Complete DHS Report for
October 5, 2015
Daily Report
Top Stories
• A Romanian citizen in Florida pleaded guilty
October 1 in connection to an ATM scheme where criminals installed skimming
devices and made multiple illegal withdrawals at SunTrust bank branches from
2013 – 2015. – South Florida Sun Sentinel See item 5 below in the Financial Services Sector
• A California
resident was accused October 1 of operating a worldwide pyramid scheme that
raised over $32 million by misleading investors about a non-existent initial
public offering for USFIA Inc. – U.S. Securities and Exchange Commission See item 6 below
in the Financial Services Sector
• An alleged shooter
was killed by police after the suspect killed 9 students and injured at least
10 others at Umpqua Community College in Oregon October 1. – Washington Post
12. October 2,
Washington Post – (Oregon) Oregon shooter said to have singled out Christians
for killing in ‘horrific act of cowardice.’ An alleged shooter was killed
by police following an exchange of gunfire after the shooter armed with 4 guns,
killed 9 students and injured at least 10 others after entering classrooms of
Umpqua Community College in Oregon October 1. The school was evacuated and
authorities continue to investigate the incident. Source: http://www.washingtonpost.com/news/morning-mix/wp/2015/10/02/oregon-shooter-said-to-have-singled-out-christians-for-killing-in-horrific-act-of-cowardice/
• T-Mobile announced
October 1 that the personal information of 15 million customers was compromised
after a third-party vendor was hacked between September 2013 and September
2015. – Softpedia See
item 20 below in the Communications Sector
Financial Services Sector
5. October 1,
South Florida Sun Sentinel – (National) South Florida ATM skimmer
pleads guilty, apologizes. A Romanian citizen living in south Florida who
was arrested June 1 in North Carolina pleaded guilty October 1 in connection to
an ATM-skimming scheme in which criminals installed skimming devices and made
multiple illegal withdrawals at SunTrust bank branches in Broward, Palm Beach,
and Miami-Dade counties as well as banks in Tennessee, Georgia, North and South
Carolina, Virginia, and Maryland from 2013 – 2015.
6. October 1,
U.S. Securities and Exchange Commission – (International) SEC halts $32
million scheme that promised riches from amber mining. The U.S. Securities
and Exchange Commission announced October 1 charges and asset freezes against a
California resident accused of operating a worldwide pyramid scheme via 13
California-based entities which raised over $32 million by misleading investors
about a non-existent initial public offering for USFIA Inc., and claims that
the company owned several large, valuable amber mines in Argentina and the
Dominican Republic.
For another story, see item 20 below in the Communications Sector
Information Technology Sector
16. October 2,
Help Net Security – (International) Unexpectedly benevolent malware improves
security of routers, IoT devices. Security researchers from Symantec
discovered an apparently benevolent botnet scheme targeting Internet of things
(IoT)-connected devices utilizing code dubbed Wifatch that aims to protect
devices from attacks via threat updates and removal of known malware families,
among other features. Source: http://www.net-security.org/malware_news.php?id=3120
17. October 2,
Softpedia – (International) Latest Upatre trojan version targets Windows
XP users. Researchers from AppRiver reported a new spam-scareware campaign
targeting Microsoft Windows XP users with ZIP archives containing the Upatre
trojan, which primarily acts as an entry point for other infections including
Dryeza, Rovnix, Crilock, and Zeus, and shuts down when executed on a
non-Windows XP platform. Source: http://news.softpedia.com/news/latest-upatre-trojan-version-targets-windows-xp-users-493401.shtml
18. October 2,
Softpedia – (International) Stored XSS in Jetpack plugin allows attackers
to run code in the WordPress backend. Security researchers from Sucuri
discovered a persistent cross-site scripting (XSS) vulnerability in
Automattic’s Jetpack WordPress plugin versions 3.7 and lower in which an
attacker could run malicious code that would execute whenever a WordPress
administrator access the Feedback section of the admin panel, by crafting a
malicious email string that would end up in the WordPress database. The
development team released version 3.7.1 patching the XSS bug.
19. October 1,
Softpedia – (International) HTTP denial of service vulnerability found in
Node.js 4.x and io.js 3.x. Node reported the existence of a hypertext
transfer protocol (HTTP) denial-of-service (DoS) vulnerability affecting recent
Node.js and io.js platforms, and urged users to migrate back to a previous
version until a fix is released. Source: http://news.softpedia.com/news/http-denial-of-service-vulnerability-found-in-node-js-4-x-and-io-js-3-x-493363.shtml
Communications Sector
20. October 1,
Softpedia – (National) Experian hacked, data for 15 million T-Mobile
customers lost. T-Mobile announced October 1 that the names, addresses,
Social Security numbers, and birthdates of 15 million customers was compromised
after Experian, a third-party vendor that processes the company’s credit
applications, was hacked between September 2013 and September 2015. Source: http://news.softpedia.com/news/experian-hacked-data-for-15-million-t-mobile-customers-lost-493377.shtml
No comments:
Post a Comment