Thursday, December 17, 2015



Complete DHS Report for December 17, 2015

Daily Report                                            

Top Stories

• The Los Angeles County Board of Supervisors declared a state of emergency December 15 due to the release of up to 1,200 tons of methane into the atmosphere from a leaking Southern California Gas Co. well site. – Los Angeles Daily News

1. December 16, Los Angeles Daily News – (California) LA County declares state of emergency over Porter Ranch gas leak. The Los Angeles County Board of Supervisors declared a state of emergency December 15 due to the release of up to 1,200 tons of methane into the atmosphere from a leaking Southern California Gas Co. well site located above Porter Ranch over a period of 50 days. The declaration will allow for more in-depth air monitoring and help with efforts to cap the well. Source: http://www.dailynews.com/environment-and-nature/20151215/la-county-declares-state-of-emergency-over-porter-ranch-gas-leak

• Three men from Florida, New Jersey, and Maryland were charged December 15 with a computer hacking and identity theft scheme in which they stole the personal information of millions of people and gained over $2 million in illegal profits. – U.S. Attorney’s Office, District of New Jersey See item 27 below in the Information Technology Sector

• United Kingdom police arrested a suspect December 15 believed to be linked to a data breach at VTech Holdings Ltd that compromised more than 6 million children profiles and more than 4.9 million parent profiles. – Associated Press

30. December 15, Associated Press – (International) British police arrest Vtech hacking suspect. Police in the United Kingdom arrested a suspect December 15 reportedly believed to be linked to a November 30 data breach at VTech Holdings Ltd, a company that sells electronic toys, that compromised more than 6 million children profiles and more than 4.9 million parent profiles including names, email addresses, Internet Protocol (IP) addresses, passwords, and mailing addresses, among other information. The suspect stated he targeted VTech Holdings Ltd to expose the company’s security flaws and raise awareness for security practices, with no intention to sell the stolen data for profit. Source: http://www.denverpost.com/business/ci_29258377/british-police-arrest-vtech-hacking-suspect

• Eighteen suspects were arrested in connection to a $2 million gift card scheme by stealing merchandise from retail stores, returning it for store credit, and reselling the cards in Deltona at half their values December 14. – WFTV 9 Orlando

32. December 14, WFTV 9 Orlando– (Florida) ‘Operation Plastic Paradise’ nets 18 arrests in $2 million gift card scheme. Authorities in Volusia County announced December 14 that 18 suspects were arrested in connection to a $2 million gift card scheme involving 2 store owners, 4 employees, and 12 customers who stole merchandise from retail stores, returned it for store credit gift cards, and resold the cards to cash-for-gift-card businesses in Deltona and Daytona Beach at half their values. Investigators determined that 2 stores in particular bought 16,870 cards in an 8-month period resulting in profits of $100,000 per month. Source: http://www.wftv.com/news/news/local/operation-plastic-paradise-nets-18-arrests-2-milli/npjmt/

Financial Services Sector

6. December 15, U.S. Attorney’s Office, District of New Jersey – (New Jersey) Monmouth County, New Jersey stock promoter admits role in $33 million microcap stock manipulation scheme. A Holmdel, New Jersey man pleaded guilty December 15 to his role in a $33 million microcap stock manipulation scheme that used a “pump and dump” tactic to artificially inflate the stock prices of 4 publically traded companies, known collectively as the Target Companies, through manipulative trading and other fraudulent means. The man worked with other co-conspirators and gained approximately $13 million from the scheme. Source: https://www.fbi.gov/newark/press-releases/2015/monmouth-county-new-jersey-stock-promoter-admits-role-in-33-million-microcap-stock-manipulation-scheme

7. December 15, U.S. Securities and Exchange Commission – (Connecticut) SEC announces fraud charges against investment adviser. The U.S. Securities and Exchange Commission announced fraud charges December 15 against Connecticut-based Atlantic Asset Management LLC (AAM) for investing more than $43 million of client funds into illiquid bonds issued by BFG Socially Responsible Investing Ltd., a partial owner of AAM, without disclosing to clients that their sale would generate private placement fees for a broker-dealer affiliated to the company. Source: http://www.sec.gov/news/pressrelease/2015-280.html

