Monday, November 30, 2015



Complete DHS Report for November 30, 2015

Daily Report                                            

Top Stories

• Two suspects were arrested November 24 after allegedly stealing nearly 1,000 pounds of copper wire from solar panels on land belonging to Mike Jackson Farms in California, causing an estimated $1 million in damage. – Hanford Sentinel

November 25, Hanford Sentinel – (California) Alleged copper theft conspiracy broken up in Kettleman City. Two suspects were arrested November 24 for their involvement in an alleged scheme to steal nearly 1,000 pounds of copper wire from solar panels on 4 installations November 17 – 18 on land belonging to Mike Jackson Farms in Kettleman City. The total amount of damage to the solar panels was an estimated $1 million.  Source: http://hanfordsentinel.com/news/local/alleged-copper-theft-conspiracy-broken-up-in-kettleman-city/article_6206497c-a7f1-56f2-8c61-fd2a165ceb07.html

• A Florida man was arrested November 25 for allegedly creating more than $1 million worth of counterfeit credit cards after authorities found nearly 103 advanced counterfeit cloned credit cards in the man’s car. – WBBH 20 Fort Myers See item 2 below in the Financial Services Sector

• Taylor Farms Pacific, Inc., issued a recall November 26 for numerous products containing celery after testing found that a Celery and Onion blend was contaminated with E. coli bacteria. – U.S. Food and Drug Administration

13. November 26, U.S. Food and Drug Administration – (National) Taylor Farms Pacific, Inc. recalls celery products because of possible health risk. Tracy, California-based Taylor Farms Pacific, Inc., issued a recall November 26 for numerous products containing celery distributed to different stores nationwide after testing by the Montana State Department of Health found that a Celery and Onion blend was contaminated with E. coli bacteria. Authorities confirmed that the tainted celery was used in Costco Wholesale Corporation’s chicken salad products that were recalled November 23 due to an E. coli outbreak. Source: http://www.fda.gov/Safety/Recalls/ucm474601.htm


• A 2-alarm fire at A&H Industries in Pennsylvania caused approximately $3 million in damages, halted railroad traffic for 3 hours, and prompted fire crews to remain on site for several hours containing the incident November 25. – Lebanon Daily News

24. November 25, Lebanon Daily News – (Pennsylvania) Two-alarm fire damages Myerstown business. A 2-alarm fire at A&H Industries in Myerstown, Pennsylvania, caused approximately $3 million in damages, halted railroad traffic for 3 hours, and prompted fire crews to remain on site for several hours containing the incident November 25. No injuries were reported and the cause of the fire is unknown. Source: https://insurancenewsnet.com/oarticle/2015/11/26/two-alarm-fire-damages-myerstown-business.html

Financial Services Sector

2. November 26, WBBH 20 Fort Myers – (Florida) ID thief with over $1M in fake credit cards busted by LCSO. A Florida man was arrested November 25 for allegedly creating more than $1 million worth of counterfeit credit cards after Lee County Sheriff’s Office found nearly 103 advanced counterfeit cloned credit cards in the man’s car during a traffic stop violation. Officials believe the man allegedly used credit card skimmers to access cardholder information and create the cards. Source: http://www.nbc-2.com/story/30611672/lcso-id-thief-with-over-1m-in-fake-credit-cards-busted

3. November 25, Whitley Republican News Journal – (Kentucky) Former local car lot owner accused of scheme to defraud banks. The former owner of Myers Chevrolet-Oldsmobile-Cadillac Inc., Tri-County Cycles LLC, and Check Properties, LLC in Knox County was indicted November 19 for allegedly defrauding 2 banks of more than $1.4 million by writing or causing the writing of 567 fraudulent checks between October – November 2008 to float money and loans between his various businesses. Source: http://www.thenewsjournal.net/details/9447/sitemap.cfm#comments

4. November 24, U.S. Department of the Treasury – (International) Treasury targets criminal network of fugitive Mexican drug lord. Officials from the U.S. Department of the Treasury reported November 24 that 2 Mexican nationals were charged with drug trafficking and money laundering for the Sinaloa Cartel in Mexico after an investigation revealed the two men were part of the Sinaloa Cartel organization. The suspects’ assets were frozen and U.S. citizens were prohibited from conducting business with them. Source: https://www.treasury.gov/press-center/press-releases/Pages/jl0285.aspx

