Search This Blog

Friday, July 01, 2011

Security Management Weekly - July 1, 2011

header

  Learn more! ->   sm professional  

July 1, 2011
 
 
Corporate Security
  1. "The Finer Art of Faking It" Counterfeit Products
  2. "DA: NY Shootings Suspect Staked Out Pharmacy"
  3. "Debate Flares on S.F. Cops Doing Hospital Security" San Francisco
  4. "Pay-at-the-Pump Fraud Grows"
  5. "Former Citigroup Accountant Accused of Embezzling $19.2 Million"

Homeland Security
  1. "Another Tear in the Airport Security Net" Stowaway on Virgin America and Delta Airlines Flights
  2. "Al Qaeda Remains Top Threat to U.S."
  3. "U.S. Won't Pursue Bulk of CIA Detention Cases"
  4. "Fighters Descend on Hotel in Kabul"
  5. "Long Elusive, Irish Mob Legend Ended Up a California Recluse" James "Whitey" Bulger

Cyber Security
  1. "'Indestructible' Botnet Malware Infected 4.5 Million PCs"
  2. "New Cyber Attack on Arizona Police"
  3. "Apple Patches 11 Java Vulnerabilities in Mac OS X"
  4. "The Weakest Link in Computer Hacking? Human Error"
  5. "Hacker Group Calls it Quits" LulzSec

   

 
 
 

 


The Finer Art of Faking It
Wall Street Journal (06/30/11) Holmes, Elizabeth

The sale of counterfeit products is a growing problem around the world. According to the International Chamber of Commerce, the value of counterfeit and pirated products around the world is roughly $600 billion, a figure that is expected to double over the next several years. Meanwhile, U.S. Customs and Border Protection and U.S. Immigration and Customs Enforcement have said that the number of seizures of counterfeit and pirated goods rose 34 percent last year to nearly 20,000. One reason why the sale of counterfeit and pirated products is a growing problem is the fact that counterfeiters are doing a better job into tricking consumers that they are purchasing legitimate products. Counterfeit goods are increasingly being made with high-quality materials, and are sometimes stamped with what seems to be the legitimate manufacturing location and date. Online sellers of counterfeit products are using e-commerce sites that look legitimate, complete with images and logos that look like those found on sites selling the authentic versions of the products. But manufacturers are beginning to fight back against this problem in a number of ways. Levi Strauss, for example, has a team of employees that is dedicated to finding and shutting down unauthorized Web sites that are selling its products. Some luxury garment makers, meanwhile, are weaving botanical DNA into their products. The DNA cannot be copied and can only be seen under a certain type of light.


DA: NY Shootings Suspect Staked Out Pharmacy
Associated Press (06/30/11)

The suspect in the shooting deaths of four people at a Medford, N.Y., drug store appeared in court on Thursday and pleaded not guilty to five counts of first-degree murder and four counts of criminal use of a firearm. According to prosecutors, 33-year-old David Laffer looked for a target for his planned robbery days in advance, and spent the night before the June 19 shootings at Haven Drugs staking out the pharmacy. Prosecutors also submitted surveillance video which they say shows Laffer shooting the victims, which included two employees of Haven Drugs and two customers who walked in on the massacre, and filling his backpack with prescription pills. The painkillers that Laffer allegedly stole from the pharmacy were members of the hydrocodone family, prosecutors said. Laffer and his wife, who allegedly drove the getaway car following the robbery and the shootings, were arrested three days after the incident. Prosecutors said that 1,000 pain pills were found in their home. The defense has disputed some of the evidence submitted by prosecutors, including fingerprints allegedly belonging to Laffer that were found on a piece of paper that was on the store's countertop. An attorney for Laffer said that her client was often a customer at Haven Drugs and could have left his fingerprints at the store on another occasion. Laffer is scheduled to appear in court again on Sept. 8, with jury selection to begin in early 2012. Laffer faces life in prison without the possibility of parole if convicted on the murder charges and as much as 25 years in prison for each of the weapons charges.


