Category Archives: NSA

Written by Manish Sahu | Lucknow | Updated: August 17, 2017 2:22 am Among the three accused, Bhura alias Israil and Khalil alias Leelu have been in prison since June 26, while Inaam was sent to jail on July 23. Police are yet to file a chargesheet in the case. (File/Representational)

THE MUZAFFARNAGAR district administration has invoked the National Security Act (NSA) against three people arrested in June-July under the UP Cow Slaughter Act and various other charges. The accused are lodged in the district jail.

Station House Officer (SHO) of Janshath police station, Kamal Singh Chauhan, said: A recommendation was made to District Magistrate (Muzaffarnagar) G S Priyadarshi, requesting to invoke the NSA on the three accused along with a report containing details of the case. The request was accepted and I served the order invoking the NSA against the accused in Muzaffarnagar district jail on August 14.

Priyadarshi confirmed that the NSA had been invoked against the accused on the police recommendation.

Among the three accused, Bhura alias Israil and Khalil alias Leelu have been in prison since June 26, while Inaam was sent to jail on July 23. Police are yet to file a chargesheet in the case.

According to Chauhan, on the morning of June 24, police received information about the slaughter of a cow at Katka village. A team rushed to the spot, where the accused allegedly fired at them, injuring a constable. The police team, however, managed to nab Bhura and Khalil, residents of the neighbouring Khedi Firozabad village, added Chauhan.

The SHO further said that the team recovered flesh, skin and body parts of a bullock, knives used for slaughtering the animal and a country-made pistol from the spot. A bullock was also found tied with a rope near the spot, he added.

A case was lodged against Bhura, Khalil and others under the UP Cow Slaughter Act, the Prevention of Cruelty to Animals Act, the Arms Act and sections 148 (rioting, armed with deadly weapon) and 149 (common object) of the IPC.

The flesh seized from the place was not sent for lab tests as the district veterinary officer had visited the spot immediately after the raid. He had confirmed the meat as that of a bullock. Parts of the animals body as tail, skins and horns too had confirmed it was a bullock, said Chauhan.

On July 22, another accused, Inaam, was arrested from his house in the Kakroli area in Muzaffarnagar, the SHO added.

The superintendent of Muzaffarnagar district jail Arun Saxena said the NSA report has been received by the prison.

In June, DGP Sulkhan Singh had issued directions to take strict action against those involved in cow slaughter, smuggling of cows and their progeny by invoking the NSA and the Gangsters Act against them. The DGP had clarified that the district magistrate and police chief can decide what action needs to be taken after taking into consideration the gravity of the situation.

For all the latest India News, download Indian Express App

Visit link:
Muzaffarnagar: NSA against three held under cow slaughter Act - The Indian Express

'He Sat On This': Judge Nap Reacts to Reports Obama Knew Russian Meddled in 2014

Antifa Protester: Trump's Denouncement of White Supremacists 'Too Little Too Late'

Former National Security Administration Technical Director Bill Binney told Tucker Carlson he has data showing that the Democrats' narrative regarding Russia hacking the DNC and 2016 election are untrue.

Binney, a member of Veteran Intelligence Professionals for Sanity (VIPS), said the story spread around the mainstream media that Russia is at fault can't necessarily be proven.

He said that during a prior Chinese hack of government systems, NSA agents were able to use "trace route programs" to track the "packets" of information back to a specific building in Shanghai.

Binney said that could be the reason Democrats did not want the FBI to look at their systems- ostensibly because they may not trace back to Russia.

He said a major file that was allegedly hacked from the DNC server was 1,976 megabytes in size and was transmitted in only 87 seconds.

"You made the point that it was moved too fast [that it] couldn't have gone out over the internet," Tucker Carlson surmised.

Binney said it likely was instead transmitted to a storage device.

"Many people are emotionally tied to this agenda, to tie the Russians to President Trump," Binney said.

He said that VIPS is nonpartisan and "tries to look at... the facts."

Watch more above.

