Complete DHS Report for
December 1, 2015
Daily Report
Top Stories
• The governor of Oklahoma issued a state of emergency for
all 77 counties following a severe storm November 28 that caused severe
flooding, left 14 people dead, and knocked out electricity to more than 100,000
customers. – USA Today
1. November
30, USA Today – (National) Okla. declares state of emergency amid winter
storm, flooding. A severe storm the weekend of November 28 that moved
across Texas, Oklahoma, Arkansas, and Tennessee left 14 people dead, knocked
out electricity to more than 100,000 customers, and forced the governor of
Oklahoma to declare a state of emergency for all 77 counties due to flooding. Source: http://www.msn.com/en-us/news/weather/okla-declares-state-of-emergency-amid-winter-storm-flooding/ar-AAfNeGf
• The U.S. Air Force hired civilian defense contractors to
fly MQ-9 Reaper drones in order to provide intelligence, surveillance, and
reconnaissance (ISR) in global hot spots to help track suspected militants and
other targets November 27. – Los Angeles Times
4. November
27, Los Angeles Times – (International) Air Force hires civilian
drone pilots for combat patrols; critics question legality. The U.S. Air
Force announced November 27 that it hired civilian defense contractors to fly
MQ-9 Reaper drones to conduct combat air patrols, daily round-the-clock flights
above areas of military operations, in order to provide intelligence,
surveillance, and reconnaissance (ISR) in global hot spots to help track
suspected militants and other targets. The civilians are not combatants and are
not allowed to pinpoint targets or fire missiles. Source: http://www.latimes.com/nation/la-fg-drone-contractor-20151127-story.html
• At least 1 police officer and 2 civilians were killed and
at least 4 other officers and 5 civilians were injured November 27 after a
gunman opened fire for several hours at a Planned Parenthood clinic in Colorado
Springs. – Washington Post
23. November
28, Washington Post – (Colorado) Gunman kills officer, two others at Planned
Parenthood clinic in Colorado. At least 1 police officer and 2 civilians
were killed and at least 4 other officers and 5 civilians were injured November
27 after a gunman entered a Planned Parenthood clinic in Colorado Springs and
opened fire in an hours-long shooting standoff before surrendering to police.
Several surrounding businesses were told to take cover and remain indoors
during the incident. Source:
https://www.washingtonpost.com/world/national-security/2015/11/27/ff579e40-9543-11e5-b5e4-279b4501e8a6_story.html
• Hong-Kong based VTech Holdings Ltd reported that 5
million customers’ accounts and related children’s profiles were compromised
worldwide after a breach in its database exploited customers’ personal
information. – Reuters
30. November
30, Reuters – (International) Data breach at Hong Kong toy maker VTech
highlights broader problems. Hong-Kong based VTech Holdings Ltd, a company
that sells electronic toys, reported that 5 million customers’ accounts and
related children’s profiles were compromised worldwide after a breach in its
database exploited customers’ names, email addresses, passwords, secret
questions, and Internet Protocol (IP) addresses, among other information. VTech
officials notified all account holders of the breach and reported that credit
card information, ID card numbers, Social Security numbers, and drivers’
license numbers were unaffected. Source: http://www.reuters.com/article/2015/11/30/us-vtech-cyberattack-idUSKBN0TJ0B620151130#iBqELHme53sfTHDX.97
Financial Services Sector
6. November
29, Associated Press – (National) Man charged with $1.4 million MoneyGram
embezzlement. Authorities in the U.S. Virgin Islands arrested a man
November 29 for allegedly embezzling $1.4 million from his former employer,
MoneyGram International Incorporated after failing to deposit a $1.4 million
check into a company account and using the funds for personal use. Source: http://abcnews.go.com/International/wireStory/man-charged-14-million-moneygram-embezzlement-35477325
7. November
25, U.S. Department of the Treasury – (International) Treasury
sanctions networks providing support to the Government of Syria, including for facilitating
Syrian government oil purchases from ISIL. The U.S. Department of the
Treasury designated 4 individuals and 6 entities November 25 for allegedly
providing support to the Government of Syria as well as indirectly supporting
the Islamic State of Iraq and the Levant (ISIL) through oil sales. The
designation froze U.S. assets of the suspects, who have business operations in
Belize, Russia, and Syria.
