Complete DHS Report for November 8, 2016
Daily Report
Top Stories
• An emeritus professor in Rochester, New York, pleaded guilty
November 4 for allegedly concealing $200 million worth of assets from the U.S.
Internal Revenue Service in offshore accounts at a Zurich, Switzerland-based
bank. – Bloomberg See item 2 below in the Financial Services Sector
• Highway 99 in Modesto, California, was closed for more than 14
hours November 5 while crews worked to clean up roughly 8,000 gallons of
gasoline and diesel fuel that spilled after a fuel tanker veered off the
roadway and overturned. – Modesto Bee
8. November 5, Modesto
Bee – (California) Highway 99 gas tanker crash snarls Modesto traffic,
lanes reopen 14 hours later. Both directions of Highway 99 in Modesto,
California, were closed for more than 14 hours November 5 while crews worked to
clean up roughly 8,000 gallons of gasoline and diesel fuel that spilled after a
fuel tanker veered off the roadway and overturned. The accident remains under
investigation and the driver of the tanker truck was transported to an area
hospital.
• Officials from Greenville Health System’s Carolina Cardiology
Consultants announced November 4 that it notified around 2,500 patients of a
potential data breach after the patients’ records were improperly downloaded by
a former employee of Ambucor Health Solutions. – Greenville Upstate Business
Journal
16. November 4,
Greenville Upstate Business Journal – (South Carolina) Data breach
affects 2,500 GHS patients. Officials from Greenville Health System’s
Carolina Cardiology Consultants announced November 4 that it notified around
2,500 patients of a potential data breach after the patients’ records
containing personal information were improperly downloaded by a former employee
of Ambucor Health Solutions, a company providing remote-monitoring services for
cardiac devices. Ambucor officials did not believe the personal data was
misused.
• Authorities are investigating the cause of an apartment fire in
Salt Lake City that injured 3 people, displaced 40 others, and caused an
estimated $300,000 in damages November 7. – KSTU 13 Salt Lake City
22. November 7, KSTU 13
Salt Lake City – (Utah) Three injured, 40 displaced after large
apartment fire in Salt Lake City. Authorities are investigating the cause
of an apartment fire in Salt Lake City that injured 3 people, displaced 40
others, and caused an estimated $300,000 in damages November 7. The cause of
the fire remains under investigation. Source: http://fox13now.com/2016/11/07/two-injured-40-evacuated-after-large-apartment-fire-near-trolley-square/
Financial Services Sector
2. November 4, Bloomberg –
(International) Credit Suisse said to hold accounts for latest U.S. tax
felon. An emeritus professor in Rochester, New York, pleaded guilty
November 4 for allegedly concealing $200 million worth of assets from the U.S.
Internal Revenue Service through offshore accounts at a Zurich,
Switzerland-based bank, and filing false tax returns from 2008 – 2014 that
failed to disclose his earnings from his Swiss bank accounts. The professor
agreed to pay the U.S. Government a $100 million penalty for neglecting to file
Reports of Foreign Bank and Financial Accounts (FBARs) until 2011, including
fraudulent ones from 2012 – 2013. Source: http://www.bloomberg.com/news/articles/2016-11-04/ex-professor-pleads-guilty-to-hiding-200-million-from-irs
Information Technology Sector
19. November 7,
SecurityWeek – (International) Critical privilege escalation flaws found
in MySQL. Oracle Corporation released updates for its MySQL database
management systems after a security researcher discovered an arbitrary code
execution flaw and race condition issue in MySQL that a malicious actor could
chain together to escalate privileges to root and fully compromise a targeted
system. Percona released an update for its Percona Server for MySQL and Percona
XtraDB cluster to address the same vulnerabilities in its software, and MariaDB
released a patch for the race condition flaw in its software.
20. November 5,
SecurityWeek – (International) Android spyware targets executives. Security
researchers form Skycure discovered an Android spyware, dubbed Exaspy could be
leveraged to access a victim’s chats and messages, record audio during calls or
in the background, take screenshots, and collect contact lists and call logs,
among other malicious actions. The researchers found that the malware required
physical access to a targeted device for installation, and once installed, the
app runs under the name Google Services, disguising itself as the legitimate
Google Play Services. Source: http://www.securityweek.com/android-spyware-targets-executives
Communications Sector
Nothing to report