Information Technology Sector

20. November 27, Softpedia – (International) VPN vulnerability “Port Fail” reveals user’s real IP address. Network security experts from Perfect Privacy discovered a vulnerability in virtual private network (VPN) providers’ internal routing table and port forwarding settings, which can allow an attacker to learn a victim’s real Internet Protocol (IP) address by directing victims to access a resource (image embedded on a site) hosted on the same VPN server. Source: http://news.softpedia.com/news/vpn-vulnerability-port-fail-reveals-user-s-real-ip-address-496808.shtml

21. November 26, Securityweek – (International) CryptoWall 4.0 spreading via Nuclear exploit kit. Security researchers from Rackspace discovered that the BizCNgate actor has been disseminating the CryptoWall 4.0 ransomware through the Nuclear exploit kit (EK) via newly developed Internet Protocol (IP) addresses to allow the EK to exploit a flash vulnerability on Web sites and successfully infect Microsoft Windows hosts. The updated threat encrypts file names, prevents victims from recognizing them, and features an updated ransom note, in addition to encrypting the content of files on infected machines. Source: http://www.securityweek.com/cryptowall-40-spreading-nuclear-exploit-kit

Communications Sector

Nothing to report

Friday, November 27, 2015



Complete DHS Report for November 27, 2015

Daily Report                                            

Top Stories

• A former Florida U.S. Postal Service employee was charged November 23 after he allegedly stole at least $2.1 million from residents, co-workers, and acquaintances in a fake gold and diamond investment opportunity in Africa. – WPLG 10 Miami

12. November 24, WPLG 10 Miami – (Florida) Former postal employee arrested in alleged investment scam. A former Florida U.S. Postal Service employee was arrested and charged November 23 after he allegedly stole at least $2.1 million from residents on his mail route, co-workers, and acquaintances in a fake gold and diamond investment opportunity in Africa, where he promised victims that their investments would double and guaranteed certain investors millions of dollars in returns. The suspect also persuaded victims to invest in a fraudulent infrastructure project in Africa, and instead used the money for personal expenses. Source: http://www.local10.com/news/former-postal-employee-arrested-in-alleged-investment-scam/36637100

• Five people were charged November 24 in connection to a kickback scheme that resulted in $580 million worth of fraudulent billing to the government and insurance companies for patient referrals to 2 southern California hospitals. – Associated Press

16. November 24, Associated Press – (California; Nevada) 5 charged with $580 million southern California medical kickback scheme. Officials announced November 24 that 5 people, including a former hospital executive and 2 surgeons, were charged in connection to a kickback scheme that resulted in $580 million worth of fraudulent billing to the government and insurance companies. Two defendants pleaded guilty and two others agreed to plead guilty in connection to the scam which involved paying dozens of medical professions tens of millions of dollars to refer patients to Pacific Hospital of Long Beach and Tri-City Regional Medical Center in southern California for spinal surgeries. Source: http://www.startribune.com/5-charged-in-580m-southern-california-kickback-scheme/353295921/

• Nine Florida Department of Corrections employees were among 50 individuals arrested the week of November 23 for their roles in a scheme that distributed prescription pain medication to prisons in the State. – Florida Times-Union

18. November 25, Florida Times-Union – (Florida) 50 arrested in prison painkiller sting. The Bradford County Sheriff’s Office announced that 9 Florida Department of Corrections (FDOC) employees were among 50 individuals arrested the week of November 23 for their roles in a scheme that distributed the prescription pain medication, Oxycodone, to prisons in the State after FDOC workers obtained the narcotics through suppliers and individuals with legitimate prescriptions. Source: http://jacksonville.com/news/crime/2015-11-24/story/50-arrested-prison-painkiller-sting

• Four men were arrested November 24 for allegedly slashing an inflatable dam in Fremont, California, May 21, allowing the release of 50 million gallons of water into Alameda Creek. – KPIX 5 San Francisco; Associated Press

23. November 24, KPIX 5 San Francisco; Associated Press – (California) Four arrested for triggering 50-million gallon Fremont water spill. Four men were arrested November 24 for allegedly slashing an inflatable creek dam in Fremont May 21, allowing the release of 50 million gallons of water into Alameda Creek and causing an estimated $1 million in damage to the dam. Source: http://sanfrancisco.cbslocal.com/2015/11/24/four-arrested-for-triggering-50-million-gallon-fremont-water-spill/

