Friday, September 19, 2014



Complete DHS Report for September 19, 2014

Daily Report

Top Stories

 · Five people, including three bank tellers at branches in New York and Florida, were indicted September 16 in White Plains, New York, for allegedly running an identity theft and bank fraud ring that stole over $850,000. – Lower Hudson Valley Journal News See item 7 below in the Financial Services Sector

 · More than 600,000 gallons of manure spilled from the Kurt DeGrave farm in the Town of Brussels, Wisconsin, into Sugar Creek September 16 with cleanup expected to take several days. – WLUK 11 Green Bay

15. September 18, WLUK 11 Green Bay – (Wisconsin) Manure spill cleanup continues. More than 600,000 gallons of manure spilled from the Kurt DeGrave farm in the Town of Brussels in Door County into Sugar Creek September 16. Wisconsin Department of Natural Resources officials reported that there was no indication of groundwater contamination after crews stopped the leak and began using vacuum trucks to clean the spill, expected to take several days. Source: http://fox11online.com/2014/09/17/manure-spill-cleanup-continues/

 · A Detroit-area cancer doctor pleaded guilty September 16 to convincing patients to undergo unnecessary cancer treatments and then billing insurers roughly $225 million in claims over 6 years. – Associated Press

22. September 17, Associated Press – (Michigan) Michigan doctor admits giving patients unnecessary cancer treatments. A Detroit-area cancer doctor pleaded guilty September 16 to convincing patients to undergo unnecessary cancer treatments and then billing insurers. The doctor submitted roughly $225 million in claims to Medicare and private insurers over 6 years for chemotherapy and other cancer treatments. Source: http://www.foxnews.com/us/2014/09/17/michigan-doctor-admits-giving-patients-unnecessary-cancer-treatments/

 · Fire crews reached 5 percent containment September 18 of the 70,944-acre King Fire burning in El Dorado County, California, that threatens more than 3,500 homes and structures. – KXTV 10 Sacramento

24. September 18, KXTV 10 Sacramento – (California) King Fire now at 70,944 acres; more than 2,000 homes threatened. Fire crews reached 5 percent containment September 18 of the 70,944-acre King Fire burning in El Dorado County. More than 2,000 homes and 1,500 structures are threatened while evacuation orders for hundreds of people remained in place. Source: http://www.news10.net/story/news/local/eldorado-hills/2014/09/18/king-fire-burns-27930-acres-el-dorado-county-thursday/15816425/

Financial Services Sector

6. September 17, Bloomberg News – (Maryland; Delaware) Nightclub insurer charged in $100 million fraud. The owner of Maryland-based Indemnity Insurance Corp., was indicted in federal court in Baltimore September 16 for allegedly using fraudulent financial documents to show that his company was in better financial health than it was and for deceiving Delaware and federal regulators. The indictment seeks to recover over $100 million in premiums paid by clients of the firm that specialized in insuring nightclubs and other entertainment facilities. Source: http://www.bloomberg.com/news/2014-09-17/nightclub-insurer-charged-in-100-million-fraud.html

7. September 17, Lower Hudson Valley Journal News – (National) Bank tellers helped steal identities, $850G, A.G. says. Five people, including three bank tellers at branches in New York and Florida, were indicted September 16 in White Plains, New York, for allegedly running an identity theft and bank fraud ring that stole over $850,000 in funds as well as customers’ personal information over at least 4 years. The tellers allegedly supplied information to their co-conspirators that enabled them to create fraudulent checks, driver’s licenses, and other documents used to withdraw the stolen funds from bank branches in Connecticut, Massachusetts, and New York. Source: http://www.lohud.com/story/news/local/westchester/2014/09/16/officials-bank-tellers-others-stole-identities-k/15744627/

8. September 16, U.S. Attorney’s Office, Northern District of Ohio – (International) Former Gates Mills man indicted for defrauding investors of millions of dollars. A former Gates Mills, Ohio resident and Mexican national was indicted September 16 for allegedly running a $9.6 million investment scheme that defrauded investors in Florida, New Jersey, New York, and Ohio. The FBI stated that the man was believed to have fled the Cleveland area and asked for the public’s help in determining his whereabouts. Source: http://www.fbi.gov/cleveland/press-releases/2014/former-gates-mills-man-indicted-for-defrauding-investors-of-millions-of-dollars

9. September 16, U.S. Attorney’s Office, Southern District of Texas – (Texas) Tanzanian national guilty in tax fraud scheme involving more than 600 victims. A Houston resident and Tanzanian national pleaded guilty September 16 for running an identity theft and tax fraud scheme that caused over $1.8 million in losses and affected more than 600 victims. The man used stolen personal information to impersonate others and file fraudulent tax returns in their names. Source: http://www.justice.gov/usao/txs/1News/Releases/2014%20September/140916%20-%20Mtaza.html