Krauthammer: 'Shocking' Trump Didn't 'Reflexively' Call-Out Neo-Nazis on Saturday

Protesters Assemble in Front of Trump Tower Awaiting the President

View post:
Former NSA Official: Dems' Russia Hacking Story Likely Bogus | Fox ... - Fox News Insider

Aug 14, 2017-

In a decision that would shock country's swimming community, Nepal Swimming Association (NSA) has introduced a regulation barring swimmers from participating in more than four events, which according to NSA insiders serves a sole purpose to deny national teenage swimming sensation Gaurika Singh from participating in multiple events.

NSA intends to implement this new regulation in the upcoming National Swimming Championships scheduled to begin from August 17.

The National Swimming Competition organising committee under Vice Chairman Gita Rana, also a lawmaker, announced the competition dates and the regulation that would bar swimmers from participating in more than four events. The organising committee said such move was aimed at making the competition more inclusive.

Keeping in view the inclusiveness in the sport, we have introduced the regulation that no players will be allowed to participate in more than four events so that only one player will not win all the events, said NSA officials during a press meet on Sunday.

The final date for the submission of event participation form was August 26 and Singh had submitted application for entry form at the NSA, National Sports Council and Sports Ministry.

NSA, however, has also gone a step further and is mulling postponement of the national event in a bid to discourage the youngest Olympian in the history of the sport from participating in the competition. However, the association has not taken a final decision on the event postponement issue.

The associations one of a kind regulation is almost unheard in the swimming world.

Singh, 14, has 30 national records to her name and her competitors fear diving into the same pool with her as some of her timings fare much better even than her national male counterparts.

During the 12th South Asian Games, Singh won a record 4 medalsone silver and three bronze to better her own national recordat the age of 14.

Gaurika, who currently lives with her parents in London, England, arrived in Nepal on August 2 to take part in the national competition. Singh had reached the finals of English Age Group Championship and British Open Water Championship back in England but opted not to take part in it and instead fly to Nepal for the national competition.

Meanwhile, FINA (International Swimming Federation), the regulatory body for administering international competition in water sports, has no such regulation and allows athletes to participate in any events they wish to, even in the Olympics.

Katie Ledecky of the United States had won six medals at the World Swimming Championships that was held on July 30 in Hungary and legendary swimmer Michael Phelps also had won eight gold medals in the Beijing Olympics.

Likewise, in Nepal Karishma Karki had secured 12 gold medals in the 5th edition of national championships and and Shirish Gurung had claimed 14 gold medals in the 7th National Swimming Championships.

Similarly, Singh, during the 19th edition of the national swimming competition had won 8 gold and 1 silver medals along with national record in her belt at the age of 11 and on the 20th swimming championship she had won 6 gold medals.

Meanwhile, Paras Bahadur Singh, Gaurikas father, has said that they may be compelled to search for other options if NSA keeps on obstructing Gaurikas participation in national events.

Gaurika has achieved so much for the country in a small age, said Paras, For her (Gaurika) Nepal and swimming matters the most but if the association keeps on creating hurdles then we have to look for other options as well.

Published: 14-08-2017 13:34

Originally posted here:
NSA enforces regulation in bid to restrict Gaurka Singh's participation in multiple events - The Kathmandu Post

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues.

Your message has been sent.

There was an error emailing this page.

A Russian government-sponsored cyber-espionage group has been accused of using a leaked NSA hacking tool in attacks against one Middle Eastern and at least seven European hotels in order to spy on guests.

Why reinvent the wheel, or a hacking tool, when the NSA created such an effective one? The NSAs EternalBlue was leaked online by the Shadow Brokers in April. Now the security firm FireEye says it has a moderate confidence that Fancy Bear, or APT28, the hacking group linked to the Russian government and accused of hacking the Democratic National Committee last year, added EternalBlue to its arsenal in order to spy on and to steal credentials from guests at European and Middle Eastern hotels.

In a campaign aimed at the hospitality industry, attackers leveraged a malicious document in spear-phishing emails. The hostile hotel form, which Microsoft Threat Intelligence Center General Manager John Lambert tweetedabout in July, appeared to be a hotel reservation document. If macros were allowed to run on the computers used by the hotel employees who opened it, then Fancy Bears Gamefish malware would be installed.

