Friday, April 18, 2014




Complete DHS Report for April 18, 2014

Daily Report

Details

 • The Portland Water Bureau announced April 16 that it will flush 38 million gallons of water from Mt. Tabor Reservoir 5 after a man urinated in the city’s drinking supply. – Portland Oregonian

15. April 17, Portland Oregonian – (Oregon) Portland will flush 38 million gallons of water after man urinates in Mt. Tabor Reservoir. The Portland Water Bureau announced April 16 that it will flush 38 million gallons of water from Mt. Tabor Reservoir 5 after a man urinated in the city’s drinking supply. Officials turned off the pipes that carry water to and from Reservoir 5 after security officers who monitor the reservoir caught the man on camera. Source: http://www.oregonlive.com/portland/index.ssf/2014/04/portland_will_flush_38_million.html

 • A Monterey Park Fire Department fire engine and an Alhambra Fire Department ladder truck collided April 16 in Monterey Park, California, leaving 6 firefighters and 9 civilians injured. – San Gabriel Valley Tribune

20. April 17, San Gabriel Valley Tribune – (California) Monterey Park fire truck collision injures 15, one critically. A Monterey Park Fire Department fire engine and an Alhambra Fire Department ladder truck collided April 16 in a Monterey Park intersection, sending the fire truck crashing into Lu Dumpling House and leaving 6 firefighters and 9 civilians injured. Source: http://www.pasadenastarnews.com/general-news/20140416/monterey-park-fire-truck-collision-injures-15-one-critically

 • About 500-700 homes and businesses in Solvang, California, were evacuated for over 8 hours after a potentially explosive military device was reported to Santa Barbara County officials April 16. – KNBC 4 Los Angeles

26. April 17, KNBC 4 Los Angeles – (California) Hundreds return home after explosives scare in Solvang. About 500-700 homes and businesses in Solvang were evacuated after a potentially explosive military device, described as military ordnance, was reported to Santa Barbara County officials April 16. The evacuation order was lifted over 8 hours later after authorities removed the device and deemed it safe. Source: http://www.nbclosangeles.com/news/local/Explosives-Scare-in-SoCal-Tourist-Town-Prompts-Hundreds-of-Evacuations-255601571.html

 • Officials are investigating a 6-alarm fire that broke out at an apartment building near the Central Square area of Cambridge, Massachusetts, April 17 and left about 100 residents displaced. – Boston Globe (See item 27)

27. April 17, Boston Globe – (Massachusetts) Six-alarm fire in Cambridge displaces 100 people. Officials are investigating a 6-alarm fire that broke out at an apartment building near the Central Square area of Cambridge April 17 and left about 100 residents displaced. Source: http://www.bostonglobe.com/metro/2014/04/17/cambridge/p2KojxDOH1OgFuPdTThoII/story.html

Financial Services Sector

6. April 16, KABC 7 Los Angeles – (California) ‘Luger Bandit’ bank robbery suspect caught. A suspect thought to be the “Luger Bandit” was arrested April 16 in Chino following a robbery of a Chase Bank branch. The man is thought to be responsible for at least eight bank robberies in Los Angeles, San Bernardino, and Riverside counties Source: http://abclocal.go.com/kabc/story?section=news/local/inland_empire&id=9506708

7. April 16, WITI 6 Milwaukee – (Wisconsin) Waterford woman indicted for wire, mail & credit card fraud. A Waterford, Wisconsin woman was indicted April 16 on wire, mail, and credit card fraud charges for allegedly defrauding her employer, Industrial Electric Wire & Cable, by fraudulently obtaining company checks and credit cards and using them to steal over $1.9 million. She is also accused of fraudulently obtaining a $68,000 loan as part of the alleged scheme. Source: http://fox6now.com/2014/04/16/waterford-woman-indicted-for-wire-mail-credit-card-fraud/