10. September 15, U.S. Attorney’s Office, Eastern District of California – (California) Leader of multi-million dollar foreclosure rescue fraud convicted. A Brentwood, California man who operated a business known as KATN was found guilty September 15 for operating a foreclosure rescue fraud scheme that defrauded homeowners of more than $5.8 million and paid over $2.5 million into his and his co-conspirators’ accounts. The man and his co-conspirators tricked homeowners in California and other States into paying fees to KATN with the promise of paying or forgiving mortgages but used the fees for personal expenses. Source: http://www.justice.gov/usao/cae/news/docs/2014/2014_09/09-15-14Tikal.html

Information Technology Sector

32. September 18, Securityweek – (International) Apple fixes “backdoors” with release of iOS 8. Apple released the newest version of its mobile operating system, iOS 8, September 17, which adds improvements and closes over 50 security vulnerabilities. Source: http://www.securityweek.com/apple-fixes-backdoors-release-ios-8

33. September 17, Threatpost – (International) Series of vulnerabilities found in Schneider Electric SCADA products. An advisory from the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) warned users of Schneider Electric StruxureWare SCADA Expert ClearSCADA products after researchers discovered unpatched, remotely-exploitable vulnerabilities. Included in the vulnerabilities is a cross-site scripting (XSS) issue that could allow industrial control systems (ICS) to be shut down, while an authentication bypass issue could give attackers access to sensitive information. Source: http://threatpost.com/series-of-vulnerabilities-found-in-schneider-electric-scada-products

34. September 17, Securityweek – (International) AppBuyer iOS malware targets jailbroken iPhones. Researchers with Palo Alto Networks analyzed a piece of iOS malware discovered by WeiPhone Technical Group in May and found that the malware dubbed AppBuyer is targeting jailbroken iPhones in order to steal Apple ID and password information and make unauthorized purchases from the App Store. Source: http://www.securityweek.com/appbuyer-ios-malware-targets-jailbroken-iphones

35. September 17, SC Magazine – (International) Analysts spot ‘Critolock,’ ransomware claims to be CryptoLocker. Researchers at Trend Micro identified a new piece of ransomware known as Troj_Critolock.A or Critolock that infects devices and encrypts users’ data and demands a ransom. The malware purports to be the CryptoLocker ransomware but contains several differences including its use of the Rijndael symmetric-key algorithm. Source: http://www.scmagazine.com/analysts-spot-critolock-ransomware-claims-to-be-cryptolocker/article/372182/

36. September 17, Threatpost – (International) Drupal patches XSS vulnerability in spam module. Drupal released a patch September 17 for the Mollom spam and content moderation module that closes a cross-site scripting (XSS) vulnerability that could allow an attacker to gain admin-level access to Web sites and enable them to steal data or hijack sessions. Source: http://threatpost.com/drupal-patches-xss-vulnerability-in-spam-module

For another story, see item 3 below from the Energy Sector

3. September 17, Securityweek – (International) Website of U.S. oil and gas company abused in watering hole attack. Researchers at Bromium found that attackers injected malicious code into the Web site of an unnamed U.S. oil and gas company in an effort to infect the computers of its visitors, known as a watering hole attack. The malicious script used on the compromised Web site utilized the Internet Explorer vulnerability CVE-2013-7331 which allows resources loaded into memory to be queried. Source: http://www.securityweek.com/website-us-oil-and-gas-company-abused-watering-hole-attack

Communications Sector

37. September 16, KHON 2 Honolulu – (Hawaii) Full service has been restored to all Hawaiian Telecom customers affected by broken fiber cable. Full service was restored to about 600 Hawaiian Telecom customers in Puuloa September 16 after being down for nearly 12 hours when a fiber cable was cut during construction work September 15, causing disruption to telephone, Internet, and TV services. Source: http://khon2.com/2014/09/15/fiber-cable-cut-disrupts-service-in-kalihi-palama-area/

For another story, see item 31 below from the Emergency Services Sector

31. September 15, Memphis Flyer – (Tennessee) State issues alternative emergency numbers for cell phones. The Tennessee Emergency Communications Board and the Tennessee Emergency Management Agency issued a new phone number to replace 9-1-1 when dialing from a cell phone to several counties in west Tennessee September 15 in response to a disruption that caused calls made from cell phones to be rerouted due to flood damaged equipment. Source: http://www.memphisflyer.com/NewsBlog/archives/2014/09/15/state-issues-alternate-emergency-number-for-cell-phones