Complete DHS Report for October 26, 2016
Daily Report
Top Stories
• Officials announced October 24 that Embraer S.A. agreed to pay
over $205 million to resolve alleged violations of the Foreign Corrupt
Practices Act after its U.S.-based subsidiary paid bribes to foreign government
representatives in order to win contracts in those countries. – U.S.
Securities and Exchange Commission See item 2 below in the Financial Services Sector
• The president of TelexFree, Inc., pleaded guilty October 24 to
operating a pyramid scheme that bilked over $3 billion from roughly 965,000
investors in 240 countries from February 2012 – April 2014. – U.S. Attorney’s
Office, District of Massachusetts See item 3 below in the Financial Services Sector
• Fresno, California city officials awarded an $18.2 million
contract to Floyd Johnston Construction Company Inc. the week of October 17 to
build the A-2 segment, a 4-mile section of water mains that will connect the
city’s water system to the Southeast Surface Water Treatment Plant. – Fresno
Bee
8. October 24, Fresno Bee
– (California) Fresno starts work on pipes to connect new southeast
water plant. City officials in Fresno, California, awarded an $18.2 million
contract to Floyd Johnston Construction Company Inc. the week of October 17 to
build the A-2 segment, a 4-mile section of water mains that will connect the
city’s water system to the Southeast Surface Water Treatment Plant being built
in southeast Fresno as part of the city’s $429 million Recharge Fresno plan.
Officials state that construction of the A-2 regional transmission pipeline
segment may begin by the end of 2016, and is expected to be completed in early
2018. Source: http://www.fresnobee.com/news/local/article110235877.html
• Around 50 people were evacuated from a Bellevue, Washington
condo complex October 24 due to a fire that prompted the response of over 24
firefighters. –
15. October 24, KOMO 4
Seattle – (Washington) 4 injured as fire guts condo complex near
downtown Bellevue. Around 50 people were evacuated from a Bellevue,
Washington condominium complex October 24 following a 2-alarm fire that
prompted the response of more than 2 dozen firefighters. Four people were injured
and the cause of the fire remains under investigation. Source: http://komonews.com/news/local/firefighters-battling-2-alarm-fire-in-downtown-bellevue
Financial Services Sector
2. October 24, U.S.
Securities and Exchange Commission – (International) Embraer paying $205
million to settle FCPA charges. The U.S. Securities and Exchange
Commission, in collaboration with the U.S. Department of Justice and Brazilian
authorities announced October 24 that Embraer S.A. agreed to pay over $205
million to resolve alleged violations of the Foreign Corrupt Practices Act
after the company made more than $83 million in profits as a result of bribe
payments its U.S.-based subsidiary paid through third-party agents to foreign
government representatives in the Dominican Republic, Saudi Arabia, and
Mozambique in order to win contracts in those countries. Officials stated
Embraer allegedly created false records and books, and participated in an
accounting scheme in India to conceal the illicit payments. Source: https://www.sec.gov/news/pressrelease/2016-224.html
3. October 24, U.S.
Attorney’s Office, District of Massachusetts – (International) President
of Telexfree pleads guilty to billion dollar pyramid scheme. The president of
TelexFree, Inc., pleaded guilty October 24 to operating a pyramid scheme that
bilked over $3 billion from roughly 965,000 investors in more than 240
countries between February 2012 and April 2014 by recruiting participants to
make continuous payments to TelexFree to be promoters for the company and sell
Voice-over-Internet Protocol (VoIP) telephone services, and giving participants
substantial monetary incentives for recruiting others to join the scheme. The
charges state that the participants met their sales requirements by buying the
products themselves, thereby creating the illusion that TelexFree had thousands
of legitimate VoIP customers, while the company only derived two percent of its
total revenue from VoIP service sales. Source: https://www.justice.gov/usao-ma/pr/president-telexfree-pleads-guilty-billion-dollar-pyramid-scheme
Information Technology Sector
11. October 25,
SecurityWeek – (International) Android root exploits abuse Dirty COW vulnerability.
Security researchers found that the Dirty COW Linux kernel vulnerability
disclosed the week of October 17 can be exploited by a local attacker to
escalate privileges to root on Android devices running a Linux kernel higher
than 2.6.22 and to compromise an entire system by altering the copy-on-write
cache provided by the kernel to change what the system and apps see when reading
the affected files. NowSecure researchers stated in order to exploit the
vulnerability, an attacker must run code on the device via the Android Debug
Bridge (ADB) over universal serial bus (USB) or by installing an app that
leverages the exploit. Source: http://www.securityweek.com/android-root-exploits-abuse-dirty-cow-vulnerability
12. October 25,
SecurityWeek – (International) Researchers leverage voicemail flaw to
compromise messaging apps. InTheCyber security researchers discovered a
voicemail caller-ID spoofing flaw could be leveraged to steal activation codes
sent by messaging applications such as Telegram, WhatsApp, and Signal and
compromise accounts after finding that an automated call leaves the account
activation code in a user’s voicemail if the code sent via text message is not
promptly inputted into the app. Once the activation code has reached a victim’s
voicemail, the attacker can spoof their caller ID to impersonate the victim in
order to access the targeted voicemail and activation code. Source:
http://www.securityweek.com/researchers-leverage-voicemail-flaw-compromise-messaging-apps
13. October 24,
SecurityWeek – (International) Russian man accused of hacking LinkedIn,
Dropbox. A Russian national was arrested in the Czech Republic October 5
and indicted on Federal charges in the U.S. October 21 for his alleged role in
the 2012 LinkedIn, Formspring, and Dropbox breaches. Officials reported that
the Dropbox hack has affected more than 68 million accounts and all 3 hacks
were carried out after attackers stole employee credentials. Source: http://www.securityweek.com/russian-man-accused-hacking-linkedin-dropbox
Communications Sector
See item 3 above in Top Stories and 12 above in the Information Technology
Sector