| Md. Bank Robbery Suspects Tied to Pa. Delaware Online (07/26/13) Bean, Elaine Authorities say that two Pennsylvania men who have been charged in connection with the robbery of a PNC Bank in West Ocean City, Md., on Tuesday went on a two-week-long crime spree through Maryland and Pennsylvania before they were arrested on Wednesday in a Salisbury, Md., motel. Heath A. Derizzo and Dale Mentzer were charged the day after their arrest with robbery, conspiracy to commit robbery, theft of between $1,000 to $10,000 and conspiracy to commit a theft of between $1,000 to $10,000, and are being held without bond in the Wicomico County (Md.) Detention Center. Maryland State Police said they were able to identify Derizzo after they sent surveillance photos from the bank robbery to law enforcement agencies in neighboring states. Chief Patrick O'Rourke of the Derry Township, Pa., police department, identified Derizzo as a suspect in four Pennsylvania bank robberies that took place this month. Derizzo's tattoos where visible on surveillance photos from the PNC Bank and were matched to the tattoos on the man in the surveillance footage taken during the Pennsylvania bank robberies. A search of the pair's room at the Economy Inn found various items allegedly used in the PNC Bank robbery, including Derizzo’s eyeglasses, the demand note, and the zippered bag used to carry the cash. Police Say Theft at Area McDonald's Was Inside Job WLKY (Louisville, KY) (07/25/2013) Burgin, Steve Louisville (Ky.) Metro Police have said that the evidence in their investigation into the theft of cash at a McDonald's restaurant suggests that the incident was an inside job. Sgt. Jason Carr with the LMPD robbery unit said that an employee of the McDonald's was asked to deposit the restaurant's receipts at a Fifth Third Bank a few blocks away from the restaurant on June 28. The employee, Aneisha A. Griffin, claimed that she was approached by someone armed with a pistol outside the bank who demanded the cash. Investigators believe the story is made up and that she "conspired with another employee" to commit what they said was a crime of opportunity. He noted that the 20-year-old admitted to using the money to pay some bills. Although no information was offered on how much money was involved, the charges suggest that it was anywhere between $500-$10,000. If convicted, Griffin faces a prison sentence of five to 10 years. Cruise Ship Crime to Receive More Public Scrutiny wltx.com (07/25/13) King, Ledyard A report issued by the Senate Committee on Commerce, Science, and Transportation shows that hundreds of crimes occurring on cruise ships over the last several years have not been publicly reported despite a 2010 law that was enacted to help provide consumers with better data on the industry's safety and security record. The report found that, of the 959 alleged crimes voluntarily logged with the FBI by the industry, of which 130 were deemed serious enough to report, only 31 were made public. Committee Chairman Jay Rockefeller (D-W.Va.) expressed concern that improvements which industry representatives had promised to introduce during a hearing over a year ago remain unfulfilled. In response to the report, Rockefeller introduced a bill that would provide "critical information" to the nearly 21 million Americans who will be taking cruises during 2013, before they board a ship. The bill would require information about all crimes reported on cruise ships to be made public and would require cruise lines to place surveillance cameras in public areas of their ships, among other things. Representatives from the cruise line industry, for their part, say that they are working to improve transparency about crime reports. Braeval Cancels Plans to Acquire Colombian Mining Area After Kidnapping Wall Street Journal (07/23/13) Crowe, Darcy Following the kidnapping of one of its geologists in northern Colombia in January by the rebel group the National Liberation Army (ELN), the Canadian gold exploration firm Braeval Mining has decided to cancel an option to acquire a mining area in the region. ELN had previously demanded that Braeval give up its mining exploration efforts in the region to secure the release of Gernot Wober, the company's vice president of exploration, who was taken hostage in a raid on Jan. 18. Wober was not mentioned in the statement that Braeval released Tuesday saying it was canceling its plans for the Snow mines property, saying only that the decision was due to "unfavorable market conditions." For ELN, the decision is a victory and a concession to its demand that it would only consider releasing Wober if Braeval gave back its mining titles to the four areas that make up the Snow Mine property. West Africa Pirates Seen Threatening Oil and Shipping for Years Insurance Journal (07/23/13) Arnsdorf, Isaac According to Protection Group International, which provides armed guards for ships, West Africa's oil and shipping industries will continue to be threatened by the region's pirates for years because the measures that were used to reduce attacks in the Indian Ocean have not proven to be effective in West Africa. Barry Roche, the chief executive officer of Protection Group International, noted that "The geographic and political situation in the area makes it much more difficult to operate the model that’s been employed successfully in the Indian Ocean." Part of the problem is that while international navies and private security are repelling attacks off the Somali coast, private guards are not allowed to carry weapons into ports in West Africa. This is despite the fact that attacks in West Africa are more violent because the pirates in the region have machine guns and want to steal cargo, not take hostages. The growing threat of West African piracy, which overtook Somali attacks as the greatest threat to merchant ship crews for the first time last year, is likely to last for years and may have a negative impact on the region's oil exports, Roche