Fancy Bear, according to a report by FireEye, used novel techniques involving the EternalBlue exploit and the open-source tool Responder to spread laterally through networks and likely target travelers. Once inside the network of a hospitality company, APT28 sought out machines that controlled both guest and internal Wi-Fi networks.

The Gamefish malware would download and run EternalBlue to spread to computers that were connected to corporate and guest Wi-Fi networks. After gaining access, Fancy Bear deployed Responder, which listens for broadcasts from victim computers attempting to connect to network resources. Responder, FireEye explained, masquerades as the sought-out resource and causes the victim computer to send the username and hashed password to the attacker-controlled machine.

Its definitely a new technique for Fancy Bear, FireEyes cyber-espionage researcher Ben Read told Wired. Its a much more passive way to collect on people. You can just sit there and intercept stuff from the Wi-Fi traffic.

While FireEye didnt observe business travelers credentials being stolen via hotel Wi-Fi networks in July, the security firm cited a similar hotel attack by Fancy Bear in 2016.

In the 2016 incident, the victim was compromised after connecting to a hotel Wi-Fi network. Twelve hours after the victim initially connected to the publicly available Wi-Fi network, APT28 logged into the machine with stolen credentials. These 12 hours could have been used to crack a hashed password offline. After successfully accessing the machine, the attacker deployed tools on the machine, spread laterally through the victim's network, and accessed the victim's OWA account. The login originated from a computer on the same subnet, indicating that the attacker machine was physically close to the victim and on the same Wi-Fi network.

The latest hotel attacks, FireEye added, are "the first time we have seen APT28 incorporate this exploit [EternalBlue] into their intrusions. While the investigation is still going on, FireEye told Reuters it is moderately confident that Fancy Bear is behind the attacks. We just don't have the smoking gun yet.

The targeted hotels were not named, but they were described as the type where valuable guests would stay. FireEye told Wired, These were not super expensive places, but also not the Holiday Inn. Theyre the type of hotel a distinguished visitor would stay in when theyre on corporate travel or diplomatic business.

FireEye wants travelers, such as business and government personnel, to be aware of the threats like having their information and credentials passively collected when connecting to a hotels Wi-Fi. While traveling abroad, high-value targets should take extra precautions to secure their systems and data. Publicly accessible Wi-Fi networks present a significant threat and should be avoided whenever possible.

Wired suggested the safest approach for travelers is to bring their own hotspot and altogether skip connecting to the hotels Wi-Fi.

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues.

Sponsored Links

Read more:
Russian hackers used leaked NSA hacking tool to spy on hotel guests - CSO Online

Sugar Grove, West Virginia was, by the accounts of its residents, a fine place to live until the Pentagon shuttered the sprawling naval base that sustained the town for decades leaving it with a state secret as its sole remaining attraction. A new documentary film by director Elaine McMillion Sheldon, a longtime chronicler of West Virginian life, visitsSugar Grove after the base was decommissioned and being auctionedoff, and traces the abiding shadow of a nearby National Security Agency facility still looming over the town.

The film is embedded above.

Antennae at the NSA listening post, codenamed TIMBERLINE, were built to capture Soviet satellite messages as they bounced off the moon, imbuing a pristine stretch of Appalachia with a sort of cosmic gravity. Residents lived with the knowledge that something was hidden away on a hilltop above the town, even if it was something they could never know. TIMBERLINEs mission has, to say the least, changed in the intervening years, as submarine-laid internet cables have become a greater priority for American spies than foreign satellite communication.

TIMBERLINE remains operational, but the facility, known to locals as the off-limits Upper Base, was never what kept Sugar Grove alive. The towns heart was the sprawling Lower naval base that served as a robust employer and de facto community center until the Sept. 11 attacks, when residents say even the Navy gym and recreational areas theyd always enjoyed were sealed up, like forbidding TIMBERLINE. Sheldons film reveals a parcel of the country thats dealing not just with a faltering economy and collapsed job base hardly unique to Sugar Grove but also with a legacy thats literally unspeakable. One of the only moments the film captures of anyone talking about the NSAs presence in Sugar Grove comes from a General Services Administration auctioneer Kristine Carson in a vacant naval gymnasium. Asked about the Upper Base, Carson notes, with a small smile, Its underground, I understand. Of course I cant speak to that.

