Wednesday, April 1, 2015



Complete DHS Report for  April 1, 2015

Daily Report

Top Stories

 · Unicold Corp., agreed to pay $197,000 in penalties and to make health and safety improvements at its refrigerated food warehouse in Honolulu as part of a settlement with the U.S. Department of Labor March 30. – Honolulu Star-Advertiser

12. March 30, Honolulu Star-Advertiser – (Hawaii) Food warehouse to pay nearly $200k in fines, fix safety flaws. Unicold Corp., agreed to pay $197,000 in penalties and to make health and safety improvements at its refrigerated food warehouse in Honolulu as part of a settlement with the U.S. Department of Labor that was announced March 30. The settlement was reached following a 2013 inspection that revealed health and safety violations that resulted in 63 citations for Unicold. Source: http://www.staradvertiser.com/news/breaking/20150330_Food_warehouse_to_pay_nearly_200k_in_fines_fix_safety_flaws.html?id=298035621

 · Police captured an escaped prisoner in Washington, D.C., March 31 who had overpowered a guard at Inova Fairfax Hospital in Virginia prompting authorities to lock down the hospital and surrounding streets for several hours. – WRC 4 Washington, D.C

19. March 31, WRC 4 Washington, D.C. – (Virginia; Washington, D.C.) Man who escaped Inova Fairfax Hospital captured after 9-hour manhunt. Police captured an escaped prisoner in Washington, D.C., March 31 who had overpowered a guard at Inova Fairfax Hospital in Virginia prompting the hospital and surrounding streets to be locked down for several hours before carjacking a vehicle. The driver of the vehicle crashed into a home after the suspect kicked out the backseat from inside the truck and fled, stealing another vehicle before he was captured by authorities. Source: http://www.nbcwashington.com/news/local/Active-Shooter-Reported-at-Inova-Fairfax-Hospital-298106511.html

 · A former U.S. Secret Service agent surrendered to authorities March 30 and a U.S. Drug Enforcement Administration agent was arrested March 27 for allegedly stealing over $1.5 million in bitcoins while investigating the Silk Road. – USA Today

23. March 30, USA Today – (International) Former feds charged with stealing Silk Road bitcoin. A former U.S. Secret Service agent surrendered to authorities March 30 and a U.S. Drug Enforcement Administration agent was arrested March 27 in connection to allegedly stealing over $1.5 million in bitcoins while investigating the Silk Road, a shutdown underground site that traded in illegal drugs, counterfeit IDs, and computer hacking software. The pair, based in Maryland, stole proceeds from the site and hid the funds in offshore accounts, often utilizing their positions in the government to obtain the bitcoins. Source: http://www.usatoday.com/story/news/2015/03/30/federal-agents-charged-with-stealing-bitcoin-from-silk-road-case/70672058/

 · Security researchers at Check Point Software Technologies discovered that a cyberespionage group has hacked into hundreds of defense contractor, telecommunications operator, media group, and educational organization networks from at least 10 countries in ongoing attacks that began in late 2012. – Network World See item 35 below in the Information Technology Sector

Financial Services Sector

6. March 30, MarketWatch – (International) AmEx Black Card members are more likely targets for fraud. Forter released results of a year-long study of hundreds of thousands of transactions worldwide March 30, in which they found that holders of American Express Co.’s Centurion Card are nearly twice as likely to be targets of credit card fraud as other basic credit card holders, due to their higher perceived market value. Source: http://www.marketwatch.com/story/amex-black-card-members-are-more-likely-targets-for-fraud-2015-03-30

For another story, see item 23 above in Top Stories

Information Technology Sector

33. March 31, Softpedia – (International) Anonymous proxies used for “Shotgun DDoS” attacks. Security researchers at Incapsula released findings from a one-month study revealing that 20 percent of all Layer 7 application layer distributed denial-of-service (DDoS) attacks from January – February were “Shotgun DDoS” attacks carried out through anonymous proxies to bypass mitigation systems by spreading across multiple internet protocols (IPs) and multiple geo-locations. Approximately 45 percent of the incidents originated from addresses in the Tor anonymity network and 60 percent of them employed Tor’s Hammer denial-of-service (DoS) tool, which carries out low-and-slow power-on self-test (POST) attacks. Source: http://news.softpedia.com/news/Anonymous-Proxies-Used-for-Shotgun-DDoS-Attacks-477193.shtml

34. March 31, Softpedia – (International) Trojan Laziok used for reconnaissance in the energy sector. Security researchers from Symantec identified new malware designed for stealing information, dubbed Laziok that was observed targeting users in the petroleum, gas, and helium industries worldwide, and is delivered via a malicious Microsoft Excel file that exploits a buffer overflow/security glitch that allows remote code execution, and downloads custom variants of Cyberat and Zbot malware from servers in the U.S., United Kingdom, and Bulgaria. Source: http://news.softpedia.com/news/Trojan-Laziok-Used-for-Reconnaissance-in-the-Energy-Sector-477175.shtml

35. March 31, Network World – (International) Lebanese cyberespionage campaign hits defense, telecom, media firms worldwide. Security researchers at Check Point Software Technologies discovered that a cyberespionage group has hacked into hundreds of defense contractor, telecommunications operator, media group, and educational organization networks from at least 10 countries in ongoing attacks that began in late 2012. The attackers detect vulnerabilities and use Web shells to compromise affected servers, including a sophisticated custom-made trojan on servers running Microsoft’s IIS software called Explosive that can infect servers and systems on networks and can spread via USB mass storage devices. Source: http://www.networkworld.com/article/2904293/lebanese-cyberespionage-campaign-hits-defense-telecom-media-firms-worldwide.html#tk.rss_all

36. March 30, Threatpost – (International) eBay fixes file upload and path disclosure bugs. eBay addressed two security vulnerabilities on its Web site that allowed attackers to upload malicious files, including executables, disguised as images that could be used in drive-by download attacks by leveraging poor header check’s and eBay server return messages with exact file paths. Source: https://threatpost.com/ebay-fixes-file-upload-and-patch-disclosure-bugs/111898

For another story, see item 23 above in Top Stories

Communications Sector

See item 35 above in the Information Technology Sector