Wednesday, May 21, 2014




Complete DHS Report for May 21, 2014

Daily Report

Top Stories

 • An explosion and fire at Johnson Brass & Machine Foundry in Saukville, Wisconsin, May 19 injured seven workers and caused the evacuation of the facility. – Milwaukee Journal-Sentinel

2. May 19, Milwaukee Journal-Sentinel – (Wisconsin) Explosion injures seven workers at Saukville foundry. An explosion and fire at Johnson Brass & Machine Foundry in Saukville May 19 injured seven workers and caused the evacuation of the facility. State fire officials are investigating the cause of the explosion. Source: http://www.jsonline.com/news/explosion-injures-workers-in-saukville-b99273894z1-259857381.html

 • Credit Suisse pleaded guilty and agreed to pay a $2.6 billion settlement May 19 in response to U.S. Department of Justice charges that the bank helped U.S. clients to evade taxes through 2009. – CNN Money See item 4 below in the Financial Services Sector

  • A Danville, California businessman was charged May 19 with allegedly running a mortgage fraud scheme that tricked banks into approving loans, leading to $150 million in losses. – KTVU 2 Oakland See item 7 below in the Financial Services Sector

 • Approximately 300,000 gallons of sewage spilled into a tributary of Gunpowder Falls in Baltimore County, Maryland, after a manhole cover was removed and vandalized, causing rocks to block a 12-inch sewer line. – Baltimore Brew (See item 18)

18. May 19, Baltimore Brew – (Maryland) Sewer spill in Baltimore County is linked to vandalism. Approximately 300,000 gallons of sewage spilled into Gunpowder Falls in Baltimore County after a manhole cover was removed and vandalized, causing rocks to block a 12-inch sewer line, discharging raw sewage into a tributary. Officials are monitoring the water quality. Source: https://www.baltimorebrew.com/2014/05/19/sewer-spill-in-baltimore-county-is-linked-to-vandalism/

Financial Services Sector

4. May 19, CNN Money – (International) Credit Suisse pleads guilty in tax evasion case. Credit Suisse pleaded guilty and agreed to pay a $2.6 billion settlement May 19 in response to U.S. Department of Justice charges that the bank helped U.S. clients to evade taxes through 2009. Source: http://money.cnn.com/2014/05/19/news/companies/credit-suisse/index.html

5. May 19, WPLG 10 Miami – (Florida) North Miami mayor charged in $8 million mortgage fraud scheme. The mayor of North Miami was charged May 19 with being involved in an alleged $8 million mortgage fraud scheme that used a radio show to recruit straw buyers for 20 properties. Source: http://www.local10.com/news/north-miami-mayor-to-be-charged-with-mortgage-fraud/26052986

6. May 19, Help Net Security – (International) Researchers discover critical flaws in the Chip and PIN system. Researchers at Cambridge University identified two vulnerabilities in the Europay, MasterCard, and Visa (EMV) ‘chip and PIN’ payment card system that could allow attackers to carry out “pre-play” attacks in order to commit ATM or point of sale (POS) fraud. One vulnerability involves poor random number generation that could be predicted and used for ATM withdrawal, while the second is a protocol failure that could enable malware or a man-in-the-middle (MitM) attack to replace randomly generated numbers with ones chosen by the attacker. Source: http://www.net-security.org/secworld.php?id=16881

7. May 19, KTVU 2 Oakland – (California) Danville man arrested in $150 million mortgage fraud scheme. A Danville, California businessman was charged May 19 with allegedly running a mortgage fraud scheme that tricked banks into approving loans, leading to $150 million in losses. Source: http://www.ktvu.com/news/news/crime-law/danville-man-arrested-150-million-mortgage-fraud-s/nfzRF/

8. May 19, Chicago Sun-Times – (Illinois) Six charged in $22.8 million mortgage fraud scheme at South Loop condo building. A real estate developer and five others were charged in an indictment released May 15 with allegedly helping buyers fraudulently obtain 60 mortgages for properties at the Vision on State condominium complex in Chicago, resulting in $22.8 million in losses to lenders. Source: http://voices.suntimes.com/news/breaking-news/six-charged-in-22-8-million-mortgage-fraud-scheme-at-south-loop-condo-building/
 
Information Technology Sector

25. May 20, Help Net Security – (International) Fascinating MiniDuke backdoor hits again. ESET researchers identified a new variant of the MiniDuke Assembler-based backdoor. The new variant uses a Word RTF memory corruption vulnerability to deliver the backdoor, and contains new features including a Jscript component that contacts a command and control server via Twitter. Source: http://www.net-security.org/malware_news.php?id=2769

26. May 20, Help Net Security – (International) Angler exploit kit starts wielding Silverlight exploits. Researchers at Cisco reported an increase in the number of exploit kits adding Silverlight vulnerabilities to their capabilities, with a large increase in traffic being directed to sites hosting the Angler exploit, which then attempt to exploit a Silverlight memory disclosure vulnerability. Source: http://www.net-security.org/malware_news.php?id=2770
 
27. May 19, SC Magazine – (International) ‘Infinity’ exploit kit targets IE, Firefox, Opera to deliver malware. Researchers at IntelCrawler identified a new exploit kit known as Infinity being sold on underweb markets which targets vulnerabilities in the Internet Explorer (IE), Firefox, and Opera browsers, as well as plug-ins such as Adobe Flash, in order to upload malware. Source: http://www.scmagazine.com/infinity-exploit-kit-targets-ie-firefox-opera-to-deliver-malware/article/347590/
 
Communications Sector

28. May 20, Reuters – (National) Sprint to pay $7.5M in record US settlement for unwanted calls. Sprint Corporation agreed to pay $7.5 million to settle allegations that it did not spare consumers from unwanted telemarketing calls, the Federal Communications Commission (FCC) reported May 19. The case marks the largest “Do-Not-Call” settlement the agency had ever reached and also requires Sprint to implement a plan to ensure compliance with FCC requirements. Source: http://www.prairiebizmag.com/event/article/id/19202/