Wednesday, November 27, 2013



HAPPY THANKSGIVING


Complete DHS Daily Report for November 27, 2013

Daily Report

Top Stories

 • Swiss-based oil services company Weatherford International Ltd., agreed to pay over $252 million to settle U.S. allegations that it bribed officials in several countries and violated sanctions. – Bloomberg News

1. November 26, Bloomberg News – (International) Weatherford International settles foreign bribery probes. The Swiss-based oil services company, Weatherford International Ltd., agreed to pay over $252 million to settle U.S. allegations that it bribed officials in several countries and violated sanctions by authorizing bribes intended for foreign officials from 2002 to July 2011 in order to obtain or retain business or for other benefits. Source: http://www.bloomberg.com/news/2013-11-26/weatherford-international-settles-u-s-foreign-bribery-probes.html

 • Ford initiated a recall of almost 140,000 model year 2013 Escape vehicles equipped with 1.6 liter engines that may experience engine fires. – Detroit News

3. November 26, Detroit News – (National) Ford recalling 2013 Escape SUVs for fire risks. Ford initiated a recall of almost 140,000 model year 2013 Escape vehicles equipped with 1.6 liter engines that may experience engine fires caused by engine cylinder head overheating, which can lead to cracking and oil leaks. Among the recalled vehicles, 9,469 are part of a second recall to fix a fuel leak issue that could also result in engine compartment fires. Source: http://www.detroitnews.com/article/20131126/AUTO0102/311260052/Ford-recalling-140-000-13-Escape-SUVs-fire-risks

 • A broken water main caused 8,000 residents and 2,000 businesses in Cayce, South Carolina, to be without water for several hours and forced the closure of 10 Cayce and West Columbia schools. – Columbia The State

18. November 25, Columbia The State – (South Carolina) Water restored in Cayce following 17-hour power outage. A 16-inch water main broke November 25 due to freezing old pipes and caused 8,000 residents and 2,000 businesses in Cayce to be without water for several hours while forcing the closure of 10 Cayce and West Columbia schools. Service workers restored the water and issued a 24-hour boil water advisory. Source: http://www.thestate.com/2013/11/25/3121520/water-break-thousands-of-students.html

 • Researchers identified a trojan called Shez that disguises itself as an AutoCAD component in order to allow attackers to steal files and plant additional malware at a later date. – Help Net Security See item 29 below in the Information Technology Sector

Details

Financial Services Sector

4. November 26, Softpedia – (International) Experts warn of new banking trojan Neverquest. Security researchers have observed thousands of attempts to infect computers using the Neverquest banking trojan, a relatively new trojan that injects a phishing page into sessions when users attempt to access banking Web sites. The trojan has integrated self-replication mechanisms and is distributed via trojan downloaders. Source: http://news.softpedia.com/news/Experts-Warn-of-New-Banking-Trojan-Neverquest-403685.shtml

5. November 26, U.S. Securities and Exchange Commission – (Texas) SEC announces charges against two Houston-based firms for engaging in thousands of undisclosed principal transactions. The U.S. Securities and Exchange Commission announced November 26 charges alleging that Houston-based Parallax Investments LLC, Tri-Star Advisors, and three of their executives engaged in thousands of principal transactions through their affiliated brokerage firm without informing their clients, collectively making more than $2 million on the trades. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370540414827

6. November 25, Newark Star-Ledger – (Florida; New Jersey) Feds charge ex-Monmouth County man with running $18m Ponzi scheme. A Miami man was arrested and charged by federal authorities with allegedly running an $18 million Ponzi scheme that defrauded 28 investors by claiming to invest their funds through his company, Fair Haven, New Jersey-based LJS Trading. Source: http://www.nj.com/business/index.ssf/2013/11/feds_charge_ex-monmouth_county.html

For additional stories, see items 1 above in Top Stories and 11 below:

11. November 25, New Hyde Park Patch – (New York) DA: More charges for accused LIRR scammers. The Nassau County District Attorney announced upgraded charges against four Romanian nationals arrested and charged with allegedly installing skimming devices on Long Island Railroad ticket machines. A fifth suspect was also charged in the alleged scheme, though he recently fled to the U.K. following the arrests of the other suspects. Source: http://newhydepark.patch.com/groups/police-and-fire/p/da-more-charges-for-accused-lirr-scammers

Information Technology Sector

28. November 26, Softpedia – (International) Atrax: Cybercrime kit capable of stealing data, launching DDoS, mining for Bitcoins. Security researchers at CSIS identified a new malware kit called Atrax being sold for $250 on underweb forums. Atrax uses The Onion Router (TOR) protocol to hide its communications and comes with several add-ons that allow it to steal data from forms and browsers, launch distributed denial of service (DDoS) attacks, and mine for Bitcoins and Litecoins. Source: http://news.softpedia.com/news/Atrax-Cybercrime-Kit-Capable-of-Stealing-Data-Launching-DDOS-Mining-for-Bitcoins-403632.shtml

29. November 26, Help Net Security – (International) AutoCAD malware paves the way for future attacks. TrendMicro researchers identified a trojan called Shez that disguises itself as an AutoCAD component in order to create a user account with administrative rights, allowing attackers to steal files and plant additional malware in the future. The trojan is either dropped by other malware or can be downloaded unknowingly from malicious sites. Source: http://www.net-security.org/malware_news.php?id=2635

30. November 26, Softpedia – (International) Experts warn of an increase in the usage of Blackshades RAT. Symantec researchers found that the Blackshades remote access trojan (RAT) has increased in use over the past 5 months. The researchers also found a link between Blackshades and the Cool Exploit Kit, where the latter is used to drop the former as well as other pieces of malware. Source: http://news.softpedia.com/news/Experts-Warn-of-an-Increase-in-the-Usage-of-Blackshades-RAT-403525.shtml

31. November 26, Threatpost – (International) Blackhole and Cool Exploit Kit nearly extinct. A security researcher monitoring the sale and use of exploit kits found that the use of Blackhole and Cool exploit kits have decreased significantly in the 6 weeks since their alleged creator was arrested. However, the Reveton gang malware group continues to use a custom version of Cool for the distribution of ransomware. Source: http://threatpost.com/blackhole-and-cool-exploit-kits-nearly-extinct

Communications Sector

32. November 25, Reuters – (National) New agreement gets Pentagon closer to clearing airwaves for sale. The U.S. Department of Defense reached an agreement with broadcasting industry officials to share some radio airwaves used for military systems in order to allow them to be auctioned off for use by the private sector. Source: http://www.globalpost.com/dispatch/news/thomson-reuters/131125/new-agreement-gets-pentagon-closer-clearing-airwaves-sale