Complete DHS Report for March 25, 2016
Daily Report
Top Stories
• A severe storm prompted the cancellation of hundreds of flights
and the closure of the Denver International Airport in Colorado for more than 6
hours March 23 – March 24. – Fort Collins Coloradoan
11. March 24,
Fort Collins Coloradoan – (Colorado) Transfort, DIA up and running,
U.S. 287 and I-25 reopened. A severe storm that dumped several inches of
snow in Colorado prompted the cancellation of hundreds of flights and the
closure of the Denver International Airport for more than 6 hours March 23 –
March 24. Schools and universities as well as interstates and highways were
also closed. Source: http://www.coloradoan.com/story/news/2016/03/23/snow-delays-start-psd-school-i25-north-closed/82141896/
• A wildfire burned more than 400,000 acres in Kansas and Oklahoma
March 24 and prompted the closure of U.S. 160 in Barber County for several
hours March 23. – KAKE 10 Wichita
18. March 24,
KAKE 10 Wichita – (Kansas; Oklahoma) Wildfire burns more than 400,000 acres in
Kansas, Oklahoma. The governor of Kansas declared a state of emergency
March 24 due to a wildfire that burned more than 400,000 acres in Kansas and
Oklahoma and prompted the closure of U.S. 160 in Barber County for several
hours March 23. Medicine Lodge Hospital was evacuated while fire crews worked
to contain the blaze which continued to threaten 800 – 1,000 homes and
businesses. Source: http://www.kake.com/home/headlines/Mile-wide-grass-fire-in-Comanche-County-373205531.html
• Researchers reported that an advanced data-stealing universal
serial bus (USB) trojan dubbed, “USB Thief” was found in the wild and can
compromise a system by injecting itself into the execution chain of portable
versions of popular applications and disguising itself as a plugin or a Dynamic
Link Library (DLL) file. – SecurityWeek See item 21 below in
the Information Technology Sector
• An additional 48 bikers were indicted March 23 for allegedly
engaging in organized criminal activity following a May 2015 shootout between 2
rival motorcycle clubs at a restaurant in Waco, Texas, that killed 9 people. – CNN
25. March 24,
CNN – (Texas) 48 more bikers indicted in deadly shootout at Waco,
Texas, restaurant. The McLennan County Criminal District Attorney announced
March 23 that an additional 48 bikers were indicted for allegedly engaging in
organized criminal activity following a May 2015 shootout between 2 rival
motorcycle clubs at the Twin Peaks restaurant in Waco, Texas, that killed 9
people. The total number of indictments increased to more than 150 people.Source: http://www.cnn.com/2016/03/24/us/waco-more-bikers-indicted/
Financial Services Sector
6. March 24,
KTVU 2 Oakland – (California) Woman captures video of ‘Bearded Bandit’ arrest.
The FBI arrested a man dubbed the “Bearded Bandit” in Brentwood,
California, March 23, after he allegedly committed 15 bank robberies that
totaled $28,000 in theft from the San Francisco Bay Area. Source: http://www.ktvu.com/news/112910236-story
7. March 23,
Los Angeles Times – (California) ‘Bad Breath Bandit’ strikes again at northern
California bank, police say. Authorities are searching for a man dubbed the
“Bad Breath Bandit” who is suspected of robbing the El Dorado Savings Bank in
Georgetown, California, March 21 at gunpoint. Officials stated that the man is
tied to four other bank robberies in northern California in 2014. Source: http://www.latimes.com/local/lanow/la-me-ln-bad-breath-bandit-strikes-again-20160323-story.html
8. March 23,
Forum of Fargo-Moorhead – (North Dakota; Maryland) Valley City State
prof faces ID theft charges after police seize 200 credit cards. A Chinese
citizen working as an assistant professor at Valley City State University in
North Dakota and Johns Hopkins University in Maryland was arrested March 22
after authorities discovered over 200 credit and gift cards, computers,
electronic storage devices, and suspected counterfeit merchandise, among other
items, in the professor’s apartment and office. The investigation began after
authorities received anonymous photographs revealing the large number of credit
cards bearing different names in the suspect’s apartment. Source: http://www.inforum.com/news/3993426-valley-city-state-prof-faces-id-theft-charges-after-police-seize-200-credit-cards
9. March 23,
U.S. Department of Justice – (International) Miami businessman pleads
guilty to foreign bribery and fraud charges in connection with Venezuela bribery
scheme. The owner of multiple U.S.-based energy companies pleaded guilty
March 22 to foreign bribery and Federal fraud charges after he and a
co-conspirator participated in a scheme to illicitly secure energy contracts
from Venezuela’s state-owned energy company, Petroleos de Venezuela S.A.
