Complete DHS Report for September 22, 2016
Daily Report
Top Stories
• Four North Texas residents were convicted September 20 for their
roles in a $16 million money laundering scheme where the group facilitated the
transmission of profits obtained from the distribution of drugs via wire
transfers to Michoacan, Mexico. – U.S. Attorney’s Office, Eastern District of
Texas See item 3 below in
the Financial Services Sector
• Crews completed repairs to a 24-inch sewer main break in Indian
Harbour Beach, Florida, that leaked up to 750,000 gallons of sewage September
20. – Florida Today
13. September
21, Florida Today – (Florida) Beachside sewage leak repaired; normal water usage
OK’d. Officials from the Brevard County Emergency Management office in
Florida reported September 21 that crews completed repairs to a 24-inch sewer
main break in Indian Harbour Beach that leaked up to 750,000 gallons of sewage
into storm drains that flow into the Oars and Paddle Park canal areas, Sea Park
Pond, and lift station overflow ponds September 20. County officials stated
affected residents in Indian Harbour Beach and Satellite Beach were allowed to
resume normal water usage. Source: http://www.floridatoday.com/story/news/local/environment/2016/09/20/water-use-advisory-issued-after-sewer-main-break/90731246/
• Charlotte, North Carolina officials reported September 21 that
at least 16 police officers were hospitalized following a protest over a fatal
police shooting in a University City apartment complex September 20. – Charlotte
Observer
17. September
21, Charlotte Observer – (North Carolina) Charlotte faces aftermath
of protests ignited by fatal police shooting; 16 officers injured. Charlotte,
North Carolina officials reported September 21 that at least 16 police officers
were hospitalized following a protest over a fatal police shooting in a
University City apartment complex in Charlotte September 20. Officials stated
motorists on Interstate 85 were also injured when protestors threw debris from
an interstate overpass onto the roadway.
• The Shadowserver Foundation reported September 21 that more than
840,000 Cisco devices worldwide were affected by a vulnerability in Cisco’s
IOS, IOS XE, and IOS XR software Internet Key Exchange version 1 packet
processing code that can be remotely exploited to access potentially sensitive
memory content. – SecurityWeek See item 19 below in
the Information Technology Sector
Financial Services Sector
1. September
21, Softpedia – (International) Security bug lets hackers steal Monero, today’s
2nd most popular cryptocurrency. A security researcher at MWR Labs
discovered that Monero’s Simplewallet tool was plagued with a cross-site
request forgery (CSRF) flaw that can be exploited to empty a user's
Simplewallet and potentially initiate the command and transfer of the user’s
funds after an attacker issued malicious commands to a Remote Procedure Call
(RPC) service on port 18082 using maliciously crafted JavaScript code. Monero
stated it was working to develop a Simplewallet user interface without the
vulnerable RPC service. Source: http://news.softpedia.com/news/security-bug-lets-hackers-steal-monero-today-s-2nd-most-popular-cryptocurrency-508506.shtml
2. September
20, U.S. Attorney’s Office, Northern District of Oklahoma –
(Oklahoma) Federal jury finds a serial bank robber guilty of three counts of
bank robbery. The U.S. District Court for the Northern District of Oklahoma
convicted an individual September 20 for his role in 3 bank robberies in Tulsa
and Fairfax, Oklahoma, in June 2016. Source: https://www.justice.gov/usao-ndok/pr/federal-jury-finds-serial-bank-robber-guilty-three-counts-bank-robbery
3. September
20, U.S. Attorney’s Office, Eastern District of Texas –
(International) North Texas business owners guilty in money laundering scheme.
Four North Texas residents were convicted September 20 for their roles in a
more than $16 million money laundering scheme from June 2013 – October 2015
where the group, who owned and operated money services business (MSBs), used
their authority as authorized agents of over 8 international money transfer
companies to facilitate the transmission of profits obtained from the
distribution of drugs through wire transfers to Michoacan, Mexico. The charges
state that the MSBs charged wire transaction fees and structured the wires in
amounts under $1,000, in addition to using fabricated sender information to
circumvent financial reporting requirements and hide the ownership and source
of the illegal profits. Source: https://www.justice.gov/usao-edtx/pr/north-texas-business-owners-guilty-money-laundering-scheme
Information Technology Sector
18. September
21, SecurityWeek – (International) MacOS 10.12 patches over 60 vulnerabilities. Apple
Inc., released the final version of its Mac operating system (OS) Sierra 10.12
resolving at least 65 vulnerabilities, including 16 flaws in the
“apache_mod_php” module that could lead to arbitrary code execution or
unexpected application termination, as well as denial-of-service issues and
arbitrary code execution flaws in Apple’s implementation of Apache, Audio, and
Bluetooth, among other components. Apple also released Safari 10, macOS Server
5.2, and iCloud for Windows 6.0 patching a flaw in WebKit that could lead to
arbitrary code execution when a device is processing specially crafted Web
content, among other vulnerabilities.
19. September
21, SecurityWeek – (International) Over 840,000 Cisco devices affected by
NSA-linked flaw. The Shadowserver Foundation reported that as of September
21, more than 840,000 Cisco devices, including 255,000 in the U.S. were found
to be affected by the vulnerability in Cisco’s IOS, IOS XE, IOS XR software
Internet Key Exchange version 1 (IKEv1) packet processing code that can be
exploited by a remote, unauthenticated attacker to access memory content
potentially containing sensitive information, which was originally discovered
following the Shadow Brokers leak. Source: http://www.securityweek.com/over-840000-cisco-devices-affected-nsa-linked-flaw
For another story see item 1 above in the Financial Services Sector
Communications Sector
Nothing to report