Thursday, May 7, 2015



Complete DHS Report for May 7, 2015

Daily Report

Top Stories

 · Federal authorities sued the owners of North Dakota Developments LLC May 5 for allegedly raising over $62 million in a Ponzi scheme that defrauded U.S. and European investors by selling stakes in short-term housing projects for oil workers in the Bakken oil field region of North Dakota and Montana. – Reuters See item 4 below in the Financial Services Sector

 · The Minnesota Board of Animal Health reported May 4 that eight additional farms across the State are believed to have been hit by the H5N2 avian flu, including a 1.1 million hen flock at an egg-laying operation in Nicollet County. – Minneapolis Star Tribune

8. May 5, Minneapolis Star Tribune – (Minnesota) Minnesota farm with 1.1 million hens, largest yet, gets bird flu. The Minnesota Board of Animal Health reported May 4 that eight additional farms across the State are believed to have been hit by the H5N2 avian flu, including a 1.1 million hen flock at an egg-laying operation in Nicollet County. More than 5.34 million birds across 80 farms in the State have been affected. Source: http://www.startribune.com/business/302470731.html

 · Federal officials are reviewing an updated version of Hospira LifeCare PCA that addresses several vulnerabilities in the devices which could allow remote attackers to access configuration settings, software updates, and drug libraries. – Securityweek

12. May 6, Securityweek – (National) Serious security flaws found in Hospira LifeCare drug pumps. The U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) published an advisory based on a Canadian researcher’s findings that detailed several security issues in Hospira LifeCare PCA3 drug infusion pumps, including an improper authorization issue and insufficient verification of data authenticity which can be exploited by a remote attacker to upload drug libraries, configuration changes, and software updates. The company developed LifeCare PCA infusion system version 7.0 addressing the vulnerabilities, which is currently under review by the U.S. Food and Drug Administration. Source: http://www.securityweek.com/serious-security-flaws-found-hospira-lifecare-drug-pumps

 · A 4-alarm fire at the Brookside Condominium Complex in Arlington, Massachusetts, May 5 left 1 person dead and resulted in damage to 36 units. – WFXT 25 Boston

22. May 5, WFXT 25 Boston – (Massachusetts) 1 person killed in 4-alarm fire at Arlington condo complex. A 4-alarm fire at the Brookside Condominium Complex in Arlington, Massachusetts, May 5 left 1 person dead and resulted in damage to 36 units. Officials believe the blaze was sparked by the improper disposal of smoking materials in mulch that was placed closer to the building than allowed by law. Source: http://www.myfoxboston.com/story/28977699/4-alarm-fire-breaks-out-at-arlington-complex

Financial Services Sector

2. May 6, Softpedia – (International) Tinba banking trojan checks for sandbox before launching. Security researchers from F-Secure discovered a new variant of the Tiny Banker (Tinba) trojan, which checks for mouse movement and the active window a user is working on to ensure that it is executed on a real machine and not a sandbox before running its malicious routines. The trojan also queries the number of cylinders available to the system’s storage device to determine if it is a virtual machine. Source: http://news.softpedia.com/news/Tinba-Banking-Trojan-Checks-For-Sandbox-Before-Launching-480314.shtml

3. May 5, U.S. Department of Justice – (National) Ripple Labs Inc. resolves criminal investigation. The U.S. Treasury Department Financial Crimes Enforcement Network (FinCEN) in conjunction with the U.S. Attorney’s Office of the Northern District of California assessed a $700,000 penalty against San Francisco-based Ripple Labs Inc., and its subsidiary, XRP II, LLC May 5, for willful violations of the Bank Secrecy Act. Violations include selling virtual currency without registering with FinCEN, and failing to implement and maintain an adequate anti-money laundering program. Source: http://www.justice.gov/opa/pr/ripple-labs-inc-resolves-criminal-investigation

4. May 5, Reuters – (International) SEC lawsuit alleges Ponzi scheme over North Dakota ‘man camps.’ The U.S. Securities and Exchange Commission (SEC) sued North Dakota Developments LLC and its three owners May 5, for an alleged fraud and Ponzi scheme in which the suspects illegally raised over $62 million from hundreds of investors in at least 12 States and multiple European countries since 2012 by selling stakes in 4 short-term housing projects for oil workers in the Bakken oil field region in North Dakota and Montana, known as “man camps.” The SEC claimed that the trio paid investors from other invested funds and misappropriated over $25 million for hidden broker commissions, payment to themselves, and investment in other Bakken projects. Source: http://www.reuters.com/article/2015/05/05/sec-northdakotadevelopments-mancamps-idUSL1N0XW3BH20150505

Information Technology Sector

See item 2 above in the Financial Services Sector

Communications Sector

18. May 6, Keokuk Daily Gate City – (Iowa) CenturyLink service could be restored after midnight tonight. Telephone, some cell phone and Internet services for CenturyLink customers in Burlington, Fort Madison, and Keokuk were down after a CenturyLink fiber was cut May 5. Crews worked to restore services by May 6. Source: http://www.dailygate.com/news/article_d4b78804-f380-11e4-b413-f3a8a7ff16f5.html

19. May 5, Marin Independent Journal – (California) San Rafael AT&T service disruption continuous for second day after Terra Linda crash. Crews worked May 5 to restore Internet and phone services to the remaining AT&T customers in San Rafael impacted by an outage caused by an alleged drunk driver that crashed into AT&T vaults at an intersection in Terra Linda May 3. Source: http://www.marinij.com/general-news/20150504/san-rafael-att-service-disruption-continues-for-second-day-after-terra-linda-crash