Debate Flares on S.F. Cops Doing Hospital Security
San Francisco Chronicle (06/30/11) Gordon, Rachel

San Francisco officials are currently debating whether police officers and sheriff's deputies should be allowed to provide security at hospitals in the area. San Francisco Mayor Ed Lee has proposed contracting out security services at local hospitals, and transferring the 71 officers currently working there to positions at clinics, jails, courts, and City Hall in order to save millions of dollars a year. The city employees union is fighting the move, despite the fact that none of the workers would lose their jobs. The union objects to any attempt to bring private security companies into city jobs, and has threatened to use their influence in favor of Lee's potential rivals in the upcoming Mayor race. The Board of Supervisors' Budget Committee is scheduled to decide if the proposal to hire private security for hospitals will be included in the final budget to be sent to the full board for consideration. Another possible proposal would create a hybrid security team that includes a mix of private and public workers. Advocates for privatizing hospital security say that the proposal is not just about money. Sheriff's deputies working in hospitals are not empowered to intervene in patient disputes unless the patient is deemed a threat or is acting illegally. Private guards, on the other hand, do not have such restrictions and may be able to provide more active assistance to hospital staff. Any guards brought in will be certified in prevention of workplace violence, be specially trained to work in a hospital, and have had experience working in a health care setting.




Pay-at-the-Pump Fraud Grows
BankInfoSecurity.com (06/28/11) Kitten, Tracy

Card skimming is a growing problem at gas pumps across the United States. One reason why pay-at-the-pump terminals are easy targets for skimmers is because universal access keys are widely used to open pay-at-the-pump enclosures. The National Association of Convenience Stores' Gray Taylor says that those who cannot afford to upgrade their pay-at-the-pump terminals should re-key their dispensers, and that security tape should be used to determine if their pay-at-the-pump enclosures have been tampered with. Meanwhile, card issuers and merchants are locked in a debate over what steps are needed to stop card skimming at pay-at-the-pump terminals. Issuers say that unique codes or keys need to be used to gain entry to pay-at-the-pump devices, and that merchants need to be held liable to encourage them to invest in technology and upgrades. However, Taylor says that merchants are already liable for half the fraud that takes place at pay-at-the-pump terminals, and that holding them liable for all of the fraud will result in merchants taking away the terminals. He says that a better solution would be to require that all debit card transactions be authenticated with a PIN.


Former Citigroup Accountant Accused of Embezzling $19.2 Million
New York Times (06/27/11) Dash, Eric

A former midlevel accountant at Citigroup's back office in Long Island City, N.Y., has been arrested and charged with embezzling more than $19.2 million from the company. The alleged embezzlement began last July, when Gary Foster--a former assistant vice president of Citi's internal treasury finance department--began moving roughly $900,000 from Citigroup's interest expense account and about $14.4 million from the company's debt adjustment account to its main cash account. Those transfers were completed in December 2010, according to the complaint against Foster. The complaint also alleges that Foster then wired the money to his personal account at JPMorgan Chase in eight separate transactions. Foster allegedly hid the fraud by using a fake contract or deal number on the reference line of the wire transfer. The alleged fraud was not uncovered until several weeks ago, after Citi completed an internal audit of its treasury department. Since then, safeguards and internal controls have been implemented to prevent additional fraud. Foster, meanwhile, faces up to 30 years in jail if convicted on the charges against him. He has pleaded not guilty.




Another Tear in the Airport Security Net
Los Angeles Times (07/01/11) Blankstein, Andrew

A Nigerian American man faces stowaway charges after allegedly trying to board a plane using an expired ticket that had been issued to someone else. The incident took place Wednesday morning, when Olajide Oluwaseun Noibi was able to pass through security screening at Los Angeles International Airport. He was taken into custody after he allegedly attempted to board a Delta Airlines flight to Atlanta using the expired ticket. After Noibi was arrested, authorities found him to be in possession of at least 10 other boarding passes, none of which had been issued to him. Wednesday's incident came just days after a flight attendant onboard a Virgin America Flight from New York to Los Angeles asked Noibi for his boarding pass while the flight was in midair and found that the pass was for a different flight and was printed with someone else's name. Noibi was kept under surveillance for the rest of the flight, though the flight crew did not feel that he posed a threat to the security of the plane. Noibi was questioned by authorities after he landed in Los Angeles early last Saturday morning, though he was eventually let go. In the aftermath of the two incidents, security experts are wondering how Noibi was allowed to board a flight from New York to Los Angeles with an expired ticket that was not in his name. Experts are also questioning why Noibi was allowed onboard that flight after presenting a college ID card, which is not considered to be a valid form of ID by the Transportation Security Administration. Finally, experts say they are confused as to why Noibi was released after being questioned by authorities in Los Angeles even though he had broken the law.


