Thursday, March 28, 2013
Complete DHS Daily Report for March 28, 2013
Daily Report
Top Stories
• Two individuals were convicted for their
involvement in a $142 million mortgage and securities fraud scheme. – Riverside
Press-Enterprise See item 14
below in the Banking and Finance Sector
• A teenager intentionally set a fire that
damaged a section of a Parkway and repairs are estimated to cost $500,000. – WNCN
9 Goldsboro
18.
March 26, WNCN 9 Goldsboro – (North
Carolina) Cary teen charged with half-million dollar fire. A teenager
intentionally set a fire that damaged a section of North Carolina‟s Cary
Parkway and repairs are estimated to cost $500,000. A portion of westbound lanes
on the Cary Parkway has been closed until repairs are made. Source: http://www.wnct.com/story/21800131/cary-police-charge-17-year-old-with-starting-fire-that-damaged-culvert
• A
nursing home manager and its affiliate allegedly provided unnecessary physical,
occupational, and speech therapy to several facilities and will pay $2.7
million for False Claims Act violations. – Legal Newsline
25.
March 25, Legal Newsline – (Tennessee)
Nursing home to pay $2.7M for false claims act violations. Grace
Healthcare, LLC and their affiliate, Grace Ancillary Services LLC settled
allegations that they violated the False Claims Act by submitting or causing
submission to the Medical and TennCare/Medicaid programs for $2.7 million.
Allegedly the nursing home manager and its affiliate provided unnecessary
physical, occupational, and speech therapy to several facilities to meet their
goal for Medicare revenue from 2007 to June 2011. Source: http://legalnewsline.com/news/federal-government/240374-nursing-home-to-pay-2-7m-for-false-claims-act-violations
• A County Jail is being forced to turn away
non-violent offenders due to overcrowding and officials are considering
releasing some dangerous felons to help mitigate the problem. – KIRO 7
Seattle
28.
March 26, KIRO 7 Seattle –
(Washington) Overcrowding at Skagit County Jail becoming public safety
problem. Skagit County Jail is being forced to turn away non-violent
offenders due to overcrowding and officials are considering releasing some
dangerous felons to help mitigate the problem. Source: http://www.kirotv.com/news/news/overcrowding-skagit-county-jail-becoming-public-sa/nW5BH/
Details
Banking and Finance Sector
6. March
27, Softpedia – (International) “Dump Memory Grabber” malware steals data
from ATMS and POS systems. Researchers from Group-IB identified malware
dubbed “Dump Memory Grabber” that can infect point of sale (PoS) devices and
ATMs, steal customer account information, and send the information to a remote
server. The malware has already taken information from some U.S. bank
customers. Source: http://news.softpedia.com/news/Dump-Memory-Grabber-Malware-Steals-Card-Data-from-ATMs-and-POS-Systems-340758.shtml
7. March
27, Boston University Daily Free Press – (Massachusetts) Malware
involved in Blanchard‟s credit card fraud. Blanchard‟s Liquors found
malware in its point of sale (PoS) software at a store in Boston after customers
complained of fraudulent charges, prompting an investigation from local and
federal authorities. Source: http://dailyfreepress.com/2013/03/27/malware-involved-in-blanchards-credit-card-fraud/
8. March
27, Parsippany Patch – (New Jersey) „Dapper Bandit‟ faces 8 years for bank
robberies. The man known as the “Dapper Bandit” pleaded guilty March 26 to
four bank robberies and one attempted robbery in New Jersey. Source: http://parsippany.patch.com/articles/warren-man-pleads-guilty-to-bank-robberies
9. March
27, Bloomberg News – (National) U.S. charges two in $27 million insider-trading
scheme. A former Foundry Networks executive and a hedge fund analyst were
charged in federal court for allegedly trading on insider information and
netting $27 million in illicit gains. Source: http://www.bloomberg.com/news/2013-03-26/u-s-charges-two-in-27-million-insider-trading-scheme.html
10. March
26, Wired.co.uk – (International) Five arrested in £1.7 million malware bank
scam. Authorities in Slovenia arrested five individuals for allegedly
participating in a bank fraud scam that used remote administration tools (RATs)
and keyloggers to make illegal funds transfers from several small and
medium-sized businesses totaling around $2.57 million. Source: http://www.wired.co.uk/news/archive/2013-03/26/slovenian-bank-fraud
11. March
26, IDG News Service – (International) Wells Fargo warns of ongoing DDOS attacks. Wells
Fargo stated that their Web site was coming under distributed denial of service
(DDoS) attacks March 26, but that most customers were not affected. Source: http://www.cso.com.au/article/457405/wells_fargo_warns_ongoing_ddos_attacks/
12. March
26, Forbes – (International) Fed hits Citi over money laundering problems.
