Monday, June 23, 2014




Complete DHS Report for June 23, 2014

Daily Report

Top Stories

 • The U.S. Centers for Disease Control and Prevention reported June 19 that as many as 75 scientists working in federal government laboratories in Atlanta may have been exposed to live anthrax bacteria after failing to follow proper procedures. – Reuters

22. June 19, Reuters – (Georgia) Exclusive: U.S. says 75 government scientists possibly exposed to anthrax. The U.S. Centers for Disease Control and Prevention (CDC) reported June 19 that as many as 75 scientists working in federal government laboratories in Atlanta may have been exposed to live anthrax bacteria June 13 after failing to follow proper procedures to inactivate the bacteria and transporting it to lower-security CDC labs. The employees are being tested and an internal investigation is underway. Source: http://www.reuters.com/article/2014/06/19/us-usa-anthrax-idUSKBN0EU2D620140619

 • A King County, Washington sheriff’s deputy was arrested June 19 and charged for prostituting his wife, drug dealing, and stealing from the department after officials found that he along with two other deputies were involved in alleged corruption and other wrongdoing. – Reuters

24. June 20, Reuters – (Washington) Seattle sheriff’s deputy arrested for drugs, theft, prostitution. A King County Sheriff’s Department deputy was arrested June 19 and charged for prostituting his wife, drug dealing, and stealing from the department after officials found that he along with two other deputies were involved in the sale of 19,000 pounds of brass bullet casings stolen from the department’s ranges and used to make an illegal fund. The deputy also allegedly convinced his estranged wife to work as a prostitute, taking 80 percent of her earnings. Source: http://news.msn.com/crime-justice/seattle-sheriffs-deputy-arrested-for-drugs-theft-prostitution

 • The Federal Communications Commission fined online retailer CTS Technology $34.9 million for marketing and selling several models of signal jammers that are illegal in the U.S. – The Verge See item 29 below in the Communications Sector

 • Three people were injured in a shooting June 19 at the Red Rocks Amphitheatre in Colorado, prompting the lock down and closure of the venue while police searched the vehicles of all concertgoers. – Denver Post

30. June 20, Denver Post – (Colorado) Red Rocks shooting: 3 injured, victims found in Denver. Authorities are investigating after three people were injured in a shooting June 19 at the Red Rocks Amphitheatre in Colorad,o prompting the lock down and closure of the venue while police searched the vehicles on all concertgoers. The victims were found in Denver after driving off following the altercation. Source: http://www.denverpost.com/news/ci_25999949/denver-police-investigating-shooting-6th-ave-and-kalamath

Financial Services Sector

6. June 19, Jersey Journal – (New Jersey) Ex-owner of Jersey City jewelry store pleads guilty in credit card fraud scheme. The owner of the Tanishq Jewels jewelry store in Jersey City pleaded guilty June 18 to his role in an international credit card fraud ring that caused over $200 million in losses to financial institutions and businesses. The man was the seventeenth person to plead guilty in connection with the fraud scheme. Source: http://www.nj.com/jjournal-news/index.ssf/2014/06/ex-owner_of_jersey_city_jewele.html

7. June 19, Roanoke Times – (Virginia) Former real estate executive indicted in SML mortgage fraud scheme. The former owner of Moneta-based Genesis Mansions was arraigned in federal court in Roanoke June 19 for allegedly working with straw buyers to defraud banks, resulting in $11 million in losses. Source: http://www.roanoke.com/news/crime/former-real-estate-executive-indicted-in-sml-mortgage-fraud-scheme/article_5ec14be3-da6b-5fbd-9037-232d408a7b72.html

Information Technology Sector

26. June 20, Softpedia – (International) OpenSSL vulnerability addressed in Android 4.4.4 updates. Google released an update for Android KitKat, version 4.4.4, which closes a significant OpenSSL injection vulnerability in the crypto library. The update will be deployed to Nexus devices automatically, though factory images were also made available for manual updating. Source: http://news.softpedia.com/news/OpenSSL-Vulnerability-Addressed-in-Android-4-4-4-Update-447637.shtml

27. June 20, Help Net Security – (International) Critical flaw exposes admin passwords of nearly 32,000 servers. A researcher with CARI.net’s Security Incident Response Team discovered that 31,964 servers with Supermicro baseboard management controllers (BMCs) will disclose their password files in plain text to anyone who connects to port 49152. The issue was fixed in a patch, but the patch requires administrators to reflash their systems with a new IPMI BIOS, which is not always possible. Source: http://www.net-security.org/secworld.php?id=17032

28. June 20, Softpedia – (International) “Yo” messaging app gets hacked multiple times. A Georgia Tech student reported finding a method to bypass the security functions of the Yo messaging app, allowing access to the phone numbers of Yo users and allowing the student to spam users with messages. Source: http://news.softpedia.com/news/Yo-Messaging-App-Gets-Hacked-Multiple-Times-447675.shtml

For another story, see item 11 from the Transportation Systems Sector below

11. June 19, Nextgov – (National) Nation state-sponsored attackers hacked two airports, report says. The Center for Internet Security (CIS) released a report June 19 detailing how federal authorities, industry, and CIS identified and took action against a series of attacks by a state-sponsored advanced persistent threat group that targeted systems at 75 U.S. airports via a phishing campaign. Two airports were compromised before authorities discovered the operation. Source : http://www.nextgov.com/cybersecurity/2014/06/nation-state-sponsored-attackers-hacked-two-airports-report-says/86812/

Communications Sector

29. June 19, The Verge – (International) FCC issues largest fine in history to company selling signal jammers. The Federal Communications Commission (FCC) fined online retailer CTS Technology $34.9 million for marketing and selling several models of signal jammers that are illegal in the U.S. The FCC is also trying to force the company to report who they sold the jammers to. Source: http://www.theverge.com/2014/6/19/5824344/fcc-issues-signal-jammer-seller-largest-fine-ever-34-9-million