Thursday, September 26, 2013




Complete DHS Daily Report for September 26, 2013

Daily Report

Top Stories

 • Three new spills along the South Platter River in Weld County, Colorado, brought the total amount of crude oil spilled to at least 34,500 gallons after severe flooding. – Associated Press

1.            September 24, Associated Press – (Colorado) More spills reported in Wattenberg oil patch following Colorado flooding. Three new spills September 24 brought the total amount of crude oil spilled to at least 34,500 gallons along the South Platte River in Weld County after severe flooding in Colorado. Source: http://www.huffingtonpost.com/2013/09/24/colorado-oil-spills-wattenberg_n_3983923.html

 • An unlicensed physician was sentenced for heading a stem cell scam in Las Vegas after prosecutors claimed he targeted terminally ill patients and exposed them to risky placenta implant procedures. – Associated Press

21. September 24, Associated Press – (Nevada) Unlicensed doc gets prison in Vegas stem cell scam. An unlicensed physician was sentenced September 24 for heading a stem cell scam in Las Vegas after prosecutors claimed he targeted terminally ill patients and exposed them to risky placenta implant procedures. He and his company, StemCell Pharma Inc., made approximately $1 million from patients and investors. Source: http://news.msn.com/crime-justice/unlicensed-doc-gets-prison-in-vegas-stem-cell-scam

 • Officials in Chicago announced the arrest of 4 men in connection with a September 19 shooting at a park that left 13 injured. – Associated Press

24. September 24, Associated Press – (Illinois) Gang member sought revenge in Chicago park shooting. Officials announced the arrest of 4 men in connection to a September 19 shooting at a Chicago park that left 13 injured. Authorities believe retaliation between rival gangs prompted the shooting. Source: http://news.msn.com/crime-justice/gang-member-sought-revenge-in-chicago-park-shooting

 • A Utah man accused of plotting a deadly armed attack at a shopping center in Salt Lake City was arrested. – Associated Press

32. September 24, Associated Press – (Utah) Man accused of plot to shoot up Salt Lake mall. A Utah man accused of plotting a deadly attack at the City Creek shopping center in Salt Lake City September 25 was arrested September 23. Authorities said that the suspect told investigators he planned to "randomly shoot and kill people." Source: http://news.msn.com/crime-justice/man-accused-of-plot-to-shoot-up-salt-lake-mall

Details

Banking and Finance Sector

4. September 25, Softpedia – (International) ICG America hacked, credit card details possibly stolen. E-commerce and Internet marketing company ICG America notified customers that attackers compromised its systems and installed malware that was capable of capturing and decrypting payment information from its systems. The attack began in early January and continued until August 2. Source: http://news.softpedia.com/news/ICG-America-Hacked-Credit-Card-Details-Possibly-Stolen-386129.shtml

5. September 25, CNNMoney – (International) Three ex-ICAP employees indicted in Libor scandal. The U.S. Department of Justice announced criminal charges September 25 against three former employees of U.K.-based brokerage ICAP for their alleged role in helping to manipulate the London Interbank Offered Rate (LIBOR) by making false or misleading information to banks about short-term interest rates. Source: http://money.cnn.com/2013/09/25/news/companies/icap-libor/

6. September 24, U.S. Securities and Exchange Commission – (California) SEC charges former president of California-based investment firm with fraud. The U.S. Securities and Exchange Commission charged the former president of San Bernardino-based American Pacific Financial Corporation with allegedly defrauding almost 500 investors of $160 million by selling promissory notes under the false premise that they were backed up by properties and other collateral that was often impaired or nonexistent. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370539838921

7. September 24, U.S. Securities and Exchange Commission – (Illinois; Texas) SEC charges two bank executive for financial misstatements and failure to disclose probable loss on troubled loan. The U.S. Securities and Exchange Commission charged two former executives at Mercantile Bancorp with failing to report a $5.28 million loan loss, which also caused the false reporting of other information by the bank. The Armarillo, Texas-based former CEO and the Quincy, Illinois-based former CFO agreed to settle the charges by agreeing to pay $100,000 each and were barred from acting as an officer or director of a publicly traded company. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370539838242

