Complete DHS Report for
December 17, 2015
Daily Report
Top Stories
• The Los Angeles County Board of Supervisors declared a
state of emergency December 15 due to the release of up to 1,200 tons of
methane into the atmosphere from a leaking Southern California Gas Co. well
site. – Los Angeles Daily News
1. December
16, Los Angeles Daily News – (California) LA County declares state of
emergency over Porter Ranch gas leak. The Los Angeles County Board of Supervisors
declared a state of emergency December 15 due to the release of up to 1,200
tons of methane into the atmosphere from a leaking Southern California Gas Co.
well site located above Porter Ranch over a period of 50 days. The declaration
will allow for more in-depth air monitoring and help with efforts to cap the
well. Source: http://www.dailynews.com/environment-and-nature/20151215/la-county-declares-state-of-emergency-over-porter-ranch-gas-leak
• Three men from Florida, New Jersey, and Maryland were
charged December 15 with a computer hacking and identity theft scheme in which
they stole the personal information of millions of people and gained over $2
million in illegal profits. – U.S. Attorney’s Office, District of New Jersey
See item 27 below in the
Information Technology Sector
• United Kingdom police arrested a suspect December 15
believed to be linked to a data breach at VTech Holdings Ltd that compromised
more than 6 million children profiles and more than 4.9 million parent
profiles. – Associated Press
30. December
15, Associated Press – (International) British police arrest Vtech hacking suspect. Police
in the United Kingdom arrested a suspect December 15 reportedly believed to be
linked to a November 30 data breach at VTech Holdings Ltd, a company that sells
electronic toys, that compromised more than 6 million children profiles and
more than 4.9 million parent profiles including names, email addresses,
Internet Protocol (IP) addresses, passwords, and mailing addresses, among other
information. The suspect stated he targeted VTech Holdings Ltd to expose the
company’s security flaws and raise awareness for security practices, with no
intention to sell the stolen data for profit. Source: http://www.denverpost.com/business/ci_29258377/british-police-arrest-vtech-hacking-suspect
• Eighteen suspects were arrested in connection to a $2
million gift card scheme by stealing merchandise from retail stores, returning
it for store credit, and reselling the cards in Deltona at half their values
December 14. – WFTV 9 Orlando
32. December
14, WFTV 9 Orlando– (Florida) ‘Operation Plastic Paradise’ nets 18 arrests in $2 million
gift card scheme. Authorities
in Volusia County announced December 14 that 18 suspects were arrested in
connection to a $2 million gift card scheme involving 2 store owners, 4
employees, and 12 customers who stole merchandise from retail stores, returned
it for store credit gift cards, and resold the cards to cash-for-gift-card
businesses in Deltona and Daytona Beach at half their values. Investigators determined
that 2 stores in particular bought 16,870 cards in an 8-month period resulting
in profits of $100,000 per month. Source: http://www.wftv.com/news/news/local/operation-plastic-paradise-nets-18-arrests-2-milli/npjmt/
Financial Services Sector
6. December
15, U.S. Attorney’s Office, District of New Jersey – (New
Jersey) Monmouth County, New Jersey stock promoter admits role in $33
million microcap stock manipulation scheme. A Holmdel, New Jersey man
pleaded guilty December 15 to his role in a $33 million microcap stock
manipulation scheme that used a “pump and dump” tactic to artificially inflate
the stock prices of 4 publically traded companies, known collectively as the
Target Companies, through manipulative trading and other fraudulent means. The
man worked with other co-conspirators and gained approximately $13 million from
the scheme. Source: https://www.fbi.gov/newark/press-releases/2015/monmouth-county-new-jersey-stock-promoter-admits-role-in-33-million-microcap-stock-manipulation-scheme
7. December
15, U.S. Securities and Exchange Commission – (Connecticut) SEC
announces fraud charges against investment adviser. The U.S. Securities and
Exchange Commission announced fraud charges December 15 against
Connecticut-based Atlantic Asset Management LLC (AAM) for investing more than
$43 million of client funds into illiquid bonds issued by BFG Socially
Responsible Investing Ltd., a partial owner of AAM, without disclosing to
clients that their sale would generate private placement fees for a
broker-dealer affiliated to the company. Source: http://www.sec.gov/news/pressrelease/2015-280.html
