Complete DHS Report for January 25, 2016
Daily Report
Top Stories
• An impending snowstorm along the east coast prompted more
than 4,500 flight cancellations nationwide, school closures across several
States, and the shutdown of public transportation in Washington, D.C. January
22 and January 23. – CNN
5. January
22, CNN – (National) Snowstorm threaten east coast; D.C., Baltimore
under blizzard warnings. An impending snowstorm along the east coast
prompted more than 4,500 flight cancellations nationwide, school closures
across several States, the shutdown of the Washington Metropolitan Area Transit
Authority (Metro) in Washington, D.C., and state of emergency issuances along
the Atlantic coast for January 22 and January 23. Preparations for the storm
follow snowfall January 20 in Maryland and Virginia, which caused 767 accidents
and responses to 392 calls for disabled vehicles, among other incidences. Source: http://www.cnn.com/2016/01/21/us/winter-snowstorm-washington-blizzard/
• A blizzard warning prompted the closure of nearly all
Washington, D.C., Maryland, and Virginia schools January 22 after officials
declared states of emergency January 21. – WRC 4 Washington, D.C.
9. January
22, WRC 4 Washington, D.C. – (Washington, D.C.; Maryland; Virginia) Blizzard
may dump 30 inches of snow on DC area; first flakes begin at noon. A
blizzard warning prompted the closure of nearly all Washington, D.C., Maryland,
and Virginia schools January 22 after officials declared states of emergency
January 21. Federal government and local government offices were also closed or
issued early closures as a precaution. Source: http://www.nbcwashington.com/news/local/Icy-Roads-Close-Delay-Schools-Ahead-of-Expected-Blizzard-366030031.html
• The Georgia Department of Corrections charged 4 current
officers, 11 former officers, 18 inmates, and 21 civilians in connection to a
corruption, fraud, and money laundering scheme at the Autry State Prison in
Pelham January 21. – WMAZ 13 Macon
12. January
21, WMAZ 13 Macon – (Georgia) 54 indicted in Georgia state prison conspiracy
case. The Georgia Department of Corrections announced January 21 that 4
current officers, 11 former officers, 18 inmates, and 21 civilians were charged
in connection to a corruption, fraud, and money laundering scheme at the Autry
State Prison in Pelham in which the defendants allegedly used contraband cell
phones to call and mislead victims into falsely thinking that they failed to
report to jury duty and ordered them to pay bogus fines.
• AMX released a firmware update for its NX-1200 device, a
central controller used by the White House, after an SEC Consult discovered
backdoor accounts on older versions of the device. – Softpedia See item 14 below in the Information Technology Sector
Financial Services Sector
3. January
21, KTLA 5 Los Angeles – (California) Hourslong search for 2 bank
robbery suspects ends in Culver City; 2 others detained. Two schools were
placed on lockdown and a T.J. Maxx store was evacuated January 21 after four
armed men reportedly fired shots at a One West Bank in Culver City and robbed
the bank of an undisclosed amount of funds. Two of the four suspects were
detained outside of the bank and the retail store, and no injuries were
reported.
4. January
21, Sacramento Bee – (California) Sacramento
woman pleads guilty to role in credit card fraud conspiracy. The U.S.
Attorney's Office announced that a Sacramento woman pleaded guilty January 21
to conspiracy to commit access-device fraud and aggravated identity theft
charges after she was linked to a credit card scheme involving four others who
allegedly committed mail fraud, obtained at least 500 counterfeit credit and
debit cards, and made over $186,000 in fraudulent purchases at retail stores in
the Sacramento area from July 2014 – April 2015. Source: http://www.sacbee.com/news/local/crime/article55915090.html
For another story, see item 1 below from the Energy Sector
1. January
21, Associated Press – (Alabama) Alabama couple ordered to return $1.6 million in BP
claim money. The owners of Alabama-based Vision Design Management were
ordered to repay more than $1.6 million in claim money following the 2010 BP
Deepwater Horizon explosion in the Gulf of Mexico after a Federal court
determined that the company submitted fraudulent revenue documents to the
Deepwater Horizon Economic Claims Center, and were wrongfully awarded over $2.1
million. Source: http://www.al.com/news/index.ssf/2016/01/alabama_couple_ordered_to_retu.html
Information Technology Sector
13. January
22, ZDNet – (International) TeslaCrypt flaw opens the door to free file
decryption. A security researcher discovered that the TeslaCrypt ransomware
and variants of TeslaCrypt 2.0 contained a design flaw in how the ransomware’s
encryption keys were stored in a victim’s computer following the discovery that
a new Advanced Encryption Standard (AES) key was generated during each
encryption session, revealing that researchers could use specialized programs
to retrieve prime numbers of the stored keys to reconstruct a decryption key.
Researchers developed software that generates decryption keys for TeslaCrypt
files with the extensions .ECC, .EZZ, .EXX, .XYZ, .ZZZ, .AAA, .ABC, .CCC, and
.VVV. Source: http://www.zdnet.com/article/teslacrypt-vulnerability-exposes-ransomed-files-to-free-cracking/
14. January
21, Softpedia – (International) Backdoor account found on devices used by
White House, US military. AMX released a firmware update for its NX-1200
device, a central controller used by the White House for conference room
equipment, after a security researcher from SEC Consult discovered that older
versions of the devices’ firmware were embedded with a series of backdoor
accounts under the username, “BlackWidow” and “1MB@tMaN” that could have
allowed attackers to spy on users and hack the device. A source code named
“setUpSubtleUserAccount” was found to set up hidden user accounts without
appearing in the devices’ configuration screen, posing several vulnerabilities.
Source: http://news.softpedia.com/news/backdoor-found-in-devices-used-by-white-house-us-military-499239.shtml
15. January
21, Softpedia – (International) Kovter malware victims were secret zombies in
the ProxyGate proxy network. Security researchers from Forcepoint detected
that the malware, Kovter was recently distributed through an email campaign
attached with ZIP files that when opened, executes a JavaScript file and
connects to a web server without the users’ consent and downloads the Kovter
malware, and two additional payloads including the Miuref adware and the
ProxyGate installer. Researchers believe the author of the campaign may be
running other malicious campaigns through ProxyGate’s network to increase his
available proxy output Internet Protocol (IP) address by using the Kovter’s
payload. Source: http://news.softpedia.com/news/kovter-malware-victims-were-secret-zombies-in-the-proxygate-proxy-network-499252.shtml
Communications Sector
Nothing to report