Monday, October 19, 2015



Complete DHS Report for October 19, 2015

Daily Report                                            

Top Stories

• Officials indicted 2 men October 14 for skimming $709,597.50 from 1,329 ATM accounts at multiple bank locations in Rhode Island and Connecticut. – Warwick Post See item 2 below in the Financial Services Sector

• CSX Transportation shut down its major rail terminal in Tennessee due to changing business environment and to significantly reduce coal traffic in the area October 15. – Knoxville News Sentinel

7. October 15, Knoxville News Sentinel – (Tennessee) CSX shuts down Erwin terminal, cuts 300 jobs in mountain community. CSX Transportation reported October 15 that it shut down its major rail terminal in Erwin, Tennessee, including a locomotive service center and a car shop due to changing business environment, and to significantly reduce coal traffic through the region. Source: http://www.knoxnews.com/business/csx-shuts-down-erwin-terminal-cuts-300-jobs-in-mountain-community_24806219

• Officials reported October 16 that a Kosovo citizen will be extradited to the U.S. for allegedly hacking into a U.S.-based company and stealing information of 1,351 government personnel. – Associated Press

17. October 16, Associated Press – (International) Officials: Hacker who ID’d U.S. military members for ISIS arrested. The U.S. Department of Justice reported October 16 that a Kosovo citizen will be extradited to the U.S. from Malaysia for allegedly hacking into the computer systems of a U.S.-based company and stealing the personal information of 1,351 U.S. military and other government personnel in order to share it with ISIS militants between June and August 2015. The suspect is believed to be the leader of the Kosova Hacker’s Security Internet hacking group. Source: http://abc13.com/news/officials-hacker-who-idd-us-military-members-for-isis-arrested/1035894/

• Four New York franchisees of Papa John’s International Inc., agreed to pay $500,000 in back wages and damages to about 250 employees October 15 after an investigation revealed the company violated payment minimum wages and overtime. – Reuters

26. October 15, Reuters – (New York) Papa John’s four NY franchisees to pay $500,000 in back wages. Four New York franchisees of Papa John’s International Inc. agreed to pay $500,000 in back wages and damages to about 250 employees October 15 after an investigation lead by the New York attorney general and the U.S. Department of Labor found the franchisees violated payment minimum wages and overtime, as well as basic labor law protections. Source: http://www.reuters.com/article/2015/10/15/papa-johns-wages-idUSL1N12F17620151015

Financial Services Sector

2. October 15, Warwick Post – (Rhode Island; Connecticut) Feds pursue Greenwood Credit Union ATM skimmer in Ecuador. U.S. officials indicted 2 New York men October 14 on charges that they skimmed $709,597.50 from 1,329 ATM accounts at Greenwood Credit Union, Bank Newport, First Niagra Bank, and Fairfield City Bank locations in Rhode Island and Connecticut. Authorities are seeking to extradite one of the men from Ecuador.

Information Technology Sector

21. October 16, Securityweek – (International) Critical flaw patched in Akismet plugin for WordPress. Automattic released an update for the Akismet WordPress plugin versions 3.1.4 and earlier after security researchers from Sucuri discovered a cross-site scripting (XSS) vulnerability in the plugin that could allow an unauthenticated attacker to insert malicious code into the WordPress administration panel’s comments area by using emoticons. Source: http://www.securityweek.com/critical-flaw-patched-akismet-plugin-wordpress

22. October 16, Securityweek – (International) Nuclear EK generates Flash exploits on-the-fly to evade detection. Security researchers from Morphisec discovered that the Nuclear exploit kit (EK) is generating different variations of an Adobe Flash exploit on-the-fly throughout the day and changing host Web sites that victims are being directed to hourly in an effort to bypass detection. The EK also tracks victims’ Internet protocol (IP) addresses to prevent the same exploit combination being served to the same victim twice. Source: http://www.securityweek.com/nuclear-ek-generates-flash-exploits-fly-evade-detection

Communications Sector

Nothing to report