Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack — Krebs on Security

I find it hilarious that AmeriKKa doesn’t recognize China is their biggest threat and enemy… who they owe money AND outsourced our middle class to in the 90s & 00s…..

The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm.

Continue reading

Decrypted: How a teenager hacked Twitter, Garmin’s ransomware aftermath | TechCrunch

So much for security lol This is what happens when u don’t hire qualified techs, and hire your buddies…. smmfh

 

17-year-old Florida teenager is accused of perpetrating one of the year’s biggest and most high-profile hacks: Twitter.

A federal 30-count indictment filed in Tampa said Graham Ivan Clark used a phone spearphishing attack to pivot through multiple layers of Twitter’s security and bypassed its two-factor authentication to gain access to an internal “admin” tool that let the hacker take over any account. With two accomplices named in a separate federal indictment, Clark — who went by the online handle “Kirk” — allegedly used the tool to hijack the accounts of dozens of celebrities and public figures, including Bill Gates, Elon Musk and former president Barack Obama, to post a cryptocurrency scam netting over $100,000 in bitcoin in just a few hours.

It was, by all accounts, a sophisticated attack that required technical skills and an ability to trick and deceive to pull off the scam. Some security professionals were impressed, comparing the attack to one that had the finesse and professionalism of a well-resourced nation-state attacker.

But a profile in The New York Times describes Clark was an “adept scammer with an explosive temper.”

In the teenager’s defense, the attack could have been much worse. Instead of pushing a scam that promised to “double your money,” Clark and his compatriots could have wreaked havoc. In 2013, hackers hijacked the Associated Press’ Twitter account and tweeted a fake bomb attack on the White House, sending the markets plummeting — only to quickly recover after the all-clear was given.

But with control of some of the world’s most popular Twitter accounts, Clark was for a few hours in July one of the most powerful people in the world. If found guilty, the teenager could spend his better years behind bars.

Decrypted: How a teenager hacked Twitter, Garmin’s ransomware aftermath | TechCrunch

Military Confirms It Looked for Availability of ‘Heat Ray’ System in D.C. : NPR

They been waiting to try this shit out on the masses…. be informed, and stay ready….

Col. Robert Phillips, a spokesperson for the Joint Force Headquarters-National Capitol Region (JFHQ-NCR) said the inquiry was made “as a matter of due diligence and prudent military planning.”

A spokesperson for Joint Forces Headquarters Command in D.C. confirmed to NPR that hours before federal police officers cleared a crowded park near the White House with smoke and tear gas on June 1, a military police staff officer asked if the D.C. National Guard had a kind of “heat ray” weapon that might be deployed against demonstrators in the nation’s capital.

The command “inquired informally about capabilities across the full-spectrum of non-lethal systems, to include the Long Range Acoustic Device (LRAD) and Active Denial System (ADS),” Phillips told NPR in a written statement. “JFHQ-NCR does not possess these systems, did not request such systems, and no further action was taken as a result of the officer’s E-Mail query.”

The response from JFHQ-NCR comes hours after NPR obtained and published written responses to the House Committee on Natural Resources from Maj. Adam DeMarco of the D.C. National Guard who revealed he had been copied on an email from the provost marshal of Joint Force Headquarters. The email said the top military policemen in D.C. was looking for two things: a Long Range Acoustic Device, a kind of sound cannon known as an LRAD, and a device called the Active Denial System, or ADS.

The military developed the ADS some 20 years ago as a way to disperse crowds. There have been questions about whether it worked, or should be deployed in the first place. It uses millimeter wave technology essentially to heat the skin of people targeted by its invisible ray.

In his written response, DeMarco, who has sought whistleblower protection, quoted from an email he said was forwarded to him that originated from the provost marshal that read the “ADS can provide our troops a capability they currently do not have, the ability to reach out and engage potential adversaries at distances well beyond small arms range, and in a safe, effective, and non-lethal manner.”

DeMarco Response to Committee QFRs

The email went on to say that the ADS can direct a beam toward a group and that “provides a sensation of intense heat on the surface of the skin. The effect is overwhelming, causing an immediate repel response by the targeted individual.”

Last month, The New York Times reported that U.S. border officials weighed deploying the so-called heat ray against migrants a few weeks before the 2018 elections. The Times reported that Kirstjen Nielsen, then secretary of homeland security, told an aide after the meeting “that she would not authorize the use of such a device, and that it should never be brought up again in her presence.”

Yet, according to DeMarco, it was something considered by the Defense Department’s lead military police officer the morning of June 1 after days of fiery protests and looting in Washington. DeMarco said in his written comments that he responded about a half hour later that “the D.C. National Guard was not in possession of either an LRAD or an ADS.”

The Active Denial System, or ADS, is mounted on a truck, and when it is aimed at an individual it gives the unpleasant sensation of heat or burning on the skin.Paul J. Richards/AFP via Getty Images

Sound cannon

The second piece of equipment DeMarco said they asked for was a kind of sound cannon called an LRAD. NPR reported last week that by not using one, authorities may have violated court-ordered regulations that spell out how demonstrators in the nation’s capital are to be warned before aggressive tactics are used against them.

Attorneys who helped write the agreed-upon rules as part of a 2015 settlement agreement said federal police are required to warn large crowds multiple times they need to disperse, and they must do so loudly enough that the orders can be heard for blocks. That’s how an LRAD would be used in this case. The LRAD emits a piercing noise and then can broadcast a voice or a recording at a deafening level. The idea is to allow people at the back of a crowd to hear instructions.

That notice did not appear to happen on June 1. Protesters who were there said police advanced through the crowd with little warning, firing tear gas and smoke canisters shortly before President Trump appeared outside for a photograph in front of St. John’s Episcopal Church.

“They have an obligation to notify that group that they are in violation of the law and to give them the opportunity to comply with a lawful order,” said Mara Verheyden-Hilliard, who helped write the settlement agreement. In a class-action lawsuit, she represented demonstrators, tourists and passersby who were arrested during a 2002 demonstration against the International Monetary Fund and World Bank in Washington.

Gregory Monahan, acting chief of U.S. Park Police, told lawmakers in July that his officers had abided by the rules in that agreement. “The protocol was followed,” he said during sworn testimony before the House Committee on Natural Resources in July. “There were three warnings given and they were given utilizing a Long Range Acoustic Device; it’s called an LRAD, that’s what it stands for, that was the device used.”

DeMarco said in his written answers to the committee that the National Guard “was not in possession” of an LRAD that day.

“There is zero evidence that there were any officers who can testify that they were in the farthest reaches of the crowd,” Verheyden-Hilliard said. “There has to be documentation that the notice was given multiple times, and there are supposed to be recordings made that the notice was given. We wrote all these in specifically for this reason. In fact, unfortunately, it would appear in anticipation of what happened in Lafayette Park.”

A U.S. Park Police spokesman told NPR that Monahan “stands by his testimony to the committee.” The official said because of ongoing litigation the U.S. Park Police couldn’t comment further.

NPR’s Meg Anderson and Barbara Van Woerkom contributed to this report.

Military Confirms It Looked for Availability of ‘Heat Ray’ System in D.C. : NPR

Maxoak Bluetti EB240: Massive Battery Storage, Budget Price

This would be a good investment… there is a contest to win one at the original link

If like me, you’re feeling a prescient need to drop off-grid before the proverbial really hits the fan, there are many things you need to prepare for. Food, water, security, and almost certainly your own source of power. Continue reading