| |
Man Held After Molotov Cocktail is Dropped at Arlington Mall
Washington Post (10/18/12) Sullivan, Patricia; Dazio, Stefanie
Ballston Common Mall in Arlington County, Va., was evacuated and surrounding streets were closed on Thursday when a man threw what is believed to be a Molotov cocktail into the mall's food court at the beginning of the lunch hour. Police say that the bottle contained a flammable liquid and that its fuse was lit when the suspect threw it into the food court at about 12:09 p.m. Although the bottle shattered, the flammable liquid inside did not ignite. It is unclear why there was no fire or explosion after the Molotov cocktail was thrown. The suspect, who has not been named, was apprehended about 50 minutes after the attack. Three other crudely-made incendiary devices were also found in the area of the mall where the suspect was seen. The incident did not result in any injuries. The suspect remains in custody but had not been charged as of Thursday evening.
Gunman Kills 3, Self in Florida Salon Shooting
Associated Press (NY) (10/18/12) Laboy, Suzette; Hightower, Kyle
Three people were killed and another injured at a shooting in a beauty salon in Casselberry, Fla., on Thursday. Police say that the gunman targeted the salon's manager, identified as Marcia Santiago, who was in the process of obtaining a domestic violence injunction against him. Santiago was injured in the shooting. The hearing on the injunction had been scheduled for the day of the shooting. The gunman, who has been identified as Bradford Baumet, later went to a friend's house and killed himself. The relationship between Baumet and Santiago was not immediately clear, but her ex-husband said that he had heard Baumet "had a criminal record." Police records confirmed that Baumet had previously been arrested for domestic assault, felony assault, stalking, burglary, and drug possession.
Two Jailed in Local Terror Threat
Times Record News (TX) (10/17/12)
Two men are in jail this week after allegedly making terroristic threats against their workplace and co-workers last month. Several employees, including a manager, at the WDS Global call center in Wichita Falls, Texas, told police that Michael Jarnigan and Tyler Platt had made numerous threats of violence against their colleagues. The manager said Jarnigan and Platt had stated that they wanted to blow up the building and kill their co-workers, while one female employee recounted an event where the two men came to her house and said they would shoot the receptionist in the head and round up African-American employees and burn them alive. Another employee said that on separate occasions Platt threatened to blow up the business and shoot its employees, and said that "bad stuff would go down at WDS Global" if he did not receive a promotion. Investigators also turned up text message exchanges on the two men's cell phones about killing people. Platt and Jarnigan both remain in prison awaiting trial in lieu of bond.
Major Paintings Swiped From Dutch Museum
Wall Street Journal (10/16/12) Crow, Kelly
Dutch police report that someone stole seven paintings worth a total of more than $25 million from a museum in Rotterdam on Tuesday. The paintings, which included works by Henri Matisse, Pablo Picasso and Claude Monet, were taken from the museum at around 3 a.m. local time. Police say the "well prepared" thief was able to circumvent the museum's security system and remove the paintings without being detected. Investigators are currently studying museum footage to determine exactly how the burglar or burglars managed the feat. Security experts say that the inclusion of the paintings in the Art Loss Register will make it almost impossible to resell them. The suspects could, however, offer to return the works to their owners, insurers, or the museum in exchange for a ransom. It is also possible that someone would take the risk of buying them on the $6 billion global black market for art. There are still more than 300,000 artworks listed as missing or stolen on the Art Loss Register, showing that the registration system is not a foolproof way to ensure the pieces' return.
Communicating in a Crisis
Security Management (10/01/12) Wagley, John
Communicating quickly, honestly, compassionately, and without placing blame is the key to good crisis communications, experts say. The rise of social media means people will not wait to hear from the company during a crisis and will instead turn to outlets like Twitter that give instant real-time updates, which unfortunately can spread rumor, innuendo, and outright falsehoods, says Jane Jordan-Meier, founder of consultancy Jane Jordan & Associates. Companies must be prepared to respond quickly, and executives should meet with the appropriate employees to plan coordinated crisis communications. This should include a variety of channels such as telephone, email, blogs, Twitter, and other social media so that there are several channels to take up the slack should one fail, and it also helps to speak to stakeholders “by ways that they prefer,” says Jordan-Meier. A practice run is a good idea to make sure the plan can be followed as intended. Jonathan Bernstein of Bernstein Crisis Management says that clarity and honesty is essential, as any omissions, exaggerations, or understatements will be read simply as lies by the public. It is important to consult with attorneys before responding to the public, however there is a balance that must be struck so as not to say too little or appear to be hiding behind attorneys. When it comes to apologizing, some say it can be legally interpreted as an admission of guilt, but Jordan-Meier says that taking responsibility and saying “sorry” could actually avert lawsuits because people appreciate contrition. Further, failing to show compassion in communications can cause an audience to turn off and not hear the company’s message.
