Daily Report
Top Stories
• Federal authorities from Mobile, Alabama,
arrested a Washington, D.C.-area woman June 3 for allegedly making more than
$900,000 worth of fraudulent claims to the Gulf Coast Claims Facility related
to the 2010 Gulf of Mexico oil spill. – AL.com
2.
June 3, AL.com – (Washington, D.C.; Alabama) Washington-area woman
charged with $900,000 BP oil spill fraud in Mobile. Federal authorities
from Mobile, Alabama, arrested a Washington, D.C.-area woman June 3 for
allegedly making more than $900,000 worth of fraudulent claims to the Gulf
Coast Claims Facility related to the 2010 Gulf of Mexico oil spill. The suspect
is accused of helping prepare over 100 fake claims in the names of other people
and using her personal bank account to deposit checks written to individuals
whose names were used. Source: http://blog.al.com/live/2014/06/washington-area_woman_charged.html
• Researchers identified a new family of
point-of-sale (PoS) and Web browser malware known as Soraya that has
compromised thousands of payment cards. – Securityweek See item 6
below in the Financial Services Sector
• Health officials reported that an estimated
18,000 gallons of untreated sewage spilled into Hanamaulu stream in Lihue,
Hawaii, June 3 after manhole overflowed due to a blocked sewer line. – Hawaii
News Now
19.
June 3, Hawaii News Now – (Hawaii) 18,000 gallons of untreated sewage
spills into Kauai stream. Health officials reported that an estimated
18,000 gallons of untreated sewage spilled into Hanamaulu stream in Lihue June
3 after manhole overflowed on the east side of Kapaia Bridge due to a blocked
sewer line. The public was advised to stay out of Hanamaulu Stream and
Hanamaulu Bay while authorities worked to clear the blocked line and stop the
overflow. Source: http://www.hawaiinewsnow.com/story/25685289/kauai-crews-work-to-contain-sewage-spill
• Six businesses in downtown Pueblo, Colorado,
were destroyed or damaged June 3 when a fire broke out in an office supply
store, then spread to surrounding businesses. – KKTV 11 Colorado Springs
28.
June 4, KKTV 11 Colorado Springs – (Colorado) Six businesses damaged
or destroyed in massive Pueblo fire. Six businesses in downtown Pueblo,
Colorado, were destroyed or damaged June 3 when a fire broke out in an office
supply store, then spread to surrounding businesses. Fire officials temporarily
evacuated a nearby parking garage as a precaution and warned against being
within a two-block radius of the fire due to risks posed by the fire’s smoke.
Source: http://www.kktv.com/home/headlines/Massive-Fire-Burning-In-Downtown-Pueblo-261766901.html
Financial Services Sector
5. June 4, Charleston Post and Courier – (South Carolina) FDIC
sues to collect $9.2M from ex-officers, directors of failed Charleston bank. The
Federal Deposit Insurance Corporation (FDIC) filed a lawsuit June 2 against
seven former directors of the failed Atlantic Bank & Trust based in Charleston,
seeking over $9.2 million in damages it claims were absorbed when the FDIC took
over ownership of the bank in June 2011. Source: http://www.postandcourier.com/article/20140604/PC05/140609748/1010/fdic-sues-to-collect-92m-from-ex-officers-directors-of-failed-charleston-bank
6. June 3, Securityweek – (International) Soraya malware
mixes capabilities of Zeus and Dexter to target payment card data. Researchers
with Arbor Networks identified a new family of point-of-sale (PoS) malware
known as Soraya that is capable of performing memory scraping techniques
similar to the Dexter PoS malware as well as intercepting Web browser data
similar to the Zeus trojan. The researchers found that thousands of payment
cards have been compromised by the malware, mostly originating from financial
institutions in the U.S. and Puerto Rico. Source: http://www.securityweek.com/soraya-malware-mixes-capabilities-zeus-and-dexter-target-payment-card-data
7. June 3, KPRC 2 Houston – (Texas) 2 men charged with
planting skimming devices on Houston ATMs. Two men were arrested June 3 and
charged with allegedly placing 35 skimming devices on 10 Capital One ATMs in
the Houston area between November 2013 and June 2014. U.S. Secret Service
agents alleged that the pair captured payment card information belonging to 375
customers. Source: http://www.click2houston.com/news/2-men-charged-with-planting-skimming-devices-on-houston-atms/26318086
8. June 3, Los Angeles Times – (California) ‘Hypnotist
Bandit’ linked to bank robberies in San Gabriel Valley. Police and FBI
agents linked a suspect known as the “Hypnotist Bandit” to three bank robberies
in the San Gabriel Valley since May 27, including two robberies in the same day
June 3. Source: http://www.latimes.com/local/lanow/la-me-ln-hypnotist-bandit-20140603-story.html
9. June 3, U.S. Securities and Exchange Commission – (New
York) SEC charges Albany, N.Y.-based investment adviser with defrauding
clients. The U.S. Securities and Exchange Commission filed an emergency
enforcement action June 3 against an Albany-based investment adviser for
allegedly using his firm, The ELIV Group LLC, to fraudulently raise over $8.8
million from around 80 investors by misrepresenting the performance and safety
of the investments. The SEC alleges that the firm has had consistent investment
losses and that its owner has withdrawn client funds for personal use. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370541977904
Information Technology Sector
25. June 4, The Register – (International) New software
nasty encrypts Android PHONE files and demands a ransom. Researchers at
ESET identified a new piece of Android ransomware known as Android/Simplocker
that encrypts victims’ data and demands a ransom via the MoneXy service. The
malware is controlled by a command and control server hosted within the TOR
network. Source: http://www.theregister.co.uk/2014/06/04/android_simplocker_file_scrambling_ransomware/
26. June 3, Threatpost – (International) GnuTLS patches
critical remote code execution bug. GnuTLS released a patch for the open
source cryptographic library May 28 that closes a critical remote execution
vulnerability which could allow an attacker to trigger a buffer overflow and
cause a server to crash or potentially execute arbitrary code. Source: http://threatpost.com/gnutls-patches-critical-remote-code-execution-bug
27. June 3, Securityweek – (International) Report
examines how attackers mask threat activity. Palo Alto Networks released
their latest Application Usage and Threat Report June 2, which found that
attackers continue to use common sharing applications such as email and social
media to initiate multi-phased attacks, among other findings. Source: http://www.securityweek.com/report-examines-how-attackers-mask-threat-activity
See another story in the Financial
Services Sector, item 6 above
Communications Sector
Nothing
to report