Friday, November 8, 2013 #2



Complete DHS Daily Report for November 8, 2013

Daily Report

Top Stories

 Two men pleaded guilty to using skimming devices on ATMs in New York, New Jersey, and Connecticut, charged as part of an investigation into $5 million in bank fraud. – NJToday.net See item 6 below in the Financial Services Sector

 The Food and Drug Administration announced a ban on trans fats and will gradually require the food industry to phase out the use of the artery-clogging artificial fat. – Associated Press

13. November 7, Associated Press – (National) FDA to ban artery-clogging trans fats. The Food and Drug Administration announced November 7 it will require the food industry to gradually phase out the use of artificial trans fats, citing that the ban could prevent 20,000 heart attacks and 7,000 deaths each year. Source: http://news.yahoo.com/fda-ban-artery-clogging-trans-141214164.html

 A U.S. Embassy official in Vietnam pleaded guilty to visa fraud and taking more than $3 million in bribes for approving nearly 500 visitor visas to the U.S. – ABC News

25. November 6, ABC News – (International) Embassy officer admits taking $3M in bribes for visas. An official with the U.S. Embassy in Vietnam pleaded guilty November 6 to committing bribery and visa fraud by approving nearly 500 visitor visas to the U.S. in exchange for more than $3 million in bribes. The official along with five others from the U.S. and Vietnam generated at least $9,780,000 from the scheme. Source: http://abcnews.go.com/Blotter/embassy-officer-admits-taking-3m-bribes-visas/story?id=20807987&singlePage=true

 Two gunmen were involved in a barber shop shooting in Detroit that left 3 people dead and 8 others wounded. – Reuters

37. November 7, Reuters – (Michigan) Detroit barber shop shooting leaves 3 dead, 8 wounded. Detroit police are searching for at least two gunmen involved in a barber shop shooting November 6 that left 3 people dead and 8 others wounded. Source: http://www.chicagotribune.com/news/chi-detroit-barber-shop-shooting-20131107,0,4929104.story

Details

Financial Services Sector

6. November 6, NJToday.net – (New York; New Jersey; Connecticut) N.Y. men plead guilty to ATM skimming scheme targeting NJ bank customers. Two Romanian nationals living in New York City pleaded guilty to using skimming devices on Citibank ATMs in New York, New Jersey, and Connecticut and stealing $985,000. Charges against the two individuals were brought as part of a larger investigation into $5 million in fraud schemes in the area. Source: http://njtoday.net/2013/11/06/n-y-men-plead-guilty-to-atm-skimming-scheme-targeting-nj-bank-customers/

7. November 6, WOWK 13 Huntington – (West Virginia) Men plead guilty in $1 million fire insurance fraud scheme in Logan County, WV. Two men pleaded guilty November 6 for their involvement in an insurance fraud and arson scheme in Logan, West Virginia, that involved taking out inflated insurance on an office building, setting fire to it, and collecting $1 million in insurance money. Source: http://www.wowktv.com/story/23895378/men-plead

For additional stories, see items 33, and 35 below in the Information Technology Sector

Information Technology Sector

30. November 7, The Register – (International) KitKat swats yet another Android ‘MasterKey’ bug. The newest Android version 4.4 (KitKat) contains a fix for a vulnerability similar to the ‘Master Key’ vulnerability that could allow attackers to manipulate the filename length in ZIP files’ metadata and alter an app. Source: http://www.theregister.co.uk/2013/11/07/third_android_master_key_vuln_squashed/

31. November 7, Softpedia – (International) Rapid7 researchers discover vulnerabilities in Supermicro IPMI firmware. Researchers at Rapid7 identified seven vulnerabilities in Supermicro’s Intelligent Platform Management Interface (IPMI) server firmware, including hardcoded private encryption keys that could be used in man-in-the-middle attacks. Source: http://news.softpedia.com/news/Rapid7-Researchers-Discover-Vulnerabilities-in-Supermicro-IPMI-Firmware-398010.shtml

