Thursday, April 10, 2014




Complete DHS Report for April 10, 2014

Daily Report

Details

 • Toyota Motor Corp. announced several recalls covering 6.39 million vehicles globally,  including 2.34 million in the U.S., from model years 2004 to 2013 due to five different defects. – USA Today

1. April 9, USA Today – (International) 5 defects lead Toyota to recall 6.4M vehicles. Toyota Motor Corp. announced several recalls covering 6.39 million vehicles globally, including 2.34 million in the U.S., from model years 2004 to 2013 due to five different defects. Source: http://www.usatoday.com/story/money/cars/2014/04/09/toyota-recalls/7497031/

 • Highway 290 eastbound in Houston was shut down April 8 for about 17 hours while crews cleaned up over 250 gallons of spilled diesel fuel caused by a semi-truck crashing into a concrete wall, killing the driver. – KTRK 13 Houston

12. April 8, KTRK 13 Houston – (Texas) Highway 290 reopens hours after fiery crash near Barker Cypress exit. Highway 290 eastbound at Barker Cypress in Houston was shut down April 8 for about 17 hours while crews cleaned up over 250 gallons of spilled diesel fuel caused by a semi-truck crashing into a concrete wall and bursting into flames, killing the driver. Source: http://abclocal.go.com/ktrk/story?section=resources/traffic&id=9495737

 • Ottawa County Department of Public Health officials confirmed April 8 that the norovirus pathogen was the cause of an outbreak that affected more than 300 people who ate at Wild Chef Japanese Steakhouse Grill and Bar in Michigan in March. – Grand Haven Tribune

15. April 8, Grand Haven Tribune – (Michigan) 300 sickened by norovirus at Wild Chef. Ottawa County Department of Public Health officials confirmed April 8 that the norovirus pathogen was the cause of an outbreak that affected more than 300 people who ate at Wild Chef Japanese Steakhouse Grill and Bar in Holland Township, Michigan, in March. The restaurant was professionally sanitized and met requirements set forth by the department before it reopened April 7, following a voluntary closure April 1. Source: http://www.grandhaventribune.com/article/928216

 • Police took a male student into custody after he allegedly went on a stabbing spree April 9 at Franklin Regional Senior High School in Murrysville, Pennsylvania, leaving at least 20 people injured. – CNN

20. April 9, CNN – (Pennsylvania) ‘There’s a kid with a knife,’ teen says of Pennsylvania school stabbings. Police took a male student into custody after he allegedly went on a stabbing spree April 9 at Franklin Regional Senior High School in Murrysville, leaving at least 20 people injured. Officials announced that all elementary schools in the district were closed. Source: http://www.cnn.com/2014/04/09/justice/pennsylvania-school-stabbing/index.html

Financial Services Sector

3. April 9, South Florida Business Journal – (Florida) Two arrested in $70M investment scheme for virtual concierge machines. Two men associated with a virtual concierge service based in Jupiter, Florida, were arrested and charged with allegedly running a $70 million Ponzi scheme. The U.S. Securities and Exchange Commission also froze the assets and accounts of the two men in a civil action. Source: http://www.bizjournals.com/southflorida/news/2014/04/08/two-arrested-in-70m-investment-scheme-for-virtual.html

4. April 8, U.S. Securities and Exchange Commission – (National) SEC charges CVS with misleading investors and committing accounting violations. CVS Caremark Corp. agreed to pay $20 million in a settlement with the U.S. Securities and Exchange Commission to resolve charges that the company misled investors and used improper accounting that artificially inflated its financial performance. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370541437806

5. April 8, Bloomberg News – (International) U.S. seeks to seize $12 million in Swiss-linked tax case. U.S. federal prosecutors filed a forfeiture action April 8 against an unidentified individual and the individual’s father, seeking to seize $12.2 million held in two unidentified Swiss banks due to an alleged mail and wire fraud scheme that sought to defraud the Internal Revenue Service of due taxes. The accounts were allegedly set up by a Swiss attorney who previously pleaded guilty to committing tax fraud for more than a decade. Source: http://www.bloomberg.com/news/2014-04-08/u-s-seeks-to-seize-12-million-in-swiss-linked-tax-case.html

6. April 8, Chicago Sun-Times – (Illinois) “Benchwarmer Bandit” holds up Loop bank. A suspect known as the “Benchwarmer Bandit” robbed a Citi Bank branch in the Loop area of Chicago April 8, the fifth robbery linked to the suspect. Source: http://chicago.cbslocal.com/2014/04/08/benchwarmer-bandit-holds-up-loop-bank/

