Thursday, February 6, 2014




Complete DHS Report for February 6, 2014

Daily Report

 • Pacific Gas and Electric Company confirmed an attack at its Metcalf, California transmission substation in 2013 where snipers shot at the site and knocked out 17 transformers. – Wall Street Journal

4. February 4, Wall Street Journal – (California) Assault on California power station raises alarm on potential for terrorism. Pacific Gas and Electric Company confirmed an April 2013 attack at its Metcalf transmission substation near San Jose where snipers shot at the site and knocked out 17 giant transformers that transmit power to Silicon Valley. Electric-grid officials rerouted power and made repairs, and no one has been arrested in connection with the attack. Source: http://online.wsj.com/news/article_email/SB10001424052702304851104579359141941621778-lMyQjAxMTA0MDAwNDEwNDQyWj

 • A winter storm caused State offices and schools across several States to close and more than 10,000 flights were delayed or cancelled nationwide. – Reuters

31. February 5, Reuters – (National) Snow storm slams U.S. Plains, Northeast. State offices and schools across several States were closed February 5 after a winter storm February 4 caused snowfall, heavy winds, and cold temperatures. More than 9,500 flights were delayed nationwide while roughly 1,800 were cancelled. Source: http://news.msn.com/us/snow-storm-slams-us-plains-northeast

 • U.S. Navy officials are investigating 30 or more sailors in connection with alleged cheating on tests at a Charleston, South Carolina training site. – Associated Press

32. February 4, Associated Press – (South Carolina) Navy probing alleged cheating on nuke reactor work. U.S. Navy officials are investigating 30 or more senior sailors in connection with alleged cheating on tests used to quality them as instructors taken at a Charleston, South Carolina training site. The incident was reported by a senior enlisted sailor at the site February 3. Source: http://news.msn.com/us/navy-probing-alleged-cheating-on-nuke-reactor-work

 • Adobe issued an emergency patch for a critical vulnerability in its Flash Player for Windows, Linux, and OS X systems that could allow an attacker to gain remote control of targeted systems. – Help Net Security See item 35 below in the Information Technology Sector

Details

Financial Services Sector

10. February 5, Associated Press – (Florida) Officials: 22 charged in Fla. insurance fraud ring. Authorities in Florida announced that they broke up an alleged home insurance fraud ring operating in south Florida that used fraudulent claims to defraud insurers of at least $7.6 million. Twenty-two suspects were arrested, including the alleged ringleader who worked as a licensed public adjuster. Source: http://abcnews.go.com/US/wireStory/officials-22-charged-fla-insurance-fraud-ring-22366712

11. February 4, Reuters – (National) JPMorgan to pay $614 mln in U.S. mortgage fraud case. JPMorgan Chase & Co. agreed to pay $614 million and admit that it defrauded federal agencies by underwriting sub-standard mortgage loans that were not eligible for insurance by the Federal Housing Administration of Department of Veterans Affairs. Source: http://www.reuters.com/article/2014/02/05/jpmorgan-settle-idUSL2N0L928N20140205

12. February 4, Reno Gazette-Journal – (Nevada) Suspicious activity in Washoe inmate’s account leads to credit card fraud lab. The Washoe County Sherriff’s Office reported that four individuals were arrested for allegedly running a fraudulent payment card operation after a suspicious amount of money in a county jail inmate’s account was noticed by a booking employee. Authorities seized thousands of credit card numbers and other information during the arrests and expected more arrests to follow. Source: http://www.rgj.com/article/20140204/NEWS0102/302040032/Suspicious-activity-Washoe-inmate-s-account-leads-credit-card-fraud-lab?nclick_check=1

13. February 4, Cleveland Plain Dealer – (Ohio) Leader of Lithuanian credit union admits to charges involving $15 million fraud on investors. The former leader of the now-defunct Taupa Lithuanian Credit Union in Cleveland pleaded guilty February 3 to siphoning money from the credit union as part of a scheme that caused more than $15 million in losses. Source: http://www.cleveland.com/metro/index.ssf/2014/02/leader_of_lithuanian_credit_un.html

14. February 4, Portland Press Herald – (Maine) Ex-Maine loan officer admits $14 million fraud scheme. A former loan officer for Portland-based KeyBank pleaded guilty February 4 to using others’ identities to obtain $14 million in loans and lines of credit that he used for personal expenses. He was also charged with evading $1.3 million in taxes between 2006 and 2011. Source: http://www.pressherald.com/news/Ex-Maine_loan_officer_pleads_guilty_to_bank_fraud__tax_evasion_.html

15. February 4, Palm Desert Patch – (California) ‘Snowboarder Bandit’ case update: Bank robber pleads guilty, sentenced to 8 years prison. A man known as the “Snowboarder Bandit” pleaded guilty February 3 to robbing three banks in the Coachella Valley and attempting to rob another between April 11 and May 4, 2012. The man previously pleaded guilty to robbing 10 banks in Orange County between December 2011 and March 2012. Source: http://palmdesert.patch.com/groups/police-and-fire/p/snowboarder-bandit-case-update-bank-robber-pleads-guilty-sentenced-to-8-years-prison

Information Technology Sector

35. February 5, Help Net Security – (International) Adobe Flash flaw exploited in the wild, update now. Adobe issued an emergency patch for a critical vulnerability in its Flash Player for Windows, Linux, and OS X systems that could allow an attacker to gain remote control of targeted systems. The vulnerability is being actively exploited in the wild and users were advised to install the patch immediately. Source: http://www.net-security.org/secworld.php?id=16313

36. February 5, The Register – (International) iFrame attack injects code via PNGs. Researchers at Sucuri identified an iFrame injection attack in the wild that embeds malicious code in .PNG files. Source: http://www.theregister.co.uk/2014/02/05/iframe_attack_injects_code_via_pngs/

37. February 5, Softpedia – (International) 13 security holes fixed with the release of Firefox 27. Mozilla released the newest version of its Firefox browser, closing a total of 13 security vulnerabilities, including 4 rated as high-impact. Source: http://news.softpedia.com/news/13-Security-Holes-Fixed-with-the-Release-of-Firefox-27-424025.shtml

38. February 5, Softpedia – (International) Rogue GOM Player update that installed malware at Japanese nuclear plant analyzed. Researchers at Kaspersky analyzed a malicious GOM Player update that infected a computer at a Japanese nuclear power plant and found that malicious update contained a legitimate update and a backdoor identified as Backdoor.Win32.Miancha. The researchers believed that the attack was not targeted specifically to the plant. Source: http://news.softpedia.com/news/Rogue-GOM-Player-Update-That-Installed-Malware-at-Japanese-Nuclear-Plant-Analyzed-424085.shtml

Communications Sector

Nothing to report