Daily Report
Top Stories
• Fifteen California medical professionals
were charged in a $25 million scheme involving a firm that hired pharmacists to
produce a pain-relief cream and gave kickbacks to doctors and chiropractors to
prescribe it and submit phony claims from October 2009 to January 2013. – Associated
Press
22. June 25, Associated Press – (California) 15 medical
professionals indicted for $25M scheme. Fifteen pharmacists, doctors, and
other medical professionals in southern California were charged in a $25
million workers’ compensation scheme linked to the death of a baby. The scam
involved a workers’ compensation claims management firm that hired pharmacists
to produce a pain-relief cream and gave kickbacks to doctors and chiropractors
to prescribe it and submit phony claims from October 2009 to January 2013.
Source: http://news.msn.com/crime-justice/15-medical-professionals-indicted-for-dollar25m-scheme
• The Montana Department of Public Health and
Human Services reported June 24 that a May data security breach compromised
about 1.3 million individuals’ State health records when hackers gained access
to the department’s computer server. – Reuters
23.
June 25, Reuters – (Montana) Montana health record hackers compromise
1.3 million people. The Montana Department of Public Health and Human
Services reported June 24 that a May data security breach compromised about 1.3
million individuals’ State health records including Social Security numbers
when hackers gained access to the department’s computer server. Officials
continue to investigate the incident and the full extent of damage. Source: http://news.msn.com/science-technology/montana-health-record-hackers-compromise-13-million-people
• NRAD Medical Associates in Garden City, New
York, informed 97,000 patients that a former radiologist accessed and acquired
protected health and personal information from its billing system without
authorization in April. – Long Island Newsday
24.
June 24, Long Island Newsday – (New York) Long Island radiology
practice NRAD informs 97,000 patients of data breach. Garden City-based
Nassau Radiologic Group Medical Associates (NRAD) informed 97,000 patients that
a former employee had unauthorized access to their personal information after
learning the former radiologist accessed and acquired protected health and
personal information from NRAD’s billing system in April. Source: http://www.newsday.com/news/health/long-island-radiology-practice-nrad-informs-97-000-patients-of-data-breach-1.8553832
• Federal prosecutors charged a former Iowa
State University laboratory manager after he confessed to skewing results of an
experimental HIV vaccine after years of work and millions in grants were spent.
– Associated Press
25.
June 24, Associated Press – (Iowa) Researcher charged in major HIV
vaccine fraud case. Federal prosecutors charged a former Iowa State
University laboratory manager after he confessed to skewing results of an
experimental HIV vaccine by spiking rabbit blood samples with human antibodies
to appear more successful. A separate experiment determined the results were
bogus after years of work and millions in grants were spent. Source: http://news.msn.com/crime-justice/researcher-charged-in-major-hiv-vaccine-fraud-case
Financial Services Sector
7. June 25, Dark Reading – (International) PayPal
two-factor authentication broken. PayPal disabled its two-factor
authentication option for mobile users after Duo Security researchers confirmed
an independent researcher’s findings showing that it was possible to bypass the
feature. The vulnerability exists in a PayPal API and affects mobile users but
not PayPal’s Web application. Source: http://www.darkreading.com/mobile/paypal-two-factor-authentication-broken/d/d-id/1278840
8. June 25, Softpedia – (International) GameOver trojan
is still in the game. Researchers with Arbor Networks reported that a
Citadel campaign that evaded takedown attempts has been retrofitted with the
GameOver trojan in order to continue its bank fraud operations as well as to
distribute the CryptoLocker ransomware. Source: http://news.softpedia.com/news/GameOver-Trojan-Is-Still-In-the-Game-448305.shtml
9. June 25, Softpedia – (International) Cybercriminals
lift over $680,000/500,000 EUR in one week. Researchers with Kaspersky
reported finding a command and control (C&C) server for a
man-in-the-browser (MitB) campaign that targeted an undisclosed large European
bank and stole around $680,000 within 1 week from customers’ accounts. The
C&C server was identified in January but the cybercriminals running it took
it offline after 2 days, which prevented further analysis. Source: http://news.softpedia.com/news/Cybercriminals-Lift-Over-680-000-500-000-EUR-In-One-Week-448325.shtml
10. June 24, Grand Rapids Press – (Michigan) Man police
suspect of statewide credit card fraud pulled over in Grand Haven, arrested. Police
in Grand Haven arrested an Illinois man June 21 on suspicion of running a
statewide payment card fraud scheme where he would allegedly use cloned credit
cards to purchase pre-paid credit cards at Wesco gas stations. Local
authorities and the U.S. Secret Service are involved in the investigation.
Source: http://www.mlive.com/news/grand-rapids/index.ssf/2014/06/man_police_suspect_of_statewid.html
Information Technology Sector
33. June 24, IDG News Service –
(International) Researchers expect large wave of rootkits targeting 64-bit
systems. McAfee released a report June 24 that found that the number of new
rootkit samples in the first quarter of 2014 increased to the highest levels
seen since 2011, with more rootkits designed for 64-bit operating systems
expected in the future. Source: http://www.networkworld.com/article/2367401/researchers-expect-large-wave-of-rootkits-targeting-64bit-systems.html
34. June 24, Securityweek –
(International) AskMen compromised to distribute financial malware: Report. Researchers
at Websense reported June 23 that the AskMen online magazine was compromised
and used to redirect visitors to a malicious Web site hosting exploits for Java
and Adobe Reader. Source: http://www.securityweek.com/askmen-compromised-distribute-financial-malware-report
35. June 24, Washington Post –
(International) Microsoft says it’s resolved Outlook outage for business
users across the country. Microsoft reported that it experienced an outage
June 24 affecting its Exchange Online service, with users reporting being
unable to access the email service for several hours. The issue was resolved
later that evening. Source: http://www.washingtonpost.com/blogs/the-switch/wp/2014/06/24/microsoft-outlook-outage-reported-across-much-of-the-country/
For additional stories, see items 7,
8, and 9 above in the Financial
Services Sector. Also be sure to review the Top Stories
as several are relevant to the Information Technology Sector.
Communications Sector
36.
June 24, BartlesvilleRadio.com – (Oklahoma) Fiber optic line damage
halts communications. Residents in the Bartlesville area had their cell
phone service interrupted June 24 due to a damaged fiber optic line between
Bartlesville and Collinsville. No timeframe was given for repairs to be completed.
Source: http://bartlesvilleradio.com/pages/news/73062014/fiber-optic-line-damage-haults-communications