8. December
14, Reuters – (National) New York lawyer convicted of Maxim magazine deal
fraud. A New York lawyer was found guilty December 14 for his involvement
in a scheme to help fraudulently secure $31 million in financing from investors
in order to help a co-conspirator purchase Maxim magazine. The pair provided
fake bank account statements and emails to lenders in order to borrow $8
million, and attempted to secure an additional $20 million for the purchase of
the magazine. Source: http://www.reuters.com/article/us-usa-crime-maximmagazine-idUSKBN0TX2F720151214
Information Technology Sector
23. December
16, Softpedia – (International) FireEye security devices provide attackers
with backdoor into corporate networks. Two security researchers discovered
several FireEye security products had two zero-day flaws, such as the RCE and
privilege escalation bug that can execute malicious code disguised as the
highly privileged Malware Input Processor (mip) user and gain administrative
privileges on the infected device. FireEye released patches addressing the
vulnerabilities. Source: http://news.softpedia.com/news/fireeye-security-devices-provide-attackers-with-backdoor-into-corporate-networks-497702.shtml
24. December
16, SecurityWeek – (International) Mozilla
patches critical flaws with release of Firefox 43. Mozilla released its new
Firefox 43 web browser that patches 21 security flaws including cross-site
reading attacks, use-after-free vulnerabilities, and privilege escalation
issues related to WebExtension APIs, among other patches, as well as several
feature improvements, including a 64-bit version for Microsoft Windows. Source:
http://www.securityweek.com/mozilla-patches-critical-flaws-release-firefox-43
25. December
16, SecurityWeek – (International) Critical DoS flaw patched in BIND. The
Internet Systems Consortium (ISC) released updates to its open source software,
BIND that patches three vulnerabilities including a remotely exploitable
denial-of-service (Dos) issue that can trigger a REQUIRE assertion in db.c,
causing the server to close and deny service to clients, as well as a socket
error that can cause the server to exit when encountering an INSIST assertion
failure in the “resolver.c” library. The latest updates also fixes an Open SSL
vulnerability connected to the BN_mod_exp function that could produce issues on
x86_64 systems. Source: http://www.securityweek.com/critical-dos-flaw-patched-bind
26. December
16, Help Net Security – (International) Asian company is the
newest APT threat. A researcher from CloudSek CTO discovered the group,
dubbed Santa APT was targeting international software companies and individuals
to exploit confidential information via a desktop malware that disguises itself
on the targets computer, collects files, and sends the files back to the
attacker’s Command & Control (C&C) server, and through a second malware
that targets Microsoft Android and Apple iOS devices. Source: http://www.net-security.org/malware_news.php?id=3180
27. December
15, U.S. Attorney’s Office, District of New Jersey – (New
Jersey) Three men arrested in hacking and spamming scheme. A U.S.
Attorney official reported December 15 that three men from Florida, New Jersey,
and Maryland were charged with conspiracy to commit fraud and activities in
connection to computers, and conspiracy to commit wire fraud after the trio
allegedly compromised the personally identifiable information (PII) of millions
of several different corporate employees and generated more than $2 million in
illegal profits by creating a computer program to distribute disguised spam
emails and used proxy servers and botnets to conceal the origin of the emails
while collecting login credentials of employees, personal information, and
confidential business information. Source: https://www.fbi.gov/newark/press-releases/2015/three-men-arrested-in-hacking-and-spamming-scheme
28. December
15, IDG News Service – (International) TeslaCrypt Ransomware attacks are increasing.
Security researchers from Symantec reported that the file-encrypting
ransomware program, dubbed TeslaCrypt has been targeting computer games and
related software, increasing its infection rate from 200 a day to 1,800. The
ransomware infects a system via email attachments with the words “invoice,”
“doc,” or “info” that contains heavily obfuscated JavaScript code designed to
evade antivirus detention and download the ransomware program. Source: http://www.computerworld.com/article/3015454/security/teslacrypt-ransomware-attacks-are-increasing.html#tk.rss_security
Communications Sector
Nothing to report