Complete DHS Report for
October 19, 2015
Daily Report
Top Stories
• Officials indicted 2 men October 14 for skimming
$709,597.50 from 1,329 ATM accounts at multiple bank locations in Rhode Island
and Connecticut. – Warwick Post See item 2 below
in the Financial Services Sector
• CSX Transportation shut down its major rail terminal in
Tennessee due to changing business environment and to significantly reduce coal
traffic in the area October 15. – Knoxville News Sentinel
7. October
15, Knoxville News Sentinel – (Tennessee) CSX shuts down
Erwin terminal, cuts 300 jobs in mountain community. CSX Transportation
reported October 15 that it shut down its major rail terminal in Erwin,
Tennessee, including a locomotive service center and a car shop due to changing
business environment, and to significantly reduce coal traffic through the
region. Source: http://www.knoxnews.com/business/csx-shuts-down-erwin-terminal-cuts-300-jobs-in-mountain-community_24806219
• Officials reported October 16 that a Kosovo citizen will
be extradited to the U.S. for allegedly hacking into a U.S.-based company and
stealing information of 1,351 government personnel. – Associated Press
17. October
16, Associated Press – (International) Officials: Hacker who ID’d U.S. military
members for ISIS arrested. The U.S. Department of Justice reported October
16 that a Kosovo citizen will be extradited to the U.S. from Malaysia for
allegedly hacking into the computer systems of a U.S.-based company and
stealing the personal information of 1,351 U.S. military and other government
personnel in order to share it with ISIS militants between June and August
2015. The suspect is believed to be the leader of the Kosova Hacker’s Security
Internet hacking group. Source: http://abc13.com/news/officials-hacker-who-idd-us-military-members-for-isis-arrested/1035894/
• Four New York franchisees of Papa John’s International
Inc., agreed to pay $500,000 in back wages and damages to about 250 employees
October 15 after an investigation revealed the company violated payment minimum
wages and overtime. – Reuters
26. October
15, Reuters – (New York) Papa John’s four NY franchisees to pay $500,000 in
back wages. Four New York franchisees of Papa John’s International Inc.
agreed to pay $500,000 in back wages and damages to about 250 employees October
15 after an investigation lead by the New York attorney general and the U.S.
Department of Labor found the franchisees violated payment minimum wages and
overtime, as well as basic labor law protections. Source: http://www.reuters.com/article/2015/10/15/papa-johns-wages-idUSL1N12F17620151015
Financial Services Sector
2. October
15, Warwick Post – (Rhode Island; Connecticut) Feds pursue Greenwood Credit
Union ATM skimmer in Ecuador. U.S. officials indicted 2 New York men
October 14 on charges that they skimmed $709,597.50 from 1,329 ATM accounts at
Greenwood Credit Union, Bank Newport, First Niagra Bank, and Fairfield City
Bank locations in Rhode Island and Connecticut. Authorities are seeking to
extradite one of the men from Ecuador.
Information Technology Sector
21. October
16, Securityweek – (International) Critical flaw patched in Akismet plugin for
WordPress. Automattic released an update for the Akismet WordPress plugin
versions 3.1.4 and earlier after security researchers from Sucuri discovered a
cross-site scripting (XSS) vulnerability in the plugin that could allow an
unauthenticated attacker to insert malicious code into the WordPress
administration panel’s comments area by using emoticons. Source: http://www.securityweek.com/critical-flaw-patched-akismet-plugin-wordpress
22. October
16, Securityweek – (International) Nuclear EK generates Flash exploits
on-the-fly to evade detection. Security researchers from Morphisec
discovered that the Nuclear exploit kit (EK) is generating different variations
of an Adobe Flash exploit on-the-fly throughout the day and changing host Web
sites that victims are being directed to hourly in an effort to bypass
detection. The EK also tracks victims’ Internet protocol (IP) addresses to
prevent the same exploit combination being served to the same victim twice. Source:
http://www.securityweek.com/nuclear-ek-generates-flash-exploits-fly-evade-detection
Communications Sector
Nothing to report