The Federal Reserve ordered Citi to improve its money laundering detection
compliance after finding inadequate controls, but did not choose to fine the
bank. Source: http://www.forbes.com/sites/halahtouryalai/2013/03/26/fed-hits-citi-over-money-laundering-problems/
13. March
26, Help Net Security – (International) European ATM Security
Team on fraud losses. The European ATM Security Team (EAST) released its
first European Fraud Update of 2013, finding that ATM fraud losses are
migrating away from EMV Chip areas, with the U.S. the top location for these
losses. It also noted significant increases in cash trapping incidents at ATMs.
Source: http://www.net-security.org/secworld.php?id=14656
14. March
25, Riverside Press-Enterprise – (California) Fraud trial:
Guilty verdicts in multimillion-dollar Ponzi case. Two individuals were
convicted March 25 for their involvement in the $142 million Stonewood mortgage
and securities fraud scheme in California. Source: http://www.pe.com/business/business-headlines/20130325-fraud-trial-guilty-verdicts-in-multimillion-dollar-ponzi-case.ece
Information Technology Sector
30. March
27, Threatpost – (International) Attackers shifting to delivering unknown
malware via FTP and Web pages. A report by Palo Alto Networks found that
malware that goes undetected by antivirus programs has shifted primarily to
Web-based exploits rather than email-based exploits, with 94 percent coming
from Web browsing or Web proxies. Source: http://threatpost.com/en_us/blogs/new-report-confronts-unknown-malware-problem-032613
31. March
27, Threatpost – (International) U.S. and Russia --not China-- lead list of
malicious hosting providers. According to Host Exploit‟s quarterly World
Hosts Report, the U.S. and Russia ranked as the countries with the highest
number of malicious hosting providers. Source: http://threatpost.com/en_us/blogs/us-and-russia-not-china-lead-list-malicious-hosting-providers-032713
32. March
27, Softpedia – (International) American indicted for helping Anonymous with
DDOS attacks on Koch Industries. A Wisconsin man was charged for allegedly
aiding an Anonymous group in distributing denial of service (DDoS) attacks
against Web sites owned by Koch Industries in 2011. Source: http://news.softpedia.com/news/American-Indicted-for-Helping-Anonymous-With-DDOS-Attacks-on-Koch-Industries-340780.shtml
33. March
26, Dark Reading – (International) Honeypot stings attackers with
counterattacks. A researcher outlined in a paper how he set up a „honeypot‟
to catch attackers and enabled the honeypot to install a backdoor agent on
attackers‟ computers via a Java applet as a research experiment, revealing
information on them. Source: http://www.darkreading.com/threat-intelligence/167901121/security/attacks-breaches/240151740/honeypot-stings-attackers-with-counterattacks.html
34. March
26, Threatpost – (International) LinkedIn patches XSS and CSRF
vulnerabilities. Professional social network LinkedIn fixed cross-site
scripting (XSS) and cross-site request forgery (CSRF) issues on elements of its
Web site that were reported in January and March. Source: http://threatpost.com/en_us/blogs/linkedin-patches-xss-and-csrf-vulnerabilities-032613
35. March
26, Network World – (International) Dirty smartphones: Devices keep traces of
files sent to the cloud. University of Glasgow researchers found that
remnants of files uploaded to cloud services from smartphones are left on the
devices, potentially allowing hackers to access the files or gain access to
cloud services. Source: http://www.networkworld.com/news/2013/032613-dirty-smartphones-268114.html
36. March
26, Threatpost – (International) Google fixes 11 flaws in Chrome. Google
released the newest version of its browser, Chrome 26, which contains security
patches closing 11 vulnerabilities. Source: http://threatpost.com/en_us/blogs/google-fixes-11-flaws-chrome-032613
Communications Sector
37.
March 25, All Access – (Illinois) Illinois
stations return to air after fire in old transmitter building. Three radio
stations returned to the air March 23 after a March 22 fire destroyed the
transmission cables and the transmitter building which housed them. Two of the
three stations returned at low power, one of which will require 30 days to
reach full power and 60 days for the AM signal. Source: http://www.allaccess.com/net-news/archive/story/116684/illinois-stations-return-to-air-after-fire-in-old-
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.