Complete DHS Report for
October 9, 2015
Daily Report
Top Stories
• Three Blackstone
Group private equity fund advisers agreed to pay $38.8 million October 7 to
resolve allegations that they failed to disclose benefits they obtained via
various fees. – U.S. Securities and Exchange Commission See item 4 below in the Financial Services Sector
• North Carolina officials reported that the
cause of a 500,000 gallon wastewater spill into the Carolina Shores was due to
flooding of collection systems following heavy storms in the area. – WWAY 3
Wilmington
14. October
7, WWAY 3 Wilmington – (North Carolina) Rain blamed for 500,000-gallon wastewater
spill. Brunswick County officials reported that the cause of a 500,000
gallon wastewater spill into the Carolina Shores from the equalization basin at
the Carolina Shores Wastewater Treatment Plant was due to flooding of
collection systems following heavy storms in the area. The discharge began
October 2 and continued through
October 5 and likely reached receiving waters designated as an unnamed
tributary to Persimmon Swam in the Lumber River Basin. Source: http://www.wwaytv3.com/2015/10/07/rain-blamed-for-500000-gallon-wastewater-spill/
• An
injunction was granted October 7 against QLasers PMA and 2035 PMA prohibiting
the manufacturing and distribution of “QLaser” devices after the devices were
being distributed without Federal approval. – U.S. Food and Drug
Administration
15. October
7, U.S. Food and Drug Administration – (South Dakota) Federal
judge issues permanent injunction against South Dakota laser manufacturer. The
U.S. Food and Drug Administration (FDA) was granted a permanent injunction
October 7 against 2035 Inc., doing business as QLasers PMA and 2035 PMA, and
its owner prohibiting the manufacturing and distribution of “QLaser” devices
after authorities accused the company of promoting the devices with false and
misleading claims that they treat cardiac arrest, cancer, HIV/AIDS, and several
other diseases and disorders. The FDA stated that the devices were being
distributed without its approval and that the company can reinstate
manufacturing and distribution of the devices once it gains premarket approval
or clearance. Source:
http://www.fda.gov/NewsEvents/Newsroom/PressAnnouncements/ucm466044.htm
• A
suspect was caught several hours after crashing a stolen car near Fort Meade in
Maryland October 8, forcing the closure of six schools and a reduction of
operations at Fort Meade. – WUSA 9 Washington, D.C.
18. October
8, WUSA 9 Washington, D.C. – (Maryland) Carjacking suspect who
crashed near Ft. Meade caught. Authorities caught a carjacking suspect
several hours after the suspect crashed a stolen car near Fort Meade’s
Rochenbach Gate in Anne Arundel County October 8, forcing the closure of 6
schools and the reduction of operations at Fort Meade.Source: http://www.wusa9.com/story/news/local/maryland/2015/10/07/carjacking-suspect-sought-after-car-crashes-near-ft-meade/73558442/
Financial Services Sector
3. October
8, CNET – (International) Samsung says customer payment data not
affected by hack attack. Samsung released a statement October 8 reassuring
customers that no payment data was at risk following a March hacking incident
involving LoopPay, a company that Samsung acquired to set up Samsung Pay. The
attack reportedly only targeted LoopPay’s office network handling email, file
sharing, and printing, and was possibly intended to steal the magnetic strip technology
that the company developed. Source: http://www.cnet.com/news/samsung-says-customer-payment-data-not-affected-by-hack-attack/
4. October
7, U.S. Securities and Exchange Commission –
(National) Blackstone charged with disclosure failures. The U.S.
