Friday, July 10, 2015




Complete DHS Report for July 10, 2015

Daily Report                                            

Top Stories


  · The New York Stock Exchange suspended trading for almost four hours July 8 due to an internal technical issue. – Reuters See item 4 below in the Financial Services Sector



  · Officials reported that the former owner of Las Vegas-based MRI International Inc., and 2 Japanese associates were indicted July 8 for allegedly running a $1.5 billion Ponzi scheme targeting Japanese citizens between 2009 – 2013. – Reuters See item 5 below in the Financial Services Sector



  · Officials reported July 8 that that a ruptured pipe near Randleman’s city wastewater plant spilled about 250,000 gallons of untreated sewage into the Deep River and was undetected for 5 hours. – Associated Press


10. July 8, Associated Press – (North Carolina) Burst pipe dumps 250K gallons of untreated sewage into river. The North Carolina State Department of Environment and Natural Resources reported July 8 that that a ruptured pipe near Randleman’s city wastewater plant allowed about 250,000 gallons of untreated sewage to spill into the Deep River and was undetected for 5 hours. Randleman businesses were forced to shut down until repairs were completed.


  · Baltimore authorities reported July 8 that its city police commissioner was fired following an April incident in which a man died while in police custody that later led to an increase in riots and homicides within the city. – Associated Press


14. July 8, Associated Press – (Maryland) Baltimore mayor fires police commissioner
amid homicide rise. Baltimore authorities reported July 8 that its city police commissioner was fired following an April incident in which a man died while in police custody that later led to an increase in riots and homicides within the city.

Financial Services Sector

4. July 8, Reuters – (International) NYSE shut down for nearly four hours by technical glitch. The New York Stock Exchange (NYSE) suspended trading for almost four hours July 8 due to an internal technical issue. Other exchanges traded normally, and the trading of NYSE-listed stocks was unaffected. Source: http://finance.yahoo.com/news/nyse-suspends-trading-securities-due-161705660.html

5. July 8, Reuters – (International) Las Vegas exec bilked Japanese victims in $1.5 bln Ponzi scheme- Justice Dept. U.S. Department of Justice officials reported that the former owner of Las Vegas-based MRI International Inc., and 2 Japanese associates were indicted July 8 for allegedly running a $1.5 billion Ponzi scheme targeting Japanese citizens between 2009 – 2013 by promising to buy accounts receivable form medical companies at a discount and to recoup the value later, when instead the defendants used investments to repay earlier investors while diverting funds to themselves. Source: http://www.reuters.com/article/2015/07/08/usa-fraud-ponzi-lasvegas-idUSL1N0ZO2SN20150708

Information Technology Sector

15. July 9, Securityweek – (International) APT-style evasion techniques spotted in “Kofer” ransomware campaign. Security researchers from Cybereason discovered a ransomware campaign primarily targeting European users dubbed “Operation Kofer” that is mimicking advanced persistent threat (APT) operations by continuously generating new variants of the same malware to evade detection, among other anti-detection techniques. Source: http://www.securityweek.com/apt-style-evasion-techniques-spotted-%E2%80%9Ckofer%E2%80%9D-ransomware-campaign

16. July 9, CSO Online – (International) Despite warnings, majority of firms still run some Windows Server 2003. Softchoice released findings from a June report covering 200 enterprise data centers comprised of over 90,000 servers revealing that all but 7 percent of enterprises still used Microsoft Windows Server 2003, exposing companies to security, compliance, and operational risks as support for the platform is set to end July 14. Source: http://www.networkworld.com/article/2946173/security0/despite-warnings-majority-of-firms-still-run-some-windows-server-2003.html#tk.rss_all

17. July 9, Threatpost – (International) Bug in Android ADB backup system can allow injection of malicious apps. Security researchers discovered a severe vulnerability in all versions of the Android debug bridge (ADB) in which an attacker could inject a malicious Android application package (APK) file via the BackupAgent, which does not require Android permissions and does not filter the data stream returned by applications. Source: https://threatpost.com/bug-in-android-adb-backup-system-can-allow-injection-of-malicious-apps/113701

18. July 9, Securityweek – (International) OpenSSL patches serious certificate forgery vulnerability. OpenSSL developers released patches for a high severity alternative chain certificate forgery flaw, in which an attacker could bypass untrusted certificate checks and issue invalid certificates. The vulnerability affects versions 1.0.1n and 1.0.2b. Source: http://www.securityweek.com/openssl-patches-serious-certificate-forgery-vulnerability

Communications Sector

Nothing to report