Information Technology Sector

29. September 25, Softpedia – (International) Tumblr fixes DOM XSS vulnerability 2 months after being notified. Tumblr fixed a DOM-based cross-site scripting (XSS) vulnerability that could be used for spam, spreading malware, and phishing attacks 2 months after a security researcher informed Tumblr of the issue. Source: http://news.softpedia.com/news/Tumblr-Fixes-DOM-XSS-Vulnerability-2-Months-After-Being-Notified-385986.shtml

30. September 24, Softpedia – (International) Phone numbers harvested from Craigslist used in SMS scam. Symantec researchers identified a scam campaign targeting individuals who have posted ads on Craigslist that appears to be using automated harvesting tools to collect phone numbers in posts and then send SMS messages to the numbers which attempt to get targets to access a link on their PC. The link then takes the user to a fake version of GIMP that installs several additional pieces of software used by scammers to generate money via affiliate programs. Source: http://news.softpedia.com/news/Phone-Numbers-Harvested-from-Craigslist-Used-in-SMS-Scam-385869.shtml

31. September 24, Threatpost – (International) After botched update, Apple releases Apple TV 6.0, fixes 50+ bugs. Apple re-released an update for its Apple TV product September 23, addressing 57 bugs. The 6.0 update was originally released September 22, but several users complained that the update caused issues for their devices. Source: http://threatpost.com/after-botched-update-apple-releases-apple-tv-6-0-fixes-50-bugs/102399

Communications Sector

Nothing to report

Wednesday, September 25, 2013 - Published on September 26, 2013



  
Complete DHS Daily Report for September 25, 2013

Daily Report

Top Stories

 • TD Bank agreed to pay $52.5 million to settle U.S. Securities and Exchange Commission charges that it failed to report suspicious activity in bank accounts controlled by a Fort Lauderdale, Florida, resident who ran a $1.2 billion Ponzi scheme. – USA Today See item 9 below in the Banking and Financial Services Sector

 • The U.S. Centers for Disease Control and Prevention issued an update September 23 reporting that the number of Hepatitis A cases associated with Townsend Farms Organic Antioxidant Blend reached 162.– Food Safety News

23. September 24, Food Safety News – (National) CDC: Hepatitis A outbreak now at 162 cases in 10 States. The U.S. Centers for Disease Control and Prevention issued an update September 23 reporting that the number of Hepatitis A cases associated with Townsend Farms Organic Antioxidant Blend totals 162, with 71 people having been hospitalized. Source: http://www.foodsafetynews.com/2013/09/cdc-hepatitis-a-outbreak-now-at-162-cases-in-10-states/

 • Thieves broke into an unattended Station 5 fire engine while it was on a medical call the week of September 16 in Arlington, Virginia, and stole a set of keys that allow access to secure areas in the metro system. – WRC-TV 4 Washington, D.C.
31. September 23, WRC-TV 4 Washington, D.C. – (Virginia) Keys with metro access stolen from Va. fire engine. Thieves broke into a Station 5 fire engine that was left unattended during a medical call the week of September 16 in Arlington, Virginia and stole a set of keys that allow access to secure areas in the metro system. Officials have taken measures to prevent future thefts and are continuing to investigate. Source: http://www.nbcwashington.com/news/local/Keys-With-Metro-Access-Stolen-from-Va-Fire-Engine-224957012.html

 • Colorado is initiating a dam inspection program for 200 dams over 10 days after heavy rainfall led to the failure of several low-risk dams and prevented access to 20 dams by washing out access roads. – Denver Post

38. September 23, Denver Post – (Colorado) Colorado launching massive emergency dam inspection program. Colorado is initiating a dam inspection program for 200 dams over 10 days after heavy rainfall led to 9 low-risk dams that breached, the overflowing of an uncounted number of small ponds, and 20 other dams that can only be reached by helicopter due to the wash out of the roads below them. Source: http://www.denverpost.com/news/ci_24153355/colorado-launching-massive-emergency-dam-inspection-progam

