Intelligence Briefing – Q3 2015

Cree recalls LED T8 lamps due to burn hazard. 

Cree issued a recall June 4 for about 700,000 LED T8 lamps due to burn hazards posed by electrical arcing and overheating. The product was sold nationwide at The Home Depot and to lighting customers through electrical distributors from 2014-2015.

_____________________________________________________

SEC charges CSC and former executives with accounting fraud.

The U.S. Securities and Exchange Commission charged the Computer Sciences Corporation (CSC) and eight former executives June 5 with manipulating financial results and concealing problems regarding its multi-billion dollar contract with the United Kingdom’s National Health Service. CSC agreed to pay $190 million to settle the charges, and five of eight executives charged agreed to settlements.

_____________________________________________________

Virginia Credit Union finds evidence of skimming at third ATM.

Virginia Credit Union officials reported June 4 the discovery of a third debit-card skimming device on an ATM at its Chester, Virginia branch, bringing the total number of replacement cards being issued to 2,800. ATM skimmers were previously discovered at its Southpark and Glenside branches, and the bank said it disrupted another skimming attempt at its Hanover branch.

Small jet makes emergency landing in Philadelphia after its nose gear malfunctions. A small Hawker 4000 jet made an emergency landing June 4 with its nose gear still up in Philadelphia after the pilot realized the plane’s landing gear was malfunctioning. Crews doused the plane in fire resistant foam as a precaution, and departing flights were delayed for up to an hour following the emergency landing.

Quincy Street recalling about 49,000 pounds of pork sausage products; no reports of illness.

The U.S. Department of Agriculture’s Food Safety and Inspection Service announced June 4 that Quincy Street Inc., of Holland, Michigan is recalling approximately 49,000 pounds of its pork sausage products after routine testing showed possible foreign material contamination. The products were produced April 22 – 23 and shipped to institutions nationwide.

_____________________________________________________

US NIH drug facility suspended after contamination found.

The National Institutes of Health Clinical Center suspended operations of its Pharmaceutical Development Section in Bethesda, Maryland June 4 after an investigation by the U.S. Food and Drug Administration revealed operational failures, including inadequate employee training and quality control which resulted in fungal contaminations of two vials of albumin, a drug used in clinical trials. Vials made from the same batch were administered to six patients, who are being monitored for signs of illness.

_____________________________________________________

Hacking linked to China exposes millions of U.S. workers.

U.S. officials announced June 4 that at least four million current and former government employees had been affected after data from the U.S. Office of Personnel Management, which handles government security clearances and Federal employee records, had been compromised. The breach was first detected in April and appeared to target Social Security numbers and other personal identifying information.

_____________________________________________________

Zeus banking trojan variant goes completely undetected.

A security researcher from PricewaterhouseCoopers discovered that a new variant of the Zeus banking trojan delivered via the Neutrino exploit kit (EK) is completely undetectable by most antivirus products, and that encoded data in the EK indicates that the trojan is part of a new malicious campaign.

_____________________________________________________

dware-laden Skype botnet disrupted.

Security researchers from PhishMe and Amazon Web Services dismantled a Microsoft Skypedriven botnet that circulated adware via calls from attackers that prompted users to install infected executable files.

_____________________________________________________

Police: ATMs stolen from businesses in West Side burglaries.

Chicago Police issued an alert and are seeking information after five ATMs were stolen from West Side businesses in Chicago between April and June. In two instances, the thieves pulled the electric meter from the back of the ATMs to disable surveillance and alarm systems.

_____________________________________________________

IRS building evacuated; white powder on envelope.

An Internal Revenue Service building in Andover was evacuated for approximately three hours June 3 after employees discovered a manila envelope containing a white powder mailed to the facility. A regional HAZMAT team and town officials responded to the scene and determined the substance was not a safety concern.

_____________________________________________________

Cloud providers hit hard by DDoS attacks in Q1: VeriSign.

VeriSign reported research finding that information technology (IT) services and cloud providers received over one third of all distributed denial-of-service (DDoS) attacks in the first quarter of 2015, followed by the government and financial services sectors, where the frequency of attacks increased by 3 percent. The total number of attacks increased seven percent since the last quarter of 2014.

_____________________________________________________

SEC charges investment adviser with fraudulently funneling client assets to companies in owner’s interest.

The U.S. Securities and Exchange Commission charged Boston-based Interinvest Corporation and its owner June 17 with allegedly defrauding investors out of up to $12 million after funneling $17 million worth of investments into Canadian penny stock companies in which the owner had undisclosed business interests.

_____________________________________________________

FTA report: There are significant flaws in Metro’s safety management system.

The Federal Transit Administration (FTA) reported June 16 that the Washington Metropolitan Area Transit Authority (WMATA) had failed to improve efforts on safety measures for employees, lacked adequate training for workers, and found the department severely understaffed with authorized drivers, following a January 12 smoke incident in which one woman died and 80 riders were sickened. The Government Accountability Office is reviewing Metro operations and the National Transportation Safety Board is scheduled to hold hearings for two days on the January 12 incident.

_____________________________________________________

Goldman settles SEC charges over 2013 trading incident.

Goldman Sachs Group Inc., agreed to pay $7 million June 30 to resolve U.S. Securities and Exchange Commission charges connected to the “market access” rule, and a 2013 programming error which flooded the stock options market with about 16,000 erroneous orders, causing 1.5 million options contracts to be executed and costing the company $38 million.

_____________________________________________________