Friday, November 13, 2015



Complete DHS Report for November 13, 2015

Daily Report                                            

Top Stories

 • Indictments against 44 people and 9 companies were unsealed November 10 detailing an alleged scheme to steal and resell approximately $34 million worth of oil that was never delivered to various businesses in New York. – New York Times

2. November 10, New York Times – (New York) Prosecutors allege persistent heating oil fraud in New York City. The Manhattan district attorney’s office unsealed indictments November 10 against 44 people and 9 companies for allegedly stealing and reselling approximately $34 million worth of oil that was never delivered to homeless shelters, hospitals, courthouses, police stations, and prison buildings on Rikers Island. The investigation uncovered 48 seized trucks that were rigged to deprive customers of their fuel, among several other fraudulent activities. Source: http://www.nytimes.com/2015/11/11/nyregion/11-indictments-detail-widespread-fraud-in-heating-oil-industry-of-new-york-city.html

 • Volkswagen announced November 10 that production of diesel-powered 2016 Passat TDI sedans was temporarily stopped at its Chattanooga, Tennessee plant. – Chattanooga Times Free Press

3. November 11, Chattanooga Times Free Press– (Tennessee) VW plants stops production of diesel Passats while awaiting emissions fix. Volkswagen announced November 10 that production of diesel-powered 2016 Passat TDI sedans were temporarily ceased at its Chattanooga plant while it awaits a fix to the vehicles containing illegal software that masked their emissions. Source: http://www.timesfreepress.com/news/business/aroundregion/story/2015/nov/11/vw-stops-chattanoogpassproductiwhile-awaiting/335072/

 • Chipotle Mexican Grill, Inc., re-opened 43 restaurants in Oregon and Washington November 12 after they underwent thorough cleaning following an E. coli outbreak. – Associated Press

12. November 12, Associated Press – (Oregon; Washington) Chipotle reopening all Northwest locations after E. coli outbreak. Chipotle Mexican Grill, Inc., re-opened 43 restaurants in Oregon and Washington November 12 after they underwent thorough cleaning, and the company adopted some new protocols for washing fresh produce following an E. coli outbreak that sickened nearly 45 people. The cause of the outbreak remains under investigation and Chipotle announced that it did not find any food contaminated by E. coli following testing. Source: http://registerguard.com/rg/business/33707286-63/chipotle-reopening-all-northwest-locations-after-e.-coli-outbreak.csp

 • A grand jury in Waco, Texas, indicted 106 out of 177 bikers November 10 who were arrested for engaging in organized criminal activity following a May 17 shootout that killed 9 people and injured 20 others. – Associated Press

25. November 11, Associated Press – (Texas) Grand jury indicts 106 bikers in Waco shootout with police. A grand jury in Waco, Texas, indicted 106 out of 177 bikers November 10 who were arrested for engaging in organized criminal activity following a May 17 shootout with police at the Twin Peaks restaurant that killed 9 people and injured 20 others after the Bandidos and the Cossacks motorcycle clubs had an alleged confrontation. Source: http://www.foxnews.com/us/2015/11/11/grand-jury-indicts-106-bikers-in-waco-shootout-with-police/

Financial Services Sector

5. November 12, Securityweek – (International) “Cherry Picker” PoS malware cleans up after itself. Researchers from Trustwave discovered that a point-of-sale (PoS) malware dubbed “Cherry Picker” relies on a new memory scraping algorithm using a file infector for persistence that removes all traces of the infection from the system with updated versions of sr.exe and srf.exe, which has been used to install the malware and inject a data definition language (DLL) into processes. The latest version of the malware relies on an application programming interface (API) called “QueryWorkingSet” to scrape the memory and harvest the data. Source: http://www.securityweek.com/cherry-picker-pos-malware-cleans-after-itself

Information Technology Sector

18. November 12, Securityweek – (International) Microsoft reissues security update due to Outlook crash. Microsoft reissued a security patch updating its KB3097877 software on Windows 7 and some versions of its KB3105213 update on Windows 10 after customer complaints revealed that the software update had an issue with its Outlook 2010 and 2013 versions which caused crashes for consumers viewing HyperText Markup Language (HTML) emails. Source: http://www.securityweek.com/microsoft-reissues-security-update-due-outlook-crash

19. November 11, Securityweek – (International) Attackers abuse security products to install “Bookworm” trojan. Researchers from Palo Alto Networks discovered a new trojan dubbed “Bookworm” which captures keystrokes and steals the content of a clipboard, as well as load additional modules from its command and control (C&C) server to expand its abilities by using a Smart Installer Maker tool to disguise the malware as a self-extracting RAR archive, or a Flash slideshow/installer, to write a executable data definition language (DDL) file named “Loader.ddl,” and a file named “readme.txt,” to the victims’ system. Source: http://www.securityweek.com/attackers-abuse-security-products-install-bookworm-trojan

20. November 10, Softpedia – (International) Here’s the list of all security bugs that Adobe fixed in Flash 19.0.0.245. Adobe released patches for 17 critical bugs in its Flash Player 19.0.0.245 for Windows and Apple Mac, Flash Player 11.2.202.548 for Linux systems, as well as Adobe AIR that patched vulnerabilities including a type confusion flaw, and a security bypass vulnerability that allows attackers to write data to the target’s file system with the user’s permission. Source: http://news.softpedia.com/news/here-s-the-list-of-all-security-bugs-that-adobe-fixed-in-flash-19-0-0-245-495990.shtml

For another story, see item 5 above in the Financial Services Sector

Communications Sector

21. November 11, Alpine Avalanche – (Texas) Telephone service disrupted. AT&T customers located in 6 counties across southwest Texas experienced landline and some cellphone and Internet outages for about 8 hours November 10 due to a line break.