| |
Justices Allow Search of Work-Issued Pager
New York Times (06/17/10) Liptak, Adam
The U.S. Supreme Court unanimously ruled that a California police department did not violate the privacy rights of one of its officers when they audited text messages sent on a department-issued cell phone. The ruling stuck close to the facts of the case, applying only to public workers and stipulating that the employer must have a "legitimate work-related purpose" in order to prove they are not violating Fourth Amendment rights. In this particular case, a city policy on computer, Internet, and e-mail instructed employees that the city had a right to monitor communications. The officer who brought the case had signed an agreement acknowledging this right. However, the policy did not apply specifically to text messages. At the time, the city was apparently considering a policy that would allow employees to send personal messages as long as they did not go beyond a 25,000-charater limit. Any texts sent beyond that limit would need to be paid out of pocket. The city audited the officer's texts to see if such a policy made good business sense, uncovering multiple sexually-explicit messages on the phone, which led the officer, his wife, his mistress, and another officer to sue. The Supreme Court ruled that the audit was not a violation of privacy because the city "had a legitimate interest in ensuring that employees were not being forced to pay out of their own pockets for work-related expenses, or on the other hand, that the city was not paying for extensive personal communications."
Police Clash With Striking World Cup Guards
Wall Street Journal (06/17/10) Stewart, Robb M.
Police in Cape Town, South Africa, used a stun grenade and rubber bullets to break up a protest held by more than a hundred employees of Stallion Security Consortium on Thursday. The clash took place at Stallion's premises after the protesters refused to leave. Twelve protesters were arrested during the incident. The employees of the private security company--who had been hired to provide security at four World Cup soccer stadiums--went on strike earlier this week amid a dispute with Stallion Security Consortium over their pay. The security officers were subsequently replaced by police officers. Despite the dispute, officials say that security for the World Cup has not been compromised.
Jail Guard Arrested in Shooting Spree
Wall Street Journal (06/17/10) Markey, Eileen; Gardiner, Sean
Kim Wolfe, a corrections officer in Nassau County, N.Y., has been arrested after fatally shooting her uncle and her ex-girlfriend, wounding her grandfather, and abducting her 23-year-old niece. Police say that Wolfe shot her former girlfriend Stacie Williams multiple times early Wednesday morning outside of Nassau University Medical Center, where Williams had worked for 23 years. She then went to a nearby home shared by several of her relatives and confessed to killing Williams. After arriving at the home, Wolfe asked her family members to fill out beneficiary information on her life-insurance policy, which prompted an argument with her grandfather. When Wolfe's uncle interrupted she shot him, then shot her grandfather in the leg. She then left the house taking her niece with her after telling her sister she needed to bring the niece "for protection." Wolfe drove around Long Island for the next three hours. During that time she made several calls to the family home. One of those calls was answered by a police officer. Wolfe told the officer she was headed to Atlantic City and that she wanted to kill herself. However, the officer was able to convince her to surrender. She was later arrested without incident and her niece was found unharmed.
N.J. Woman Accused of $45 Million Fraud
Wall Street Journal (06/17/10) Benoit, David
A 58-year-old Montclair, N.J., woman has been charged with running a Ponzi scheme that defrauded investors of millions of dollars. According to prosecutors, Antoinette Hodgson raised roughly $45 million from investors in New York and New Jersey, promising them high rates of return if they allowed her to use the money to buy and renovate homes and either re-sell or rent them. However, Hodgson only invested roughly $6 million of the money to invest in the properties, and used most of the rest of the funds to repay other investors, prosecutors with the Manhattan U.S. Attorney's office say. In addition, Hodgson allegedly sold several of the properties for a $700,000 profit between 2006 and 2009, and used some of the money given to her by investors to go on gambling trips to Atlantic City and Las Vegas. An attorney for Hodgson has denied the charges against her.
