Complete DHS Report for April 4, 2016
Daily Report
Top Stories
• Berkshire Power Company LLC, Power Plant Management Services,
and the Wood Group agreed to pay about $8.5 million March 30 for improperly
reporting data about emissions and tampering with equipment that monitors air
pollution at a power plant in Agawam, Massachusetts. – WWLP 22 Springfield
2. March 30,
WWLP 22 Springfield – (Massachusetts) Power plant owner, managers to pay $8.5M for
falsely reporting on pollution. The U.S. Department of Justice and
Massachusetts officials reported March 30 that Berkshire Power Company LLC,
Power Plant Management Services, and the Wood Group will pay about $8.5 million
in criminal and civil penalties for conspiring to violate the Clean Air Act at
the Berkshire Power plant in Agawam by improperly reporting data about
emissions and tampering with equipment that monitors air pollution. Prosecutors
allege that Berkshire Power and Power Plant Management Services encouraged
employees with the Wood Group, a company hired to run daily plant operations,
to tamper with equipment while Berkshire Power and Power Plant Management
Services submitted the skewed data to the U.S. Environmental Protection Agency
and Massachusetts Department of Environmental Protection. Source: http://wwlp.com/2016/03/30/power-plant-owner-managers-to-pay-8-5m-for-falsely-reporting-on-pollution/
• Volkswagen AG issued a recall April 1 for approximately 91,000
of its model years 2012 – 2014 Passat vehicles due to improperly assembled wire
seals which can allow water to contact the electrical terminals and short. – Associated
Press
4. April 1,
Associated Press – (National) VW recalls diesel Passats; wiring trouble can
cause fires. Volkswagen AG issued a recall April 1 for approximately 91,000
of its model years 2012 – 2014 Passat vehicles equipped with diesel engines
after Volkswagen factory workers reported underbody fires due to improperly
assembled wire seals in an electrical connector which can allow water to
contact the electrical terminals and short, thereby causing a fire to ignite
under the vehicle. Source: http://www.startribune.com/vw-recalls-diesel-passats-wiring-trouble-can-cause-fires/374249701/
• A gunman was shot and killed by two Virginia State Police
troopers after he shot and killed another trooper at a Greyhound bus station in
Richmond March 31, prompting the bus station’s indefinite closure. – WVEC 13
Hampton; Associated Press
9. April 1,
WVEC 13 Hampton; Associated Press – (Virginia) Trooper shot at
Richmond, Va., bus station dies. A gunman was shot and killed by two
Virginia State Police troopers after he shot and killed another trooper at a
Greyhound bus station in Richmond, Virginia, March 31, prompting the bus
station’s indefinite closure while authorities investigate the incident. Two
civilians were also injured and officials reported that troopers were
participating in drug interdiction training at the bus station during the
shooting. Source: http://www.usatoday.com/story/news/2016/03/31/reports-active-shooter-richmond-bus-station/82477794/
• Terminix International Company LP and its U.S. Virgin Islands
operation agreed to pay $10 million March 29 after the companies illegally
applied fumigants with methyl bromide in multiple locations in the U.S. Virgin
Islands. – U.S. Department of Justice
17. March 31,
U.S. Department of Justice – (U.S. Virgin Islands) Terminix companies
agree to pay $10 million for applying restricted-use pesticide to residences in
the U.S. Virgin Islands. The U.S. Department of Justice and U.S.
Environmental Protection Agency announced March 29 that Terminix International
Company LP (Terrminix LP) and its U.S. Virgin Islands operation, Terminix
International USVI LLC (Terrminix, USVI) were charged with violating the
Federal Insecticide, Fungicide, and Rodenticide Act after the companies
illegally applied fumigants with methyl bromide in multiple residential
locations in the U.S. Virgin Islands from September 2012 – March 2015, causing
four people to fall seriously ill in 2015. Terrminix LP and Terrminix, USVI
will be required to pay a total of $10 million in criminal fines, community
service, and restitution payments, and the companies will be required to cease
its use of pesticides containing methyl bromide in the U.S. and its
territories. Source:
https://www.justice.gov/opa/pr/terminix-companies-agree-pay-10-million-applying-restricted-use-pesticide-residences-us
Financial Services Sector
6. April 1,
WLNS 6 Lansing – (International) Four arrested in Calhoun County for allegedly
possessing over 100 fraudulent credit cards. Authorities from the Calhoun
County Sheriff’s Office in Michigan announced April 1 that 4 Chicago-area
residents were arrested the week of March 28 after police found about 150
fraudulent credit cards from other countries in the group’s vehicle. Police
were alerted to the suspects’ vehicle after a gas station attendant notified
the police about possible credit card fraud. Source: http://wlns.com/2016/04/01/four-arrested-in-calhoun-county-for-allegedly-possessing-over-100-fraudulent-credit-cards/
7. April 1,
DNAinfo.com – (Illinois) 200 fake credit cards set off bomb detector at
Midway, prosecutors say. Officials at Chicago Midway International Airport
discovered a total of 200 fraudulent gift cards and debit cards March 29 after
the magnetic strips on the cards triggered a bomb detector in airport security.
Authorities stated that the fraudulent cards were found wrapped in shoes and
socks. Source: https://www.dnainfo.com/chicago/20160401/midway/200-fake-credit-cards-set-off-bomb-detector-at-midway-prosecutors-say
Information Technology Sector
20. April 1,
SecurityWeek – (International) Code execution flaw found in Lhasa
decompression library. Lhasa released version 0.3.1 for its open source
tool and library product addressing an integer underflow vulnerability after
Cisco TALOS researchers found hackers could exploit the flaw for arbitrary code
execution by tricking victims into opening a specially crafted file, as well as
through file scanning systems that leverage the vulnerable library to read the
content of LZH and LHA files. Source: http://www.securityweek.com/code-execution-flaw-found-lhasa-decompression-library
21. March 31,
Softpedia – (International) Rokku ransomware uses QR codes to help you
pay for your files. Security researchers from Avira discovered a new
ransomware named Rokku that encrypts victims’ files while attaching the “.rokku”
extension via spam emails embedded with malicious email attachments that will
execute the ransomware’s encryption process when opened. Source: http://news.softpedia.com/news/rokku-ransomware-uses-qr-codes-to-help-you-pay-for-your-files-502446.shtml
22. March 31,
Softpedia – (International) SideStepper attack targets corporate iOS
devices. Security researchers from Check Point discovered a new attack
method dubbed SideStepper that targets Apple iOS devices used in enterprise
environments and are enrolled in Mobile Device Management (MDM) setups, which
could allow attackers to bypass iOS security protections and install malware on
a device by sending a malicious configuration profile via email, instant
messaging (IM), or short message service (SMS) to the device, through the use
of a legitimate enterprise certificate to install malicious apps via a trivial
Man-in-the-Middle (MitM) attack. Source: http://news.softpedia.com/news/sidestepper-attack-targets-corporate-ios-devices-502422.shtml
Communications Sector
Nothing to report