CIA Seeks to Expand Drone Fleet, Officials Say
Washington Post (10/19/12) Miller, Greg
CIA Director David Petraeus has asked a group of White House officials led by counterterrorism adviser John Brennan for permission to expand his agency's fleet of unmanned drones. Under the proposal, up to 10 drones would be added to CIA's the current fleet of between 30 and 35 aircraft. According to Petraeus, the expansion is needed in order to improve the CIA's ability to carry out strikes against terrorists in Pakistan and Yemen, and if need be to target members of al-Qaida in North Africa and elsewhere. If the request is approved, the CIA would likely have to open new secret bases in order to deploy its larger fleet of drones. The request from Petraeus comes as officials are becoming increasingly concerned that the turmoil in the Middle East and North Africa could strengthen al-Qaida and its affiliated groups. Officials are especially concerned about al-Qaida in the Islamic Maghreb, the al-Qaida affiliate in North Africa that has exploited the collapse of the Libyan and Malian governments to obtain weapons and gain control over swaths of territory. The request also comes as the CIA continues to search for al-Qaida chief Ayman al-Zawahiri and members of the Haqqani network in Pakistan, though the number of drone attacks in that country has fallen over the last several years.
Early Uncertainty on Libya Account
Wall Street Journal (10/19/12) Entous, Adam ; Gorman, Siobhan
New information has come to light about the Obama administration's assessment of the causes behind the attack on the U.S. consulate in Benghazi, Libya, on Sept. 11. Among the Obama administration officials who spoke publicly in the days after Sept. 11 about what may have caused the attack was Susan Rice, the U.S. ambassador to the United Nations who appeared on television on Sept. 16 to say that the assault on the consulate stemmed from protests over an inflammatory YouTube video. Those comments were based on conclusions that had been drawn by U.S. intelligence agencies. However, the office of the Director of National Intelligence began to question that conclusion on Sept. 15 after new information came in that evening indicated that the assault on the consulate may have been a terrorist attack. However, intelligence officials did not feel that the new information provided conclusive evidence that the attack was borne out of something other than a protest, and Rice was not told about the new information when she taped her television appearances the following day. By the time that intelligence analysts were able to conclusively determine that the attack was probably not sparked by protests over the video, Rice had already finished taping her appearances. It took several weeks more before Obama administration officials began to publicly say that the assault on the consulate may have been a terrorist attack. It is uncertain who if anyone was responsible for preventing Rice's comments from being broadcasted, and it is also not clear why it took longer for the new assessment of the attack to be discussed publicly.
Second Suspect Held in Fed Plot
Wall Street Journal (10/19/12) El-Ghobashy, Tamer; Barrett, Devlin
The FBI on Wednesday detained a second suspect in a plot to blow up the Federal Reserve Bank of New York. The suspect has been identified only as "Yaqueen" in the charges against primary suspect Quazi Mohammad Rezwanul Ahsan Nafis, who was arrested after allegedly attempting to detonate a fake bomb given to him by investigators posing as conspirators. According to a criminal complaint filed in the matter, Yaqueen was recruited by Nafis over Facebook for an attack on a high-level U.S. government official. That official is believed to be President Obama, though a law enforcement official who is familiar with the case said that the two men had not gone beyond talking about targeting the commander in chief. Unlike Nafis, Yaqueen will not face terrorism charges because he is suspected of being only tangentially involved in the plot. He his, however, facing an investigation for possession of child pornography. Nafis, on the other hand, is charged with attempting to use a weapon of mass destruction and attempting to provide material support to al-Qaida. He has not yet entered a plea, but he faces life in prison if convicted.
