Thursday, April 21, 2016



Complete DHS Report for April 21, 2016

Daily Report                                            

Top Stories

• Polaris Industries Inc., issued a recall April 19 for approximately 133,000 of its model years 2013 – 2016 RZR 900 and RZR 1000 recreation off-highway vehicles (ROVs) due to fire and burn hazards. – U.S. Consumer Product Safety Commission

1. April 19, U.S. Consumer Product Safety Commission – (National) Polaris recalls RZR recreational off-highway vehicles due to fire hazard; severe burns injuries, one death reported. The U.S. Consumer Product Safety Commission announced April 19 that Polaris Industries Inc., issued a recall for approximately 133,000 of its model years 2013 – 2016 RZR 900 and RZR 1000 recreation off-highway vehicles (ROVs) due to fire and burn hazards to drivers and passengers after the company received over 160 reports of fires associated with the ROVs, resulting in 1 death and 19 injuries. Source: https://www.cpsc.gov/en/Recalls/2016/Polaris-Recalls-RZR-Recreational-Off-Highway-Vehicles/

• An April 18 barn fire at the Milford Hutterite Colony in Montana killed 3,100 pigs which were being raised for market, with an estimated value of $372,000 – $480,000. – Great Falls Tribune

8. April 20, Great Falls Tribune – (Montana) 3,100 pigs perish in barn fire on Milford Colony. An April 18 barn fire at the Milford Hutterite Colony in Montana killed 3,100 pigs which were being raised for market with an estimated worth value of $372,000 – $480,000. Authorities are investigating the total amount of damages and the cause of the fire. Source: http://www.greatfallstribune.com/story/news/local/2016/04/19/pigs-perish-barn-fire-milford-hutterite-colony/83240628/

• The City of Buda advised the public to avoid water, waste material, or soil around the Garlic Creek, Texas, following an April 19 spill at a lift station that released approximately 195,400 gallons of waste water into the creek. – KVUE 24 Austin

11. April 19, KVUE 24 Austin – (Texas) Estimated 195K gallons wastewater spills in Buda. The City of Buda reported an April 19 spill at a lift station released approximately 195,400 gallons of wastewater into Garlic Creek, and prompted an advisory to the public to avoid water, waste material, or soil in the surrounding area. The city stated that the spill was likely caused when a bypass pump malfunctioned while a contractor was installing new equipment. Source: http://www.kvue.com/news/local/estimated-195k-gallons-wastewater-spills-in-buda/143363172

• Kaspersky launched a new cyber-security tool named Industrial CyberSecurity, which will help Industrial Control Systems/Supervisory Control And Data Acquisition (ICS/SCADA) equipment become more resilient against cyberattacks. – Softpedia See item 21 below in the Information Technology Sector

Financial Services Sector

2. April 19, WCNC 36 Charlotte – (North Carolina) 3 wanted in Gaston Co. skimming case. Gastonia Police reported April 19 that they were searching for 3 suspects believed to be involved in 21 fraud cases after the trio installed skimming devices in Gaston County gas stations and stole customer’s debit card information and personal identification numbers (PINs). Source: http://www.wcnc.com/news/crime/frauds-in-gaston-county-apparently-connected-to-skimmer/140980495

3. April 19, U.S. Securities and Exchange Commission – (National) SEC announces financial fraud cases. The U.S. Securities and Exchange Commission (SEC) reported April 19 that Logitech International agreed to pay over $7.5 million in Federal penalties for allegations that the company inflated its 2011 financial records to meet its earning guidance during a 5-year period and that 4 of its executives violated Logitech’s warranty accrual accounting, minimized the write-downs of millions of dollars of excess component parts, and failed to remunerate an earlier acquisition. The SEC also stated that 3 former executives at Ener1, Inc., agreed to pay a total of $180,000 in penalties after the trio overstated revenues and assets in 2010 and overstated assets in the first quarter of 2011.

Information Technology Sector

18. April 20, Softpedia – (International) New PWOBot Python malware can log keystrokes, mine for bitcoin. Security researchers from Palo Alto Networks discovered a new malware family dubbed PWOBot was encoded in Python and PWOBot modules can execute other binaries, launch an Hypertext Transfer Protocol (HTTP) server, log keystrokes, execute custom Python code, query remote Universal Resource Languages (URLs), as well as mine for bitcoins by using the victim’s central processing unit (CPU) or graphics processing unit (GPU). Source: http://news.softpedia.com/news/new-pwobot-python-malware-can-logs-keystrokes-mine-for-bitcoin-503208.shtml

19. April 20, Softpedia – (International) Oracle patches 138 bugs, 9 in Java, 31 in MySQL. Oracle released patches addressing 136 security issues, of which 9 were considered critical flaws, in 49 different product suites including Oracle Database, Java, MySQL, Solaris, Berkeley Database, and VirtualBox, among other products. Users were advised to update their software to the latest versions. Source: http://news.softpedia.com/news/oracle-patches-138-bugs-9-in-java-31-in-mysql-503204.shtml

20. April 19, Softpedia – (International) Security firm discovers secret plan to hack numerous websites and forums. Security researchers from SurfWatch Labs reported that they prevented a new trojan named Thanatos, from potentially infecting thousands of Invision Power Services (IPS) servers after researchers scanned the Dark Web and discovered attackers were planning to exploit a vulnerability in the infrastructure of IPS by accessing the Web sites of IPS’ customers and adding an exploit kit on each page. IPS was informed of the attacker’s scheme and shut down all its access points. Source: http://news.softpedia.com/news/security-firm-discovers-secret-plan-to-hack-numerous-websites-and-forums-503186.shtml

21. April 19, Softpedia – (International) Kaspersky announces antivirus for Industrial Control Systems (ICS). Kaspersky launched a new cyber-security tool, named Industrial CyberSecurity, which will help Industrial Control Systems/Supervisory Control And Data Acquisition (ICS/SCADA) equipment become more resilient against cyberattacks and will prevent attackers from damaging railway systems, nuclear power plants, oil and gas companies, and various other SCADA equipment by including an “observability mode” which will alert operators of cyberattacks, personnel faults, and anomalies inside an industrial network, among other features. Source: http://news.softpedia.com/news/kaspersky-announces-antivirus-for-industrial-control-systems-ics-503174.shtml

Communications Sector

Nothing to report