Monday, April 13, 2015



Complete DHS Report for April 13, 2015

Daily Report

Top Stories

  · A $1.6 billion penalty was issued to Pacific Gas & Electric Company April 9 for a 2010 fatal gas-pipeline explosion in California that killed 8 people and destroyed a neighborhood. – San Jose Mercury News

1. April 10, San Jose Mercury News – (California) PG&E slapped with record $1.6 billion penalty for fatal San Bruno explosion. The California Public Utilities Commission announced April 9 that it issued a $1.6 billion penalty to Pacific Gas & Electric Company for a 2010 fatal gas-pipeline explosion in San Bruno that killed 8 people and destroyed a neighborhood. Source: http://www.mercurynews.com/business/ci_27880159/san-bruno-pg-e-faces-record-penalty-punishment

 · The former controller of Illinois-based Molex Japan Co. Ltd., was charged April 9 after he allegedly caused the company $201.9 million in net losses through unauthorized equity trading. – U.S. Securities and Exchange Commission See item 5 below in the Financial Services Sector

 · Law enforcement organizations and private security companies worked to disrupt the Changeup worm botnet and sinkhole its command-and-control (C&C) servers after the worm leveraged a LNK vulnerability in Windows, infecting 30,000 systems in early 2015. – Softpedia See item 25 below in the Information Technology Sector

 · Severe storms April 8-9 damaged about 15 buildings in the St. Louis area, and caused damage to about 50 structures in Fairdale, Illinois. – St. Louis Post-Dispatch

30. April 10, St. Louis Post-Dispatch – (Missouri; Illinois) Storms damage about 15 buildings in Chesterfield near airport, flood Madison County roads. Severe storms passing through the St. Louis area April 8-9 damaged about 15 buildings in a light industrial business area in Chesterfield, and knocked out power to about 26,000 customers. The storm also killed 1 person and injured 7 others while causing damage to approximately 50 structures in Fairdale, Illinois. Source: http://www.stltoday.com/news/local/crime-and-courts/storms-damage-buildings-in-chesterfield-near-airport-flood-madison-county/article_6de323a5-face-551a-a1f7-d044e185e6bd.html

Financial Services Sector

5. April 9, U.S. Securities and Exchange Commission – (International) SEC announces fraud charges against former accounting executive at Japanese subsidiary. The U.S. Securities and Exchange Commission charged the former controller of Lisle-based Molex Japan Co. Ltd., a Japanese subsidiary of Molex Incorporated, with fraud April 9 after he allegedly caused the company $201.9 million in net losses through unauthorized equity trading in the company’s brokerage accounts, which he tried to conceal by falsifying records and taking out unauthorized loans with Japanese banks and brokerage firms to replenish the funds and engage in further trading. Source: http://www.sec.gov/news/pressrelease/2015-65.html

6. April 9, U.S. Securities and Exchange Commission – (Florida; New York) SEC halts microcap scheme in South Florida. The U.S. Securities and Exchange Commission announced fraud charges and an asset freeze April 9 against the CEO and 3 sales agents of Boca Raton-based eCareer Holdings, Inc., in a microcap scheme in which they allegedly defrauded over 400 investors out of more than $11 million since 2010 by selling unregistered stock shares in the company, falsely advertising the shares as a profitable investment, and concealing the exorbitant fees being paid to the sales agents. Source: http://www.sec.gov/news/pressrelease/2015-63.html

7. April 8, CBS News – (National) Federal agency sues collectors of “phantom debt”. The Consumer Financial Protection Bureau unsealed a March 26 lawsuit April 9 against two Georgia men, co-conspirators, and 7 debt collection companies following allegations that the firms used cold calls to convince millions of consumers to pay debts they did not owe through tactics that involved purchasing personal information such as bank account numbers from data brokers. A telemarketing company and several payment processing companies were also charged in the scheme. Source: http://www.cbsnews.com/news/federal-agency-sues-collectors-of-phantom-debt/

Information Technology Sector

24. April 10, Softpedia – (International) OS X 10.9.x and older vulnerable to hidden backdoor API. A Swedish security researcher discovered a hidden backdoor application programming interface (API) present in the Admin framework of Apple OS X versions prior to 10.10.2 that could grant attackers root access to users with both admin and regular user accounts. Apple patched the issue in its release of OS X 10.10.3 Source: http://news.softpedia.com/news/OS-X-10-9-x-and-Older-Vulnerable-to-Hidden-Backdoor-API-478136.shtml

25. April 10, Softpedia – (International) United States, South Africa most affected by Changeup worm. A task force of European and American law enforcement organizations and private security companies including Intel, Kaspersky, and Shadowserver took action to disrupt the Changeup worm botnet and sinkhole its command-and-control (C&C) servers. The worm morphed every few hours and leveraged a LNK vulnerability in Windows to infect approximately 30,000 systems in early 2015, and downloaded other pieces of malware including banking trojans, click-fraud programs, crypto-malware and other botnet threats. Source: http://news.softpedia.com/news/United-States-South-Africa-Most-Affected-By-Changeup-Worm-478175.shtml

26. April 9, Softpedia – (International) Multiple flaws found in Motorola’s Surfboard SBG6580 cable modem. Security researchers at Rapid7 discovered vulnerabilities in Motorola Home/ARRIS Surfboard SBG6580 series cable modems including a backdoor account with hardcoded credentials and persistent cross-site scripting (XSS) and cross-site request forgery (CSRF) flaws that could allow attackers that know the internal gateway internet protocol (IP) address to access the device remotely, change network settings, and inject malicious JavaScript (JS) code. Source: http://news.softpedia.com/news/Multiple-Flaws-Found-in-Motorola-s-Surfboard-SBG6580-Cable-Modem-478071.shtml

27. April 9, Softpedia – (International) Cisco threat defense tool vulnerable to DoS attack. Cisco released a security advisory that a flaw in the company’s ASA FirePOWER and Context Aware (CX) Services can be exploited to allow attackers to cause denial-of-service (DoS) conditions by sending a high rate of crafted packets to the services’ management interface. Cisco released updates for the products addressing the issues as well as three additional related glitches. Source: http://news.softpedia.com/news/Cisco-Threat-Defense-Tool-Vulnerable-to-DoS-Attack-478082.shtml

28. April 9, Softpedia – (International) Group uses over 300,000 unique passwords in SSH log-in brute-force attacks. Security researchers from Cisco Talos Group and Level 3 Communications collaborated to monitor and take down netblocks being used by a group of cybercriminals dubbed SSHPsychos to run large amounts of scamming traffic, utilizing a dictionary to find root user log-in credentials and install distributed denial-of-service (DDoS) rootkits that add compromised systems to a persistent DDoS botnet. Source: http://news.softpedia.com/news/Group-Uses-Over-300-000-Unique-Passwords-in-SSH-Log-In-Brute-Force-Attacks-478094.shtml

Communications Sector

29. April 9, KIRO 7 Seattle – (Washington) Comcast service restored to 33,000 customers. Internet, phone, and cable service was restored to about 33,000 Comcast customers in the Seattle area after a damaged fiber optic line knocked out service for several hours April 9. Customers who could not access 9-1-1 emergency services from a landline were advised to call from a mobile phone in case of an emergency. Source: http://www.kirotv.com/news/news/comcast-customers-report-outages-seattle/nkqfx/