Friday, April 1, 2016



Complete DHS Report for April 1, 2016

Daily Report                                            

Top Stories

• The Atlanta Police Department and the U.S. Secret Service are investigating a half-million dollar credit card fraud operation after they found 366 fraudulent credit cards, multiple credit card-making machines, and $330,000 worth of computers in an Atlanta apartment March 30. – WSB 2 Atlanta

8. March 30, WSB 2 Atlanta – (International) Police bust major credit card fraud operation. Officials from the Atlanta Police Department and the U.S. Secret Service are investigating a half-million dollar credit card fraud operation after Atlanta police discovered approximately 366 fraudulent credit cards with different numbers, multiple credit card-making machines, and $330,000 worth of computers in an Atlanta apartment March 30. Officials stated the suspects allegedly purchased computers at Best Buy with the fraudulent credit cards and sold the devices internationally, and that they committed fraud using aliases at banks in the U.S., Germany, Denmark, and the Bank of China. Source: http://www.wsbtv.com/news/local/atlanta/police-bust-major-credit-card-fraud-operation/188069241

• Cisco released software updates fixing a high severity vulnerability that could allow a remote, unauthenticated attacker to bypass malicious file detection and block security features. – SecurityWeek See item 19 below in the Information Technology Sector

• PayPal Holdings, Inc., patched a flaw in one of its automatic emailing application after a security researcher found that attackers could add malicious code to an account’s username which were embedded in emails sent to other recipients. – Softpedia See item 22 below in the Information Technology Sector

• The Norfolk Admirals Vice President reported that its Admirals system Web site was breached and that 250 users’ information was leaked March 30 after a customer was alerted by an identity theft company of potential theft. – WAVY 10 Portsmouth

27. March 30, WAVY 10 Portsmouth – (Virginia) Norfolk admirals confirm data breach exposing customers’ information. The Norfolk Admirals Vice President reported that its Admirals system Web site was breached and that 250 users’ information was leaked March 30 after a customer was alerted by an identity theft company of potential theft. The company stated the breach did not include sensitive credit card or bank account information. Source: http://wavy.com/2016/03/30/norfolk-admirals-confirm-data-breach-exposing-customers-information/

Financial Services Sector

8. March 30, WSB 2 Atlanta – (International) Police bust major credit card fraud operation. Officials from the Atlanta Police Department and the U.S. Secret Service are investigating a half-million dollar credit card fraud operation after Atlanta police discovered approximately 366 fraudulent credit cards with different numbers, multiple credit card-making machines, and $330,000 worth of computers in an Atlanta apartment March 30. Officials stated the suspects allegedly purchased computers at Best Buy with the fraudulent credit cards and sold the devices internationally, and that they committed fraud using aliases at banks in the U.S., Germany, Denmark, and the Bank of China. Source: http://www.wsbtv.com/news/local/atlanta/police-bust-major-credit-card-fraud-operation/188069241

9. March 30, U.S. Department of Justice – (California) California wholesale executive pleads guilty for role in $9 million bank fraud scheme. The former vice president of Eastern Tools and Equipment, Inc., in Ontario, California, pleaded guilty March 30 to Federal charges after he and co-conspirators defrauded East West Bank in Pasadena of $9 million from 2007 – 2012 by making material misrepresentations to the bank about the company’s accounts receivable and financial statements, creating shell corporations to act as suppliers and retailers doing business with Eastern Tools, and defaulting on the promissory note issued by the bank. Officials stated that the executive and his co-conspirators prolonged the scheme by opening post office boxes, phone accounts, and email accounts claiming to be associated with the shell retail companies in order to make them appear as independent entities to East West Bank. Source: https://www.justice.gov/opa/pr/california-wholesale-executive-pleads-guilty-role-9-million-bank-fraud-scheme

Information Technology Sector

19. March 31, SecurityWeek – (International) Malware detection bypass vulnerability found in Cisco firepower. Cisco released software updates fixing a high severity vulnerability after a researcher found that the flaw was caused by improper input validation of fields in Hypertext Transfer Protocol (HTTP) that could allow a remote, unauthenticated attacker to bypass malicious file detection and block security features by crafting an HTTP request and sending it to the victims’ system. Source: http://www.securityweek.com/malware-detection-bypass-vulnerability-found-cisco-firepower

20. March 31, The Register – (International) Patch out for ‘ridiculous’ Trend Micro command execution vuln. Trend Micro released a patch that fixed a command execution vulnerability for systems running its Maximum Security, Premium Security or Password Management software after a security researcher from Google’s Project Zero found a remote debugging server was running on customers’ machines. Officials stated the patch was not fully complete, but will fix most critical issues with the software. Source: http://www.theregister.co.uk/2016/03/31/trend_micro_patches_command_execution_flaw/

21. March 31, Softpedia – (International) XSS and CSRF bugs in Steam Dev panel let anyone be a Valve admin. A researcher from the United Kingdom discovered a cross-site scripting (XSS) vulnerability and a cross-site request forgery (CSRF) vulnerability affecting SteamDepot, Steam’s internal system for storing game content, after finding that a malicious JavaScript code could be added in the description field to steal users’ Steam cookies, among other actions. Source: http://news.softpedia.com/news/xss-and-csrf-bugs-in-steam-dev-panel-lets-anyone-be-a-valve-admin-502394.shtml

22. March 30, Softpedia – (International) Security bug allowed attackers to send malicious emails via PayPal’s servers. PayPal Holdings, Inc., patched a flaw in one of its automatic emailing application after a security researcher from Vulnerability Lab found that attackers could add malicious code to an account’s username which were embedded in the emails sent to other recipients. The flaw could allow an attacker to execute session hijacking and redirection to external sources, and trick users into clicking a malicious link that prompts victims to enter their PayPal credentials. Source: http://news.softpedia.com/news/security-bug-allowed-attackers-to-send-malicious-emails-via-paypal-s-servers-502381.shtml

Communications Sector

23. March 30, SecurityWeek – (International) New Remaiten malware builds botnet of Linux-based routers. Security researchers from ESET discovered a new piece of malware dubbed, Remaiten (Linux/Remaiten) has been targeting routers and other embedded Internet of Things (IoT) devices to make the devices part of a botnet controlled by hackers. Researchers found that there were three versions of the malware and each contain several capabilities to infect a device. Source: http://www.securityweek.com/new-remaiten-malware-builds-botnet-linux-based-routers