September 21, 2017
North Korean Ships May be Undermining Sanctions – North Korea and Russia
At least eight North Korean ships that left Russia with a cargo of fuel this year headed for their homeland despite declaring other destinations, a ploy that U.S. officials say is often used to undermine sanctions. Reuters has no evidence of wrongdoing by the vessels, whose movements were recorded in Reuters ship-tracking data. Changing a ship’s destination once underway is not forbidden and it is unclear whether any of the ships unloaded fuel in North Korea. But U.S. officials say that changing destination mid-voyage is a hallmark of North Korean state tactics to circumvent the international trade sanctions imposed over Pyongyang’s nuclear weapons program. Changing course and the complex chain of different firms --many offshore -- involved in shipments can complicate efforts to check how much fuel is supplied to North Korea and monitor compliance with a cap on fuel imports under U.N. sanctions.
Attackers Use Undocumented MS Office Feature to Leak System Profile Data – Global
An undocumented Microsoft Office feature allows attackers to gather sensitive configuration details on targeted systems simply by tricking recipients to open a specially crafted Word document—no VBA macros, embedded Flash objects or PE files needed. The undocumented feature is being used by adversaries, according to Kaspersky Lab researchers, as part of a multistage attack that first involves gathering the system configuration data on targeted systems. “This code effectively sent information about the software installed on the victim machine to the attackers, including info about which version of Microsoft Office was installed,” wrote Kaspersky Lab researchers in a blog post Monday explaining their research. The feature is present in Word for Windows as well as on Microsoft Office for iOS and in Microsoft Office for Android. Researchers say they have observed several spear phishing campaigns containing the malicious attachments that are laying the groundwork for future attacks using this technique.
Twitter Banned Almost One Million Accounts Over the Last 2 Years for Promoting Terrorism – Global
Twitter has banned almost 1 million accounts over the last two years for the promotion of terrorism. The social network said that its internal controls are allowing it to weed out accounts being used for "promotion of terrorism" earlier rather than responding to government requests to close them down. US and European governments have been pressuring social media companies including Twitter, Facebook, and Alphabet's Google to fight harder against online radicalization, particularly by violent Islamist groups. In its eleventh Transparency Report, published on Tuesday, Twitter said it had removed 299,649 accounts in the first half of this year for the "promotion of terrorism," a 20% decline from the previous six months. Three-quarters of those accounts were suspended before posting their first tweet. Less than 1% of account suspensions were due to government requests, the company said, while 95% were thanks to Twitter's internal efforts to combat extremist content with "proprietary tools," up from 74% in the last transparency report. Between August 1, 2015 and June 30, 2017, the social network suspended 935,897 accounts for the promotion of terrorism, it said.
FOR MORE INFORMATION:
To sign up for the complete daily G4S Corporate Risk Services Intelligence Bulletin, as well as regular intelligence and risk updates and news, click here to subscribe!