Thursday, August 7, 2014




Complete DHS Report for August 7, 2014

Daily Report

Top Stories

 · Community Health Systems Inc., agreed to pay $98.15 million in a settlement with federal officials August 4 to resolve several lawsuits alleging the company knowingly billed government health care programs for inpatient services that should have been billed as observation or outpatient services. – U.S. Department of Justice 

18. August 4, U.S. Department of Justice – (National) Community Health Systems Inc. to pay $98.15 million to resolve False Claims Act allegations. Tennessee-based Community Health Systems Inc., agreed to pay $98.15 million in a settlement with the U.S. Department of Justice August 4 to resolve several lawsuits alleging the company knowingly billed government health care programs for inpatient services that should have been billed as observation or outpatient services from 2005 to 2010. The settlement also resolves allegations that Laredo Medical Center, an affiliated hospital, improperly billed the Medicare program for certain inpatient procedures and for services rendered to patients in violation of the Physician Self-Referral Law. Source: http://www.justice.gov/opa/pr/2014/August/14-civ-822.html

 · Researchers with Hold Security found that a Russian cybercrime group was able to collect 1.2 billion unique credentials from the Web sites of a wide variety of large and small businesses, as well as over 500 million email address credentials. – Softpedia See item 22 below in the Information Technology Sector

 · Federal and State authorities arrested and charged 16 individuals in connection with a retail theft ring that allegedly stole millions of dollars’ worth of high-end merchandise from 16 Evansville, Indiana retailers. – WRTV 6 Indianapolis

29. August 6, WRTV 6 Indianapolis – (Indiana) Prosecutor: ‘Millions' in merchandise stolen in theft ring. Federal and State authorities arrested and charged 16 individuals in connection with a retail theft ring that allegedly stole millions of dollars’ worth of high-end merchandise from 16 Evansville, Indiana retailers, including several stores located in the Eastland Mall. Source: http://www.theindychannel.com/news/crime/prosecutors-millions-in-merchandise-stolen-in-theft-ring_71159873

 · The U.S. Army Corps of Engineers announced August 4 that it will disclose the amount of pollutants being released into waterways among 8 dams in Oregon and Washington to settle claims that they violated the Clean Water Act. – Associated Press 

35. August 5, Associated Press – (Oregon; Washington) Corps of Engineers agrees to disclose dams’ pollution. The U.S. Army Corps of Engineers announced August 4 that it will disclose the amount of pollutants being released into waterways among 8 dams on the Columbia and Snake rivers in Oregon and Washington as well as apply to the U.S. Environmental Protection Agency for pollution permits to settle Columbia Riverkeeper claims that they violated the Clean Water Act. The Corps did not admit any wrongdoing and will pay $143,000 in fees. Source: http://registerguard.com/rg/news/local/31967790-75/corps-of-engineers-agreesto-disclose-dams-pollution.html.csp

Financial Services Sector

5. August 6, Securityweek – (International) PayPal confirms new two-factor authentication bypass issue. Researchers with Escalate Internet identified a way to bypass PayPal’s two-factor authentication (2FA) mechanism with companies that use Adaptive Payments, as the method Adaptive Payments uses to connect PayPal accounts to the application only requires a login and password with no 2FA. PayPal stated that they are aware of the issue and working on a fix. Source: http://www.securityweek.com/paypal-confirms-new-two-factor-authentication-bypass-issue

6. August 6, Houston Business Journal – (Texas) SEC charges Houston energy company and CEO with fraud. The U.S. Securities and Exchange Commission (SEC) issued a cease and desist order against Houston-based Houston American Energy Corp., and its chief executive officer for allegedly making fraudulent claims to investors in order to raise around $13 million in a public offering between 2009 and 2010. The SEC also charged a stock promoter and his firm, Undiscovered Equities Inc., with allegedly helping publicize the misleading claims. Source: http://www.bizjournals.com/houston/morning_call/2014/08/sec-charges-houston-energy-company-and-ceo-with.html

7. August 5, New York Times – (National) Federal Reserve and F.D.I.C. fault big banks’ ‘living wills’. The Federal Reserve and Federal Deposit Insurance Corporation (FDIC) sent letters to 11 major banks August 5 stating that the agencies had found required plans for winding down the major banks in the event of a financial crisis were inadequate due to unrealistic assumptions and other issues. The two agencies demanded that the plans submitted for 2015 contain improvements to resolve the issues. Source: http://dealbook.nytimes.com/2014/08/05/federal-reserve-and-f-d-i-c-fault-big-banks-living-wills/

