Page 12«..11121314..2030..»

Category Archives: NSA

Jesus, endless war and the irresistible rise of American fascism – Salon

Posted: May 11, 2022 at 11:40 am

The Democratic Party which had 50 years to writeRoe v. Wadeinto law with Jimmy Carter, Bill Clinton and Barack Obama in full control of the White House and Congress at the inception of their presidencies is banking its electoral strategy around the expected Supreme Court decision to lift the judicial prohibition on the ability of states to enact laws restricting or banning abortions.

I doubt it will work.

The Democratic Party's hypocrisy and duplicity is the fertilizer for Christian fascism. Its exclusive focus on the culture wars and identity politics at the expense of economic, political and social justice fueled a right-wing backlash and stoked the bigotry, racism and sexism it sought to curtail. Its opting for image over substance, including its repeated failure to secure the right to abortion, left the Democrats distrusted and reviled.

The Biden administration invited Amazon Labor Union president Christian Smalls and union workers from Starbucks and other organizations to the White House at the same time it re-awarded a $10 billion contract to the union-busting Amazon and the National Security Agency (NSA) for cloud computing. The NSA contract is one of 26 federal cloud computing contracts Amazon has with the U.S. Army and Air Force, the Department of Health and Human Services, the Department of Homeland Security, the Department of the Interior, and the Census Bureau. Withholding the federal contracts until Amazon permitted free and open union organizing would be a powerful stand on behalf of workers, still waiting for the $15 minimum wage Joe Biden promised as a candidate. But behind the walls of the Democratic Party's Potemkin village stands the billionaire class. Democrats have failed to address the structural injustices that turned America into an oligarchic state, where the obscenely rich squabble like children in a sandbox over multibillion-dollar toys. The longer this game of political theater continues, the worse things will get.

RELATED:Democracy vs. fascism: What do those words mean and do they describe this moment?

The Christian fascists have coalesced in cult-like fashion around Donald Trump. They are bankrolled by the most retrograde forces of capitalism. The capitalists permit the stupidities of the Christian fascists and their self-destructive social and cultural wars. In exchange, the billionaire class gets corporate monopolies, union-busting, privatized state and municipal services, including public education, revoked government regulations, especially environmental regulation, and are free to engage in a virtual tax boycott.

The war industry loves the Christian fascists who turn every conflict from Iraq to Ukraine into a holy crusade to crush the latest iteration of Satan. The Christian fascists believe military power, and the "manly" virtues that come with it, are blessed by God, Jesus and the Virgin Mary. No military budget is too big. No war waged by America is evil.

The Democrats' hypocrisy and stupidity are the fertilizer for Christian fascism, which is bankrolled by the most retrograde forces of capitalism in exchange for the destruction of the welfare state.

These Christian fascists make up perhaps 30% of the electorate, roughly equivalent to the percentage of Americans who believe abortion is murder. They are organized, committed to a vision, however perverse, and awash in money. John Roberts, Samuel Alito, Amy Coney Barrett, Clarence Thomas, Neil Gorsuch and Brett Kavanaugh, mediocre jurists and Federalist Society ideologues who carry the banner of Christian fascism, control the Supreme Court.

Establishment Republicans and Democrats, like George Armstrong Custer on Last Stand Hill, have circled the wagons around the Democratic Party in a desperate bid to prevent Trump, or a Trump mini-me, from returning to the White House. They and their allies in Silicon Valley are using algorithms and overt de-platforming to censor critics from the left and the right, foolishly turning figures like Trump, Alex Jones and Marjorie Taylor Greene into martyrs. This is not a battle over democracy, but the spoils of power waged by billionaires against billionaires. No one intends to dismantle the corporate state.

The ruling class in both parties told lies about NAFTA, trade deals, "reforming" welfare, abolishing financial regulations, austerity, the Iraq war and neoliberalism that did far more damage to the American public than any lie told by Trump. The reptilian slime oozes out of every pore of these politicians, from Nancy Pelosi and Chuck Schumer to Biden, who backed the 1976 Hyde Amendment banning federal funding of abortions and in 1982 voted to support a constitutional amendment that would allow states to overturnRoe v. Wade. Their hypocrisy is not lost on the public, even with their armies of consultants, pollsters, courtiers in the press, public relations teams and advertising agencies.

Want a daily wrap-up of all the news and commentary Salon has to offer? Subscribe to our morning newsletter, Crash Course.

Marjorie Taylor Greene is clueless and unhinged. She claims Hillary Clinton was involved in a child mutilation and a pedophilia ring and several high-profile school shootings were staged. But weaponized, like Trump, she is a political cruise missile aimed straight at the heart of the discredited centers of traditional power.