Details

Banking and Finance Sector

9. September 23, USA Today – (Florida) Regulators fine TD Bank $52.5 million in Ponzi case. TD Bank agreed to pay $52.5 million to settle U.S. Securities and Exchange Commission charges that it failed to report suspicious activity in bank accounts controlled by a Fort Lauderdale resident who ran a $1.2 billion Ponzi scheme. Source: http://www.usatoday.com/story/money/business/2013/09/23/td-bank-sec-settlement/2856763/

10. September 23, U.S. Securities and Exchange Commission – (New York) SEC charges 10 brokers for roles in McGinn Smith Ponzi scheme. The U.S. Securities and Exchange Commission charged 10 former brokers at Albany-based McGinn Smith & Co. for allegedly making misrepresentations and omissions to customers when recommending unregistered investment products used in a $125 million Ponzi scheme run by the owners of the firm. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370539829837

11. September 23, Kansas City Star – (Missouri) Aluminum foils security, shields credit-card crooks from detection. Police in Kansas City reported that since the weekend of September 21 thieves have three times used aluminum foil to cover satellite antennae at local businesses to prevent their credit card fraud from being detected. Source: http://www.kansascity.com/2013/09/23/4503405/credit-card-crooks-use-simple.html

12. September 23, U.S. Securities and Exchange Commission – (New York) SEC charges independent filmmaker with insider trading. A New York City filmmaker agreed to pay more than $1 million to settle charges filed by the U.S. Securities and Exchange Commission that he engaged in insider trading with a business partner who gave him confidential information learned in his job at a consulting firm, which allowed the filmmaker and a coconspirator to make more than $2.6 million in illicit profits. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370539826717

13. September 23, Alaska Native News – (Alaska) Anchorage plastic surgeon indicted by Anchorage grand jury on wire fraud charges. An Anchorage plastic surgeon was indicted September 20 for allegedly engaging in wire fraud to defraud his wife and Alaska State Courts in divorce proceeding by transferring over $4 million to a bank account in Panama in 2007 and 2008. The alleged fraud was identified when he moved the money into the account of a shell corporation in the U.S. in 2011. Source: http://alaska-native-news.com/state_news/9312-anchorage-plastic-surgeon-indicted-by-anchorage-grand-jury-on-wire-fraud-charges.html

Information Technology Sector

32. September 24, IDG News Service – (International) Twitter fixes Tweet button issue that downloaded a torrent file. An issue that caused the share content to Twitter buttons on some Web sites September 23 to instead download an unknown torrent file was fixed by Twitter September 24. Twitter stated that the file was not found to be malicious. Source: http://www.computerworld.com/s/article/9242607/Twitter_fixes_Tweet_button_issue_that_downloaded_a_torrent_file

33. September 23, Softpedia – (International) BLYPT backdoor malware targets U.S. users via Java exploit. Trend Micro researchers identified a new family of backdoor malware dubbed BLYPT targeting regular Internet users in the U.S. via drive-by downloads and hijacked Web sites. The malware utilizes a Java vulnerability that was patched in March. Source: http://news.softpedia.com/news/BLYPT-Backdoor-Malware-Targets-US-Users-via-Java-Exploit-385378.shtml

34. September 23, IDG News Service – (International) Apache Struts security update disables vulnerable feature. The Apache Software Foundation released a new version of the Apache Struts development framework September 20 that addresses two security vulnerabilities. Source: http://www.pcworld.com/article/2049242/apache-struts-security-update-disables-vulnerable-feature.html

35. September 23, IDG News Service – (International) Gmail hit by message delivery delays, close to 50 percent of users affected. An undisclosed issue caused some users of Google’s Gmail service to experience email delivery delays for up to almost 9 hours September 23. The disruption also affected Google Docs and Presentation applications for a shorter amount of time. Source: http://www.networkworld.com/news/2013/092313-gmail-hit-by-message-delivery-274100.html

Communications Sector

36. September 23, Big Island Now – (Hawaii) Repairs to damaged Hawaiian Telcom line complete. Hawaiian Telcom reported a September 22 fiber-optic line break in a remote area which affected cellular and regular telephone services throughout the Big Island was repaired September 23. Source: http://bigislandnow.com/2013/09/23/hawtel-outage-hits-south-and-west-areas-of-big-island/