Complete DHS Report for February 26, 2014
Daily Report
Details
• The Web site of Bitcoin exchange Mt. Gox was
disabled and the company confirmed that it indefinitely halted withdrawals from
its trading accounts after detecting unusual activity. – USA Today;
Associated Press See item 3 below in the Financial Services Sector
• The Federal Trade Commission stopped a
work-from-home scheme that conned consumers out of millions of dollars through
the sale of bogus resources and coaching services. – Time See item 4
below in the Financial Services Sector
• A Holland America cruise ship experienced a
possible norovirus outbreak when 114 passengers and 10 crew members suffered
from symptoms during a week-long trip to the Caribbean. – CNN
10.
February 23, CNN – (International) CDC looking into possible
norovirus outbreak on cruise ship. A Holland America cruise ship
experienced a possible norovirus outbreak when 114 passengers and 10 crew
members suffered from symptoms during a week-long trip to the Caribbean that
returned to its Fort Lauderdale port February 22. The U.S. Centers for Disease
Control and Prevention will conduct an environmental health assessment to
evaluate possible causes of the outbreak. Source: http://www.cnn.com/2014/02/23/travel/cdc-cruise-ship-norovirus/index.html?hpt=us_c2
• Cybercriminals utilizing the Pony botnet
stole more than 700,000 account credentials and $220,000 worth of virtual
currencies. – Softpedia See item 21 below in the Information Technology Sector
Financial Services Sector
3. February 25, USA Today; Associated Press –
(International) Bitcoin exchange Mt. Gox goes offline amid turmoil. The
Web site of Bitcoin exchange Mt. Gox was disabled February 25 and the company
confirmed that it indefinitely halted withdrawals from its trading accounts
earlier in February after detecting unusual activity. Source: http://www.usatoday.com/story/tech/2014/02/25/mt-gox-offline/5801093/
4. February 24, Time – (Utah) Feds target multi-million
dollar work-from-home scheme. The Federal Trade Commission announced
February 24 that it stopped a deceptive work-from-home scheme that conned
consumers out of millions of dollars through the sale of bogus resources and
business coaching services falsely claiming to aid the launch of an online
business. Source: http://business.time.com/2014/02/24/ftc-work-from-home-scheme/
5. February 24, WSMV 4 Nashville – (Tennessee) Two men
accused in Murfreesboro credit card theft scheme. Murfreesboro, Tennessee
police arrested 2 individuals the week of February 17 after a search of their
motel room for unrelated charges uncovered an embossment credit card-making
machine and nearly 200 credit cards. Authorities believe the suspects may be
connected to a multi-state credit card number theft ring. Source: http://www.wsmv.com/story/24809993/two-men-accused-in-murfreesboro-credit-card-theft-scheme
6. February 24, Wausau Daily Herald – (Wisconsin) Weston
man accused of selling fake stocks, stealing $100,000. Marathon County
officials issued an arrest warrant for a Weston man suspected of deceiving
three individuals out of nearly $100,000 by selling fraudulent shares of
publicly traded stock. Source: http://www.wausaudailyherald.com/article/20140224/WDH0101/302240284/Weston-man-accused-stock-scheme
For another story, see item 21 below in the Information Technology Sectory
Information Technology Sector
21. February 25, Softpedia – (International) Cybercriminals
use Pony botnet to steal 700,000 account credentials, virtual currencies. Experts
found that cybercriminals managed to steal more than 700,000 credentials for
Web sites, email accounts, File Transfer Protocol (FTP) servers, Secure Shell
(SSH), and Virtual Desktops utilizing the Pony botnet. The botnet was also used
to steal $220,000 worth of virtual currencies targeting Bitcoin and other
virtual currency wallets. Source: http://news.softpedia.com/news/Cybercriminals-Use-Pony-Botnet-to-Steal-700-000-Account-Credentials-Virtual-Currencies-429170.shtml
22. February 25, Softpedia – (International) EC-Council
says its servers haven’t been hacked. EC-Council announced that its Web
site was targeted by a hacker who redirected the site’s visitors via a Domain
Name System (DNS) hijack to a defacement page hosted by a Finland-owned
company. The organization stated that its servers were not breached and
continues to investigate the incident. Source: http://news.softpedia.com/news/EC-Council-Says-Its-Servers-Haven-t-Been-Hacked-429307.shtml
23. February 23, Dark Reading – (International) Researchers
bypass protections in Microsoft’s EMET security tool. Bromium Labs
researchers found a flaw in Microsoft’s Enhanced Mitigation Experience Toolkit
(EMET) 4.1 that could potentially allow attackers to sneak malware past it
through bypassing several key defenses, taking advantage of its reliance on
known vectors of return-oriented programming (ROP) exploitation attack methods.
Source: http://www.darkreading.com/attacks-breaches/researchers-bypass-protections-in-micros/240166227
Communications Sector
Nothing to report