said. Roberts’s Picks Reshaping Secret Surveillance Court New York Times (07/26/13) Savage, Charlie Critics say that Supreme Court Chief Justice John Roberts, who is responsible for appointing judges to serve on the secret Foreign Intelligence Surveillance Court, is appointing individuals who are more likely to agree with the federal government's arguments that domestic surveillance programs are necessary. These critics say that this is because Roberts has selected conservative justices with executive branch backgrounds, which makes them more likely to grant the government permission to carry out wiretapping and other surveillance actions without warrants. Ten of the 11 judges, all of whom were appointed to the court by Roberts, came to the federal bench under Republican presidents and six worked for the federal government. Previous chief justices were also conservatives like Roberts, but their appointments tended to be more diverse: 66 percent Republican appointees and 39 percent with work experience in the executive branch. The makeup of the court has also become much more important as its power has grown, handing down classified rulings that interpret surveillance laws and constitutional rights. In 2008, the court was also given power to establish rules for a program allowing federal agents to continue conducting wiretaps without warrants. American University Professor Stephen Vladeck says these changes make it even more important that the court retains at least some "independent-minded government skeptics," a shift that critics say is unlikely if Roberts continues his current practices. Star Investigation: Federal Audit Raises Concern That Canadian Charity Funded Terror The Star (Toronto) (07/25/13) McLean, Jesse After discovering that the Canada-based ISNA (Islamic Society of North America) Development Foundation has sent more than $280,000 to a Pakistan-based agency, the Canadian Revenue Agency has threatened to revoke the foundation's charity status. The government fears that the cash may have been used to support the Hizbul Mujahideen, a militant group that wants the region of Kashmir to secede from India. The foundation's G. Nabi Chaudhary said that the money did not go to support freedom fighters. "We made sure that all of the money the charity sent to those organizations was spent on the needy," Chaudhary said, adding that the charity's board members informed auditors that "once the money left Canada, (the foundation) had no control over the money, how it was spent or what it was to be spent on." Auditors noted that the charity failed to show documents proving it had control over how the money was spent, and that the only evidence showing how the money was spent are photographs that appear to show relief work being done. However, a forensic examination discovered that the photographs had been altered. The Canadian government will give the charity the opportunity to respond to the audit before deciding whether to revoke its charity status. Move to Curb NSA Surveillance Program Defeated in House Wall Street Journal (07/25/13) Gorman, Siobhan; Hughes, Siobhan The House of Representatives has voted down an amendment that would have cut funding for National Security Agency (NSA) surveillance programs. The bill, sponsored by Rep. Justin Amash (R.-Mich.), would have prevented the NSA from widespread collection of telecom data, only allowing the agency to do so if the data was in reference to a specific suspect. The amendment was added to a military-spending bill with the support of libertarian Republicans and liberal Democrats. The bill itself passed, but the amendment was defeated 205-217, following strong lobbying efforts from the Obama administration and members of the House intelligence panel. Supporters of the NSA program argued that the amendment would have crippled crucial counterterrorism efforts. Iraqi al Qaeda Claims Deadly Prison Raids Associated Press (NY) (07/23/13) Al-Qaida's Iraqi affiliate, the Islamic State of Iraq and the Levant, released a statement claiming responsibility for violent prison raids that began on the edges of Baghdad on July 21. So far, the group has targeted Abu Ghraib and Taji prisons with an operation they are calling "Conquering the Tyrants." At least 25 members of Iraqi security forces were killed in the attacks as well as at least 21 prisoners and 10 militants. Prisoners are believed to have escaped, including members of the al-Qaida affiliate, but an exact count has not yet been released. Some officials are saying that more than 500 prisoners got away, while others claim it was only a few. Both of the prisons are now under lock down after the attacks that al-Qaida claims included 12 car bombs, rocket and missile attacks, suicide bombers, and help from prisoners. Security forces have also imposed a curfew on Abu Ghraib and have increased the number of checkpoints in the area. TSA Chief Warns of 'New Underwear Bomb' Which Threatened Airline Last Year and Forced Agency to Rethink All its Security Procedures Daily Mail (United Kingdom) (07/21/13) Gorman, Ryan Transportation Security Administration (TSA) chief John Pistole has released details on a new type of "underwear bomb" developed for use by Yemen-based al-Qaida in the Arabian Peninsula (AQAP). Pistole said the bomb is made using a "double initiation system," in which two liquids are mixed with separate syringes to create an explosive mixture. The device is sealed with household caulk in order to prevent it from being detected by TSA equipment or bomb-sniffing dogs, Pistole said. According to Pistole, TSA had to change its security systems after a double agent discovered the bomb designs last year. He added that the new bomb has the potential to be more destructive than the underwear bomb that was used in an attempt to bring down an airplane as it landed in Detroit in 2009. Pistole says the device was developed by AQAP explosive expert Ibrahim al-Asiri and that it represents a grave threat. Plans to Centralize