Monday, April 11, 2016



Complete DHS Report for April 11, 2016

Daily Report                                            

Top Stories

TransCanada Corporation reported April 8 that an estimated 16,800 gallons of oil leaked into a field in South Dakota as part of an April 2 spill that prompted the shutdown of the Keystone pipeline until the week of April 11. – Associated Press

1. April 8, Associated Press – (South Dakota) 16,800 gallons of oil leaked in South Dakota, shuts down Keystone pipeline. TransCanada Corporation reported April 8 that an estimated 16,800 gallons of oil leaked into a field in South Dakota as part of an April 2 spill that prompted the shutdown of the Keystone pipeline until the week of April 11. The company stated that the leak is being controlled and that the estimated spill amount is based on the excavation of soil to expose more than 100 feet of pipe. Source: http://www.wpsdlocal6.com/story/31674324/16800-gallons-of-oil-leaked-in-south-dakota-shuts-down-keystone-pipeline

Officials announced April 5 charges against a Miami couple for allegedly running a $2 million credit card fraud and identity theft scheme where the duo and co-conspirators stole personal information from over 40 victims to open credit cards. – ABC News  

9. April 7, ABC News – (National) Miami couple charged with $2 million identity theft fraud, authorities say. The Manhattan District Attorney’s office announced April 5 charges against a Miami couple for allegedly running a $2 million credit card fraud and identity theft scheme where the duo and co-conspirators stole personal information from over 40 victims to open credit cards, which they had shipped to locations all over the U.S. Authorities found dozens of credit cards under different names, forged identification and licenses, and a credit card encoder, among other illicit materials at multiple Miami addresses associated with the couple. Source: http://abcnews.go.com/US/miami-couple-charged-million-identity-theft-fraud-authorities/story?id=38222486

Uber Technologies Inc., agreed to pay $10 million April 7 to settle allegations by California prosecutors that the company misled its customers about the quality of their driver’s background checks after it was discovered that Uber’s background checks did not include fingerprint checks for past criminal convictions. – Associated Press

11. April 7, Associated Press – (California) Uber settles driver background-check case for at least $10M. Uber Technologies Inc., agreed to pay $10 million April 7 to settle allegations by California prosecutors that the company misled its customers about the quality of their driver’s background checks after allegations of assaulted and killed passengers revealed that Uber’s background checks were substandard to taxi drivers’ background checks as they did not include fingerprint checks for past criminal convictions. As part of the agreement, Uber agreed to operate its lower-cost UberX service only at airports where permission has been preapproved and will not charge customers an airport fee unless the monetary funds are allocated to the airport. Source: http://www.foxnews.com/us/2016/04/07/uber-settles-driver-background-check-case-for-at-least-10m.html

Adobe released an update for its Flash Player products that patched a zero-day vulnerability after a security researcher discovered attackers were delivering various threats via the Magnitude exploit kit (EK). – SecurityWeek See item 24 below in the Information Technology Sector

Financial Services Sector

6. April 8, KTVU 2 Oakland – (California) Vacaville police seize 170 fake credit cards in ID theft bust. A San Francisco resident was arrested April 4 after police found 170 fraudulent cards under 7 different names, $600 in cash, and several drivers’ licenses in the suspect’s possession when he was apprehended for making more than $2,000 in fraudulent purchases at the Vacaville Premium Outlets. An investigation into the extent of the fraudulent activity is ongoing. Source: http://www.ktvu.com/news/118868225-story

7. April 8, Missoula Missoulian – (National) Florida man suspected of $200k in fraudulent purchases across U.S. arrested in Missoula. A Florida resident suspected of using counterfeit credit cards to make $200,000 worth of fraudulent purchases at stores in over 20 States was arrested in Missoula, Montana, April 4 after a loss prevention officer at the Sportsman’s Warehouse alerted police that the suspect was in the store. A search of the suspect reportedly revealed 13 credit cards and the investigation is ongoing. Source: http://missoulian.com/news/local/florida-man-suspected-of-k-in-fraudulent-purchases-across-u/article_bb8de29a-d392-5c94-843c-c812e6b5fc6e.html

