Complete DHS Report for April 28, 2016
Daily Report
Top Stories
• Seven California residents were charged the week of April 18 for
their roles in a $14 million identity theft and international money laundering
scheme where the group filed approximately 7,000 fraudulent tax returns. – Los
Angeles Daily News See item 3 below in
the Financial Services Sector
• A 6-alarm fire April 26 at Kofkoff Egg Farms in Connecticut
killed at least 80,000 chickens, destroyed 1 of the facility’s 13 chicken
coops, and prompted the response of 150 firefighters. – Hartford Courant
11. April 27,
Hartford Courant – (Connecticut) Fire at Lebanon egg farm kills 80,000 chickens,
investigation underway. A 6-alarm fire April 26 at Kofkoff Egg Farms in
Lebanon, Connecticut, killed at least 80,000 chickens, destroyed 1 of the
facility’s 13 chicken coops, and prompted 150 firefighters from 25 fire
departments to remain on site for several hours containing the blaze. The cause
of the fire remains under investigation. Source: http://www.courant.com/breaking-news/hc-lebanon-kofkoff-egg-farms-fire-0427-20160426-story.html
• Pilgrim’s Pride Corp., expanded a previous recall April 26 to
include approximately 4,568,080 pounds of its fully cooked chicken products due
to potential contamination with extraneous materials. – U.S. Department of
Agriculture
12. April 27,
U.S. Department of Agriculture – (National) Pilgrim’s Pride
Corp. recalls poultry products due to possible foreign matter contamination. Pilgrim’s
Pride Corp., expanded an April 7 recall April 26 to include approximately
4,568,080 pounds of its fully cooked chicken products sold in 23 variations due
to potential contamination with plastic, wood, rubber, and metal pieces after
the company received consumer complaints regarding extraneous materials found
in the chicken nugget products. There have been no confirmed reports of adverse
reactions in connection with the recall and the products were distributed for
institutional use nationwide.
• Pfizer Inc., and Wyeth agreed to pay $784.6 million April 27 to
resolve allegations that Wyeth sold its Protonix Oral and Protonix IV drugs
through hidden, bundled sales arrangements without notifying the Federal
Government, which allowed hospitals to earn deep discounts. – U.S.
Department of Justice
14. April 27,
U.S. Department of Justice – (National) Wyeth and Pfizer agree to pay
$784.6 million to resolve lawsuit alleging that Wyeth underpaid drug rebates to
Medicaid. The U.S. Department of Justice announced April 27 that Pfizer
Inc., and Wyeth agreed to pay $784.6 million to resolve allegations that Wyeth
sold two of its proton pump inhibitor (PPI) drugs, Protonix Oral and Protonix
IV, through hidden, bundled sales arrangements allowing a hospital to earn deep
discounts on both drugs if it placed them on formulary and made them available
within the hospital. The company did not disclose the bundled sales
arrangements to the government, enabling them to avoid paying hundreds of
millions in rebates to Medicaid from 2000 – 2006.
Financial Services Sector
3. April 27,
Los Angeles Daily News – (International) Feds break up
money-laundering scheme linked to fraudulent Armenian passports. The U.S.
District Court in Santa Ana unsealed charges the week of April 18 against 7
California residents for their roles in a $14 million identity theft and
international money laundering scheme where the group filed approximately 7,000
fraudulent tax returns by using stolen identities to create fraudulent foreign
passports from the Republic of Armenia, Georgia, and the Czech Republic in
order to open numerous bank accounts and mailboxes, which were used to deposit
and launder the refunds. Officials stated that a total of 10 people were involved
in the fraud scheme that sought a total of $38 million in fraudulent tax
returns.
Information Technology Sector
21. April 27,
Help Net Security – (International) DDoS aggression and the evolution of IoT
risks. Neustar released its findings after conducting a survey on over
1,000 information technology (IT) professionals across 6 continents which
revealed that 76 percent of companies are investing in distributed
denial-of-service (DDoS) protection as DDoS attacks are continuing to evolve
from single large attacks to multi-vector attacks. Forty-seven percent of
attacked organizations were participating in information sharing on threats and
counter measures to mitigate future assaults.
22. April 26,
SecurityWeek – (International) Information stealer “Fareit” abuses
PowerShell. Security researchers from Trend Micro discovered a new variant
of the Fareit malware was stealing login details, Bitcoin-related data, and
other personal information from victims after the malware was delivered via
spam emails and executed through two different tactics including Word documents
and malicious macros, and PDF documents and Windows PowerShell. Attackers could
use PDF files to execute PowerShell via the OpenAction event that allows Fareit
to download onto a victim’s machine and collect information.
23. April 26,
Softpedia – (International) The Pirate Bay malvertising campaign pushes
Cerber ransomware. Security researchers from Malwarebytes and RiskIQ
reported that malicious ads on The Pirate Bay torrent portal were redirecting
victims, using older windows and Internet Explorer software to another Uniform
Resource Identifier (URL) where the Magnitude exploit kit (EK) would leverage a
Flash zero-day flaw to compromise vulnerable personal computers (PCs), install
the Cerber ransomware, and install potentially unwanted software (PUP). Source: http://news.softpedia.com/news/the-pirate-bay-malvertising-campaign-pushes-cerber-ransomware-503455.shtml
For another story, see item 24 below in the Communications Sector
Communications Sector
24. April 27,
SecurityWeek – (International) Android ransomware dropped via Towelroot,
hacking team exploits. Security researchers from Blue Coat Labs discovered
that a ransomware named “Cyber.Police” was able to install malicious programs
onto a mobile device without user interaction after finding that at least 224
devices running Android versions 4.0.3 to 4.4.4 were communicating the
malware’s command and control (C&C) server since February and that the
malicious programs were on devices running Cyanogenmod 10 version of Android
4.2.2. The malware was delivered via two known exploits including the Towelroot
exploit and a JavaScript exploit. Source: http://www.securityweek.com/android-ransomware-dropped-towelroot-hacking-team-exploits