Firm Has Security Guards Who Shouldn't Be
Dallas Morning News (TX) (06/14/10) Eiserer, Tanya
Dallas-based Platinum Security and Consulting, which provides security for the State Fair of Texas, the Dallas Cowboys, and the Sixth Floor Museum in Dallas, has paid $10,000 in state fines for using at least 140 unlicensed guards. The company was fined following inspections at the State Fair in the fall of 2009. At the time Platinum was cited for failing to register 38 guards working on the grounds. A subsequent review found that more than 100 unregistered guards also worked for the company. Of these, several were not qualified to be licensed by the state because of criminal histories. Texas law requires all security workers to be registered. Companies have five working days from the date of hire to conduct a pre-employment background check, obtain fingerprints, and file paperwork. Registrations must be renewed every two years. The maximum civil penalty for non-compliance with these procedures is $10,000 for each violation, although fines normally start at approximately $200 per violation. One of the guards the company failed to register is Patrick Cleveland, who has been accused of trying to steal two safes at the Sixth Floor Museum. State officials say they did not have paperwork on file for Cleveland's 2001 court case, in which he was charged with evading arrest. Had the paperwork been on file, Cleveland could have been licensed by the state. The issue with Cleveland's paperwork appears to have been resolved the same day he is accused of robbing the museum.
Indictment in New York Bomb Plot Outlines Pakistan Ties
Wall Street Journal (06/18/10) Bray, Chad
A new indictment was issued Thursday against Faisal Shahzad, the Pakistani-American man who has confessed to carrying out the attempted car bombing in Times Square last month. The indictment adds five new charges against Shahzad, bringing the total number of charges against the 30-year-old Connecticut man to 10. Among the charges Shahzad faces are conspiracy to use a weapon of mass destruction, attempting to commit an act of terrorism, and transportation of an explosive. The indictment also alleges that Shahzad received training in the use of explosives from a person with ties to the Pakistani extremist group Tehrik-e-Taliban, and received $5,000 in cash from an individual who worked for the Pakistan Taliban. In addition, prosecutors say that Shahzad received $7,000 in cash and gave the money to the person from the Pakistan Taliban. Finally, the indictment states that Shahzad purchased a semi-automatic 9-millimeter Kel-Tec rifle in March. The gun was found loaded in Shahzad's car in an airport parking lot the day he was arrested.
Security Training for Bridge Workers
Daily Mail (NY) (06/18/10)
The New York State Bridge Authority, which operates five bridges in the Hudson River valley, is offering training to its employees to help them deter possible terrorist attacks. On Friday, employees at the Newburgh-Beacon Bridge were trained by officers from the New York State Police's Counter-Terrorism unit to identify the seven signs of terrorism. Those signs include individuals performing surveillance of targets, individuals asking suspicious questions about operations and security, and individuals conducting tests of security to gauge reaction times. In addition to being trained on what signs to look out for, employees were also taught to report any suspicious activity they see. Similar training programs are also being conducted at NYS Bridge Authority bridges in more rural locations, including the Rip Van Winkle and Kingston-Rhinecliff bridges.
Ex-Camden County Resident Indicted in Alleged Terror Cell Held in Paraguay
Philadelphia Inquirer (06/17/10) Newall, Mike
A man at the center of an investigation into a Hezbollah terror cell in the U.S. was arrested in Paraguay on Tuesday. Police say 38-year-old Moussa Ali Hamdan, a Lebanese native who previously lived in the Philadelphia suburb of West Collingswood, N.J., was arrested in an area of Paraguay known to be a hotbed of Hezbollah activity and fund-raising after he tried to get someone to obtain a Paraguayan identification card for him. Hamdan could be extradited back to the U.S. to face charges of buying and selling what he thought was stolen merchandise overseas to benefit Hezbollah. In addition, authorities say that Hamdan was planning to travel from Lebanon to Philadelphia to inspect and put a down payment on a cache of weapons Hezbollah wanted to buy, including 1,200 Colt M4 machine guns. Although undercover agents taking part in the investigation had persuaded Hamdan to make the trip so he could be arrested in Philadelphia, he was unable to obtain a visa due to high-level disputes among U.S. intelligence agencies. If he is extradited back to the U.S. and convicted on the charges against him, Hamdan could be sentenced to as much as 260 years in prison. Hamdan, for his part, says he is innocent.
