against all attacks, according Proctor. He adds that security professionals should not focus excessively on high-profile security attacks and instead use time with the board to eliminate the disconnect between executives and the security team while striving to relate security and risk to business impact. According to a report from CRN, Gartner estimates that only 8 percent of organizations are running next-generation firewalls, and organizations that purchased those firewalls are not properly configuring them or using them to their fullest extent. Chief information security officers might be better off addressing other areas of attack preparation such as training against an incident response plan. A study from the Ponemon Institute suggests that too many security professionals depend on attack data and information about the latest security threats while failing to describe the business impact to upper-level decision-makers. Some IT teams in the United States are frequently at odds with business executives about security issues, CRN reports.
Making Sure that Employees Who Travel Consider Security
Security Management (06/13) Longmore-Etheridge, Ann
Sending employees to foreign countries for business purposes can help spur profitable outcomes and new experiences for the traveler, but it is essential that companies sufficiently prepare employees to protect themselves and the company’s proprietary information. Travel-security planning is essential, but even companies that believe they have taken the right steps might not be addressing risks properly. Best practices include using carefully evaluated travel agencies to make all travel arrangements and keeping the company informed of them; identifying secure ground transport; training employees on maintaining security awareness when traveling; and setting up a travel security Web site that features corporate emergency contacts, travel policies specific to each country, and education and awareness material on what to expect once the employee is on the ground and other matters. The Web site should also feature protocols and guidelines to follow if an adverse incident occurs. Just as companies form plans and regulations for their international travelers, so too should they form plans and policies for information protection, which includes data on personal devices. Prior to travel, employees should be in compliance with a company policy to lock down their electronic items, their cell phones, their Wi-Fi ports, and their Bluetooth as they travel through airports to ensure that no one can access their information. Additionally, everything should be PIN- or password-protected and encrypted.
Situational Awareness
Security Management (06/13) Vol. 57, No. 6, P. 106 Taylor, Scott
Security personnel who work in healthcare or entertainment environments should be trained to handle situations in which patrons or patients are intoxicated or under the influence of medication. A comprehensive training program should include inoculation training, a verbal skills assessment, and training on spotting triggers that could cause the situation to escalate. When dealing with a belligerent person, the best way to handle the "fight or flight" reaction is through inoculation training. This type of training involves realistic, dynamic scenarios and role-play exercises that help inoculate the officer against the body's natural reaction to stress. In addition to learning how their bodies respond, officers must know what to say. Effective verbal de-escalation techniques are extremely valuable, and a key part of minimizing any security conflict is understanding that it is not personal. In entertainment environments, where a patron is venting against the security officer, the goal is to redirect the patron's behavior and achieve compliance through verbal techniques that help minimize the patron's stress and frustration. These steps include: Getting the patron's name, which gets the person's attention and automatically makes the conversation more personal; ask open-ended questions to help the patron understand the officer is aware of the other person's frustrations; speak slowly and show empathy toward the patron; use clarifying questions and summary statements to get the patron to agree with you -- e.g. "So you are frustrated because you cannot go back into the bar, is that right?" "Yes." -- because it is difficult to remain angry when agreeing with someone; and avoid using clichés such as "calm down," which could have just the opposite effect. As officer use these de-escalation techniques, they should watch out for physical signs that it is not working and the conflict is, instead, escalating. A common warning sign to look out for -- one that many security guards commonly miss -- is when the person looks away just before launching a strike. Additional warning signs include when patrons clench their fists or tighten and untighten their jaw. A sudden change in body language or tone used during a conversation can also be an indicator as can pacing or fidgeting. As part of their training, officers should view CCTV footage of other officers in conflict situations so they can spot these indicators and how they tend to be followed by an escalation of the conflict.
New Documents Reveal Parameters of NSA’s Secret Surveillance Programs
Washington Post (06/21/13) Nakashima, Ellen; Gellman, Barton; Miller, Greg
Newly-released classified documents that have been disclosed to The Washington Post and The Guardian detail the steps the National Security Agency (NSA) takes to ensure that it does not collect information about Americans through its surveillance programs. For instance, the documents--which are the first set of written procedures to be made public about the surveillance programs--state that NSA maintains a database of phone numbers and e-mail addresses of individuals who are thought to be living in the U.S. If requests for surveillance mention one of those phone numbers or e-mail addresses, the request is not approved. The documents also noted that NSA takes additional steps to ensure that people in the U.S. are not targeted by its surveillance programs, including examining area codes and data packets associated with e-mail messages, examining contact lists associated with e-mail accounts, and analyzing information contained in "knowledge databases" that are used to store CIA intelligence reports. Once surveillance is underway, the NSA continues to look for signs that the person it is monitoring has entered the U.S. Should a target enter the country, the surveillance is immediately stopped and the FBI may be notified. The disclosures have not satisfied privacy advocates, who say that the guidelines give NSA leeway to monitor Americans' communications.
