Thursday, December 1, 2016



Complete DHS Report for December 1, 2016

Daily Report                                            

Top Stories

• A Rockville, Maryland resident pleaded guilty November 29 to embezzling nearly $290,000 from 3 of her employers while she worked as an office manager or executive assistant for the companies. – U.S Attorney’s Office, District of Columbia See item 4 below in the Financial Services Sector

• A New York-based corporate accountant for Cargill Inc. pleaded guilty November 28 to embezzling at least $3.1 million from the company over a 10-year period and causing $25 million in losses to the firm’s grain shipping operations at the Port of Albany. – Associated Press  

10. November 29, Associated Press – (New York) Cargill accountant admits stealing $3M, causing $25M in losses. A New York-based corporate accountant for Cargill Inc. pleaded guilty November 28 to embezzling at least $3.1 million from the company over a 10-year period and causing $25 million in losses to the firm’s grain shipping operations at the Port of Albany by sending customers invoices for animal feed at prices well below what her employer paid, and directing customers to send the payments directly to her in order to bypass the business’s corporate controls. The charges also allege that the accountant declared $61,208 in income on her 2015 individual tax return, omitting over $450,000 that she received from defrauding Cargill customers. Source: http://www.twincities.com/2016/11/28/accountant-admits-stealing-3-million-from-cargill/

• City officials in Lawrence, Kansas, issued a health and stream advisory for the area after nearly 2 million gallons of raw sewage overflowed from a manhole into Naismith Creek November 28 due to a pump failure. – Lawrence Journal-World

13. November 29, Lawrence Journal-World – (Kansas) Close to 2 million gallons of raw sewage overflows in south Lawrence; health advisory issued. City officials in Lawrence, Kansas, issued a health and stream advisory for the area after nearly 2 million gallons of raw sewage overflowed from a manhole into nearby Naismith Creek November 28 due to a pump failure. Lawrence officials reported the overflow to the Kansas Department of Health and Environment, and crews are monitoring the condition of the water. Source: http://www2.ljworld.com/news/2016/nov/29/city-issues-health-advisory-after-sewage-overflow/

• Tennessee fire crews continued working November 30 to contain wildfires burning in the Great Smoky Mountains National Park and Gatlinburg area that have scorched 15,000 acres, killed 4 people, and forced the evacuation of 14,000 residents. – CNN

15. November 30, CNN – (Tennessee) Gatlinburg fires: 4 dead; crews search for missing. Tennessee fire crews continued working November 30 to contain wildfires burning in the Great Smoky Mountains National Park and Gatlinburg area that have scorched a total of 15,000 acres, forced the evacuation of more than 14,000 residents and tourists from Gatlinburg and Pigeon Forge, killed 4 people, and damaged or destroyed 250 homes and businesses. Source: http://www.cnn.com/2016/11/30/us/gatlinburg-fires/

Financial Services Sector

4. November 29, U.S. Attorney’s Office, District of Columbia – (International) Former office worker pleads guilty to stealing nearly $290,000 from three different employers. A Rockville, Maryland resident pleaded guilty November 29 to embezzling nearly $290,000 from 3 of her employers between September 2012 and September 2015 while she worked as an office manager or executive assistant for the companies and had access to the firms’ financial information and accounts. The charges state the woman stole $218,802 from a consulting firm from September 2012 – February 2014, $41,240 from a non-profit organization, and an additional $29,598 from a management consulting company during the course of her employment. Source: https://www.justice.gov/usao-dc/pr/former-office-worker-pleads-guilty-stealing-nearly-290000-three-different-employers

For additional stories, see items 10 above in Top Stories and 20 below in the Information Technology Sector

Information Technology Sector

19. November 30, SecurityWeek– (International) Tor users targeted with Firefox zero-day exploit. Mozilla’s Firefox team and Tor Browser developers are working to release updates after Trail of Bits security researchers spotted a JavaScript exploit leveraging a zero-day use-after-free vulnerability in the Scalable Vector Graphics (SVG) parser in Firefox to target Tor users. The exploit reportedly consists of one Hypertext Markup Language (HTML) file and one Cascading Style Sheet (CSS) file.

20. November 30, Help Net Security – (International) 158% increase in Android platform vulnerabilities. Quick Heal released a report which revealed a 14 percent increase in the detection count of malware on Microsoft Windows-based computers in the third quarter of 2016, a 33 percent rise in the amount of mobile ransomware in comparison to the second quarter, and a 25 percent increase in the detection of mobile banking trojans in the third quarter, among other findings.

For another story, see item 9 below from the Transportation Systems Sector

9. November 28, Softpedia; San Francisco Examiner – (California) San Francisco metro system hacked, everyone getting free rides. The San Francisco Municipal Railway (MUNI) was hacked November 25 to provide free rides to all passengers through November 26, and the attacker demanded a ransom of 100 Bitcoin, or $73,000 if the transit system wanted the ransomware removed from its ticketing systems and its services restored. MUNI officials reported the service was not impacted during the hack and the investigation is ongoing. Source: http://news.softpedia.com/news/san-francisco-metro-system-hacked-everyone-getting-free-rides-510545.shtml

Communications Sector


21. November 29, IDG News Service – (International) The new Mirai strain has spread far beyond Deutsche Telekom. Flashpoint security researchers reported that the most recent strain of the Mirai malware, which infected the routers of nearly 1 million Deutsche Telekom customers, has spread to Internet routers and modems in at least 10 other countries. This new strain infects routers produced by Zyxel and exploits a known flaw in the product’s Simple Object Access Protocol (SOAP) to take control of the devices in order to form a botnet of captured devices that can be used to launch massive distributed denial-of-service (DDoS) attacks. Source: http://www.computerworld.com/article/3145403/security/the-new-mirai-strain-has-spread-far-beyond-deutsche-telekom.html#tk.rss_security