Friday, November 28, 2014



Complete DHS Report for November 28, 2014

Daily Report

Top Stories

 • Twenty-five Jacksonville, Florida-area residents and two others were charged November 25 in an alleged false compensation scheme that defrauded a BP oil spill compensation fund of more than $1 million. – Florida Times-Union
1.     November 26, Florida Times-Union – (Florida) 27 indicted in fraud case from 2010 BP oil spill; most from Jacksonville area. The U.S. Attorney’s Office announced that 25 Jacksonville-area residents and 2 others were charged November 25 in an alleged scheme to defraud a BP oil spill compensation fund of more than $1 million by claiming they were employees of businesses affected by the 2010 oil spill following the explosion of the Deepwater Horizon oil rig in the Gulf of Mexico off Louisiana. Source: http://jacksonville.com/news/crime/2014-11-25/story/27-jacksonville-area-residents-indicted-fraud-case-2010-bp-oil-spill

 • A crash on Interstate 35 in San Marcos, Texas, involving 2 semi-trucks and 6 passenger vehicles destroyed 3 vehicles, left 1 person dead and 4 others injured, and shut down northbound lanes for nearly 12 hours November 25. – KXAN 36 Austin
5. November 26, KXAN 36 Austin – (Texas) Deadly crash closes parts of I-35 in San Marcos. Police are investigating after deadly crash on Interstate 35 in San Marcos involving 2 semi-trucks and 6 passenger vehicles destroyed the 2 trucks and 1 of the passenger vehicles, left 1 person dead and 4 others injured, and shut down northbound lanes for nearly 12 hours November 25. Source: http://kxan.com/2014/11/25/fiery-big-rig-crash-closes-down-i-35-in-san-marcos/

 • DeKalb Hospital in Auburn, Indiana, resumed normal operations November 24 after halting all admissions for 2 days after Legionnaire’s Disease bacteria was found in the hospital water supply following the death of a patient who tested positive for the bacteria. – Associated Press; Auburn Star 
15. November 25, Associated Press; Auburn Star – (Indiana) Indiana hospital resumes admissions after scare. DeKalb Hospital in Auburn, Indiana, resumed normal operations November 24 after halting all admissions for 2 days while it sanitized its water system after tests confirmed the bacteria that causes Legionnaire’s disease was in the hospital’s water following the death of a patient who tested positive for the bacteria. Source: http://www.bellinghamherald.com/2014/11/25/3993922_indiana-hospital-resumes-admissions.html

 • A former patient registration specialist at Parkland Memorial Hospital in Dallas pleaded guilty November 25 to stealing the personal information of more than 3,000 patients to recruit customers for his own business. – Dallas Morning News
16. November 25, Dallas Morning News – (Texas) Former Parkland hospital employee admits stealing patient information to market his home health care business. A former patient registration specialist at Parkland Memorial Hospital in Dallas pleaded guilty November 25 to stealing the personal information of more than 3,000 patients to drum up business for his personal health care company, Dallas Home Health Care. His employees cold-called seniors for extraneous service and billed Medicaid and Medicare for the services, while bribing patients to stay on as clients. Source: http://crimeblog.dallasnews.com/2014/11/former-parkland-hospital-employee-admits-stealing-patient-information-to-market-his-home-health-care-business.html/

Financial Services Sector

2. November 25, U.S. Securities and Exchange Commission – (Missouri) SEC charges former Solutia executive with insider trading. The U.S. Securities and Exchange Commission filed charges in the U.S. District Court for the Eastern District of Missouri against the former CEO of Solutia Inc., November 25 for allegedly using insider information ahead of the company’s acquisition by Eastman Chemical Company to make illicit profits of $104,391. The former CEO agreed to settle the charges and was required to pay $104,391 in disgorgement, another $104,391 in a penalty, and $8,371.71 in interest as well as being barred from serving as an officer and director of a public company. Source: http://www.sec.gov/litigation/litreleases/2014/lr23142.htm

3. November 25, U.S. Securities and Exchange Commission – (International) SEC charges HSBC’s Swiss private banking unit with providing unregistered services to U.S. clients. HSBC’s Switzerland-based private banking arm, HSBC Private Bank (Suisse), agreed to admit wrongdoing and paid $12.5 million to settle U.S. Securities and Exchange Commission charges that the entity violated federal securities laws by failing to register with the SEC before providing international investment advice and brokerage services to U.S. clients. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370543534789
 
Information Technology Sector

24. November 26, IDG News Service – (International) Hacking Team surveillance malware masquerades as legitimate bookmark manager. The developers of the Detekt tool reported that the Remote Control System (RCS) surveillance malware developed and sold by Italian company Hacking Team was found disguised as the legitimate Linkman bookmark management application. The certificate signing the malware was found in two fake Linkman samples containing RCS as well as in a third malware sample, and the certificate was revoked by its issuing authority. Source: http://www.networkworld.com/article/2852753/hacking-team-surveillance-malware-masquerades-as-legitimate-bookmark-manager.html

25. November 26, Securityweek – (International) DoS vulnerability found in MatrikonOPC Server for DNP3. MatrikonOPC released updates for its OPC Server for DNP3 industrial connectivity devices to close a denial of service (DoS) vulnerability which could be exploited remotely by an attacker to cause a loop in the application until manually restarted. The product is used in industries including the energy and chemical sectors and users were advised to update their installations or use a workaround until the patch can be applied. Source: http://www.securityweek.com/dos-vulnerability-found-matrikonopc-server-dnp3

26. November 25, Securityweek – (International) Adobe patches Flash Player to add additional protection against attack. Adobe released an out-of-band patch for its Flash Player software as a precaution to protect users after the Angler exploit kit was found to target a vulnerability in Flash Player that may not have been patched during the most recent scheduled patch release. Source: http://www.securityweek.com/adobe-patches-flash-player-add-additional-protection-against-attack

27. November 25, SC Magazine – (International) DroidJack RAT hits hacker forums, comes from legitimate app developers. Symantec researchers reported that formerly legitimate app developers created a new remote access tool (RAT) for Android dubbed DroidJack and have put the malware up for sale on underweb forums. The malware includes several features, including access to compromised devices’ cameras, contact, GPS data, and the ability to listen to voice conversations. Source: http://www.scmagazine.com/droidjack-rat-posted-for-sale-online/article/385281/

Communications Sector

28. November 25, Petoskey News-Review – (Michigan) Crash knocks out area Charter services. Approximately 700 Charter Communications customers in the Petoskey area were without telephone, television, and Internet services for several hours November 25 when a vehicle crashed into a pole on M-119 near the local system’s head-end facility. Source: http://www.petoskeynews.com/featured-pnr/crash-knocks-out-area-charter-services/article_598b6fb4-74c9-11e4-925d-a31fa8014d0a.html