Hate is the fuel of American politics. No one votes for who they want. They vote against those they hate. Black and brown marginal communities have suffered worse assaults than the white working class, but they have been defanged politically with militarized police that function as internal armies of occupation. The erosion of due process, the world's largest prison system and the stripping away of all rights, often including voting rights because of felony convictions, as well as a loss of access to most social services and jobs, have reduced many Black and brown people to subsistence level on the lowest rung of America's caste system. They are also the primary targets of Republican-sponsored voter suppression and redistricting.

The glue holding this Christianized fascism together is not prayer, although we will get a lot of that, but war. War is the raison d'tre of all systems of totalitarianism. War justifies a constant search for internal enemies. It is used to revoke basic civil liberties and impose censorship. War demonizes those in the Middle East, Russia or China who are blamed for the economic and social debacles that inevitably get worse. War diverts the rage engendered by a dysfunctional state towards immigrants, people of color, feminists, liberals, artists, anyone who does not identify as a heterosexual, the press, antifa, Jews, Muslims, Russians or Asians. Take your pick. It is a bigot's smorgasbord. Every item on the menu is fair game.

I spent two years with the Christian right reporting and researching my book "American Fascists: The Christian Right and the War on America." These Christian fascists have never hidden their agenda or their desire to create a "Christian" nation, any more than Adolf Hitler hid his demented vision for Germany in "Mein Kampf." They prey, like all fascists, on the despair of their followers. They paint gruesome portraits of the end times. when the longed-for obliteration of nonbelievers presages the glorious return of Jesus Christ. The battle at Armageddon, they believe, will be launched from the Antichrist's worldwide headquarters in Babylon once the Jews again have control of Israel. The closer we get to Armageddon, the giddier they become.

These people believe this stuff, as they believe in QAnon or the election fraud that supposedly put Biden in office. They are convinced that a demonic, secular-humanist ideology propagated by the media, the United Nations, elite universities, the ACLU, the NAACP, NOW, Planned Parenthood and the Trilateral Commission, along with the U.S. State Department and major foundations, is seeking to destroy them.

The Christian fascists do not fear nuclear war. They welcome it. The marriage of the forever-war industry with the Christian fascists who yearn for apocalypse is terrifying.

Violence is embraced as a cleansing agent, a key component of any fascist movement. The Christian fascists do not fear nuclear war. They welcome it. The insane provocations of Russia by the Biden administration, including the decision to provide $33 billion in assistance to Ukraine, target 10 Russian generals for assassination and pass on to Ukraine the intelligence to sink the Moskva, the guided missile cruiser that was the flagship of the Russian Black Sea fleet, supercharges the ideology of the Christian right. The marriage of the war industry, determined to make war forever, with the Christian fascists yearning for the apocalypse is terrifying. Biden is sleepwalking us into a war with Russia and perhaps with China. The Christian fascists will accelerate the bloodlust.

The political deformities we have spawned are not unique. They are the product of a society and government that no longer functions on behalf of the citizenry, one that has been seized by a tiny cabal, in our case corporate, to serve its exclusive interests. The airy promises politicians make, including the announcement by candidate Barack Obama that the first thing he would do in office was sign theFreedom of Choice Act, which during his eight years as president he never got around to doing, are worthless. The scheduled vote next week in the Senate on a bill asserting that abortions are legal in the United States, which is expected to be blocked by the Republicans' use of the filibuster, a Senate procedural rule that requires 60 votes to advance most legislation in the 100-member chamber, is another empty gesture.

We saw the consequences of this dysfunction in Weimar Germany and Yugoslavia, a conflict I covered for the New York Times. Political stagnation and economic misery breeds rage, despair and cynicism. It gives rise to demagogues, charlatans and con artists. Hatred drives political discourse. Violence is the primary form of communication. Vengeance is the highest good. War is the chief occupation of the state. It is the vulnerable and weak who pay.

Read more from Chris Hedges on war, peace and the global crisis of democracy:

See the rest here:
Jesus, endless war and the irresistible rise of American fascism - Salon

Posted in NSA | Comments Off on Jesus, endless war and the irresistible rise of American fascism – Salon

Office of the National Cyber Director names three new senior leaders – The Record by Recorded Future

Posted: at 11:40 am

The White House on Tuesday announced three key hires for its nascent Office of the National Cyber Director (ONCD), tapping a Microsoft executive, CIA official and cyber policy expert to help unify the governments response to major cyberattacks.

Kemba Walden, who previously served as an assistant general counsel in Microsofts Digital Crimes Unit, will serve in the coming weeks as ONCDs principal deputy national cyber director. Before joining Microsoft, she spent a decade working in government roles, including as a cybersecurity attorney for the Cybersecurity and Infrastructure Security Agency.