Militant Suspected in Attack in Libya Remains at Large
Wall Street Journal (10/17/12) Coker, Margaret
Despite claims last week from two Libyan officials that Ahmed Abu Khattalah, the founder of the Islamist militia Ansar al-Sharia, was present at the U.S. consulate in Benghazi when it was attacked on Sept. 11, Abu Khattalah has yet to be arrested by either Libyan or American authorities. The claims made by the Libyan officials were based on statements from witnesses who were present during the attack, as well as evidence collected during recent raids on the homes of members of Ansar al-Sharia, which has been blamed for the assault on the consulate. According to the officials, they have not received any orders to arrest Abu Khattalah since they provided American officials and their superiors in the Libyan government with evidence that he was present during the attack. However, one of the officials said that a Libyan security did carry out a raid on Abu Khattalah's home in Benghazi two weeks ago, though he was not there. Residents living near Abu Khattalah have since reported that they have seen him at his home several times. The revelations that Abu Khattalah has yet to be arrested illustrate the difficulties that U.S. officials have in fully investigating the attack on the consulate and bringing those involved to justice. Meanwhile, witnesses to the attack say that the FBI has made it difficult for them to cooperate with the investigation, saying that agents have forced them to travel at their own expense in order to meet with them while simultaneously failing to offer them protection for their cooperation.
Clinton Accepts Blame for Benghazi
Wall Street Journal (10/16/12) Langley, Monica
In a pair of interviews on Monday, Secretary of State Hillary Clinton said that she accepts responsibility for the security failures that contributed to the deaths of Ambassador Christopher Stevens and three other Americans in Benghazi, Libya, last month. In an interview with the Wall Street Journal and another on Monday while in Lima, Peru, Clinton said that, as secretary of state, ultimate responsibility for the safety of Sate Department employees rests with her, not the White House. Clinton's acceptance of responsibility for the failures at the diplomatic mission in Benghazi are in part an attempt to deflect criticism of President Obama on the issue in the weeks before the presidential election. During her interview in Peru, Clinton pointed out that neither the president nor vice president had been involved in making decisions about the security of U.S. diplomatic facilities. Clinton said she felt especially responsible for the death of Ambassador Stevens, who she had personally assigned to lead the U.S.'s diplomatic efforts in Libya as the country rose in rebellion against the regime of Moammar Gaddafi last year. However, Clinton added that the Benghazi attack should not in anyway diminish the U.S.'s support for the burgeoning democracies that have grown out of the Arab Spring.
Iran Renews Internet Attacks on U.S. Banks
Wall Street Journal (10/17/12) Gorman, Siobhan
The Iranian hacktivist group known as the Qassam Cyber Fighters continued its campaign of denial-of-service attacks against a number of U.S. banks this week, disrupting access to the Web sites of these financial institutions even though they were announced in advance. Investigators say the attacks that targeted the Web sites of BB&T and Capital One this week are 10 times more powerful than the DoS attacks that the Qassam Cyber Fighters normally carry out. That is because the group is using a tool called "itsoknoproblembro" to carry out the attacks, the computer security firm Prolexic Technologies said. The attack resulted in some Capital One customer being unable to access their accounts on the bank's Web site on Wednesday, while BB&T's Web site experienced what a spokeswoman called "intermittent outages." BB&T took steps to restore access to its Web site on Wednesday, and Capital One added new security measures to its site to prevent further attacks. Additional attacks could come on Thursday. The Qassam Cyber Fighters say it is carrying out the attacks in response to the YouTube video that denigrated Islam's Prophet Mohammed, though U.S. officials say that the group has received help and approval from the Iranian government to attack American financial institutions in response to the sanctions against Tehran. It is unclear whether the U.S. military would retaliate for the attacks, since it is uncertain whether the Pentagon's Cyber Command would consider attacks on individual financial institutions to be part of a broader assault on the nation's financial system.
