Wednesday, June 17, 2015




Complete DHS Report for June 17, 2015

Daily Report

Top Stories

 · Honda Motor Co., expanded recalls June 15 to include 1.39 million model year 2001 – 2005 Honda Civic and model year 2003 – 2007 Honda Accord vehicles due to ongoing issues with airbag inflators manufactured by the Takata Corporation. – Detroit News

3. June 15, Detroit News – (National) Honda expands Takata recall by 1.39 million vehicles. Honda Motor Co., reported June 15 expanded recalls to include 1.39 million model year 2001 – 2005 Honda Civic and model year 2003 – 2007 Honda Accord vehicles due to ongoing issues with airbag inflators manufactured by the Takata Corporation in which airbags could prematurely inflate or explode. Source: http://www.detroitnews.com/story/business/autos/2015/06/15/honda-expands-takata-recall-million-vehicles/71270856/

 · Officials reported June 15 that a tornado warning in Illinois prompted the cancellation of more than 815 flights at O’Hare International Airport and the cancellation of 25 flights at Midway International Airport. – Associated Press

9. June 15, Associated Press – (Illinois) Wind, rain cause flooding, Chicago flight cancellations. The Chicago Department of Aviation reported June 15 that storms sweeping across northern Illinois prompted a tornado warning that caused the cancellation of more than 815 flights and delays of 2 or more hours at O’Hare International Airport, as well as the cancellation of 25 flights at Midway International Airport. Source: http://www.stltoday.com/news/national/wind-rain-cause-flooding-chicago-flight-cancellations/article_c31cb6d7-81d8-5e36-bd17-15ed649f953b.html

 · Parks Highway in Alaska was closed June 15 for an unspecified amount of time due to a wind shift that sent the Sockeye Fire towards the highway and prompted a 15-mile evacuation.– Alaska Dispatch News

10. June 15, Alaska Dispatch News – (Alaska) Unpredictable Sockeye wildfire appears to shift directions, moves north. Parks Highway from mile marker 71 to Hatcher Pass was closed June 15 for an unspecified amount of time due to a wind shift that sent the Sockeye Fire towards the highway and prompted a 15-mile evacuation of the area while crews responded to the scene. Source: http://www.adn.com/article/20150615/parks-highway-shuts-down-again-sockeye-wildfire-continues-burning

 · Officials reported June 14 that a water main ruptured in Philadelphia and spilled approximately 12.5 million gallons of water onto the roadways. – WCAU 10 Philadelphia

16. June 15, WCAU 10 Philadelphia – (Pennsylvania) Millions of gallons of water flow after water main break in West Philly. The Philadelphia Water Department reported June 14 that a 36-inch water main ruptured in West Philadelphia, spilling approximately 12.5 million gallons of water, prompting the evacuation of 14 people from nearby homes, and submerging a car into a sinkhole located near a gas main that crews had to shut off while responding to the incident. The cause of the rupture remains under investigation Source: http://www.nbcphiladelphia.com/news/local/Water-Main-Break-West-Philadelphia-Water-Department-52nd-Street-307289801.html

Financial Services Sector

6. June 15, U.S. Department of the Treasury – (West Virginia) FinCEN penalizes West Virginia bank for serious BSA violations and actions by a branch manager that assisted criminal activity. The Financial Crimes Enforcement Network announced June 15 a $4.5 million civil money penalty against Bank of Mingo in Williamson, West Virginia, following the bank’s willful violation of the Bank Secrecy Act by staff and a former branch manager who failed to implement and maintain an effective anti-money laundering program from 2008 – 2013, specifically regarding a customer that conducted over $9 million of structured transactions. Source: http://www.fincen.gov/news_room/nr/html/20150615.html

7. June 15, USA Today – (International) Former oil exec pleads guilty in Colombian bribery case. A former co-CEO of PetroTiger pleaded guilty June 15 to violating the Foreign Corrupt Practices Act by conspiring with several company officials to bribe an employee of Colombian Ecopetrol with $333,500 in exchange for help in winning a $45 million contract. Two co-conspirators and a general counsel previously pleaded guilty in connection to the scheme. Source: http://www.usatoday.com/story/money/2015/06/15/colombia-oil-bribery-joseph-sigelman-foreign-corrupt-practices-act-fcpa/71255332/

Information Technology Sector

23. June 16, Infosecurity Magazine – (International) Stegoloader malware hides in images on legit sites. Security researchers from Dell SecureWorks released findings from a report warning of potential new trend in which malware uses digital stenography to evade detection and steal information from affected users via various configurable modules. Source: http://www.infosecurity-magazine.com/news/stegoloader-malware-hides-in/

24. June 16, Softpedia – (International) LastPass has been hacked, change your master password now. Officials from LastPass advised that users change their master passwords after the company discovered that their system was compromised June 12. No user accounts were reported to have been accessed, and encrypted vault data was reportedly not tampered with. Source: http://news.softpedia.com/news/LastPass-Has-Been-Hacked-Change-You-Master-Password-Now-484422.shtml

25. June 16, Securityweek – (International) Canonical patches privilege escalation vulnerability in Ubuntu. Canonical released updates for Ubuntu fixing a local root privilege escalation vulnerability related to the OverlayFS Linux file system’s permissions in which an attacker could gain administrative privileges on the affected system. Source: http://www.securityweek.com/canonical-patches-privilege-escalation-vulnerability-ubuntu

26. June 15, Securityweek – (International) Duqu 2.0 used stolen digital certificate in attacks: Kaspersky Lab. Security researchers at Kaspersky Lab reported that the attackers behind the Duqu 2.0 malware identified in worldwide attacks in June used a stolen valid digital signature from Hon Hai Precision Industry Co., LTD/Foxcon Technology Group to sign a driver that masked command-and-control (C&C) traffic and ensured the persistence of the malware. The attackers reportedly installed the malicious drivers on firewalls, gateways, and servers with direct internet access as well as corporate network access. Source: http://www.securityweek.com/duqu-20-used-stolen-digital-certificate-attacks-kaspersky-lab

27. June 15, Securityweek – (International) Cisco fixes DoS vulnerability affecting carrier routing systems. Cisco released updates for IOS XR Software installed on CRS-3 Carrier Routing Systems addressing a medium severity vulnerability in which an attacker could cause the line card to reload by sending specially crafted packets to the vulnerable device, causing an extended denial-of-service (DoS) condition. Source: http://www.securityweek.com/cisco-fixes-dos-vulnerability-affecting-carrier-routing-systems

Communications Sector

Nothing to report