Friday, July 19, 2013

Security Management Weekly - July 19, 2013

header

  Learn more! ->   sm professional  

July 19, 2013
 
 
Corporate Security
Sponsored By:
  1. "Gupta Ordered to Pay $13.9 Million to SEC in Insider Case"
  2. "Italy Court Finds Pirelli Head Guilty in Industrial Espionage Case"
  3. "Banker Charged in $2.1 Million Theft" Massachusetts
  4. "'Kill Zimmerman' Painted on Business Before Arson in Downingtown" Pennsylvania
  5. "Why Risk Intelligence is the Key to Successful Security"

Homeland Security
  1. "Man Who'd Been Set to Testify Against 'Whitey' Bulger Found Dead"
  2. "Stephen ‘The Rifleman’ Flemmi Briefly Takes Stand, Says James ‘Whitey’ Bulger was FBI Informant"
  3. "Lawmakers of Both Parties Voice Doubts About NSA Surveillance Programs"
  4. "Putin: Snowden Has Been Warned Against Further Leaks"
  5. "‘Guardian’ Journalist Says Snowden Has ‘Blueprints’ to NSA"

Cyber Security
  1. "Most Enterprise Networks Riddled With Vulnerable Java Installations, Report Says"
  2. "Denial of Service Attacks Increasing in Frequency, Severity: Survey"
  3. "Android Malware That Gives Hackers Remote Control is on Rise"
  4. "Windows 8.1 Steps Up Security With Biometrics, Encryption, and More"
  5. "Retail Breach Hits Hawaii Restaurants"

   

 
 
 

 


Gupta Ordered to Pay $13.9 Million to SEC in Insider Case
Wall Street Journal (07/18/13) Bray, Chad

U.S. District Judge Jed S. Rakoff in Manhattan on Wednesday ordered former Goldman Sachs Group Director Rajat Gupta to pay a $13.9 million penalty and prohibited him from ever again serving as a director of a public company, after being found guilty of sharing insider information with a business associate. The sentence against Gupta was handed down in a civil suit brought by the Securities and Exchange Commission following allegations that he had shared corporate secrets he learned as a member of Goldman's board with his friend and business associate Raj Rajaratnam, a hedge-fund manager. Gupta was sentenced to two years in prison and ordered to pay a $5 million fine after being convicted on criminal conspiracy and securities fraud charges last year but is currently free on bail pending a decision from a federal appeals court. Rajaratnam was ordered to pay a financial penalty of more than $92.8 million by Judge Rakoff in a civil case brought by the SEC, and is serving a prison sentence of more than 11 years after being convicted of conspiracy and multiple counts of securities fraud in 2011. George S. Canellos, the co-director of the SEC's Division of Enforcement, said these sanctions against Gupta make it clear that if a board member "abuse[s his/her] position by sharing confidential company information with friends and business associates in exchange for private gain, [he/she] will be prosecuted to the fullest extent by the SEC."


Italy Court Finds Pirelli Head Guilty in Industrial Espionage Case
Wall Street Journal (07/17/13) Castonguay, Gilles

Pirelli & C SpA Chairman Marco Tronchetti Provera was found guilty in an Italian court on Wednesday on charges of receiving stolen information. The case dates back to when Pirelli & C had a controlling stake in Telecom Italia SpA nearly 10 years ago. In 2004, Tronchetti was accused of receiving a DVD with information concerning Banco Opportunity, which at the time was in competition with Telecom Italia for control of Brasil Telecom Participacoes SA. According to public prosecutor Alfredo Robledo, who brought the case against Tronchetti, the information on the DVD was obtained by Telecom Italia's security personnel after hacking into the computer of a consultant working for Banco Opportunity. Tronchetti maintains his innocence, and claims to have handed over the DVD to the authorities soon after receiving it. Tronchetti's lawyer, Roberto Rampioni, said it made no sense that his client should be found guilty since it was Tronchetti who told authorities about the information that was stolen from Banco Opportunity. Tronchetti was given a suspended 20 month prison sentence and ordered to pay €900,000 to Telecom Italia, along with other damages to plaintiffs. Rampioni says that he plans to wait for the judge's summary but has not said whether his client was considering an appeal.