Newburgh Terrorism Case May Establish a Line for Entrapment
New York Times (06/15/10) Glaberson, William
The case of the four Newburgh, N.Y., men charged with plotting to bomb synagogues in the Bronx and shoot down military aircraft at Stewart International Airport could set limits on the government's use of civilian informers and government agents in terror investigations, experts say. According to attorneys for the men, the government's use of an informant in its investigation amounted to entrapment because the informant, Shaheed Hussain, oversaw every aspect of the terror plot. During the investigation, Hussain assembled the weapons that were to have been used after the suspects were unable to follow his instructions, defense attorneys say. In addition, attorneys for the defendants claim that their clients were not capable of carrying out the terrorist plot on their own, and that Hussain lured them into committing the plot by promising to pay them $250,000 and give them a BMW. However, prosecutors have defended Hussain's work in legal filings, saying that he did an "exemplary" job and that the primary suspect in the case was determined to carry out terrorist attacks on Jews and the U.S. But Judge Colleen McMahon has criticized prosecutors for not providing the defense with the copy of an investigators report that suggested that the defendants were not capable of carrying out the attack without Hussain's help. As a result, Judge McMahon decided Monday to put the case on hold indefinitely.
Would-be bin Laden Assassin Held in Pakistan
MSNBC (06/15/10)
A 52-year-old California man with ties to victims of the September 11, 2001 attacks has been arrested in Pakistan for trying to kill Osama bin Laden and two of his senior aides. Gary Brooks Faulkner came to the attention of Pakistani authorities after he checked out of a hotel near the Afghan border on June 3 without informing the police escort that had been given to him as a tourist visiting a remote part of Pakistan. After checking out of the hotel, Faulkner then traveled to the border with Afghanistan but was stopped before he could cross. When he was arrested on Sunday, Faulkner was armed with a pistol, a 40-inch sword, and night-vision equipment. After being questioned by authorities, Faulkner said that he wanted to use the sword to "decapitate" bin Laden. Officials with the U.S. Embassy in Pakistan have been informed of Faulkner's arrest, and are trying to meet with him to confirm his identity.
Frustration Growing Over Limited Ability to Shut Down Botnets
SearchSecurity.com (06/17/10) Westervelt, Robert
Security researchers are finding it difficult to disrupt botnets, according to Kaspersky chief security expert Vitaly Kamluk. In his remarks at the recent Forum of Incident Response and Security Teams Conference 2010, Kamluk noted that legal means of eliminating Internet service providers that host botnets have only been partially successful. More effective techniques of eradicating botnets, including a technology that disrupts a botnet's command and control capabilities and cleans up infected machines, are unethical and may even be illegal. According to Kamluk, this technology could be used to clean up the 12,000 Web servers that have been infected with Gumblar, a Trojan that steals FTP passwords and spreads to other computers much in the same way a botnet does, in about five minutes. Meanwhile, security researchers also are finding it difficult to eliminate botnets that carry out denial-of-service attacks, said Arbor Networks botnet expert Jose Nazario. These botnets can be difficult to eliminate because they are controlled by three or four different groups, and because the cost of blocking and investigating them is rising, Nazario said.
Support Snowballs Early for Senate Cyber Bill
Federal News Radio (06/17/10) Cacas, Max
The Senate's Protecting Cyberspace as a National Asset Act of 2010, which is sponsored by Sens. Susan Collins (D-Maine), Joe Lieberman (I-Conn.), and Tom Carper (D-Del.) has gained bipartisan support from lawmakers on the House Homeland Security Committee, which met to discuss a report from the Department of Homeland Security's (DHS) Inspector General (IG) on DHS's current cybersecurity efforts. Two senior members of the panel, Rep. Jane Harman (D-Calif.) and Rep. Peter King (R-N.Y.), said they would co-sponsor and introduce a companion bill in the House. Support for a companion bill also came from Rep. Bennie Thompson (D-Miss.), the chairman of the House Homeland Security panel, and Rep. Yvette Clarke (D-N.Y.), the chairwoman of the House Cybersecurity Committee. Meanwhile, the original Senate bill--which designates DHS as the federal agency responsible for coordinating efforts to protect government and private-sector networks from cyberattacks--has been earmarked for "fast-track" treatment and could go to the Senate floor before the 4th of July recess.
