Wednesday, August 13, 2014




Complete DHS Report for August 13, 2014

Daily Report

Top Stories

 · New York prosecutors August 11 charged 12 companies and their Chattanooga, Tennessee-based owner for allegedly enabling payday loans that violated the State’s limits on interest rates, with one company receiving around $50 million from New York residents. – New York Times See item 2 below in the Financial Services Sector

 · Police in Irving, Texas, arrested a man believed to be the “Short Stack Bandit”, a suspect in at least 11 bank robberies in the Portland, Oregon area. – KPTV 12 Portland See item 3 below in the Financial Services Sector

 · Police are searching for suspects that attempted to detonate a pipe bomb outside Mrachek Middle School in Aurora, Colorado, prompting an evacuation and cancellation of classes August 11. – KMGH 7 Denver 

14. August 11, KMGH 7 Denver – (Colorado) Mrachek Middle School evacuated, then closed after failed pipe bomb found outside school. Police are searching for suspects that attempted to detonate a pipe bomb outside Mrachek Middle School in Aurora, Colorado, prompting an evacuation and cancellation of classes August 11. Authorities determined the suspects tried to light a fire in order to ignite the bomb, which ended up burning itself out without further incident. Source: http://www.thedenverchannel.com/news/local-news/mrachek-middle-school-evacuated

 · Additional police officers were called in and tear gas was used to contain a riot that broke out after a protest August 10 in Ferguson, Missouri, where individuals blocked traffic, vandalized at least 20 police vehicles, and looted or burned several stores. – Washington Post 

25. August 11, Washington Post – (Missouri) Police killing prompts rioting, looting near St. Louis. At least 60 additional police officers were called in and tear gas was used to contain a riot that broke out after a protest August 10 in Ferguson, Missouri, where individuals blocked traffic, vandalized at least 20 police vehicles, and looted or burned stores, including a Walmart, a grocery store, and a QuikTrip store. Source: http://www.washingtonpost.com/news/morning-mix/wp/2014/08/11/police-killing-prompts-rioting-looting-near-st-louis/

Financial Services Sector

2. August 11, New York Times – (International) New York prosecutors charge payday loan firms with usury. New York prosecutors August 11 charged 12 companies and their Chattanooga, Tennessee-based owner for allegedly enabling payday loans that violated the State’s limits on interest rates, with one company receiving around $50 million from New York residents. The defendant and two associates allegedly attempted to bypass laws against the high interest rates by incorporating companies in the West Indies or in States that the defendant and his associates chose for their lesser oversight requirements. Source: http://dealbook.nytimes.com/2014/08/11/new-york-prosecutors-charge-payday-lenders-with-usury/

3. August 11, KPTV 12 Portland – (Texas; Oregon; Washington) FBI: Portland bank robber, ‘Short Stack Bandit,’ arrested in Texas. Police in Irving, Texas, arrested a man believed to be the “Short Stack Bandit”, a suspect wanted in connection to at least 11 bank robberies in the Portland, Oregon area since October 2013. Source: http://www.kptv.com/story/26254050/fbi-portland-bank-robber-short-stack-bandit-arrested-in-texas

4. August 11, South Florida Sun Sentinel – (Florida) Parkland investor pleads guilty to role in $21 million fraud case. The former vice president of Fort Lauderdale-based Commodities Online LLC pleaded guilty August 11 to his role in a $21 million fraud scheme run through the company between January 2010 and April 2011. Two others were also charged in the scheme that defrauded around 700 investors. Source: http://articles.sun-sentinel.com/2014-08-11/news/fl-parkland-investor-pleads-guilty-20140811_1_parkland-man-gallo-commodities

For another story, see item 16 below from the Government Facilities Sector

16. August 11, Bloomberg News – (Kansas) SEC charges Kansas with not disclosing pension risk to investors. Kansas put new disclosure policies in place and agreed to settle a case brought forth by the U.S. Securities and Exchange Commission for failing to disclose a multi-billion-dollar pension liability to bond investors. Investigators found that bond offering documents did not adequately inform investors of pension liability. Source: http://www.kansascity.com/news/business/article1200109.html

Information Technology Sector

20. August 12, Softpedia – (International) Millions of computers have backdoor enabled by default. Researchers from Kaspersky and Cubica Labs presenting at the Black Hat conference demonstrated how the legitimate Computrace anti-theft solution can be used by attackers performing a man-in-the-middle (MitM) attack to remotely execute arbitrary code on the target device due to the lack of encryption in Computrace traffic. Most computers come with Computrace already present, leaving millions of devices vulnerable to malicious use of the solution. Source: http://news.softpedia.com/news/Millions-of-Computers-Have-Backdoor-Enabled-by-Default-454666.shtml

21. August 12, Threatpost – (International) Authentication bypass bug fixed in BlackBerry Z10. Modzero researchers identified and reported two methods for remotely exploiting an authentication bypass vulnerability in BlackBerry Z10 phones that could allow attackers to install malware or steal personal data. BlackBerry released an update that closes the vulnerability and pushed it out to phone carriers. Source: http://threatpost.com/authentication-bypass-bug-fixed-in-blackberry-z10/107715

22. August 11, Softpedia – (International) Yahoo ad network used to spread CryptoWall ransomware. A researcher at Blue Coat Systems identified a malicious advertising campaign that uses the Yahoo advertisement network to distribute malicious ads that direct users to malicious pages that attempt to serve a variant of the Cryptowall ransomware. The researcher also reported that the adsmail.us service was also used in the campaign. Source: http://news.softpedia.com/news/Yahoo-Ad-Network-Used-to-Spread-CryptoWall-Ransomware-454520.shtml

Communications Sector

23. August 12, KOKI 23 Tulsa – (Oklahoma) Cut cable line impacts emergency services in Mayes County. Cable, cell phone, landline, and Internet services were restored to more than 41,000 residents in Mayes County nearly 4 hours after a contractor inadvertently cut a fiber optic cable August 11. AT&T reported some customers in the Claremore and Pryor areas may have also experienced issues with their U-Verse, wireless, and wireline services. Source: http://www.fox23.com/news/news/local/cut-cable-line-leaves-thousands-mayes-county-witho/ngzk7/

For another story, see item 21 above in the Information Technology Sector