Thursday, May 12, 2016



Complete DHS Report for May 12, 2016

Daily Report                                            

Top Stories

• The owner of a broker-dealer and investment management firm based in Panama and Belize pleaded guilty May 9 to running a $250 million pump-and-dump scheme where he and co-conspirators convinced U.S. investors to buy stock in over 40 thinly-traded public companies by falsely inflating the share values. – USA Today See item 6 below in the Financial Services Sector

• American Commercial Lines, Inc., and its subsidiary paid $805,440 in civil penalties to resolve Clean Water Act violations after the company repeatedly discharged sewage and polluted wastewater into the Ohio River. – KFVS 12 Cape Girardeau

10. May 10, KFVS 12 Cape Girardeau – (Illinois) Barge operator pays more than $800K for dumping pollutants into Ohio River at Cairo, IL. American Commercial Lines, Inc., (ACL) and its subsidiary ACBL Transportation Services, LLC paid $805,440 in civil penalties to resolve Clean Water Act violations after the company repeatedly discharged sewage and polluted wastewater into the Ohio River from two office septic systems and a marine sanitation device from their barge cleaning facility in Cairo, Illinois. An investigation found that on 16 occasions the amount of fecal coliform in ACL’s discharges was at least 100 times higher than the permit limit, and on another occasion the total residual chlorine in the wastewater was more than 700 times the permit limit. Source: http://www.kfvs12.com/story/31937778/barge-operator-pays-more-than-800k-for-dumping-pollutants-into-ohio-river-at-cairo-il

• Dominion Virginia Power began a $35 million project May 9 to release more than 200 million gallons of treated wastewater into Quantico Creek from its ash ponds in Prince William County. – WTOP 103.5 FM Washington, D.C.

14. May 10, WTOP 103.5 FM Washington, D.C. – (Virginia; Washington, D.C.) Gallons of coal ash water being released into local creek. Dominion Virginia Power began a $35 million project May 9 to release more than 200 million gallons of treated wastewater into Quantico Creek from its ash ponds at Possum Point Power Station in Prince William County. The treated wastewater will eventually flow into the Potomac River. Source: http://wtop.com/prince-william-county/2016/05/gallons-of-coal-ash-water-being-released-into-local-creek/slide/1/

• Adobe issued 95 fixes for Acrobat, Reader, and ColdFusion addressing use-after-free vulnerabilities and several other flaws that could result in information disclosure or memory leak. – Threatpost See item 22 below in the Information Technology Sector

Financial Services Sector

6. May 9, USA Today – (International) Guilty plea in $250M pump-and-dump scheme. The owner of a broker-dealer and investment management firm based in Panama and Belize pleaded guilty May 9 to running a $250 million pump-and-dump scheme where he and co-conspirators convinced U.S. investors to buy stock in over 40 thinly-traded public companies by falsely touting and inflating the share values, and established shell companies to circumvent U.S. Internal Revenue Service (IRS) tax reporting requirements from 2010 – 2014. Officials stated that the broker and his co-conspirators dumped their shares at inflated rates and used corrupt law firms to launder the fraudulent proceeds.

7. May 9, Wall Street Journal – (New York) Prominent Manhattan landlord arrested. A Manhattan landlord was arrested and charged May 9 after he allegedly secured more than $45 million in fraudulent mortgage loans by inflating rental and other income from his Manhattan residential buildings, and submitting fraudulent mortgage documents to banks. The New York State Attorney General’s office also filed parallel civil charges against the landlord after he and his staff drove tenants from their rent-regulated apartments by creating dangerous and unlivable conditions, filing frivolous lawsuits, and offering buyouts. Source: http://www.wsj.com/articles/prominent-manhattan-landlord-arrested-on-criminal-charges-1462810021

For another story, see item 23 below from the Commercial Facilities Sector

23. May 11, Krebs on Security – (National) Wendy’s: breach affected 5% of restaurants. Wendy’s announced May 11 that it is investigating and working to identify the source of the malware and extent of the attack after malicious software was found on its point-of-sale (PoS) systems at less than 300 franchised stores nationwide. The malware was removed from all affected systems and the company believes that the intrusive software was installed through the use of compromised third-party vendor credentials. Source: http://krebsonsecurity.com/2016/05/wendys-breach-affected-5-of-restaurants/

Information Technology Sector

18. May 11, SecurityWeek – (International) Wi-Fi flaw exposes Android devices to attacks. Google and the developers of Wi-Fi Protected Access (WPA) supplicant patched a high severity privilege escalation flaw that is used in the Android operating system (OS) and several other products after SEARCH-LAB researchers determined that the vulnerability can be exploited to write arbitrary values in the wpa_supplicant configuration file, allowing an attacker to execute arbitrary code with elevated privileges or disrupt the device’s Wi-Fi functionality. The weakness is exploited through a Wi-Fi Protected Setup (WPS) attack or the wpa_supplicant control interface.

19. May 11, SecurityWeek – (International) Microsoft patches flaws exploited in targeted attacks. Microsoft released 16 security bulletins patching over 30 flaws exploited via Internet Explorer, Windows, and Office which address JavaScript and Visual Basic Scripting Edition (VBScript) zero-days, several remote code execution (RCE) vulnerabilities in Edge running on Windows 10, and a Transport Layer Security (TLS) vulnerability, among others.

20. May 10, SecurityWeek – (International) Syrian Electronic Army hacker extradited to U.S. A suspected member of the Syrian Electronic Army hacktivist group was extradited from Germany to the U.S. to face charges that he and two other alleged members took part in a criminal conspiracy related to their campaign which involved targeting and hacking into the systems of government organizations, media companies, and other private-sector entities. Source: http://www.securityweek.com/syrian-electronic-army-hacker-extradited-us

21. May 10, Network World – (International) DHS moves to bolster intrusion/detection for Federal networks. DHS released its Privacy Impact Assessment and announced the addition of a new intrusion prevention security service to its National Cybersecurity Protection System (NCPS) dubbed Einstein 3A which is a Web Content Filtering system that provides protection at the application layer for Web traffic by blocking access to suspicious sites, and works to prevent, detect, and block malware from running on systems and networks. Source: http://www.networkworld.com/article/3068419/security/dhs-moves-to-bolster-intrusion-detection-for-federal-networks.html

22. May 10, Threatpost – (International) Adobe warns of Flash zero day, patches Acrobat, Reader. Adobe issued 95 fixes for Acrobat, Reader, and ColdFusion addressing use-after-free vulnerabilities, memory corruption flaws that could lead to code execution, heap buffer overflow vulnerabilities, and several other flaws that could result in information disclosure or memory leak. A patch for a zero day vulnerability in Flash Player which could cause a crash and allow an attacker to take control of the system is expected to be released the week of May 9. Source: https://threatpost.com/adobe-warns-of-flash-zero-day-patches-acrobat-reader/117981/

Communications Sector

See item 18 above in the Information Technology Sector