Officials: Surveillance Programs Foiled More Than 50 Terrorist Plots
Washington Post (06/19/13) Nakashima, Ellen
National Security Agency (NSA) chief Gen. Keith Alexander and other government officials appeared before the House Intelligence Committee on Tuesday to defend the agency's controversial surveillance programs. Alexander noted in his testimony that the programs have helped prevent more than 50 terrorist plots from being carried out since the Sept. 11 attacks. At least 10 of those disrupted plots, Alexander said, involved terrorism suspects or targets in the U.S. Among the plots that officials said were foiled by intelligence gathered through the surveillance programs was a plot to bomb the New York Stock Exchange. According to Alexander, the PRISM surveillance program--in which NSA collects Internet communications to and from foreign targets located abroad who are suspected of being involved in terrorism or nuclear proliferation or who could serve as a source of intelligence--was particularly beneficial in foiling these plots, as it was the source of 90 percent of the information about the planned attacks. Alexander added that officials will not release to the public any further information about terrorist plots that have been foiled as a result of the surveillance programs, though he did say that both the House and Senate Intelligence committees would receive classified details about those disrupted plots.
At Trial, Hit Man Says 'It Broke My Heart' to Learn Bulger Was an F.B.I. Informer
New York Times (06/18/13) Seelye, Katharine Q.
John Martorano took the stand as a witness for the prosecution at the trial of James "Whitey" Bulger on Monday, saying that he had been a hit man for Bulger when he was part of the Boston underworld during the 1970s and '80s. When he took the stand against Bulger, the 72-year-old former hit man discussed how he and Bulger had killed those who interfered with their control of the underworld and commented on how he was upset about the news that Bulger had been an informant for the FBI for much of the time they worked together. Bulger has insisted that he was never an informant, which seems to be behind his pursuit of this public trial where he faces a 32-count indictment, including charges that he participated in 19 murders. Martorano also said he overheard a conversation between William Bulger and John Connolly, the FBI agent who became Whitey Bulger's corrupt handler. Martorano said that Connolly credited William with his becoming an FBI agent, and added that "If there is anything I can do for you, let me know." It is thought that this offer and William's response are behind the tips Connolly provided to Bulger that kept him out of law enforcement traps for decades, acts which would destroy Connolly's career.
NSA Leaker Denies Any Links to China
Wall Street Journal (06/18/13) Barrett, Devlin
Edward Snowden, the man who has admitted to leaking classified documents about the National Security Agency's surveillance programs, took part in an online conversation on Monday and dismissed the suggestion that he has ties to the Chinese government and may be trying to exchange what he knows for safe haven. With regard to the allegations that he has ties to the Chinese government, Snowden said it was "a predictable smear" that he anticipated before going public "as the U.S. media has a knee-jerk 'RED CHINA!' reaction to anything involving [Hong Kong or the People's Republic of China]." The former NSA contractor also said his disclosures were motivated by disappointment in the Obama administration's failure to follow through on campaign promises to make the government more accountable and transparent by "fixing the problems he outlined in his quest for votes." Snowden wrote that, "Unfortunately, shortly after assuming power, [Obama] closed the door on investigating systemic violations of law, deepened and expanded several abusive programs, and refused to spend the political capital to end the kind of human rights violations like we see in Guantanamo." Snowden has indicated that he will fight any extradition attempt, and that he will be releasing more details to support his allegation that NSA analysts can examine the content of e-mails.
U.K. Accused of Spying at G-20 Summits
Wall Street Journal (06/17/13) Thomson, Ainsley
The U.K. is facing international criticism following the leak of information by former National Security Agency (NSA) contractor Edward Snowden that indicates British intelligence monitored phone calls and electronic communications for delegates attending two 2009 meetings of the Group of 20 (G-20). Turkey and South Africa have demanded the U.K. explain why the government communications headquarters (GCHQ) was spying on their delegates, some of whom claim they were coerced into using Internet cafes set up by the GCHQ to monitor their Internet traffic. Snowden says that GCHQ equipped the cafes with e-mail interception programs and key-logging software. He also maintains that GCHQ broke into delegates' BlackBerrys to monitor e-mails and phone calls and gave analysts a summary of which country's delegate were in contact with each other. These allegations may prove particularly problematic for the U.K., as it is currently hosting world leaders representing the Group of Eight (G-8) in Norther Ireland. U.K. Prime Minister David Cameron, who is attending the negotiations, has declined to comment.
