Tuesday, October 28, 2014



Complete DHS Report for October 28, 2014

Daily Report

Top Stories

 · A North Carolina man who owns Rex Venture Group was indicted October 24 for allegedly operating an Internet-based Ponzi scheme that defrauded investors of over $850 million between January 2010 and August 2012. – U.S. Attorney’s Office, Western District of North Carolina See item 8 below in the Financial Services Sector
 
 · Nearly 62 million gallons of untreated sewage spilled into the Willamette River October 22 after the Portland, Oregon sewer system began to overflow due to heavy rains. – Portland Oregonian

23. October 25, Portland Oregonian – (Oregon) Portland sewage overflow: 61.9 million gallons flowed into Willamette River on Wednesday. Nearly 62 million gallons of untreated sewage spilled into the Willamette River October 22 after the Portland sewer system began to overflow due to heavy rains. A separate incident occurred on the same day at the Columbia Boulevard Wastewater Treatment Plant when a faulty air pressure valve malfunctioned and sent 300,000 gallons of treated effluent into the Columbia Slough. Source: http://www.oregonlive.com/portland/index.ssf/2014/10/portland_sewage_overflow_619_m.html
 
 · Two students were killed and 3 others were injured by a gunman who died from a self-inflicted gunshot wound after opening fire at Marysville-Pilchuck High School in Washington October 24. – KING 5 Seattle; Associated Press

28. October 27, KING 5 Seattle; Associated Press – (Washington) Second victim in Washington school shooting dies. Two students were killed and 3 others were critically injured by a gunman who died from a self-inflicted gunshot wound after opening fire at Marysville-Pilchuck High School in Washington October 24. Source: http://www.usatoday.com/story/news/nation/2014/10/27/washington-school-shooting/17987021/
 
 · The Federal Communications Commission issued two phone carriers, TerraCom and its affiliate YourTel America, a total of $10 million in fines for improperly storing more than 300,000 customers’ personal information. – Washington Post See item 34 below in the Communications Sector

Financial Services Sector

5. October 27, Krebs on Security – (International) ‘Replay’ attacks spoof chip card charges. Three undisclosed U.S. banks reported receiving fraudulent payment card charges emanating from Brazil that disguise the fraudulent charges as charges using the Europay, MasterCard, and Visa (EMV) chip-and-pin system even though the banks have not yet issued EMV cards. The attacks disguised the charges as originating from EMV cards since some banks with misconfigured systems may not use the full range of security checks on EMV card transactions. Source: http://krebsonsecurity.com/2014/10/replay-attacks-spoof-chip-card-charges/

6. October 24, U.S. Securities and Exchange Commission – (New Jersey) SEC charges New Jersey man in insider trading case involving pharmaceutical companies. The U.S. Securities and Exchange Commission (SEC) announced October 24 charges against a Livingston man for allegedly receiving and using insider information on pharmaceutical companies to engage in insider trading and generate almost $700,000 in illicit profits. The source of the insider information was previously charged by the SEC and the U.S. Attorney’s Office for the Southern District of New York also charged both men in parallel charges. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370543280408

7. October 24, Chicago Tribune – (National) Former radio host convicted of mortgage fraud. A former national radio host residing in Durham, North Carolina, was found guilty October 24 for assisting nearly 30 fraudulent mortgage loans in the Chicago area in a scheme that cost lenders around $10 million. Source: http://www.chicagotribune.com/news/ct-radio-host-fraud-trial-met-1025-20141024-story.html

8. October 24, U.S. Attorney’s Office, Western District of North Carolina – (National) ZeekRewards president indicted on federal charges for operating $850 million Internet Ponzi scheme. A Lexington, North Carolina man who owns Rex Venture Group, which operated Zeekler and ZeekRewards, was indicted October 24 for allegedly operating the companies as an Internet-based Ponzi scheme that defrauded investors of over $850 million between January 2010 and August 2012. Source: http://www.justice.gov/usao/ncw/pressreleases/2014/Charlotte-2014-10-24-burks.html

For another story, see item 33 below in the Information Technology Sector

Information Technology Sector

32. October 27, Securityweek – (International) Tor exit node found maliciously modifying files. A researcher with Leviathan Security Group identified and reported an exit node on the Tor network that wraps binary files with malware as the files move through the node. The Tor Project stated that they set a “BadExit” flag on the node to protect users after it was reported. Source: http://www.securityweek.com/tor-exit-node-found-maliciously-modifying-files

33. October 24, Dark Reading – (International) Backoff PoS malware boomed in Q3. Damballa released a report which found that detections of the Backoff point-of-sale (PoS) malware increased by 57 percent between August and September. Source: http://www.darkreading.com/attacks-breaches/backoff-pos-malware-boomed-in-q3/d/d-id/1316957
 
Communications Sector

34. October 24, Washington Post – (National) With a $10 million fine, the FCC is leaping into data security for the first time. The Federal Communications Commission issued two phone carriers, TerraCom and its affiliated YourTel America, with a total of $10 million in fines for improperly storing more than 300,000 customers’ personally identifiable information such as their Social Security numbers, home addresses, phone numbers, data of birth and other personal data online without firewalls, encryption or password protection, making the information easily accessible to the public. Source: http://www.washingtonpost.com/blogs/the-switch/wp/2014/10/24/with-a-10-million-fine-the-fcc-is-leaping-into-data-security-for-the-first-time/