5 ERP Trends in the Retail Industry in 2018

Enterprise Resource Planning (ERP) software has helped numerous businesses across multiple industries integrate their day-to-day operations and streamline business management processes. The retail industry is one of the largest users of ERP software globally. As ERP software vendors constantly work to create less complex, more powerful and more affordable ERP solutions for the retail industry, we’re set to see changes in the ERP software market.

What should we expect? Here are our top five trends to watch for in the retail industry in 2018.

Increased Adoption of Cloud-Based ERP Systems

According to a G2 Crowd – ERP software products review, more and more ERP software vendors are shifting their focus towards cloud-based ERP offerings. From Oracle Cloud to SAP S4HANA and Microsoft Dynamics 365, there is no doubt that cloud ERP systems are gaining wider acceptance across the retail industry. Experts estimate that the cloud ERP software market will be worth around $26.5 billion by 2020, indicating an increasing trend in adoption.

While most retailers have over the years been comfortable with on-premise ERP software deployments, the recent growth in the adoption of cloud ERP solutions across almost every business sector today, has resulted in increased adoption across the thriving retail industry. Cloud ERP systems offer the benefits that retailers are looking for including better scalability, enhanced security and increased support.

Growth in the Small Business and Niche Industries

In 2018 and beyond, ERP is going to be about small and mid-sized businesses, as well as niche industries. For too long, ERP software vendors have been focusing on large companies. The software landscape is changing fast with more small and mid-sized businesses shifting to ERP SaaS solutions to ease deployment.

ERP software vendors are incorporating more functions and capabilities that they previously overlooked to meet the needs of small businesses and niche industries like the food and pharmaceutical industries. With increased usability, ERP solutions are now focusing on the growing niche market which is, in turn, driving growth in the segment.

Less Focus on Legacy ERP Systems

Unfortunately, there are still many retail businesses that are using legacy ERP systems that have been in use for many years. As more ERP providers shift to cloud ERP solutions, it’s expected that more vendors will put less focus on legacy ERP systems. In fact, most of them are no longer offering long-term support or introducing new functions to these dated systems.

Due to this growing trend, more retail businesses are opting for omnichannel ERP systems that allow them to see the connections across the different aspects of retail business management. Through such systems, retailers are able to provide their customers with a more streamlined purchase process and ensure a unified communication process.

The Push for Mobile ERP is Getting Stronger

As more employees work outside the office, there is an increasing need to be able to access information in real-time, easily collaborate with colleagues and communicate with customers on the go. In 2018 and beyond, retailers are expected to push vendors for more improved mobile ERP systems that give their employees the opportunity to access critical data like billing details, shipping details and reports on their cell phones or tablets.

Conclusion

ERP software is a key component of any successful retail business. Understanding these trends will help your business adapt to the new changes in the ERP software market. When it comes to implementing an ERP strategy, it’s important to analyze the key functionalities that your business will need in an ERP solution and plan how you can meet your business objectives using the features provided.

The post 5 ERP Trends in the Retail Industry in 2018 appeared first on TechWorm.

Cost effective preventive maintenance plan – A sneak peek

Preventive maintenance plan has helped many businesses in saving hard earned Benjamins. This is because instead of waiting till the time the equipment and assets of the company breakdown and undergo repair, which would otherwise attract huge expenses, if the equipment and machinery is taken care of well in advance, the cost you have to incur in keeping the machinery running is much less.

In this write-up, let us find out how cost effective the entire process is. There are many experts that are of the opinion that the so called “route-based activity” of the PM program is a much better option. This is because it is easier to perform and most importantly easier to administer and monitor the process.

However, the operations have to be listed. The list that is drawn up can be in two forms, either in electronic format or in print format (paper). Essentially, the activities that are included in this list comprise inspections as well as lubrication.

Major aspects of preventive maintenance program

Generally speaking, there are 2 major aspects that you must take into account. These are as follows-

  1. Despite the fact that this program can help you save so much, there are still many businesses that have not invested in this program as yet.
  2. There are still many CMMS driven programs that have not been effective in administering these route-based activities.