8. December 14, Reuters – (National) New York lawyer convicted of Maxim magazine deal fraud. A New York lawyer was found guilty December 14 for his involvement in a scheme to help fraudulently secure $31 million in financing from investors in order to help a co-conspirator purchase Maxim magazine. The pair provided fake bank account statements and emails to lenders in order to borrow $8 million, and attempted to secure an additional $20 million for the purchase of the magazine. Source: http://www.reuters.com/article/us-usa-crime-maximmagazine-idUSKBN0TX2F720151214

Information Technology Sector

23. December 16, Softpedia – (International) FireEye security devices provide attackers with backdoor into corporate networks. Two security researchers discovered several FireEye security products had two zero-day flaws, such as the RCE and privilege escalation bug that can execute malicious code disguised as the highly privileged Malware Input Processor (mip) user and gain administrative privileges on the infected device. FireEye released patches addressing the vulnerabilities. Source: http://news.softpedia.com/news/fireeye-security-devices-provide-attackers-with-backdoor-into-corporate-networks-497702.shtml

24. December 16, SecurityWeek – (International) Mozilla patches critical flaws with release of Firefox 43. Mozilla released its new Firefox 43 web browser that patches 21 security flaws including cross-site reading attacks, use-after-free vulnerabilities, and privilege escalation issues related to WebExtension APIs, among other patches, as well as several feature improvements, including a 64-bit version for Microsoft Windows. Source: http://www.securityweek.com/mozilla-patches-critical-flaws-release-firefox-43

25. December 16, SecurityWeek – (International) Critical DoS flaw patched in BIND. The Internet Systems Consortium (ISC) released updates to its open source software, BIND that patches three vulnerabilities including a remotely exploitable denial-of-service (Dos) issue that can trigger a REQUIRE assertion in db.c, causing the server to close and deny service to clients, as well as a socket error that can cause the server to exit when encountering an INSIST assertion failure in the “resolver.c” library. The latest updates also fixes an Open SSL vulnerability connected to the BN_mod_exp function that could produce issues on x86_64 systems. Source: http://www.securityweek.com/critical-dos-flaw-patched-bind

26. December 16, Help Net Security – (International) Asian company is the newest APT threat. A researcher from CloudSek CTO discovered the group, dubbed Santa APT was targeting international software companies and individuals to exploit confidential information via a desktop malware that disguises itself on the targets computer, collects files, and sends the files back to the attacker’s Command & Control (C&C) server, and through a second malware that targets Microsoft Android and Apple iOS devices. Source: http://www.net-security.org/malware_news.php?id=3180

27. December 15, U.S. Attorney’s Office, District of New Jersey – (New Jersey) Three men arrested in hacking and spamming scheme. A U.S. Attorney official reported December 15 that three men from Florida, New Jersey, and Maryland were charged with conspiracy to commit fraud and activities in connection to computers, and conspiracy to commit wire fraud after the trio allegedly compromised the personally identifiable information (PII) of millions of several different corporate employees and generated more than $2 million in illegal profits by creating a computer program to distribute disguised spam emails and used proxy servers and botnets to conceal the origin of the emails while collecting login credentials of employees, personal information, and confidential business information. Source: https://www.fbi.gov/newark/press-releases/2015/three-men-arrested-in-hacking-and-spamming-scheme

28. December 15, IDG News Service – (International) TeslaCrypt Ransomware attacks are increasing. Security researchers from Symantec reported that the file-encrypting ransomware program, dubbed TeslaCrypt has been targeting computer games and related software, increasing its infection rate from 200 a day to 1,800. The ransomware infects a system via email attachments with the words “invoice,” “doc,” or “info” that contains heavily obfuscated JavaScript code designed to evade antivirus detention and download the ransomware program. Source: http://www.computerworld.com/article/3015454/security/teslacrypt-ransomware-attacks-are-increasing.html#tk.rss_security

Communications Sector

Nothing to report