The White House also announced two deputy national cyber directors for the ONCD: Neal Higgins, a former associate deputy director for digital innovation at the CIA, will oversee national cybersecurity, while Rob Knake, a policy expert who served in the cyber directorate at the National Security Council during the Obama administration, will handle strategy and budget. Both Higgins and Knake have already assumed their roles at ONCD, the White House said.

The @WH_ONCD team is looking forward to welcoming @KembaWalden as the 1st Principal Deputy National Cyber Director. With extensive experience in the public & private sectors, she'll be a key leader in our office as we strengthen our nations cybersecurity. https://t.co/BTtlYrSueU

As we continue to build this new office, the additions of Kemba, Neal, and Rob will accelerate our efforts to protect Americans in cyberspace, National Cyber Director Chris Inglis said in a statement. Each of these leaders brings impressive experience in cybersecurity policy making to our team, and their diverse perspectives will be invaluable as we strengthen our collective defense.

The ONCD, which was established in 2021 through the National Defense Authorization Act, advises the president on cybersecurity policy and strategy, and also plays a key role in working with the private sector and international organizations on cybersecurity matters.

The Biden administration so far has tasked the Office with four principal outcomes: ensuring federal coherence on cybersecurity strategy, improving public-private collaboration, aligning resources to aspirations and increasing present and future resilience.

The hirings announced Tuesday represent three of the most senior appointments for ONCD as the Office takes shape. Chris Inglis, a former NSA deputy director who was sworn in to lead ONCD last July, was authorized by Congress to hire up to 75 staffers, according to Politico. In March, SC Media reported that ONCD currently has about 30 employees on staff.

Adam is the founding editor-in-chief of The Record by Recorded Future. He previously was the cybersecurity and privacy reporter for Protocol, and prior to that covered cybersecurity, AI, and other emerging technology for The Wall Street Journal.

Read this article:
Office of the National Cyber Director names three new senior leaders - The Record by Recorded Future

Posted in NSA | Comments Off on Office of the National Cyber Director names three new senior leaders – The Record by Recorded Future

NSA, Cyber Command tap new election security leaders – The Record by Recorded Future

Posted: May 9, 2022 at 9:04 pm

NASHVILLE U.S. Cyber Command and the National Security Agency have named the newest leaders of a joint election security task force that will play a central role in keeping the 2022 midterm elections free of foreign interference.

The task force, originally dubbed the Russia Small Group, was established in 2018 by Army Gen. Paul Nakasone, who helms both Cyber Command and the NSA, to protect the 2018 midterms from meddling by Moscow.

It was rechristened the Election Security Group (ESG) ahead of the 2020 presidential election, and its mandate was tweaked to include threats from countries including China, North Korea, and Iran, as well as non-state actors.

The band is already back together, Nakasone said Wednesday at Vanderbilt Universitys Summit on Modern Conflict and Emerging Threats, noting the groups scope had been changed because we have broader issues than just one nation.

Were less than 200 days before our nation goes to vote for our midterm elections, Nakasone added. And I assure you that we are ready, we will be ready, going forward.

The latest incarnation of the team, which began work in late 2021, is headed by NSA Senior Executive Anna Horrigan and Brig. Gen. Victor Macias, the deputy chief of the Cyber National Mission Force (CNMF), an ESG spokesperson told The Record.

The groups ultimate goal is to detect, defend against, deter, and disrupt foreign interference and foreign malign influence to ensure safe and secure the upcoming election, the spokesperson added.

In the past, the group has served as a farm team for top national security officials in the federal government.

In 2018, for example, the team was led by Anne Neuberger and then-Maj. Gen. Timothy Haugh of the Air Force. Nakasone selected Neuberger to be the first chief of the NSAs Cyber Directorate; she is currently President Joe Bidens deputy national security adviser for cyber and emerging technology. Haugh went on to receive his third star and command the Sixteenth Air Force (Air Forces Cyber), and last week he was nominated to be Nakasones new deputy.

Maj. Gen. William Hartman, who took over the CNMF after Haugh and served as Cyber Commands co-lead in 2020, said Russia continues to engage in election-related influence operations.

The Russians have remained motivated to attempt to execute influence operations, he told reporters during a roundtable discussion at the Vanderbilt summit.

He predicted Moscows influence efforts would increase due to the Kremlins invasion of Ukraine, because there will be a fair amount of domestically generated information that the Russians will freely amplify.

Hartman said the upcoming midterms also would differ from 2020 because its not a presidential election year. A U.S. intelligence community examination found that Russia tried again that year to help former President Donald Trump win the White House.

