Complete DHS Report for January 3, 2017
Daily Report
Top Stories
• A powerful snowstorm caused nearly 100,000 people across Maine
to lose power December 30. – Portland Press Herald
1. December 30, Portland
Press Herald – (Maine) Nearly 100,000 Mainers still without power after
snowstorm dumps up to 27 inches in state. A powerful snowstorm caused
nearly 100,000 people across Maine to lose power December 30. Central Maine
Power Company officials reported it may take several days to restore power in
some areas due to widespread damage and difficult travel conditions. Source:
http://www.pressherald.com/2016/12/30/storm-dumps-nearly-2-feet-in-parts-of-maine-causes-widespread-power-outages/
• Honda Motor Co. issued a recall December 29 for 633,753 of its
model years 2011 – 2016 Honda Odyssey vehicles sold in the U.S. due to faulty
release levers on the second-row outboard seats that can stay unlocked. – TheCarConnection.com
3. December 29,
TheCarConnection.com – (National) 2011-2016 Honda Odyssey minivans
recalled: 641,000 vehicles affected. Honda Motor Co. issued a recall
December 29 for 633,753 of its model years 2011 – 2016 Honda Odyssey vehicles
sold in the U.S. due to faulty release levers on the second-row outboard seats
that can stay in the unlocked position even after the seats are returned to the
proper position, which can increase the risk of injury in the event of a
collision or sudden stop. Honda Motor Co. also issued a recall December 29 for
7,549 of its 2016 Honda Odyssey vehicles sold in the U.S. because of an issue
with the horizontal adjuster bar in the second-row center seat that may also
remain in the unlocked position. Source: http://www.thecarconnection.com/news/1108052_2011-2016-honda-odyssey-minivans-recalled-641000-vehicles-affected
• General Cable Corporation
agreed December 29 to pay $20 million to resolve Foreign Corrupt Practices Act
violations after the company made improper payments to government officials in
China, Angola, Indonesia, and other countries to illicitly win business worth
more than $50 million in profits. – U.S. Department of Justice
4. December 29, U.S.
Department of Justice – (International) General Cable Corporation agrees
to pay $20 million penalty for foreign bribery schemes in Asia and Africa. General
Cable Corporation agreed December 29 to pay $20 million to resolve Foreign
Corrupt Practices Act violations after the company made improper payments to
government officials in China, Angola, and Indonesia, among other countries in
order to illicitly win business, which resulted in more than $50 million in profits.
In a related settlement, the U.S. Securities and Exchange Commission (SEC)
filed a cease and desist order against the company, and General Cable agreed to
pay the SEC about $55 million.
• The U.S. Department of Homeland Security and FBI published a
Joint Analysis Report (JAR) December 29 detailing the tools Russian hackers
used to attack the U.S. presidential election after two actors, Advanced
Persistent Threat (APT) 29 and APT 28, participated in cyberattacks against a
U.S. political party in 2015 and 2016. – SecurityWeek
15. December 30,
SecurityWeek – (International) U.S. attributes election hacks to Russian
threat groups. The U.S. Department of Homeland Security and FBI published a
Joint Analysis Report (JAR) December 29 detailing the tools that Russian
hackers used in attacks against the U.S. presidential election after two
different actors, Advanced Persistent Threat (APT) 29 and APT 28, participated
in cyberattacks against a U.S. political party in 2015 and 2016. The U.S.
President announced several retaliatory actions against Russia in response to
the election hacks, which include denying access to two Russian compounds
inside the U.S., expelling 35 diplomats, and implementing sanctions on two
intelligence agencies.
Financial Services Sector
6. December 29, WSOC 9
Charlotte – (North Carolina) Feds arrest two in complex Charlotte
credit-card fraud scheme. Two individuals were charged the week of December
19 for allegedly using their accounts at a Rock Hill, North Carolina-based
business known as P.A. to obtain the Social Security numbers and other personal
information of Charlotte area residents by using skiptracing services provided
by another company, TransUnion Risk and Alternative Data Solutions, Inc., to
run queries on 10,000 victims and acquire at least 80 fraudulent credit cards
in their names. The charges allege that one of the suspects stole the credit
cards that they fraudulently applied for out of residents’ mailboxes. Source: http://www.wsoctv.com/news/local/feds-arrest-two-in-complex-charlotte-credit-card-fraud-scheme/479451022
Information Technology Sector
18. December 30,
SecurityWeek – (International) Sundown exploit kit starts using
steganography. Trend Micro security researchers reported that a new version
of the Sundown exploit kit (EK) leverages steganography to hide its malicious
traffic in legitimate-seeming Portable Network Graphics (PNG) image files to
disguise various exploits, including those targeting Microsoft’s Internet
Explorer and Adobe’s Flash Player.
For another story, see item 20
below from the Commercial
Facilities Sector
20. December 29,
SecurityWeek – (International) Topps customer data exposed after Website
hack. The Topps Company, Inc. notified its customers the week of December
26 that one or more attackers hacked its Website and accessed sensitive
information including names, addresses, payment card data, and phone numbers of
those customers who placed an order via the company’s Website between July and
October 2016.
Communications Sector
See item 4 above in Top Stories