32. November 7, V3.co.uk – (International) Microsoft Office, Windows Server and Lync exploits linked to Operation Hangover hackers. Researchers at FireEye found that recent targeted attacks utilizing zero day vulnerabilities in Microsoft Office, Lync, and Server products to the group behind the Operation Hangover attacks and a new group dubbed Arx. Source: http://www.v3.co.uk/v3-uk/news/2305540/microsoft-office-windows-server-and-lync-exploits-linked-to-operation-hangover-hackers

33. November 7, Softpedia – (International) Bitcoin wallet Inputs.io hacked, 4,100 BTC stolen. Inputs.io notified users that attackers breached the bitcoin wallet service and stole around $1.1 million in bitcoins during two attacks. The attackers were able to compromise email accounts, reset passwords, and bypass two-factor authentication by exploiting a server vulnerability. Source: http://news.softpedia.com/news/Bitcoin-Wallet-Inputs-io-Hacked-4-100-BTC-Stolen-397853.shtml

34. November 7, Help Net Security – (International) Cybercriminals opting for real-time malware campaigns and phishing. Commtouch released a report for the third quarter of 2013 and found that the time between news events and phishing attacks that exploited them averaged only 22 hours and that the number of phishing Web sites increased by almost 35 percent during the quarter, among other findings. Source: http://www.net-security.org/malware_news.php?id=2620

35. November 7, IDG News Service – (International) Silk Road online drug marketplace resurfaces. Underweb marketplace The Silk Road, reappeared about a month after its alleged owner and operator was arrested. The marketplace that allegedly offers illegal drugs, fraudulent documents, and other illicit goods and services claimed that 7,000 individuals had registered as of November 6. Source: http://www.computerworld.com/s/article/9243869/Silk_Road_online_drug_marketplace_resurfaces

Communications Sector

36. November 7, Bloomberg News – (International) AT&T to pay $3.5 million to resolve FCC call program claims. AT&T Inc. will pay $3.5 million in addition to $18.25 million it already paid in an agreement with the Federal Communications Commission to resolve violations of the federal False Claims Act related to allegations that the company overbilled the U.S. for a system for the deaf the company knew was used for fraudulent calls from other countries. Source: http://www.businessweek.com/news/2013-11-07/at-and-t-to-pay-3-dot-5-million-to-resolve-claims-in-fcc-call-program

Friday, November 8, 2013 #1

Notice:  The report below is based on the report released by DHS at 08:26AM 11/8/13 which has been superceded by another report released at 09:53AM 11/8/13 with the following message: "Please disregard the Gov Delivery that was sent at 8:26 this morning, as it contained the wrong Open Source Daily Infrastructure Report.  This report has been relabeled "Friday, November 8, 2013 #1"


A separate report based on the later report appears as "Friday, November 8, 2013 #2"



Complete DHS Daily Report for November 8, 2013

Daily Report

Top Stories

 • A massive raw sewage release of around 300,000 gallons spilled into the Spring Valley Creek in Kalamazoo due to a blockage in a sewer pipe. – WKZO 590 AM Kalamazoo

15. January 5, WKZO 590 AM Kalamazoo – (Michigan) Huge raw sewage spill on Kalamazoo’s east side triggers health concerns. A massive raw sewage release of around 300,000 gallons spilled into the Spring Valley Creek in Kalamazoo due to a blockage in a sewer pipe. This is the second major spill in the past 12 months; 600,000 gallons of sewage overflowed in spring 2012. Source: http://wkzo.com/news/articles/2013/jan/05/huge-raw-sewage-spill-on-kalamazoos-east-side-triggers-health-concerns/

 • A businessman from Atlanta was indicted for fraud, conspiracy, and other charges relating to losses of $23.8 million from the investments of a Pontiac, Michigan, and two Detroit pension funds. – Oakland Press

20. January 5, Oakland Press – (Michigan) Atlanta businessman accused of defrauding Pontiac, Detroit pension funds. A businessman from Atlanta was indicted for fraud, conspiracy, and other charges relating to losses of $23.8 million from the investments of a Pontiac, Michigan, and two Detroit pension funds. Source: http://www.theoaklandpress.com/articles/2013/01/05/news/local_news/doc50e89c763925b048600977.txt?viewmode=fullstory

