Tuesday, September 20, 2016



Complete DHS Report for September 20, 2016

Daily Report                                            

Top Stories

• A co-founder of Cavalier Union Investments, LLC and Black Bull Wealth Management, LLC, pleaded guilty September 16 to Federal charges after he and a co-conspirator caused more than 50 investors to lose over $9 million from 2009 – 2016. – U.S. Attorney’s Office, Eastern District of Virginia See item 5 below in the Financial Services Sector

• An accountant and founder of Westtree Financial pleaded guilty September 15 after he embezzled over $3 million from Houston-based Airis International Holdings from 2005 – 2012. – U.S. Attorney’s Office, Southern District of Texas

16. September 15, U.S. Attorney’s Office, Southern District of Texas – (Florida; Georgia; Texas) Accountant convicted of embezzling more than $3 million from Houston company. An accountant and founder of Westtree Financial pleaded guilty September 15 to Federal charges after he embezzled over $3 million from Houston-based Airis International Holdings from 2005 – 2012 while providing accounting services to the company and holding signature authority on the company’s bank accounts. The charges allege that the accountant used the embezzled funds for personal expenses in Florida and Georgia. Source: https://www.justice.gov/usao-sdtx/pr/accountant-convicted-embezzling-more-3-million-houston-company

• Mosaic Company officials reported September 16 that a 45-foot sinkhole discovered at its New Wales facility in Mulberry, Florida, August 27 leaked 215 million gallons of radioactive water into a nearby aquifer. – Reuters

18. September 17, Reuters – (Florida) Florida sinkhole at Mosaic fertilizer site leaks radioactive water. Mosaic Company officials reported September 16 that a 45-foot sinkhole discovered at its New Wales facility in Mulberry, Florida, August 27 leaked 215 million gallons of radioactive water into a nearby aquifer after the liner system at the base of a phosphogypsum stack was damaged. Officials were monitoring and sampling groundwater and stated no offsite impact has been detected.

A levee breach at the sewage treatment plant in Brookhaven, Mississippi, caused about 6 million gallons of storm water-diluted sewage to be released into the East Branch of the Bogue Chitto River September 16. New Orleans Times-Picayune

33. September 17, New Orleans Times-Picayune – (Mississippi; Louisiana) Warning issued for Bogue Chitto River after sewage release in Mississippi. A levee breach at the sewage treatment plant in Brookhaven, Mississippi, caused approximately 6 million gallons of storm water-diluted sewage to be released into the East Branch of the Bogue Chitto River September 16, prompting the Louisiana Department of Health and the Louisiana Department of Environmental Quality to issue a water contact advisory for the entire length of the river in Louisiana.

Financial Services Sector

4. September 19, U.S. Attorney’s Office, District of Massachusetts – (International) Former Massachusetts man pleads guilty to multi-million ponzi scheme. A former Massachusetts resident pleaded guilty September 16 to Federal charges in connection with running a $10 million Ponzi scheme after he convinced more than 20 investors their funds would be used to finance Jamaican businesses through bridge loans while using the funds to repay investment principal to previous investors from 2008 – 2015. Source: https://www.justice.gov/usao-ma/pr/former-massachusetts-man-pleads-guilty-multi-million-dollar-ponzi-scheme

5. September 16, U.S. Attorney’s Office, Eastern District of Virginia – (Virginia) Former owner of investment firms pleads guilty to $9 million fraud. A co-founder of Cavalier Union Investments, LLC and Black Bull Wealth Management, LLC, pleaded guilty September 16 to Federal charges after he and a co-conspirator allegedly caused more than 50 investors to lose over $9 million from 2009 – 2016 by soliciting individuals to invest money in private investment funds that the duo controlled, in addition to specific investment opportunities that they proposed. The charges allege that the pair used the money for personal expenses. Source: https://www.justice.gov/usao-edva/pr/former-owner-investment-firms-pleads-guilty-9-million-fraud

For another story, see item 27 below in the Information Technology Sector

Information Technology Sector

26. September 19, SecurityWeek – (International) Cisco finds new zero-day linked to “Shadow Brokers” exploit. Cisco researchers discovered another zero-day vulnerability leaked by Shadow Brokers in August, which affects the Internet Key Exchange (IKE) v1 packet processing code in Cisco IOS XR versions 4.3.x, 5.0.x, 5.1.x, and 5.2.x and could allow a remote, unauthenticated attacker to retrieve memory contents potentially containing sensitive information by sending a specially crafted IKEv1 packet to an affected device that is configured to accept IKEv1 security negotiation requests. Cisco was working to release a patch for the vulnerability and stated no workaround is available.

27. September 17, Softpedia – (International) H1N1 malware adds support for infostealing features, UAC bypass. Cisco, Proofpoint, and independent security researchers reported recent H1N1 malware versions include a User Access Control (UAC) bypass that can be exploited via unique code obfuscation and a dynamic-link library (DLL) hijacking technique, a self-propagation feature that enables the malware to spread itself to other computers on the same network, and the ability to collect information from infected systems and send it to a central command and control (C&C) server, thereby allowing an attacker to collect and steal information from organizations in the energy, communications, financial, and government sectors, including email login data from Microsoft Outlook and Mozilla Firefox profile login data, among other data. Source: http://news.softpedia.com/news/h1n1-malware-adds-support-for-infostealing-features-uac-bypass-508408.shtml

28. September 16, SecurityWeek – (International) Serious flaws found in Cisco WebEx Meetings Server. Cisco released software updates to resolve vulnerabilities in its WebEx Meetings Server version 2.6 including a critical flaw caused by insufficient sanitization of user-supplied data that can be remotely exploited to execute arbitrary commands with elevated privileges, and a high-severity issue that could allow an unauthenticated attacker to carry out denial-of-service (DoS) attacks by repeatedly attempting to access a specific service. Source: http://www.securityweek.com/serious-flaws-found-cisco-webex-meetings-server

Communications Sector

29. September 16, SecurityWeek – (International) Flaw allows hackers to alter “Signal” attachments. Security researchers discovered the Android version of the secure messaging application Signal is plagued with several flaws, including one related to the message authentication code (MAC) used to verify attachments that can be exploited by a man-in-the-middle (MitM) attacker with access to any certificate trusted by Android to deliver an altered attachment to a targeted device. The researchers also discovered a flaw related to how the app’s CallAudioManager class handles Real-time Transfer Protocol (RTP) packets that could allow a remote attacker to crash the app. Source: http://www.securityweek.com/flaw-allows-hackers-alter-signal-attachments

For another story, see item 27 above in the Information Technology Sector