More about these two points have been dealt with in the following paragraphs. So, read on.

  • ROI or Return on Investment
  • CMMS performance

Return on Investment

The so called cost-avoidance analysis tool is used to assess the ROI from the route based activities (which does not include lubrication). In the previous years, it was calculated that ROI was 5 to 10 times than what was invested in the initial years and gradually escalated. Also included was the price to run and keep the program active.

Although, the ROI was calculated to be good enough to attain break even within a short time span, you will come across many such businesses that still does not have a PM program in place or do not understand the value of investing in the program.

CMMS capabilities (performance)

Another major aspect that has been observed in this field is that all computerized maintenance management systems have not been effectively implemented. As a result of which it fails to administer the route-based activities effectively.

You will come across many CMMS software providers that will promise to deliver the best but in reality they oftentimes fail to keep their word. And there are many that operate on the basis of work orders and not through route based activities.

Generally speaking, in the event they assign a work order number to an inspection, the same can be carried out in a route documented that consist 250 orders or more. However, this is not a practical process because in order to complete all the work orders, it will take a lot of time.

There is another way in which you can make CMMS driven work orders to perform. You can assign a work order number to each route and register each inspection that is carried out as a sub order. But this process too has not been proved to be as effective as it claims.

What to expect from route-based system?

There are few requirements that can make route-based system effective. These are as follows-

  • The ability to change frequency in a fraction of seconds
  • Adding and deleting equipments in a short time span
  • The ability to see and document preventive maintenance activities for every equipment identification in a single document
  • Changing between two types of inspection. For instance, from operator inspection to mechanical inspection and vice versa.
  • Capacity to change standard activities promptly

What does it mean to have a good inspection program?

If you have invested in an inspection program that is good, you will generally have the following observations that include-

  • If the preventive maintenance program is effectively in place, then you will find out that 100% of the programmed activities are carried out.
  • There will be no duplication of the activities related to preventive maintenance program as far as lubrication, operators, electrical, mechanical activities are concerned.
  • The vibration level on an average decreases gradually

Benefits of preventive maintenance program

The fact that CMMS software driven preventive maintenance plan offers several benefits makes it a much sought after program. The many benefits that you can enjoy include the following-

  • Most importantly, the cost of maintaining assets and equipment reduces considerably
  • You can keep track of the asset inventory
  • Greater uptime and infrequent downtime means that your production team continues to perform seamlessly, which eventually means greater customer satisfaction.

The post Cost effective preventive maintenance plan – A sneak peek appeared first on TechWorm.

The Financial Fallout of a Cyber Attack on a Business

There were 978 million victims of cybercrime last year and these people lost a combined $172 billion, according to Norton. Those numbers alone should be enough to make businesses sit up and take notice. It’s important, too, to stress that it isn’t just the large corporations that suffer at the hands of online criminals. About half of […]… Read More

The post The Financial Fallout of a Cyber Attack on a Business appeared first on The State of Security.

The State of Security: The Financial Fallout of a Cyber Attack on a Business

There were 978 million victims of cybercrime last year and these people lost a combined $172 billion, according to Norton. Those numbers alone should be enough to make businesses sit up and take notice. It’s important, too, to stress that it isn’t just the large corporations that suffer at the hands of online criminals. About half of […]… Read More

The post The Financial Fallout of a Cyber Attack on a Business appeared first on The State of Security.



The State of Security

Cybersecurity in 2028: Looking a Decade Ahead

It’s mid-February, which means IT security executives’ and industry analysts’ plans for 2018 are really starting to gather momentum. Every year, this personnel faces the difficult task of deciding what security investments they should make given current developments in the cyber threat landscape. Google Trends and other services can help organizations make these types of […]… Read More

The post Cybersecurity in 2028: Looking a Decade Ahead appeared first on The State of Security.

