Wednesday, October 15, 2014



Complete DHS Report for October 15, 2014

Daily Report

Top Stories

 · MRI International and its owner were found liable October 3 for operating a Ponzi scheme that raised more than $800 million from thousands of investors living primarily in Japan. – U.S. Securities and Exchange Commission See item 3 below in the Financial Services Sector

· Two people were killed in a storm that moved across southern U.S. States October 14 which flooded roadways and knocked out electricity for more than 66,000 customers, closing schools in several States. – Associated Press

19. October 14, Associated Press – (National) 2 killed as storms sweep across several states. Two people were killed in a storm that moved across southern U.S. States October 14 producing heavy rains and strong winds which flooded roadways and knocked out electricity for more than 66,000 customers in Georgia and Louisiana. Schools in several States cancelled classes and activities. Source: http://www.msn.com/en-us/news/us/2-killed-as-storms-sweep-across-several-states/ar-BB95BDz

· The Oregon Employment Department notified 851,322 individuals October 13 who registered with the WorkSource Oregon Management Information System that their information may have been compromised by a security vulnerability. – KPTV 12 Portland; KPDX 49 Vancouver

20. October 13, KPTV 12 Portland; KPDX 49 Vancouver – (Oregon) 850,000 people potentially impacted by WorkSource Oregon security breach. The Oregon Employment Department notified 851,322 individuals October 13 who registered with the WorkSource Oregon Management Information System that their information may have been compromised by a security vulnerability. Users were asked to change passwords and re-set security questions while officials continue to investigate. Source: http://www.kptv.com/story/26776035/worksource-oregon-data-breach-affects-850000-people

· Sears Holding Corporation disclosed that the payment data systems associated with the company’s Kmart stores were breached and an undetermined amount of consumers’ payment card data may have been compromised. – Help Net Security

33. October 13, Help Net Security – (International) Kmart confirms month-old data breach, payment card data stolen. Sears Holding Corporation disclosed that the payment data systems associated with the company’s Kmart stores were breached and an undetermined amount of consumers’ payment card data may have been compromised. The breach is believed to have started in September when attackers infected the system with a form of undetectable malware, which was removed after the breach was detected October 9. Source: http://www.net-security.org/secworld.php?id=17482

Financial Services Sector

3. October 10, U.S. Securities and Exchange Commission – (International) SEC obtains summary judgment win on liability in Ponzi scheme case. A federal judge ruled October 3 that MRI International and its owner were liable for operating a Ponzi scheme that raised more than $800 million from thousands of investors living primarily in Japan who believed their investments were being used to purchase medical accounts receivable from medical providers at a discounted rate. Source: http://www.sec.gov/litigation/litreleases/2014/lr23111.htm

For another story, see item 33 above in Top Stories

Information Technology Sector

25. October 14, Help Net Security – (International) Russian espionage group used Windows 0-day to target NATO, EU. iSIGHT Partners discovered a zero-day vulnerability used in a cyber-espionage campaign dubbed SandWorm targeting the North Atlantic Treaty Organization, the European Union, Ukrainian and Polish government organizations, and several European telecommunications and energy sectors. Microsoft is expected to release a patch for the zero-day which exploits supported versions of Microsoft Windows and Windows Server 2008 and 2012. Source: http://www.net-security.org/secworld.php?id=17491

26. October 14, Softpedia – (International) Dropbox denies being hacked, points to third-party services. Dropbox announced that its servers were not breached after a list of 420 username and password pairs were publicized on Pastebin with a poster claiming that more would be published with Bitcoin donations. The company reported that the information was stolen from other Web services used by the victims, who had identical usernames and passwords for Dropbox. Source: http://news.softpedia.com/news/Dropbox-Denies-Being-Hacked-Points-At-Third-Party-Services-461989.shtml

27. October 13, Network World – (International) The snappening: Snapsaved admits to hack that leaked SnapChat photos. Snapchat’s third-party app Snapsaved was hacked involving the release of 500MB of images containing between 90,000 and 200,000 photos and videos due to a misconfiguration in their Apache server. Snapsaved subsequently deleted the entire Web site and database associated with the breach. Source: http://www.networkworld.com/article/2825359/microsoft-subnet/the-snappening-snapsaved-admits-to-hack-that-leaked-snapchat-photos.html

28. October 10, Securityweek – (International) Multiple vulnerabilities found in BMC Track-It! help desk software. Researchers with the Computer Emergency Response Team Coordination Center at Carnegie Mellon University (CERT/CC) and Agile Information Security found that Track-It! version 11.3.0.355, the IT helpdesk solution created by BMC Software, contains three vulnerabilities related to permissions, privileges, and access control, missing authentication for critical function, and an exploitation using blind SQL injection. The company is working on addressing the issues. Source: http://www.securityweek.com/multiple-vulnerabilities-found-bmc-track-it-help-desk-software

29. October 10, SC Magazine – (International) New mobile trojan masquerading as Tic-tac-toe game targets Android devices. Kaspersky Lab researchers found that a Tic-tac-toe game available on Android devices houses the Gomal trojan which allows hackers to record audio from the microphone, steal incoming SMS messages, steal data from the device log, and obtain root privileges, among other things. Good for Enterprise researchers determined that the app was a proof-of-concept app presented at Black Hat 2013 and used only in Samsung Exynos memory access vulnerability, which has since been patched. Source: http://www.scmagazine.com/new-mobile-trojan-masquerading-as-tic-tac-toe-game-targets-android-devices/article/376722/

30. October 10, SC Magazine – (International) HP to remove digital signature that code-signed malware. Symantec discovered that an HP digital certificate was used to cryptographically sign (code-sign) malware shipped through HP products in May 2010. HP will revoke the digital certificate October 21 after researchers found an apparent signature on a four-year-old trojan that may have been included in the software. Source: http://www.scmagazine.com/hp-to-remove-digital-signature-that-code-signed-malware/article/376737/

Communications Sector

Nothing to report