Complete DHS Report for May 6, 2016
Daily Report
Top Stories
• The National Highway Traffic Safety Administration expanded a
previous recall May 4 to include up to 40 million additional Takata Corporation
air bag inflators equipped with a faulty ammonium nitrate propellant. – Bloomberg
News
7. May 4,
Bloomberg News – (National) U.S. orders up to 40 million more Takata airbags
recalled. The National Highway Traffic Safety Administration expanded a
previous recall May 4 to include up to 40 million additional Takata Corporation
air bag inflators equipped with a faulty ammonium nitrate propellant after
investigations revealed that the propellants lacked a desiccant to reduce
moisture, which could cause misfires that spray vehicle occupants with metal
shards. Officials stated that the recall affects several automakers and the
defect has been linked to 10 U.S. deaths. Source: http://www.bloomberg.com/news/articles/2016-05-04/u-s-orders-up-to-40-million-more-takata-airbags-recalled
• U.S. Environmental Protection Agency officials stated that
Schneider Electric USA will pay more than $6.8 million for allegedly violating
the terms of a 2002 court-approved Superfund consent decree during cleanup at
the Rodale Manufacturing Superfund Site in Emmaus, Pennsylvania. – WFMZ 69
Allentown
8. May 3,
WFMZ 69 Allentown – (Pennsylvania) Company fined $6.8 million for Emmaus
Superfund site. U.S. Environmental Protection Agency officials stated that
Schneider Electric USA will pay more than $6.8 million for allegedly violating
the terms of a 2002 court-approved Superfund consent decree during cleanup at
the Rodale Manufacturing Superfund Site in Emmaus, Pennsylvania, which resulted
in uncontrolled emissions of air pollutants. The company reportedly failed to
properly maintain air pollution control equipment, failed to alert Federal and
State authorities of its malfunctioning equipment, and failed to provide
records to authorities, among other violations. Source: http://www.wfmz.com/news/news-regional-lehighvalley/company-fined-68-million-for-emmaus-superfund-site/39360402
• The governor of California signed several bills May 4, including
raising the smoking age in the State from 18 to 21, and expanding no-smoking
areas at public schools, among other new measures, which will take effect June
9. – Los Angeles Times
17. May 4, Los
Angeles Times – (California) California’s smoking age raised from 18 to 21
under bills signed by governor. The governor of California signed several
bills May 4 which included raising the smoking age in the State from 18 to 21,
restricting the use of electronic cigarettes in public places, and expanding
no-smoking areas at public schools, among other new measures. The bills will go
into effect June 9. Source: http://www.latimes.com/politics/la-pol-sac-jerry-brown-smoking-bills-20160504-story.html
• Hold Security reported that 273.3 million stolen accounts
including users of Mail.ru, Google accounts, Yahoo accounts, and Microsoft
accounts were being traded in Russia’s criminal underworld. – Reuters See item 24 below in
the Information Technology Sector
Financial Services Sector
See item 24 below in
the Information Technology Sector
Information Technology Sector
22. May 5,
SecurityWeek – (International) Cisco patches serious flaws in FirePOWER ,
TelePresence. Cisco released software updates patching several
vulnerabilities in its FirePOWER and TelePresence products including a critical
vulnerability that allows a remote, unauthenticated attacker to bypass
authentication and gain access to a targeted system, as well as several high
severity denial-of-service (DoS) vulnerabilities that could allow a remote
attacker to cause a system to stop inspecting and processing packets by sending
a specially crafted packet. The company stated there was no evidence to suggest
the exploits were used for malicious purposes.
23. May 5,
SecurityWeek – (International) Apple updates Xcode to patch Git
vulnerabilities. Apple released Git version 2.7.4 and Xcode version 7.3.1,
patching several remote code execution (RCE) vulnerabilities affecting Git
versions 2.7.3 and earlier versions, after discovering attackers could exploit
the flaws to push or clone a repository with a large file name or a large
number of nested trees in Apple’s operating system (OS) X El Capitan. Source: http://www.securityweek.com/apple-updates-xcode-patch-git-vulnerabilities
24. May 5,
Reuters – (International) Exclusive: Big data breaches found at major
email services – expert. The founder and chief information security officer
of Hold Security reported that 273.3 million stolen accounts including users of
Mail.ru, Google accounts, Yahoo accounts, and Microsoft accounts were being
traded in Russia’s criminal underworld after the security firm discovered a
Russian hacker, dubbed, “The Collector” was seen bragging in an online forum
pertaining to the number of stolen credentials he collected and was prepared to
sell. Many of the stolen username and passwords allegedly belong to employees
in U.S. banking, manufacturing, and retail companies.
25. May 4,
SecurityWeek – (International) Lost door RAT promoted via Facebook and
Google’s Blogspot. Security researchers from Trend Micro reported that a
remote access trojan (RAT) named, Lost Door can be customizable and difficult
to detect, posing a challenge to information technology (IT) administrators
after researchers found the trojan leverages a router’s Port Forward feature to
access the server of a private network and disguises malicious traffic or
communication as normal traffic. Attackers can mask their command and control
(C&C) addresses and evade network monitoring as the servers only connect to
an internal router Internet Protocol (IP) address. Source: http://www.securityweek.com/lost-door-rat-promoted-facebook-and-googles-blogspot
Communications Sector
See item 25 above
in the Information Technology Sector
No comments:
Post a Comment