Drinkman and Smilianets Sentenced: The End to Our Longest Databreach Saga?

On Thursday, February 15, 2018, we may have finally reached the end of the Albert Gonzalez Databreach Saga.  Vladimir Drinkman, age 37, was sentenced to 144 months in prison, after pleading guilty before U.S. District Judge Jerome Simandle in New Jersey.  His colleague, Dmitriy Smilianets, age 34, had also pleased guilty and was sentenced to 51 months and 21 days in prison (which is basically "time served", so he'll walk immediately).  The pair were actually arrested in the Netherlands on June 28, 2012, and the guilty pleas had happened in September 2015th after they were extradited to New Jersey.

Those who follow data breaches will certainly be familiar with Albert Gonzalez, but may not realize how far back his criminal career goes.

On July 24, 2003, the NYPD arrested Gonzalez in front of a Chase Bank ATM at 2219 Broadway found Gonzalez in possession of 15 counterfeit Chase ATM cards and $3,000 in cash. (See case 1:09-cr-00626-JBS).  After that arrest, Gonzalez was taken under the wing of a pair of Secret Service agents, David Esposito and Steve Ward.  Gonzalez describes some of the activities he engaged in during his time as a CI in his 53 page appeal that he files March 24, 2011 from his prison cell in Milan, Michigan.

At one point, he claims that he explained to Agent Ward that he owed a Russian criminal $5,000 and he couldn't afford to pay it.  According to his appeal, he claims Ward told him to "Go do your thing, just don't get caught" and that Agent Ward later asked him if he had "handled it." Because of this, Gonzalez (who again, according to his own sentencing memo, likely has Asperger's) claims he believed that he had permission to hack, as long as he didn't get caught.

Over Christmas 2007, Gonzalez and his crew hacked Heartland Payments Systems and stole around 130 million credit and debit cards.  He was also charged with hacking 7-Eleven (August 2007), Hannaford Brothers (November 2007) where he stole 4.2 million credit and debit cards. Two additional data breaches against "Company A" and "Company B" were also listed as victims.  In Gonzalez's indictment, it refers to "HACKER 1 who resided in or near Russia" and "HACKER 2 who resided in or near Russia."  Another co-conspirator "PT" was later identified as Patrick Toey, a resident of Virginia Beach, VA.  (Patrick Toey's sentencing memorandum is a fascinating document that describes his first "Cash out trip" working for Albert Gonzalez in 2003. Toey describes being a high school drop out who smoked marijuana and drank heavily who was "put on a bus to New York" by his mother to do the cash out run because she needed rent money.  Toey later moved in with Gonzalez in Miami, where he describes hacking Forever 21 "for Gonzalez" among other hacks.

Gonzalez's extracurricular activities caught up with him when Maksym Yastremskiy (AKA Maksik) was arrested in Turkey.  Another point of Gonzalez's appeal was to say that Maksik was tortured by Turkish police, and that without said torture, he never would have confessed, which would have meant that Gonzalez (then acting online as "Segvec") would never have been identified or arrested.  Gonzalez claims that he suffered from an inadequate defense, because his lawyer should have objected to the evidence "obtained under torture."  These charges against Gonzalez were tried in the Eastern District of New York (2:08-cr-00160-SJF-AKT) and proved that Gonzalez was part of the Dave & Buster's data breach

On December 15, 2009, Gonzalez tried to shrug off some of his federal charges by filing a sentencing memo claiming that he lacked the "capacity to knowingly evaluate the wrongfulness of his actions" and asserting that his criminal behavior "was consistent with description of the Asperger's discorder" and that he exhibited characteristics of "Internet addiction."  Two weeks later, after fighting that the court could not conduct their own psychological exam, Gonzalez signed a guilty plea, agreeing that the prosecutor would try to limit his sentence to 17 years. He is currently imprisoned in Yazoo, Mississippi (FBOP # 25702-050) scheduled to be released October 29, 2025.

