Complete DHS Report for February 1, 2016
Daily Report
Top Stories
• San Diego officials announced indictments against
attorneys and medical professionals January 28 for their roles in a workers’
compensation fraud scheme, which resulted in millions of dollars’ worth of
fraudulent claims. – KSWB 69 San Diego
9. January
28, KSWB 69 San Diego – (California) 13 indicted in huge health
care fraud case. The San Diego County District Attorney’s Office announced
13 indictments against attorneys and medical professionals January 28 for their
roles in a workers’ compensation fraud scheme in which they allegedly paid
$450,000 in kickback payments to owners and operators of chiropractic clinics
in San Diego, Escondido, and Calexico in exchange for patient referrals,
resulting in millions of dollars in fraudulent workers’ compensation insurance
claims. Charges were also announced against three patient recruiters and four
corporations for allegedly recruiting people to file workers’ compensation
claims for on-the-job injuries and directing patients to specific chiropractors
involved in the scheme.
• As many as 179 students and staff members became ill
January 28 due to a carbon monoxide leak at Marshall Middle School in Texas,
which prompted the school’s evacuation and closure. – KPRC 2 Houston
11. January
29, KPRC 2 Houston – (Texas) Dozens of students hospitalized after carbon-monoxide
leak at Beaumont middle school. As many as 179 students and staff members
became ill January 28 due to a carbon monoxide leak at Marshall Middle School
in Beaumont, Texas, which prompted the school’s evacuation. The school will
remain closed January 29 while authorities investigate the source of the leak. Source: http://www.click2houston.com/news/students-hospitalized-after-carbon-monoxide-leak-at-middle-school-in-beaumont
• A January 28 report on the Washington, D.C. Metropolitan
Police Department’s use of excessive force found no evidence that the
department has an excessive force problem and that intentional discharges of
weapons have declined. – Washington Post
17. January
28, Washington Post – (Washington, D.C.) Excessive force not a problem in the D.C.
police force, but issues remain. A Washington, D.C. auditor commissioned
report on the Metropolitan Police Department’s use of excessive force and
shootings by officers was released January 28 reporting that researchers found
no evidence that the police force has an excessive-use-of-force problem, that
intentional discharges of weapons have declined, and that the number of fatal
shootings by police has remained relatively constant, among other findings. The
review also found several procedural and substantive shortcomings in the way
some internal investigations were conducted. Source: https://www.washingtonpost.com/local/public-safety/excessive-force-not-a-problem-in-the-dc-police-force-but-issues-remain/2016/01/27/a8357698-c4fd-11e5-8965-0607e0e265ce_story.html
• Federal
authorities reported January 28 that a man was charged for providing support to
a terrorist group after he allegedly released the personal information of more
than 1,000 U.S. soldiers and government employees to the group. – The
Register See item 22 below
in the Information Technology Sector
Financial Services Sector
Nothing
to report
Information Technology Sector
18. January
29, Help Net Security – (International) 60+ trojanized Android
games lurking on Google Play. Researchers from Dr. Web found over 60 game
apps offered on the Google Play store were embedded with the malicious Xiny
trojan that can download additional malicious apps and collect device
information such as the device’s International Mobile Station Equipment
Identity (IMEI) and International Mobile Subscriber Identity (IMSI), and send
the data to a command and control (C&C) server via 30 different game
developer accounts including Billapps, Conexagon Studio, and Fun Color Games,
among other accounts. Researchers believe the accounts are operated by the same
cybercriminals. Source: http://www.net-security.org/malware_news.php?id=3195
19. January
29, The Register – (International) Two-thirds of Android users vulnerable to web
history sniff ransomware. Researchers from Symantec reported that two in
three devices running Android versions prior to 5.0 (Lollipop) were susceptible
to the Lockdroid ransomware, which tricks users into allowing malicious code to
gain administrative privileges via overlaid popups that uses a fake message
disguised from the U.S. Department of Justice to trick victims’ into paying a
fee to unlock their devices after the message prompts them that their devices
have been locked due to visiting inappropriate Web sites. In addition, the
malware is capable of changing the device personal identification number (PIN)
and deleting user data through a factory reset. Source: http://www.theregister.co.uk/2016/01/29/android_ransomware/
20. January
29, SecurityWeek – (International) Facebook pays out $7,500 bounty for account
hijacking flaw. A researcher discovered a serious cross-site scripting
(XSS) vulnerability that could allow attackers to compromise users’ Facebook
accounts by using several Facebook plugins designed in an iframe, which
bypasses protections and can allow attackers to steal users’ cross-site request
forgery (CSRF) token and compromise users’ accounts by convincing a user to
click or visit a malicious link the hacker controls. Once the victim opens the
malicious link, the hacker can execute any action to the victims’ account. Source:
http://www.securityweek.com/facebook-pays-out-7500-bounty-account-hijacking-flaw
21. January
29, Help Net Security – (International) OpenSSL bug that could
allow traffic decryption has been fixed. The OpenSSL Project released
updates to its security protection system to protect its products against the
malicious Logjam, and released new versions of its OpenSSL cryptographic
library including OpenSSL 1.0.2f and 1.0.1r, which patches two security flaws
that could have been exploited by attackers to obtain keys to decrypt secure
communication and obtain sensitive information. Source: http://www.net-security.org/secworld.php?id=19389
22. January
28, The Register – (International) Alleged ISIL hacker faces US terror charges
for doxing soldiers. The U.S. Department of Justice and the FBI reported
January 28 that a man was extradited from Malaysia to Virginia after being
charged with hacking crimes and for providing support to a Middle Eastern
terrorist group after he allegedly released the personal information of more
than 1,000 U.S. soldiers and government employees to the group who intended to
use the information to attack the U.S. military and government personnel. Source:
http://www.theregister.co.uk/2016/01/28/alleged_isil_hacker_faces_us_terror_charges/
Communications Sector
See items 18 and 19 above
in the Information Technology Sector