Banker Charged in $2.1 Million Theft
Boston Herald (MA) (07/16/13) Szaniszlo, Marie

A former personal banker at a Bank of America in Massachusetts pleaded not guilty on Tuesday to charges of stealing more than $2.1 million from 31 investors and customers in an alleged Ponzi scheme that started in July 1999. The charges against Elaina Patterson included 16 counts of larceny over $250 and 15 counts of larceny over $250 from a person over 60. Prosecutors say that Patterson made nearly $6 million in fraudulent transactions involving the 31 investors and customers between July 1999 and September 2011, and also convinced 15 of her friends and family members to invest nearly $4.5 million in accounts for which she issued fake certificate of deposit records and tax forms. Patterson allegedly began stealing money from customers' accounts to conceal her thefts in 2009, and made payments of nearly $3.8 million back to customers and investors, resulting in a net theft of more than $2.1 million. She has been released on her own recognizance pending a hearing on Aug. 14.


'Kill Zimmerman' Painted on Business Before Arson in Downingtown
6abc.com (PA) (07/15/13) Bloomquist, Sarah

Police in Chester County, Pa., are investigating an arson and an act of vandalism at a business in Downingtown that was apparently committed by someone who was upset with the verdict in the George Zimmerman case. After bringing a fire at a commercial sign manufacturer under control on July 14, firefighters found red graffiti reading "Kill Zimmerman" on the front wall of the store. Given the presence of the graffiti, police suspected that the fire may have been set intentionally. The fire was later ruled an arson that was fueled by an unknown accelerant. Investigators have since returned to the business to look for new clues. No arrests have been made, and law enforcement sources are being close-lipped as the investigation continues. What is known is that a professional clean-up crew has been called in to repair the estimated $500,000 in smoke and water damage.


Why Risk Intelligence is the Key to Successful Security
Security Magazine (07/13) Brennan, Jerry; Mattice, Lynn

In order to build a complete and successful enterprise risk management program risk intelligence is the final and most important part needed. A comprehensive risk intelligence program will help ensure viability, survivability, and resilience of the entire plan. Risk intelligence includes the collection and analysis of intelligence from the environment of internal and external sources. Studying all risks, threats, and hazards that could be encountered is also a very important aspect of risk intelligence. However, few programs provide enough knowledge that allows companies to make informed decisions as many programs are fragmented. But this is the norm across government intelligence agencies as well, although cooperation is improving in the wake of failure to share intelligence. Despite recommendations and even executive action the government remains hesitant to share data with private sector. But an effective program can be built through analysis of a corporate culture and can it support a risk intelligence program. A successful program will also require strong leadership that has support from staff and possess skills that foster success. Finally, any good program can effectively gather data from a variety of sources including people, the Internet, news clipping services, and research publications.




Man Who'd Been Set to Testify Against 'Whitey' Bulger Found Dead
CNN.com (07/19/13) Sgueglia, Kristina

Stephen Rakes, a 59-year-old man who had been scheduled to testify in the trial of Whitey Bulger but was dropped from the prosecution's list of witnesses, was found dead in a Boston suburb on Wednesday. An autopsy was performed Thursday to determine the cause and manner of death. No signs of trauma were found on Rakes' body, which was discovered by a jogger in Lincoln, Mass. Toxicology tests will take several weeks to complete. The discovery of Rakes' body came one day after he reportedly learned that prosecutors in the Bulger trial dropped him from their list of potential witnesses. A friend of Rakes who is also the brother of one of Bulger's alleged victims said that Rakes had been looking forward to testify in the case and was devastated about not being able to testify. Rakes had claimed that Bulger had forced him to sell his Boston liquor store, Stippo's, to him in the 1980s--a demand which Rakes said he refused. Former Bulger associate Kevin Weeks, who testified against Bulger last Monday, said that Bulger had forced Rakes to accept $100,000 in exchange for his liquor store. Weeks also noted that Rakes had agreed to sell Stippo's but tried to back out of the deal shortly before it was completed. Rakes had said that Weeks, who testified for the prosecution after learning that Bulger was an FBI informant, was lying.


Stephen ‘The Rifleman’ Flemmi Briefly Takes Stand, Says James ‘Whitey’ Bulger was FBI Informant
Boston Globe (07/18/13) Murphy, Shelley ; Valencia, Milton J.