For another story, see item 21 below in the Information Technology Sector

Information Technology Sector

21. April 17, Softpedia – (International) Java RAT UNRECOM mines for Litecoins, infects Android devices. Researchers at Trend Micro analyzed a new version of the UNRECOM remote access trojan (RAT) and found that it is being distributed via spam emails in order to compromise Android and other devices. The RAT contains the ability to take screenshots, mine for the Litecoin virtual currency, and can add additional plugins to itself, among other functions. Source: http://news.softpedia.com/news/Java-RAT-UNRECOM-Mines-for-Litecoins-Infects-Android-Devices-438191.shtml3

22. April 17, Help Net Security – (International) Tor relays vulnerable to Heartbleed dropped from anonymity network. The leader of the Tor Project stated that the Tor anonymity network could temporarily lose around 12 percent of exit capacity and guard capacity after the network began rejecting relays and bridges that are still vulnerable to the Heartbleed vulnerability in OpenSSL. Source: http://www.net-security.org/secworld.php?id=16708

23. April 17, Help Net Security – (International) Attackers use reflection techniques for larger DDoS attacks. Akamai released a global distributed denial of service (DDoS) attack report, which found that attackers in the first quarter of 2014 favored using reflection and amplification techniques to conduct DDoS attacks, rather than relying on traditional botnets. The report found that the most abused protocols were Character Generator (CHARGEN), Network Time Protocol (NTP), and Domain Name System (DNS.) Source: http://www.net-security.org/secworld.php?id=16707

24. April 16, Softpedia – (International) 65% of US organizations experienced SQL injection attacks, study finds. A report by the Ponemon Institute for DB Networks found that 65 percent of 595 U.S. security professionals surveyed reported experiencing SQL injection attacks during the past 12 months. The study also found that it took an average of 140 days to discover a breach and another 68 days to remediate the issue, among other findings. Source: http://news.softpedia.com/news/65-of-US-Organizations-Experienced-SQL-Injection-Attacks-Study-Finds-438048.shtml

Communications Sector

25. April 16, Northland’s NewsCenter – (Wisconsin) CenturyLink phone service down across Twin Ports due to cut fiber cable. CenturyLink customers experienced a loss in phone service between Superior and Duluth for several hours April 16 when a fiber cable was accidentally cut in Superior. Source: http://www.northlandsnewscenter.com/news/local/CenturyLink-phone-service-down-across-Twin-Ports-due-to-cut-fiber-cable-255517281.html

Thursday, April 17, 2014




Complete DHS Report for April 17, 2014

Daily Report

Details

 • The Massachusetts Securities Division charged TelexFREE Inc., with running a Ponzi scheme targeting Brazilian-Americans that has raised over $90 million from Massachusetts residents and around $1 billion globally. – Forbes See item 5 below in the Financial Services Sector

 • Up to 1 million gallons of sewage potentially overflowed into Rock Creek from three different areas in Robertsdale, Alabama, April 14 and April 15 after heavy rainfall. – WALA 10 Mobile

11. April 16, WALA 10 Mobile – (Alabama) BCHD: 1M gallons of sewage spilled. The Baldwin County Health Department reported that up to 1 million gallons of sewage potentially overflowed into Rock Creek from three different areas in Robertsdale April 14 and April 15 after heavy rainfall. Source: http://fox10tv.com/2014/04/15/bchd-1-million-gallons-of-sewage-spilled-in-robertsdale/

 • The Michigan Board of Pharmacy Disciplinary Subcommittee rescinded South Lyon Pharmacy’s operating license, revoked the owner’s pharmacist license for 3 years, and issued a $100,000 fine April 10 to the South Lyon pharmacy for distributing tainted dextrose injections in 2013. – Birmingham Observer Eccentric

15. April 15, Birmingham Observer Eccentric – (Michigan) Tainted drugs lead to closure of South Lyon pharmacy. The Michigan Board of Pharmacy Disciplinary Subcommittee permanently rescinded Specialty Medicine Compounding Pharmacy’s operating license, revoked the owner’s pharmacist license for 3 years, and issued a $100,000 fine April 10 to the South Lyon pharmacy for distributing tainted dextrose injections in 2013. Fungi were discovered in October 2013 in vials of one of the pharmacy’s compounded intravenous solutions at Henry Ford Hospital in Detroit. Source: http://www.hometownlife.com/article/20140415/NEWS19/304150011/Tainted-drugs-lead-closure-South-Lyon-pharmacy