7. April 8, Philadelphia Business Journal – (Pennsylvania) General contractor pleads guilty in $20M mortgage loan scheme. A general contractor pleaded guilty April 8 to working with co-conspirators to defraud banks and the Federal Housing Administration by inflating purchase prices on mortgage documents for over 100 Philadelphia properties between 2004 and 2009, resulting in over $20 million in fraudulent proceeds. The case also involves other defendants associated with the KREW Settlement Services company that allegedly ran the scheme. Source: http://www.bizjournals.com/philadelphia/news/2014/04/08/general-contractor-pleads-guilty-in-20m-mortgage.html?page=all

8. April 8, Chicago Sun-Times – (Illinois) ‘Hooded Bandit’ strikes sixth NW suburban bank. A suspect known as the “Hooded Bandit” robbed a Chase Bank branch in Bensenville April 7, the sixth robbery linked to the suspect in the greater Chicago area since February 2013. Source: http://voices.suntimes.com/news/breaking-news/hooded-bandit-strikes-sixth-nw-suburban-bank/

9. April 7, Nashville Tennessean – (Tennessee) Nashville man pleads guilty to bank fraud. A Nashville man pleaded guilty April 7 to writing $1.2 million in checks from the account of his employer Revolution Pictures Inc., depositing them into accounts under his control, and filing false income tax returns that failed to report over $816,000 in taxable income. Source: http://www.tennessean.com/story/news/crime/2014/04/07/nashville-man-pleads-guilty-bank-fraud/7440241/

Information Technology Sector

27. April 9, Softpedia – (International) Companies advise users to change passwords due to possible Heartbleed attacks. Several private companies and government organizations advised users to change their passwords in the wake of the Heartbleed vulnerability in OpenSSL that could expose usernames, passwords, and other secure communications. Security researchers also began posting analyses of the vulnerability as organizations worked to close the vulnerability on their systems. Source: http://news.softpedia.com/news/Companies-Advise-Users-to-Change-Passwords-Due-to-Possible-Heartbleed-Attacks-436704.shtml

28. April 9, Softpedia – (International) Four vulnerabilities fixed with the release of Adobe Flash Player 13.0.0.182. Adobe issued an update for its Flash Player, closing four security issues. Source: http://news.softpedia.com/news/Four-Vulnerabilities-Fixed-With-the-Release-of-Adobe-Flash-Player-13-0-0-182-436600.shtml

29. April 9, Softpedia – (International) WordPress 3.8.2 addresses 2 vulnerabilities, includes 3 security hardening changes. A new version of WordPress was released for download containing fixes for two security vulnerabilities and three changes that enhance security. Source: http://news.softpedia.com/news/WordPress-3-8-2-Addresses-2-Vulnerabilities-Includes-3-Security-Hardening-Changes-436613.shtml

30. April 8, Threatpost– (International) Last call for XP, Office 2003 updates: April Patch Tuesday fixes 11 vulnerabilities. Microsoft released its monthly Patch Tuesday round of updates April 8, including the final updates for Windows XP and Office 2003, with 4 bulletins closing 11 vulnerabilities. Source: http://threatpost.com/last-call-for-xp-office-2003-updates-april-patch-tuesday-fixes-11-vulnerabilities/105329

31. April 8, IDG News Service – (International) Cybercriminals use sophisticated PowerShell-based malware. Researchers at Symantec identified a new malicious PowerShell script that contains several ways to hide itself and can inject malicious code into rundll32.exe. The finding follows the discovery of another malicious PowerShell script by Trend Micro researchers known as CRIGENT or Power Worm during March. Source: http://www.networkworld.com/news/2014/040814-cybercriminals-use-sophisticated-powershell-based-280521.html

32. April 8, Threatpost – (International) Google patches 31 flaws in Chrome. Google released a new version of its Chrome browser, closing 31 vulnerabilities, 19 of which were rated as high priority. Source: http://threatpost.com/google-patches-31-flaws-in-chrome/105326

33. April 8, Softpedia – (International) 2013 threat report: 8 mega data breaches, 552 million identities exposed. Symantec published its Internet Security Threat Report for 2013, showing a 62 percent increase in data breaches from organizations during the year, with 552 million identities exposed, among other findings. Source: http://news.softpedia.com/news/2013-Threat-Report-8-Mega-Data-Breaches-552-Million-Identities-Exposed-436508.shtml

34. April 8, IDG News Service – (International) Yahoo email anti-spoofing policy breaks mailing lists. Security researchers reported encountering an issue with mailing lists after Yahoo introduced a new Domain-based Message Authentication, Reporting, and Conformance (DMARC) policy to prevent email spoofing. Source: http://www.networkworld.com/news/2014/040914-yahoo-email-anti-spoofing-policy-breaks-280500.html

Communications Sector

Nothing to report