Complete DHS Report for September 29, 2016
Daily Report
Top Stories
• Federal officials announced September 27 that Kirby Inland
Marine L.P. agreed to pay $4.9 million to resolve claims stemming from a
4,000-barrel oil spill in the Houston Ship Channel in March 2014. – U. S.
Department of Justice
2. September
27, U.S. Department of Justice – (Texas) Kirby Inland Marine to
pay $4.9 million in civil penalties and provide fleet-wide improvements to
resolve U.S. claims for Houston Ship Channel oil spill. U.S. Department of
Justice and U.S. Coast Guard officials announced September 27 that Kirby Inland
Marine L.P. agreed to pay $4.9 million in Clean Water Act civil penalties to
resolve claims stemming from a 4,000-barrel oil spill in the Houston Ship
Channel in March 2014. As part of the settlement, Kirby Inland Marine must
implement fleet-wide operational improvements to vessels operating in the
inland waters of the U.S., including the installation of enhanced navigational
equipment of vessels, among other improvements. Source: https://www.justice.gov/opa/pr/kirby-inland-marine-pay-49-million-civil-penalties-and-provide-fleet-wide-improvements
• Two employees at a supermarket in Pawtucket, Rhode Island, were
convicted September 27 for their roles in a $2.6 million Stolen Identity Refund
Fraud scheme that began in January 2010. – U.S. Attorney’s Office, District
of Rhode Island See item 5 below in
the Financial Services Sector
• UBS Financial Services agreed September 28 to pay more than $15
million to settle charges alleging that the company failed to properly train
sales representatives on the $548 million in reverse convertible notes (RCN)
sold to over 8,700 retail customers. – U.S. Securities and Exchange
Commission See item 6 below in
the Financial Services Sector
• A former Commonwealth Bank of Australia executive was charged
September 26 after he and several co-conspirators in Australia and the U.S.
allegedly defrauded Computer Sciences Corporation out of $98 million. – U.S.
Department of Justice See item 23 below in
the Information Technology Sector
Financial Services Sector
5. September
28, U.S. Attorney’s Office, District of Rhode Island –
(International) Jury convicts two in $2.6M stolen identity, tax fraud
scheme. Two employees of the Dominican Supermarket in Pawtucket, Rhode
Island, were convicted September 27 for their roles in a $2.6 million Stolen
Identity Refund Fraud (SIRF) scheme where the duo and co-conspirators used more
than 400 stolen identities, primarily from residents of Puerto Rico, to file
falsified tax returns since January 2010. The charges state that counterfeit
treasury checks were mailed to various locations in Rhode Island,
Massachusetts, and New York and subsequently deposited into 27 different bank accounts
controlled by the co-conspirators or others affiliated with the supermarket,
and over $235,000 of the illicit earnings were transferred to a bank in the
Dominican Republic.
6. September
28, U.S. Securities and Exchange Commission – (International) SEC
charges UBS with supervisory failures in sale of complex products to retail
investors. The U.S. Securities and Exchange Commission (SEC) announced
September 28 that UBS Financial Services agreed to pay more than $15 million to
settle charges alleging that the company failed to create and institute
policies and procedures intended to properly educate and train sales
representatives on the $548 million in reverse convertible notes (RCNs) it sold
to over 8,700 inexperienced retail investors, which caused representatives to
make unfit recommendations on RCN sales to certain retail clients regarding
their investment profiles. As part of the settlement, the company will be
censured by the SEC. Source: https://www.sec.gov/news/pressrelease/2016-197.html
For another story, see
item 23 below in the Information
Technology Sector
Information Technology Sector
21. September
28, SecurityWeek – (International) High severity DoS flaw patched in BIND. The
Internet Systems Consortium released updates for the Domain Name System (DNS)
software BIND addressing two vulnerabilities, including a high severity
denial-of-service (DoS) flaw affecting all servers that can receive request
packets from any source, which can be exploited using maliciously crafted DNS
request packets. The updates also resolved a medium severity DoS flaw that can
cause a targeted server to terminate due to an error. Source: http://www.securityweek.com/high-severity-dos-flaw-patched-bind
22. September
28, SecurityWeek – (International) Locky ransomware drops offline mode. Security
researchers reported that the Locky ransomware adopted new methods after a
BleepingComputer researcher spotted the malware appending the .ODIN extension
to encrypted files, instead of the .zepto extension, and researchers from Avira
found the ransomware switched back to the use of a command and control (C&C)
server and dropped the use of an offline mode. The updated Locky version is
still distributed via spam email campaigns that contain malicious code in the
file attachments, which infects a system in order to deliver a ransom note. Source: http://www.securityweek.com/locky-ransomware-drops-offline-mode
23. September
27, U.S. Department of Justice – (International) American
living in Australia charged in securities fraud case involving scheme to
fraudulently inflate by nearly $100 million the cost of Santa Monica software
company being purchased by Computer Sciences Corp. A former executive at
Commonwealth Bank of Australia (CBA) was charged September 26 after he and
several co-conspirators in Australia and the U.S. allegedly defrauded Computer
Sciences Corporation (CSC) out of $98 million by inflating revenues for
ServiceMesh, Inc., a Santa Monica, Californa-based cloud computer management
software company that CSC planned to purchase from 2013 – 2014. The charges
also allege that CBA employees received more than $630,000 in undisclosed
kickbacks from a senior executive of ServiceMesh, Inc. involved in the scheme.
Communications Sector
Nothing to report