Complete DHS Report for June 2, 2016
Daily Report
Top Stories
• The U.S. Securities and Exchange Commission charged May 31
Nashville-based Hope Advisers Inc., and its owner for allegedly scheming to
collect extra monthly fees from a pair of hedge funds they managed, earning
millions of dollars in fraudulent fees. – U.S. Securities and Exchange
Commission See item 5 below in
the Financial Services Sector
• General Mills, Inc., issued a precautionary recall May 31 for
its Gold Medal flour, Gold Medal Wondra flour, and Signature Kitchens flour
products following an E.coli outbreak that has sickened 38 people across 20
States. – U.S. Food and Drug Administration
10. May 31,
U.S. Food and Drug Administration – (National) Gold Medal, Gold
Medal Wondra, and Signature Kitchens flour recalled due to possible E. coli
O121 contamination. General Mills, Inc., issued a voluntary recall out of
an abundance of caution May 31 for its Gold Medal flour, Gold Medal Wondra
flour, and Signature Kitchens flour products sold at 8 supermarket chains after
an E.coli O121 outbreak that has sickened 38 people across 20 States was
potentially linked to the flour products. Officials stated raw products made
with flour should not be consumed and urged consumers to throw away any flour
products affected by the recall. Source: http://www.fda.gov/Safety/Recalls/ucm504235.htm
• The administrator of the Surgery Centers of Southern Nevada and
other entities pleaded guilty May 31 to embezzling $1.3 million from physicians
who invested in two Las Vegas clinics. – Las Vegas Review-Journal
14. May 31,
Las Vegas Review-Journal – (Nevada) Las Vegas clinic operator pleads
guilty to embezzling $1.3 million. The administrator of the Surgery Centers
of Southern Nevada and other entities pleaded guilty May 31 to embezzling $1.3
million from physicians who invested in the two Las Vegas clinics. The
administrator used the funds for personal use instead of making vendor
payments. Source: http://www.reviewjournal.com/crime/las-vegas-clinic-operator-pleads-guilty-embezzling-13-million
• A hacker named BuggiCorp was discovered selling a zero-day
vulnerability affecting over 1.5 billion users and all versions of Window
operating systems. – Softpedia See item 22 below in
the Information Technology Sector
Financial Services Sector
5. May 31,
U.S. Securities and Exchange Commission – (Tennessee) SEC: Nashville
firm schemed to collect extra fees from hedge funds. The U.S. Securities
and Exchange Commission announced May 31 charges against Nashville-based Hope
Advisers Inc., and its owner for allegedly scheming to collect extra monthly
fees from two hedge funds managed by the firm, Hope Investments LLC and HDB
Investments LLC, by orchestrating certain trades that enabled the funds to
experience large gains at the end of one month, guaranteeing significant losses
at the beginning of the next month in order to delay the realization of trading
losses and continue earning large incentive fees. Officials stated that the
scheme allowed Hope Advisers to avoid the realization of over $50 million in
losses in the hedge funds and earn millions of dollars in fraudulent fees.
Information Technology Sector
20. June 1,
SecurityWeek – (International) Update tools preinstalled on PCs expose users
to attacks. Security researchers from Duo Security conducted an analysis on
software updates and support tools shipped by major personal computers (PCs)
makers including Acer, Asus, HP, Dell, and Lenovo, and discovered that each of
the tested updater tools were plagued with a least one flaw that could be
easily exploited for remote code execution (RCE) with SYSTEM permissions, which
can lead to a complete compromise of the vulnerable device.
21. June 1,
SecurityWeek – (International) ZCryptor ransomware spreads via removable
drives. Security researchers from Microsoft and TrendMicro reported that
the ransomware dubbed, Ransom: Win32/ZCryptor.A was targeting Windows XP 64-bit
computers and Windows 7 and Windows 8 versions to encrypt files and demand
monetary funds by dropping a autorun.inf file on removable drives, which allows
the ransomware to infect a computer once the removable drives are connected. In
addition, the ransomware leverages network drives to self-propagate from a
compromised system.
22. May 31,
Softpedia – (International) Windows zero-day affecting all OS versions on
sale for $90,000. A hacker under the name, BuggiCorp was discovered selling
a zero-day vulnerability affecting over 1.5 billion users and all versions of
Window operating systems (OS) after security firm Trustawave found the attacker
could escalate the privileges
of an application in Windows 10 with the May 2016 security patch installed, and
bypass all security features including Microsoft’s newest version of the
Enhanced Mitigation Experience Toolkit (EMET) toolkit. Source: http://news.softpedia.com/news/windows-zero-day-affecting-all-os-versions-on-sale-for-90-000-504716.shtml
23. May 31,
Softpedia – (International) DDoS attack via TFTP protocol become a
reality after research goes public. Security researchers from Akami
Security Incident Response Team (SIRT) reported that it has detected at least
ten distributed denial-of-service (DDoS) attacks since April 20 after attackers
employed Trivial File Transfer Protocol (TFTP) servers as part of a
multi-vector DDoS attack by mixing different DDoS-vulnerable protocols together
to confuse a victim’s Information Technology (IT) department. In addition,
researchers found a weaponized version of the TFTP attack script circulating
online following The Edinburgh Napier University study which detailed how to
carry out reflection DDoS attacks via TFTP servers. Source: http://news.softpedia.com/news/ddos-attacks-via-tftp-protocol-become-a-reality-after-research-goes-public-504713.shtml
24. May 31,
SecurityWeek – (International) ICS system with public exploits cannot be
patched. The Industrial Control Systems Cyber Emergency Response Team
(ICS-CERT) released a security advisory for customers using the Environmental
Controls System (ECS) 8832 version 3.02 and earlier version after a security
researcher discovered the product had two vulnerabilities, which cannot be
patched, including an authentication bypass flaw and a privilege escalation
flaw that could allow an attacker to perform unauthenticated operations over
the network. The ECS product is used in the energy industry to provide
operators with an interface to control calibration functions.
Communications Sector
Nothing to report