Top video: The film is directed and produced by Elaine McMillion Sheldon/Field of Vision.

See original here:
Film: The Tiny West Virginia Town Haunted by an NSA Secret - The Intercept

Julio Lopez Saguar/Getty Images

Appropriately paranoid travelers have always been wary of hotel Wi-Fi. Now they have a fresh justification of their worst wireless networking fears: A Russian espionage campaign has used those Wi-Fi networks to spy on high-value hotel guests, and recently started using a leaked NSA hacking tool to upgrade their attacks.

Since as early as last fall, the Russian hacker group known as APT28, or Fancy Bear, has targeted victims via their connections to hacked hotel Wi-Fi networks, according to a new report from security firm FireEye, which has closely tracked the groups intrusions, including its breach of the Democratic National Committee ahead of last years election. Last month, FireEye says those hackers, believed to be associated with the Russian military intelligence service GRU, have begun to use EternalBlue, the leaked NSA hacking tool, as one technique to broaden their control of hotel networks after gaining an initial foothold via phishing or other techniques. Disturbingly, once those hackers take control of hotels' Wi-Fi, theyre using that access to harvest victim computers usernames and passwords silently, with a trick that doesnt even require users to actively type them when signed onto the hotel network.

Its definitely a new technique" for the prolific Fancy Bear hacker group, says Ben Read, who leads FireEyes espionage research team. Its a much more passive way to collect on people. You can just sit there and intercept stuff from the Wi-Fi traffic.

FireEye says it first saw evidence that Fancy Bear might be targeting hotels in the fall of last year, when the company analyzed an intrusion that had started on one corporate employee's computer. The company traced that infection to the victim's use of a hotel Wi-Fi network while traveling; 12 hours after the person had connected to that network, someone connected to the same Wi-Fi network had used the victim's own credentials to log into their computer, install malware on their machine, and access their Outlook data. That implies, FireEye says, that a hacker had been sitting on the same hotel's network, possibly sniffing its data to intercept the victim's credentials.

Then, just last month, FireEye learned of a series of similar Wi-Fi attacks at hotels across seven European capitals and one Middle Eastern capital. In each case, hackers had first breached the target hotel's networkFireEye believes via the common tactic of phishing emails carrying infected attachments that included malicious Microsoft Word macros. They then used that access to launch the NSA hacking tool EternalBlue, leaked earlier this year in a collection of NSA internal data by hackers known as the ShadowBrokers, which allowed them to quickly spread their control through the hotels' networks via a vulnerability in Microsoft's so-called "server message block" protocol, until they reached the servers managing the corporate and guest Wi-Fi networks.

From there, the attackers used a network-hacking tool called Responder, which allowed them not only to monitor traffic on the hijacked networks, but also to trick computers connecting to them to cough up users' credentials without giving victims any sign of the theft. When the victim computer reaches out to known services like printers or shared folders, Responder can impersonate those friendly entities with a fake authentication process, fooling the victim machine into transmitting its network username and password. And while the password is sent in a cryptographically hashed form, that hashing can sometimes be cracked. (FireEye believes, for instance, that hackers used Responder to steal the hotel guest's password in the 2016 case; the 12-hour delay may have been the time it took to crack the hash.)

In each case, FireEye says that the hacked networks were those of moderately high-end hotels, the kind that attract presumably valuable targets. "These were not super expensive places, but also not the Holiday Inn," FireEye's Read says. "They're the type of hotel a distinguished visitor would stay in when theyre on corporate travel or diplomatic business."

But FireEye says it doesn't know whether the hackers had specific visitors in mind, or were simply casting a wide net for potential victims. "Maybe this was designed just to establish a foothold and see who shows up, or maybe they were just testing something out," says Read. Other than victim whose case they analyzed last year, the company's analysts couldn't confirm any individual victims whose credentials were stolen from the target hotels.