Financial Services Sector

5. November 25, Softpedia – (International) Researcher creates gadget that bypasses credit card chip&PIN safeguards. A researcher created MagSpoof, a device that can accurately read and predict credit card numbers and bypass chip&PIN (CnP) safeguards by using information stored inside the magstripe (magnetic strip), which can be extracted. Data is removed and fed to MagSpoof allowing hackers to make financial transactions by placing the device near point-of-sale (PoS) systems. Source: http://news.softpedia.com/news/researcher-creates-gadget-that-bypasses-credit-card-chip-pin-safeguards-496697.shtml

6. November 24, U.S. Department of Justice – (International) Former California attorney pleads guilty in international investment fraud scheme. A Las Vegas man pleaded guilty in Federal court November 24 for his role in a nearly $5 million investment fraud scheme in which investors were told that with an up-front payment, a Swiss company called Malom Group A.G. would grant them access to international investment opportunities and cash loans. The man also illegally presented himself as an attorney to investors after losing his license to practice law. Source: https://www.fbi.gov/lasvegas/press-releases/2015/former-california-attorney-pleads-guilty-in-international-investment-fraud-scheme

7. November 24, KDKA 2 Pittsburgh – (Pennsylvania) Millionaire’s secretary pleads guilty to fraud charge. A former secretary of a businessman in Pittsburgh pleaded guilty November 24 to defrauding the U.S. Internal Revenue Service out of $4 million in taxes by claiming that about $20 million of her employer’s personal expenses were business expenses including the construction of a mansion, the purchase of numerous exotic cars, and by designating staff payroll as business expenses. Source: http://pittsburgh.cbslocal.com/2015/11/24/millionaires-secretary-pleads-guilty-to-fraud-charge/

8. November 24, KCNC 4 Denver – (Colorado) 2nd violent bank robbery suspect arrested, search continues for 3rd. Police offered a $10,000 reward November 24 for information leading to the arrest of a third suspect charged in a series of crimes including a robbery at 1st Bank in Lakewood where 3 suspects entered the bank November 18 wearing masks and made off with about $50,000 before shooting and injuring at least 2 people during their getaway. Authorities arrested two out of the three suspects who are also believed to be tied to a September bank robbery in Lakewood. Source: http://denver.cbslocal.com/2015/11/24/1-of-2-suspects-identified-in-bank-robbery-crime-spree/

For another story, see item 12 above in Top Stories

Information Technology Sector

19. November 25, Securityweek – (International) Reuse of Cryptographic keys exposes millions of IoT: study. Researchers from SEC Consult released a report identifying that millions of Internet-of-Things (IoT) devices use the same cryptographic keys hardcoded into the firmware, including secure shell (SSH) host keys and X.509 certificates used for Hypertext Transfer Protocol Secure (HTTPS), that may allow attackers to obtain sensitive information by connecting to a victim’s network and leveraging the keys to launch impersonations, man-in-the-middle (MitM) attacks, and passive decryption attacks. Source: http://www.securityweek.com/reuse-cryptographic-keys-exposes-millions-iot-devices-study

20. November 24, Wall Street Journal – (International) U.S. fines tech firm $1.5 million over sanctions violations. Campbell, California-based Barracuda Networks Inc., agreed November 24 to pay about $1.5 million to the U.S. Department of Commerce and $38,930 to the U.S. Department of the Treasury to resolve allegations that the company and its U.K. subsidiary violated U.S. sanctions and export control laws after selling Internet security products, Web-filtering products that can block or censor Internet activity, and related software subscriptions to Syria, Iran, and Sudan. Source: http://blogs.wsj.com/riskandcompliance/2015/11/24/u-s-fines-tech-firm-1-5-million-over-sanctions-violations/

21. November 23, Securityweek – (International) Malicious adware uses certificates to disable security products. Researchers from Malwarebytes detected a trojan adware, dubbed Vonteera, that blacklists13 certificates as “Untrusted Certificates” in Microsoft Window’s certificate store to prevent anti-malware products that block its infection as well as execute a new service called “appinf.exe” onto infected operating systems that modifies desktop, taskbar, and start menu shortcuts via a script designed to redirect victims to randomized Web sites. Source: http://www.securityweek.com/malicious-adware-uses-certificates-disable-security-products

Communications Sector

Nothing to report