Monday, June 29, 2015




Complete DHS Report for June 29, 2015

Daily Report

Top Stories

The Boise Police Department’s Organized Retail Crime Unit in Idaho arrested 2 suspects June 24 and seized 424 counterfeit credit and gift cards along with merchandise that they had bought with the fraudulent cards. – Boise Weekly See item 8 below in the Financial Services Sector

 • Interstate 75 in Chattanooga, Tennessee, reopened June 26 after being closed for about 12 hours due to a 9-vehicle accident that killed 6 people June 25. – Associated Press

9. June 26, Associated Press – (Tennessee) I-75 reopens after 6 killed in wreck outside Chattanooga. Interstate 75 in Chattanooga reopened June 26 after being closed for about 12 hours while crews cleared the scene of a 9-vehicle accident that killed 6 people June 25. The cause of the crash remains under investigation. Source: http://www.msn.com/en-us/news/us/i-75-reopens-after-6-killed-in-wreck-outside-chattanooga/ar-AAc9l1w

 • The California Assembly passed a bill June 25 restricting exemptions for mandatory vaccination schedules, negating the State’s personal belief exemption allowing only children with serious health problems to opt out. – Washington Post

13. June 26, Washington Post – (California) The California Assembly just approved one of nation’s strictest mandatory vaccine laws. The California Assembly passed a bill June 25 restricting exemptions for mandatory vaccination schedules, negating the State’s personal belief exemption allowing only children with serious health problems to opt out. Source: http://www.washingtonpost.com/news/morning-mix/wp/2015/06/26/the-california-assembly-just-approved-one-of-nations-strictest-mandatory-vaccine-laws/

 • Security researchers from Trend Micro discovered a security flaw in the Android operating system’s debugging component in which an attacker could create a special Executable and Linkable Format file to crash the debugger and view dumps and log files stored in memory, or to create a denial-of-service condition. – Softpedia See item 21 below in the Information Technology Sector

Financial Services Sector

6. June 25, Cleveland Plain Dealer – (Ohio) Three accused of Akron-based Ponzi scheme that cost investors $17 million. Three Northeast Ohio men were indicted June 25 on charges alleging that they defrauded 70 investors out of $17 million from 2010 – 2014 by convincing them to give money to KGTA Petroleum Ltd., a company partially owned by one of the suspects, and spent the proceeds on luxury items and mortgage payments. Source: http://www.cleveland.com/court-justice/index.ssf/2015/06/three_accused_of_akron-based_p.html

7. June 25, Associated Press – (Maryland) Md. man charged with stealing from ATMs with skimming device. A Riverdale, Maryland man was arrested June 24 on charges that he allegedly stole $300,000 from ATMs using skimming devices at a Sandy Spring Bank in Maryland. Source: http://baltimore.cbslocal.com/2015/06/25/md-man-charged-with-stealing-from-atms-with-skimming-device/

8. June 25, Boise Weekly – (Idaho) Hundreds of fraudulent credit cards seized, two suspects behind bars. The Boise Police Department’s Organized Retail Crime Unit arrested 2 suspects June 24 and seized 424 counterfeit credit and gift cards along with merchandise that they had bought with the fraudulent cards. Source: http://www.boiseweekly.com/boise/hundreds-of-fraudulent-credit-cards-seized-two-suspects-behind-bars/Content?oid=3515991

Information Technology Sector

19. June 26, Softpedia – (International) Click-fraud attack morphs into ransomware risk in a couple of hours. Security researchers at Damballa discovered that a threat actor dubbed RuthlessTreeMafia is distributing exploit kits along with the Rerdom malware in a click-fraud campaign in which they sell other threat actors access to infected users’ systems. Researchers observed an infection result in the delivery of the CryptoWall ransomware. Source: http://news.softpedia.com/news/click-fraud-attack-morphs-into-ransomware-risk-in-a-couple-of-hours-485395.shtml

20. June 26, Securityweek – (International) Default SSH keys expose Cisco’s virtual security appliances. Cisco reported that customers using its Web Security, Email Security, and Security Management Virtual Appliances were vulnerable due to the products’ use of default secure shell (SSH) keys, which could allow an unauthenticated, remote attacker to connect to a system with root user privileges. The company released a patch addressing the issue. Source: http://www.securityweek.com/default-ssh-keys-expose-ciscos-virtual-security-appliances

21. June 26, Softpedia – (International) 94% of Android devices vulnerable to bug exposing memory content. Security researchers from Trend Micro discovered security flaw in the Android operating system’s (OS) debugging component in which an attacker could create a special Executable and Linkable Format (ELF) file to crash the debugger and view dumps and log files stored in memory, or to create a denial-of-service (DoS) condition. The issue affects all Android versions after 4.0, Ice Cream Sandwich. Source: http://news.softpedia.com/news/94-of-android-devices-vulnerable-to-bug-exposing-memory-content-485382.shtml

22. June 25, Threatpost – (International) Stored XSS flaw patched in Thycotic secret server. Thycotic patched a stored cross-site scripting (XSS) vulnerability in its Secret Server product in which an attacker could use JavaScript code in the browser of a valid user to toggle the password mask and steal a victim’s stored passwords. Source: https://threatpost.com/stored-xss-flaw-patched-in-thycotic-secret-server/113473

For another story, see item 15 below from the Healthcare and Public Health Sector

15. June 25, Securityweek – (National) U.S. healthcare companies hardest hit by ‘Stegoloader’ malware. Security researchers from Trend Micro reported that North American healthcare organizations are the primary victims of the Stegoloader Trojan, a malware identified as TROJ_GATAK which embeds malicious code in image files to avoid detection and has anti-virtual machine and anti-emulation capabilities to prevent analysis. Source: http://www.securityweek.com/us-healthcare-companies-hardest-hit-stegoloader-malware

Communications Sector

23. June 25, Victorville Daily Press – (California) Verizon offering reward for copper theft information. Verizon officials announced June 25 that the company is offering a reward of up to $10,000 for information leading to the arrest and prosecution of the suspect, or suspects, responsible for the theft of roughly 16,000 feet of copper communication cables throughout Southern California. The company has implemented “additional security measures” to prevent future thefts and is working with State and local law enforcement authorities. Source: http://www.vvdailypress.com/article/20150625/NEWS/150629826

24. June 25, Columbia Daily Herald – (Tennessee) Internet outages reported in area. About 1,000 customers of Columbia Power and Water Systems (CPWS) and other Internet providers in Columbia, Tennessee experienced outages June 24 – June 25 after a laser in CPWS’ data center was damaged and due to a fiber optic cable cut. Source: http://columbiadailyherald.com/news/local-news/internet-outages-reported-area

25. June 25, WBTA 1490 AM Batavia – (New York) WBTA to be temporarily off-air Friday morning. WBTA Radio temporarily suspended AM and FM transmission June 26 in order to repair antenna damage caused by severe thunderstorms. While the stations are off-air, programming will continue on-line and via mobile devices. Source: http://www.wbta1490.com/LocalNews/tabid/115/articleType/ArticleView/articleId/6322/WBTA-to-be-Temporarily-Off-Air-Friday-Morning.aspx