Monday, February 1, 2016



Complete DHS Report for February 1, 2016

Daily Report                                            

Top Stories

• San Diego officials announced indictments against attorneys and medical professionals January 28 for their roles in a workers’ compensation fraud scheme, which resulted in millions of dollars’ worth of fraudulent claims. – KSWB 69 San Diego

9. January 28, KSWB 69 San Diego – (California) 13 indicted in huge health care fraud case. The San Diego County District Attorney’s Office announced 13 indictments against attorneys and medical professionals January 28 for their roles in a workers’ compensation fraud scheme in which they allegedly paid $450,000 in kickback payments to owners and operators of chiropractic clinics in San Diego, Escondido, and Calexico in exchange for patient referrals, resulting in millions of dollars in fraudulent workers’ compensation insurance claims. Charges were also announced against three patient recruiters and four corporations for allegedly recruiting people to file workers’ compensation claims for on-the-job injuries and directing patients to specific chiropractors involved in the scheme.

• As many as 179 students and staff members became ill January 28 due to a carbon monoxide leak at Marshall Middle School in Texas, which prompted the school’s evacuation and closure. – KPRC 2 Houston

11. January 29, KPRC 2 Houston – (Texas) Dozens of students hospitalized after carbon-monoxide leak at Beaumont middle school. As many as 179 students and staff members became ill January 28 due to a carbon monoxide leak at Marshall Middle School in Beaumont, Texas, which prompted the school’s evacuation. The school will remain closed January 29 while authorities investigate the source of the leak. Source: http://www.click2houston.com/news/students-hospitalized-after-carbon-monoxide-leak-at-middle-school-in-beaumont

• A January 28 report on the Washington, D.C. Metropolitan Police Department’s use of excessive force found no evidence that the department has an excessive force problem and that intentional discharges of weapons have declined. – Washington Post

17. January 28, Washington Post – (Washington, D.C.) Excessive force not a problem in the D.C. police force, but issues remain. A Washington, D.C. auditor commissioned report on the Metropolitan Police Department’s use of excessive force and shootings by officers was released January 28 reporting that researchers found no evidence that the police force has an excessive-use-of-force problem, that intentional discharges of weapons have declined, and that the number of fatal shootings by police has remained relatively constant, among other findings. The review also found several procedural and substantive shortcomings in the way some internal investigations were conducted. Source: https://www.washingtonpost.com/local/public-safety/excessive-force-not-a-problem-in-the-dc-police-force-but-issues-remain/2016/01/27/a8357698-c4fd-11e5-8965-0607e0e265ce_story.html

• Federal authorities reported January 28 that a man was charged for providing support to a terrorist group after he allegedly released the personal information of more than 1,000 U.S. soldiers and government employees to the group. – The Register See item 22 below in the Information Technology Sector

Financial Services Sector

Nothing to report

Information Technology Sector

18. January 29, Help Net Security – (International) 60+ trojanized Android games lurking on Google Play. Researchers from Dr. Web found over 60 game apps offered on the Google Play store were embedded with the malicious Xiny trojan that can download additional malicious apps and collect device information such as the device’s International Mobile Station Equipment Identity (IMEI) and International Mobile Subscriber Identity (IMSI), and send the data to a command and control (C&C) server via 30 different game developer accounts including Billapps, Conexagon Studio, and Fun Color Games, among other accounts. Researchers believe the accounts are operated by the same cybercriminals. Source: http://www.net-security.org/malware_news.php?id=3195

19. January 29, The Register – (International) Two-thirds of Android users vulnerable to web history sniff ransomware. Researchers from Symantec reported that two in three devices running Android versions prior to 5.0 (Lollipop) were susceptible to the Lockdroid ransomware, which tricks users into allowing malicious code to gain administrative privileges via overlaid popups that uses a fake message disguised from the U.S. Department of Justice to trick victims’ into paying a fee to unlock their devices after the message prompts them that their devices have been locked due to visiting inappropriate Web sites. In addition, the malware is capable of changing the device personal identification number (PIN) and deleting user data through a factory reset. Source: http://www.theregister.co.uk/2016/01/29/android_ransomware/

20. January 29, SecurityWeek – (International) Facebook pays out $7,500 bounty for account hijacking flaw. A researcher discovered a serious cross-site scripting (XSS) vulnerability that could allow attackers to compromise users’ Facebook accounts by using several Facebook plugins designed in an iframe, which bypasses protections and can allow attackers to steal users’ cross-site request forgery (CSRF) token and compromise users’ accounts by convincing a user to click or visit a malicious link the hacker controls. Once the victim opens the malicious link, the hacker can execute any action to the victims’ account. Source: http://www.securityweek.com/facebook-pays-out-7500-bounty-account-hijacking-flaw

21. January 29, Help Net Security – (International) OpenSSL bug that could allow traffic decryption has been fixed. The OpenSSL Project released updates to its security protection system to protect its products against the malicious Logjam, and released new versions of its OpenSSL cryptographic library including OpenSSL 1.0.2f and 1.0.1r, which patches two security flaws that could have been exploited by attackers to obtain keys to decrypt secure communication and obtain sensitive information. Source: http://www.net-security.org/secworld.php?id=19389

22. January 28, The Register – (International) Alleged ISIL hacker faces US terror charges for doxing soldiers. The U.S. Department of Justice and the FBI reported January 28 that a man was extradited from Malaysia to Virginia after being charged with hacking crimes and for providing support to a Middle Eastern terrorist group after he allegedly released the personal information of more than 1,000 U.S. soldiers and government employees to the group who intended to use the information to attack the U.S. military and government personnel. Source: http://www.theregister.co.uk/2016/01/28/alleged_isil_hacker_faces_us_terror_charges/

Communications Sector

See items 18 and 19 above in the Information Technology Sector