Wednesday, December 11, 2013



Complete DHS Daily Report for December 11, 2013

Daily Report

 • An Arizona man was found guilty of federal racketeering charges for his participation in an underweb marketplace that sold stolen information and fraud services and caused an estimated $50.5 million in losses. – Wired.com See item 7 below in the Financial Services Sector

 • Kaiser Permanente notified about 49,000 patients after a computer flash drive containing unencrypted patient personal and medical information went missing at the Anaheim Medical Center in California. – Los Angeles Times

14. December 10, Los Angeles Times – (California) Kaiser Permanente reports privacy breach to 49,000 patients. Kaiser Permanente notified about 49,000 patients after a computer flash drive containing unencrypted patient personal and medical information without password protection was reported missing September 25 from the Anaheim Medical Center nuclear medicine department. Source: http://www.latimes.com/business/money/la-fi-mo-kaiser-privacy-breach-20131209,0,4000091.story

 • All federal government offices in Washington, D.C. as well as city public schools were closed due to severe winter weather. – Associated Press

16. December 10, Associated Press – (Washington, D.C.) DC government, schools closed for winter weather. All federal government offices in Washington, D.C. as well as city public schools and the University of the District of Columbia were closed December 10 due to severe winter weather in the region. Source: http://www.washingtonpost.com/local/dc-government-schools-closed-for-winter-weath

 • Princeton University in New Jersey decided to begin vaccinating nearly 6,000 students in an attempt to stop an outbreak of type B meningitis after 8 people there contracted the disease. – Associated Press

19. December 9, Associated Press – (New Jersey) Princeton starts mass meningitis B vaccinations. Princeton University in New Jersey decided to begin vaccinating nearly 6,000 students in an attempt to stop an outbreak of type B meningitis after 7 students and 1 student visitor have contracted the disease since March. Source: http://news.msn.com/us/princeton-starts-mass-meningitis-b-vaccinations

Details

Financial Services Sector

7. December 9, Wired.com – (International) Guilty verdict in first ever cybercrime RICO trial. An Arizona man was found guilty of federal racketeering charges for his participation in an underweb  marketplace known as Carder.su that sold stolen payment card information, counterfeiting equipment, and online criminal services. The marketplace created $50.5 million in losses according to a government estimate. Source: http://www.wired.com/threatlevel/2013/12/rico/

8. December 9, Palm Springs Desert Sun– (California) 'Button-Down Bandit' suspected of robbing Corona bank. The December 6 robbery of a Bank of America bank branch in Corona was believed to be the work of a suspect known as the "Button-Down Bandit", a bank robber linked to four other robberies in the Coachella Valley and Orange County areas. Source: http://www.mydesert.com/article/20131209/NEWS0801/312090008/-Button-down-Bandit-robs-Corona-bank

Information Technology Sector

25. December 10, Softpedia – (International) MouaBad malware allows cybercriminals to make phone calls. Researchers at Lookout analyzed a new version of the MouaBad Android malware, dubbed MouaBad.p, which can be used to make calls and send messages without a user's input. The new variant only affects Android versions before Android 3.1. Source: http://news.softpedia.com/news/MouaBad-Malware-Allows-Cybercriminals-to-Make-Phone-Calls-407819.shtml

26. December 10, V3.co.uk – (International) Chinese hackers used Syrian crisis to phish European governments before G20 Summit. Researchers at FireEye detected a cyberespionage campaign that targeted foreign ministries of several undisclosed European governments prior to the September G20 Summit dubbed Operation Ke3chang. The campaign used phishing emails and three types of malware to infiltrate systems and used servers that appeared to be located in China. Source:http://www.v3.co.uk/v3-uk/news/2318148/chinese-hackers-used-syrian-crisis-to-phish-european-governments-before-g20-summit

27. December 9, Computerworld – (International) Other browser makers follow Google's lead, revoke rogue certificates. Google, Mozilla, Microsoft, and Opera Software revoked rogue digital certificates that were mistakenly issued by the French Network and Information Security Agency (ANSSI) and signed by the France's treasury department. Source: http://www.computerworld.com/s/article/9244645/Other_browser_makers_follow_Google_s_lead_revoke_rogue_certificates

28. December 9, IDG News Service – (International) Data-stealing malware pretends to be Microsoft IIS server module. A piece of malware was discovered by researchers at Trustwave's SpiderLabs that disguises itself as a module for Microsoft Internet Information Service (IIS) software and collects data entered into Web-based forms. The malware, dubbed ISN, is a malicious dynamic link library (DLL) which is currently undetectable by most anti-virus products. Source:http://www.networkworld.com/news/2013/121013-data-stealing-malware-pretends-to-be-276766.html

29. December 9, Albany Times-Union – (New York) Bomb threat jolts GlobalFoundries. An employee allegedly left a bomb threat at the GlobalFoundries Fab 8 site in Malta, New York, December 9, causing 3,000 construction employees to be evacuated from the site and construction operations to be suspended for the day. Source: http://www.timesunion.com/local/article/Arrest-made-in-GlobalFoundries-bomb-threat-5048095.php

For another story, see item 7 above in the Financial Services Sector

Communications Sector

See item 25 above in the Information Technology Sector