Its not that foreign adversaries wont attempt to potentially influence or interfere with the congressional election. But it was easier in 2020 because there were clear signals of nation-states, Hartman explained, adding that China has the capacity to become more aggressive from an influence standpoint.(Last month Nakasone testified that he had created another joint team, dubbed the China Outcomes Group, under Cyber Command and NSA leadership to ensure proper focus, resourcing, planning, and operations to meet this challenge.)

Hartman said officials have already noticed that the Internet Research Agency an entity notorious for trying to sow discord among Americans that Cyber Command knocked offline in the days around the 2018 midterms is active in different places right now.

Moscow aims to create doubt in our democratic process. Ultimately, thats what I think the Russians will be focused on, Hartman told reporters.

He stressed there were no indications in 2020, or during the current election cycle, that Russia launched a digital strike directly at the countrys voting systems.

I do expect that the U.S. would consider that some type of red line, Hartman said.

Martin is a senior cybersecurity reporter for The Record. He spent the last five years at Politico, where he covered Congress, the Pentagon and the U.S. intelligence community and was a driving force behind the publication's cybersecurity newsletter.

Continue reading here:
NSA, Cyber Command tap new election security leaders - The Record by Recorded Future

Posted in NSA | Comments Off on NSA, Cyber Command tap new election security leaders – The Record by Recorded Future

Spies on 10th Avenue The Secretive History of the NSA in the AT&T Building – W42ST magazine

Posted: at 9:04 pm

Its a fairly open secret that the US government is watching our every digital move (a special hello to the agent who tracks me Googling at what age do u feel like an adult on a daily basis!!). But for West Siders, the hawk-eyed surveillance falls even closer to home the National Security Agency (NSA) is said to be camping out right here on 10th Avenue at the AT&T Building.

Investigative publication The Intercept identified eight centers where an AT&T telecom facility was purported to be using their network equipment to help the NSA monitor billions of phone calls, emails, texts, and browsing sessions across the US. In addition to two facilities in New York (at AT&Ts 811 10th Avenue (corner of W53rd Street) and the supposed NSA comms center at 33 Thomas Street), Atlanta, Chicago, Dallas, Los Angeles, San Francisco and Seattle and Washington DC were also identified as hosting NSA surveillance hubs backed by the telecom company.

Hells Kitchens own personal espionage center was built in 1964 as an AT&T Switching Center (then known as New York Telecom Company) and New Yorks first telecom fortress by architecture firm Kahn and Jacobs. The 21-story building, which is actually the height of a 40-story structure due to larger-than-average floors, was designed to withstand nuclear damage it contains no windows and is significantly set back from the street, though that didnt stop a convertible from crashing into the building early last year.

Former AT&T engineer Thomas Saunders told The Intercept that by the 1970s the building was the largest communications hub in the country (the facility was upgraded in 2000 to become an internet data center) and due to its infrastructure, is considered to be one of the strongest buildings in the city. Saunders said that had former President George W Bush been in Manhattan on the day of the 9/11 attacks, he would have been taken to the windowless fortress for protection.

Bush himself was one of the arbiters of the NSAs notorious surveillance programs, after he ordered the agency to begin monitoring Americans international phone calls, emails, texts, and online chats in the aftermath of 9/11. Warrantless Wiretapping, as it was known, was processed through the 10th Avenue facility (as well as telecom centers throughout the country) without notice until The New York Times exposed the process in 2005 in a watershed expos.

Despite the fact that White House asked the Times not to publish their findings, the piece ran and created an uproar among critics like the American Civil Liberties Union and NYCLU who deemed the practice unconstitutional without proper warrants. Congress eventually made a case for warrantless wiretapping in 2008 and according to The Intercept, controversially authorized elements of the warrantless wiretapping program by enacting Section 702 of the Foreign Intelligence and Surveillance Act, or FISA.

Today, the Midtown West building is used to monitor emails, online chats, and browsing data (they know youve been holding those Gucci shoes in your Saks cart for two years, Maude). Its sister facility a windowless former AT&T building in TriBeCa that is said to house the NSA surveillance hub TITANPOINTE is used to tap into phone calls.

If you have taken this opportunity to shout Im not under surveillance, I have Verizon Wireless! we have some bad news for you AT&Ts long standing partnership with the NSA doesnt preclude other users from having their activity monitored. Partly chosen by the NSA for their extreme willingness to help, according to The Intercept, AT&T is the service of choice for the government agency due to the high volume of data it carries for other service providers. Known as backbone and peering facilities, when a specific area of the country is overloaded with data traffic, operators with large capacity such as AT&T are allowed to sell or exchange bandwidth, thereby carrying data from users across networks.

