Complete DHS Report for December 24, 2014
Daily Report
Top Stories
· Federal
prosecutors announced December 19 that Lockheed Martin Integrated Systems
agreed to pay $27.5 million to resolve allegations that the defense contractor
overbilled the federal government for work on two U.S. Army contracts. – Associated
Press
5. December
20, Associated Press – (Maryland; New Jersey) Lockheed Martin
pays $27.5M in billing allegation. Federal prosecutors announced December
19 that Lockheed Martin Integrated Systems agreed to pay $27.5 million to
resolve allegations that the defense contractor overbilled the federal
government for work on 2 U.S. Army Communications and Electronics Command
contracts at Fort Monmouth in New Jersey and the Aberdeen Proving Ground in
Maryland. Officials allege that the contractor provided under-qualified
employees for the work while billing the government at higher rates intended
for qualified workers. Source: https://news.yahoo.com/lockheed-martin-pays-27-5m-002620492.html
· A Delta
Airlines baggage handler and three others were charged December 22 for an
alleged weapons smuggling operation in which more than 129 firearms and
ammunition were smuggled from Atlanta to New York in luggage. – ABC News
9. December
22, ABC News – (Georgia; New York) Feds bust alleged Delta
Airlines gun-smuggling ring. A baggage handler for Delta Airlines and 3
other accomplices were charged December 22 for an alleged weapons smuggling
operation in which more than 129 firearms and ammunition were smuggled from
Atlanta to New York through carry-on luggage. Authorities in New York arrested
one co-conspirator after an investigation determined he was working with the
Delta Airlines ramp agent/baggage handler in the scheme. Source: http://abcnews.go.com/US/feds-bust-alleged-delta-airlines-gun-smuggling-ring/story?id=27777273
· A former
correctional officer at the John E. Goode Pretrial Detention Facility in
Jacksonville, Florida, pleaded guilty December 22 to stealing personal
information from 49 inmates housed at the facility and using it to create fake
debit card accounts and file fake tax returns. – WJXT 4 Jacksonville
22. December
22, WJXT 4 Jacksonville – (Florida) Former correctional officer
pleads guilty to wire fraud, ID theft. A former correctional officer at the
John E. Goode Pretrial Detention Facility in Jacksonville pleaded guilty
December 22 to stealing personal information from 49 inmates housed at the
facility and using it to create fake debit card accounts and 38 fake W-2 forms
claiming more than $250,000 in tax refunds. Source: http://www.news4jax.com/news/former-correctional-officer-pleads-guilty-to-wire-fraud-id-theft/30357336
· Staples
officials released December 19 a list of 115 U.S. stores that were affected by
a security breach that was announced in October and reported that an estimated
1.16 million payment cards were compromised. – CBS News
29. December 22, CBS News – (National) Staples
says 1.16 million credit card numbers stolen in breach. Staples officials
released December 19 a list of 115 U.S. stores that were affected by a security
breach that was announced in October and reported that an estimated 1.16
million payment cards were compromised during the attack that started in July.
The company stated that the company began removing the malware that infected
the stores’ payment systems in September. Source: http://www.cbsnews.com/news/staples-says-1-16-million-credit-card-numbers-stolen-in-breach/
Financial Services Sector
6. December
22, Securityweek – (International) ‘Vawtrak’ banking malware continues
to evolve. Researchers with Sophos identified a new variant of the Vawtrak
banking malware (also known as NeverQuest or Snifula) that is capable of
injecting a DLL into browser processes to infect users and compromise banking
credentials. The malware variant is capable of disguising its communications
and bypassing two-factor authentication, among other capabilities. Source: http://www.securityweek.com/vawtrak-banking-malware-continues-evolve
7. December
22, U.S. Securities and Exchange Commission – (International) SEC
charges two traders in Chile with insider trading. The U.S. Securities and
Exchange Commission filed charges December 22 against 2 business associates in
Chile for allegedly using insider information that 1 of the individuals gained while
serving as a member of the board of CFR Pharmaceuticals S.A. to make around
$10.6 million in illicit profits. Source: http://www.sec.gov/news/pressrelease/2014-291.html
For another story, see item 29 above
in Top Stories
Information Technology Sector
23. December
23, Softpedia – (International) The first polymorphic ransomware emerges,
spreads on its own. Researchers with ESET and Sophos identified a new piece
of ransomware known as VirLock or VirRansom that acts as a virus to infect
several file types and scramble the files, then de-scrambles the files when a
victim attempts to open them and installs the malware. The malware then locks
the screen and demands a ransom be paid to unlock it. Source: http://news.softpedia.com/news/The-First-Polymorphic-Ransomware-Emerges-Spreads-On-Its-Own-468232.shtml
24. December
23, Threatpost – (International) Apple patches NTP vulnerabilities in first
automated patch. Apple released an automatic update for its Mac OS X
operating system, closing several remotely exploitable vulnerabilities in
Network Time Protocol (NTP) that could have allowed attackers to exploit buffer
overflow vulnerabilities. Source: http://threatpost.com/apple-patches-ntp-vulnerabilities-in-first-automated-patch/110090
25. December
23, Softpedia – (International) Security breach at NVIDIA triggers employee
credentials reset. NVIDIA reset the credentials of an undisclosed number of
employees’ accounts after an unauthorized intrusion into the company’s network
occurred October 8 and was detected in early December. Security improvements
were implemented to prevent future intrusions. Source: http://news.softpedia.com/news/Security-Breach-At-NVIDIA-Triggers-Employee-Credentials-Reset-468183.shtml
26. December
22, Softpedia – (International) Tor exit node cluster shut down. The
operator of a large Tor exit node cluster stated that his exit node cluster was
tampered with and activity terminated December 21, and warned users not to use
the affected exit nodes if they reappear online until an investigation is
completed. Source: http://news.softpedia.com/news/Tor-Exit-Node-Cluster-Shut-Down-468160.shtml
Communications Sector
Nothing to report