Tuesday, May 5, 2015



Complete DHS Report for May 5, 2015

Daily Report

Top Stories

· Three suspects were arrested and charged April 23 for allegedly planting skimming devices
 at various locations in Oregon in order to steal credit and debit card information that they used to purchase thousands of dollars of merchandise. – Salem Statesman Journal See item 3 below in the Financial Services Sector

 · U.S. and Canadian officials announced May 1 new safety rules for trains carrying crude oil and other flammable materials, including new standards for tank-car construction and new brake-system requirements. – Washington Post

11. May 1, Washington Post – (International) Transportation Dept. gets strict on rules for trains carrying flammable oil. The U.S. Department of Transportation (DOT) secretary along with Canada’s minister of transport announced May 1 new safety rules for trains carrying crude oil and other flammable materials, including new standards for tank-car construction, new brake-system requirements, and new speed limits for some trains travelling through “high-threat” urban areas. A DOT spokesperson stated that all tank cars will be manufactured to new design standards or upgraded to meet them by April 2020. Source: http://www.washingtonpost.com/local/trafficandcommuting/usdot-gets-strict-on-rules-for-trains-carrying-flammable-oil/2015/05/01/fd63b1f8-f00e-11e4-a55f-38924fca94f9_story.html

 · Two gunmen opened fire outside a cartoon exhibit and contest hosted at the Curtis Culwell Center in Garland, Texas, May 3, injuring one security guard before police shot and killed both gunman. – Reuters

24. May 4, Reuters – (Texas; Arizona) Gunman in cartoon attack in Texas monitored for years. Two gunmen opened fire outside a cartoon exhibit and contest hosted at the Curtis Culwell Center in Garland, Texas, May 3, injuring one security guard before police shot and killed both gunman. FBI agents in Phoenix evacuated the Autumn Ridge apartment complex for several hours May 3-May 4 while they searched an apartment and white van parked outside in connection to the incident. Source: http://www.reuters.com/article/2015/05/04/us-usa-shooting-texas-idUSKBN0NP01G20150504

 · The owners of the Manco and Manco pizza chain were charged for allegedly skimming $981,459 from the chain’s 3 Ocean City Boardwalk locations in New Jersey over 5 years. – Associated Press; Press of Atlantic City

25. May 4, Associated Press; Press of Atlantic City – (New Jersey) Owners skimmed nearly $1M from famed boardwalk pizzerias, feds allege. Court documents filed by federal prosecutors allege that the owners of the Manco and Manco pizza chain skimmed $981,459 from the chain’s 3 Ocean City Boardwalk locations in New Jersey over 5 years and evaded paying $336,273 in taxes in order to use the funds for personal living expenses. Source: http://www.nj.com/cape-may-county/index.ssf/2015/05/owners_skimmed_nearly_1m_from_famed_boardwalk_pizz.html

Financial Services Sector

3. May 2, Salem Statesman Journal – (Oregon) 3 suspects charged with credit, debit card fraud. Salem, Oregon police reported that three suspects from California were arrested April 23 on charges of identity theft related to a regional skimming scheme in which the suspects allegedly planted skimming devices at various locations to steal credit and debit card information that they used to purchase thousands of dollars of merchandise in multiple cities in Oregon. Authorities recovered over 100 fraudulent credit and debit cards, electronics, clothing, gift cards, and $3,500 in currency in searches of the suspects’ vehicle and hotel room. Source: http://www.statesmanjournal.com/story/news/2015/05/03/three-suspects-charged-credit-debit-card-fraud/26801817/

4. May 1, WJXT 4 Jacksonville – (International) 3 convicted in $9.2-million wire fraud scheme. Three businessmen were convicted of wire fraud May 1 for a scheme in which they used two New Zealand-based companies, Unistate Investments Savings and Loan Limited, as well as Aster Capital, Inc., and Vital Funds, Inc., to offer clients alternative capital financing and collected account arrangement fees on deals that were never closed, costing clients about $9.2 million in losses. One additional suspect remains a fugitive while two others pleaded guilty to their roles in the scheme. Source: http://www.news4jax.com/news/3-convicted-in-92million-wire-fraud-scheme/32687552

5. May 1, San Francisco Bay City News – (California) “Cotton Ball Bandit” convicted for 10 bank robberies. A Lakspur, California man dubbed the “Cotton Ball Bandit” was convicted April 29 for robbing 10 banks and attempting to rob another throughout Marin County between December 2012 and December 2013. Police arrested the suspect after he robbed the Novato Bank of the West in 2013 and led officers on a chase before crashing near Northgate Mall on U.S. Highway 101 in San Rafael. Source: http://kron4.com/2015/05/01/cotton-ball-bandit-convicted-for-10-bank-robberies/

6. May 1, Bergen County Record – (New Jersey) Kearny bank branch in North Arlington says skimmer was hooked up to ATM. Authorities are investigating after reporting May 1 that 128 Kearny Bank customers in North Arlington, New Jersey, may have had their credit or debit card data stolen after a skimmer device was found on an ATM machine at the bank. Source: http://www.northjersey.com/news/kearny-bank-branch-in-north-arlington-says-skimmer-was-hooked-up-to-atm-1.1323372

Information Technology Sector

22. May 4, Securityweek – (International) PayPal fixes remote code execution flaw in Partner Program website. PayPal fixed a vulnerability discovered by Vulnerability Lab researchers in its Partner Program Web site which would allow an attacker to leverage a bug in the site’s Java Debug Wire Protocol (JDWP) service to remotely execute server-side commands with root privileges. Source: http://www.securityweek.com/paypal-fixes-remote-code-execution-flaw-partner-program-website

23. May 1, Threatpost – (International) Mozilla moving toward full HTTPS enforcement in Firefox. The Mozilla Foundation reported that it will be phasing out unsecured hypertext transfer protocol (HTTP) connections in the Firefox browser in a two-phase plan, in which the company will only offer new browser features to secure, HTTPS (HTTP Secure)-enabled Web sites, before ultimately making existing features incompatible with HTTP sites altogether. Source: https://threatpost.com/mozilla-moving-toward-full-https-enforcement-in-firefox/112537

Communications Sector

Nothing to report