Tuesday, October 22, 2013



Complete DHS Daily Report for October 22, 2013

Daily Report

Top Stories

 • A Vietnamese national is facing a 15-count indictment for allegedly running two Web sites that sold the stolen personally identifiable information of over 500,000 individuals, which he obtained by posing as a private investigator. – Softpedia See item 5 below in the Banking and Finance Sector

 • A Los Angeles bank branch manager was charged with robbing her own bank of $565,500 by claiming that she had a bomb strapped to her and was being forced to rob the bank. – Los Angeles Times See item 7 below in the Banking and Finance Sector

 • Two inmates who were mistakenly released from a Florida prison were rearrested at a Panama City motel after police received a tip from an acquaintance of one of the men. – CNN

24. October 20, CNN – (Florida) Friend tipped off police to whereabouts of escaped Florida inmates. After receiving a tip from an acquaintance of one of two inmates mistakenly released from a Florida prison, police rearrested both inmates at a Panama City motel October 19. Authorities are continuing to investigate the forged documentation provided to the Florida Department of Corrections, which included several fake signatures authorizing their releases. Source: http://www.cnn.com/2013/10/20/justice/florida-inmates-mistakenly-freed/index.html?hpt=us_c2

 • A Level 3 Communications Inc. network hub caused an Internet service outage throughout the East Coast, causing slow to nonexistent service for nearly 24 hours October 19. – Wall Street Journal See item 32 below in the Communications Sector

Details

Banking and Finance Sector
5. October 21, Softpedia – (International) Vietnamese charged in the U.S. for running identity theft service. Federal authorities unsealed a 15-count indictment against a Vietnamese national charging him with allegedly running two Web sites that sold the stolen personally identifiable information of over 500,000 individuals after he obtained the data from a credit information bureau by posing as a private investigator. The indictment was originally filed in November 2012 and the man was arrested as he attempted to enter the U.S. in February 2013. Source: http://news.softpedia.com/news/Vietnamese-Charged-in-the-US-for-Running-Identity-Theft-Service-392976.shtml

6. October 19, Softpedia – (International) Hackers access customer database of hair care company Ouidad. Ouidad notified customers that its user database was compromised by cybercriminals that obtained names, credit card numbers, CVV numbers, card expiration dates, contact and shipping information, and some usernames and passwords. Source: http://news.softpedia.com/news/Hackers-Access-Customer-Database-of-Hair-Care-Company-Ouidad-392698.shtml

7. October 18, Los Angeles Times – (California) Bomb-wearing manager charged with robbing her own bank. The assistant manager of a Los Angeles bank branch was charged along with an accomplice for allegedly stealing $565,500 from the bank she worked at by claiming that she had a bomb strapped to her and was being forced to rob the bank. Two other individuals were also charged for their alleged role in the robbery. Source: http://www.latimes.com/local/lanow/la-me-ln-bank-manager-charged-bank-robbery-20131018,0,7357197.story

8. October 18, KATU 2 Portland – (Oregon) High-dollar fake credit card scheme lands men behind bars. Two men were arrested in Portland October 16 after police followed them as they allegedly made purchases using fraudulent credit cards, with around $100,000 in gift cards and merchandise found in their hotel room during their arrest. Source: http://www.katu.com/news/local/High-dollar-stolen-credit-card-scheme-lands-men-behind-bars-228401431.html

9. October 18, U.S. Securities and Exchange Commission – (International) SEC files fraud charges against Yuhe International Inc., and its CEO. The U.S. Securities and Exchange Commission filed fraud and other charges October 18 against China-based broiler chicken provider Yuhe International Inc. and its CEO for allegedly misleading investors by falsely claiming to have acquired additional chicken farms prior to a public offering in the U.S., which generated over $27 million in profits. Source: http://www.sec.gov/litigation/litreleases/2013/lr22848.htm

Information Technology Sector

26. October 21, V3.co.uk – (International) Dropbox users hit with Zeus phishing trojan. Researchers at Appriver identified a phishing campaign targeting Dropbox users that claims a password was reset and then directs users to Web pages that offer to install a browser update that is actually a piece of Zeus malware. Source: http://www.v3.co.uk/v3-uk/news/2301807/dropbox-users-hit-with-zeus-phishing-trojan

27. October 20, Computerworld – (International) Microsoft yanks Windows 8.1 update for Surface RT after ‘Blue Screen of Death’ reports. Microsoft pulled the Windows RT 8.1 update from its Windows Store October 18 after users reported that the update caused a ‘blue screen of death’ error message caused by corruption of the boot configuration data. Source: http://www.networkworld.com/news/2013/102013-microsoft-yanks-windows-81-update-275018.html

28. October 19, Softpedia – (International) Fake Avaya voice message notifications carry malware. A researcher reported that fake Avaya voicemail notifications are being used to distribute a piece of malware that is currently not flagged as a threat by most antivirus services. Source: http://news.softpedia.com/news/Fake-Avaya-Voice-Message-Notifications-Carry-Malware-392713.shtml

29. October 18, Softpedia – (International) Sophos publishes Dirty Dozen spam report for Q3 2013. Sophos released its third quarter 2013 Dirty Dozen spam report showing which countries relay the most spam, with the U.S. continuing to be the largest spam-relaying country with 14.6 percent of spam by volume. Source: http://news.softpedia.com/news/Sophos-Publishes-Dirty-Dozen-Spam-Report-for-Q3-2013-392425.shtml

30. October 18, Threatpost – (International) Apache Struts update fixes two vulnerabilities. A new version of Apache Struts was released, fixing an access control vulnerability and a parameter issue present in previous versions. Source: http://threatpost.com/apache-struts-update-fixes-two-vulnerabilities

31. October 18, IDG News Service – (International) Apple warns of SSD failures in MacBook Air, offers free replacements. Apple warned customers that 64GB and 128GB solid state drives (SSD) in MacBook Air laptops sold between June 2012 and June 2013 were failing and offered to replace the drives for free. Source: http://www.networkworld.com/news/2013/101813-apple-warns-of-ssd-failures-274994.html

For additional stories, see items 6 above in the Banking and Finance Sector, and 32 below in the Communications Sector

Communications Sector 

32. October 20, Wall Street Journal – (New York; Pennsylvania) East coast internet traffic is restored. A broken New York-area Level 3 Communications Inc. network hub caused an Internet service outage from Brooklyn to Philadelphia with slow to nonexistent service for nearly 24 hours October 19. Source: http://online.wsj.com/news/articles/SB10001424052702304864504579145813698584246

33. October 20, Tasos News – (New Mexico) Century Link: Internet, cell phone services restored in Taos area. A cable damaged by a construction crew caused an outage of Century Link cell phone and Internet services for 11 hours in the Taos area October 19. Source: http://www.taosnews.com/news/article_2933389c-3938-11e3-9b57-0019bb2963f4.html