Al Qaeda Remains Top Threat to U.S.
Wall Street Journal (06/30/11) Johnson, Keith

The Obama administration on Wednesday unveiled its first formal document dealing with the nation's counterterrorism strategy. The document does not call for any changes in the way in which the nation deals with terrorism, but instead formalizes the strategy that has been in place since President Obama took office. The document states that al-Qaida and American citizens that have become radicalized are the biggest security threat to the U.S. In fact, the Obama administration views direct attacks on the U.S. by foreign or domestic militants as a bigger priority than dealing with Yemen and the Pakistan-Afghanistan border region. However, the Obama administration plans to continue launching targeted strikes against al-Qaida leaders, said John Brennan, who serves as President Obama's main counterterrorism adviser. Brennan also said that the U.S. will work to improve cooperation with other countries, including Yemen and Pakistan, in dealing with terrorists. Brennan added that the White House plans to unveil a detailed plan later this summer for working with Muslim and Arab communities in the U.S. to counter extremism.


U.S. Won't Pursue Bulk of CIA Detention Cases
Seattle Times (06/30/11) Lichtblau, Eric; Schmitt, Eric

The Justice Department has announced that it will open a full criminal investigation into the deaths of two terrorism suspects in CIA custody overseas. However, it is also closing investigations into the mistreatment of nearly 100 other detainees over the past decade. Those cases are being closed following a two-year review by specially appointed prosecutor John Durham, who determined that further investigation was not warranted. That said, the deaths of the two men could still result in criminal charges against CIA officers or contractors. The CIA has declined to officially identify the two men, but one is believed to be Manadel al-Jamadi, who died in CIA custody in 2003 at the Abu Ghraib prison in Iraq. The second man is believed to be Gul Rahman, who died in 2002 after being chained to a cement wall in a CIA prison in Afghanistan known as the Salt Pit.


Fighters Descend on Hotel in Kabul
Washington Post (06/29/11) P. A1 Constable, Pamela

A terrorist attack on the Intercontinental Hotel in Kabul, Afghanistan, on June 28 took the lives of at least nine civilians, including hotel staff and visitors, and wounded a dozen more, ending only when surviving attackers were shot dead by NATO helicopter gunships during a pre-dawn last stand on the hotel roof. Officials from various police and government agencies gave contradictory information on June 29 about the number of dead and wounded, as well as their nationalities. The U.S. embassy said a number of Americans had been dining or staying at the hotel but all were accounted for. The dead and injured included civilians and members of Afghanistan's security forces. The attack began when Taliban militants blew up a car bomb at the entrance to the hotel and sent a squadron of bombers and gunmen inside the building. Preparations for a meeting of Afghanistan's provincial governors were being made at the time of the attack, though officials said that the governors may have left. After a firefight between the militants and security forces that lasted several hours, the attack was brought to an end when NATO attack helicopters and Afghan security forces shot and killed militants who were fighting from the hotel's roof. All of the attackers who carried out the assault were eventually killed. Lutfullah Mashal, spokesman for the national intelligence police, said the attackers may have prepared in advance and possibly stored weapons in the area by posing as construction workers or hotel staff members. The attack comes as the Afghan government is preparing to take more responsibility for its defense and security.


Long Elusive, Irish Mob Legend Ended Up a California Recluse
New York Times (06/24/11) P. A1 Nagourney, Adam; Goodnough, Abby

James "Whitey" Bulger, the notorious Boston crime boss who went on the run 16 years ago after being tipped off by an FBI agent that he was about to be arrested, was found and taken into custody on June 22. Bulger, who was on the FBI's 10 Most Wanted List for allegedly killing 19 people and is believed to have committed a host of other crimes, was found to be living in a Santa Monica, Calif., apartment with his girlfriend Catherine Greig under the names Charlie and Carol Gasko. Authorities caught up to Bulger by launching an advertising campaign on June 20 that focused on the whereabouts of Greig, who was thought to have been easier to find because of some of her behavior, such as her devotion to animals and her visits to the beauty parlor. That campaign brought in a tip on June 21 that led agents to the Santa Monica apartment, where they observed a man and a woman who resembled Bulger and Greig,. Bulger was arrested after being lured outside by FBI agents. A subsequent search of the apartment uncovered more than $800,000, over 20 firearms, knives, and fake IDs. Bulger could face life in prison if convicted on the federal charges against him, though he could face the death penalty if convicted on murder charges in Florida. Bulger also faces charges in Oklahoma that could also bring the death penalty.




'Indestructible' Botnet Malware Infected 4.5 Million PCs
Wall Street Journal (07/01/11)

Kaspersky Labs has issued a warning about a variation of the TDSS virus, which it said is the "most sophisticated threat" to computers today. Kaspersky said that the TDSS variant, which it numbered TDL-4, is sophisticated because it infects the PC's master boot record, which loads before the operating system. This allows TDSS to gain control over the PC much more easily and makes it easier for the virus to disable security measures and avoid being detected. In addition, TDSS uses a powerful rootkit component that allows it to conceal other types of malware that may be on the victim's PC, thereby preventing the user from realizing that something is wrong. Once infected with TDSS, the machine becomes part of a botnet that now includes more than 4.5 million PCs, 28 percent of which are in the U.S. Communications between the infected computers and the botnet command and control center are encrypted, Kaspersky said.


