Thursday, March 21, 2013
Complete DHS Daily Report for March 21, 2013
Daily Report
Top Stories
• A lawyer charged in a massive $279 million
New York auto insurance fraud scheme pleaded guilty to conspiracy charges. A
total of 36 individuals are charged in the scheme. – ABA Journal See item 10
below in the Banking and Finance Sector
• A loan broker and his conspirators were
charged with fraudulently obtaining $100 million in bank loans backed by the
U.S. Small Business Administration through his brokerage firm between 1990 and
2011 – Bloomberg News
19. March
19, Bloomberg News – (National) Loan broker admits to $100 million small-business
fraud. A loan broker and his conspirators were charged with fraudulently
obtaining $100 million in bank loans backed by the U.S. Small Business
Administration through his brokerage, Jade Capital & Investments LLC, of Woodbridge,
Virginia. The loan broker created 124 fake loans with 17 commercial lenders
between 1990 and October 2011. Source: http://www.bloomberg.com/news/2013-03-19/virginia-loan-broker-admits-to-100-million-sba-bank-loan-fraud.html
• Several South Korean TV stations and banks
were hit by a cyberattack that caused computers on their networks to crash, be
unable to be restarted, and flash error messages. Online banking and ATMs were
also affected. – The Register See item 27
below in the Information Technology
Sector
• A heist at Virginia‟s Pentagon City Mall
netted four thieves 23 watches worth more than $600,000. The robbery was the
second crime of this type reported at the mall in 2 months. – Associated
Press
35. March
19, Associated Press – (Virginia) Watches worth $600,000 taken in Va.
Smash-and-grab. A heist at Virginia‟s Pentagon City Mall lasted 30 seconds
and netted four thieves
23 watches worth more than $600,000. The robbery was
the second crime of this type reported at the mall in 2 months after a February
4 theft netted thieves $128,000 in stolen rings using the same method of
smashing cases with a hammer. Source:http://www.abc6onyourside.com/template/inews_wire/wires.national/2dec92cf-www.abc6onyourside.com.shtml#.UUm_sSbD-Uk
Details
Banking and Finance Sector
9. March
20, Softpedia – (International) Man allegedly connected with Tilon banking
trojan arrested by UK police. A man allegedly involved in distributing the
Tilon banking trojan was arrested by authorities in the United Kingdom and
charged with conspiracy to defraud and other offenses. Source: http://news.softpedia.com/news/Man-Allegedly-Connected-With-Tilon-Banking-Trojan-Arrested-by-UK-Police-338770.shtml
10. March
19, ABA Journal – (New York) Lawyer takes plea in $279M no-fault auto insurance
fraud case. A lawyer charged in a massive $279 million New York auto
insurance fraud scheme pleaded guilty to conspiracy charges. A total of 36
individuals are charged in the scheme, including two other lawyers. Source: http://www.abajournal.com/news/article/lawyer_takes_plea_in_279m_no-fault_auto_insurance_fraud_case/
11. March
19, CNN Money – (National) Florida man arrested for fraud in run-up to
Facebook IPO. A man who allegedly defrauded investors of $8 million by
claiming to have access to shares of social media companies prior to their IPOs
was arrested in Florida. Source: http://buzz.money.cnn.com/2013/03/19/fraud-facebook-ipo/
For an additional story, see item 27 below in the Information Technology Sector
Information Technology Sector
27. March
20, The Register – (International) South Korean TV and banks paralysed in
disk-wipe cyber-blitz. Several South Korean TV stations and banks were hit
by a cyberattack that caused computers on their networks to crash, be unable to
be restarted, and flash error messages. Online banking and ATMs were also
affected. Source: http://www.theregister.co.uk/2013/03/20/south_korea_cyberattack/
28. March
20, V3.co.uk – (International) LinkedIn suffers mysterious service outage. Professional
social networking site LinkedIn suffered an unexplained outage March 20.
Source: http://www.v3.co.uk/v3-uk/news/2256145/linkedin-suffers-mysterious-service-outage
29. March
20, IDG News Service – (International) Microsoft: Hackers obtained high profile Xbox
Live accounts. Microsoft reported that several Xbox Live accounts of
current and former employees were compromised using social engineering
techniques to obtain access. Source: http://www.computerworld.com/s/article/9237740/Microsoft_Hackers_obtained_high_profile_Xbox_Live_accounts
30. March
19, Help Net Security – (International) Massive Chameleon botnet
steals $6M per month from advertisers. Researchers uncovered a
sophisticated botnet dubbed “Chameleon” that uses over 120,000 hosts in the
U.S. to perform click fraud. Source: http://www.net-security.org/secworld.php?id=14620
31. March
19, Threatpost – (International) T-Mobile Wi-Fi calling feature susceptible to
man-in-the-middle snooping. T-Mobile released a patch March 18 to close a
vulnerability that could allow man-in-the-middle (MiTM) attacks through
T-Mobile devices‟ Wi-Fi Calling feature. Source: http://threatpost.com/en_us/blogs/t-mobile-wi-fi-calling-feature-susceptible-man-middle-snooping-031913
32. March
19, Threatpost – (International) Ruby on Rails patches DoS, XSS
vulnerabilities. The developers of Ruby on Rails released patches to close
vulnerabilities that could have allowed denial of service (DoS) attacks and
cross-site scripting (XSS) injections. Source: http://threatpost.com/en_us/blogs/ruby-rails-patches-dos-xss-vulnerabilities-031913
33. March
19, eWeek – (International) Google pays $40,000 for partial Chrome OS
exploit. Google awarded a researcher who participated in the Pwnium 3
contest $40,000 for uncovering a partial exploit of Chrome OS that contained a
string of bugs that but did not produce an end-to-end exploit. Source: http://www.eweek.com/security/google-pays-40000-for-partial-chrome-os-exploit/
34. March
19, Softpedia – (International) Uracto malware hidden in at least 10 Android
apps, Symantec finds. Researchers at Symantec found that the Uracto malware
targeting Japanese users was seen in 10 different apps, has multiple variants,
and appears to be created by the same group or developer as two other pieces of
malware. Source: http://news.softpedia.com/news/Uracto-Malware-Hidden-in-at-Least-10-Android-Apps-Symantec-Finds-338610.shtml
Communications Sector
Nothing to
report
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.
No comments:
Post a Comment