Friday, September 12, 2014




Complete DHS Report for September 12, 2014

Daily Report

Top Stories

 · Federal agents seized more than $65 million and arrested nine individuals in connection to an alleged drug cartel money laundering ring after executing dozens of search warrants in the Fashion District of Los Angeles, California, September 10. – USA Today See item 7 below in the Financial Services Sector

· One person was killed and 8 others were injured when a semi-truck crossed into oncoming traffic on Interstate 70 near Warrenton, Missouri, September 10 and caused a chain reaction involving 7 other vehicles, closing the roadway for 13 hours.– KMOV 4 St. Louis

8. September 11, KMOV 4 St. Louis – (Missouri) Victim of fatal I-70 accident identified; interstate closed for 13 hours. One person was killed and 8 others were injured when a semi-truck crossed into oncoming traffic on Interstate 70 near Warrenton September 10 and caused a chain reaction involving 7 other vehicles, closing the roadway for 13 hours. Source: http://www.kmov.com/news/local/WB-lanes-of-I-70-closed-near-Warrenton-exit-due-to-overturned-semi-274671421.html

· School District 214 board members approved funding to repair Wheeling High School in Illinois after a September 5 storm caused an estimated $5 million of damage to the school. – WLS 7 Chicago 

22. September 11, WLS 7 Chicago – (Illinois) Board approves funds to repair $5M storm damage at Wheeling High School. School District 214 board members approved funding to repair Wheeling High School in Illinois after a September 5 storm caused an estimated $5 million of damage to the school. Source: http://abc7chicago.com/weather/board-to-vote-on-estimated-$5m-repairs-for-wheeling-high-school/303938/

 · One resident was killed and 60 others were displaced after a 2-alarm fire broke out September 11 at the Centennial Apartment complex in Manchester, Connecticut, in a fire that involved exploding ammunition.– WVIT 30 New Britain 

33. September 11, WVIT 30 New Britain – (Massachusetts) Police ID man found dead after Manchester fire. One resident was killed and 60 others were displaced by a 2-alarm fire that broke out September 11 at the Centennial Apartment complex in Manchester. Officials later removed ammunition and other munitions from the unit where the fire began, which caused explosions during an attempted rescue by firefighters. Source: http://www.nbcconnecticut.com/news/local/One-Dead-274724631.html

Financial Services Sector

7. September 11, USA Today – (International) Feds seize cash, arrest 9 in L.A. fashion district sweep. Federal agents seized over $65 million in cash and bank accounts while executing search and arrest warrants of individuals and business in Los Angeles September 10 in connection to money laundering operations linked to Mexican organized crime. The individuals and businesses charged allegedly laundered money by converting cash into Mexican pesos, enabling criminal groups to obfuscate the origins of their funds. Source: http://www.usatoday.com/story/news/nation/2014/09/10/la-money-laundering-raid/15411099/

Information Technology Sector

28. September 11, Softpedia – (International) Zemot malware dropper strain delivered via Asprox botnet and exploit kits. Microsoft researchers analyzed the Zemot malware dropper, a variant of Upatre, and observed that it has been distributed through the Asprox (also known as Kuluoz) spam botnet and via exploit kits including Magnitude and Nuclear Pack. Once it infects a system the dropper can then deliver click fraud malware and was recently observed to distribute information-stealing malware including Rovnix, Tesch, and Viknok. Source: http://news.softpedia.com/news/Zemot-Malware-Dropper-Strain-Delivered-Via-Asprox-Botnet-and-Exploit-Kits-458437.shtml

29. September 11, The Register – (International) TorrentLocker unpicked: Crypto coding shocker defeats extortionists. Researchers with Nixu found that the encryption used by the TorrentLocker ransomware to encrypt victims’ files can be defeated if a user has an original copy of the encrypted version of a file over 2MB in size by applying XOR between the encrypted and unencrypted files. Source: http://www.theregister.co.uk/2014/09/11/torrentlocker_contains_freeunlock_crypto_shocker/

30. September 11, Help Net Security – (International) Massive Gmail credential leak is not result of a breach. Google investigated a dump of Gmail credentials posted online and found that the credentials were not the result of a breach and that less than 2 percent of the credentials might have worked. Users were advised to change their passwords, use strong passwords, and enable two-factor authentication if possible as a precaution. Source: http://www.net-security.org/secworld.php?id=17352

31. September 10, Threatpost – (International) Details disclosed for critical vulnerability patched in Webmin. A researcher with the University of Texas published details on a critical vulnerability in Webmin that was patched in May, showing that the vulnerability could have been used by unauthenticated users to delete files stored on the server. Source: http://threatpost.com/details-disclosed-for-critical-vulnerability-patched-in-webmin

32. September 10, Threatpost – (International) Apache warns of Tomcat remote code execution vulnerability. The Apache Software Foundation warned users of some older versions of Apache Tomcat that they are vulnerable under limited circumstances to a vulnerability that could allow an attacker to upload malicious JavaServer Pages (JSP) to a server, trigger the execution of the JSP, and then execute arbitrary commands on the server. The vulnerability affects versions 7.0.0 to 7.0.39 and users were advised to update their installations. Source: http://threatpost.com/apache-warns-of-tomcat-remote-code-execution-vulnerability

Communications Sector

Nothing to report