FireEye says it has "moderate confidence" in its conclusion that Fancy Bear conducted both the 2016 hotel attack and the more recent spate. It bases that assessment on the use of two pieces of Fancy Bear-associated malware, known as GameFish and XTunnel, planted on hotel and victim computers. The company also points to clues in the command and control infrastructure of that malware and information about the victims, which it's not making public.

If Fancy Bear is in fact behind the hotel espionage spree, FireEye notes that the group's use of EternalBlue would represent the first publicly confirmed time that Russian hackers have used one of the NSA hacking techniques leaked in the ShadowBrokers' scandal. But the Ukrainian government has already blamed Russia for the creation of the NotPetya malware, which used EternalBlue to spread within victims' networks as it crippled thousands of companies earlier this summer. (The security firms ESET has also linked NotPetya with a hacking group called TeleBots or Sandworm , which FireEye has tied to Russia.) EternalBlue has also helped enable other hacking epidemics from the WannaCry ransomware to cryptocurrency-mining malware. That proliferation of a powerful and silent NSA hacking tool has caused controversy for the agency and scrutiny of its suspected stockpile of secret computer intrusion techniques, despite the fact that the NSA helped Microsoft to distribute a patch for the flaw EternalBlue exploited months before it was used in the WannaCry campaign.

The Fancy Bear hotel-hacking campaign would also represent a new evolution of the group's intrusion techniques, which have been used in everything from stealthy spying campaigns to noisy, disruptive operations, like the data-destroying attack on the French television station TV5Monde, or the leaks from the DNC and Clinton campaigns last year.

But more broadly, sophisticated hackers infiltrating hotels to spy on their guests has happened before. A similar campaign known as DarkHotel, believed to be the work of North Korea cyberspies, came to light in 2014 . The Duqu 2.0 malware , widely believed to be the work of Israeli hackers, was found in the networks of European hotels hosting Iranian nuclear negotiations the following year.

All of which should serve as a reminder that hotel networks are not safe havens for travelers with sensitive information. FireEye's Read warns that even using a VPN may not prevent the leakage of private credentials that Responder exploits, though he notes that vulnerability likely depends on which proxy software someone is using. But the safest approach, for any traveler with truly valuable secrets to keep, is to bring your own wireless hotspotand then stay off the hotel's Wi-Fi altogether.

The rest is here:
Russia's 'Fancy Bear' Hackers Used Leaked NSA Tool to Target Hotel Guests - WIRED

WASHINGTON, D.C.The Electronic Frontier Foundation (EFF) asked the Supreme Court to review and overturn an unprecedented ruling allowing the government to intercept, collect, and storewithout a warrantmillions of Americans electronic communications, including emails, texts, phone calls, and online chats.

This warrantless surveillance is conducted by U.S. intelligence agencies under Section 702 of the Foreign Intelligence Surveillance Act. The law is exceedingly broadSection 702 allows the government to conduct surveillance of any foreigner abroadand the law fails to protect the constitutional rights of Americans whose texts or emails are incidentally collected when communicating with those people.

This warrantless surveillance of Americans is unconstitutional and should be struck down.

Yet the U.S. Court of Appeals for the Ninth Circuit, ruling in U.S. v. Mohamud, decided that the Fourth Amendment doesnt apply to Americans whose communications were intercepted incidentally and searched without a warrant. The case centered on Mohammed Mohamud, an American citizen who in 2012 was charged with plotting to bomb a Christmas tree lighting ceremony in Oregon. After he had already been convicted, Mohamud was told for the first time that information used in his prosecution was obtained using Section 702. Further disclosures clarified that the government used the surveillance program known as PRISM, which gives U.S. intelligence agencies access to communications in the possession of Internet service providers such as Google, Yahoo, or Facebook, to obtain the emails at issue in the case. Mohamud sought to suppress evidence gathered through the warrantless spying, arguing that Section 702 was unconstitutional.

In a dangerous and unprecedented ruling, the Ninth Circuit upheld the warrantless search and seizure of Mohamuds emails. EFF, the Center for Democracy & Technology, and New Americas Open Technology Institute filed a petition today asking the Supreme Court to review that decision.

