Complete DHS Report for April 1, 2014
Daily Report
Details
• General Motors announced March 28 that it is
adding 971,000 vehicles to a previous recall concerning defective ignition
switches that can turn off and cut power to vehicles. – Associated Press
5.
March 29, Associated Press – (National) GM adding 971,000 vehicles to
ignition recall. General Motors announced March 28 that it is adding
971,000 vehicles to a previous recall concerning defective ignition switches
that can turn off and cut power to vehicles. The recall expansion covers
several Chevrolet, Pontiac, and Saturn vehicles from model years 2003-2007 that
may have had defective ignition parts installed during repairs. Source: http://abcnews.go.com/Business/wireStory/gm-adding-824000-vehicles-ignition-recall-23106921
• The U.S. Securities and Exchange Commission
announced charges and asset freezes March 28 against the operators of an
alleged pyramid scheme that raised more than $65 million from Asian and Latino
communities in the U.S. and abroad. – U.S. Securities and Exchange
Commission
See
item 9 below in the Financial
Services Sector
• The last of 13 individuals charged in a
Ponzi-like $1.25 billion insurance fraud scheme was convicted March 28 in Miami
on fraud and conspiracy charges. – Fort Lauderdale Sun Sentinel See item 10
below in the Financial Services Sector
• Officials in Danville, Virginia, will close
Abreu-Grogan Park beginning April 1 in order for Duke Energy crews to clean up
a large coal ash deposit from the Dan River near the Schoolfield Dam. – Danville
Register & Bee
25.
March 28, Danville Register & Bee – (Virginia) Park to close for
ash cleanup. Officials in Danville, Virginia, will close Abreu-Grogan Park
beginning April 1 in order for Duke Energy crews to clean up a large coal ash
deposit from the Dan River near the Schoolfield Dam. Duke Energy authorities
expect work to be completed and the park to reopen in July. Source: http://www.godanriver.com/news/coal-ash/park-to-close-for-ash-cleanup/article_df8138c6-b6c7-11e3-92ba-0017a43b2370.html
Financial Services Sector
7. March 29, Chicago Sun-Times – (Illinois) ‘Benchwarmer
Bandit’ robs fourth bank in two weeks. A suspect known as the “Benchwarmer
Bandit” is thought responsible for the robbery of a Citibank branch in the Lake
View area of Chicago March 29, the fourth robbery tied to the suspect. Source: http://chicago.cbslocal.com/2014/03/29/benchwarmer-bandit-robs-fourth-bank-in-two-weeks/
8. March 29, Associated Press – (International) Sally
Beauty’s security breach grows in scope. Beauty products retailer Sally
Beauty reported March 28 that a data breach exposed a larger number of payment
card records than the less than 25,000 previously estimated by the company.
Source: http://abcnews.go.com/Business/wireStory/sally-beautys-security-breach-grows-scope-23106485
9. March 28, U.S. Securities and Exchange Commission –
(International) SEC halts pyramid scheme targeting Asian and Latino
communities. The U.S. Securities and Exchange Commission announced charges
and asset freezes March 28 against the operators of an alleged pyramid scheme
that raised more than $65 million from Asian and Latino communities in the U.S.
and abroad. The alleged scheme operates under names such as WCM and WCM777 and
is based in California and Hong Kong, under the control of a Temple City,
California man. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370541324305
10. March 28, Fort Lauderdale Sun Sentinel – (Florida) Ex-chief
of Mutual Benefits Corp. guilty in $1.25 billion fraud. The last of 13
individuals charged in a Ponzi-like $1.25 billion insurance fraud scheme was
convicted March 28 in Miami on fraud and conspiracy charges. The fraud occurred
through Mutual Benefits Corporation, which deceived around 30,000 investors to
obtain the money between 1994 and 2004. Source: http://www.sun-sentinel.com/news/broward/fl-mutual-benefits-chief-guilty-20140328,0,5802869.story
For another story, see item 38 below:
38. March 28, Houston Business
Journal – (Texas) Spec's falls victim to network attack, customer
information compromised at dozens of stores. The Houston-based Spec’s wine
and liquor store chain announced March 28 that a security breach exposed some
personal data, such as check and payment card information, of customers who
shopped at 34 of its Texas stores between October 2012 and March 2014. The
company is investigating the attack and has taken steps to mitigate the issue.
Source: http://www.bizjournals.com/houston/news/2014/03/28/specs-falls-victim-to-network-attack-customer.html
Information Technology Sector
28. March 28, Threatpost – (International) FTC settles
with Fandango, Credit Karma over SSL issues in mobile apps. Fandango and
Credit Karma agreed to a settlement with the Federal Trade Commission (FTC)
after the FTC charged that both companies deliberately misrepresented the
security of their mobile apps and created apps that failed to validate SSL
certificates. The companies are required by the settlement to submit to
independent security audits for the next 20 years and to create comprehensive
security programs. Source: http://threatpost.com/ftc-settles-with-fandango-credit-karma-over-ssl-issues-in-mobile-apps/105128
29. March 28, IDG News Service – (International) Philips
smart TVs open to remote attacks via default wireless connection, researchers
say. Researchers at ReVuln published a demonstration video showing that the
newest firmware for some Philips smart TVs opens an insecure Miracast wireless
network that could allow attackers within signal range to control the TV. The
Miracast feature is vulnerable to attackers due to a hard-coded password.
Source: http://www.networkworld.com/news/2014/032814-philips-smart-tvs-open-to-280196.html
For another story, see item 3 below:
3. March 31, Softpedia –
(International) Hackers can unlock Tesla cars by stealing owners’ passwords.
A security researcher reported that the password created by Tesla car
owners can be easily obtained via brute force attacks due to it only containing
six letters and numbers, allowing attackers to track the location of Tesla cars
or unlock the door locks remotely. The remote management API also may share
credentials with untrusted third parties that could also lead to security
issues. Source: http://news.softpedia.com/news/Hackers-Can-Unlock-Tesla-Cars-by-Stealing-Owners-Passwords-434979.shtml
Communications Sector
30.
March 31, Omaha World-Herald – (Wyoming) FCC imposes $17,000 fine on
owner of mysterious radio station KOMJ. The U.S. Federal Communications
Commission ordered Wyoming-based Cochise Broadcasting, owner of KOMJ 1490 AM
Omaha, to pay a $17,000 fine for failing to operate and staff a main studio
with a public inspection file for the station. Source: http://www.omaha.com/article/20140329/MONEY/140328596/1707
31.
March 30, Associated Press – (Massachusetts) North Adams restores
emergency communications lost when radio towers collapse. Two
communications towers on Florida Mountain suffered damage and collapsed March
30 due to high winds and heavy rain, interrupting cell phone and Internet
services for about 13,500 residents in the North Adams area. Emergency service
was restored after about 11 hours and Pittsfield Communications crews worked to
install a portable tower and transmitters in an effort to restore service by
the end of March 31. Source: http://www.masslive.com/news/index.ssf/2014/03/north_adams_restores_emergency.html