Thursday, August 22, 2013



  
Complete DHS Daily Report for August 22, 2013

Daily Report

Top Stories

 • Two Canadian nationals were arrested in Thailand and face extradition to the U.S. for allegedly being part of a more than $140 million penny stock fraud scheme that defrauded investors in several countries. – Associated Press See item 3 below in the Banking and Finance Sector

 • Police arrested a gunman armed with an AK-47 and several other weapons August 20 afterhe barricaded himself with employees inside the front office of the Ronald E. McNair Discovery Learning Academy in Atlanta, Georgia, and exchanged gunfire with officers before surrendering. – CNN

21. August 21, CNN – (Georgia) Police: Gunman wielded AK-47 inside Georgia school; no one injured. Police arrested a gunman armed with an AK-47 and several other weapons after a gunfire exchange at the Ronald E. McNair Discovery Learning Academy in Atlanta. The shooter entered the school August 20 and barricaded himself inside the school’s front office with employees before exchanging gunfire with officers and eventually surrendering. Source: http://www.cnn.com/2013/08/20/us/georgia-school-gunshots/index.html?hpt=hp_t2

 • Officials are investigating an August 20 explosion and fire that injured 8 people at the Naval Weapons Station Earle in New Jersey. – Reuters

26. August 20, Reuters – (New Jersey) Explosion rocks naval base in New Jersey. Officials are investigating an August 20 explosion and fire that injured 8 people at Naval Weapons Station Earle, located near Colts Neck Township. The explosion occurred during routine maintenance on a utility boat and the damage was contained to the boathouse area and the vessel. Source: http://www.reuters.com/article/2013/08/20/us-usa-explosion-newjersey-idUSBRE97J0KI20130820

 • Researchers at FireEye spotted the Poison Ivy remote access trojan (RAT) being used in three ongoing campaigns run by Chinese hackers which target financial research firms, higher education, health care, technology companies, the U.S. defense industry and international government agencies. – Threatpost See item 35 below in the Information Technology Sector

Details

Banking and Finance Sector

3. August 21, Associated Press – (International) Thai cops arrest duo over 'one of the largest international penny stock frauds' ever. Two Canadian nationals were arrested in Thailand and face extradition to the U.S. for allegedly being part of a more than $140 million penny stock fraud scheme that defrauded investors in several countries. Source: http://worldnews.nbcnews.com/_news/2013/08/21/20117212-thai-cops-arrest-duo-over-one-of-the-largest-international-penny-stock-frauds-ever

4. August 20, Associated Press – (Florida; New York) 3 FL men arraigned in NYC investment scheme. Three Florida men accused of running a precious metals investment fraud scheme were indicted in New York City on charges of fraudulently obtaining about $8 million from 150 investors by pretending to be Wall Street brokers. Source: http://www.newsobserver.com/2013/08/20/3123001/3-fl-men-arraigned-in-nyc-investment.html

For additional stories, see items 33, 35 below in the Information Technology Sector

Information Technology Sector

33. August 21, Softpedia – (International) League of Legends hacked, North American players required to change passwords. League of Legends publisher Riot Games advised North American players to change their passwords after some of the company's North American account information was compromised. The compromised information included names, usernames, emails, salted password hashes, and about 120,000 transaction records that contained hashed and salted credit card numbers. Source: http://news.softpedia.com/news/League-of-Legends-Hacked-North-American-Players-Required-to-Change-Passwords-377023.shtml

34. August 21, Softpedia – (International) Chinese ransomware changes Windows login password. Symantec researchers analyzed a Chinese ransomware known as Trojan.Ransomlock.AF that infects a computer and then changes the Windows login name and password in an attempt to extort money from victims. Source: http://news.softpedia.com/news/Chinese-Ransomware-Changes-Windows-Login-Password-377140.shtml

35. August 21, Threatpost – (International) Poison Ivy RAT spotted in three new attacks. Researchers at FireEye spotted the Poison Ivy remote access trojan (RAT) being used in three ongoing campaigns run by Chinese hackers. The admin@388 campaign targets financial research firms, the th3bug campaign targets higher education, health care, and technology companies, while the menuPass campaign targets the defense industry and international government agencies. Source: http://threatpost.com/poison-ivy-rat-spotted-in-three-new-attacks/102022

36. August 20, Softpedia – (International) Fake web browser updates hide Sirefef/Shylock malware. ThreatTrack Security researchers warned users of a Web site that attempts to trick users into installing Sirefef or Shylock malware by offering a browser update for Internet Explorer, Firefox, and Chrome. Source: http://news.softpedia.com/news/Fake-Web-Browser-Updates-Hide-Sirefef-Shylock-Malware-376803.shtml

37. August 20, Threatpost – (International) Adware spotted spreading via Google App Engine sites. Researchers at Barracuda Labs identified two sites pushing the Solimba adware disguised as Java or media player updates via Google's App Engine domains. Source: http://threatpost.com/adware-spotted-spreading-via-google-app-engine-sites/102041

38. August 20, Threatpost – (International) Google Chrome 29 fixes 25 vulnerabilities. Google released the newest version of its Chrome browser, closing 25 security vulnerabilities and updating other functions. Source: http://threatpost.com/google-chrome-29-fixes-25-vulnerabilities/102038

Communications Sector

Nothing to report