Securities and Exchange Commission announced October 7 that 3 Blackstone Group
private equity fund advisers agreed to pay $38.8 million to resolve allegations
that the advisers failed to disclose the benefits they obtained via accelerated
monitoring fees and legal fee discounts. The company will distribute $28.8
million to affected fund investors. Source: http://www.sec.gov/news/pressrelease/2015-235.html
5. October
7, Denver Post – (Colorado) US Capital partner barred from securities work,
ordered to repay $10M. Colorado State securities regulators announced
October 7 that a former US Capital partner was permanently banned from the
securities industry and will pay $10.3 million after an investigation found
that the company allegedly offered real-estate purchase loans to typically
ineligible commercial borrowers by obtaining investments from individuals who
were promised interest, when in reality the company used the funds as loans for
at least 10 other companies that they owned. Source: http://www.denverpost.com/business/ci_28935273/us-capital-partner-barred-from-securities-work-ordered
6. October
7, WTVJ 6 Miami – (Florida) Illegal credit card manufacturing operation
uncovered in North Miami. Miami-Dade police recovered at least 200 credit
cards as well as card encoding equipment in a raid on a North Miami home while
serving an arrest warrant October 7. A resident of the home was identified as a
convicted felon and taken into custody. Source: http://www.nbcmiami.com/news/local/Illegal-Credit-Card-Manufacturing-Operation-Uncovered-in-North-Miami-331179402.html
Information Technology Sector
22. October
8, Securityweek – (International) New collision attack lowers cost of breaking
SHA1. A team of experts from Centrum Wiskunde & Informatica in Europe,
Inria in France, and Singapore’s Nanyang Technological University discovered
that hackers could execute a “freestart collision” attack to break the full
secure hash algorithm 1 (SHA1) cryptographic hash function within 10 days for a
cost of $75,000 - $120,000 using graphics cards and computing power from
Amazon’s EC2 cloud. Previous research estimated that the cost to break the
algorithm would be approximately $700,000 in 2015 and $173,000 in 2018. Source: http://www.securityweek.com/new-collision-attack-lowers-cost-breaking-sha1
23. October
8, Softpedia – (International) Operation Cleaver hackers return, now used
LinkedIn to target victims. Security researchers from Dell’s SecureWorks
Counter Threat Unit Threat Intelligence team discovered that a group that they
observed building
a network of fake LinkedIn user profiles to target aerospace, defense,
military, chemical, energy, government, education, and telecommunications
organizations worldwide, appear to be the same or affiliated the group who
carried out Operation Cleaver in 2014, which targeted critical infrastructure
points worldwide. Source: http://news.softpedia.com/news/operation-cleaver-hackers-return-now-use-linkedin-to-target-victims-494062.shtml
24. October
8, IDG News Service – (International) Journalist convicted of helping Anonymous
hack the LA Times. A California journalist who previously worked for
Reuters was convicted October 7 for his role in a conspiracy to make
unauthorized changes to a computer and the transmission of malicious code on
the Los Angeles Times’ Web site by passing login credentials enabling access to
a content management system to an Anonymous hacking group member in December
2010. Source: http://www.computerworld.com/article/2990491/cybercrime-hacking/journalist-convicted-of-helping-anonymous-hack-the-la-times.html#tk.rss_security
25. October
7, Securityweek – (International) Developers of mysterious Wifatch malware come
forward. The group behind the “benevolent” Linux.Wifatch malware that was
observed infecting tens of thousands of routers, Internet Protocol (IP)
cameras, and other devices with the apparent purpose of protecting them,
published the Wifatch source code and revealed themselves as “The White Team,”
claiming it was an altruistic project. Source: http://www.securityweek.com/developers-mysterious-wifatch-malware-come-forward
For another story, see
item 3 above in the Financial Services Sector
Communications Sector
26. October
7, KSBW 8 Salinas – (California) Outage affecting 1000 residents in Big Sur. Over
1,000 residents in Big Sur were without Internet, landline, or cell phone
service, including 9-1-1 capability October 6 due to a cut fiber line in
Greenfield that routes to the microwave radio dish that powers Big Sur. The county
of Monterey and AT&T worked to restore service, and repairs were expected
to be completed by October 7. Source: http://www.ksbw.com/news/outage-affecting-1000-residents-in-big-sur/35704544
For another story, see item 23 above in the Information
Technology Sector