Complete DHS Report for March 17,
2016
Daily Report
Top Stories
• The
Washington Metropolitan Area Transit Authority (WMATA) reported that its 6
transit lines and 91 rail stations will be shut down for approximately 29 hours
March 16 – March 17 while crews conduct inspections on 600 “jumper cables.” – USA
Today
5. March 16,
USA Today – (Maryland; Virginia; Washington, D.C.) Washington, D.C.,
subway to close for 29 hours for inspection. The Washington Metropolitan
Area Transit Authority (WMATA) reported that its 6 transit lines and 91 rail
stations, which carry more than 700,000 passengers will be shut down for
approximately 29 hours March 16 – March 17 while crews conduct inspections on
600 “jumper cables” in the system following an unexpected fire at the McPherson
Square station March 14. Source: http://www.usatoday.com/story/news/nation/2016/03/15/reports-washington-dc-metro-close-24-hours-inspection/81823344/
• Authorities
arrested and charged two Margaretville, New York residents March 16 for
allegedly stealing more than 3,000 hydrocodone and oxycodone tablets from
Miller’s Drug Store in February. – Oneonta Daily Star
15. March 16,
Oneonta Daily Star – (New York) Two accused of stealing Rx pills. The Delaware
County Sheriff’s Office arrested and charged two Margaretville residents March
16 for allegedly stealing more than 3,000 hydrocodone and oxycodone tablets
from Miller’s Drug Store on Main Street overnight February 1 – February 2. The
pair sold or consumed the pills and attempted to conceal and destroy other
evidence. Source: http://www.thedailystar.com/news/local_news/two-accused-of-stealing-rx-pills/article_ff556bf2-c9ca-5e48-b8cc-a329e03ffdaa.html
• The U.S.
Centers for Disease Control and Prevention released voluntary guidelines March
15 urging health care providers to limit opioid prescriptions for patients and
offer alternative treatments for chronic pain. – Wall Street Journal
18. March 15,
Wall Street Journal – (National) CDC issues guidelines to limit opioid painkiller
prescriptions. The U.S. Centers for Disease Control and Prevention (CDC)
released voluntary guidelines March 15 urging primary-care clinicians, doctors,
physician assistants, and nurse practitioners to limit opioid prescriptions for
patients and offer alternative treatments for chronic pain or prescribe the
lowest effective dosage possible. The CDC also recommends limiting
prescriptions to 3 – 7 day doses, among other guidelines. Source: http://www.wsj.com/articles/cdc-issues-guidelines-to-limit-opioid-painkiller-prescriptions-1458061340
• Phantom and
Enterprise Strategy Group (ESG) released a report stating that 74 percent of
large companies regularly disregard security alerts due to the increase in
information technology (IT) activities that pull staff from daily workflow
tasks. – SecurityWeek See item 23 below in
the Information Technology Sector
Financial Services Sector
3. March 15,
U.S. Securities and Exchange Commission – (International) SEC charges
operator of Ponzi scheme that claimed to offer “bridge loans” to Jamaican
businesses. The U.S. Securities and Exchange Commission announced March 15
that Federal officials arrested a Miami resident March 13 for allegedly
operating a $10 million Ponzi scheme where he solicited over 21 investors
across 6 States and Washington, D.C. by claiming their money would be used for
“bridge loans” to Jamaican businesses awaiting funds from bank loans, and
touting investment opportunities and investment-funded projects in Jamaica via
YouTube videos. The investment funds were instead used to pay other investors
and for personal expenses. Source: https://www.sec.gov/news/pressrelease/2016-55.html
4. March 15,
KBAK 29 Bakersfield/KBFX 58 Bakersfield – (National) Securities and
Exchange Commission: Bakersfield Investment Club a fraud. The U.S.
Securities and Exchange Commission announced the week of March 7 charges
against the chief executive officer (CEO) of Bakersfield Investment Club in
California after he ran a $11 million fraudulent investment scheme where he
purchased real estate and businesses with money from over 400 investors and
titled the properties in his name in order to defraud investors and use the
money to fund personal expenses.
Information Technology Sector
20. March 16,
SecurityWeek – (International) Radamant C&C server manipulated to spew
decryption keys. Security researchers from InfoArmor reported that a flaw
in Radamant ransomware’s command and control (C&C) server could potentially
allow researchers to decrypt victims’ files without requiring user interaction
by registering the infected machine within the malware control center via a
Hypertext Transfer Protocol (HTTP) POST request. Researchers reported the
request needs to contain public and private encryption keys, as well as a
unique identifier of the bot to bypass the filter and avoid additional
vulnerability exploits.
21. March 16,
The Register – (International) VMware vRealizes that vRealize has XSS bugs
on Linux. Virtzilla released its first maintenance updates in version 7.0.1
of its vRealize Automation product in Linux systems after discovering that a
pair of cross-site scripting (XSS) vulnerabilities could compromise a user’s
workstation. Source: http://www.theregister.co.uk/2016/03/16/vmware_vrealizes_that_vrealize_has_xss_bugs_on_linux/
22. March 15,
Infosecurity Magazine – (International) Amex investigates possible
data breach. American Express officials reported that it is investigating a
potential data breach in California after one of its third-party service
providers was compromised and potentially exposed customer names, account
numbers, expiration dates, and other personal information. Officials reported
the investigation was conducted as a precautionary measure.
23. March 15,
SecurityWeek – (International) Suffocating volume of security alerts challenge
incident response. Phantom and Enterprise Strategy Group (ESG) released a
report stating that 74 percent of large companies regularly disregard security
alerts due to the increase in information technology (IT) activities that pull
staff from daily workflow tasks. With the increase in IT activities, the report
stated companies face challenges in monitoring incident response (IR) processes
from end-to-end, maintaining the high volume of security alerts and external
threat intelligence, and coordinating between information technology (IT) and
security teams.
24. March 15,
SecurityWeek – (International) Google tracks use of HTTPS on top 100
websites. Google released its transparency report March 15 that tracks the
progress of encryption efforts for its own products and the world’s most
visited Web sites, as well as includes a new tracking service that monitors the
state of Hypertext Transfer Protocol Secure (HTTPS) used on the world’s top 100
third-party Web sites. Source: http://www.securityweek.com/google-tracks-use-https-top-100-websites
Communications Sector
Nothing to report
No comments:
Post a Comment