Complete DHS Report for December 19, 2016
Daily Report
Top Stories
• A resident of Alaska was indicted December 15 for his alleged
role in a scheme where he and 4 co-conspirators provided services to Iran that
resulted in the unlawful distribution of roughly $1 billion U.S. dollars. – U.S.
Attorney’s Office, District of Alaska See item 4 below in
the Financial Services Sector
• Six individuals were charged in an indictment unsealed December
13 for their alleged roles in a $50 million investment fraud scheme. – U.S.
Attorney’s Office, Southern District of New York See item 5
below in the Financial Services Sector
• Pomona, California-based East Valley Community Health Center,
Inc. announced December 14 that the patient information on 65,000 insurance
claims was compromised after an unauthorized actor hacked its system and
installed ransomware that encrypted files on a single server in October. – Inland
Valley Daily Bulletin
24. December 16, Inland
Valley Daily Bulletin – (California) Data breach at Pomona health clinic
affected patient information. Pomona, California-based East Valley
Community Health Center, Inc. announced December 14 that the patient
information on 65,000 insurance claims from the past 6 years was compromised
after an unauthorized actor hacked into its computer system and installed
ransomware that encrypted files on a single server in October. There has been
no indication that the patient information was accessed or illegally used. Source: http://www.dailybulletin.com/general-news/20161215/data-breach-at-pomona-health-clinic-affected-patient-information
• A 6-alarm fire at a mixed-use building in the Charlestown
neighborhood of Boston displaced 23 people and damaged multiple apartments
December 16, causing an estimated $2 million in damage. – WBZ 4 Boston
36. December 16, WBZ 4
Boston – (Massachusetts) Charlestown apartments, laundromat featured in
‘The Town’ destroyed in 6-alarm fire. A 6-alarm fire at a mixed-use
building in the Charlestown neighborhood of Boston displaced 23 people and
damaged multiple apartments and a laundromat December 16, causing an estimated
$2 million in damage. No injuries were reported and the cause of the fire
remains under investigation.
Source:
http://boston.cbslocal.com/2016/12/16/bunker-hill-street-fire-charlestown-boston/
Financial Services Sector
3. December 16,
Associated Press – (Ohio) Feds: Man suspected as ‘Buckeye Bandit’
indicted in Ohio. A man dubbed the “Buckeye Bandit” was indicted December
15 for allegedly committing 7 armed bank robberies across central Ohio since
2013. He was previously indicted for one armed bank robbery in November, when
authorities discovered over $53,000 in his possession. Source: http://www.dailyprogress.com/feds-man-suspected-as-buckeye-bandit-indicted-in-ohio/article_aa71dbf3-d68a-5fda-a4c5-be7496cb54f5.html
4. December 15, U.S.
Attorney’s Office, District of Alaska – (International) U.S. citizen
charged with conspiring to provide unlawful services to Iran and international
money laundering conspiracy. An Anchorage, Alaska man was indicted December
15 for his alleged role in a scheme where he and 4 co-conspirators provided
services to Iran that resulted in the unlawful distribution of roughly $1
billion U.S. dollars equivalent of Iranian owned funds between January 2011 and
at least April 2014 after the man stored the proceeds from fictitious sales of
marble and other construction materials to an Iranian shell company in
controlled South Korean bank accounts, and then converted the proceeds into
more easily tradeable currencies by convincing the Korean regulators the
transactions were lawful before transferring the finances to over 10 countries.
The charges allege the man received between $10 million and $17 million from
Iranian nationals for his criminal activities. Source: https://www.justice.gov/usao-ak/pr/us-citizen-charged-conspiring-provide-unlawful-services-iran-and-international-money-1
5. December 13, U.S.
Attorney’s Office, Southern District of New York – (International) Manhattan
U.S. Attorney announces charges against six individuals in international
high-yield investment fraud scheme. Six individuals were charged in an
indictment unsealed December 13 for their alleged roles in a $50 million
investment fraud scheme that defrauded investors in the U.S. and several
foreign countries between at least June 2013 and August 2016 by purporting that
their Cities Upliftment Program (CUP) would produce considerably high returns,
claiming that half of the returns would help rejuvenate American cities
recovering from the 2008 financial crisis, while the other half would be paid
back to the investors at the rate of $1 million per day for 75 banking days,
and by using forged and counterfeit New York Fed documents, among other
material misrepresentations, to persuade victims to invest in the CUP scheme.
