Complete DHS Report for
September 14, 2015
Daily Report
Top Stories
• Duke Energy Corp.,
reached a settlement September 10 to resolve violations at 5 coal-fired power
plants in North Carolina after the company unlawfully modified 13 coal-fired
electricity generating units. – U.S. Environmental Protection Agency
1. September
11, U.S. Environmental Protection Agency – (North Carolina) Duke
Energy Corp. to reduce emissions from power plants in North Carolina, fund
environmental projects. Duke Energy Corporation reached a settlement
September 10 with the U.S. Environmental Protection Agency and the U.S.
Department of Justice to resolve Clean Air Act violations at 5 coal-fired power
plants in North Carolina after the company allegedly unlawfully modified 13
coal-fired electricity generating units without obtaining permits and
installing proper control technologies. The settlement includes the permanent
shutdown of 11 previously shutdown units, a civil fine of $975,000, and $4.4
million dedicated to environmental migration projects. Source: http://yosemite.epa.gov/opa/admpress.nsf/bd4379a92ceceeac8525735900400c27/02a425eb4c60f2ce85257ebc0055b41b
• Fiat Chrysler
Automobiles issued 3 separate recalls September 10 for nearly 1.7 million model
years 2012 – 2015 Ram 1500 or larger pickup trucks due to several safety issues
and Federal regulation violations. – Detroit Free Press
4. September
10, Detroit Free Press – (National) Fiat Chrysler recalls nearly
1.7 million
Ram pickup trucks. Fiat
Chrysler Automobiles issued 3 separate recalls September 10 for nearly 1.7
million model years 2012 – 2015 Ram 1500 or larger pickup trucks, Quad Cab
pickups, and Chassis Cabs due to wiring harness issues, steering issues, airbag
issues, and Federal regulation violations, among other safety issues. Fiat
Chrysler is in the process of notifying owners of the recall. Source:
http://www.usatoday.com/story/money/cars/2015/09/10/fiat-chrysler-recall-ram-pickup-truck/71997266/
• Three Columbian
nationals were charged September 10 for their roles in a money laundering scheme
in which a China-based organization brought in at least $5 billion in drug
proceeds from the U.S. and several other countries. – Reuters See item 9 below in the Financial Services Sector
• Two men were
arrested September 10 after authorities found and removed 11,700 marijuana
plants in the San Isabel National Forest in Colorado. – KRDO 13 Colorado
Springs; Associated Press
23. September
10, KRDO 13 Colorado Springs; Associated Press –
(Colorado) Illegal marijuana grow found on San Isabel National Forest. Two
men were arrested September 10 at 1 campsite within a marijuana cultivation
area found by law enforcement,
which spread across 10 acres on the San Isabel National Forest in Colorado.
Authorities discovered the illegal grow site near Cordova Pass and removed
11,700 plants, irrigation pipes, pesticides, flammable liquids, camping gear,
and trash. Source: http://www.krdo.com/news/marijuana-site-found-on-san-isabel-national-forest/35211730
Financial Services Sector
7. September
11, Securityweek – (National) CoreBot becomes full-fledged banking trojan. IBM
researchers determined that the CoreBot trojan has evolved to become a
full-fledged banking trojan and includes new features such as browser hooking,
real-time form grabbing, a virtual network computing (VNC) module for remote
control, and man-in-the-middle (MitM) functionality, among other features. The
new CoreBot’s data theft routines have evolved, which has made the trojan
similar to the Zeus, Dridex, and Dyre trojans. Source: http://www.securityweek.com/corebot-becomes-full-fledged-banking-trojan
8. September
10, Associated Press – (International) Wall Street exec charged with manipulating
stock prices. Officials arrested a New York financier September 10 for
allegedly hiding his control of U.S. companies traded over-the-counter by using
family members and employees to obtain shares, and for using a Beijing-based
subsidiary to offer
help to Chinese companies seeking to raise U.S. capital by arranging reverse
mergers, allowing the Chinese companies to take control of U.S. shell
companies. The financier manipulated stock prices by reportedly using two
brokers to solicit customers to buy shares while discouraging sales. Source: http://www.cnbc.com/2015/09/10/wall-street-exec-charged-with-manipulating-stock-prices.html
9. September
10, Reuters – (International) U.S. charges three in multibillion-dollar
drug money laundering scheme. Three Columbian nationals were charged
September 10 for their roles in a global money laundering network, in which a Guangzhou,
China-based organization brought in at least $5 billion in drug proceeds from
the U.S. and several other countries by using Chinese casinos, currency
exchange houses, export companies and factories to receive the proceeds. The
money traveled through networks in Hong Kong and China and was used to purchase
counterfeit goods that were shipped to other countries. Source: http://www.reuters.com/article/2015/09/10/usa-crime-drugtrafficking-idUSL1N11G1WM20150910
Information Technology Sector
25. September
11, Securityweek – (International) Yokogawa patches serious flaws in ICS
products. Japan-based Yokogawa Electric released patches addressing three
critical flaws related to network communication functions affecting several of
the company’s industrial control system (ICS) products. The remotely
exploitable vulnerabilities include buffer overflows and a flaw that could
allow an attacker to execute arbitrary code. Source: http://www.securityweek.com/yokogawa-patches-serious-flaws-ics-products
26. September
10, Securityweek – (International) No patches available for flaws in Cisco
security appliances. Cisco revealed that its content security management
appliance (SMA) 7.8.0-000 and possibly other versions are affected by
denial-of-service (DoS) vulnerabilities that can be exploited remotely by an
unauthenticated attacker due to inadequate validation of user credentials for
incoming hypertext transfer protocol (HTTP) requests. Customers were urged to
apply workarounds while the company worked to release a software update
addressing the vulnerabilities. Source: http://www.securityweek.com/no-patches-available-flaws-cisco-security-appliances
For another story, see item 7 above in the Financial Services Sector
Communications Sector
See item 25 above in the Information Technology
Sector