 • Between 60-100 employees of the Manhattan Beach Studios media campus in Manhattan Beach, California, were evacuated for nearly 7 hours due to a phoned bomb threat April 15. – Hermosa Beach Beach Reporter

26. April 15, Hermosa Beach Beach Reporter – (California) Police call off search after bomb threat at Manhattan Beach Studios. Between 60-100 employees of the Manhattan Beach Studios media campus in Manhattan Beach, California, were evacuated due to a phoned bomb threat April 15. Authorities searched and cleared the scene nearly 7 hours later after no explosive devices were found. Source: http://tbrnews.com/news/manhattan_beach/police-call-off-search-after-bomb-threat-at-manhattan-beach/article_ead66294-c4ca-11e3-a3e6-001a4bcf887a.html

Financial Services Sector

3. April 16, Softpedia – (International) POS malware, RATs and banking trojans used by cybercrime group. FireEye researchers reported on the activities of a cybercrime group that is targeting financial services companies, banks, and businesses with a variety of malware, including the Netwire and DarkComet remote access trojans (RATs), JackPOS point of sale malware, and the Zeus trojan. The researchers found that the group uses spam emails to begin their attacks and that over 9 percent of targets opened the emails’ malicious attachments. Source: http://news.softpedia.com/news/POS-Malware-RATs-and-Banking-Trojans-Used-by-Cybercrime-Group-437880.shtml

4. April 16, WESH 2 Orlando– (Florida) Feds: Victoria’s Secret outlet employee used credit card skimmer. Two people were arrested for allegedly participating in a payment card skimming scheme where a Victoria’s Secret employee at a store in Orlando allegedly used a hidden device to skim card data and then deliver the numbers to the second individual in return for payment. U.S. Secret Service agents stated that over 200 payment card numbers were found during the agency’s investigation. Source: http://www.wesh.com/news/feds-victorias-secret-outlet-employee-used-credit-card-skimmer/25500002

5. April 15, Forbes – (International) Massachusetts regulators allege TelexFREE is $1 billion Ponzi scheme. The Massachusetts Securities Division charged TelexFREE Inc., based in Massachusetts and TelexFREE LLC based in Nevada with running a Ponzi scheme targeting Brazilian-Americans that has raised over $90 million from Massachusetts residents and around $1 billion globally. Source: http://www.forbes.com/sites/jordanmaglich/2014/04/15/massachusetts-regulators-allege-telexfree-is-1-billion-ponzi-scheme/

6. April 15, Chicago Tribune – (Illinois) Suspect in ‘Benchwarmer bandit’ bank robberies caught after Loop heist. A suspect believed to be the “Benchwarmer Bandit” responsible for six bank robberies was arrested April 15 following a robbery at a Fifth Third Bank branch in the Loop area of Chicago. Source: http://www.chicagotribune.com/news/local/breaking/chi-loop-area-bank-robbed-authorities-on-scene-20140415,0,5775825.story

7. April 15, Nashville Tennessean – (Tennessee) Police: 4 used fake credit cards at Nashville Walmarts. Police in Nashville arrested four individuals April 14 for allegedly using counterfeit credit cards at two area Walmart stores. Police conducted a traffic stop and found over 100 gift cards, a credit card coding device, $32,000 in blank money orders, and 2 computers in their possession. Source: http://www.tennessean.com/story/news/crime/2014/04/15/police-used-fake-credit-cards-nashville-walmarts/7759305/

Information Technology Sector

19. April 16, Softpedia – (International) Oracle fixes 104 security holes with April 2014 CPU. Oracle released its April Critical Patch Update (CPU), containing patches for 104 vulnerabilities in various Oracle products, 37 of which affect Java SE. Source: http://news.softpedia.com/news/Oracle-Fixes-104-Security-Holes-with-April-2014-CPU-437964.shtml