8. November
25, U.S. Department of Justice – (Texas) Federal Jury Convicts
San Antonio Businessman in Estimated $3.9 Million Tax Fraud Scheme. A
Federal jury convicted the former owner of San Antonio-based Gourmet Express
LLC November 25 for conspiring with family members to defraud the U.S. Internal
Revenue Service of approximately $3.9 million between 2001 and 2009 by using
shell companies in Thailand to over-report prices paid abroad for goods, while
siphoning off funds for personal use. Source: http://www.justice.gov/usao-wdtx/pr/federal-jury-convicts-san-antonio-businessman-estimated-39-million-tax-fraud-scheme
For another story, see item 5 below from the Defense Industrial Base Sector
5. November
27, Federal Times – (Florida) Florida contractor pleads guilty for tax fraud
scheme. The U.S. Department of Justice reported that a Fort Lauderdale man
pleaded guilty November 24 to a $1.7 million tax fraud scheme in which he
underpaid corporate and individual income tax by hiding funds, and committed
his activities through his company, Simplex Corporation, a company that
provided aircraft parts to U.S. military deployed overseas. The contractor
admitted to making illegal payments to a government contract and U.S. military
personnel. Source: http://www.federaltimes.com/story/government/management/oversight/2015/11/27/florida-contractor-pleads-guilty-tax-fraud-scheme/76383472/
Information Technology Sector
26. November
30, Securityweek – (International) Microsoft unveils protection against
potentially unwanted applications. Microsoft released a new feature for its
Systems Center Endpoint Protection (SCEP) and Forefront Endpoint Protection
(FEP) systems that includes a new potentially unwanted application (PUA)
protection program that automatically identifies unwanted software containing
threat names, such as PUA:Win32/Creprote, that targets software bundling
technologies, PUA applications, and PUA frameworks and decreases the amount of
adware, toolbars, or other malicious applications that can be installed. Source:
http://www.securityweek.com/microsoft-unveils-potentially-unwanted-application-protection-enterprises
27. November
30, Securityweek – (International) Insecure app exposed Billboard Lights to
hacker attacks. A security researcher reported that the SmartLink Android
App to remotely control highway billboard sign lights had several
vulnerabilities, including authentication flaws that can allow attackers to
bypass the authentication mechanism and gain access to SmartLink customers’
data, perform man-in-the middle (MitM) attacks, and access web directories
including files containing the application programming interface (API) source
code and log files containing user login information.
28. November
28, Softpedia – (International) DecryptorMax ransomware decrypted, no need to
pay the ransom. A security researcher from Emisoft created a new tool
dubbed DecryptInfinite that decodes files encrypted by the DecryptorMax
ransomware, also known as CryptInfinite, which allows infected users to obtain
encrypted information without paying the ransom by using at least one file in
its unencrypted form to drag and drop over the tool’s main window. Source: http://news.softpedia.com/news/decryptormax-ransomware-decrypted-no-need-to-pay-the-ransom-496848.shtml
29. November
27, Securityweek – (International) Critical vulnerability patched in Zen Cart. Zen
Cart, the open source shopping cart software, released patches for several of
its vulnerabilities including several cross-site scripting (XSS) vulnerabilities
in the “order-comments” fields and the administration edit fields; a PHP file
inclusion vulnerability which allowed remote attackers to exploit the /
ajax.php file to execute arbitrary PHP code and gain unlimited access to
databases and files; as well as a low severity vulnerability that caused
incorrect passwords to remain in the password field following a failed login
attempt.
For another story, see item 30 above in Top Stories
Communications Sector
Nothing to report