Complete DHS Report for
December 18, 2015
Daily Report
Top Stories
• The former chief executive officer of Retrophin Inc.,
December 17 was charged with committing fraud after misappropriating over $1
million from 2 hedge funds he founded, and making false claims to investors,
among other misconducts. – U.S. Securities and Exchange Commission See item 2 below in the Financial Services Sector
• A former portfolio manager at Canarsie Capital LLC was
charged December 16 for secretly subjecting investors to massive risk, causing
the fund to lose $56.5 million and collapse. – U.S. Securities and Exchange Commission
See item 4 below in the Financial Services Sector
• Two Clark County residents were indicted December 16 for
felony theft charges after the two vandalized $116,000 worth of lighting
systems and stole 34,300 feet of copper wire across Interstate 1-64 in
Kentucky. – WTVQ 40 Lexington
9. December
16, WTVQ 40 Lexington – (Kentucky) Clark Co. man, woman indicted
in copper wire thefts on highways. Two Clark County residents were indicted
December 16 with seven counts of theft and seven counts of first-degree
criminal theft after an investigation revealed the two vandalized $116,000
worth of lighting systems and cut and removed about 34,300 feet of copper wire
across Interstate 1-64 in Bath and Carter counties, Woodford County, and Clark
County from October – November. Source: http://www.wtvq.com/2015/12/16/clark-co-man-woman-indicted-in-copper-wire-thefts-on-highways/
• A severe storm that moved across North Dakota and South
Dakota December 16 caused power outages to hundreds of homes, businesses, and
schools, prompted travel alerts, and forced Ellsworth Air Force Base to close.
– Associated Press
12. December
16, Associated Press – (North Dakota; South Dakota) Storm leads to power outages,
closed schools in Dakotas. A severe storm that moved across North Dakota
and South Dakota December 16 knocked out power to hundreds of homes and
businesses, closed schools, prompted travel alerts, and forced Ellsworth Air
Force Base in South Dakota to close due to poor road conditions. Source: http://rapidcityjournal.com/news/local/storm-leads-to-power-outages-closed-schools-in-dakotas/article_454ebc40-296d-5997-844d-f3b77517cd49.html
Financial Services Sector
2. December
17, U.S. Securities and Exchange Commission – (National) SEC charges
former CEO with fraud. The U.S. Securities and Exchange Commission charged
the former chief executive officer (CEO) of Retrophin Inc., a pharmaceutical
company, December 17 with misappropriating over $1 million from 2 hedge funds
he founded, MSMB Capital Management LP and MSMB Healthcare LP, and for making
material misrepresentations to investors, among other misconduct. The former
CEO worked with two other co-conspirators to mislead investors and executives
about the hedge funds’ size and performance, which resulted in millions in
losses. Source: http://www.sec.gov/news/pressrelease/2015-282.html
3. December
16, Charleston Post and Courier – (South Carolina; Georgia) Summerville
mortgage fraud probe nets new indictment; losses totaled $23 million. Federal
authorities announced that 2 suspects from Summerville were charged December 15
for their roles in a $45 million mortgage loan scheme in South Carolina and
Georgia involving 70 properties and losses of more than $23 million. Three
others pleaded guilty in connection to the scheme based off real estate and
mortgages businesses in the town. Source: http://www.postandcourier.com/article/20151216/PC05/151219525/1005/
4. December
16, U.S. Securities and Exchange Commission – (New York) SEC: Hedge
fund adviser lied to investors. The U.S. Securities and Exchange Commission
announced December 16 that a former portfolio manager at Canarsie Capital LLC
in New York was charged for making false and misleading statements to investors
about the fund’s performance, lying to the fund’s prime brokers to avoid margin
calls, and for liquidating all of the long positions in a long/short equity
portfolio, causing the fund to lose about $56.5 million and collapse. Source: http://www.sec.gov/news/pressrelease/2015-281.html
5. December
16, Federal Bureau of Investigation, Knoxville –
(Tennessee) Arrest and indictment of armed bank extortionists. The FBI
announced December 16 that two suspects were arrested in North Carolina for
their roles in a series of robberies at three Tennessee banks, including the
Y-12 Federal Credit Union in Oak Ridge, SmartBank in Knoxville, and Northeast
Community Credit Union in Elizabethton from April to October. Source: https://www.fbi.gov/knoxville/press-releases/2015/arrest-and-indictment-of-armed-bank-extortionists
For another story see item 16 below from the Government Facilities Sector
16. December
16, San Francisco Bay City News – (California) Former ABAG
financial services director guilty of fraud, admits stealing nearly $3.9
million. A former financial services director for the Association of Bay
Area Governments, a regional urban planning agency, pleaded guilty in Federal
court in San Francisco December 15 to embezzling close to $3.9 million from
funding allocated by the agency for public works projects in California between
2011 and 2015. Source: http://www.mercurynews.com/crime-courts/ci_29262897/former-abag-financial-services-director-guilty-fraud-admits
Information Technology Sector
17. December
16, Softpedia – (International) XRTN ransomware discovered, currently undecryptable.