Eventually "HACKER 1" and "HACKER 2" were indicted themselves in April 2012, with an arrest warrant issued in July 2012, but due to criminals still at large, the indictment was not unsealed until December 18, 2013. HACKER 1 was Drinkman.  HACKER 2 was Alexandr Kalinin, who was also indicted with Drinkman and Smilianets.

Shortly after the Target Data Breach, I created a presentation called "Target Data Breach: Lessons Learned" which drew heavily on the history of Drinkman and Smilianets. Some of their documented data breaches included:
VictimDateDamages
NASDAQMay 2007  loss of control
7-ELEVEN August 2007
Carrefour October 2007 2 million cards
JCPenneyOctober 2007
HannafordNovember 2007 4.2 million cards
Wet SealJanuary 2008
CommideaNovember 2008 30 million cards
Dexia Bank BelgiumFeb'08-Feb'09
Jet BlueJan'08 to Feb '11
Dow Jones2009
EuroNetJul '10 to Oct '11  2 million cards
Visa JordanFeb-Mar '11  800,000 cards
Global Payments SystemsJan '11 to Mar '12
Diners Club SingaporeJun '11
IngenicardMar '12 to Dec '12

During the time of these attacks, Dimitry Smilianets was also leading the video game world.  His team, The Moscow 5, were the "Intel Extreme Masters" champions in the first League of Legends championship, also placing in the CounterStrike category.   Smilianets turned out not to be the hacker, but rather specialized in selling the credit cards that the other team members stole.  Steal a few hundred million credit cards and you can buy a nice gaming rig!

Smilianets with his World Champion League of Legends team in 2012

 How did these databreaches work?


Lockheed Martin's famous paper "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains" laid out the phases of an attack like this:

But my friend Daniel Clemens had explained these same phases to me when he was teaching me the basics of Penetration Testing years before when he was first starting Packet Ninjas!

1. External Recon - Gonzalez and his crew scan for Internet-facing SQL servers
2. Attack (Dan calls this "Establishing a Foothold") - using common SQL configuration weaknesses, they caused a set of additional tools to be downloaded from the Internet
3. Internal Recon - these tools included a Password Dumper, Password Cracker, Port Scanner,  and tools for bulk exporting data
4. Expand (Dan calls this "Creating a Stronghold")  - usually this consisted with monitoring the network until they found a Domain Admin userid and password.  (for example, in the Heartland Payments attack, the VERITAS userid was found to have the password "BACKUP" which unlocked every server on the network!
5. Dominate - Gonzalez' crew would then schedule an SQL script to run a nightly dump their card data
6. Exfiltrate - data sent to remote servers via an outbound FTP.

In Rolling Stone, Gonzalez claims he compromised more than 250 networks
In the Rolling Stone article, "Sex, Drugs, and the Biggest Cybercrime of All Time" , Steven Watt, who was charged in Massachusetts for providing attack tools to Gonzalez in October 2008.  Watt's tools were used in breaches, including BJ's Wholesale Club, Boston Market, Barnes & Noble, Sports Authority, Forever 21, DSW, and OfficeMax.  As part of his sentencing, Watt was ordered to repay $171.5 Million dollars.

Almost all of those databreaches followed the same model ... scan, SQL Inject, download tools, plant a foothold, convert it to a stronghold by becoming a domain admin, dominate the network, and exfiltrate the data. 

How did the TARGET Data breach happen, by the way?  Target is still listed as being "Unsolved" ...   but let's review.  An SQL injection led to downloaded tools, (including NetCat, PSExec, QuarksPWDump, ElcomSoft's Proactive Password Auditor, SomarSoft's DumpSec, Angry IP Scanner (for finding database servers), and Microsoft's OSQL and BCP (Bulk Copy)), a Domain Admin password was found (in Target's case, a BMC server monitoring tool running the default password), the POS Malware was installed, and data exfiltration begun. 

Sound familiar???

Justice?

With most of Gonzalez's crew in prison by 2010, the data breaches kept right on coming, thanks to Drinkman and Smilianets. 

