Monday, May 2, 2016



Complete DHS Report for May 2, 2016

Daily Report                                            

Top Stories

• Officials announced charges April 28 against 25 Miami-area defendants in 3 separate cases for their alleged roles in various schemes to defraud Medicare of nearly $26 million in false claims through the Medicare D program. – U.S. Department of Justice

12. April 28, U.S. Department of Justice – (Florida) Twenty-five Miami-area defendants charged with submitting $26 million in false claims to the Medicare Part D program. The U.S. Department of Justice and Florida officials announced charges April 28 against 25 Miami-area defendants in 3 separate cases for their alleged participation in various schemes to defraud Medicare of nearly $26 million in false claims through the Medicare D program. The suspects reportedly submitted false claims for prescription drugs from at least eight Miami-Dade County area pharmacies that were not medically necessary and not provided to recruited Medicare beneficiaries.

• Security researchers reported that companies in all industries may be at risk after finding that developers were leaving sensitive credentials inside open-sourced code. – Softpedia See item 18 below in the Information Technology Sector

• Officials reported April 29 that the Balmoral cruise ship was docked at the Half Moone Cruise and Celebration Center in Norfolk, Virginia, and 7 guests remained in isolation for norovirus following reports that 153 passengers had vomiting and diarrhea symptoms April 27. – WTKR 3 Norfolk

23. April 29, WTKR 3 Norfolk – (Virginia) Cruise ship passengers in Norfolk isolated for norovirus. Officials reported April 29 that the Balmoral cruise ship, operated by Fred. Olsen Cruise Lines, was docked at the Half Moone Cruise and Celebration Center in Norfolk, Virginia, and 7 guests remained in isolation for norovirus following reports that 153 passengers had vomiting and diarrhea symptoms April 27. The ship’s crew increased cleaning and disinfecting procedures, collected stool samples from passengers, and sent the health and sanitation manager to assist with implementing sanitation and outbreak responses. Source: http://wtkr.com/2016/04/29/cruise-ship-in-norfolk-reportedly-quarantined-for-norovirus/

• The WBFF-TV news station building in Baltimore was evacuated for several hours April 28 after a man armed with a fake vest bomb threatened to blow up the building after being denied entry into the station’s lobby. – WBFF 45 Baltimore

24. April 28, WBFF 45 Baltimore – (Maryland) Man in animal costume shot after making bomb threat at Baltimore’s FOX45. The WBFF-TV news station building in Baltimore was evacuated for several hours April 28 after a man dressed in a panda “onesie” and armed with a fake vest bomb, allegedly threatened to blow up the building after being denied entry into the station’s lobby when he insisted the news station air a story saved on a flash drive. Police crews, a SWAT team, and a bomb squad apprehended the man after shooting the suspect when he was non-compliant with officers. Source: http://foxbaltimore.com/news/local/fox45-evacuated-after-reported-threat-vehicle-fire

Financial Services Sector

See item 18 below in the Information Technology Sector

Information Technology Sector

18. April 28, Softpedia – (International) Slack API credentials left in GitHub repos open new door for corporate hacking. Security researchers from Detectify Labs reported that companies in all industries may be at risk after finding that developers were leaving sensitive credentials inside open-sourced code following a scan on GitHub projects which revealed over 1,500 Slack access tokens were available online. The access tokens could allow attackers to access application program interfaces (APIs) and harvest user data, view Slack channel conversations, group information, private messages, and automate the use of Slack’s search feature. Source: http://news.softpedia.com/news/slack-api-credentials-left-in-github-repos-open-new-doors-for-corporate-hacking-503527.shtml

19. April 28, Softpedia – (International) Google and Mozilla address security issues in Chrome 50 and Firefox 46. Google released its newest web browser, Chrome 50.0.2661.94 which patched nine security flaws including two use-after-free vulnerabilities, one vulnerability in the Blink engine’s V8 bindings, and one vulnerability in the browser’s extensions component, among other patched flaws.

20. April 28, Softpedia – (International) Microsoft patches Office 365 platform against SAML exploit. Microsoft released a temporary patch for its Security Assertion Markup Language (SAML) Service Provider implementation used for its Office 365 platform after two security researchers found the product had an authentication bypass vulnerability that allowed attackers to authenticate themselves on a service and access user’s data on all shared domains. Microsoft was working to release a permanent patch. Source: http://news.softpedia.com/news/microsoft-patches-entire-office-365-platform-against-saml-exploit-503517.shtml

21. April 28, SecurityWeek – (International) OpenSSL to patch high severity vulnerabilities. The OpenSSL Project reported that it will release OpenSSL versions 1.0.2h and 1.0.1t May 3 to patch several flaws affecting the crypto library as well as flaws rated as high-severity vulnerabilities.

22. April 28, Agence France-Presse – (International) Pentagon working to ‘take out’ Islamic State’s internet. Pentagon officials reported April 28 that the U.S. military’s Cyber Command (CYBERCOM) was working to destroy the Islamic State’s Internet connection and leave the terrorist group in virtual isolation by interrupting the Islamic State’s command and control (C&C), interrupting the group’s ability to move funds, and interrupting the group’s ability to recruit externally, among other actions. The task will be the command’s first major combat operation in relation to the Islamic State threat.

Communications Sector

See item 18 above in the Information Technology Sector