Complete DHS Report for December 27, 2016
Daily Report
Top Stories
• A
December 22 explosion at the New Haven Chlor-Alkali LLC facility in Connecticut
prompted nearby residents to evacuate and forced the temporary shutdown of
Amtrak trains from New Haven to Hartford. – New Haven Register
2. December 22, New Haven
Register – (Connecticut) Explosion in New Haven damages Welton Street
building, rocks nearby areas. A December 22 explosion at the New Haven
Chlor-Alkali LLC facility in Connecticut caused extensive damage to the rear of
the facility, prompted the evacuation of homes within 1,500 feet of the
building, and forced the temporary shutdown of Amtrak trains from New Haven to
Hartford after some debris from the explosion landed on the tracks. No injuries
were reported and the cause of the explosion remains under investigation. Source:
http://www.nhregister.com/general-news/20161222/explosion-in-new-haven-damages-welton-street-building-rocks-nearby-areas
• Two Orlando residents were charged December 22 for their alleged
roles in a multi-state debit card skimming scheme that bilked over 100 victims
out of thousands of dollars. – WSFA 12 Montgomery
4. December 22, WSFA 12
Montgomery – (National) AL authorities catch suspects in multi-state
debit card skimming scheme. Two Orlando residents were charged December 22
for their alleged roles in a multi-state debit card skimming scheme that bilked
over 100 victims in Alabama, Florida, Tennessee, and Virginia out of thousands
of dollars. Authorities seized $6,490 in cash, 39 stolen debit card numbers
with PIN numbers, and 315 gift cards when the suspects were arrested in Baldwin
County, Alabama. Source: http://www.wbrc.com/story/34115240/al-authorities-catch-suspects-in-multi-state-debit-card-skimming-scheme
• Teva Pharmaceutical Industries Ltd., and its subsidiary, Teva
LLC agreed December 22 to pay a total of more than $283 million to resolve
criminal charges associated with Foreign Corrupt Practices Act violations. – U.S.
Department of Justice
21. December 22, U.S.
Department of Justice – (International) Teva Pharmaceutical Industries
Ltd. agrees to pay more than $283 million to resolve Foreign Corrupt Practices
Act charges. Teva Pharmaceutical Industries Ltd., and its wholly-owned
Russian subsidiary, Teva LLC agreed December 22 to pay a total of more than
$283 million to resolve criminal charges associated with Foreign Corrupt
Practices Act (FCPA) violations where the company and its subsidiaries paid
millions of dollars in bribes to a high-ranking government official in Russia
to influence the official to use his authority to increase sales of the firm’s
drug, Copaxone, and bribed a senior government official in Ukraine to approve
Teva drug registrations. In addition, the firm failed to implement adequate
internal accounting controls and failed to enforce controls it had in place at
its Mexican subsidiary, allowing bribes to be paid to doctors employed by the
Mexican government.
• Federal officials
announced December 22 that Gardena, California-based Total Call Mobile, LLC agreed
to pay $30 million for defrauding the Federal Government’s Lifeline Program. – U.S.
Attorney’s Office, Southern District of New York See item 25 below in the Communications Sector
Financial Services Sector
4. December 22, WSFA 12
Montgomery – (National) AL authorities catch suspects in multi-state
debit card skimming scheme. Two Orlando residents were charged December 22
for their alleged roles in a multi-state debit card skimming scheme that bilked
over 100 victims in Alabama, Florida, Tennessee, and Virginia out of thousands
of dollars. Authorities seized $6,490 in cash, 39 stolen debit card numbers
with PIN numbers, and 315 gift cards when the suspects were arrested in Baldwin
County, Alabama. Source: http://www.wbrc.com/story/34115240/al-authorities-catch-suspects-in-multi-state-debit-card-skimming-scheme
Information Technology Sector
23. December 22,
SecurityWeek – (International) Cisco CloudCenter Orchestrator flaw
exploited in attacks. Cisco warned customers about a critical privilege
escalation flaw that has been exploited against its CloudCenter Orchestrator
(CCO) systems to allow an unauthenticated attacker to remotely install
malicious Docker containers with arbitrary privileges, including root by
abusing a flaw in the Docker Engine configuration. Cisco reported the flaw
exists due to a misconfiguration that makes the Docker Engine management port
accessible from the outside, and the flaw has been resolved with the release of
CCO version 4.6.2.
Communications Sector
24. December 22,
SecurityWeek – (International) Remotely exploitable 0-day impacts
NETGEAR WNR2000 routers. A security researcher found that version 5 of
Netgear’s WNR2000 routers are plagued with several flaws, including a stack
buffer overflow issue that could allow an unauthenticated attacker to take full
control of the device and remotely execute code, as well as an issue where the
router allows an admin to perform various functions through a function invoked
in the Hypertext Transfer Protocol (HTTP) server, uhttpd, which once reversed,
allows an unauthenticated attacker to perform sensitive admin functions and
retrieve the administrative password. The flaws are exploitable over a local
area network (LAN), and remotely for routers with remote administration
enabled. Source: http://www.securityweek.com/remotely-exploitable-0-day-impacts-netgear-wnr2000-routers
25. December 22, U.S.
Attorney’s Office, Southern District of New York – (National) Manhattan
U.S. Attorney announces $30 million settlement with Total Call Mobile for
defrauding government program offering discounted mobile services for
low-income consumers. The U.S. Federal Communications Commission (FCC) and
other officials announced December 22 that Gardena, California-based Total Call
Mobile, LLC agreed to pay $30 million for defrauding the Federal Government’s
Lifeline Program after Total Call, Locus Telecommunications, LLC, and their
shared corporate parent, KDDI America, Inc. knowingly submitted false claims to
the program that sought reimbursement for tens of thousands of consumers who
did not meet Lifelines eligibility requirements. As part of the settlement,
Total Call agreed to no longer participate in the Lifeline Program. Source: https://www.justice.gov/usao-sdny/pr/manhattan-us-attorney-announces-30-million-settlement-total-call-mobile-defrauding
No comments:
Post a Comment