The ruling provides an end-run around the Fourth Amendment, converting sweeping warrantless surveillance directed at foreigners into a tool for spying on Americans, said EFF Senior Staff Attorney Mark Rumold. Section 702 is unlike any surveillance law in our countrys history, it is unconstitutional, and the Supreme Court should take this case to put a stop to this surveillance.

Section 702, which is set to expire in December unless Congress reauthorizes it, provides the government with broad authority to collect, retain, and search Americans international communications, even if they dont contain any foreign intelligence or evidence of a crime.

We urge the Supreme Court to review this case and Section 702, which subjects Americans to warrantless surveillance on an unknown scale, said EFF Staff Attorney Andrew Crocker. We have long advocated for reining in NSA mass surveillance, and the incidental collection of Americans private communications under Section 702 should be held unconstitutional once and for all.

For the petition: https://www.eff.org/document/mohamud-eff-cert-petition

For more on Section 702: https://www.eff.org/document/702-one-pager-adv

For more on NSA spying:https://www.eff.org/nsa-spying

Read the original here:
EFF Urges Supreme Court to Take On Unconstitutional NSA Surveillance, Reverse Dangerous Ruling That Allows ... - EFF

Enlarge / Part of a booby-trapped Microsoft Word document that was sent to multiple hotels. Once infected, computers would attempt to compromise other computers connected to the same network.

FireEye

A Russian government-sponsored group accused of hacking the Democratic National Committee last year has likely been infecting other targets of interest with the help of a potent Windows exploit developed by, and later stolen from, the National Security Agency, researchers said Friday.

Now, researchers at security firm FireEye say they're moderately confident the Russian hacking group known as Fancy Bear, APT 28, and other names has also used Eternal Blue, this time in a campaign that targeted people of interest as they connected to hotel Wi-Fi networks. In July, the campaign started using Eternal Blue to spread from computer to computer inside various staff and guest networks, company researchers Lindsay Smith and Ben Read wrote in a blog post. While the researchers didn't directly observe those attacks being used to infect guest computers connected to the network, they said a related campaign from last year used the control of hotel Wi-Fi services to obtain login credentials from guest devices.

In the earlier attack, the APT 28 members used a hacking tool dubbed Responder to monitor and falsify NetBIOS communications passed over the infected networks.

"Responder masquerades as the sought-out resource and causes the victim computer to send the username and hashed password to the attacker-controlled machine," the FireEye researchers wrote. "APT 28 used this technique to steal usernames and hashed passwords that allowed escalation of privileges in the victim network." The researchers continued:

In the 2016 incident, the victim was compromised after connecting to a hotel Wi-Fi network. Twelve hours after the victim initially connected to the publicly available Wi-Fi network, APT28 logged into the machine with stolen credentials. These 12 hours could have been used to crack a hashed password offline. After successfully accessing the machine, the attacker deployed tools on the machine, spread laterally through the victim's network, and accessed the victim's OWA account. The login originated from a computer on the same subnet, indicating that the attacker machine was physically close to the victim and on the same Wi-Fi network.

We cannot confirm how the initial credentials were stolen in the 2016 incident; however, later in the intrusion, Responder was deployed. Since this tool allows an attacker to sniff passwords from network traffic, it could have been used on the hotel Wi-Fi network to obtain a users credentials.

The attack observed in July used a modified version of Eternal Blue that was created using the Python programming language and later made publicly available, Fire Eye researchers said in an e-mail. The Python implementation was then compiled into an executable file using the publicly available py2exe tool.

Fancy Bear used a spear phishing campaign to distribute a booby-trapped Microsoft Word document to several unnamed hotels, FireEye said. When the document was opened on computers that allowed Word macros to execute, the machines were infected by Fancy Bear malware known as Gamefish. Once a computer was infected, it attempted to infect other computers connected to the same Wi-Fi network.

Go here to read the rest:
Russian group that hacked DNC used NSA attack code in attack on hotels - Ars Technica

A new report states categorically that the Democratic National Committee (DNC) was not hacked by Russiansor anyone elseas frequently alleged by the mainstream media, liberal intelligentsia and anti-Trump politicians.

