Complete DHS Report for
September 8, 2015
Daily Report
Top Stories
• The U.S.
Attorney’s office for the Eastern District of Pennsylvania announced charges
against 3 individuals accused of allegedly orchestrating a $54.5 million Ponzi
scheme for an alternative energy company September 3. – The Hill
3. September
3, The Hill – (Pennsylvania) Feds charge 3 in alleged green energy Ponzi
scheme. The U.S. Attorney’s office for the Eastern District of Pennsylvania
announced charges against 3 individuals accused of orchestrating a $54.5
million Ponzi scheme for an alternative energy company September 3. The
suspects were charged with wire fraud, securities fraud and conspiracy to
commit both in connection with Mantria Corp., a company which defrauded over
300 investors with false promises of sustainable and clean energy products. Source: http://thehill.com/policy/energy-environment/252658-feds-charge-3-in-alleged-green-energy-ponzi-scheme
• A former
Wellington man was convicted September 3 on 15 Federal mail fraud charges for
allegedly soliciting dozens of investors for about $55 million that would
purportedly be invested in oil in the Middle East. – South Florida
Sun-Sentinel See item 8 below in the Financial Services Sector
• Approximately
1,901 first responders in Fresno, California, reached 25-percent containment of
the 81,549-acre Rough Fire September 3. – KFSN 30 Fresno
19. September
3, KFSN 30 Fresno – (California) Rough Fire crews work to protect trees, cabins,
and historic monuments. Approximately 1,901 first responders in Fresno
reached 25-percent containment of the 81,549-acre Rough Fire September 3, and
were working to protect Converse Basin, the Buck Rock area, and Cedar Grove,
along with their
cabins, landmarks, and historical monuments. Source: http://abc30.com/news/rough-fire-crews-work-to-protect-trees-cabins-and-historic-monuments/968160/
• Sacramento City College was placed on
lockdown for two hours and classes were canceled for the remainder of the day
September 3, after one person was killed and two others injured by a gunman who
shot the victims following a verbal dispute. – Associated Press
21. September
4, Associated Press – (California) Gunman sought in Sacramento college shooting; 1
dead 2 injured. Sacramento City College was placed on lockdown for two
hours and classes were canceled for the remainder of the day September 3 after
one person was killed and two others injured by a gunman who shot the victims
following a verbal dispute. Authorities continued to search for the suspect. Source:
http://abc7chicago.com/news/gunman-sought-in-sacramento-college-shooting;-1-dead-2-injured/969225/
Financial Services Sector
7. September
3, Krebs on Security – (International) More ATM “Insert Skimmer” innovations. U.S.
and European security researchers reported recent trends in ATM skimming,
including devices being planted via a hidden “insert skimmer” placed through
the ATM’s card reader, “wiretapping attacks” in which devices are installed via
holes drilled near the card reader entry throat, and the use of solid
explosives to blow open cash machines in 11 countries. Source: http://krebsonsecurity.com/2015/09/more-atm-insert-skimmer-innovations/
8. September
3, South Florida Sun-Sentinel – (National) Socialite found
guilty of mail fraud got $55M from victims, Feds say. A former Wellington
man was convicted September 3 on 15 Federal mail fraud charges for allegedly
soliciting dozens of investors for about $55 million that would purportedly be
invested in oil in the Middle East, which he instead used to finance his
lifestyle. The suspect was previously ordered to pay $112 million in damages
and civilian penalties for selling fake investments. Source: http://www.sun-sentinel.com/local/palm-beach/fl-joseph-zada-guilty-verdict-20150903-story.html
9. September
3, Orange County Register – (National) Counterfeit crimes in Seal
Beach found to be part of nationwide scheme. U.S. Secret Service and
California police authorities arrested 8 suspected gang members in Seal Beach
September 3 in connection to a national counterfeiting scheme in which
perpetrators allegedly used fake bills for over 4,200 transactions totaling
$100,000 nationwide since 2013. The source of the counterfeiting is under
investigation. Source: http://www.ocregister.com/articles/beach-680986-bills-seal.html
Information Technology Sector
26. September
4, Securityweek – (International) Cisco patches flaw in data center management
products. Cisco released software updates addressing a remotely exploitable
JavaServer Pages (JSP) vulnerability in the company’s UCS Director and
Integrated Management Controller (IMC) Supervisor products which could allow an
unauthenticated attacker to use specially crafted HyperText Transfer Protocol
(HTTP) requests to overwrite arbitrary files, resulting in instability or a
denial-of-service (DoS) condition. Source: http://www.securityweek.com/cisco-patches-flaw-data-center-management-products
27. September
4, Securityweek – (International) Flaws in OrientDB expose databases to remote
attacks. The Computer Emergency Readiness Team (CERT) published an advisory
warning of three vulnerabilities in OrientDB’s Community Edition, including a
cross-site request forgery (CSRF) affecting the Web administration interface in
which an attacker could perform actions with user privileges, an insufficient
random value issue that could allow an attacker to gain administrative
privileges to the database, and an improper input validation that could allow
an attacker to create specially crafted pages to launch clickjacking attacks. Source:
http://www.securityweek.com/flaws-orientdb-expose-databases-remote-attacks
28. September
4, Softpedia – (International) FortiClient antivirus fixes system-level
privilege escalation bug. FortiClient antivirus client developers released
an update addressing a privilege escalation bug in the software that could have
allowed an attacker who had previously infected the system to gain unauthorized
access to system-level privileges. Source: http://news.softpedia.com/news/forticlient-antivirus-fixes-system-level-privilege-escalation-bug-490935.shtml
For another
story, see item 16 below from the Healthcare and Public Health
Sector
16. September
4, SC Magazine – (National) Encrypted medical databases shown to leak
information. Researchers from Microsoft reported findings revealing that
databases used to storage electronic medical records are prone to information
leakage despite being encrypted, and that they were able to find data such as
sex, race, age and admission information from real patient records from 200
hospitals in the U.S via frequency analysis, Ip-optimization, and sorting and
cumulative attacks Source: http://www.scmagazineuk.com/encrypted-medical-databases-shown-to-leak-information/article/436892/
Communications Sector
Nothing to report