September 22, 2017

  • 22 Sep 2017 16:50
Intelligence has the ability to save lives and prevent disasters with the ultimate purpose of educating the public. This awareness bulletin transmits alerts regarding current and future threats to North America.
Daily Intelligence Report

China's Central Bank Tells Banks to Stop Doing Business with North Korea

China's Central Bank Tells Banks to Stop Doing Business with North Korea – China and North Korea

China’s central bank has told banks to strictly implement United Nations sanctions against North Korea, four sources told Reuters, amid U.S. concerns that Beijing has not been tough enough over Pyongyang’s repeated nuclear tests. Tensions between the United States and North Korea have ratcheted up after the sixth and most powerful nuclear test conducted by Pyongyang on Sept. 3 prompted the United Nations Security Council to impose further sanctions last week. Chinese banks have come under scrutiny for their role as a conduit for funds flowing to and from China’s increasingly isolated neighbor. The sources said banks were told to stop providing financial services to new North Korean customers and to wind down loans with existing customers, following tighter sanctions against Pyongyang by the United Nations.

Read the article More Info Back to Top

The U.S. Securities and Exchange Commission Reveals EDGAR Database Was Hacked

The U.S. Securities and Exchange Commission Reveals EDGAR Database Was Hacked – United States

Following months of public revelations about security breaches big and small, the U.S. Securities and Exchange Commission (SEC) announced that hackers had previously breached its own cache of files on publicly traded companies, possibly leading to their illegal profit. Late Wednesday, SEC Chairman Jay Clayton released an eight-page statement on cybersecurity that describes a 2016 system breach of EDGAR, a platform which pools detailed financial reports on publicly traded companies that they're required by law to release. According to Clayton, the company didn't discover until last month that the breach could have provided the information needed to make illegal trades. He said the hack resulted from a "software vulnerability" in the system's test-filing component that "[was] exploited and resulted in access to nonpublic information.” Clayton also commented, “Notwithstanding our efforts to protect our systems and manage cybersecurity risk, in certain cases cyber threat actors have managed to access or misuse our systems.”

Read the article More Info Back to Top

Malware Uses Security Cameras with Infrared Capabilities to Steal Data

Malware Uses Security Cameras with Infrared Capabilities to Steal Data – Global

Proof-of-concept malware created by a team of Israeli researchers uses the infrared capabilities of modern security cameras as a channel for data exfiltration, but also to receive new commands from its operators. Named aIR-Jumper, the malware is meant to be installed on computers that interact with security surveillance cameras/software, or on a computer in the same network with the camera, so the attacker can have a way to hack his way into the device. The malware works by taking data collected from an infected computer, breaking it down into binary ones and zeros, and leveraging the camera's API make the device's infrared LEDs blink, using this mechanism as a way to exfiltrate data from an infected network. An attacker sitting in the range of the security camera's infrared LED will be able to record the blinking and use special software that reconstructs the blinks and pauses into the ones and zeros of the stolen data. Similarly, an attacker can use an infrared LED to send new commands to a security camera inside an infected network. The malware can watch the camera's video feed, detect infrared LED transmissions at preset time intervals, and convert the incoming blinks into new commands it has to execute. Surveillance and security cameras are equipped with infrared LEDs as a way to enable night vision. Because infrared light is imperceptible to the human eye, any communications to and from the compromised network are invisible to all bystanders.

Read the article More Info Back to Top

FOR MORE INFORMATION:

To sign up for the complete daily G4S Corporate Risk Services Intelligence Bulletin, please subscribe.

 

If you need immediate assistance from G4S Corporate Risk Services or would like to learn more, please email G4SIntelligence@usa.g4s.com or call 800.275.8310.

-

SUBSCRIBE TODAY!

.

Subscribe