The Nations Patrick Lawrence wrote a lengthy review of the findings made by various computer experts formerly with the NSA. Published this week, the left-wing magazines report notes two bases for their conclusion: (1) hard science shows that a remote hack of the DNC servers resulting in the breach that actually occurred would have been technologically impossible; (2) forensic review of the initial Guccifer 2.0 documents proves that they are poorly-disguised cut-and-paste jobsforgeriesintended to finger Russia.

Lawrence, by way of the experts findings, concludes that the so-called hack was actually an inside job by someone with internal access to the DNCs computer network. In other words, the DNC has (or had) a leak.

The report mostly relies on the work ofVeteran Intelligence Professionals for Sanity (VIPS), which was founded in 2003 in order to push back against the false claims of Iraqi WMD emanating from the second Bush White House. Despite mostly being ignored by the media so far, VIPS diligently set to work on unraveling the cocoon of misinformation surrounding Russiagate and the DNC hack narrative.

Four members of VIPS are currently concentrating on the task. They are: (1) William Binney, the NSAs former technical leader who also designed many of the programs now in use by the agency; (2) Kirk Wiebe, a former senior analyst with the NSAs SIGINT Automation Research Center; (3) Edward Loomis, the former technical director at the NSAs Office of Signal Processing; and (4) Ray McGovern, former chief of the CIAs Soviet Foreign Policy Branch.

First, VIPS noted, the NSA has the technical prowess to root out exactly what happened because their publicly known programs alone are capable of capturing any and all electronic transfers of data. As VIPS noted,If NSA cannot produce such evidenceand quicklythis would probably mean it does not have any.

Thats a drum VIPS has been beating for awhile, but, of course, thats not hard evidence. There simply wasnt much of anyuntil very recently. Those recent documents undergird the reports first contentionthe technological impossibility of the DNC breach having been a long-distance hack. Lawrence describes the impossibility like this:

The metadata established several facts in this regard with granular precision: On the evening of July 5, 2016, 1,976 megabytes of data were downloaded from the DNCs server. The operation took 87 seconds. This yields a transfer rate of 22.7 megabytes per second. These statistics are matters of record and essential to disproving the hack theory. No Internet service provider, such as a hacker would have had to use in mid-2016, was capable of downloading data at this speed.

What is the top possible speed? Somewhere around 16 megabytes per second. According to Skip Folden, a former IBM program manager and independent analyst, 22.7 megabytes per second is beyond unlikely under the circumstancesunless youre downloading the files directly using a storage device like a USB drive. He said:

A speed of 22.7 megabytes is simply unobtainable, especially if we are talking about a transoceanic data transfer. Transfer rates of 23 MB/s are not just highly unlikely, but effectively impossible to accomplish when communicating over the Internet at any significant distance. Further, local copy speeds are measured, demonstrating that 23 MB/s is a typical transfer rate when using a USB2 flash device (thumb drive).

As to the reports second contentionthat the Guccifer 2.0 documents were tainted to cast curious eyes toward RussiaFolden notes that a simple peeling away of the documents top layer of metadata shows the sloppy and intentional misattribution.

The report is lengthy and doesnt stop there. Lawrence notes multiple additional problems with the now-broken narrative: CrowdStrike is essentially an arm of the DNC itself; Dmitri Alperovitch, CrowdStrikes co-founder and chief technology officer is consumed by Russophobia; the FBI has never once examined the DNCs servers by themselves; that famousIntelligence Community Assessment breathlessly reported as the cumulative work of 17 national security agencies was actually the work of three hand-picked analysts.

Lawrence even raises the possibility that Guccifer 2.0 was a whole-cloth creation of the DNC used to deflect away from the leaks contents and send everyone scrambling to find Russians underneath all the nations laptops and ashtrays.

That question, for now, will have to remain unanswered, but it looks like the official story is swiftly crumbling away.