Cybersecurity With DHS Seen as Step Forward CSO Online (07/25/13) Gonsalves, Antone The Department of Homeland Security (DHS) has proposed the creation of a $6 billion shopping network that would allow government agencies to protect unclassified networks from cyberattacks. DHS is expected to award a many as five contracts for the creation of the new cybersecurity project, called the Continuous Diagnostics and Mitigation program, before the end of July. Bidders on the contracts include Lockheed Martin, Northrop Grumman, SAIC and Computer Sciences. Cybersecurity experts say the program could act as an early warning system for cyberattacks. It would also standardize architecture and security protocols throughout the government, making it easier to purchase integrated cybersecurity solutions. Despite these potential benefits, there has been some concern about how the program will be administered, potentially lowering costs but taking longer to replace or update inventory. Supporters of the program say these risks are outweighed by the benefits it could provide. "It can accelerate the adoption of good security practices by state and local governments," explains Tom Gann, the vice president for government relations at McAfee. Android Spyware Infections on the Rise IDG News Service (07/23/13) Constantin, Lucian The overwhelming majority of mobile devices infected with malware are running the Android operating system and one third of the top 20 malware threats for Android by infection rate are categorized as spyware, Kindsight Security Labs reports. According to the company, the malware infection rate for devices connected to mobile networks is fairly low—about 0.52 percent on average. Infected devices include mobile phones as well as Windows laptops that use a mobile connection via a phone, a 3G USB modem, or a mobile hotspot device. In January, the number of compromised mobile phones accounted for more than 30 percent of all infected devices connected to mobile networks, but by June this figure had increased to more than 50 percent. The malware threat seen most frequently on Android devices was an adware Trojan program called Uapush.A that sends SMS messages and pilfers information, Kindsight notes. Uapush.A was behind 53 percent of the total number of infections found on Android devices. The second most common Android threat was QdPlugin, a Trojan program whose main purpose is to install and control other adware programs. White House Considering Incentives for Cybersecurity Compliance Homeland Security News Wire (07/23/13) The White House is considering what types of incentives to offer companies that comply with the voluntary cybersecurity rules currently being drafted as part of the president's cybersecurity executive order. The incentives are designed to encourage chemical plants, power plants, water systems, and other critical infrastructure companies to improve the security of their computer networks. As the executive order will depend heavily on industry cooperation, the Department of Homeland Security and the Treasury Department are trying to identify incentives that will get these infrastructure companies to comply with the voluntary rules. Among the possible incentives being considered are tax breaks, insurance perks, and limited protections from legal liability. As yet, however, no decision has been reached about possible incentives. Apple Developer Site Hack: Turkish Security Researcher Claims Responsibility Guardian (United Kingdom) (07/22/13) Arthur, Charles Apple says that its developer site was hacked and that information on the 275,000 registered third-party developers who use it may have been stolen. The site has been offline since July 18. Turkish security researcher Ibrahim Balic claims that he was behind the hack. "My intention was not attacking," he said. "In total I found 13 bugs and reported [them] directly one by one to Apple straight away. Just after my reporting [the] dev center got closed. I have not heard anything from them, and they announced that they got attacked. My aim was to report bugs and collect the datas [sic] for the purpose of seeing how deep I can go with it." In an e-mail to developers, Apple said that "an intruder attempted to secure personal information" of its registered developers and that some developers' names, mailing addresses and/or e-mail addresses may have been accessed. The company added that it is completely overhauling its developer systems, updating its server software, and rebuilding its entire database of developer information. There were some reports that people had received password resets against their Apple ID, suggesting that the hacker or hackers were trying to exploit some key details they had gotten access to. Apple said that the hack did not provide the attackers with access to developer code and commented that its iTunes and App Store are completely separate and remained safe. DES Encryption Leaves SIM Cards Vulnerable to Exploitation ZDNet (07/22/13) Duckett, Chris A security researcher in Germany has discovered a vulnerability in SIM cards that could affect as many as 750 million cell phones. Security Research Labs founder Karsten Nohl says the Short Message Service (SMS) over the air update system uses the 65-bit DES encryption algorithm, which is outdated and can be cracked in minutes. Nohl was able to exploit the vulnerability by sending an improperly signed binary SMS to a target device. Hackers can use a rainbow table to resolve this signature, which can in turn allow them to obtain the DES key. Attackers can then send properly signed binaries to the target device that will allow them to send SMSes, query the victim's location data, or even clone the device's SIM card so that it can be used to make fraudulent mobile payments. Several steps can be taken to defend against such attacks, including updating the cryptographic algorithms used in SIM cards. Abstracts Copyright © 2013 Information, Inc. Bethesda, MD |
No comments:
Post a Comment