Former Whitey Bulger associate Stephen “The Rifleman” Flemmi took the stand on July 18 to testify for the prosecution, saying that Bulger was an FBI informant--a charge which Bulger has denied. According to Flemmi, Bulger reported to corrupt FBI agent John Connolly as well as other agents and gave them information "hundreds of times." Relations between the two former criminal associates are clearly acrimonious, with Flemmi staying on the stand after his testimony ended to mouth expletives at Bulger. He responded, but onlookers could not make out what he said. Flemmi’s testimony has been long-awaited, as he and Bulger allegedly ran Boston’s notorious Winter Hill Gang together. Flemmi is also seen by some as one of the most important witnesses in the case because he is thought to be the only person who can contradict Bulger's claim that he was not an FBI informant. He is scheduled to continue his testimony on July 19. Bulger is charged in connection with 19 murders as well as extortion, money laundering, and stockpiling guns. Bulger has pleaded not guilty to all charges and is being held without bail.


Lawmakers of Both Parties Voice Doubts About NSA Surveillance Programs
Washington Post (DC) (07/18/13) Horwitz, Sari; Branigin, William

A bipartisan group of lawmakers on Wednesday warned Obama administration officials that the legislative authority that allows the National Security Agency (NSA) to collect the phone records of Americans could be revoked unless changes are made to the program. The warning came during a House Judiciary Committee hearing that featured testimony by officials from NSA, the Justice Department, the FBI, and the Office of the Director of National Intelligence. Among the officials who were asked to justify the government's collection and storage of phone records was NSA Deputy Director John C. Inglis, who said that the phone records collection program is overseen by the Foreign Intelligence Surveillance Court. Inglis also made a new revelation about the program: that the court allows NSA to also collect the phone records of individuals who are two or three degrees of separation away from an individual of interest. That means that NSA has likely collected the phone records of millions of individuals, an official from the American Civil Liberties Union said at the hearing. Some lawmakers responded to testimony from Inglis and other government officials by saying that they were concerned that the Obama administration's interpretation of the government's surveillance powers far exceeds what lawmakers intended when they passed the USA Patriot Act. Rep. F. James Sensenbrenner (R-Wis.) said that officials needed to change how they operate the surveillance programs authorized under Section 215 of the Patriot Act, or that section might not be renewed by the House.


Putin: Snowden Has Been Warned Against Further Leaks
CBSNews.com (07/17/13)

Russian President Vladimir Putin said Wednesday that National Security Agency leaker Edward Snowden has been warned not to make any further leaks or engage in any actions that could harm Russian-American relations. Putin also said two weeks ago that if Snowden wanted to receive temporary asylum in Russia, he must stop any activities "aimed at inflicting damage" against the U.S. However, Putin said at the time that he did not believe that Snowden had any intention of not leaking further information to the news media. Snowden said in a letter published on Tuesday that he does not plan to release any secrets that he thinks would be harmful to the American people. But officials with the U.S. government have said that he has already done so, suggesting that his release of information on U.S. intelligence gathering operations has prompted changes in the communications used by terrorist groups and has made it harder for U.S. officials to pinpoint threats. Snowden remains in the transit area of the Moscow airport, despite the fact that American officials want to bring him back to U.S. soil to face espionage charges.


‘Guardian’ Journalist Says Snowden Has ‘Blueprints’ to NSA
Associated Press (NY) (07/15/13) Barchfield, Jenny

Glenn Greenwald, the British journalist who has remained in contact with Edward Snowden since he first leaked documents about the National Security Agency's surveillance programs last month, says that Snowden is in possession of thousands of highly-sensitive documents that include information on how NSA is structured and how it operates. He added that the information contained in these documents would allow someone to evade NSA's surveillance or would allow others to develop similar surveillance programs. Greenwald notes that Snowden took these documents because the information they contain supports the claims he has made about NSA surveillance, though he does not want these documents to be released. Greenwald says that he believes the release of the documents could harm the U.S. government. However, Greenwald says that he expects to write additional stories based on other documents that Snowden has in his possession over the next several months. These stories will include information about additional surveillance programs that have yet to be divulged but are similar to those that have already been reported on, Greenwald says. Greenwald also says that Snowden is concerned that the U.S. could target him for assassination, and that he has given several people authorization to release sensitive documents on his behalf should that happen. Greenwald says that Snowden wanted to create a so-called dead man's pact with these individuals in order to protect himself from any attacks against him.




Most Enterprise Networks Riddled With Vulnerable Java Installations, Report Says
IDG News Service (07/18/13) Constantin, Lucian

Despite Oracle's best efforts to improve Java security during the past six months, Java flaws continue to represent a significant security risk for organizations because most of them have outdated versions of the software installed on their machines, according to Bit9. The company's report says that Java 6 is the most prevalent major version of Java in enterprise environments, and is present on more than 80 percent of enterprise computers that have Java installed. However, only Oracle customers with a long-term support contract will continue to receive security updates for Java 6, which reached the end of public support in April. Bit9 also found that most companies running Java 6 on their systems do not have the most recent security updates for it, and that the most secure version of the software, Java 7, is only running on about 15 percent of endpoint systems sampled by Bit9. Another problem is that about 42 percent of enterprise systems have multiple versions of Java running on them, and about 20 percent have more than three versions.