Apple Pours OS X Snow Leopard Another Java Fix
Computerworld (06/19/13) Keizer, Gregg
Apple has patched Java 6 for OS X Snow Leopard, Lion, and Mountain Lion, fixing 34 vulnerabilities that Oracle addressed for Windows the same day. Because Snow Leopard users cannot upgrade to Java 7, as Oracle's latest edition requires Lion or its 2012 successor, Mountain Lion, they must use the older Java 6, which is run by Apple; Oracle disseminates patches for Java 7 bugs. Apple is still delivering fixes for Java 6 because Oracle continues to look for flaws and create patches for the Windows version, even though it once said it would retire the software in February. Oracle has not specified how long it will continue to provide patches for Java 6 on Windows, and consequently how long Apple will be able to issue security patches for its customers using Snow Leopard. Security researchers say the best move for Apple is to continue to patch Snow Leopard, as the operating system was powering 25 percent of all Macs online as of May, according to Net Applications.
Hackers Break Into Toyota Server
Wall Street Journal (06/19/13) Koh, Yoree
Toyota revealed on June 19 that its Japanese-language corporate Web site was hacked for the first time ever earlier in June, though it said that the breach did not compromise customer information. One of the auto-maker's servers, which has since been shut down, was accessed by unauthorized parties who altered the Web site so that it would redirect visitors to a different Web site that automatically installed a program onto their computer. The company has encouraged all those who visited this version of its corporate Web site between June 5 and June 14 to install anti-virus software. The investigation into the attack is ongoing, and as yet Toyota does not know the origin of the hack or what the installed program does. The attack appears to be restricted to the Japanese-language website, and the vulnerable sections include various news pages such as "most recent top news" and investor relations updates. Toyota has said that it will replace the compromised server with a newer one that has "heightened security" next month.
Beware of HTML5 Development Risks
Dark Reading (06/19/13) Chickowski, Ericka
Developers need to be aware of the potential risks created by some of the new features of HTML5, starting with HTML5's new local storage capability. Dan Kuykendall of NTO OBJECTives notes that sessionStorage, localStorage, and client-side databases create a great opportunity for developers, but also raise the possibility of attackers being able to retrieve or even manipulate such data on the client side if precautions are not taken to secure it. Mobile Strategy Partners' David Eads says considerations for the security of such data has to be a priority when developers are being taught to use HTML5, lest bad habits be ingrained from the start. Another risky feature of HTML5 is native resource rights, which give applications access to device features such as cameras, microphones, and GPSes. Ericom Software's Dan Shappir says this access has to be tightly controlled on the developer end, as users are unlikely to consider the security and privacy implications of granting such access. Finally, there is HTML5's cross-origin resource sharing, with Kuykendall saying the ability to request and share third-party code is a powerful tool, but it has to be paired with strict policies.
Popular WordPress Plug-Ins Vulnerable to Attack: Checkmarx Research
eWeek (06/18/13) Prince, Brian
Twelve of the top 50 plug-ins for the WordPress platform are vulnerable to attacks such as SQL injection and cross-site scripting, representing nearly 8 million downloads, according to Checkmarx. In addition, seven out of the 10 most popular e-commerce plug-ins for WordPress also are susceptible to attacks, amounting to more than 1.7 million downloads. Checkmarx says the findings indicate a lack of security testing and standards by platform-as-a-service providers when it comes to the apps they distribute, along with a failure by Web administrators to do everything necessary to ensure the plug-ins are safe. Checkmarx conducted its first scan in January 2013 and found that 18 of the 50 most popular plug-ins had flaws. A second scan performed five months later revealed that number had been reduced to 12. Checkmarx recommends that WordPress administrators only download plug-ins from reputable sources, that they scan them for security issues, and that old or unused plug-ins are removed.
U.S. Security Expert Says Surveillance Cameras Can be Hacked
Reuters (06/17/13) Finkle, Jim
Craig Heffner, a vulnerability researcher at Columbia, Md.-based Tactical Network Solutions, revealed that he has discovered previously unreported bugs in digital video surveillance equipment made by firms including Cisco Systems, D-Link, and TRENDnet. According to Heffner, the vulnerabilities can be exploited to remotely attack the surveillance cameras, which are used by banks, industrial plants, the military, and prisons. That access, he said, was "a significant threat. Somebody could potentially access a camera and view it. Or they could also use it as a pivot point, an initial foothold, to get into the network and start attacking internal systems." Heffner claims to have discovered hundreds of thousands of surveillance cameras that can be accessed through the public Internet, and has figured out how to pull a real-life version of a "Hollywood-style" attack where a picture on a surveillance camera is frozen to prevent the detection of thieves and other infiltrators. He has not discussed his research with the camera manufacturers, and does not plan to ahead of his presentation at the Black Hat hacking conference in Las Vegas where he plans to demonstrate some of the techniques for exploiting these bugs. The camera manufacturing companies have vowed to take any appropriate action to secure their equipment as soon as possible.
Abstracts Copyright © 2013 Information, Inc. Bethesda, MD |
No comments:
Post a Comment