8. April 7, Miami Herald – (International) 22 face charges in Miami drug money-laundering ring involving ‘El Chapo’ cartel. Miami-Dade authorities announced arrest warrants April 7 for 22 people who are suspected of laundering around $1 million in illegal drug profits each month through nearly a dozen Miami businesses prior to sending the money to Colombia. The arrests are part of “Operation Neymar,” a 2-year investigation run by DHS, Miami police, and Florida State prosecutors that probes into the black market peso exchange and monitors deals in 17 countries. Source: http://www.miamiherald.com/news/local/community/miami-dade/article70374777.html

9. April 7, ABC News – (National) Miami couple charged with $2 million identity theft fraud, authorities say. The Manhattan District Attorney’s office announced April 5 charges against a Miami couple for allegedly running a $2 million credit card fraud and identity theft scheme where the duo and co-conspirators stole personal information from over 40 victims to open credit cards, which they had shipped to locations all over the U.S. Authorities found dozens of credit cards under different names, forged identification and licenses, and a credit card encoder, among other illicit materials at multiple Miami addresses associated with the couple. Source: http://abcnews.go.com/US/miami-couple-charged-million-identity-theft-fraud-authorities/story?id=38222486

Information Technology Sector

22. April 7, Softpedia – (International) Security experts crack Dridex admin panel, recover victim data. Security researchers from buguroo reported that they were able to retrieve user data and analyze Dridex’s activity to mitigate future attacks after researchers found the Internet Protocol (IP) address of one of the Dridex admin panels, previously known as Subnet 220, hardcoded in the malicious JavaScript files. The Subnet 220 was running an older version of the Dridex backend that was previously discovered which allowed researchers to open Subnet 220’s admin panel and study its operations. Source: http://news.softpedia.com/news/security-experts-crack-dridex-admin-panel-recover-victim-data-502678.shtml

23. April 7, SecurityWeek – (International) Ubuntu patches several kernel vulnerabilities. Ubuntu released patches addressing several vulnerabilities in the Linux kernel and various Ubuntu 14 and 15 variants including a use-after-free flaw that can be exploited by a local attacker to crash a system and potentially execute arbitrary code, a timing side channel vulnerability that can be exploited by an attacker to disrupt the integrity of the system, and a denial-of-service (DoS) vulnerability that could allow an unauthenticated attacker to exhaust resources and force a DoS condition, among other flaws. Source: http://www.securityweek.com/ubuntu-patches-several-kernel-vulnerabilities

24. April 7, SecurityWeek – (International) Adobe patches flash zero-day exploited by Magnitude EK. Adobe released an update for its Flash Player products that patched a zero-day vulnerability, specifically a memory corruption flaw that can be exploited for remote code execution, after a security researcher from Proofpoint found changes in the Magnitude exploit kit (EK); and upon further investigation, discovered attackers were delivering various threats such as Cerber and Locky ransomware via the Magnitude EK. Source: http://www.securityweek.com/adobe-patches-flash-zero-day-exploited-magnitude-ek

25. April 7, Softpedia – (International) Authorities shut down botnet of 4,000 Linux servers used to send spam. ESET reported that a joint effort with CyS Centrum LLC and the Cyber Police of Ukraine helped shut down the six-year-old Mumblehard botnet after researchers pinpointed the location of the true command and control (C&C) server when Mumblehard operators began making changes to their malware’s code. Authorities seized the Internet Protocol (IT) of the server and transferred it to a security firm who is running a server that is cancelling all requests made by Mumblehard’s botnets. Source: http://news.softpedia.com/news/authorities-shut-down-botnet-of-4-000-linux-servers-used-to-send-spam-502690.shtml

Communications Sector

26. April 7, Alaska Dispatch News – (Alaska) Cable break in Anchorage causes widespread internet outage for GCI customers. General Communication Inc., (GCI) customers across Alaska experienced wireless Internet and cable service outages for more than 5 hours April 7 after a utility contractor cut through a large fiber-optic cable, damaging approximately 550 fiber optic cables under Tudor Road in Anchorage. Crews were working to temporarily install cables overhead across Tudor Road. Source: http://www.adn.com/article/20160407/cable-break-anchorage-causes-widespread-internet-outage-gci-customers