Alarmed?! So is Elizabeth Goitein, co-director of the Liberty and National Security Program at the Brennan Center for Justice, who told The Intercept: Its eye-opening and ominous the extent to which this is happening right here on American soil. It puts a face on surveillance that we could never think of before in terms of actual buildings and actual facilities in our own cities, in our own backyards.

Several former AT&T employees confirmed to The Intercept that the 10th Avenue building was indeed being used for surveillance purposes, with some recalling that they needed government security clearance and to pass a polygraph test in order to work for the telecom company.

The NSA, however, was slightly less forthcoming. Spokesperson Christopher Augustine said in a statement to The Intercept that the agency could neither confirm nor deny its role in alleged classified intelligence activities. Augustine additionally declined to confirm a partnership with the AT&T facilities, but added that the NSA conducts its foreign signals intelligence mission under the legal authorities established by Congress and is bound by both policy and law to protect US persons privacy and civil liberties.

If youre still searching for answers, you can always Google it repeatedly and see if an NSA agent reaches out! If youll excuse us, we need to clear our cookies

More:
Spies on 10th Avenue The Secretive History of the NSA in the AT&T Building - W42ST magazine

Posted in NSA | Comments Off on Spies on 10th Avenue The Secretive History of the NSA in the AT&T Building – W42ST magazine

Deputy NSA visits Tanzania to widen defence ties in Indian Ocean Region – Economic Times

Posted: at 9:04 pm

Deputy national security adviser Vikram Misri visited Tanzania this week to strengthen defence ties with one of India's key partners in Eastern Africa and Indian Ocean Region (IOR) through measures including export of defence products.

The two sides decided to boost bilateral defence ties, including capacity building, meeting Tanzania's defence requirements from India, besides agreeing to enhance maritime security cooperation, said officials.

Security partnership was a key element of Misri's talking points with the top leadership of Tanzania, which has a long coastline along the Indian Ocean Region, where India has been a net security provider.

Misri's visit comes in the backdrop of efforts by China to build more overseas military bases in the Indian Ocean Region. India has traditionally enjoyed close political relations with Tanzania. From the 1960s to the 1980s, the political relationship involved shared commitments to anti-colonialism, non-alignment as well as South-South Cooperation and close cooperation in international fora.

Continue reading here:
Deputy NSA visits Tanzania to widen defence ties in Indian Ocean Region - Economic Times

Posted in NSA | Comments Off on Deputy NSA visits Tanzania to widen defence ties in Indian Ocean Region – Economic Times

Amazon Is Busting Unions. Biden Is Giving Them Huge Federal Contracts Anyway. – Jacobin magazine

Posted: at 9:04 pm

The Biden administration has reawarded a massive $10 billion federal contract to Amazon, even as the president is facing mounting pressure to fulfill his promise to halt such contracts to companies that refuse to remain neutral in union elections. The contract decision came as Amazon responded to its workers first successful union drive by busting the organizing drive that followed.

At issue is Joe Bidens 2020 promise to ensure federal contracts only go to employers who sign neutrality agreements committing not to run anti-union campaigns.

Amid revelations of Amazonsaggressiveefforts to shut down a union drive among its workers, Senator Bernie Sanders (I-VT) last month sent a letter to Biden asking him to fulfill that promise . . . to make sure that federal dollars do not flow into the hands of unscrupulous employers who engage in union-busting, participate in wage theft, or violate labor law.

A day later,Nextgovreported that Bidens National Security Agency (NSA) ratified a $10 billion cloud computing contract for Amazon, which hired the brother of Bidens top aide as a lobbyistdays after the 2020 presidential election. The contract for the companys web services division is code-named Wild and Stormy, and is distinct from another massive Pentagon cloudcontracton which Amazon is also currently bidding.

A few days after Amazonreceived the NSA contract, the Amazon Labor Union lost its second union election bid by a two to one margin at another Staten Island warehouse, after Amazon mounted a furious campaignto halt the organizing drive.

In effect, while Amazon was doubling down on its union busting, the Biden administration was delivering a massive federal contract to the company, signaling to Amazon executives that he is so far not interested in fulfilling his pledge to use the governments purchasing power to be the most pro-union president.

Meanwhile in Congress, lawmakers are advancinglegislationthat could give Amazon new tax breaks and give $10 billion to company founder Jeff Bezoss space company. Most Democratic senators also voted Wednesday toreject a measure from Sanders demanding that tech companies that receive government subsidies remain neutral in union elections.

Amazon first received the NSA contract from the Biden administrationlast summer, months after Biden pledged to make such deals contingent on union neutrality. But the contract was soon challenged by Microsoft, which allegedthat its own competing proposal had not been properly evaluated.

In the interim, Biden could have signed an executive order to rescind such contracts for employers that do not remain neutral in union elections but he has declined to do so.