(PDVSA) by paying bribes and other things of value to PDVSA officials in order
to win lucrative energy contracts, ensure spots on PDVSA approved vendor lists,
and be given payment priority ahead of other vendors from 2009 – 2015.
Officials stated that four other individuals pleaded guilty for their
participation in the scheme.
10. March 23,
Reuters – (New Jersey) FBI seeks help nabbing bank robber known as
‘Count Down Bandit’. The FBI is searching March 23 for a man dubbed the
“Count Down Bandit” who is suspected of committing at least seven robberies at
banks around northern New Jersey, with his most recent taking place March 8.
The suspect has reportedly targeted Hudson City bank branches. Source: http://www.reuters.com/article/us-new-jersey-bandit-idUSKCN0WP2PV
Information Technology Sector
21. March 23,
SecurityWeek – (International) Sophisticated USB trojan spotted in the wild.
Researchers from ESET reported that an advanced data-stealing universal
serial bus (USB) trojan dubbed, “USB Thief” was found in the wild and can
compromise a system by injecting itself into the execution chain of portable
versions of popular applications and disguising itself as a plugin or a Dynamic
Link Library (DLL) file. The threat is bound to a single USB drive and was
reported to have four executables and two configuration files that enable it to
avoid detection and prevent researchers from detecting, copying, and analyzing
the malware. Source: http://www.securityweek.com/sophisticated-usb-trojan-spotted-wild
22. March 24,
Help Net Security – (International) OS X zero day bug allows hackers to bypass
system integrity protection. A security researcher discovered a non-memory
corruption flaw in Apple Inc.,’s operating system (OS) X that could allow an
attacker to compromise OS X and iOS systems by executing arbitrary code on any
binary and escalating attackers’ privileges to root and/or bypass Apple’s
System Integrity Protection feature. Researchers stated the zero-day
vulnerability was not exploited by attackers, but the flaw could potentially be
used in highly targeted or State sponsored attacks. Source: https://www.helpnetsecurity.com/2016/03/24/os-x-zero-day-bug-allows-hackers-bypass-system-integrity-protection/
23. March 24,
SecurityWeek – (International) Oracle reissues patch for two-year-old Java. Oracle
Corporation released updates for two of its Java SE products addressing a
sandbox escape flaw after researchers discovered the previously patched flaw
could be bypassed to allow a remote, unauthenticated attacker trick users into
visiting a malicious Web site. The new update successfully patches the flaw
within Java SE 8 Update 77 and Java SE 7 Update 99.
For additional stories, see
item 5 below from the Defense
Industrial Base Sector and 24 below in the Communications
Sector
5. March 23,
U.S. Department of Justice – (International) Chinese national pleads
guilty to conspiring to hack into U.S. defense contractors’ systems to steal
sensitive military information. The U.S. Department of Justice announced
that a Chinese national pleaded guilty March 23 to participating with two
others in China in a conspiracy to hack into computer networks of major U.S.
defense contractors in order to steal military technical data. The businessman
provided two co-conspirators with guidance regarding what persons, companies,
and technologies to target, as well as which files and folders to steal once
the individuals had successfully breached information technology systems. Source:
https://www.justice.gov/opa/pr/chinese-national-pleads-guilty-conspiring-hack-us-defense-contractors-systems-steal-sensitive
Communications Sector
24. March 24,
Help Net Security – (International) RCE flaw affects DVRs sold by over 70
different vendors. A security researcher from RSA Security discovered a
remote code execution (RCE) flaw in digital video recorders (DVRs) sold by more
than 70 different vendors and manufactured by a Chinese company, TVT Digital
Technology Co., Ltd., can allow an attacker to gain root access to the DVR as
the vulnerability resides within the implementation of the Hypertext Transfer
Protocol (HTTP) server included in the firmware. The implementation opens ports
81/82 of the device to the Internet, which is included in over 30,000 devices
internationally.