Complete DHS Report for November 18, 2016
Daily Report
Top Stories
• Twelve individuals were charged November 16 for their alleged
roles in an ATM skimming scheme that defrauded Bank of America and PNC
Financial Services Group, Inc. customers in New Jersey out of more than
$428,000. – U.S. Department of Justice See item 3
below in the Financial Services Sector
• The
Hawaii State Department of Health’s Clean Water Branch reported that around
4,275 gallons of raw sewage entered a storm drain at Lake Wilson in Wahiawa
November 15. – Honolulu Star-Advertiser
12. November 16, Honolulu
Star-Advertiser – (Hawaii) More than 4,000 gallons of sewage spills into
Lake Wilson. The Hawaii State Department of Health’s Clean Water Branch
reported that around 4,275 gallons of raw sewage entered a storm drain at Lake
Wilson in Wahiawa November 15. Crews stopped the spill and removed 300 gallons
of the discharge, and the Clean Water Branch advised the public to keep away
from lake waters between Olive Avenue and the spillway until further notice. Source:
http://www.staradvertiser.com/2016/11/16/breaking-news/more-than-4000-gallons-of-sewage-spills-into-lake-wilson/
• North Carolina officials reported November 17 that hundreds of
fire personnel were working to contain dozens of wildfires that have scorched a
total of roughly 49,112 acres across the State. – WNCN 17 Goldsboro;
Associated Press
14. November 17, WNCN 17
Goldsboro; Associated Press – (North Carolina) NC wildfires near 50,000
acres as Lake Lure fire spreads to evacuated areas. North Carolina Forest
Service officials reported November 17 that hundreds of fire personnel were
working to contain dozens of wildfires that have scorched a total of roughly
49,112 acres across the State, including the 5,700-acre Party Rock Fire in
Rutherford County that has forced the evacuation of over 1,000 area residents. Source: http://wncn.com/2016/11/16/nc-wildfires-near-50000-acres-as-lake-lure-fire-spreads-to-evacuated-areas/
• A Whittier, California resident was convicted November 16 for
his role in a scheme where he and 3 co-conspirators defrauded Electronic Arts
(EA) out of more than $16 million. – U.S. Department of Justice See item 20
below in the Information Technology
Sector
Financial Services Sector
3. November 16, U.S.
Department of Justice – (New Jersey) Twelve individuals charged in ATM
skimming conspiracy. Twelve individuals were charged November 16 for their
alleged involvement in an ATM skimming scheme that defrauded Bank of America
and PNC Financial Services Group, Inc. customers in New Jersey out of more than
$428,000 between March 2015 and July 2016. The group reportedly installed
skimming devices on ATMs at banks across New Jersey to record payment card data
encoded on the magnetic stripe of credit and debit cards, and transferred the
stolen information onto counterfeit bank cards that they subsequently used to
withdraw cash from the affected accounts. Source: https://www.justice.gov/opa/pr/twelve-individuals-charged-atm-skimming-conspiracy
4. November 16, U.S.
Department of Justice – (National) Two Tennessee residents indicted for
conspiracy and employment tax fraud. Two Tennessee residents were charged
in an indictment unsealed November 15 after the pair allegedly conspiring to
defraud the U.S. Internal Revenue Service (IRS) by neglecting to collect and
pay roughly $2.8 million in employment tax while running a temporary staffing
company serving firms in Tennessee and elsewhere, failing to timely file
employment tax returns, and filing false employment tax returns, among other
fraudulent actions. The charges also allege that the duo falsely represented to
the IRS their management of the company and knowledge of their responsibility
to honestly account for and pay out employment taxes, placed the company in the
names of nominees with no control over business operations, and established
payment arrangements to impede an IRS levy placed on their customer payments. Source: https://www.justice.gov/opa/pr/two-tennessee-residents-indicted-conspiracy-and-employment-tax-fraud
Information Technology Sector
15. November 17,
SecurityWeek – (International) Several vulnerabilities patched in Drupal
7, 8. Drupal released versions 7.52 and 8.2.3 addressing four
vulnerabilities including a flaw in Drupal 8 that can be exploited to cause a
denial-of-service (DoS) condition with specially crafted URLs via the
transliteration mechanism. The updates also resolved a flaw in Drupal 7 that
could allow a malicious actor to build a confirmation form Uniform Resource
Locator (URL) that redirects victims to third-party Websites after they
interact with the form, among other flaws.