Drinkman, the hacker, was sentenced to 144 months in prison.
Smilianets, the card broker, was sentenced to 51 months and 21 days, which was basically "time served" -- he was extradited to the US on September 7, 2012, so he'll basically walk.

Will Smilianets return to video gaming? to money laundering? or perhaps choose to go straight?

Meanwhile, Alexandr Kalinin, of St. Petersburg, Russia; Mikhail Rytikov, of Odessa, Ukraine; and Roman Kotov, of Moscow, Russia, are all still at large.  Have they learned from the fate of their co-conspirators? or are they in all likelihood, scanning networks for SQL servers, injecting them, dropping tools, planting footholds, creating strongholds, and exfiltrating credit card data from American companies every day?

Kalinin (AKA Grig, AKA "g", AKA "tempo") is wanted for hacking NASDAQ and planting malware that ran on the NASDAQ networks from 2008 to 2010.  (See the indictment in the Southern District of New York, filed 24JUL2013 ==> 1:13-cr-00548-ALC )

Mykhailo Sergiyovych Rytikov is wanted in the Western District of Pennsylvania for his role in a major Zeus malware case.  Rytikov leased servers to other malware operators.  Rytikov is also indicted in the Eastern District of Virginia along with Andriy DERKACH for running a "Dumps Checking Service" that processed at least 1.8 million credit cards in the first half of 2009 and that directly led to more than $12M in fraud.  ( 1:12-cr-00522-AJT filed 08AUG2013.)  Rytikov did have a New York attorney presenting a defense in the case -- Arkady Bukh argues that while Rytikov is definitely involved in web-hosting, he isn't responsible for what happens on the websites he hosts.

Roman Kotov, and Rytikov and Kalinin, are still wanted in New Jersey as part of the case 1:09-cr-00626-JBS (Chief Judge Jerome B. Simandle ). This is the same case Drinkman and Smilianets were just sentenced under.

Google Trains AI To Write Wikipedia Articles

The Register: A team within Google Brain -- the web giant's crack machine-learning research lab -- has taught software to generate Wikipedia-style articles by summarizing information on web pages... to varying degrees of success. As we all know, the internet is a never ending pile of articles, social media posts, memes, joy, hate, and blogs. It's impossible to read and keep up with everything. Using AI to tell pictures of dogs and cats apart is cute and all, but if such computers could condense information down into useful snippets, that would be really be handy. It's not easy, though. A paper, out last month and just accepted for this year's International Conference on Learning Representations (ICLR) in April, describes just how difficult text summarization really is. A few companies have had a crack at it. Salesforce trained a recurrent neural network with reinforcement learning to take information and retell it in a nutshell, and the results weren't bad.

Read more of this story at Slashdot.

Week in review: Vulnerability tracking, GDPR quick guide, tackling the insider threat

Here’s an overview of some of last week’s most interesting news and articles: Intel offers to pay for Spectre-like side channel vulnerabilities Intel is expanding the bug bounty program it started last March, and is raising considerably the awards it plans to give out for helpful vulnerability information. The company is, simultaneously, starting a new bug bounty program focused specifically on side channel vulnerabilities, i.e., vulnerabilities that are rooted in Intel hardware but can be … More

The Lamen’s Story behind QTUM

Market Update: Th crypto market cap has hit $510 billion! Well done folks! I am liking the slower gains, as I think this could be new entrants. We have a ton of people way behind in cost basis on every coin, so I am just not convinced that those people sold at the bottom and then […]

The post The Lamen’s Story behind QTUM appeared first on Hacked: Hacking Finance.

Sweden Considers Six Years in Jail For Online Pirates

Sweden's Minister for Justice has received recommendations as to how the country should punish online pirates. From a report: Helene Fritzon received a proposal which would create crimes of gross infringement under both copyright and trademark law, leading to sentences of up to six years in prison. The changes would also ensure that non-physical property, such as domain names, can be seized.

