Thursday, June 2, 2016



Complete DHS Report for June 2, 2016

Daily Report                                            

Top Stories

• The U.S. Securities and Exchange Commission charged May 31 Nashville-based Hope Advisers Inc., and its owner for allegedly scheming to collect extra monthly fees from a pair of hedge funds they managed, earning millions of dollars in fraudulent fees. – U.S. Securities and Exchange Commission See item 5 below in the Financial Services Sector

• General Mills, Inc., issued a precautionary recall May 31 for its Gold Medal flour, Gold Medal Wondra flour, and Signature Kitchens flour products following an E.coli outbreak that has sickened 38 people across 20 States. – U.S. Food and Drug Administration

10. May 31, U.S. Food and Drug Administration – (National) Gold Medal, Gold Medal Wondra, and Signature Kitchens flour recalled due to possible E. coli O121 contamination. General Mills, Inc., issued a voluntary recall out of an abundance of caution May 31 for its Gold Medal flour, Gold Medal Wondra flour, and Signature Kitchens flour products sold at 8 supermarket chains after an E.coli O121 outbreak that has sickened 38 people across 20 States was potentially linked to the flour products. Officials stated raw products made with flour should not be consumed and urged consumers to throw away any flour products affected by the recall. Source: http://www.fda.gov/Safety/Recalls/ucm504235.htm

• The administrator of the Surgery Centers of Southern Nevada and other entities pleaded guilty May 31 to embezzling $1.3 million from physicians who invested in two Las Vegas clinics. – Las Vegas Review-Journal

14. May 31, Las Vegas Review-Journal – (Nevada) Las Vegas clinic operator pleads guilty to embezzling $1.3 million. The administrator of the Surgery Centers of Southern Nevada and other entities pleaded guilty May 31 to embezzling $1.3 million from physicians who invested in the two Las Vegas clinics. The administrator used the funds for personal use instead of making vendor payments. Source: http://www.reviewjournal.com/crime/las-vegas-clinic-operator-pleads-guilty-embezzling-13-million

• A hacker named BuggiCorp was discovered selling a zero-day vulnerability affecting over 1.5 billion users and all versions of Window operating systems. – Softpedia See item 22 below in the Information Technology Sector

Financial Services Sector

5. May 31, U.S. Securities and Exchange Commission – (Tennessee) SEC: Nashville firm schemed to collect extra fees from hedge funds. The U.S. Securities and Exchange Commission announced May 31 charges against Nashville-based Hope Advisers Inc., and its owner for allegedly scheming to collect extra monthly fees from two hedge funds managed by the firm, Hope Investments LLC and HDB Investments LLC, by orchestrating certain trades that enabled the funds to experience large gains at the end of one month, guaranteeing significant losses at the beginning of the next month in order to delay the realization of trading losses and continue earning large incentive fees. Officials stated that the scheme allowed Hope Advisers to avoid the realization of over $50 million in losses in the hedge funds and earn millions of dollars in fraudulent fees.

Information Technology Sector

20. June 1, SecurityWeek – (International) Update tools preinstalled on PCs expose users to attacks. Security researchers from Duo Security conducted an analysis on software updates and support tools shipped by major personal computers (PCs) makers including Acer, Asus, HP, Dell, and Lenovo, and discovered that each of the tested updater tools were plagued with a least one flaw that could be easily exploited for remote code execution (RCE) with SYSTEM permissions, which can lead to a complete compromise of the vulnerable device.

21. June 1, SecurityWeek – (International) ZCryptor ransomware spreads via removable drives. Security researchers from Microsoft and TrendMicro reported that the ransomware dubbed, Ransom: Win32/ZCryptor.A was targeting Windows XP 64-bit computers and Windows 7 and Windows 8 versions to encrypt files and demand monetary funds by dropping a autorun.inf file on removable drives, which allows the ransomware to infect a computer once the removable drives are connected. In addition, the ransomware leverages network drives to self-propagate from a compromised system.

22. May 31, Softpedia – (International) Windows zero-day affecting all OS versions on sale for $90,000. A hacker under the name, BuggiCorp was discovered selling a zero-day vulnerability affecting over 1.5 billion users and all versions of Window operating systems (OS) after security firm Trustawave found the attacker could escalate the privileges of an application in Windows 10 with the May 2016 security patch installed, and bypass all security features including Microsoft’s newest version of the Enhanced Mitigation Experience Toolkit (EMET) toolkit. Source: http://news.softpedia.com/news/windows-zero-day-affecting-all-os-versions-on-sale-for-90-000-504716.shtml

23. May 31, Softpedia – (International) DDoS attack via TFTP protocol become a reality after research goes public. Security researchers from Akami Security Incident Response Team (SIRT) reported that it has detected at least ten distributed denial-of-service (DDoS) attacks since April 20 after attackers employed Trivial File Transfer Protocol (TFTP) servers as part of a multi-vector DDoS attack by mixing different DDoS-vulnerable protocols together to confuse a victim’s Information Technology (IT) department. In addition, researchers found a weaponized version of the TFTP attack script circulating online following The Edinburgh Napier University study which detailed how to carry out reflection DDoS attacks via TFTP servers. Source: http://news.softpedia.com/news/ddos-attacks-via-tftp-protocol-become-a-reality-after-research-goes-public-504713.shtml

24. May 31, SecurityWeek – (International) ICS system with public exploits cannot be patched. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) released a security advisory for customers using the Environmental Controls System (ECS) 8832 version 3.02 and earlier version after a security researcher discovered the product had two vulnerabilities, which cannot be patched, including an authentication bypass flaw and a privilege escalation flaw that could allow an attacker to perform unauthenticated operations over the network. The ECS product is used in the energy industry to provide operators with an interface to control calibration functions.

Communications Sector

Nothing to report