A researcher from Bleeping Computer’s released a report on the XRTN
ransomware detailing how the malware infects a computer system by sending email
attachments, such as malicious Word documents and batch files that are encoded
with JavaScript commands, to a victim’s corporate or personal email, that if
opened and downloaded, attackers can execute the JavaScript commands to run
batch files that will encrypt personal data files and add the .xrtn extension.
All files are encrypted with an RSA-1024 key, which can only be decrypted with
a private key held by the attacker. Source: http://news.softpedia.com/news/xrtn-ransomware-discovered-currently-undecryptable-497739.shtml
18. December
16, Softpedia – (International) Four Network Management Systems vulnerable to
SQLi and XSS attacks. Two security researchers discovered six
vulnerabilities in four Network Management Systems (NMS) that allow attackers
to gain access to applications and use the affected system to carry out future
attacks via four cross-site scripting (XSS) flaws and two SQL injection (SQLi)
flaws, which enables hackers to access a user’s session information, through
the management interface, breach the underlying database, steal information
about all connected devices, and escalate privileges over the server itself. Source:
http://news.softpedia.com/news/four-network-management-systems-vulnerable-to-sqli-and-xss-attacks-497735.shtml
19. December
16, IDG News Service – (International) Grub2 bootloader flaw leaves locked-down
Linux computers as risk. Two researchers from the Cybersecurity Group at
Universitate Politenica de Valencia found an integer underflow vulnerability in
Grand Unified Bootloader2 (GRUB2), a boot loader for Linux systems, that can be
triggered by pressing the backspace key 28 times when the bootloader asks for a
user’s credentials, allowing unauthorized access to a powerful shell which can
enable hackers to rewrite the Grub2 code loaded in the RAM and bypass the
authentication checkpoint. Once an attacker penetrates the bootloader, hackers
can destroy data on the disk and install malware to steal authentic users’
encrypted home folder data. The vulnerability exist in all versions of GRUB2
from 1.98 released December 2009 to the current 2.02. Source: http://www.computerworld.com/article/3015995/security/grub2-bootloader-flaw-leaves-locked-down-linux-computers-at-risk.html#tk.rss_security
20. December
15, The Register – (International) Web host Moonfruit defies Armada DDoS crew…
by (temporarily) defeating itself. United Kingdom-based Web host, Moonfruit
was back online after pulling its own Web site and many of its customers’ Web
sites offline for approximately twelve hours while researchers upgraded the
company’s defenses and advised users to update settings following a December 10
denial-of-service (DDoS) attack by the Armada Collective Crew that shut down
the company’s Web site for 45 minutes. The company stated they were making
significant infrastructure changes to prevent future DDoS attacks. Source: http://www.v3.co.uk/v3-uk/news/2439205/moonfruit-takes-thousands-of-websites-offline-after-cyber-attack-threat
Communications Sector
21. December
16, Eureka Times-Standard – (California) AT&T vows to upgrade
North Coast network after outages. AT&T Inc. officials announced
December 16 that it will be upgrading its North Coast Network by 2016 to
prevent single point failures and to reduce outage impacts on local
communities, such as wire cuts and Internet service failures, by reprogramming
its equipment to route service traffic over diverse fiber paths. Source: http://www.times-standard.com/general-news/20151216/att-vows-to-upgrade-north-coast-network-after-outages