Read more of this story at Slashdot.

US charges Russians for interfering in 2016 Elections, Identity theft in the centre

On Friday, Special Counsel Robert Mueller charged against 13 Russian nationals and three Russian groups for interfering with the 2016 U.S. elections.

The charges included creation of false U.S. identities as well as identity theft of six U.S. residents. The charges of identity theft were brought against four Russian nationals.

According to the indictment, the Russian nationals used stolen Social Security numbers, home addresses, and birth dates of the six persons to open bank and PayPal accounts and obtain fake government documents between June 2016 and May 2017.

“This indictment serves as a reminder that people are not always who they appear to be on the Internet,” Deputy Attorney General Rod J. Rosenstein said at a press briefing announcing the indictments.

The Russians allegedly used the stolen identities to open four accounts at an undisclosed U.S. bank and purchased more than a dozen bank account numbers from online sellers.

The stolen information was also allegedly used to evade PayPal security measures.

“We work closely with law enforcement, and did so in this matter, to identify, investigate and stop improper or potentially illegal activity,” PayPal said in a statement.

The Russians are claimed to have used the accounts to pay for the promotion of politically inflammatory social media posts, IRA expenses, political rallies and political props including banners, buttons and flags, in efforts to boost President Trump’s campaign, and are alleged to have been paid $25 to $50 per post from U.S. persons to promote content on IRA-controlled Facebook and Twitter accounts.

Credentials of more than 50k snapchat users in public domain

In late July, Snapchat’s director of engineering emailed the company’s team in response to an unfolding privacy threat. A government official from Dorset in the United Kingdom had provided Snapchat with information about a recent attack on the company’s users: a publicly available list, embedded in a phishing website named klkviral.org, that listed 55,851 Snapchat accounts, along with their usernames and passwords.
The attack appeared to be connected to a previous incident that the company believed to have been coordinated from the Dominican Republic. Not all of the account credentials were valid, and Snapchat had reset the majority of the accounts following the initial attack. But for some period of time, thousands of Snapchat account credentials were available on a public website.
According to a person familiar with the matter, the attack relied on a link sent to users through a compromised account that, when clicked, opened a website designed to mimic the Snapchat login screen. Many companies, including Facebook, scan links as they are sent in an effort to identify pages that mimic their login screens and block them accordingly.
“We are very sorry when anyone is tricked by phishing,” a Snap spokesman told The Verge. “While we can’t prevent people from sharing their Snapchat credentials with third parties, we do have advanced defenses to detect and prevent suspicious activity. We encourage Snapchatters to always use strong passwords, enable login Verification, and never use third-party apps or plugins.”

The Wikipedia Zero Program Will End This Year

Wikimedia: Wikimedia 2030, the global discussion to define the future of the Wikimedia movement, created a bold vision for the future of Wikimedia and the role we want to play in the world as a movement. With this shared vision for our movement's future in mind, the Wikimedia Foundation is evolving how we work with partners to address some of the critical barriers to participating in free knowledge globally. After careful evaluation, the Wikimedia Foundation has decided to discontinue one of its partnership approaches, the Wikipedia Zero program. Wikipedia Zero was created in 2012 to address one barrier to participating in Wikipedia globally: high mobile data costs. Through the program, we partnered with mobile operators to waive mobile data fees for their customers to freely access Wikipedia on mobile devices. Over the course of this year, no additional Wikipedia Zero partnerships will be formed, and the remaining partnerships with mobile operators will expire. In the program's six year tenure, we have partnered with 97 mobile carriers in 72 countries to provide access to Wikipedia to more than 800 million people free of mobile data charges. Further reading: Medium.

Read more of this story at Slashdot.

Permanent Structured Cooperation (PESCO) – Factsheet – EEAS – European External Action Service – European Commission

eeas.europa.eu - Towards more security for the EU and its citizens In light of a changing security environment, the EU Global Strategy for Foreign and Security Policy (EUGS) started a process of closer cooperation in…


Tweeted by @JeanneBartram https://twitter.com/JeanneBartram/status/965362674182885376

Are You Considering a Career in Crypto?