20. April 16, V3.co.uk – (International) Samsung Galaxy S5 fingerprint scanner hacked. Researchers at Security Research Labs demonstrated a method to defeat the Samsung Galaxy S5’s fingerprint scanner, which could allow an attacker to unlock the device by using a print of the owner’s fingerprint. Source: http://www.v3.co.uk/v3-uk/news/2340156/samsung-galaxy-s5-fingerprint-scanner-hacked

21. April 16, Softpedia – (International) Adobe Reader for Android 11 updated to fix remote code execution vulnerability. Adobe released an update for its Adobe Reader for Android, closing a vulnerability that could be used to remotely execute arbitrary code when a user opens a malicious .PDF document. Source: http://news.softpedia.com/news/Adobe-Reader-for-Android-11-Updated-to-Fix-Remote-Code-Execution-Vulnerability-437978.shtml

Communications Sector

22. April 16, Hawaii News Now – (Hawaii) Potentially hundreds affected by copper theft at Hawaiian Telcom Cable site. More than 600 Hawaiian Telcom customers lost Internet and telephone service when about 50 feet of copper cable was stolen April 14 by thieves who broke through a manhole. Repairs were expected to be completed by the end of the week. Source : http://www.hawaiinewsnow.com/story/25257417/hundreds-affected-by-copper-theft-at-hawaiian-telcom-cable-site

23. April 15, Cibola County Beacon – (New Mexico) Copper theft causes power outage. An aerial fiber optic link was vandalized April 12, causing CenturyLink customers in Cibola County to lose phone and Internet services for nearly 10 hours. Authorities are investigating the incident. Source: http://www.cibolabeacon.com/news/copper-theft-causes-power-outage/article_75b1ffc4-c4ba-11e3-8c56-0019bb2963f4.html

24. April 15, Murfreesboro Daily News Journal – (Tennessee; Texas) Verizon call center deemed safe after bomb threat. A Verizon call center in Murfreesboro, Tennessee, was evacuated for nearly 4 hours April 14 after a bomb threat was phoned in at the Verizon Call Center in El Paso, Texas. Police searched the building and deemed it safe after nothing suspicious was found. Source: http://www.dnj.com/article/20140414/NEWS/304140040

Wednesday, April 16, 2014


Complete DHS Report for April 16, 2014

Daily Report

Details

 • The head of the Idaho-based DBSI Inc., real estate investment firm and three others were found guilty April 14 on federal wire and securities fraud charges over a scheme which cost investors at least $169 million. – Minneapolis Star Tribune See item 6 below in the Financial Services Sector

 • Police responded to several multi-vehicle accidents on various highways in the Milwaukee area April 14 due to ice and blowing snow, including one crash involving two semi-trucks and two school buses. – WDJT 58 Milwaukee

8. April 15, WDJT 58 Milwaukee – (Wisconsin) Multiple cars slide into semi near Miller Park, dozens of other crashes Monday into Tuesday. Northbound lanes of U.S. 45 in Wauwatosa were closed for 5 hours April 14 while police responded to several multi-vehicle accidents, including an accident involving 2 semi-trucks and 2 school buses. All lanes of Interstate 94 in Waukesha County were also closed for 2 hours due to blowing snow and icy conditions that caused a crash involving 7 vehicles.  Source: http://www.cbs58.com/news/local-news/Icy-roads-lead-to-several-multi-vehicle-crashes-on-area-highways-overnight-255290721.html

 • A spill April 11 at a wastewater treatment plant while crews were installing a lift station released an estimated 17,000 gallons of untreated sewage into the Mississippi River at LeClaire, Iowa. – WQAD 8 Moline

16. April 14, WQAD 8 Moline – (Iowa) 17,000 gallons of raw sewage released at LeClaire. An April 11 spill that occurred at a wastewater treatment plant while crews were installing a lift station released an estimated 17,000 gallons of untreated sewage into the Mississippi River at LeClaire, Iowa. Source: http://wqad.com/2014/04/14/17000-gallons-of-raw-sewage-released-at-leclaire/