Denial of Service Attacks Increasing in Frequency, Severity: Survey
Business Insurance (07/17/13) Greenwald, Judy

Companies experienced a 33 percent increase in distributed denial-of-service (DDoS) attacks in the second quarter of 2013 compared to the second quarter of last year, according to a new Prolexic Technologies survey. The survey also found "that the attacks in the quarter were extremely intense, and perpetrators have considerable firepower at their disposal." Prolexic says most companies do not have the resources to repel DDoS incidents of this size. In addition to increased strength, the attacks also are lasting longer, with the average duration of a DDoS attack rising from 17 hours to 34.5 hours year-over-year. Financial services companies remained the most common target, but other industries such as retail health care, high tech, media and telecom, and travel also were hit. Of those attacks, 39.5 percent came from China, which remained the highest source of DDoS incidents. Meanwhile, Mexico took the second spot, accounting for 27.3 percent of all attacks.


Android Malware That Gives Hackers Remote Control is on Rise
Ars Technica (07/17/13) Gallagher, Sean

Symantec Senior Software Engineer Andrea Lelli wrote in a recent blog post about the growth of an underground market for malware tools based on an open source tool called Androrat that allows for the remote administration of devices running the Android operating system (OS). Packaged as a standard Android application, Androrat can be installed to launch at device start-up or as an "activity" application, and once installed the device can be remotely controlled with an SMS message or a call from a specified phone number. Androrat has full control of the system once it has been installed, and can siphon off call logs, contact data, and short message service (SMS) messages, among other things. Underground malware marketplaces have started to offer Androrat "binder" tools, which can attach the RAT to the APK files of legitimate applications, so that it can sneak past the OS's security model. To date, Symantec analysts have found 23 instances of legitimate apps that have been turned into carriers for Androrat, and have even found that the code has also been incorporated into other "commercial" malware, such as Adwind. Symantec has detected "several hundred" cases of Androrat-based malware infections, primarily in Turkey and the United States. The growing availability of binders suggests that the potential for infection will increase.


Windows 8.1 Steps Up Security With Biometrics, Encryption, and More
PC World (07/16/13) Geier, Eric

Microsoft has released its preview of Windows 8.1, which includes a number of new security features. The first of these improvements is a suite of new features for Microsoft Internet Explorer 11 (IE 11), which includes making Enhanced Protected Mode (EPM) the default setting. EPM mode prevents websites in IE 11 from accessing data on the computer, uses 64-bit tabs to protect against attacks, and provides better interfacing with security programs. Windows 8.1 also offers improvements for the Windows Defender antivirus program, which will now provide network-behavior monitoring to detect malware. In addition, Microsoft will make device encryption available and enabled by default for all users, while stepping up support of biometric locks such as native support for fingerprint authentication on laptops and devices with a fingerprint reader. Other new security features include Assigned Access, which allows users to lock down computers or devices for use with particular apps, and Remote Data Control, which allows companies to remotely encrypt and wipe data on employee devices.


Retail Breach Hits Hawaii Restaurants
BankInfoSecurity.com (07/15/13) Kitten, Tracy

Upscale restaurant chain Roy's says malware that infected a corporate computer may have infiltrated its network and exposed payment card data. Roy's Holdings, which owns and manages six Roy's restaurants in Hawaii, recently confirmed that a single employee's compromised desktop PC may have exposed debit and credit card information related to transactions conducted at five of its locations in February. Group-IB's Andrey Komarov says the timeline suggests BlackPOS or Alina, which are both retail Trojans. He notes that although criminal groups used Alina to target retailers in the United States, Hawaii has not yet been cited as an affected state. The company's release states that Roy's hired several independent security and forensics investigators to analyze the malware attack and also worked with legal and security vulnerability experts. Gartner's Avivah Litan says the attack on Roy's could indicate that criminals are targeting higher-value cardholders, but Aite Group's Shirley Inscoe says some aspects remain unclear. "The company did not state the position the corporate employee whose computer was infected holds, which could infer a rifle or targeted approach to potential victims," she says. The statement also does not explain how the desktop computer was infected.


Abstracts Copyright © 2013 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments:

Post a Comment