[image via Shutterstock]

Follow Colin Kalmbacher on Twitter: @colinkalmbacher

The rest is here:
BOMBSHELL: NSA Experts Say DNC 'Hack' Was Actually a Leak and Inside Job - LawNewz

August 11th, 2017 by StorageReview Enterprise Lab

We are in the process of upgrading our networking fabric;a major part of that includes moving to the NSA 3600 from the SonicWall Network Security Appliance (NSA) Midrange Firewall Series. Ideal for smallto medium-sized corporate environments, this firewall series is highlighted by its advanced automated threat-prevention technologies. Previously, we usedSonicwalls TZ500W, an easy-to-deploy, all-in-one SMB desktop firewall solution that is great for smaller-scale networks. Moving to an entry-enterprise rack platform, the NSA 3600 acts as a significant upgrade in our labs, offering 10G support with SFP+ ports and support for jumbo frames.

The NSA 3600 is powered by SonicOS, a comprehensive operating system that is simple to configure and easy to use. SonicOS helps to streamline management and offers admins substantial network control and versatility through features such as application intelligence and control, real-time visualization, and intrusion prevention system.

With its comprehensive control options, real-time visualization and WLAN management, we will be able to easily monitor activity across our entire network. Moreover, the NSA 3600 comes with SonicWalls Reassembly-Free Deep Packet Inspection technology, which scans traffic for all threats (both known and unknown) and eliminates them before they are able to infect a network. Capture Advanced Threat Protection Service also gives enterprises cloud-based, multi-engine sandboxing that blocks unknown and zero-day gateway attacks. This technology works by scanning all traffic in a wide range of file sizes and types, then extracting any suspicious code for further analysis.The SYN flood protection offers protection against DoS attacks through Layer 3 SYN proxy and Layer 2 SYN blacklisting technologies while defendingagainst DOS/DDoS using UDP/ICMP flood protection and connection rate limiting. This NSA Mid Range Series firewall also provides threat API, Stateful packet inspection, WAN load balancing, biometric authentication and more. Through all of these defense measures,the NSA 3600 is capable of delivering 3.4 Gbps, 1.1 Gbps, and 600 Mbps in Firewall, IPS, and Anti-malware throughput, respectively.

SonicWall NSA 3600 Specifications

Design and Build

The SonicWall NSA 3600 comes in a 1U rack form factor and has the same connectivity layout as the 4600 and 5600 models. On the left side of the front panel is the console port (which gives access to the SonicOS CLI when connected via an enclosed serial CLI cable), a SDHC port, two USB ports, and a SafeMode button (press until blinking to access). There are also four LED status Indicators: the Power LED, where blue means the power supply is operating normally and yellow means the power supply has been disconnected; the Test LED, which displays Initializing, Test, SafeMode statuses; the red Alarm LED; and the M0 LED, which shows expansion module 0 activity.

Next to the status indicators is the Management Port (1 GE), two X16-X17 (10 GE SFP+) hot-swappable ports, four X12-X15 (1 GE SFP) ports for high-speed fiber or copper Ethernet communication, and twelve X0-X11 (1 GE) High-speed copper Gigabit Ethernet ports.

The back panel is home to the expansion bay, which supports SonicWall-approved expansion modules, as well as dual auto-throttling fans and the power supply port/switch.

Upgrade Process

SonicWall makes the process of upgrading firewalls very simple. In our case to move from the TZ500W to the NSA 3600, we were able to take the saved configuration file from one and import it into the other, no additional conversion necessary. This was quite important for us, since while deploying the firewall is simple, manually adding in all of our existing firewall rules would be a time consuming process otherwise. In this case we had our networking environment swapped over to the NSA 3600 within a few minutes from the file import, once the NSA 3600 was upgraded to the same firmware version (or newer) than the TZ500W.

During the upgrade process we kept the same interface connections; connecting to the firewall over 1GbE. The main reason for the upgrade though is the SFP+ 10GbE ports the NSA 3600 offers, allowing us to uplink the firewall directly into our new 48-port 10G Dell S4048 or 32-port 100G Dell Z9100 switches as they come online. This upgrade is a large undertakingas we migrate off our 40GbE fabric over to 100G for next-gen storage and compute hardware. The NSA 3600 deployment was an easy first step in this process though as we work to modernize our network.

SonicWallNSA 3600 product page

Discuss This Story

Sign up for the StorageReview newsletter

The rest is here:
In the Lab: SonicWall NSA 3600 Firewall Upgrade - StorageReview.com