Friday, May 13, 2016



Complete DHS Report for May 13, 2016

Daily Report                                            

Top Stories

• Officials announced May 11 that three employees at the First National Bank in Lawrence County, Arkansas, pleaded guilty to embezzling more than $3.9 million from the bank from 2005 – 2015. – KAIT 8 Jonesboro See item 3 below in the Financial Services Sector

• Ajinomoto Windsor, Inc., issued a recall May 11 for approximately 47,112,256 pounds of its not-ready-to-eat meat and poultry products sold in 31 variations due to a possible Listeria monocytogenes contamination. – U.S. Department of Agriculture  

6. May 12, U.S. Department of Agriculture – (International) Ajinomoto Windsor, Inc., recalls meat and poultry products due to possible Listeria contamination. Ajinomoto Windsor, Inc., issued a recall May 11 for approximately 47,112,256 pounds of its not-ready-to-eat meat and poultry products sold in 31 variations due to a possible Listeria monocytogenes contamination after the company’s ingredient supplier, CRF Frozen Foods, issued a voluntary recall for its frozen vegetables used in the meat and poultry products following an illness outbreak of Listeriosis linked to the vegetables. There have been no confirmed reports of illness in connection to the products which were distributed nationwide and in Canada and Mexico. Source: http://www.fsis.usda.gov/wps/portal/fsis/topics/recalls-and-public-health-alerts/recall-case-archive/archive/2016/recall-040-2016-release

• Officials from the Bureau of Alcohol, Tobacco, Firearms, and Explosives’ Houston Field Division announced May 11 that an April 2013 ammonium nitrate explosion at the West Fertilizer Company in West, Texas, which killed 15 people and destroyed more than 500 homes, was intentionally set. – KXAS 5 Fort Worth  

8. May 11, KXAS 5 Fort Worth – (Texas) West fertilizer explosion was intentionally set: ATF, State fire marshal. Officials from the Bureau of Alcohol, Tobacco, Firearms, and Explosives’ Houston Field Division announced May 11 that an April 2013 ammonium nitrate explosion at the West Fertilizer Company in West, Texas, which killed 15 people, injured dozens of others, and destroyed more than 500 homes, was intentionally set. Officials stated a full report on the blast will not be released until the conclusion of the criminal case. Source: http://www.nbcdfw.com/news/local/ATF-Texas-State-Fire-Marshals-Office-on-West-Explosion-Cause-379007181.html

• Microsoft patched a zero-day vulnerability in the Windows operating system (OS), which was used to help cyber-criminals escalate user privileges and deliver malware to point-of-sale (PoS) systems. – Softpedia

19. May 11, Softpedia – (International) Microsoft patches Windows zero-day leveraged in PoS attack. Microsoft patched a zero-day vulnerability that utilizes two new malware families, PUNCHBUGGY and PUNCHTRACK, in the Windows operating system (OS), which was used to help cyber-criminals escalate user privileges and deliver malware to point-of-sale (PoS) systems. Researchers at FireEye reported that the group behind the campaign targeted over 100 North American retail, hospitality, and restaurant industry businesses.  Source: http://news.softpedia.com/news/microsoft-patches-windows-zero-day-leveraged-in-pos-attacks-503963.shtml

Financial Services Sector

1. May 12, Falls Church Patch – (Virginia) FBI: Serial ‘Ballcap Bandit’ bank robbery suspect strikes again. Authorities are searching May 11 for a man dubbed the “Ballcap Bandit” who is suspected of robbing a Wells Fargo Bank branch in Falls Church, a Wells Fargo Bank branch in Alexandria, and a SunTrust Bank branch in Del Ray, Virginia, since April. Authorities were unsure if the suspect is armed. Source: http://patch.com/virginia/fallschurch/falls-church-bank-robbery-police-investigation-underway-wednesday-afternoon

2. May 11, Jackson Sun – (Tennessee) Former Savannah CEO pleads guilty to $9M bank fraud. The former chief executive officer (CEO) and president of Central Bank in Savannah, Tennessee, pleaded guilty May 11 to Federal fraud charges after he made unauthorized advances to Tennessee Materials Corp., (TMC) and allowed TMC to deposit 161 insufficiently funded checks to cover overdraft balances in the company’s account from 2009 – 2012, causing Central Bank, Wayne County Bank, and First Metro Bank more than $9 million in losses. Officials stated the bad checks created false balances in TMC’s account, enabling the company to use approximately $3.9 million that belonged to Central Bank without the bank’s knowledge or approval. Source: http://www.jacksonsun.com/story/news/crime/2016/05/11/former-savannah-ceo-pleads-guilty-9m-bank-fraud/84229248/

3. May 11, KAIT 8 Jonesboro – (Arkansas) Region 8 women plead guilty to bank fraud of nearly $4 million. Officials from the U.S. Attorney’s Office for the Eastern District of Arkansas and the FBI announced May 11 that three employees at the First National Bank of Lawrence County pleaded guilty to embezzling more than $3.9 million from the bank from 2005 – 2015. Officials stated that the trio received advanced notice of internal audits, and would temporarily transfer money from other branches of the bank into the main vault to conceal their theft from auditors. Source: http://www.ksla.com/story/31951405/region-8-women-plead-guilty-to-bank-fraud-of-nearly-4-million

Information Technology Sector

16. May 12, SecurityWeek – (International) Google patches more high risk vulnerabilities in Chrome 50. Google released a round of security patches for Chrome 50 addressing five vulnerabilities, three of which were deemed high severity, and include a same origin bypass issue in the Document Object Model (DOM), a same bypass bug in Blink V8 bindings, and a buffer overflow flaw in V8. A directory traversal flaw using the file scheme on Android, and a race condition bug in loader were also patched, among other vulnerabilities. Source: http://www.securityweek.com/google-patches-more-high-risk-vulnerabilities-chrome-50

17. May 11, SecurityWeek – (International) SAP patches critical vulnerabilities in Enterprise products. SAP released 10 Security Patch Day Notes and 11 Support Package Notes fixing 10 vulnerabilities , mainly in its NetWevwer Advanced Business Application Programming (ABAP) platform and Java, including critical flaws in Adaptive Server Enterprise (ASE) XPServer, Crystal Reports for Enterprise, and Predictive Analytics which could allow an attacker to potentially execute commands remotely without authorization, obtain critical technical and business-related information, or gain unauthorized access and perform actions in the system.

Communications Sector

Nothing to report

No comments: