Complete DHS Report for
July 8, 2015
Daily Report
Top Stories
· The U.S.
Securities and Exchange Commission charged San Francisco-based Luca
International Group and its chief executive officer with running a $68 million
Ponzi-like scheme targeting Chinese-American investors, July 6. – U.S.
Securities and Exchange Commission See item 4
below in the Financial Services Sector
· The
Huntsville Madison County 9-1-1 Center reported July 7 that its main phone
system and back-up system were down July 4 after a car wreck severed power
lines. – WAAY 31 Huntsville
12. July
7, WAAY 31 Huntsville – (Alabama) 9-1-1 center phone system fails
again. The Huntsville Madison County 9-1-1 Center reported July 7 that its
main phone system and back-up system were down July 4, after a car wreck
severed power lines and an uninterruptible power source malfunctioned.
Officials are working to resolve future outages. Source: http://www.waaytv.com/appnews/center-phone-system-fails-again/article_ec0592a0-2411-11e5-8ca1-efcb395ebdfb.html
· Iowa
City officials reported July 6 that a convicted armed robber escaped from the
Iowa State Penitentiary in Fort Madison after climbing to the roof and using a
makeshift rope to reach the ground. – Associated Press
14. July 6,
Associated Press – (Iowa) Inmate escapes maximum-security prison through pipes. Iowa
City officials reported July 6 that a convicted armed robber escaped from the
Iowa State Penitentiary in Fort Madison after climbing to the roof through the
facilities’ piping, and used a makeshift rope to reach the ground. The prisoner
was captured several hours later, about 100 miles from the prison. Source: http://nypost.com/2015/07/06/inmate-escapes-maximum-security-prison-through-pipes/
· A
4-alarm fire at an Upper Darby, Pennsylvania Payless Shoe Store prompted the
evacuation of several businesses and about 200 first responders to contain the
incident. – WPVI 6 Philadelphia
20. July 7, WPVI 6 Philadelphia – (Pennsylvania) Homes,
businesses evacuated due to 4-alarm Upper Darby fire. Surrounding homes and
businesses were evacuated July 6 after a 4-alarm fire began at a Payless Shoe
Store in Upper Darby, Pennsylvania, prompting 200 firefighters and emergency
workers to respond to the incident. The cause of the incident is under
investigation. Source: http://6abc.com/news/homes-businesses-evacuated-due-to-4-alarm-upper-
darby-fire/831984/
Financial Services Sector
3. July 7,
Help Net Security – (International) Hackers targeting users of Barclays, Royal
Bank of Scotland, HSBC, Lloyds Bank and Santander. Security researchers
from Bitdefender warned of a malicious phishing scheme targeting financial
users of banks worldwide, including Bank of America, Citibank, Wells Fargo, JP
Morgan Chase, and PayPal in the U.S., in which spam servers are distributing
emails directing users to download an archive containing a downloader for the
Dyreza banking trojan. The three-day campaign has so far distributed 19,000
emails worldwide. Source: http://www.net-security.org/malware_news.php?id=3070
4. July 6,
U.S. Securities and Exchange Commission – (International) SEC charges
oil company and CEO in scheme targeting Chinese-Americans and EB-5 investors. The
U.S. Securities and Exchange Commission charged San Francisco-based Luca
International Group July 6 and its chief executive officer with running a $68
million Ponzi-like scheme in which the company allegedly falsely portrayed
itself to targeted Chinese-American investors in California as well as Chinese
citizens through the EB-5 Immigrant Investor Program, and diverted investor
funds to personal uses and profit repayments. Source: http://www.sec.gov/news/pressrelease/2015-141.html
Information Technology Sector
15. July 7, Help Net Security – (International) Flaw
allows hijacking of professional surveillance AirLive cameras. Engineers
from Core Security discovered vulnerabilities in AirLive’s surveillance cameras
in which an attacker could invoke computer-generated imagery (CGI) files
without authentication or utilize backdoor accounts to execute arbitrary
operating system commands, possibly allowing the attacker to see camera’s
transmission stream and compromise network devices. Source: http://www.net-security.org/secworld.php?id=18597
16. July 6, Threatpost – (International) Fraudulent
BatteryBot Pro app yanked from Google Play. Google pulled a malicious spoof
of the Android BatteryBot Pro app from its Play service after Zscaler
researchers discovered that the app requested excessive permissions from users
in an attempt to gain full control of affected devices, supposedly to download
and install other malicious Android packages and profit from click fraud, ad
fraud, and SMS fraud. Once the app is granted admin privileges, it is
impossible to uninstall. Source: http://threatpost.com/fraudulent-batterybot-pro-app-yanked-from-google-play/113630
17. July 6, Help Net Security – (International) Old
MS Office feature can be exploited to deliver, execute malware. A
researcher reported a vulnerability in Microsoft Office in which its Object
Linking and Embedding (OLE) Packager could be leveraged to deliver malicious
executable files embedded in Office documents without triggering security
software. Source: http://www.net-security.org/secworld.php?id=18596
For another story, see
item 3 above in the Financial Services Sector
Communications Sector
For another story, see item 16 above in the Information Technology
Sector