Monday, December 16, 2013



Complete DHS Daily Report for December 16, 2013

Daily Report

 • Bank of America agreed to pay $131.8 million in penalties to settle U.S. Securities and Exchange Commission charges that the company’s Merrill Lynch division misled investors in the sale of collateralized debt obligations. – New York Times See item 3 below in the Financial Services Sector

 • A report from Praetorian analyzed 275 mobile banking apps and found that 80 percent contained configuration and design weaknesses that could compromise security. – Dark Reading See item 4 below in the Financial Services Sector

 • The U.S. Citizenship and Immigration Services approved the development of the Louisiana International Gulf Transfer Terminal Regional Center, opening up a new supply chain that will reach 32 States and Canada. – Fort Mill Times

10. December 12, Fort Mill Times – (International) U.S. government approves Louisiana International Gulf Transfer Terminal Regional Center. The U.S. Citizenship and Immigration Services approved the development of the Louisiana International Gulf Transfer Terminal Regional Center, opening up a new supply chain through the Mississippi River and its tributaries that will reach 32 States and Canada. Source: http://www.fortmilltimes.com/2013/12/12/3162499/us-government-approves-louisiana.html

 • A Minnesota National Guardsman was charged in connection with stealing personal information of about 400 members of a former Army unit in Fort Bragg, North Carolina, intended for use to create fake IDs for a militia. – Associated Press

22. December 12, Associated Press – (North Carolina; Minnesota) Guardsman accused of stealing military IDs for militia. A Minnesota National Guardsman was charged in connection with stealing personal information, including Social Security numbers and security clearance levels, of about 400 members of a former Army unit in Fort Bragg, North Carolina, intended for use to create fake IDs for a militia. An FBI investigation uncovered the Guardsman’s theft of confidential information. Source: http://news.msn.com/crime-justice/guardsman-accused-of-stealing-military-ids-for-militia

Details

Financial Services Sector

3. December 12, New York Times – (National) Bank of America to pay $131.8 million penalty in mortgage deals. Bank of America agreed December 12 to settle U.S. Securities and Exchange Commission charges that the company’s Merrill Lynch division misled investors in the sale of collateralized debt obligations, and agreed to pay $131.8 million in penalties. Source: http://dealbook.nytimes.com/2013/12/12/bank-of-america-to-pay-131-8-million-penalty-in-c-d-o-deals/

4. December 12, Dark Reading – (International) Weak security in most mobile banking apps. A report from Praetorian analyzed 275 Apple iOS and Android mobile banking apps and found that 80 percent contained configuration and design weaknesses that could compromise security. Source: http://www.darkreading.com/vulnerability/weak-security-in-most-mobile-banking-app/240164731

5. December 12, Chicago Tribune – (Illinois) $5,000 reward for information about ‘Hooded Bandit.’ The FBI offered a reward for information on a suspect known as the “Hooded Bandit” believed to be responsible for at least four bank robberies in Chicago’s northwest suburbs. The suspect’s most recent robbery occurred December 9 at a Chase Bank branch in Bensenville. Source: http://www.chicagotribune.com/news/local/breaking/chi-fbi-looks-to-identify-hooded-bandit-20131212,0,4630951.story

6. December 11, WXIN 59 Indianapolis – (Indiana) Major counterfeiting operation busted on Indy’s east side. Police and U.S. Secret Service agents raided a home in Indianapolis and discovered hundreds of thousands of counterfeit bills as well as computers and printing equipment. Three people were arrested in connection with the alleged operation. Source: http://fox59.com/2013/12/11/major-counterfeiting-operation-busted-on-indys-east-side/

Information Technology Sector

25. December 13, Help Net Security – (International) Cryptolocker copycat targets US, European users. Researchers at IntelCrawler analyzed a new piece of ransomware dubbed Locker that encrypts targets’ files and demands a ransom to decrypt them. The ransomware is spread by executable files disguised as mp3 files. Source: http://www.net-security.org/malware_news.php?id=2651

26. December 13, Softpedia – (International) Serious vulnerability in Safari exposes user passwords. Researchers at Kaspersky discovered a security issue in some versions of Apple’s Safari browser that stores passwords in plain text in a hidden folder utilized for the browser’s session restore function. Source: http://news.softpedia.com/news/Serious-Vulnerability-in-Safari-Exposes-User-Passwords-408935.shtml

27. December 13, Softpedia – (International) Hacker tool allows cybercriminals to automatically register Tumblr accounts. A researcher at Webroot identified a commercially available tool that can be used by cybercriminals to automatically register Tumblr accounts for use in phishing and other campaigns. Source: http://news.softpedia.com/news/Hacker-Tool-Allows-Cybercriminals-to-Automatically-Register-Tumblr-Accounts-408889.shtml

For another story, see item 4 above in the Financial Services Sector

Communications Sector

28. December 13, WYMT 57 Hazard – (Kentucky) Copper theft knocks WSGS-FM off the air. WSGS 101.1 FM in Hazard, Kentucky, was knocked off air December 10 and December 11 due to damage caused by copper thefts. The thefts also interrupted Internet and broadcast service for at least three other radio stations in the area. Source: http://www.wkyt.com/wymt/home/headlines/Copper-theft-knocks-WSGS-FM-off-the-air-235686621.html