Tuesday, April 1, 2014




Complete DHS Report for April 1, 2014

Daily Report

Details

 • General Motors announced March 28 that it is adding 971,000 vehicles to a previous recall concerning defective ignition switches that can turn off and cut power to vehicles. – Associated Press

5. March 29, Associated Press – (National) GM adding 971,000 vehicles to ignition recall. General Motors announced March 28 that it is adding 971,000 vehicles to a previous recall concerning defective ignition switches that can turn off and cut power to vehicles. The recall expansion covers several Chevrolet, Pontiac, and Saturn vehicles from model years 2003-2007 that may have had defective ignition parts installed during repairs. Source: http://abcnews.go.com/Business/wireStory/gm-adding-824000-vehicles-ignition-recall-23106921

 • The U.S. Securities and Exchange Commission announced charges and asset freezes March 28 against the operators of an alleged pyramid scheme that raised more than $65 million from Asian and Latino communities in the U.S. and abroad. – U.S. Securities and Exchange Commission See item 9 below in the Financial Services Sector

 • The last of 13 individuals charged in a Ponzi-like $1.25 billion insurance fraud scheme was convicted March 28 in Miami on fraud and conspiracy charges. – Fort Lauderdale Sun Sentinel See item 10 below in the Financial Services Sector
 • Officials in Danville, Virginia, will close Abreu-Grogan Park beginning April 1 in order for Duke Energy crews to clean up a large coal ash deposit from the Dan River near the Schoolfield Dam. – Danville Register & Bee

25. March 28, Danville Register & Bee – (Virginia) Park to close for ash cleanup. Officials in Danville, Virginia, will close Abreu-Grogan Park beginning April 1 in order for Duke Energy crews to clean up a large coal ash deposit from the Dan River near the Schoolfield Dam. Duke Energy authorities expect work to be completed and the park to reopen in July. Source: http://www.godanriver.com/news/coal-ash/park-to-close-for-ash-cleanup/article_df8138c6-b6c7-11e3-92ba-0017a43b2370.html

Financial Services Sector

7. March 29, Chicago Sun-Times – (Illinois) ‘Benchwarmer Bandit’ robs fourth bank in two weeks. A suspect known as the “Benchwarmer Bandit” is thought responsible for the robbery of a Citibank branch in the Lake View area of Chicago March 29, the fourth robbery tied to the suspect. Source: http://chicago.cbslocal.com/2014/03/29/benchwarmer-bandit-robs-fourth-bank-in-two-weeks/

8. March 29, Associated Press – (International) Sally Beauty’s security breach grows in scope. Beauty products retailer Sally Beauty reported March 28 that a data breach exposed a larger number of payment card records than the less than 25,000 previously estimated by the company. Source: http://abcnews.go.com/Business/wireStory/sally-beautys-security-breach-grows-scope-23106485

9. March 28, U.S. Securities and Exchange Commission – (International) SEC halts pyramid scheme targeting Asian and Latino communities. The U.S. Securities and Exchange Commission announced charges and asset freezes March 28 against the operators of an alleged pyramid scheme that raised more than $65 million from Asian and Latino communities in the U.S. and abroad. The alleged scheme operates under names such as WCM and WCM777 and is based in California and Hong Kong, under the control of a Temple City, California man. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370541324305

10. March 28, Fort Lauderdale Sun Sentinel – (Florida) Ex-chief of Mutual Benefits Corp. guilty in $1.25 billion fraud. The last of 13 individuals charged in a Ponzi-like $1.25 billion insurance fraud scheme was convicted March 28 in Miami on fraud and conspiracy charges. The fraud occurred through Mutual Benefits Corporation, which deceived around 30,000 investors to obtain the money between 1994 and 2004. Source: http://www.sun-sentinel.com/news/broward/fl-mutual-benefits-chief-guilty-20140328,0,5802869.story

For another story, see item 38 below:

38. March 28, Houston Business Journal – (Texas) Spec's falls victim to network attack, customer information compromised at dozens of stores. The Houston-based Spec’s wine and liquor store chain announced March 28 that a security breach exposed some personal data, such as check and payment card information, of customers who shopped at 34 of its Texas stores between October 2012 and March 2014. The company is investigating the attack and has taken steps to mitigate the issue. Source: http://www.bizjournals.com/houston/news/2014/03/28/specs-falls-victim-to-network-attack-customer.html

Information Technology Sector

28. March 28, Threatpost – (International) FTC settles with Fandango, Credit Karma over SSL issues in mobile apps. Fandango and Credit Karma agreed to a settlement with the Federal Trade Commission (FTC) after the FTC charged that both companies deliberately misrepresented the security of their mobile apps and created apps that failed to validate SSL certificates. The companies are required by the settlement to submit to independent security audits for the next 20 years and to create comprehensive security programs. Source: http://threatpost.com/ftc-settles-with-fandango-credit-karma-over-ssl-issues-in-mobile-apps/105128

29. March 28, IDG News Service – (International) Philips smart TVs open to remote attacks via default wireless connection, researchers say. Researchers at ReVuln published a demonstration video showing that the newest firmware for some Philips smart TVs opens an insecure Miracast wireless network that could allow attackers within signal range to control the TV. The Miracast feature is vulnerable to attackers due to a hard-coded password. Source: http://www.networkworld.com/news/2014/032814-philips-smart-tvs-open-to-280196.html

For another story, see item 3 below:

3. March 31, Softpedia – (International) Hackers can unlock Tesla cars by stealing owners’ passwords. A security researcher reported that the password created by Tesla car owners can be easily obtained via brute force attacks due to it only containing six letters and numbers, allowing attackers to track the location of Tesla cars or unlock the door locks remotely. The remote management API also may share credentials with untrusted third parties that could also lead to security issues. Source: http://news.softpedia.com/news/Hackers-Can-Unlock-Tesla-Cars-by-Stealing-Owners-Passwords-434979.shtml

Communications Sector

30. March 31, Omaha World-Herald – (Wyoming) FCC imposes $17,000 fine on owner of mysterious radio station KOMJ. The U.S. Federal Communications Commission ordered Wyoming-based Cochise Broadcasting, owner of KOMJ 1490 AM Omaha, to pay a $17,000 fine for failing to operate and staff a main studio with a public inspection file for the station. Source: http://www.omaha.com/article/20140329/MONEY/140328596/1707

31. March 30, Associated Press – (Massachusetts) North Adams restores emergency communications lost when radio towers collapse. Two communications towers on Florida Mountain suffered damage and collapsed March 30 due to high winds and heavy rain, interrupting cell phone and Internet services for about 13,500 residents in the North Adams area. Emergency service was restored after about 11 hours and Pittsfield Communications crews worked to install a portable tower and transmitters in an effort to restore service by the end of March 31. Source: http://www.masslive.com/news/index.ssf/2014/03/north_adams_restores_emergency.html