Complete DHS Report for April 7, 2016
Daily Report
Top Stories
• A minister was convicted April 5 for his role in a nearly
$5 million fraudulent tax return scheme where he and a co-conspirator allegedly
filed over 2,700 fraudulent tax returns on behalf of church members in Ohio and
other States. – Associated Press See item 1 below
in the Financial Services Sector
• A Kentucky lawyer, a retired administrative law judge, and a
psychologist were charged April 5 with committing $600 million in disability
fraud by submitting over 2,000 fake medical claims with the U.S. Social
Security Administration seeking disability benefits. – Reuters
7. April 5,
Reuters – (Kentucky; West Virginia) Three Kentucky men indicted in $600
million federal fraud case. An indictment unsealed April 5 charged a
Kentucky lawyer, a retired administrative law judge, and a psychologist with
committing $600 million in disability fraud by submitting over 2,000 fake
medical claims with the U.S. Social Security Administration seeking disability
benefits. The attorney advertised his services through the Web site
MrSocialSecurity.com and routed clients’ claims to a regional office in West
Virginia where the administrative law judge would assign the cases to himself
or have someone else assign them to him.
• State and Federal officials reported April 5 that 21 brokers in
the New York metropolitan area were arrested for knowingly recruiting foreign
students to the University of Northern New Jersey, a fake institution set up by
DHS in 2012. – New York Times
10. April 5,
New York Times – (New Jersey) New Jersey University was fake, but Visa fraud
arrests are real. New Jersey officials and U.S. Immigration and Customs
Enforcement authorities announced April 5 that 21 brokers in the New York
metropolitan area were arrested for knowingly recruiting foreign students,
mainly from China and India, to the University of Northern New Jersey, a fake
institution set up by DHS in 2012, in order to obtain student visas. The
brokers worked with individuals posing as university officials, charged the
students fees, and received kickbacks in the scheme which allowed the students
to stay in the county and obtain employment.
• Adobe reported April 5 that it will be releasing a patch for its
Flash Player 21.0.0.197 and its earlier versions April 7 which will address a
zero-day vulnerability after malicious attackers were seen actively exploiting
the flaw. – SecurityWeek See item 14 below in
the Information Technology Sector
Financial Services Sector
1. April 5,
Associated Press – (National) Minister convicted in $5 million tax scam. A
traveling minister from Arkansas was convicted April 5 for his role in a nearly
$5 million fraudulent tax return scheme where he and a co-conspirator allegedly
filed over 2,700 fraudulent tax returns on behalf of church members in Ohio and
other States after obtaining church members’ personal information by claiming
to help the members procure government stimulus funds. The minister and
co-conspirator took fees from each tax refund while congregants received the balance. Source: http://www.foxnews.com/us/2016/04/05/minister-convicted-in-5-million-tax-scam.html
2. April 5,
WUSA 9 Washington, D.C. – (Maryland) Serial ‘bandage’ bank bandit. The
FBI announced a search April 5 for a bank robber dubbed the “Bandage” who
robbed a Sandy Spring Bank branch in Burtonsville and a Capital One Bank branch
in Elkridge April 1. Authorities stated that the man is suspected of robbing
seven other banks in Maryland since October 2015. Source: http://www.wusa9.com/news/local/maryland/wanted-serial-bank-robber-wearing-neckbrace-eyepatch/121283824
Information Technology Sector
13. April 6,
Softpedia – (International) Windows’ Pirrit adware ported to OS X via Qt
Framework. Security researcher from Cybereason discovered that the
OSX/Pirrit adware was infecting Apple Mac users for the first time and
hijacking users’ Web traffic with several ads via the Qt Framework, which
allows programmers to write applications that work on Apple Mac devices, Linux
systems, and Microsoft Window devices. The malware was seen using several steps
to infiltrate a system after a user launches a Pirrit-laced binary. Source: http://news.softpedia.com/news/windows-pirrit-adware-ported-to-os-x-via-qt-framework-502637.shtml
14. April 6,
SecurityWeek – (International) Adobe to patch actively exploited Flash
zero-day. Adobe reported April 5 that it will be releasing a patch for its
Flash Player 21.0.0.197 and its earlier versions April 7 which will address a
zero-day vulnerability after malicious attackers were seen actively exploiting
the flaws. Customers were advised to ensure their Flash Players were updated to
version 21.0.0.182 or later. Source: http://www.securityweek.com/adobe-patch-actively-exploited-flash-zero-day
15. April 5,
SecurityWeek – (International) New Locky variants change communication
patterns. Researchers from Check Point discovered that Locky, a prominent ransomware
family, had changed its distribution mechanism to use JavaScript (.js)
attachments for malware distribution and that another Locky variant was
included as the malicious payload in the Nuclear exploit kit (EK) with
additional communication changes. In addition, FireEye Labs researchers found
that the ransomware was increasing its infection rate and surpassing the Dridex
spam activities.
For another story, see item 16 below in the Communications Sector
Communications Sector
16. April 6,
SecurityWeek – (International) Quanta routers plagued by many unpatched
flaws. A security researcher discovered more than 20 vulnerabilities in the
latest firmware version of Quanta Computer’s LTE QDH routers, and several other
devices including QDH, UNE, Mobily, and YooMee 4G routers that can allow an
attacker to obtain sensitive information including credentials and
configuration data through several flaws including remote code execution,
arbitrary file access, a denial-of-service (DoS) vulnerability, and a hardcoded
Secure Shell (SSH) server key that can be used to decrypt SSH traffic going
through the router. Quanta stated the vulnerabilities in the LTE QDH routers
will not be patched since the routers have reached end of life (EOL). Source: http://www.securityweek.com/quanta-routers-plagued-many-unpatched-flaws
No comments:
Post a Comment