Complete DHS Report for December 7, 2016
Daily Report
Top Stories
• A Federal court fined Sharon, Connecticut-based Wilkinson
Financial Opportunity Fund $22 million December 3 for orchestrating a Ponzi
scheme that bilked 30 investors out of $11 million. – WSHU 91.1 FM Fairfield
See item 2 below in the Financial Services Sector
• Federal officials announced December 5 that a multinational
operation involving arrests and searches in four countries successfully
dismantled Avalanche, a complex network of computer servers that allegedly
facilitated financial crimes and money laundering campaigns worldwide. – U.S.
Department of Justice See item
16 below in the Information Technology
Sector
• Authorities continued searching for victims December 5 after a
fire at a converted warehouse in Oakland, California, that killed at least 36
people December 2. – CNN
17. December 6, CNN –
(California) Oakland fire toll at 36; DA promises ‘thorough’ probe. California
State and Federal authorities continued searching for victims December 5 after
a December 2 fire at a converted warehouse in Oakland that killed at least 36
people. The cause of the fire remains under investigation. Source: http://www.cnn.com/2016/12/05/us/oakland-fire-investigation/
• A 10-alarm fire in Cambridge, Massachusetts, displaced 125
people and caused over 1,600 customers to lose power December 3. – Cambridge
Patch
18. December 6, Cambridge
Patch – (Massachusetts) Cambridge fire: Neighborhood burned; 10 alarms
struck; 125 displaced. A 10-alarm fire in Cambridge, Massachusetts,
December 3 damaged 16 buildings including a 20-unit affordable housing complex,
displaced 125 people, and caused over 1,600 customers to lose power. No serious
injuries were reported. Source: http://patch.com/massachusetts/cambridge/cambridge-fire-blazing-reached-six-alarms
Financial Services Sector
2. December 5, WSHU 91.1
FM Fairfield – (Connecticut) Conn. investment firm fined $22 million for
running Ponzi scheme. A Federal court fined Sharon, Connecticut-based
Wilkinson Financial Opportunity Fund $22 million December 3 for orchestrating a
Ponzi scheme that bilked 30 investors out of $11 million. Beginning in 2005, a
member of the firm’s board of directors falsely promised friends, relatives,
and business partners 10 to 30 percent returns from their investments, and paid
off old clients with earnings coming in from new clients when the promised
returns failed to materialize.
3. December 4, Franklin
Home Page – (Tennessee) Franklin man convicted on 31 counts of
conspiracy, computer access and wire fraud. Two men were convicted December
2 for altering the denomination distribution amounts of cash dispensed from
Safe Cash Systems, LLC ATMs at convenience stores, bars, and restaurants in
Nashville, Tennessee, from January 2009 – March 2010 using passwords that one
of the co-conspirators knew from his previous employment as a Safe Cash ATM
technician. Once the denomination distribution amounts were changed, the duo
made more than 800 withdrawals from Safe Cash ATMs using 9 bank accounts and 17
bank cards to steal over $600,000 from the company, 20 times the amount that
was debited from their bank accounts. Source: http://franklinhomepage.com/franklin-man-convicted-on-31-counts-of-conspiracy-computer-access-and-wire-fraud/
4. December 3, WCCO 4
Minneapolis – (Minnesota) Jury convicts Minnesota chiropractor of tax evasion.
A Minnesota chiropractor was convicted December 2 after he neglected to
file individual income tax returns from 2004 – 2014, created a religious
organization, Sovereign Christian Mission, to conceal his income and pay
personal expenses, and presented a fraudulent financial instrument allegedly
worth $300 million to the U.S. Internal Revenue Service (IRS), claiming it
covered the taxes he was responsible for. The chiropractor tried to conceal his
income by diverting money to a warehouse bank, MYICIS, cashing more than
$800,000 in business checks, and submitting fictitious money orders and other
financial instruments to the IRS.
Source:
http://minnesota.cbslocal.com/2016/12/03/minnesota-chiropractor-tax-evasion/
For another story, see item 16
above in Top Stories
Information Technology Sector
15. December 5,
SecurityWeek – (International) Chrome 55 patches 36 flaws, blocks Flash
by default. Google released Chrome 55 patching a total of 36 security flaws
including 12 high risk flaws in PDFium, Blink, DevTools, and V8, as well as 9
medium severity issues, and 5 low risk flaws, among other patched
vulnerabilities. In addition to resolving the security flaws, Chrome 55 enhances
user security by blocking Websites that contain Adobe Flash content
out-of-the-box.
16. December 5, U.S.
Department of Justice – (International) Avalanche network dismantled in
international cyber operation. The U.S. Department of Justice announced
December 5 that a multinational operation involving arrests and searches in
four countries successfully dismantled Avalanche, a complex network of computer
servers that allegedly hosted more than two dozen of the most severe types of
malicious software and facilitated financial crimes and money laundering
campaigns worldwide. The Avalanche network reportedly served clients operating
as many as 00,000 infected computers worldwide on a daily basis and caused
hundreds of millions of dollars in losses. Source: https://www.justice.gov/opa/pr/avalanche-network-dismantled-international-cyber-operation
For another story, see item 1
below from the Critical
Manufacturing Sector
1. December 6,
SecurityWeek – (International) Backdoor found in many Sony security
cameras. Sony Corporation released firmware updates for 80 of its SNC
series Internet Protocol (IP) cameras equipped with the IPELA ENGINE signal
processing system after researchers from SEC Consult found that the firmware
contains hardcoded password hashes for the admin and root users that are easy
to crack, and discovered a Common Gateway Interface (CGI) binary that allows a
remote user to enable the Telnet service on a device by sending it a specially
crafted Hypertext Transfer Protocol (HTTP) request with authentication data,
which can be easily found in plain text in a file, and then leverage the root
account to gain remote access with elevated privileges. Once an attacker gains
root access to a camera, the malicious actor can disrupt camera functionality,
spy on the user, breach the network that houses the camera, and infect it with
Mirai-like malware.
Communications Sector
Nothing to report