The group reportedly laundered the proceeds through various domestic and
overseas bank accounts held in the names of shell companies they operated. Source:
https://www.justice.gov/usao-sdny/pr/manhattan-us-attorney-announces-charges-against-six-individuals-international-high
For another story, see item 30
below in the Information
Technology Sector
Information Technology Sector
29. December 16,
SecurityWeek – (International) Joomla patches dangerous security flaws. Joomla
released version 3.6.5 to resolve three security issues, including a high
severity flaw plaguing all Joomla iterations from 1.6.0 – 3.6.4 which could be
exploited to allow an attacker to modify existing user accounts including
altering usernames, user group assignments, and passwords. In addition to the
patches, the update included additional security hardening mechanisms.
30. December 15, Agence
France-Presse – (International) Suspect arrested in JPMorgan, Dow Jones
data theft case. A U.S. citizen living in Moscow was arrested at John F.
Kennedy International Airport in New York December 14 after he allegedly
orchestrated computer hacking crimes against U.S. financial institutions,
brokerage firms, and financial news publishers, including a hack that
compromised the data on 7 million businesses and 76 million household customers
of JPMorgan Chase & Co and other firms. The man and his co-conspirators
also allegedly operated an Internet gambling scheme, an unlawful bitcoin
exchange, and an illicit payment processing operation for fraudulent online
pharmaceutical sellers. Source:
http://www.securityweek.com/suspect-arrested-jpmorgan-dow-jones-data-theft-case
31. December 15,
SecurityWeek – (International) Over 8,800 WordPress plugins have flaws:
Study. RIPS Technologies researchers released a report after analyzing
44,705 plugins in the official WordPress plugins directory, which found a total
of 67,486 vulnerabilities in the plugins, including 41 critical flaws, 2,799
high severity flaws, and more than 4,600 medium severity security holes. The
study also revealed that more than 68 percent of the vulnerabilities discovered
are cross-site scripting (XSS) issues and over 20 percent are Structured Query
Language (SQL) injection flaws.
32. December 15,
SecurityWeek – (International) Nymaim trojan fingerprints MAC addresses
to bypass virtualization. SophosLabs security researchers reported that the
Nymaim trojan was spotted comparing a targeted machine’s media access control
(MAC) address against a hardcoded list of blacklisted vendors, enabling the
malware to avoid virtual environments and hinder analysis tools. The
researchers also found that the trojan includes a list of checks and continues
running even after those checks fail in order to hide its failure. Source: http://www.securityweek.com/nymaim-trojan-uses-mac-addresses-bypass-virtualization
Communications Sector
33. December 15,
SecurityWeek – (International) Malvertising campaign targets routers. Proofpoint
security researchers reported that attackers behind the DNSChanger exploit kit
(EK) were attempting to infect home or small office (SOHO) routers using an
enhanced version of the DNSChanger, and subsequently expose the router to
further attacks as the EK changes network rules to make the administration
ports available from external addresses. The researchers reported malicious
actors are leveraging the attacks in order to steal traffic from large Web ad
agencies, and users can prevent their devices from being infected by updating
their routers to the most updated firmware. Source: http://www.securityweek.com/malvertising-campaign-targets-routers
34. December 15, Iowa
City Press-Citizen – (Iowa) Mediacom services restored in Iowa City
area. Up to 1,800 Mediacom customers in the Iowa City, Iowa area were
without Internet, cable, and phone services for more than 10 hours December 14
after a city-owned construction vehicle inadvertently cut a main line of a
fiber optic cable. Source: http://www.press-citizen.com/story/money/business/2016/12/14/mediacom-outage-iowa-city-area-may-take-hours-repair/95445896/
No comments:
Post a Comment