In 2008, a bizarre and esoteric technology by the name of bitcoin was introduced to the world in a whitepaper penned by Satoshi Nakamoto. Just one decade later, that whitepaper would spawn a budding industry racing toward the trillion-dollar mark. At the time of writing, there are more than 1,550 cryptocurrencies trying to do a […]

The post Are You Considering a Career in Crypto? appeared first on Hacked: Hacking Finance.

Occupational Licensing Blunts Competition and Boosts Inequality

Occupational licensing -- the practice of regulating who can do what jobs -- has been on the rise for decades. In 1950 one in 20 employed Americans required a licence to work. By 2017 that had risen to more than one in five. From a report: The trend partly reflects an economic shift towards service industries, in which licences are more common. But it has also been driven by a growing number of professions successfully lobbying state governments to make it harder to enter their industries. Most studies find that licensing requirements raise wages in a profession by around 10%, probably by making it harder for competitors to set up shop. Lobbyists justify licences by claiming consumers need protection from unqualified providers. In many cases this is obviously a charade. Forty-one states license makeup artists, as if wielding concealer requires government oversight. Thirteen license bartending; in nine, those who wish to pull pints must first pass an exam. Such examples are popular among critics of licensing, because the threat from unlicensed staff in low-skilled jobs seems paltry. Yet they are not representative of the broader harm done by licensing, which affects crowds of more highly educated workers like Ms Varnam. Among those with only a high-school education, 13% are licensed. The figure for those with postgraduate degrees is 45%. [...] One way of telling that many licences are superfluous is the sheer variance in the law across states. About 1,100 occupations are regulated in at least one state, but fewer than 60 are regulated in all 50, according to a report from 2015 by Barack Obama's White House. Yet a handful of high-earning professions are regulated everywhere. In particular, licences are more common in legal and health-care occupations than in any other.

Read more of this story at Slashdot.

‘Microsoft Should Scrap Bing and Call it Microsoft Search’

Chris Matyszczyk, writing for CNET: Does anyone really have a deep, abiding respect for the Bing brand? Somehow, if ever I've heard the brand name being used, it seems to be in the context of a joke. That doesn't mean the service itself is to be derided. It does suggest, though, that the brand name doesn't incite passion or excesses of reverence. The Microsoft brand, on the other hand, has become much stronger under Satya Nadella's stewardship. It's gained respect. Especially when the company showed off its Surface Studio in 2016 and made Apple's offerings look decidedly bland. Where once Microsoft was a joke in an Apple ad, now it's a symbol of a resurgent company that's trying new things and sometimes even succeeding. The funny thing about Bing is that it's not an unsuccessful product -- at least not as unsuccessful as some might imagine. Last year, Redmond said it has a 9 percent worldwide search market share, enjoying a 25 percent share in the UK, 18 percent in France and 17 percent in Canada. And look at the US. Microsoft says it has a 33 percent share here. Wouldn't it be reasonable to think that going all the way with Microsoft branding and letting Bing drift into the retirement home for funny names might be a positive move?

Read more of this story at Slashdot.

AI Can Be Our Friend, Says Bill Gates

An anonymous reader shares a report: "AI can be our friend," says Gates. In response to the question, "What do you think will happen to human civilization with further development in AI technology?" Gates says the rise in artificial intelligence will mean society will be able to do more with less. "AI is just the latest in technologies that allow us to produce a lot more goods and services with less labor. And overwhelmingly, over the last several hundred years, that has been great for society," explains Gates. "We used to all have to go out and farm. We barely got enough food, when the weather was bad people would starve. Now through better seeds, fertilizer, lots of things, most people are not farmers. And so AI will bring us immense new productivity," says Gates.

Read more of this story at Slashdot.