8. August 5, U.S. Attorney’s Office, Eastern District of Virginia – (Maryland; Washington, D.C.) Baltimore man pleads guilty in identity theft and credit card fraud ring. A Baltimore man pleaded guilty August 5 to conspiracy to commit access device fraud for his role in an identity theft and payment card fraud ring that operated in the Baltimore and Washington, D.C. region that involved around 250 victims and the theft of at least $200,000. Three others involved in the fraud ring previously pleaded guilty for their roles in the conspiracy. Source: http://www.fbi.gov/washingtondc/press-releases/2014/baltimore-man-pleads-guilty-in-identity-theft-and-credit-card-fraud-ring

Information Technology Sector

22. August 6, Softpedia – (International) 1.2 billion unique credentials, 500 million email addresses stolen by Russian cyber gang. Researchers with Hold Security found that a Russian cybercrime group dubbed “CyberVor” was able to collect 1.2 billion unique credentials from the Web sites of a wide variety of large and small businesses, as well as over 500 million email address credentials. The researchers reported that the cybercriminals used SQL injection attacks and later botnets that scanned sites on a large scale looking for SQL vulnerabilities to obtain the information. Source: http://news.softpedia.com/news/1-2-Billion-Unique-Credentials-500-Million-Email-Addresses-Stolen-by-Russian-Cyber-Gang-453677.shtml

23. August 6, Securityweek – (International) Synology NAS devices hit in ransomware attack, firm advises upgrade. Synology stated that it confirmed user reports of infections by the SynoLocker ransomware on the company’s Diskstation devices and found that Synology network-attached storage (NAS) servers running DSM 4.3-3810 and earlier were compromised by exploiting a vulnerability that was patched in December 2013. Users were advised to upgrade their DSM installations to close the vulnerability. Source: http://www.securityweek.com/synology-nas-devices-hit-ransomware-attack-firm-advises-upgrade

24. August 6, Softpedia – (International) Magnitude Exploit Kit is a well-oiled crimeware. Trustwave researchers analyzed the Magnitude Exploit Kit used to infect several high-profile Web sites and found that the malware relied on one Internet Explorer exploit and two Java exploits, and had a 20 percent infection success rate within 1 month, among other findings. Source: http://news.softpedia.com/news/Magnitude-Exploit-Kit-Is-a-Well-Oiled-Crimeware-453744.shtml

25. August 5, Securityweek – (International) Over 90% of enterprises exposed to man-in-the-browser attacks: Cisco. Cisco released its Midyear Security Report August 5, which found that around 94 percent of its customers have issued domain name system (DNS) requests to hostnames with IP addresses associated with the distribution of malware that contains man-in-the-browser (MitB) capabilities. The report also found that aviation, chemical, pharmaceutical, and media and publishing industries had the highest rates of malware encounters, among other findings. Source: http://www.securityweek.com/over-90-enterprises-exposed-man-browser-attacks-cisco

26. August 5, Softpedia – (International) Security flaw in Spotify for Android may enable phishing. Trend Micro researchers identified a vulnerability in the Spotify app for Android that could allow attackers to take control of what is displayed in the app’s interface, which could potentially be used for phishing or redirection to malicious pages. Spotify stated that they released an update that closes the vulnerability after being notified and advised all users to update to the latest version. Source: http://news.softpedia.com/news/Security-Flaw-in-Spotify-for-Android-May-Enable-Phishing-453633.shtml

Communications Sector

27. August 5, Santa Rosa Press Democrat – (California) After two-day outage, Internet service restored for Mendocino Coast. Cellphone and Internet service on the Mendocino Coast was restored August 5 after a reported vehicle accident on Comptche-Ukiah Road August 3 that damaged about 400 feet of AT&T fiber optic cable causing the outage for residents and businesses. Some recipients of government cash and food assistance programs were also impacted as well as some 9-1-1 service for residents in the area. Source: http://www.pressdemocrat.com/news/2479886-181/after-two-day-outage-internet-service

28. August 5, WHO 13 Des Moines – (Iowa) Phone outage costs some customers business. Crews fixing a water main break cut phone lines August 1 causing a disruption of Internet and phone service for Century Link businesses in Des Moines. The utility worked August 5 to restore service. Source: http://whotv.com/2014/08/05/phone-outage-costs-some-customers-business/

For another story, see item 25 above in the Information Technology Sector