Now, his administration has gone a step further, ratifying the lucrative contract even as Amazon has been making international headlines trying to stop union drives at the company, as well as fieldingallegationsthat it has been violating labor law in the process.

The details of Amazons contract and the dispute will remain classified, due to anexemptionin public records laws for national security.

Bidens contract pledge underscored how much power federal, state, and local governments have in creating fair conditions for union elections. Major corporations rely on those governments for contracts and subsidies, giving public officials the power to make that money contingent on companies treating workers fairly.

The Amazon Web Services deal is a case in point. That division, which oversees its government contracting, fuels the companys overall profits. Indeed, the companyreceived double the amount of operating income from the division $18.53 billion of the rest of its sprawling North American operations. If Biden and state governments predicate their contracts on Amazon remaining neutral in union elections, it would force the company to choose between union busting and massive profits.

That was the core of Bidens 2020 campaign pledge.

Today, I am renewing my request to President Biden to fulfill that promise, Sanders said Thursday at aSenate hearing. In my view, however, the time for talk is over. The time for action is now. Taxpayer dollars should not go to companies like Amazon who repeatedly break the law. No government not the federal government, not the state government, and not the city government should be handing out corporate welfare to union busters and labor law violators.

Also on Thursday, Amazon Labor Union president, Chris Smalls, reportedthat during a White House visit, Biden had told him that Smalls had gotten [Biden] in trouble.

Biden was likely referring to his statement in April to a union group where he said Amazon, here we come a statement that Press Secretary Jen Psakiwalkedback almost immediately.

Link:
Amazon Is Busting Unions. Biden Is Giving Them Huge Federal Contracts Anyway. - Jacobin magazine

Posted in NSA | Comments Off on Amazon Is Busting Unions. Biden Is Giving Them Huge Federal Contracts Anyway. – Jacobin magazine

BPFDoor: Chinese tool almost undetected for FIVE years is second BPF-based attack uncovered this year – The Stack

Posted: at 9:04 pm

Researchers have uncovered a highly-evasive Chinese surveillance tool using the Berkeley Packet Filter (BPF). The malware, dubbed BPFDoor, is present on thousands of Linux systems, its controller has gone almost completely unnoticed by endpoint protection vendors despite it being in use for at least five years.

This is the second malware type using BPF in Linux for covert surveillance revealed this year, following Pangu Labs discovery of an apparent NSA backdoor, which they named Bvp47 in Feb 2022. Security researcher Kevin Beaumont suggested at the time that BPF (or extended BPF, eBPF) was being used by other threat actors.

Beaumont, who previously worked at Microsoft, warned then of the security implications of bring eBPF to other platforms beyond Linux, including Windows. I really, really hope Microsoft have threat modelled what will happen to security when they bake eBPF into the base OS, he said on Twitter. (Microsoft in March 2021 announced a new open source project to make eBPF work on Windows 10 and Windows Server 2016 and later.)

BPF was originally used for high-performance packet tracing and network analysis. But eBPF now allows sandboxed execution of code within an OS kernel, making it much more powerful and also a much more useful tool for attackers. eBPF programmes can be used for tracing, instrumentation, hooking system calls, debugging, and packet capturing/filtering. It has drawn increased attention from offensive security professionals.

Last week Beaumont posted a file to VirusTotal, quickly confirmed to be a controller from BPFDoor, which security researchers Ben Jackson and Will Bonner from PWC have been tracking since 2021, used by a threat actor PWC calls Red Menshen. The pair will present more details at the Troopers conference in June.

[BPFDoor] allows a threat actor to backdoor a system for remote code execution, without opening any new network ports or firewall rules. For example, if a webapp exists on port 443, it can listen and react on the existing port 443, and the implant can be reached over the webapp port (even with the webapp running), Beaumont wrote in a blog post rounding up available BPFDoor information and his own analysis.

Because BPFDoor doesnt open any inbound network ports, doesnt use an outbound C2, and it renames its own process in Linux (so ps aux, for example, will show a friendly name) it is highly evasive.

He said he swept the internet for BPFDoor in 2021, and found it installed in systems in the US and across Asia at organisations including government systems, postal and logistic systems, education systems and more. Beaumont said he believed the implant is present in thousands of systems.

He added: If anybody is wondering how many abuse complaints it generated scanning the Internet for an unknown implant zero. Nobody noticed

PWCs annual cyber threats report said of Red Menshen: This threat actor has been observed targeting telecommunications providers across the Middle East and Asia, as well as entities in the government, education, and logistics sectors using a custom backdoor we refer to as BPFDoor. This backdoor supports multiple protocols for communicating with a C2 including TCP, UDP, and ICMP allowing the threat actor a variety of mechanisms to interact with the implant.

