Monday, March 3, 2014

Complete DHS Report for March 3, 2014

Daily Report

Details

 • Officials arrested 110 suspects in 4 countries that are believed to be connected to a boiler room scheme that duped more than 1,000 individuals out of millions of dollars. – Associated Press See item 3 below in the Financial Services Sector

 • A United Kingdom man was charged with hacking the Federal Reserve Bank’s servers, where he stole personal information of employees and published it on a Web site. – IDG News Service See item 4 below in the Financial Services Sector

 • Five San Francisco police officers were suspended after being charged in 2 separate indictments including stealing drugs and money seized as part of investigations and civil rights violations. – Associated Press

13. February 27, Associated Press – (California) 5 San Francisco officers indicted by feds. Federal prosecutors announced February 27 that 5 San Francisco police officers were charged in 2 separate indictments including stealing drugs and money seized as part of investigations and civil rights violations. The officers were suspended and had their guns taken away by the department. Source: http://news.msn.com/crime-justice/5-san-francisco-officers-indicted-by-feds

 • Several Columbus, Ohio businesses and State agencies were closed or delayed due to a power outage caused by a fire and two explosions at an underground electricity vault. – Columbus Dispatch

17. February 28, Columbus Dispatch – (Ohio) Power mostly restored after downtown blasts. Crews worked February 28 to restore power to several downtown Columbus businesses and State agencies that were closed or delayed due to a power outage caused by a fire and two explosions at an underground American Electric Power vault. Officials speculate damage from a close-by water main break in January may have contributed to the incident. Source: http://www.dispatch.com/content/stories/local/2014/02/28/blasts-shake-downtown-manhole-covers-blown.html

Financial Services Sector

3. February 28, Associated Press – (International) 'Boiler room' fraud: 110 arrested across Europe in investment scam. Officials arrested 110 suspects in 4 countries that are believed to be connected to a boiler room scheme that duped more than 1,000 individuals into buying worthless or nonexistent shares, and stealing millions of dollars. Source: http://www.huffingtonpost.com/2014/02/28/boiler-room-fraud-europe-investment-scam_n_4873196.html

4. February 27, IDG News Service – (International) UK man charged with hacking Federal Reserve. The U.S. Attorney’s office announced that a man from the United Kingdom was charged with allegedly using a Structured Query Language (SQL) attack to infiltrate the Federal Reserve Bank’s servers, where he stole personal information of employees and published it on a Web site. Source: http://www.computerworld.com/s/article/9246650/UK_man_charged_with_hacking_Federal_Reserve

Information Technology Sector

14. February 28, The Register – (International) Apple slams shut TEN code execution holes in QuickTime on Windows. Apple released a patch that fixes 10 serious bugs in the Windows version of its QuickTime media player that allowed malicious video files to execute arbitrary code. Source: http://www.theregister.co.uk/2014/02/28/apple_drops_patches_for_windows_quicktime_and_itunes/

15. February 28, Softpedia – (International) Experts find vulnerabilities in RSA Conference 2014 Android application. Six flaws were discovered in the RSA Conference 2014 app, with the most severe potentially allowing an attacker to exploit a man-in-the-middle (MitM) attack. Another vulnerability could give access to a file containing information of every user who signed up for the conference through the app’s SQLite database file. Source: http://news.softpedia.com/news/Experts-Find-Vulnerabilities-in-RSA-Conference-2014-Android-Application-429766.shtml

16. February 28, Softpedia – (International) Gameover borrows kernel-mode rootkit from Necurs malware. Security researchers warned that a new version of Gameover, the peer-to-peer (P2P) version of the Zeus trojan, has introduced a kernel-mode rootkit from Necurs in order to target users. The new variant is delivered via spam runs and is more difficult to remove. Source: http://news.softpedia.com/news/Gameover-Boroughs-Kernel-Mode-Rootkit-from-Necurs-Malware-429824.shtml

Communications Sector

Nothing to report