New Cyber Attack on Arizona Police
Wall Street Journal (06/30/11) Sherr, Ian; Morse, Andrew

The hacking group AntiSec, which is made up of members of Anonymous and LulzSec, on Wednesday posted the personal information of at least 12 police officers from the Arizona Department of Public Safety that was taken in a recent cybersecurity breach. The information included e-mails, photos, and other personal information taken from the officers' social networking profiles. AntiSec said in a statement that it stole the information because it wanted to look for "humiliating dirt" on the officers. It does not appear that Arizona's computer systems were hacked during the breach, said a spokesman for Arizona Gov. Jan Brewer. This is the second cyberattack that has targeted the Arizona state police. Just last week, hackers posted training and intelligence manuals that were stolen in a previous attack.


Apple Patches 11 Java Vulnerabilities in Mac OS X
eWeek (06/29/11) Rashid, Fahmida Y.

Apple has released patches for the Java remote code vulnerabilities Oracle fixed earlier in June, including a serious flaw that allowed Java applet code to escape from the sandbox and operate as if it were a local, trusted program. Apple released a Mac OS X update patching 11 Java weaknesses. Oracle fixed those vulnerabilities 20 days ago. The Java for Mac OS X update amended various vulnerabilities in Mac OS X, Apple says in its June 28 knowledgebase article. The update addresses the extensive list of Java vulnerabilities Oracle fixed for all other systems as Java SE 6 1.6.0_26 on June 8. The Mac update patched several remotely exploitable weaknesses that can be exploited while browsing to launch drive-by attacks. In this particular attack, cybercrooks can dupe browsers and PDF readers into downloading and running malicious code without informing the user or popping up any warning messages. The most serious vulnerability addressed in this update permitted Java applet code to escape from the sandbox and operate as if it were a local, vetted program with the privileges of the current user, Apple says.


The Weakest Link in Computer Hacking? Human Error
Bloomberg (06/28/11) Edwards, Cliff; Kharif, Olga; Riley, Michael

The findings of a recent Department of Homeland Security study underscored how human error can open networks up to attacks. During the study, DHS staff members secretly left computer discs and thumb drives in plain sight in the parking lots of government buildings and private contractors. Sixty percent of the individuals who picked up the discs and thumb drives later plugged them into their work computers to see what kinds of files were on them. In addition, the study found that 90 percent of the USB thumb drives or computer discs with official logos on them were installed on the office computers of those who found them. A full report on the study is set to be published later this year. Human error has also resulted in a number of real-life security breaches, including the one that took place at RSA in March. In that attack, hackers found out that the company was hiring new workers and sent to two small groups of employees emails that included Excel spreadsheets with the title "2011 Recruitment Plan." Although the email was caught by RSA's junk email filter, one employee went into his junk email folder and opened the attachment, unleashing a hidden Flash file that exploited a vulnerability that allowed the hackers to take over the employee's computer. The hackers were then able to steal information related to RSA's two-factor authentication system. Similar attacks are increasingly being launched against senior-level executives, whose computers may have access to more valuable information than the machines used by lower-level employees.


Hacker Group Calls it Quits
Wall Street Journal (06/27/11) Sherr, Ian; Clark, Don

The hacker group LulzSec released a statement on the Internet on Saturday saying that it was ending its campaign of cyberattacks. The group did not give any specific reason why it had decided to stop breaking into computer systems, saying only that the 50-day period in which it had planned to launch attacks was now over. Security experts are divided over what LulzSec's message actually means. Some have said that the message is part of an attempt by LulzSec to confuse members of law enforcement, since there is evidence that the group's members are joining other hacker groups. Others said that the LulzSec hackers may have gotten disillusioned and may have decided to stop launching attacks because they were no longer being encouraged to do so by their peers, or because they sensed that law enforcement was getting closer to shutting them down. Still others said that LulzSec's notoriety will inspire other hackers to launch similar attacks using freely-available online hacking tools. LulzSec's announcement that it would no longer be engaging in hacking came at the same time the group released documents that it said it stole from AT&T, AOL, Electronic Arts, and the FBI. Those documents included technical information about AT&T's introduction of new wireless technology, a technical manual for managing AOL's networks, and a file from the FBI's public information Web site.


Abstracts Copyright © 2011 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments: