Complete DHS Report for April
6, 2015
Daily Report
Top Stories
· Four
suspects were charged April 2 for their roles in a Uganda-based international
scheme in which they allegedly manufactured, advertised, bought, and sold over
$1.4 million in counterfeit U.S. Federal Reserve Notes worldwide. – U.S.
Department of Justice See item 8
below in the Financial Services Sector
· Firefighters
battled multiple equipment fires at the Vita Line pet food processing plant in
Hazle Township, Pennsylvania, for about 25 hours March 31-April 1. – Pottsville
Republican & Herald
16. April
2, Pottsville Republican & Herald – (Pennsylvania) Crews
contain silo fire after 25 hour fight. Firefighters battled multiple
equipment fires at the Vita Line pet food processing plant in Hazle Township
for about 25 hours March 31-April 1, including a fire in a silo and subsequent
dust explosion that prompted the examination of 23 responders. Crews disposed
of about 90 tons of powdered dog food that was held in the silo, while
authorities continued to investigate the incident. Source: http://republicanherald.com/news/crews-contain-silo-fire-after-25-hour-fight-1.1856960
· The
North Carolina Board of Pharmacy ordered the closure of Fayetteville’s
Prescription Center Pharmacy April 1 in addition to recalling all lots of
non-sterile and sterile products compounded, repackaged, and distributed
between September 10, 2014 and March 10, 2015. – U.S. Food and Drug
Administration
21. April
3, U.S. Food and Drug Administration – (International) The North
Carolina Board of Pharmacy has ordered a recall for all lots of non-sterile and
sterile products compounded, repackaged and distributed by Prescription Center
Pharmacy located at 915 Hay Street, Fayetteville, NC, between September 10,
2014, and March 10, 2015. The North Carolina Board of Pharmacy ordered the
closure of Fayetteville’s Prescription Center Pharmacy April 1 in addition to
recalling all lots of non-sterile and sterile products compounded, repackaged,
and distributed by the company between September 10, 2014 and March 10, 2015
due to the pharmacy’s failure to ensure sterility, stability, and potency for
the products. The compounded products were distributed to all 50 States as well
as Canada. Source: http://www.fda.gov/Safety/Recalls/ucm441046.htm
· Up to
136 residents were evacuated from the Guardian Court Apartments complex in
Okolona, Kentucky, April 3 after more than 7 inches of rain fell and caused
flash flooding. – WDRB 41 Louisville
31. April 3, WDRB 41 Louisville – (Kentucky) Dozens
of residents forced to evacuate Okolona apartment complex. Up to 136
residents were evacuated from the Guardian Court Apartments complex in Okolona,
Kentucky, April 3 after more than 7 inches of rain fell and caused flash
flooding. Source: http://www.wdrb.com/story/28714170/dozens-of-residents-forced-to-evacuate-okolona-apartment-complex
Financial Services Sector
7. April 2,
Associated Press – (Massachusetts) Auto loan company founders accused of $11M
fraud. The two founders of now-defunct Iofin Inc., in Rockland were charged
with mail fraud, wire fraud, and conspiracy April 2 for allegedly defrauding
investors out of over $11 million by luring them to roll their retirement plans
into investment accounts to fund company operations from 1998 – 2011, despite
lacking government approval to oversee retirement funds. Almost all of the
investors’ funds were lost when the company went bankrupt. Source: http://www.wggb.com/2015/04/02/auto-loan-company-founders-accused-of-11m-fraud/
8. April 2,
U.S. Department of Justice – (International) Four charged in
international Uganda-based cyber counterfeiting scheme. Four suspects were
indicted April 2 on charges relating to their roles in a Uganda-based
international conspiracy in which they allegedly manufactured, advertised,
bought, and sold over $1.4 million in counterfeit U.S. Federal Reserve Notes
worldwide via “dark Web” criminal online forums that they created from 2013 –
2014. Source: http://www.justice.gov/opa/pr/four-charged-international-uganda-based-cyber-counterfeiting-scheme
For another
story, see item 29 below in the Information Technology Sector
Information Technology Sector
27. April 3,
Help Net Security – (International) Mozilla revokes trust for CNNIC certificates.
A spokesperson at Mozilla announced that the company will no longer allow
its products to recognize digital certificates issued by the China Internet
Network Information Center (CNNIC), following an incident during the week of
March 23 in which an intermediate certificate authority (CA) operating under
CNNIC issued a number of unauthorized digital certificates for Google domains.
The company will alask CNNIC to provide a list of current valid certificates to
make public. Source: http://www.net-security.org/secworld.php?id=18168
28. April 2,
Securityweek – (International) DoS vulnerabilities patched in Cisco Unity
Connection. Cisco patched several vulnerabilities in its Unity Connection
in which attackers could have caused denial-of-service (DoS) conditions on
systems configurewith Session Initiation Protocol (SIP) trunk integration by
exploiting flaws in the Connection Conversation Manager (CuCsMgr), a flaw in
the handling of abnormallyterminated SIP conversations, and a resource
allocation flaw that can allow attackersblock all SIP connection lines. Source:
http://www.securityweek.com/dos-vulnerabilities-patched-cisco-unity-connection
29. April 2,
Reuters – (International) IBM uncovers new, sophisticated bank transfer
cyber scam. Security researchers at IBM discovered a sophisticated fraud
scheme dubbed “The Dyre Wolf” in which cybercriminals infect users’ systems
with the Dyrmalware to trick individuals into initiating large wire transfers
with criminals posing bank employees over the phone, before moving the funds
from bank to bank and usidenial-of-service (DoS) attacks to avoid detection.
The scheme has caused losses of over $1 million from multiple large- and
medium-sized companies in the U.S. Source: http://www.reuters.com/article/2015/04/02/us-cyberattack-ibm-idUSKBN0MT28Z20150402
30. April 1,
U.S. Department of Justice – (International) Fourth member of
internationcomputer hacking ring pleads guilty to hacking and intellectual
property theft conspiracy. An Indiana man pleaded guilty to charges
surrounding his role in an international hacking ring that gained unauthorized
access to computer networks of companies including Microsoft Corp., Epic Games
Inc., Valve Corporation and ZomStudios, and stole unreleased software, source
code, trade secrets, copyrighted worksand financial and other sensitive
information. The hacker admitted to transmitting approximately 11,266 log-in credentials
from one company, and total losses from thscheme were estimated to range from
$100 – $200 million. Source: http://www.fbi.gov/baltimore/press-releases/2015/fourth-member-of-international-computer-hacking-ring-pleads-guilty-to-hacking-and-intellectual-property-theft-conspiracy
Communications Sector
See item 20 below from the Healthcare and Public
Health Sector
20. April 3, Colorado Springs Gazette – (Denver) Denver VA
blames TV station for data breach. The Department of Veterans Affairs (VA) in
Denver notified 508 patients April 3 that their names and partial Social
Security numbers were contained in a document leaked to a television station
that listed veterans’ appointments with VA’s Denver health care facilities. The
VA is investigating the unauthorized disclosure. Source:
http://gazette.com/denver-va-blames-tv-station-for-data-breach/article/1549014