Tuesday, September 29, 2015



Complete DHS Report for September 29, 2015

Daily Report                                            

Top Stories


 • A former La Jolla Bank official pleaded guilty September 25 to a bribery scheme in which she conspired with senior executives to arrange over $55 million in loans to unqualified borrowers. – San Diego Union-Tribune See item 3 below in the Financial Services Sector

 • California officials re-adopted the low-carbon fuel standard September 25, requiring producers to cut transportation fuel emissions 10 percent by 2020. – Associated Press

9. September 25, Associated Press – (California) California regulators restore emissions-cutting fuel rule. California officials re-adopted its low-carbon fuel standard September 25, requiring producers to cut transportation fuel emissions 10 percent by 2020. The changes are also expected to increase the cost of gasoline and diesel fuel a few cents a gallon.Source: http://lompocrecord.com/news/state-and-regional/california-regulators-restore-emissions-cutting-fuel-rule/article_6dd7fd91-4491-5272-8649-fce6b1d31eaa.html?comment_form=true

 • The U.S. Department of Health and Human Services released an audit September 24 on the Multidimensional Insurance Data Analytics System and found that it had issues with its security policy and 135 database vulnerabilities. – Associated Press

20. September 24, Associated Press – (National) Audit finds holes in government computer system that stores data on HealthCare.gov customers. The U.S. Department of Health and Human Services Inspector General’s Office released an audit September 24 on the Federal Government’s Multidimensional Insurance Data Analytics System (MIDAS), and found that the internal computer system, which is used to store sensitive personal information on millions of health insurance customers, had issues of security policy and 135 database vulnerabilities. Officials reported that it fixed all the problems identified in the audit, including the nearly two dozen that were categorized as potentially catastrophic or severe. Source: http://www.startribune.com/audit-finds-slipshod-cyber-security-at-healthcare-gov/329204921/

 • Officials reported September 27 that up to 40 people were injured at the Summer Ends music festival in Tempe Beach Park September 26 after concert-goers rushed the stage, prompting authorities to cancel a musical set due to a medical emergency. – Associated Press

28. September 27, Associated Press – (Arizona) Concert-goers injured after dozens rush music festival stage in Arizona. Arizona fire officials reported September 27 that up to 40 people were injured at the Summer Ends music festival in Tempe Beach Park September 26 after concert-goers rushed the stage when a reggae band came on, prompting authorities to cancel a musical set due to a medical emergency. Fans were moved back from the stage while medical professionals tended to the injured. Source: http://www.theguardian.com/us-news/2015/sep/27/arizona-music-festival-concert-goers-rush-stage

Financial Services Sector

3. September 26, San Diego Union-Tribune – (California) Guilty plea in La Jolla bribery scheme. A former head of La Jolla Bank’s Small Business Administration (SBA) lending department pleaded guilty September 25 to a bribery scheme in which she conspired with senior executives to arrange over $55 million in loans to unqualified borrowers, for which she and other executives took cash bribes and kickbacks in exchange. Hundreds of millions of dollars’ worth of conventional loans were reportedly part of the scheme, and the SBA-backed loans issued by the suspect resulted in almost $20 million worth of bank losses. Source: http://www.sandiegouniontribune.com/news/2015/sep/26/Amalia-Martinez-guilty-la-jolla-bank-bribery/

4. September 25, Press of Atlantic City – (New Jersey) Suspects skimmed Margate bank customers’ info, police say. Margate Police and U.S. Secret Service officials were investigating reports of fraud September 25 after ATM skimming devices installed on Bank of America ATMs in July reportedly resulted in losses of over $50,000 to 40 customers. Source: http://www.pressofatlanticcity.com/news/suspects-skimmed-margate-bank-customers-info-police-say/article_286e6f8a-63c5-11e5-a659-eb719a10e4d0.html

For another story, see item 27 below in the Information Technology Sector

Information Technology Sector

23. September 28, Securityweek – (International) Mobile ad network abused in DDoS attack: CloudFlare. CloudFlare reported that a customer was recently targeted by a Layer 7 JavaScript-based distributed denial-of-service (DDoS) attack leveraging a mobile ad network in an attack that involved over 1 billion Hypertext Transfer Protocol (HTTP) requests per hour. Security researchers warned that the attack could be signaling a new trend in DDoS attacks that are more difficult to mitigate. Source: http://www.securityweek.com/mobile-ad-network-abused-ddos-attack-cloudflare

24. September 26, Securityweek – (International) Cookies render HTTPS sessions vulnerable to data leaks. The Computer Emergency Readiness Team (CERT) published an advisory warning that cookies established via regular Hypertext Transfer Protocol (HTTP) requests are a security flaw for HTTP Secure (HTTPS) sessions, and that an attacker could set a cookie to be later used via an HTTPS connection instead of the original Web site, potentially gaining access to private information.

25. September 26, Softpedia – (International) Operation Pony Express delivers malware via Microsoft Word files. Security researchers from Sophos reported that a spear-phishing campaign active from April – May, dubbed Operation Pony Express, utilized a documented Microsoft Word vulnerability delivered via an intermediary malware downloader. The campaign targeted specific individuals and organizations with emails containing fake rich text format (RTF) invoice files purporting to be from RingCentral. Source: http://news.softpedia.com/news/operation-pony-express-delivers-malware-via-microsoft-word-files-492836.shtml

26. September 25, Softpedia – (International) Over 2,000 WordPress sites are infecting users with spyware. Security researchers from Zscaler discovered a covert spyware distribution campaign active since August that has been targeting the latest WordPress content management system (CMS) with malicious JavaScript code that uses iframes to collect user information and redirects users to pages containing spyware masked as an Adobe Flash Player update. The campaign has affected over 2,000 sites and infected over 20,000 users. Source: http://news.softpedia.com/news/over-2-000-wordpress-sites-are-infecting-users-with-spyware-492825.shtml

27. September 25, Softpedia – (International) Kasidet DDOSing bot adds credit card scraping capabilities. Security researchers from TrendMicro discovered a new version of the Kasidet/Neutrino distributed denial-of-service (DDoS) bot, which as of March added support for scraping a device’s point-of-sale (PoS) random access memory (RAM). The bot’s command-and-control (C&C) server also attempts to evade mitigation by sending “404 not found” errors to make it appear that it is not working properly. Source: http://news.softpedia.com/news/kasidet-ddosing-bot-adds-credit-card-scraping-capabilities-492802.shtml

Communications Sector

Nothing to report