U.S. Hampered in Fighting Cyber Attacks, Report Says
Wall Street Journal (06/16/10) Gorman, Siobhan
Homeland Security Department Inspector General Richard Skinner will release a report on Wednesday detailing problems in the U.S. Computer Emergency Readiness Team (U.S.-CERT), the Department of Homeland Security (DHS) agency charged with monitoring cyber attacks against government systems. For example, Skinner found that U.S.-CERT is incapable of forcing other agencies to take steps to protect their IT systems from attack. In addition, Skinner noted that U.S.-CERT did not give federal agencies data that could have helped them take action to address security breaches. Another problem lies with the implementation of Einstein, the DHS cybersecurity program that identifies breaches in government computer systems and provides information to correct the vulnerability that attackers used to break into those systems. Skinner says that Einstein and similar tools have not been effective because they are not collecting data fast enough to protect government systems from being attacked. Einstein has also not yet been deployed to all non-military agencies, meaning that DHS still does not have a complete picture of the threats facing government networks. For its part, DHS said it is taking steps to address some of the issues raised in the report, including the shortage of employees at U.S.-CERT. Meanwhile, some experts say that the problems DHS is having in dealing with cybersecurity threats are likely even worse than Skinner's report suggests, since U.S.-CERT is buried deep within DHS and is "riddled with politics."
DNS Security Reaches 'Key' Milestone
Network World (06/16/10) Marsan, Carolyn Duffy
ICANN hosted an event at a secure data center in Culpeper, Va., on June 16 that resulted in the generation and storage of the master root key that will be used in the deployment of DNS Security Extensions (DNSSEC) on the Internet's root zone. Another key will be created at a similar ceremony in Los Angeles early next month. VeriSign's Ken Silva says the key created at the Culpeper data center will sign all the other keys that are used in DNSSEC, the security protocol that is designed to protect against cache poisoning attacks. Silva added that the key will be tested before DNSSEC is deployed on the root zone on July 15. During that testing, issues such as permutation of key sizes, key roll-over, and key expiration will be examined. Silva says testing is being conducted to see how well the system responds and whether VeriSign's monitors and detection systems can identify those issues. He says the addition of monitoring capabilities to the root servers has helped make the testing a success thus far.
Unpatched Windows XP-related Hole Exploited in Attacks
CNet (06/15/10) Mills, Elinor
Security experts at Sophos said Tuesday that they have seen evidence that hackers are exploiting an unpatched vulnerability in Windows XP. In those attacks, hackers are luring Windows XP users to Web sites hosting malicious code that exploits the vulnerability, which exists in the online Windows Help and Support Center. That in turn allows the attacker to take control over the victim's PC. According to Jerry Bryant, Microsoft's group manager for response communications, there have been a limited number of cases of hackers exploiting the vulnerability. He added that while the exploits have been removed from the Web, there could be additional attacks due to the fact that the details of the vulnerability have been disclosed publicly. The vulnerability was discovered June 10 by Google researcher Tavis Ormandy, who released details about flaw as well as proof-of-concept code. The release of the information has been criticized by Microsoft, which said that the five days between the time Ormandy notified it of the problem and the time he went public his discovery was not enough time for it to correct the flaw. Ormandy, for his part, says that Microsoft would likely have ignored him if he had not released an exploit at the same time he reported the vulnerability.
Abstracts Copyright © 2010 Information, Inc. Bethesda, MD |
No comments:
Post a Comment