Complete DHS Report for May 23, 2016
Daily Report
Top Stories
• Fiat Chrysler Automobiles issued a recall May 19 for 392,464 of
its Jeep Wrangler vehicles due to faulty clocksprings that can prevent
driver-side airbags from deploying in a crash. – TheCarConnection.com
6. May 19,
TheCarConnection.com – (International) 2007-2016 Jeep Wrangler recalled for airbag
problem: 506,000 vehicles affected. Fiat Chrysler Automobiles issued a
recall May 19 for 392,464 of its model years 2007 – 2016 Jeep Wrangler vehicles
and 7,435 of its model years 2011-2016 special-duty, right-hand-drive Jeep
Wrangler vehicles sold in the U.S. due to faulty clocksprings that can be
compromised following excessive exposure to dust and dirt, thereby preventing
driver-side airbags from deploying in a crash. The recall affects an additional
35,412 vehicles in Canada, 8,529 in Mexico, and 62,580 elsewhere. Source: http://www.thecarconnection.com/news/1104048_2007-2016-jeep-wrangler-recalled-for-airbag-problem-506000-vehicles-affected
• Federal regulators issued stricter guidelines May 19 for human
exposure to the chemicals perfluorooctanoic acid (PFOA) and perfluorooctane
sulfonate (PFOS), and advised water systems with high concentrations of the
chemicals to notify residents and consult with their State drinking water
agencies. – Associated Press
16. May 19,
Associated Press – (National) EPA suggests tighter limits for industrial
chemical in water. The U.S. Environmental Protection Agency (EPA) issued
stricter guidelines May 19 for human exposure to the chemicals
perfluorooctanoic acid (PFOA) and perfluorooctane sulfonate (PFOS), and advised
water systems where concentrations of PFOA or PFOS are found above 70 parts per
trillion to promptly notify residents and consult with their State drinking
water agencies. Source: https://www.washingtonpost.com/politics/federal_government/epa-suggests-tighter-limits-for-industrial-chemical-in-water/2016/05/19/fc135574-1e16-11e6-82c2-a7dcb313287d_story.html
• Authorities announced May 18 that 14 vendors were taken into
custody out of the 21 who were charged in connection to selling New York
tourists tickets for ferries that circled New York Harbor without stopping. – New
York Times
20. May 18,
New York Times – (New York) 21 vendors face charges of selling fake tickets to
the Statue of Liberty. Authorities announced May 18 that 14 vendors were
taken into custody out of the 21 who were charged in connection to selling New
York tourists tickets for ferries that circled New York Harbor without
stopping, under the guise of tickets to boats that stopped at the Statue of
Liberty and Ellis Island. The vendors reportedly used aggressive tactics. Source:
http://www.nytimes.com/2016/05/19/nyregion/21-vendors-face-charges-of-selling-fake-tickets-to-the-statue-of-liberty.html
• The Barry-Eaton District Health Department reported May 19 that
a norovirus outbreak has ceased after more than 100 people were sickened from
May 7 – May 8 at the Carrabba’s Italian Grill restaurant in Lansing, Michigan.
– Food Poisoning Bulletin
27. May 19,
Food Poisoning Bulletin – (Michigan) Norovirus outbreak at
Carrabba’s in Lansing, MI ends 100+ sick. The Barry-Eaton District Health
Department reported May 19 that a norovirus outbreak has ceased after more than
100 people were sickened from May 7 – May 8 at the Carrabba’s Italian Grill
restaurant in Lansing, Michigan. The restaurant closed voluntarily to conduct
sanitation procedures, and the exact cause of the outbreak was not yet
determined. Source: https://foodpoisoningbulletin.com/2016/norovirus-outbreak-at-carrabbas-in-lansing-mi-ends-100-sick/
Financial Services Sector
8. May 19,
U.S. Securities and Exchange Commission – (National) SEC announces
insider trading charges in case involving sports gambler and board member. The
U.S. Securities and Exchange Commission announced insider trading charges May
19 against a professional sports gambler and a former board member at Dean
Foods Company after the board member allegedly provided the gambler with
advance information about Dean Foods including market-moving events, and
company earnings statements from 2008 – 2012, among other information regarding
Darden Restaurants stocks, which the gambler used to make $40 million in
illegal profits. Officials stated the duo used prepaid cell phones and other
methods to conceal the illicit activity, and convinced a professional athlete
to trade the food company’s securities to pay off a gambling debt.
Information Technology Sector
22. May 20,
The Register – (International) 60 percent of Androids exposed by new attack
on mediaserver. A security researcher from Duo reported that about 60
percent of enterprise Android phones running Lollipop version 5 operating
system (OS), KitKat version 4.4, and Marshmallow version 6 OS were susceptible
to a Qualcomm Secure Execution Environment (QSEE) vulnerability after
researchers discovered the flaw in the mediaserver component that could allow
an attacker to gain complete control over the device by tricking users into
installing a malicious app. Source: http://www.theregister.co.uk/2016/05/20/pick_your_favourite_new_attack_pwns_60_percent_of_new_old_androids/
23. May 20,
Softpedia – (International) Researcher wins $5,000 for finding two ways
to brute-force Instagram accounts. Facebook fixed two security flaws on its
social network, Instagram that could have allowed an attacker to execute
brute-force attacks and gain control over users’ accounts due to Instagram’s
weak password policy, its usage of incremental user identifications, and lack
of proper rate limiting protection. Source: http://news.softpedia.com/news/researcher-wins-5-000-for-finding-two-ways-to-brute-force-instagram-accounts-504290.shtml
24. May 20,
SecurityWeek – (International) Vulnerabilities found in Siemens SIPROTEC
protection relays. Security researchers from Siemens and the Industrial
Control Systems Cyber Emergency Response Team (ICS-CERT) discovered SIPROTEC 4
and SIPROTEC Compact devices were plagued with several information disclosure
vulnerabilities that can allow attackers to obtain sensitive device information
if hackers gain access to the network hosting the devices. Siemen released
updates for its firmware version 4.27, but has yet to release updates for other
relays. Source: http://www.securityweek.com/vulnerabilities-found-siemens-siprotec-protection-relays
Communications Sector
25. May 19,
SecurityWeek – (National) Serious vulnerabilities found in Moxa industrial
secure routers. Moxa released a firmware update for its EDR-G903 series
industrial routers versions 3.4.11 and older, patching several high severity
vulnerabilities that can be exploited for denial-of-service (DoS) attacks,
privilege escalation, and arbitrary code execution, including configuration and
log files that can be accessed on the Web server by accessing a specific
Uniform Resource Locator (URL), allowing an unauthenticated attacker to
download the configuration and log files. Source: http://www.securityweek.com/serious-vulnerabilities-found-moxa-industrial-secure-routers
No comments:
Post a Comment