Complete DHS Report for
September 18, 2015
Daily Report
Top Stories
• Officials
announced September 14 that 5 cooling towers, power lines, and communications
at the Geysers geothermal power generation facility were damaged due to the
Valley Fire in California. – Los Angeles Times
3. September
14, Los Angeles Times – (California) Northern California Valley
fire damages part of huge geothermal power generator. Houston-based Calpine
announced September 14 that five cooling towers, power lines, and
communications at the Geysers geothermal power generation facility along the
Sonoma County and Lake County borders were damaged due to the Valley Fire
burning in northern California. Officials reported that the damage did not
impact services.
• General Motors Co
announced September 17 that it would pay $900 million and admit fault to
resolve a U.S. criminal investigation into the company’s handling of defective
ignition switches in its vehicles and failure to disclose the defect to
customers. – Reuters
4. September
17, Reuters – (National) GM to pay $900 million to end U.S. criminal
ignition switch probe. General Motors Co (GM) announced it would pay $900
million September 17 and admit fault to resolve a U.S. criminal investigation
into the company’s handling of defective ignition switches in its vehicles and
allegations that GM failed to disclose the defect and misled customers and the
government about the safety of affected models. GM also agreed to a $575
million partial settlement in separate nationwide private and shareholder litigation. Source:
http://www.reuters.com/article/2015/09/17/us-gm-probe-idUSKCN0RG2WF20150917
• Crews worked September 17 to contain the 73,700-acre
Valley Fire burning in California that destroyed 585 houses and caused 3
deaths. – KRON 4 San Francisco
18. September
17, KRON 4 San Francisco – (California) Valley Fire: Body of missing
reporter found; death toll rises to three. Crews worked September 17 to
contain the 73,700-acre Valley Fire burning in North Bay that destroyed 585
houses and caused 3 deaths. Source: http://kron4.com/2015/09/17/valley-fire-day-6-of-the-fight-against-the-deadly-firestorm/
• Researchers confirmed that the Chinese hacking group Iron
Tiger stole data from U.S. defense contractors, intelligence agencies,
FBI-based partners, other government entities, and tech-based contractors in
multiple industries. – Forbes See item 20 below
in the Information Technology Sector
Financial Services Sector
5. September
17, Help Net Security – (International) New POS trojan created by
mixing code from older malware. Security researchers from Dr. Web
discovered a new trojan dubbed Trojan.MWZLesson, targeting point-of-sale (PoS)
terminals to obtain bank card data from the device’s compromised random access
memory (RAM), that was pieced together with parts of the Neutrino backdoor and
the Dexter PoS trojan. The malware can update itself, download and execute
files, find documents, and mount HyperText Transport Protocol (HTTP) Flood
attacks. Source: http://www.net-security.org/malware_news.php?id=3101
6. September
16, Bloomberg News – (New York) Ex-Morgan Stanley broker pleads guilty to insider
training. A former broker for Morgan Stanley pleaded guilty to charges of
insider trading on insider information stolen from Simpson, Thacher &
Bartlett LLP, and to fraud charges alleging he bought securities for himself,
his family, his friends and business partners, gaining $5.6 million in profit
from 2009 - 2013. Source: http://www.bloomberg.com/news/articles/2015-09-16/ex-morgan-stanley-broker-pleads-guilty-in-insider-trading-case
7. September
16, Reuters – (National) CVS Health in $48 million settlement of lawsuit
over hiding loss. CVS Health Corp agreed to pay $48 million to resolve
charges accusing the company of fraudulently concealing a $4.5 billion loss of
annual revenue in its pharmacy benefits manager business, leading to a dip in
stock price on November 2009. Source: http://www.reuters.com/article/2015/09/16/cvs-health-settlement-idUSL1N11M12K20150916
8. September
16, Los Angeles Times – (California) Two arrested in alleged $21
million movie investment scheme. A former insurance agent and a director
were arrested on charges accusing them of a movie investment Ponzi scheme that
cost more than 140 victims about $21 million, in which they allegedly solicited
investors for funding for fake films through Windsor Pictures LLC, while
promising returns. Source: http://www.latimes.com/entertainment/envelope/cotown/la-et-ct-movie-investment-scam-20150916-story.html
Information Technology Sector
20. September
17, Forbes – (International) Chinese-based cyber attacks on US military are
‘advanced, persistent and ongoing’: Report. Trend Micro released research
confirming that the Chinese advanced persistent threat (APT) group dubbed Iron
Tiger was observed stealing trillions of bytes of data from U.S. defense
contractors, intelligence agencies, FBI-based partners, other government
entities, and tech-based contractors in the electric, aerospace, intelligence,
telecommunications, energy, and nuclear engineering industries, including
Westinghouse Electric Company. The group is believed to be an iteration of
Emissary Panda/Threat Group 3390, who previously focused on east-Asian
political targets. Source: http://www.forbes.com/sites/lisabrownlee/2015/09/17/chinese-cyber-attacks-on-us-military-interests-confirmed-as-advanced-persistent-and-ongoing/
21. September
17, Help Net Security – (International) 80% increase of malware on
Windows devices. Alcatel-Lucent released report findings revealing that 80
percent of mobile network malware infections detected in the first half of 2015
were found on Windows-based systems, that 10 of the largest threats on
smartphones were mobile spyware, and that the prevalence of adware has been
increasing, among other findings. Source: http://www.net-security.org/malware_news.php?id=3102
22. September
17, The Register – (International) Malware links Russians to 7-year global
cyberspy campaign. Security researchers from F-Secure released new analysis
revealing that the group behind the Dukes 7-year cyber-espionage malware
campaign has been utilizing unique malware toolsets to steal information from
governments worldwide as well as non-government organizations (NGOs).
Researchers believe that the group operated to support Russian intelligence
gathering. Source: http://www.theregister.co.uk/2015/09/17/russian_cyberspy_dukes_campaign/
23. September
17, Threatpost – (International) Dutch police arrest CoinVault ransomware
authors. Dutch authorities arrested two suspects believed to be behind the
CoinVault ransomware campaign that started in May 2014 and targeted over 1,500 users in nearly 24
countries. The ransomware encrypted victims’ files and made them unrecoverable
until payment was received. Source: https://threatpost.com/dutch-police-arrest-alleged-coinvault-ransomware-authors/114707/
24. September
16, Threatpost – (International) Schenider patches plaintext credentials bug
in building automation system. Schneider Electric released a firmware
update for its StruxureWare Building Expert automation system addressing a
remotely executable vulnerability regarding how the system transmits user
credentials in plaintext between server and client machines. The Industrial
Control System Cyber Emergency Response Team reported that the vulnerability
has not been publicly exploited. Source: https://threatpost.com/schneider-patches-plaintext-credentials-bug-in-building-automation-system/114702/
For another story, see item 5 above in the Financial Services Sector
Communications Sector
25. September
16, Ars Technica – (California) More California fiber optic cable severed as
AT&T offers 250K reward. The FBI is conducting an investigation
September 16 into an attack on AT&T data lines in San Francisco after 2
more fiber optic cables were severed September 16, increasing the number of
attacks to 16 since July 2014. AT&T is offering $250,000 for the capture of
the culprit. Source: http://arstechnica.com/tech-policy/2015/09/more-california-fiber-optic-cable-severed-as-att-offers-250k-reward/
For another
story, see item 20 above in the Information Technology Sector