 • Researchers have tied ‘Paunch’, the author of the Blackhole exploit kit, to the Cool Exploit Kit, and noted that Paunch has been updating both kits with newly-purchased, undisclosed exploits. – Krebs on Security See item 26 below in the Information Technology Sector

 • A flash mob at the Mall of Louisiana in Baton Rouge involving some 200 juveniles ended in a fight January 5 that closed the mall for the rest of the evening. – Baton Rouge Advocate

29. January 7, Baton Rouge Advocate – (Louisiana) Undeterred mall shoppers back day after teen brawl. A flash mob at the Mall of Louisiana in Baton Rouge involving some 200 juveniles and organized through social media Web sites ended in a fight January 5. Authorities arrested six juveniles from the group and closed the mall down for the rest of the evening. Source: http://theadvocate.com/news/4851684-123/undeterred-mall-shoppers-back-day

Details

Financial Services Sector

2. January 7, Softpedia – (International) Algerian hacker wanted in the US arrested by Thai police. An Algerian man wanted in the U.S. for allegedly hacking into over 200 bank and financial institution accounts was arrested by police in Thailand as he was attempting to travel from Malaysia to Egypt. He will be extradited to the State of Georgia, where an arrest warrant was filed. Source: http://news.softpedia.com/news/Algerian-Hacker-Wanted-in-the-US-Arrested-by-Thai-Police-319099.shtml

3. January 5, Elyria Chronicle-Telegram – (Ohio) Avon Lake man indicted in $11M scheme. A man from Avon Lake was indicted on charges that he allegedly received $11 million via fake businesses that he used to skim money from loans issued by St. Paul Croatian Federal Credit Union, leading to the credit union’s collapse. Source: http://chronicle.northcoastnow.com/2013/01/05/avon-lake-man-indicted-in-11m-scheme/

4. January 4, Associated Press – (Arizona) ‘Dynomite’ Bandit uses fake explosives to rob Arizona banks, FBI says. The FBI said that the “Dynomite Bandit” robbed one bank and attempted to rob two others in the Phoenix area using fake explosives. He was given the misspelled moniker due to his explosive devices being fakes. Source: http://www.huffingtonpost.com/2013/01/05/dynomite-bandit-bank-robbery-arizona_n_2415213.html

5. January 4, Ashbury Park Press – (New Jersey) Owner of Manalapan mortgage company admits $7.5M fraud. A co-owner of Hawthorne Capital, a Manalapan mortgage company, pleaded guilty to a Ponzi scheme that defrauded more than 40 individuals of $7.5 million. Source: http://www.app.com/article/20130104/NJNEWS14/301040093/Owner-of-Manalapan-mortgage-company-admits-7-5M-fraud

Information Technology Sector

26. January 7, Krebs on Security – (International) Crimeware author funds exploit buying spree. Researchers have tied ‘Paunch’, the author of the Blackhole exploit kit, to the Cool Exploit Kit, and noted that Paunch has been updating both kits with newly-purchased, undisclosed exploits. Source: http://krebsonsecurity.com/2013/01/crimeware-author-funds-exploit-buying-spree/

27. January 4, Threatpost – (International) Researchers bypass Microsoft Fix It for IE zero day. Exodus Intelligence researchers reported their discovery of a way to work around the temporary fix that Microsoft posted to address a zero day exploit in Internet Explorer (IE) used in recent watering hole attacks. Source: http://threatpost.com/en_us/blogs/researchers-bypass-microsoft-fix-it-ie-zero-day-010413

Communications Sector

28. January 6, Dearborn Patch – (Michigan) Cut cable line in Dearborn leaves WOW! customers with no cable, Internet Sunday. WOW! customers in Dearborn and Dearborn Heights lost cable, Internet, and phone service January 6 due to a severed cable line. Source: http://dearborn.patch.com/articles/cut-cable-line-in-dearborn-leaves-wow-customers-with-no-cable-internet-sunday