It was not immediately clear why PWC had not chosen to disclose methods of detection or IOCs for a widely deployed backdoor. Beaumont provided several IoC/IoA resources, including YARA rules, the presence of files in /dev/shm such as /dev/shm/kdmtmpflush, and a sandbox report from 2019. He also posted a link to BPFDoor hashes on VirusTotal, but noted each implant has a unique hash, so hunting for file hashes is a BAD IDEA.

Nextron Systems Florian Roth also uncovered BPFDoor sourcecode from 2018.

And Sandfly Security founder Craig Rowland posted a technical analysis of the surveillance tool on Twitter, with useful information on where to look for BPFDoor, noting: [As the malware] goes resident it deletes itself from disk. The working directory is /dev/shm (Linux ramdisk). A system reboot ensures the area is wiped. You can see also where it masks the cmdline and command portions in /proc. A ps command shows the bogus name.

Read more from the original source:
BPFDoor: Chinese tool almost undetected for FIVE years is second BPF-based attack uncovered this year - The Stack

Posted in NSA | Comments Off on BPFDoor: Chinese tool almost undetected for FIVE years is second BPF-based attack uncovered this year – The Stack

Edward Snowden Reacts To Roe V. Wade: ‘Someone May Have Put A Lot On The Line To Warn You Of This’ – Benz – Benzinga

Posted: at 9:04 pm

NSA whistleblower Edward Snowden early Tuesdayreacted to a Politico report citing a leaked draft opinion written by Justice Samuel Alito that said the Supreme Court is planning to overturn the historic 1973 judgment of Roe V. Wade.

"Someone may have put a lot on the line to warn you of this. It doesn't matter who they are or why they did it: their role is complete," Snowden, who now resides in Russia said."What matters now is how you respond."

The Roe V. Wade judgment ensured constitutional protection to abortion rights for women.

This is the first time Snowden has tweeted in over two months. The computer intelligence consultant sent out his last tweet in February to address Russia's invasion of Ukraine, which was in contrast to his predictions.

Read Next:Roe V. Wade Leak Draws Reactions: Elizabeth Warren Says 'Not Going Back,' Bernie Sanders Wants Codification, And More

Photo: Courtesy of Gage Skidmore via Wikimedia

The rest is here:
Edward Snowden Reacts To Roe V. Wade: 'Someone May Have Put A Lot On The Line To Warn You Of This' - Benz - Benzinga

Posted in NSA | Comments Off on Edward Snowden Reacts To Roe V. Wade: ‘Someone May Have Put A Lot On The Line To Warn You Of This’ – Benz – Benzinga

Universities can’t expect to grow cyber workforce with ‘antiquated methods’ – EdScoop

Posted: at 9:04 pm

As technologies continue to change and threat landscapes evolve, and the U.S. economy struggles to fill more than half a million vacant cybersecurity jobs nationwide, colleges and universities need to rethink the way they educate future talent, speakers said Wednesday at a conference in Washington.

In addition to degree-seeking students, schools also need to expand offerings for less-traditional learners seeking to join the cyber workforce, like military members transitioning out of duty, law enforcement professionals interested in cybercrime and people seeking an overall career change, Eman El-Sheikh, the director of the University of West Floridas Center for Cybersecurity, said at the Hack the Capitol event.

No matter how many students we get into cyber degrees, its not going to be enough, she said at the event, which is put on by ICS Village, a nonprofit focused on critical infrastructure.

El-Sheikh, whos also an associate vice president at the Pensacola university, said there are about 600,000 open cybersecurity jobs in the United States right now, which she called a low estimate. And while UWF does issue four-year diplomas in cybersecurity, she said other academic tracks are needed.

We cant expect to use the same antiquated methods, she said. Weve got a huge population of transitioning military veterans. The last thing you want to say to them is: Go back to school for four years, and by the time youre done the cyber world will be so different nothing you learn will matter anymore.'

The University of West Florida is one of 370 schools nationwide designated by the National Security Agency as a National Center of Academic Excellence in Cybersecurity and is in the middle of using a $9 million NSA grant to train more than 1,700 veterans and first responders as it leads the agencys new National Cybersecurity Workforce Development Program, which is also taking place at nine other universities around the country. CyberSkills2Work, as the program is known at UWF, offers training in 14 roles, including a three-month path for aspiring cyber defense analysts and a seven-month track for entry-level systems administrators.

Derek Eichin, the lead research analyst at the Air Forces chief data office, said organizations like the U.S. military and critical-infrastructure operators cant afford to wait for everyone to earn advanced degrees before joining the cyber workforce.

