Complete DHS Report for April 13, 2016
Daily Report
Top Stories
• Indiana Michigan Power Co., reported that it is continuing to
investigate and clean up an April 8 spill at its Donald C. Cook Nuclear Plant
in Bridgman, Michigan, after a transformer failed and spilled about 25,000
gallons of oil. – Detroit Free Press
1. April 11,
Detroit Free Press – (Michigan) SW Michigan nuclear plant cleaning up after oil
spill. Indiana Michigan Power Co., reported that it is continuing to
investigate and clean up an April 8 spill at its Donald C. Cook Nuclear Plant
in Bridgman, Michigan, after a transformer failed and spilled about 25,000
gallons of oil inside the facility, while about 2,000 gallons of the oil
spilled outside the facility. No radioactive threat was reported. Source: http://www.freep.com/story/news/local/michigan/2016/04/11/cook-nuclear-plant-oil-spill/82901742/
• The U.S. Department of Justice reached a $5.06 billion
settlement with Goldman Sachs Group, Inc. April 11 related to the firm’s
conduct in the sale, and issuance of residential mortgage-backed securities
from 2005 – 2007. – U.S. Department of Justice See item 4 below in
the Financial Services Sector
• The U.S. Department of Justice announced April 8 that it reached
a $1.2 billion settlement with Wells Fargo & Company after the bank
admitted to falsely certifying that many of its 2001 – 2008 home loans
qualified for Federal Housing Administration insurance. – Reuters See item 5 below in
the Financial Services Sector
• An April 10 water main break in Milledgeville, Georgia, forced
the closure of more than 150 businesses and temporarily halted all patient
admittance at Oconee Regional Medical Center. – Milledgeville Union Recorder
12. April 11,
Milledgeville Union Recorder – (Georgia) Water main break
disrupts lives of thousands. Milledgeville, Georgia was placed under a boil
water advisory April 10 following an April 9 water main break in Fishing Creek
that forced the closure of more than 150 businesses and schools, 2 local
colleges and the temporarily cessation of patient admittance into the Oconee
Regional Medical Center. Source: http://www.unionrecorder.com/news/water-main-break-disrupts-lives-of-thousands/article_2094f2b8-003f-11e6-9ea9-830cedc34dde.html
Financial Services Sector
4. April 11,
U.S. Department of Justice – (National) Goldman Sachs agrees to pay
more than $5 billion in connection with its sale of residential mortgage backed
securities. The U.S. Department of Justice announced April 11 that Goldman
Sachs Group, Inc., agreed to pay a total of $5.06 billion to settle charges
related to the firm’s conduct in the packaging, securitization, marketing,
sale, and issuance of residential mortgage-backed securities from 2005-2007 after
the firm falsely assured prospective investors that the securities it sold were
backed by sound mortgages, thereby causing billions of dollars in losses to
financial institutions. As part of the settlement, Goldman Sachs must pay a
civil penalty, provide monetary relief to homeowners and distressed borrowers,
and pay a fine to settle claims with other Federal and State entities, among
other requirements.
5. April 9,
Reuters – (National) Wells Fargo admits deception in $1.2 billion U.S.
mortgage accord. The U .S. Department of Justice announced April 8 that it
reached a $1.2 billion settlement with Wells Fargo & Company and resolved
claims with a former vice president after the bank admitted to falsely
certifying that many of its home loans qualified for Federal Housing
Administration insurance from 2001-2008, and failing to file timely reports on
several thousand loans with material defects from 2002-2010. The agreement also
resolved claims by Federal prosecutors in California that Wells Fargo-owned
American Mortgage Network, LLC allegedly issued false loan certifications. Source:
http://www.reuters.com/article/us-wellsfargo-settlement-idUSKCN0X52HK
Information Technology Sector
23. April 12,
SecurityWeek – (International) Ramdo Click-Fraud malware continues to
evolve. Security researchers from Dell SecureWorks and Palo Alto Networks
released an analysis on the Ramdo click-fraud malware, also known as Redyms,
which stated that the Ramdo malware was capable of downloading and installing
additional malicious software on infected devices after it tricks users into
selecting an online ad from other infection systems. The report stated that
while the malware was not very sophisticated, its operators were actively
working on implementing new features and methods to avoid detection and prevent
analysis. Source: http://www.securityweek.com/ramdo-click-fraud-malware-continues-evolve
24. April 11,
SecurityWeek – (International) WordPress.com pushes free HTTPS to all hosted
sites. WordPress reported that it will host all free Hypertext Transfer
Protocol Secure (HTTPS) traffic for all custom domains including blogs and Web
sites which will ensure users are provided with only secured, HTTPS traffic. Source:
http://www.securityweek.com/wordpresscom-pushes-free-https-all-hosted-sites
25. April 11,
SecurityWeek – (International) Malware found in IoT cameras sold by Amazon. The
co-founder of Proctorio discovered that a set of security cameras sold from
Amazon.com, Inc., were infected with malware after finding that an iframe,
brenz_pl/rc/, was linked to a malicious Web site when connecting to a personal
computer that could potentially allow attackers remote control, remote access,
and to control components in a targets’ home. Source: http://www.securityweek.com/malware-found-iot-cameras-sold-amazon
26. April 11,
Softpedia – (International) “ID Ransomware” website helps identify
ransomware infections. An independent security researcher launched a new
Web site named ID Ransomware that will help ransomware victims recover their
encrypted files without paying the ransomware fee by allowing users to upload
their encrypted files to the Web site where a thorough analysis will be
conducted to notify victims which ransomware variant has locked their computers
or files. Once the Web site detects the ransomware type, users will receive a
link to download a decrypter to unlock encrypted files. Source: http://news.softpedia.com/news/id-ransomware-website-helps-identify-ransomware-infections-502814.shtml
27. April 11,
Softpedia – (International) Jigsaw ransomware threatens to delete your
files, free decrypter available. Security researchers from
@MalwareHunterTeam discovered a new ransomware dubbed Jigsaw was infecting
computers with an unknown infection method and threatening victims to pay the
ransomware fee by targeting 226 different file types, encrypting each file with
an Advanced Encryption Standard (AES) algorithm, and adding the .fun extension
at the end of each file name. Researchers advised victims to download the
JigSawDecrypter to decrypt locked files. Source: http://news.softpedia.com/news/jigsaw-ransomware-threatens-to-delete-your-files-free-decrypter-available-502824.shtml
28. April 8,
SecurityWeek – (International) Google improves safe browsing for Network
Admins. Google reported that it made improvements to its Safe Browsing
Alerts for Network Administrators service that will inform administrators about
Universal Resource Language (URL) related to malicious software, potentially
unwanted programs (PUPs), and social engineering, as well as inform users about
compromised pages on their networks that can allegedly harm users via drive-by
downloads or exploits. Source: http://www.securityweek.com/google-improves-safe-browsing-network-admins
For another story, see item 29 below in the Communications Sector
Communications Sector
29. April 11,
SecurityWeek – (International) Malware changes router DNS settings via
mobile devices. Security researchers from Trend Micro discovered a
JavaScript malware dubbed, JS_JITON can allow attackers to access a home
router’s device and change its Doman Name Server (DNS) settings as the
malware’s code includes 1,4000 combinations of common credential and was seen
distributed via compromised Web sites from a mobile device. Researchers noted
that only the ZTE modem exploit was active and the malware is executed solely
from a mobile device.