Complete DHS Report for May 16, 2016
Daily Report
Top Stories
• Federal authorities announced that nearly 90,000 gallons of
crude oil was released into the Gulf of Mexico from Shell Offshore Inc.’s
Glider subsea system at its Brutus platform off the Louisiana coast May 12. – NBC
News
1. May 12,
NBC News – (International) Tens of thousands of gallons of crude oil
spill into the Gulf of Mexico. Federal authorities announced that nearly
90,000 gallons of crude oil was released into the Gulf of Mexico from Shell
Offshore Inc.’s Glider subsea system at its Brutus platform off the Louisiana
coast May 12. Shell reported that production from all wells that flow to the
platform were shut off and the U.S. Coast Guard stated that the spill was
contained and cleanup operations were underway. Source: http://www.nbcnews.com/news/us-news/tens-thousands-gallons-crude-oil-spill-gulf-mexico-n573311
• Federal officials announced May 12 new steps to address methane
emissions from both new and existing sources in the oil and gas sector in an
effort to reduce 510,000 short tons of methane by 2025. – U.S. Environmental
Protection Agency
2. May 12,
U.S. Environmental Protection Agency – (National) EPA releases
first-ever standards to cut methane emissions from the oil and gas sector. The
U.S. Environmental Protection Agency announced May 12 new steps to address
methane emissions from both new and existing sources in the oil and gas sector,
which include clarification of the Source Determination Rule, and a final
Federal implementation plan for the Minor New Source Review Program in Indian
County in an effort to reduce 510,000 short tons of methane by 2025. The new
regulations also include the issuance of an Information Collection Request
(ICR) that seeks information on the types of technology that could be used to
reduce emissions and their associated costs.
• The governor of Michigan announced May 12 that the State will
pay all Flint water bills in May to encourage the flushing of lead from old
pipes and the recoating of plumbing with a corrosion chemical. – Associated
Press
18. May 12,
Associated Press – (Michigan) Michigan will pay Flint’s water bill in May. The
governor of Michigan announced May 12 that the State will pay all Flint water
bills in May to encourage the flushing of lead from old pipes and the recoating
of plumbing with a corrosion chemical. The campaign, which began May 1 and will
cost the State an estimated $1.7 million, urges residents to run cold water for
10 minutes a day for 14 days in order to help rid the system of toxic lead. Source:
http://www.abcactionnews.com/news/national/michigan-will-pay-flints-water-bill-in-may
• Three doctors were charged May 12 for allegedly selling more
than $5 million worth of prescription drugs from a now-defunct business on
South Broad Street in Philadelphia under the guise of offering help to addicts.
– WPVI 6 Philadelphia
19. May 12,
WPVI 6 Philadelphia – (Pennsylvania) Philadelphia doctors charged in $5M
prescription drug bust. Three doctors were charged May 12 for allegedly
selling more than $5 million worth of prescription drugs from a now-defunct
business on South Broad Street in Philadelphia known as the National
Association for Substance Abuse, Prevention & Treatment by reaching out to
unsuspecting families of addicts under the guise of offering help. The doctors
reportedly exploited the addictions by writing prescriptions for commonly
abused drugs without medical or mental evaluations in exchange for cash.
Financial Services Sector
5. May 13,
IDG News Service – (International) SWIFT warns of malware attack on another
customer. The Society for Worldwide Interbank Financial Telecommunication
(SWIFT) warned customers May 13 against a second malware attack discovered at a
bank using its services that targeted customer banks’ secondary security
controls by modifying the bank’s PDF reader with malicious software to conceal
the fraudulent transactions in PDF reports of payment confirmations. Attackers
also exploited vulnerabilities in the bank’s systems in order to initiate fund
transfers, steal credentials, and use them to send irrevocable fund transfer
orders via the SWIFT network.
6. May 12,
Associated Press – (National) RushCard to pay $19 million to users for last year’s
outage. RushCard agreed to pay at least $19 million to compensate its users
impacted by an October 2015 service outage after the company attempted to
switch payment processors, which caused tens of thousands of RushCard accounts
to freeze leaving customers without access to their money for as long as 2
weeks. According to the agreement, the company will pay each customer who could
not access their funds at least $100, and up to $500 to individuals who can
document any losses incurred due to the outage. Source: http://www.wsfa.com/story/31959686/rushcard-to-pay-19-million-to-users-for-last-years-outage
7. May 12,
KCCI 8 Des Moines – (Iowa) Former worker pleads guilty in $626,941 banks
embezzlement case. The former president of People’s Savings Bank in
Crawfordsville, Iowa, pleaded guilty May 9 to embezzling $626,941 from the bank
after he created multiple straw loans involving existing bank customers and
stole the loan proceeds from December 2002 – March 2013. Officials stated the
former executive also received unauthorized bonuses and salary increases from
January 2008 – October 2013. Source: http://www.kcci.com/news/former-worker-pleads-guilty-in-626941-bank-embezzlement-case/39513608
Information Technology Sector
22. May 12,
SecurityWeek – (International) Adobe patches Flash zero-day exploited in the
wild. Adobe updated its Flash Player for Microsoft Windows, Apple Mac, and
Linux addressing 25 vulnerabilities including a type confusion, use-after-free,
buffer overflow, directory search path, various memory corruption
vulnerabilities that can lead to arbitrary code execution, and a zero-day that
has been exploited in the wild. Source: http://www.securityweek.com/adobe-patches-flash-zero-day-exploited-wild
23. May 12,
Softpedia – (International) 7-Zip 16.0 released to fix gaping security
hole. The 7-Zip project released version 16.0 of their open-source
(de)compression software patching two critical vulnerabilities discovered by
Cisco’s Talos team, which include a heap overflow vulnerability and an
out-of-bounds read vulnerability, due to an issue with how the 7-Zip client
handles Universal Disk Format (UDF) files. Attackers can create a booby-trapped
7-Zip archive which contains a malicious file that clients’ can unzip,
initiating the attack. Source: http://news.softpedia.com/news/7-zip-16-0-released-to-fix-gaping-security-hole-504003.shtml
For another story, see item 12 below from the Transportation Systems Sector
12. May 12,
Network World – (National) DHS inspector general lambasts TSA’s IT security
flaws. The DHS Office of Inspector General released a report the week of
May 9 following a review of the Transportation Security Administration’s (TSA)
Security Technology Integrated Program (STIP) and its Information Technology
(IT) department, which found several security issues including unpatched
software, inadequate contractor oversight, physical security, and inadequate
vulnerability reporting, among other issues. The TSA stated that it is
addressing the recommendations made in the report, and has developed a
Cybersecurity Statement of Objective in order to bring legacy transportation
security equipment into compliance with IT security controls mandated by DHS. Source:
http://www.networkworld.com/article/3069561/careers/dhs-inspector-general-lambasts-tsa-s-it-security-flaws.html
Communications Sector
Nothing to report
No comments:
Post a Comment