Wednesday, March 26, 2014




Complete DHS Report for March 26, 2014

Daily Report

Details

 • Five former associates of Bernard L. Madoff Investment Securities LLC, were convicted March 24 for their role in the company’s $17.5 billion Ponzi scheme, the largest such fraud in U.S. history. – Reuters See item 4 below in the Financial Services Sector

 • Officials confirmed the death toll from a March 22 mudslide in Arlington, Washington, rose to 14 after 6 more bodies were found March 24, while the number of individuals listed as missing also rose from 108 to 176. – Associated Press

10. March 25, Associated Press – (Washington) Fire chief: Death toll from slide expected to rise. Officials confirmed the death toll from a March 22 mudslide in Arlington, Washington, rose to 14 after 6 more bodies were found March 24. The number of individuals listed as missing also rose from 108 to 176. Source: http://www.dispatch.com/content/stories/national_world/2014/03/25/mudslide-death-toll-at-14-176-on-missing-list.html

 • U.S. Navy officials reported that a civilian suspect approached the USS Mahan destroyer docked at Naval Station Norfolk in Virginia, disarmed a petty officer on watch, and fatally shot a sailor March 24 before being shot and killed by security forces. – Associated Press

16. March 25, Associated Press – (Virginia) Navy: Base shooting suspect didn’t have own weapon. U.S. Navy officials reported that a civilian suspect approached the USS Mahan destroyer docked at Naval Station Norfolk in Virginia, disarmed a petty officer on watch, and fatally shot a sailor March 24 before being shot and killed by security forces. Officials are investigating the incident. Source: http://www.washingtonpost.com/local/2-killed-in-shooting-at-naval-station-norfolk/2014/03/25/be4c3268-b3ee-11e3-bab2-b9602293021d_story.html

 • Microsoft warned users March 24 of a zero day exploit for Microsoft Word and Outlook that can be used to deliver malicious code if a user opens or previews a message containing a specific .rtf file. – Krebs on Security See item 21 below in the Information Technology Sector

Financial Services Sector

4. March 25, Reuters – (National) Madoff aides convicted in $17.5 billion Ponzi trial after decades working for firm. Five former associates of Bernard L. Madoff Investment Securities LLC, were convicted March 24 for their role in the company’s $17.5 billion Ponzi scheme, the largest such fraud in U.S. history. Source: http://www.bloomberg.com/news/2014-03-24/madoff-aides-convicted-in-five-month-fraud-trial.html

5. March 25, IDG News Service – (International) ATM malware, controlled by a text message, spews cash. Researchers at Symantec identified a new version of the Ploutus ATM malware that targets an undisclosed variety of standalone ATM and can be controlled by text message to make the ATM dispense cash. Source: http://www.networkworld.com/news/2014/032514-atm-malware-controlled-by-a-280030.html

6. March 25, KEYC 12 Mankato – (National) Fairmont Police & Secret Service investigating credit card fraud. The Fairmont Police Department and the U.S. Secret Service are investigating over 200 reports of payment card fraud in 13 States that appear to be linked to a data compromise at El Agave in Fairmont, Minnesota. Source: http://www.keyc.com/story/25064394/fairmont-police-secret-service-investigating-credit-card-fraud

7. March 25, Denver Business Journal – (Colorado) Littleton homebuilder guilty of federal mortgage fraud. The former head of Golden Design Group Inc., was found guilty March 21 on charges of fraud and money laundering for running a mortgage fraud scheme that used unqualified or unwilling buyers to fraudulently obtain over $11 million. Source: http://www.bizjournals.com/denver/news/2014/03/24/littleton-homebuilder-guilty-of-federal-mortgage.html?page=all

Information Technology Sector

21. March 24, Krebs on Security – (International) Microsoft: 0day exploit targeting Word, Outlook. Microsoft warned users March 24 of a zero day exploit for Microsoft Word and Outlook that can be used to deliver malicious code if a user opens or previews a message containing a specific .rtf file. Exploits have been seen attacking the vulnerability in Word 2010, but the issue is also present in other versions of Word. Source: http://krebsonsecurity.com/2014/03/microsoft-warns-of-word-2010-exploit/

22. March 24, Help Net Security – (International) 10,000 GitHub users inadvertently reveal their AWS secret access keys. Researchers at Threat Intelligence reported that around 10,000 Amazon Web Services secret access keys are able to be found on GitHub via a search as some users have accidentally uploaded them to their project pages. Source: http://www.net-security.org/secworld.php?id=16566

23. March 24, Help Net Security – (International) Basecamp gets DDoSed and blackmailed. Basecamp was disrupted and made unavailable for several hours March 24 after it was hit by a distributed denial of service (DDoS) attack before the attack was mitigated. The attackers demanded a ransom similar to recent attacks on other services, which was not paid. Source: http://www.net-security.org/secworld.php?id=16565

Communications Sector

Nothing to report