Were accelerating technology faster than academia and the pace of curriculum, he said during the panel discussion. We cant wait for Ph.D.

The University of West Florida program also features an assessment test to help potential students figure out their best career track and find appropriate programs and other academic opportunities, including scholarships. The university has also added learning environments to give students experience that future employers might demand, El-Sheikh said.

How can they get in to SOC roles if they cant get into a SOC? she said. So we built an educational SOC, a virtual one.

See the original post:
Universities can't expect to grow cyber workforce with 'antiquated methods' - EdScoop

Posted in NSA | Comments Off on Universities can’t expect to grow cyber workforce with ‘antiquated methods’ – EdScoop

CISA, FBI, NSA, and International Partners Issue Advisory on Demonstrated Threats and Capa – National Security Agency

Posted: April 25, 2022 at 5:04 pm

WASHINGTON The United States and allied cybersecurity authorities issued a joint Cybersecurity Advisory today on the increased threat of Russian cyber groups targeting critical infrastructure that could impact organizations both within and beyond the Ukraine region. The Cybersecurity and Infrastructure Security Agency (CISA) authored Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure in partnership with the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), National Cyber Security Centre New Zealand (NZ NCSC), and the United Kingdoms National Cyber Security Centre (NCSC-UK) and National Crime Agency (NCA), and with contributions from industry members of CISAs Joint Cyber Defense Collaborative.The advisory provides technical details on malicious cyber operations by actors from the Russian Federal Security Service (FSB), Russian Foreign Intelligence Service (SVR), Russian General Staff Main Intelligence Directorate (GRU), and Russian Ministry of Defense, Central Scientific Institute of Chemistry and Mechanics (TsNIIKhM). It also includes details on Russian-aligned cyber threat groups and cybercrime groups. Some of these cybercrime groups have recently publicly pledged support for the Russian government or people and have threatened to conduct cyber operations in retaliation for perceived cyber offensives against Russia or against countries or organizations providing materiel support to Ukraine.The advisory recommends several immediate actions for all organizations to take to protect their networks, which include:

Given recent intelligence indicating that the Russian government is exploring options for potential cyberattacks against U.S. critical infrastructure, CISA along with our interagency and international partners are putting out this advisory to highlight the demonstrated threat and capability of Russian state-sponsored and Russian aligned cybercrime groups, said CISA Director Jen Easterly. We know that malicious cyber activity is part of the Russian playbook, which is why every organization large and small should take action to protect themselves during this heightened threat environment. We urge all critical infrastructure owners and operators as well as all organizations to review the guidance in this advisory as well as visit http://www.cisa.gov/shields-up for regular updated information to protect yourself and your business.Threats to critical infrastructure remain very real," said Rob Joyce, NSA Cybersecurity Director. "The Russia situation means you must invest and take action.Russia has significant cyber capabilities and a demonstrated history of using them irresponsibly, and state-sponsored malicious cyber activity is a real risk to organizations around the world, said Sami Khoury, Head, Canadian Centre for Cyber Security. By joining alongside our partners in releasing todays joint advisory, the Communications Security Establishment and its Canadian Centre for Cyber Security continue to support making threat information more publicly available, while providing specific advice and guidance to help protect against these kinds of risks.In this period of heightened cyber threat, it has never been more important to plan and invest in longer-lasting security measures, said Lindy Cameron, NCSC CEO. It is vital that all organisations accelerate plans to raise their overall cyber resilience, particularly those defending our most critical assets. The NCSC continues to collaborate with our international and law enforcement partners to provide organisations with timely actionable advice to give them the best chance of preventing cyber attacks, wherever they come from.Because evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks, the cybersecurity authorities are providing this robust advisory with several resources and mitigations that can help the cybersecurity community protect against possible cyber threats from these adversarial groups. Executives, leaders, and network defenders are urged to implement recommendations to prepare for and mitigate the varied cyber threats listed in the Cybersecurity Advisory here.This advisory provides immediate actions defenders can take to prepare their information technology (IT) and operational technology (OT) networks against exploitation or destructive operations. It also includes general best practices for keeping networks secure and responding to cyber incidents.

NSA and its partners have assessed there is an increased threat and encourage vigilance as critical infrastructure networks could be targeted with destructive malware, distributed denial-of-service (DDoS), ransomware attacks, and cyber espionage.Read the full joint guidance here. Visit our full library for more cybersecurity information and technical guidance.

Go here to read the rest:
CISA, FBI, NSA, and International Partners Issue Advisory on Demonstrated Threats and Capa - National Security Agency

Posted in NSA | Comments Off on CISA, FBI, NSA, and International Partners Issue Advisory on Demonstrated Threats and Capa – National Security Agency

Page 12«..11121314..2030..»