Friday, October 9, 2015



Complete DHS Report for October 9, 2015

Daily Report                                            

Top Stories

   Three Blackstone Group private equity fund advisers agreed to pay $38.8 million October 7 to resolve allegations that they failed to disclose benefits they obtained via various fees. – U.S. Securities and Exchange Commission See item 4 below in the Financial Services Sector

 North Carolina officials reported that the cause of a 500,000 gallon wastewater spill into the Carolina Shores was due to flooding of collection systems following heavy storms in the area. – WWAY 3 Wilmington

14. October 7, WWAY 3 Wilmington – (North Carolina) Rain blamed for 500,000-gallon wastewater spill. Brunswick County officials reported that the cause of a 500,000 gallon wastewater spill into the Carolina Shores from the equalization basin at the Carolina Shores Wastewater Treatment Plant was due to flooding of collection systems following heavy storms in the area. The discharge began October 2 and continued through October 5 and likely reached receiving waters designated as an unnamed tributary to Persimmon Swam in the Lumber River Basin. Source: http://www.wwaytv3.com/2015/10/07/rain-blamed-for-500000-gallon-wastewater-spill/

 An injunction was granted October 7 against QLasers PMA and 2035 PMA prohibiting the manufacturing and distribution of “QLaser” devices after the devices were being distributed without Federal approval. – U.S. Food and Drug Administration

15. October 7, U.S. Food and Drug Administration – (South Dakota) Federal judge issues permanent injunction against South Dakota laser manufacturer. The U.S. Food and Drug Administration (FDA) was granted a permanent injunction October 7 against 2035 Inc., doing business as QLasers PMA and 2035 PMA, and its owner prohibiting the manufacturing and distribution of “QLaser” devices after authorities accused the company of promoting the devices with false and misleading claims that they treat cardiac arrest, cancer, HIV/AIDS, and several other diseases and disorders. The FDA stated that the devices were being distributed without its approval and that the company can reinstate manufacturing and distribution of the devices once it gains premarket approval or clearance. Source: http://www.fda.gov/NewsEvents/Newsroom/PressAnnouncements/ucm466044.htm

 A suspect was caught several hours after crashing a stolen car near Fort Meade in Maryland October 8, forcing the closure of six schools and a reduction of operations at Fort Meade. – WUSA 9 Washington, D.C.

18. October 8, WUSA 9 Washington, D.C. – (Maryland) Carjacking suspect who crashed near Ft. Meade caught. Authorities caught a carjacking suspect several hours after the suspect crashed a stolen car near Fort Meade’s Rochenbach Gate in Anne Arundel County October 8, forcing the closure of 6 schools and the reduction of operations at Fort Meade.Source: http://www.wusa9.com/story/news/local/maryland/2015/10/07/carjacking-suspect-sought-after-car-crashes-near-ft-meade/73558442/

Financial Services Sector

3. October 8, CNET – (International) Samsung says customer payment data not affected by hack attack. Samsung released a statement October 8 reassuring customers that no payment data was at risk following a March hacking incident involving LoopPay, a company that Samsung acquired to set up Samsung Pay. The attack reportedly only targeted LoopPay’s office network handling email, file sharing, and printing, and was possibly intended to steal the magnetic strip technology that the company developed. Source: http://www.cnet.com/news/samsung-says-customer-payment-data-not-affected-by-hack-attack/

4. October 7, U.S. Securities and Exchange Commission – (National) Blackstone charged with disclosure failures. The U.S. Securities and Exchange Commission announced October 7 that 3 Blackstone Group private equity fund advisers agreed to pay $38.8 million to resolve allegations that the advisers failed to disclose the benefits they obtained via accelerated monitoring fees and legal fee discounts. The company will distribute $28.8 million to affected fund investors. Source: http://www.sec.gov/news/pressrelease/2015-235.html

5. October 7, Denver Post – (Colorado) US Capital partner barred from securities work, ordered to repay $10M. Colorado State securities regulators announced October 7 that a former US Capital partner was permanently banned from the securities industry and will pay $10.3 million after an investigation found that the company allegedly offered real-estate purchase loans to typically ineligible commercial borrowers by obtaining investments from individuals who were promised interest, when in reality the company used the funds as loans for at least 10 other companies that they owned. Source: http://www.denverpost.com/business/ci_28935273/us-capital-partner-barred-from-securities-work-ordered

6. October 7, WTVJ 6 Miami – (Florida) Illegal credit card manufacturing operation uncovered in North Miami. Miami-Dade police recovered at least 200 credit cards as well as card encoding equipment in a raid on a North Miami home while serving an arrest warrant October 7. A resident of the home was identified as a convicted felon and taken into custody. Source: http://www.nbcmiami.com/news/local/Illegal-Credit-Card-Manufacturing-Operation-Uncovered-in-North-Miami-331179402.html

Information Technology Sector

22. October 8, Securityweek – (International) New collision attack lowers cost of breaking SHA1. A team of experts from Centrum Wiskunde & Informatica in Europe, Inria in France, and Singapore’s Nanyang Technological University discovered that hackers could execute a “freestart collision” attack to break the full secure hash algorithm 1 (SHA1) cryptographic hash function within 10 days for a cost of $75,000 - $120,000 using graphics cards and computing power from Amazon’s EC2 cloud. Previous research estimated that the cost to break the algorithm would be approximately $700,000 in 2015 and $173,000 in 2018. Source: http://www.securityweek.com/new-collision-attack-lowers-cost-breaking-sha1

23. October 8, Softpedia – (International) Operation Cleaver hackers return, now used LinkedIn to target victims. Security researchers from Dell’s SecureWorks Counter Threat Unit Threat Intelligence team discovered that a group that they observed building a network of fake LinkedIn user profiles to target aerospace, defense, military, chemical, energy, government, education, and telecommunications organizations worldwide, appear to be the same or affiliated the group who carried out Operation Cleaver in 2014, which targeted critical infrastructure points worldwide. Source: http://news.softpedia.com/news/operation-cleaver-hackers-return-now-use-linkedin-to-target-victims-494062.shtml

24. October 8, IDG News Service – (International) Journalist convicted of helping Anonymous hack the LA Times. A California journalist who previously worked for Reuters was convicted October 7 for his role in a conspiracy to make unauthorized changes to a computer and the transmission of malicious code on the Los Angeles Times’ Web site by passing login credentials enabling access to a content management system to an Anonymous hacking group member in December 2010. Source: http://www.computerworld.com/article/2990491/cybercrime-hacking/journalist-convicted-of-helping-anonymous-hack-the-la-times.html#tk.rss_security

25. October 7, Securityweek – (International) Developers of mysterious Wifatch malware come forward. The group behind the “benevolent” Linux.Wifatch malware that was observed infecting tens of thousands of routers, Internet Protocol (IP) cameras, and other devices with the apparent purpose of protecting them, published the Wifatch source code and revealed themselves as “The White Team,” claiming it was an altruistic project. Source: http://www.securityweek.com/developers-mysterious-wifatch-malware-come-forward

For another story, see item 3 above in the Financial Services Sector

Communications Sector

26. October 7, KSBW 8 Salinas – (California) Outage affecting 1000 residents in Big Sur. Over 1,000 residents in Big Sur were without Internet, landline, or cell phone service, including 9-1-1 capability October 6 due to a cut fiber line in Greenfield that routes to the microwave radio dish that powers Big Sur. The county of Monterey and AT&T worked to restore service, and repairs were expected to be completed by October 7. Source: http://www.ksbw.com/news/outage-affecting-1000-residents-in-big-sur/35704544

For another story, see item 23 above in the Information Technology Sector