Adobe Bolsters Security in Reader, Acrobat XI
DarkReading (10/17/12) Prince, Brian
Adobe Systems released updated versions of its Reader and Acrobat programs that bolster the applications' security. In the case of Acrobat XI, the company has added data theft prevention capabilities by limiting read-only activities to keep attackers from viewing sensitive data on the user's machine. The company also has implemented a separate desktop and WinStation in both reader and Acrobat to thwart screen-scraping attacks. Adobe Secure Software Engineering Team analyst Priyank Choudhury says in addition to the enhancements to Adobe's sandboxing abilities, the company also enabled support for Force Address Space Layout Randomization (ASLR) on Windows 7 and Windows 8. According to Adobe, Force ASLR makes sure all DLL files loaded by Adobe Reader or Acrobat are randomized, making it more difficult for an attacker to exploit flaws, Choudhury says. The company also added the Adobe PDF Whitelisting Framework, which lets administrators selectively enable access for certain files, sites, or hosts on both Windows and Mac OS X. The final component of the security update is newly added support for Elliptic Curve Cryptography (ECC) for digital signatures. Users can now embed long-term validation data automatically when using certificate signatures and use certificate signatures that back ECC-based credentials, Choudhury notes.
Maryland's Online Voter Registration Files Are Vulnerable to Attack, Researchers Say
Washington Post (10/17/12) Davis, Aaron C.
Leading U.S. election technology experts and a voting rights group warn that hackers could change the voter registration files of Maryland citizens with a relatively simple code. They say anyone with access to a Maryland voter's birth date and full name could change their address, party affiliation, or other data that could lead to their ballot not being counted. At the root of this danger is the linkage between the state's voter registration files and its driver's license numbers database, as such numbers are derived from a resident's name and birth date. There are Web sites that can decrypt a driver's license number using the latter two pieces of data. "If you know someone's full legal name and birth date, you know their driver's license number and you have all the information needed to tamper with their voter registration," cautions Save Our Votes co-director Rebecca Wilson. She says this is possible because Maryland sells voter rolls to campaigns looking to canvass for votes. "These problems leave the system open to large-scale, automated fraud, and make the Maryland system among the most vulnerable of all the states' new online voter registration systems," the experts warned in a letter to Maryland officials.
Identity is the New Perimeter
PC World (10/17/12) Hawley, John
In a world that is increasingly moving toward mobile, cloud-based services and SaaS applications, securing the now-fragmented IT perimeter requires a new approach. The use of SaaS completely bypasses a company's IT and security organizations, essentially producing Shadow IT. Every Shadow identity an employee creates for a cloud-based service opens a door to the enterprise, especially as most employees use the same username and password for enterprise and personal accounts. Identity, then, is the new security perimeter. Therefore the corporate security officer's role has evolved into being a connector of business services, pulling identity and access management out of the cloud and keeping it under control in order to connect the right people to the right business service. Keeping a centralized identity management and authentication service that controls access to all business services will help to secure the fragmented IT environment. Recent advances in standards such as SAML, OpenID Connect and OAuth for authentication and SCIM for user administration allow for centralized authentication, and risk-based modeling that changes authentication modes based on device, time of day, location, recent history, or transaction value will produce strong initial authentication.
Kaspersky Discovers MiniFlame Cyberespionage Malware Directly Linked to Flame and Gauss
IDG News Service (10/15/12) Constantin, Lucian
Security researchers at Kaspersky Lab have discovered malware they believe to be part of the sophisticated cyberespionage effort that spawned the Flame and Gauss malware. The researchers dubbed the new malware miniFlame because of similarities between its code and that of the Flame malware that indicated the two were likely developed using the same platform. MiniFlame is smaller and more specialized than Flame or Gauss, and the researchers believe it was used for highly targeted surveillance of machines already infected by Gauss and Flame, and may even have acted as a payload of those malware. MiniFlame is capable of two-way communication with its command-and-control servers, can load specified DLL files, create certain processes, and take screenshots of windows running certain programs, including instant messengers, browsers, and document editors. The researchers discovered miniFlame in July and estimate that it has been in use since at least 2010. The researchers found six samples of the malware and estimate that the total number of infections was very limited, between 50 and 60, with most of these centered in Middle Eastern countries.
Abstracts Copyright © 2012 Information, Inc. Bethesda, MD |
No comments:
Post a Comment