Wednesday, April 16, 2014


Complete DHS Report for April 16, 2014

Daily Report

Details

 • The head of the Idaho-based DBSI Inc., real estate investment firm and three others were found guilty April 14 on federal wire and securities fraud charges over a scheme which cost investors at least $169 million. – Minneapolis Star Tribune See item 6 below in the Financial Services Sector

 • Police responded to several multi-vehicle accidents on various highways in the Milwaukee area April 14 due to ice and blowing snow, including one crash involving two semi-trucks and two school buses. – WDJT 58 Milwaukee

8. April 15, WDJT 58 Milwaukee – (Wisconsin) Multiple cars slide into semi near Miller Park, dozens of other crashes Monday into Tuesday. Northbound lanes of U.S. 45 in Wauwatosa were closed for 5 hours April 14 while police responded to several multi-vehicle accidents, including an accident involving 2 semi-trucks and 2 school buses. All lanes of Interstate 94 in Waukesha County were also closed for 2 hours due to blowing snow and icy conditions that caused a crash involving 7 vehicles.  Source: http://www.cbs58.com/news/local-news/Icy-roads-lead-to-several-multi-vehicle-crashes-on-area-highways-overnight-255290721.html

 • A spill April 11 at a wastewater treatment plant while crews were installing a lift station released an estimated 17,000 gallons of untreated sewage into the Mississippi River at LeClaire, Iowa. – WQAD 8 Moline

16. April 14, WQAD 8 Moline – (Iowa) 17,000 gallons of raw sewage released at LeClaire. An April 11 spill that occurred at a wastewater treatment plant while crews were installing a lift station released an estimated 17,000 gallons of untreated sewage into the Mississippi River at LeClaire, Iowa. Source: http://wqad.com/2014/04/14/17000-gallons-of-raw-sewage-released-at-leclaire/

 • Five people were convicted in a scam in the Bryan, Texas area that used individuals allegedly injured in car accidents to submit $3 million worth of false billing claims, causing $1.2 million in losses. – Bryan-College Station Eagle (See item 17)

17. April 15, Bryan-College Station Eagle – (Texas) Former chiropractor, co-defendant sentenced in insurance fraud scheme. A former Bryan, Texas chiropractor and a co-defendant were among five people convicted for their roles in a scheme to submit $3 million worth of false billing claims, of which insurance companies paid at least $1.2 million. Four chiropractic clinics and a law firm were used in the scam to recommend patients who had allegedly been injured in auto accidents to receive unnecessary treatment in order to falsely bill the auto insurance companies and force them into settling claims. Source: http://www.theeagle.com/news/local/former-chiropractor-co-defendent-sentenced-in-insurance-fraud-scheme/article_581e53a5-9b0c-51ba-919e-a4b4f491d01c.html

Financial Services Sector

5. April 15, Softpedia – (International) RCE, information disclosure and XSS flaws found in PayPal Partner Program. A security researcher identified and reported a cross-site scripting (XSS) issue and an information disclosure issue that could be leveraged for remote code execution in the PayPal Partner Program’s payment processor Web site. The issues were later closed by PayPal. Source: http://news.softpedia.com/news/RCE-Information-Disclosure-and-XSS-Flaws-Found-in-PayPal-Partner-Program-Video-437634.shtml

6. April 14, Minneapolis Star Tribune – (National) Idaho investment executive convicted on 78 fraud counts. The head of the Idaho-based DBSI Inc., real estate investment firm and three others were found guilty April 14 on federal wire and securities fraud charges for falsely advertising investments, which cost 8,000 investors at least $169 million. Source: http://www.startribune.com/business/255261931.html

7. April 14, Glendale News-Press – (California) Man accused of bank fraud, stealing 99 Cents Only store customer identities. A Glendale man and two others face charges for allegedly obtaining and distributing payment card skimming devices and placing them at several 99 Cents Only stores in southern California, causing losses of over $2 million. Source: http://www.glendalenewspress.com/news/tn-gnp-man-accused-of-bank-fraud-stealing-99-cents-only-store-customer-identities-20140414,0,4613407.story

Information Technology Sector

24. April 15, Softpedia – (International) Expert finds SQL injection, RCE vulnerabilities in Flickr Photo Books. A security researcher identified and reported a SQL injection vulnerability and a remote code execution vulnerability in Flickr’s Photo Books Web site that could allow an attacker to gain access to Flickr’s databases. Yahoo closed the vulnerabilities after a second report by the researcher. Source: http://news.softpedia.com/news/Expert-Finds-SQL-Injection-RCE-Vulnerabilities-in-Flickr-Photo-Books-Video-437724.shtml

25. April 15, Help Net Security – (International) Hardware manufacturer LaCie suffered year-long data breach. Computer storage manufacturer LaCie stated that the FBI informed the company of a data breach where malware was used to gain access to customer transactions carried out on the company’s Web site. LaCie temporarily disabled the e-commerce portion of its Web site and will be resetting users’ passwords in response. Source: http://www.net-security.org/secworld.php?id=16693

26. April 15, Help Net Security – (International) Heartbleed: VMware starts delivering patches. VMware announced that it began issuing patches for its products affected by the Heartbleed OpenSSL vulnerability, with patches for all affected products expected by April 19. Source: http://www.net-security.org/secworld.php?id=16692

27. April 14, Softpedia – (International) Flash SMS flaw in iOS can be exploited to make the lock screen unresponsive. A security researcher identified a Flash SMS flaw in iOS that can be used to make a device’s lock screen unresponsive, which could be used for ransom attacks. The flaw was fixed with the release of iOS 7.1 but devices running previous versions of the mobile operating system are vulnerable. Source: http://news.softpedia.com/news/Flash-SMS-Flaw-in-iOS-Can-Be-Exploited-to-Make-the-Lock-Screen-Unresponsive-437566.shtml

Communications Sector

Nothing to report

No comments: