Complete DHS Report for February 18, 2016
Daily Report
Top Stories
• General Motors Corporation issued a recall February 16
for approximately 180,000 vehicles including Saab and Saturn Astra models due
to potentially faulty Takata Corporation PSDI-5 driver front air bag inflators.
– Detroit Free Press
4. February
16, Detroit Free Press – (International) GM recalls 200,000 Saabs,
Saturns for air bag inflators. General Motors Corporation issued a recall
February 16 for approximately 180,000 vehicles including model years 2003 –
2011 Saab 9-3 vehicles, model years 2010 – 2011 Saab 9-5 vehicles, and model
years 2008 – 2009 Saturn Astra vehicles sold in the U.S. due to potentially
faulty Takata Corporation PSDI-5 driver front air bag inflators after 10
worldwide deaths and over 100 injuries were linked to the bags deploying
improperly when activated and discharging metal fragments into vehicle
occupants. Approximately 20,000 of the vehicles affected by the recall are
located in Canada. Source: http://www.freep.com/story/money/cars/general-motors/2016/02/16/gm-recall-saab-saturn-takata-air-bag/80444792/
• PTC Inc., and 2 of its
Chinese subsidiaries agreed to pay more than $28 million February 16 to settle
parallel civil and criminal actions involving violations of the Foreign Corrupt
Practices Act. – U.S. Securities and Exchange Commission See item 5 below in the Financial Services Sector
• Officials closed a 24-mile stretch of Interstate 70 in
Glenwood Springs, Colorado, through at least February 18 while crews worked to
remove debris from a February 15 rockslide. – Associated Press
7. February
17, Associated Press – (Colorado) Rock slide forces closure of major Colorado
highway. Officials closed a 24-mile stretch of Interstate 70 in Glenwood
Springs through at least February 18 while crews worked to remove debris from a
February 15 rockslide. Source: http://www.msn.com/en-us/news/us/rock-slide-forces-closure-of-major-colorado-highway/ar-BBpAtLl
• Rhode Island State Police announced that a teenager was
arrested February 12 in connection to at least 15 bomb hoaxes at schools and
businesses inside and outside of the State. – WCVB 5 Boston; Associated
Press
14. February
17, WCVB 5 Boston; Associated Press – (Rhode Island) Rhode Island
teenager arrested for series of bomb hoaxes at schools and businesses. State
police in Rhode Island announced that a student from Rogers High School in
Newport was arrested February 12 in connection to at least 15 bomb hoaxes at
schools and businesses inside and outside of the State. Officials stated that
the teenager was running the calls through a Russian Web site to avoid
detection. Source: http://www.wcvb.com/news/rhode-island-teenager-arrested-for-series-of-bomb-hoaxes-at-schools-and-businesses/38037714
Financial Services Sector
5. February
16, U.S. Securities and Exchange Commission – (International) SEC:
Tech company bribed Chinese officials. The U.S. Securities and Exchange
Commission announced February 16 that Massachusetts-based PTC Inc., and 2 of
its Chinese subsidiaries agreed to pay more than $28 million to settle parallel
civil and criminal actions involving violations of the Foreign Corrupt
Practices Act (FCPA) after the 2 subsidiaries provided nearly $1.5 million
worth of improper travel, gifts, and entertainment to Chinese government
officials from 2006 – 2011 in an effort to win business. The subsidiaries
disguised the payments as legitimate business expenses and PTC Inc., failed to
stop the illicit payments despite indicators of corruption.
Information Technology Sector
18. February
17, SecurityWeek – (International) Fysbis backdoor preferred by Pawn Storm group
to target Linux. Security researchers at Palo Alto Networks released a
report revealing that the Pawn Storm threat group improved their obfuscation
technique for their preferred Linux malware, Fysbis, to ensure that the malware
installation information is no longer available in the open and that the
malware runs a series of shell commands to establish persistency through newly
found command and control (C&C) domain mozilla-plugins[.]com, which was
reportedly believed to be associated to a newer campaign. Source: http://www.securityweek.com/fysbis-backdoor-preferred-pawn-storm-group-target-linux
19. February
16, Softpedia – (International) Buffer overflow bug in glibc exposes users to
attacks from rogue DNS servers. Security researchers from Google’s Project
Zero and Red Hat fixed a security flaw in GNU C Library (glibc) that could
allow an attacker to send oversized Domain Name System (DNS) responses and
force buffer overflow and remote code execution attacks, enabling hackers to
run malicious code on a victim’s machine with the same privileges as glibc’s
parent application. Google released a proof-of-concept code that should help
system administrators detect if their systems are vulnerable to the flaw. Source:
http://news.softpedia.com/news/buffer-overflow-bug-in-glibc-exposes-users-to-attack-from-rogue-dns-servers-500484.shtml
20. February
16, SecurityWeek – (International) Unpatched flaw plagues Cisco industrial
switches. Cisco reported February 15 that IOS software 15.2(4)E running on
its Industrial Ethernet 2000 Series Switches is vulnerable to a
denial-of-service (DoS) issue due to the faulty way its system processes Cisco
Discovery Protocol (CDP) packets which could allow an unauthenticated attacker
to send specially crafted CDP packets. In addition, Cisco reported that its
Emergency Responder product was vulnerable to a cross-site scripting (XSS)
flaw, which can allow an unauthenticated attacker to execute arbitrary code in
the context of the vulnerable Web interface and access potentially sensitive
browser information. Source: http://www.securityweek.com/unpatched-flaw-plagues-cisco-industrial-switches
For another story, see item 3 below from the Critical Manufacturing Sector
3. February
17, Softpedia – (International) Backdoor in MVPower DVR firmware sends CCTV
stills to an email address in China. Security researchers from Pen Test
Partners discovered digital video recorder (DVR) devices manufactured by
MVPower and deployed by closed-circuit television (CCTV) surveillance systems
were vulnerable to security flaws which can allow attackers to execute
Man-in-the-Middle (MitM) attacks, bypass the device’s Web-based login system,
and use a backdoor functionality to send CCTV feed snapshots to a hard-coded
email address hosted on a Chinese email provider, among other vulnerabilities. Source:
http://news.softpedia.com/news/backdoor-in-mvpower-dvr-firmware-sends-cctv-stills-to-an-email-address-in-china-500502.shtml
Communications Sector
Nothing to report
No comments:
Post a Comment