16. November 17,
Softpedia – (International) Raspberry Pi-based hacking device can break
into any computer in seconds. A security researcher created a hijacking
device, dubbed PoisonTap, which is an inexpensive Raspberry Pi Zero device that
leverages a backdoor installed on a targeted device via USB and imitates an
Internet over USB connection to convince the computer it is connected via the
Ethernet, causing the device to be configured to prioritize the USB connection
and begin sending unencrypted Internet traffic to PoisonTap. Once the hacking
device hijacks all the Web traffic, it collects Hypertext Transfer Protocol
(HTTP) authentication cookies and session data, thereby allowing an actor to
bypass two-factor authentication (2FA) and access a user’s online accounts. Source:
http://news.softpedia.com/news/raspberry-pi-based-hacking-device-can-break-into-any-computer-in-seconds-510295.shtml
17. November 16,
SecurityWeek – (International) Firefox 50 patches 27 vulnerabilities. Mozilla
released Firefox 50 to address 27 vulnerabilities including a critical heap-buffer-overflow
in the Cairo programming library when processing Scalable Vector Graphics (SVG)
content that could lead to a crash due to compiler optimization, as well as a
series of critical memory safety issues that could potentially be exploited by
a malicious actor to run arbitrary code, among other flaws. The new browser
also adds Download Protection for many executable file types on Microsoft
Windows, Apple Mac, and Linux to improve overall security for users. Source: http://www.securityweek.com/firefox-50-patches-27-vulnerabilities
18. November 16,
SecurityWeek – (International) Backdoor in some Android phones sends
data to server in China. Kryptowire security researchers reported that
several Android models sold in the U.S. were found to include a backdoor in
their firmware that transmits personal identifiable information (PII) including
contact lists, call history, and text messages to third-party servers without
the victim’s authorization via a commercial Firmware Over The Air (FOTA) update
software system managed by Shanghai ADUPS Technology Co. Ltd. The researchers
found the firmware could remotely install applications without user consent,
target specific users and text messages by matching remotely defined keywords,
and collect data on the use of applications on an affected device. Source: http://www.securityweek.com/backdoor-some-android-phones-sends-data-server-china
19. November 16,
SecurityWeek – (International) CryptoLuck ransomware emerges. A
Proofpoint security researcher discovered a new ransomware family, dubbed
CryptoLuck that leverages the RIG-Empire exploit kit (EK) for distribution, and
abuses the legitimate GoogleUpdate.exe executable and dynamic-link library
(DLL) hijacking to infect devices. The malware spreads in the form of a RAR
self-extracting archive (SFX) file and performs a series of checks to ensure it
is not running in a virtual machine before scanning all mounted drives and
unmapped network shares for files it can encrypt. Source: http://www.securityweek.com/cryptoluck-ransomware-emerges
20. November 16, U.S.
Department of Justice – (International) Fourth defendant convicted in
scheme that defrauded software company of over $16 million worth of virtual
currency. A Whittier, California resident was convicted November 16 for his
role in a scheme where he and 3 co-conspirators defrauded software company and
FIFA Football video game publisher, Electronic Arts (EA) out of more than $16
million by creating software that fraudulently logged thousands of FIFA
Football matches to circumvent security mechanisms created by the firm and
illicitly earn FIFA coins, which the trio subsequently exchanged on a secondary
market where the coins are exchanged for dollars. The three co-conspirators
previously pleaded guilty for their roles in the scheme. Source: https://www.justice.gov/opa/pr/fourth-defendant-convicted-scheme-defrauded-software-company-over-16-million-worth-virtual
Communications Sector
Nothing to report