Complete DHS Report for April 1, 2016
Daily Report
Top Stories
• The Atlanta Police Department and the U.S. Secret Service are
investigating a half-million dollar credit card fraud operation after they
found 366 fraudulent credit cards, multiple credit card-making machines, and
$330,000 worth of computers in an Atlanta apartment March 30. – WSB 2
Atlanta
8. March 30,
WSB 2 Atlanta – (International) Police bust major credit card fraud
operation. Officials from the Atlanta Police Department and the U.S. Secret
Service are investigating a half-million dollar credit card fraud operation
after Atlanta police discovered approximately 366 fraudulent credit cards with
different numbers, multiple credit card-making machines, and $330,000 worth of
computers in an Atlanta apartment March 30. Officials stated the suspects
allegedly purchased computers at Best Buy with the fraudulent credit cards and
sold the devices internationally, and that they committed fraud using aliases
at banks in the U.S., Germany, Denmark, and the Bank of China. Source: http://www.wsbtv.com/news/local/atlanta/police-bust-major-credit-card-fraud-operation/188069241
• Cisco released software updates fixing a high severity
vulnerability that could allow a remote, unauthenticated attacker to bypass
malicious file detection and block security features. – SecurityWeek See item 19 below in
the Information Technology Sector
• PayPal Holdings, Inc., patched a flaw in one of its automatic
emailing application after a security researcher found that attackers could add
malicious code to an account’s username which were embedded in emails sent to
other recipients. – Softpedia See item 22 below
in the Information Technology Sector
• The Norfolk Admirals Vice President reported that its Admirals
system Web site was breached and that 250 users’ information was leaked March
30 after a customer was alerted by an identity theft company of potential
theft. – WAVY 10 Portsmouth
27. March 30,
WAVY 10 Portsmouth – (Virginia) Norfolk admirals confirm data breach exposing
customers’ information. The Norfolk Admirals Vice President reported that
its Admirals system Web site was breached and that 250 users’ information was
leaked March 30 after a customer was alerted by an identity theft company of
potential theft. The company stated the breach did not include sensitive credit
card or bank account information. Source: http://wavy.com/2016/03/30/norfolk-admirals-confirm-data-breach-exposing-customers-information/
Financial Services Sector
8. March 30,
WSB 2 Atlanta – (International) Police bust major credit card fraud
operation. Officials from the Atlanta Police Department and the U.S. Secret
Service are investigating a half-million dollar credit card fraud operation
after Atlanta police discovered approximately 366 fraudulent credit cards with
different numbers, multiple credit card-making machines, and $330,000 worth of
computers in an Atlanta apartment March 30. Officials stated the suspects
allegedly purchased computers at Best Buy with the fraudulent credit cards and
sold the devices internationally, and that they committed fraud using aliases at
banks in the U.S., Germany, Denmark, and the Bank of China. Source: http://www.wsbtv.com/news/local/atlanta/police-bust-major-credit-card-fraud-operation/188069241
9. March 30,
U.S. Department of Justice – (California) California wholesale
executive pleads guilty for role in $9 million bank fraud scheme. The
former vice president of Eastern Tools and Equipment, Inc., in Ontario,
California, pleaded guilty March 30 to Federal charges after he and
co-conspirators defrauded East West Bank in Pasadena of $9 million from 2007 –
2012 by making material misrepresentations to the bank about the company’s
accounts receivable and financial statements, creating shell corporations to
act as suppliers and retailers doing business with Eastern Tools, and
defaulting on the promissory note issued by the bank. Officials stated that the
executive and his co-conspirators prolonged the scheme by opening post office
boxes, phone accounts, and email accounts claiming to be associated with the
shell retail companies in order to make them appear as independent entities to
East West Bank. Source: https://www.justice.gov/opa/pr/california-wholesale-executive-pleads-guilty-role-9-million-bank-fraud-scheme
Information Technology Sector
19. March 31,
SecurityWeek – (International) Malware detection bypass vulnerability found
in Cisco firepower. Cisco released software updates fixing a high severity
vulnerability after a researcher found that the flaw was caused by improper
input validation of fields in Hypertext Transfer Protocol (HTTP) that could
allow a remote, unauthenticated attacker to bypass malicious file detection and
block security features by crafting an HTTP request and sending it to the
victims’ system. Source: http://www.securityweek.com/malware-detection-bypass-vulnerability-found-cisco-firepower
20. March 31,
The Register – (International) Patch out for ‘ridiculous’ Trend Micro
command execution vuln. Trend Micro released a patch that fixed a command
execution vulnerability for systems running its Maximum Security, Premium
Security or Password Management software after a security researcher from
Google’s Project Zero found a remote debugging server was running on customers’
machines. Officials stated the patch was not fully complete, but will fix most
critical issues with the software. Source: http://www.theregister.co.uk/2016/03/31/trend_micro_patches_command_execution_flaw/
21. March 31,
Softpedia – (International) XSS and CSRF bugs in Steam Dev panel let
anyone be a Valve admin. A researcher from the United Kingdom discovered a
cross-site scripting (XSS) vulnerability and a cross-site request forgery
(CSRF) vulnerability affecting SteamDepot, Steam’s internal system for storing
game content, after finding that a malicious JavaScript code could be added in
the description field to steal users’ Steam cookies, among other actions. Source:
http://news.softpedia.com/news/xss-and-csrf-bugs-in-steam-dev-panel-lets-anyone-be-a-valve-admin-502394.shtml
22. March 30,
Softpedia – (International) Security bug allowed attackers to send
malicious emails via PayPal’s servers. PayPal Holdings, Inc., patched a
flaw in one of its automatic emailing application after a security researcher
from Vulnerability Lab found that attackers could add malicious code to an
account’s username which were embedded in the emails sent to other recipients.
The flaw could allow an attacker to execute session hijacking and redirection
to external sources, and trick users into clicking a malicious link that
prompts victims to enter their PayPal credentials. Source: http://news.softpedia.com/news/security-bug-allowed-attackers-to-send-malicious-emails-via-paypal-s-servers-502381.shtml
Communications Sector
23. March 30,
SecurityWeek – (International) New Remaiten malware builds botnet of
Linux-based routers. Security researchers from ESET discovered a new piece
of malware dubbed, Remaiten (Linux/Remaiten) has been targeting routers and
other embedded Internet of Things (IoT) devices to make the devices part of a
botnet controlled by hackers. Researchers found that there were three versions
of the malware and each contain several capabilities to infect a device. Source: http://www.securityweek.com/new-remaiten-malware-builds-botnet-linux-based-routers