 • Five people were convicted in a scam in the Bryan, Texas area that used individuals allegedly injured in car accidents to submit $3 million worth of false billing claims, causing $1.2 million in losses. – Bryan-College Station Eagle (See item 17)

17. April 15, Bryan-College Station Eagle – (Texas) Former chiropractor, co-defendant sentenced in insurance fraud scheme. A former Bryan, Texas chiropractor and a co-defendant were among five people convicted for their roles in a scheme to submit $3 million worth of false billing claims, of which insurance companies paid at least $1.2 million. Four chiropractic clinics and a law firm were used in the scam to recommend patients who had allegedly been injured in auto accidents to receive unnecessary treatment in order to falsely bill the auto insurance companies and force them into settling claims. Source: http://www.theeagle.com/news/local/former-chiropractor-co-defendent-sentenced-in-insurance-fraud-scheme/article_581e53a5-9b0c-51ba-919e-a4b4f491d01c.html

Financial Services Sector

5. April 15, Softpedia – (International) RCE, information disclosure and XSS flaws found in PayPal Partner Program. A security researcher identified and reported a cross-site scripting (XSS) issue and an information disclosure issue that could be leveraged for remote code execution in the PayPal Partner Program’s payment processor Web site. The issues were later closed by PayPal. Source: http://news.softpedia.com/news/RCE-Information-Disclosure-and-XSS-Flaws-Found-in-PayPal-Partner-Program-Video-437634.shtml

6. April 14, Minneapolis Star Tribune – (National) Idaho investment executive convicted on 78 fraud counts. The head of the Idaho-based DBSI Inc., real estate investment firm and three others were found guilty April 14 on federal wire and securities fraud charges for falsely advertising investments, which cost 8,000 investors at least $169 million. Source: http://www.startribune.com/business/255261931.html

7. April 14, Glendale News-Press – (California) Man accused of bank fraud, stealing 99 Cents Only store customer identities. A Glendale man and two others face charges for allegedly obtaining and distributing payment card skimming devices and placing them at several 99 Cents Only stores in southern California, causing losses of over $2 million. Source: http://www.glendalenewspress.com/news/tn-gnp-man-accused-of-bank-fraud-stealing-99-cents-only-store-customer-identities-20140414,0,4613407.story

Information Technology Sector

24. April 15, Softpedia – (International) Expert finds SQL injection, RCE vulnerabilities in Flickr Photo Books. A security researcher identified and reported a SQL injection vulnerability and a remote code execution vulnerability in Flickr’s Photo Books Web site that could allow an attacker to gain access to Flickr’s databases. Yahoo closed the vulnerabilities after a second report by the researcher. Source: http://news.softpedia.com/news/Expert-Finds-SQL-Injection-RCE-Vulnerabilities-in-Flickr-Photo-Books-Video-437724.shtml

25. April 15, Help Net Security – (International) Hardware manufacturer LaCie suffered year-long data breach. Computer storage manufacturer LaCie stated that the FBI informed the company of a data breach where malware was used to gain access to customer transactions carried out on the company’s Web site. LaCie temporarily disabled the e-commerce portion of its Web site and will be resetting users’ passwords in response. Source: http://www.net-security.org/secworld.php?id=16693

26. April 15, Help Net Security – (International) Heartbleed: VMware starts delivering patches. VMware announced that it began issuing patches for its products affected by the Heartbleed OpenSSL vulnerability, with patches for all affected products expected by April 19. Source: http://www.net-security.org/secworld.php?id=16692

27. April 14, Softpedia – (International) Flash SMS flaw in iOS can be exploited to make the lock screen unresponsive. A security researcher identified a Flash SMS flaw in iOS that can be used to make a device’s lock screen unresponsive, which could be used for ransom attacks. The flaw was fixed with the release of iOS 7.1 but devices running previous versions of the mobile operating system are vulnerable. Source: http://news.softpedia.com/news/Flash-SMS-Flaw-in-iOS-Can-Be-Exploited-to-Make-the-Lock-Screen-Unresponsive-437566.shtml

Communications Sector

Nothing to report