Wednesday, May 11, 2016



Complete DHS Report for May 11, 2016

Daily Report                                            

Top Stories

• A loan officer and three others were indicted on Federal charges May 9 after the group allegedly defrauded several central Kentucky banks out of more than $40 million in loans or loan renewals. – Lexington Herald-Leader See item 5 below in the Financial Services Sector

• Researchers at Proofpoint discovered CryptXXX version 2.006 which defeats a Kaspersky Lab decrypter, and locks a user’s entire screen, forcing them to log onto a different computer to go online to buy Bitcoin and pay the ransom. – Softpedia See item 20 below in the Information Technology Sector

• The U.S. Federal Trade Commission began an investigation May 10 into the security practices of eight major mobile companies to determine how the companies plan and carry out security operations for their mobile divisions. – Softpedia See item 21 below in the Communications Sector

• Los Angeles Police are searching for 5 men suspected of stealing over 7,600 Dell laptop computers worth approximately $4 million May 6 from a warehouse in the Harbor Gateway area. – MyNewsLA.com

23. May 9, MyNewsLA.com – (California) $4M worth of laptops stolen from Harbor Gateway warehouse. Los Angeles Police are searching for 5 men suspected of stealing over 7,600 Dell laptop computers worth approximately $4 million May 6 during an armed robbery at a warehouse in the Harbor Gateway area. The suspects zip-tied a guard and hooked up two trailers containing the merchandise to two trucks before driving off. Source: http://mynewsla.com/crime/2016/05/09/4m-worth-of-laptops-stolen-from-harbor-gateway-warehouse/

Financial Services Sector

5. May 9, Lexington Herald-Leader – (Kentucky) Four charged in alleged central Kentucky bank fraud involving $40 million. A loan officer and three others were indicted on Federal charges May 9 after the group, operating as various businesses, allegedly defrauded several central Kentucky banks out of more than $40 million in loans or loan renewals by making false representations or omissions on loan documents to banks in Fayette, Woodford, and Harrison counties from May 2006 – September 2010. Officials stated that the group used the loans for purposes other than those listed in the application. Source: http://www.kentucky.com/news/local/crime/article76606412.html

6. May 9, SecurityWeek – (International) Android trojan steals credit card info, locks devices remotely. Researchers from Avast discovered a new Android banking trojan that is capable of spying on users and stealing credit card information by gaining admin rights to a victim’s device after continuously prompting the Device Admin activation dialog until the user grants the malware admin rights, while hiding the app icon following the program’s first run. Researchers stated that the trojan is designed to send information about the device to a command and control (C&C) server, intercept incoming short message service (SMS) messages and send them to the server, and receive further commands from its operators. Source: http://www.securityweek.com/android-trojan-steals-credit-card-info-locks-devices-remotely

Information Technology Sector

19. May 10, Softpedia – (International) SS7 attack leaves WhatsApp and Telegram encryption useless. Positive Technologies researchers unveiled a new attack that utilizes Signaling System No. 7 (SS7) to carry out attacks on encrypted communications apps such as WhatsApp and Telegram by spoofing a mobile network node and intercepting the initial phase of a chat between two users. The researchers were able to impersonate a second user through SS7 loopholes that were never patched.

20. May 10, Softpedia – (International) CryptXXX is now undecryptable, prevents users from accessing their PC. Researchers at Proofpoint discovered CryptXXX version 2.006, an update to CryptXXX, which defeats a Kaspersky Lab decrypter, blocks users’ from going online, and locks a user’s entire screen, forcing them to log onto a different computer to go online to buy Bitcoin and pay the ransom. The ransomware is distributed via malvertising campaigns, malicious ads on legitimate Web sites, or through an intermediary malware called Bedep. Source: http://news.softpedia.com/news/cryptxxx-is-now-undecryptable-prevents-users-from-accessing-their-pc-503884.shtml

Communications Sector

21. May 10, Softpedia – (National) FTC orders Apple, Google, Microsoft, others to reveal mobile security practices. The U.S. Federal Trade Commission (FTC) began an investigation May 10 into the security practices at eight major mobile companies including Apple Inc., BlackBerry Limited, Google, Microsoft, and others to determine how the companies plan and carry out security operations for their mobile divisions, and to understand the factors companies consider when deciding whether to patch a vulnerability, among other inquires. The FTC stated that the investigation is an attempt to understand the current mobile security landscape. Source: http://news.softpedia.com/news/ftc-orders-apple-google-microsoft-others-to-reveal-mobile-security-practices-503872.shtml

22. May 9, WABC 7 New York City – (New York) Time Warner Cable service restored after major outage in New York City area. Time Warner Cable announced May 9 that Internet, cable TV, and phone service was restored to customers across New York City after multiple fiber optic cables at network providers were cut, leaving customers without service for approximately 7 hours. Source: http://abc7ny.com/technology/time-warner-cable-service-restored-after-major-outage-in-new-york-city-area-/1330571/