Complete DHS Report for April
1, 2015
Daily Report
Top Stories
· Unicold
Corp., agreed to pay $197,000 in penalties and to make health and safety
improvements at its refrigerated food warehouse in Honolulu as part of a
settlement with the U.S. Department of Labor March 30. – Honolulu
Star-Advertiser
12. March
30, Honolulu Star-Advertiser – (Hawaii) Food warehouse to pay
nearly $200k in fines, fix safety flaws. Unicold Corp., agreed to pay
$197,000 in penalties and to make health and safety improvements at its
refrigerated food warehouse in Honolulu as part of a settlement with the U.S.
Department of Labor that was announced March 30. The settlement was reached
following a 2013 inspection that revealed health and safety violations that
resulted in 63 citations for Unicold. Source: http://www.staradvertiser.com/news/breaking/20150330_Food_warehouse_to_pay_nearly_200k_in_fines_fix_safety_flaws.html?id=298035621
· Police
captured an escaped prisoner in Washington, D.C., March 31 who had overpowered
a guard at Inova Fairfax Hospital in Virginia prompting authorities to lock
down the hospital and surrounding streets for several hours. – WRC 4
Washington, D.C
19. March
31, WRC 4 Washington, D.C. – (Virginia; Washington, D.C.) Man who
escaped Inova Fairfax Hospital captured after 9-hour manhunt. Police
captured an escaped prisoner in Washington, D.C., March 31 who had overpowered
a guard at Inova Fairfax Hospital in Virginia prompting the hospital and
surrounding streets to be locked down for several hours before carjacking a
vehicle. The driver of the vehicle crashed into a home after the suspect kicked
out the backseat from inside the truck and fled, stealing another vehicle
before he was captured by authorities. Source: http://www.nbcwashington.com/news/local/Active-Shooter-Reported-at-Inova-Fairfax-Hospital-298106511.html
· A former
U.S. Secret Service agent surrendered to authorities March 30 and a U.S. Drug
Enforcement Administration agent was arrested March 27 for allegedly stealing
over $1.5 million in bitcoins while investigating the Silk Road. – USA Today
23. March
30, USA Today – (International) Former feds charged with stealing
Silk Road bitcoin. A former U.S. Secret Service agent surrendered to
authorities March 30 and a U.S. Drug Enforcement Administration agent was
arrested March 27 in connection to allegedly stealing over $1.5 million in
bitcoins while investigating the Silk Road, a shutdown underground site that
traded in illegal drugs, counterfeit IDs, and computer hacking software. The
pair, based in Maryland, stole proceeds from the site and hid the funds in
offshore accounts, often utilizing their positions in the government to obtain
the bitcoins. Source: http://www.usatoday.com/story/news/2015/03/30/federal-agents-charged-with-stealing-bitcoin-from-silk-road-case/70672058/
· Security
researchers at Check Point Software Technologies discovered that a
cyberespionage group has hacked into hundreds of defense contractor,
telecommunications operator, media group, and educational organization networks
from at least 10 countries in ongoing attacks that began in late 2012. – Network
World
See
item 35 below in the Information Technology Sector
Financial Services Sector
6. March
30, MarketWatch – (International) AmEx Black Card members are
more likely targets for fraud. Forter released results of a year-long study
of hundreds of thousands of transactions worldwide March 30, in which they
found that holders of American Express Co.’s Centurion Card are nearly twice as
likely to be targets of credit card fraud as other basic credit card holders,
due to their higher perceived market value. Source: http://www.marketwatch.com/story/amex-black-card-members-are-more-likely-targets-for-fraud-2015-03-30
For another story, see item 23 above
in Top Stories
Information Technology Sector
33. March 31,
Softpedia – (International) Anonymous proxies used for “Shotgun DDoS”
attacks. Security researchers at Incapsula released findings from a
one-month study revealing that 20 percent of all Layer 7 application layer
distributed denial-of-service (DDoS) attacks from January – February were
“Shotgun DDoS” attacks carried out through anonymous proxies to bypass
mitigation systems by spreading across multiple internet protocols (IPs) and
multiple geo-locations. Approximately 45 percent of the incidents originated
from addresses in the Tor anonymity network and 60 percent of them employed
Tor’s Hammer denial-of-service (DoS) tool, which carries out low-and-slow power-on
self-test (POST) attacks. Source: http://news.softpedia.com/news/Anonymous-Proxies-Used-for-Shotgun-DDoS-Attacks-477193.shtml
34. March 31,
Softpedia – (International) Trojan Laziok used for reconnaissance in the
energy sector. Security researchers from Symantec identified new malware
designed for stealing information, dubbed Laziok that was observed targeting
users in the petroleum, gas, and helium industries worldwide, and is delivered
via a malicious Microsoft Excel file that exploits a buffer overflow/security
glitch that allows remote code execution, and downloads custom variants of
Cyberat and Zbot malware from servers in the U.S., United Kingdom, and
Bulgaria. Source: http://news.softpedia.com/news/Trojan-Laziok-Used-for-Reconnaissance-in-the-Energy-Sector-477175.shtml
35. March 31,
Network World – (International) Lebanese cyberespionage campaign hits
defense, telecom, media firms worldwide. Security researchers at Check
Point Software Technologies discovered that a cyberespionage group has hacked into
hundreds of defense contractor, telecommunications operator, media group, and
educational organization networks from at least 10 countries in ongoing attacks
that began in late 2012. The attackers detect vulnerabilities and use Web
shells to compromise affected servers, including a sophisticated custom-made
trojan on servers running Microsoft’s IIS software called Explosive that can
infect servers and systems on networks and can spread via USB mass storage
devices. Source: http://www.networkworld.com/article/2904293/lebanese-cyberespionage-campaign-hits-defense-telecom-media-firms-worldwide.html#tk.rss_all
36. March 30,
Threatpost – (International) eBay fixes file upload and path disclosure
bugs. eBay addressed two security vulnerabilities on its Web site that
allowed attackers to upload malicious files, including executables, disguised
as images that could be used in drive-by download attacks by leveraging poor
header check’s and eBay server return messages with exact file paths. Source: https://threatpost.com/ebay-fixes-file-upload-and-patch-disclosure-bugs/111898
For another story, see
item 23 above in Top Stories
Communications Sector
See item 35 above in the Information Technology
Sector