Tokyo To Build 350m Tower Made of Wood

A skyscraper set to be built in Tokyo will become the world's tallest to be made of wood. From a report: The Japanese wood products company Sumitomo Forestry Co is proposing to build a 350 metre (1,148ft), 70-floor tower to commemorate its 350th anniversary in 2041. Japan's government has long advertised the advantages of wooden buildings, and in 2010 passed a law requiring it be used for all public buildings of three stories or fewer. Sumitomo Forestry said the new building, known as the W350 Project, was an example of "urban development that is kind for humans," with more high-rise architecture made of wood and covered with greenery "making over cities as forests." The new building will be predominantly wooden, with just 10% steel. Its internal framework of columns, beams and braces -- made of a hybrid of the two materials -- will take account of Japan's high rate of seismic activity. The Tokyo-based architecture firm Nikken Sekkei contributed to the design.

Read more of this story at Slashdot.

JenkinsMiner made $3.4 million in a few months by compromising Jenkins servers

Hacker Group Makes $3 Million by Installing Monero Miners on Jenkins Servers

A criminal organization has made $3.4 million by compromising Jenkins servers and installing a Monero cryptocurrency miner dubbed JenkinsMiner.

“The perpetrator, allegedly of Chinese origin, has been running the XMRig miner on many versions of Windows, and has already secured him over $3 million worth of Monero crypto-currency. As if that wasn’t enough though, he has now upped his game by targeting the powerful Jenkins CI server, giving him the capacity to generate even more coins.” states a blog post published by CheckPoint.

Jenkins is the most popular open source automation server, it is maintained by CloudBees and the Jenkins community.

The automation server supports developers build, test and deploy their applications, it has more than 133,000 active installations worldwide with more than 1 million users.

Jenkins servers

According to the researchers, threat actors behind the massive mining operation were leveraging the CVE-2017-1000353 RCE vulnerability in the Jenkins Java deserialization implementation.

The vulnerability is due to lack of validation of the serialized object, its exploitation allowed the attackers to make Jenkins servers download and install the JenkinsMiner.

“The operation uses a hybridization of a Remote Access Trojan (RAT) and XMRig miner over the past months to target victims around the globe. The miner is capable of running on many platforms and Windows versions, and it seems like most of the victims so far are personal computers. With every campaign, the malware has gone through several updates and the mining pool used to transfer the profits is also changed.” continues the post.

Most of the downloads for the JenkinsMiner are from IP address located in China and assigned to the Huaian government information center, of course, we are not able to determine if the server was compromised or explicitly used by state-sponsored hackers.

Jenkinminer

Further details and IoCs are included in the analysis published by CheckPoint.

In January, security expert Mikail Tunç analyzed Jenkins servers exposed online discovering that many instances leak sensitive information.

Tunç highlighted that Jenkins typically requires credentials to the code repository and access to an environment in which to deploy the code, usually GitHub, AWS, and Azure. Failure to configure the application correctly can expose data to serious risk.

The researcher discovered that many misconfigured systems provided guest or administrator permissions by default, while others allowed guest or admin access to anyone who registered an account.

Pierluigi Paganini

(Security Affairs – JenkinsMiner, Monero cryptocurrency miner)

The post JenkinsMiner made $3.4 million in a few months by compromising Jenkins servers appeared first on Security Affairs.

Security Affairs: JenkinsMiner made $3.4 million in a few months by compromising Jenkins servers

Hacker Group Makes $3 Million by Installing Monero Miners on Jenkins Servers

A criminal organization has made $3.4 million by compromising Jenkins servers and installing a Monero cryptocurrency miner dubbed JenkinsMiner.

“The perpetrator, allegedly of Chinese origin, has been running the XMRig miner on many versions of Windows, and has already secured him over $3 million worth of Monero crypto-currency. As if that wasn’t enough though, he has now upped his game by targeting the powerful Jenkins CI server, giving him the capacity to generate even more coins.” states a blog post published by CheckPoint.

Jenkins is the most popular open source automation server, it is maintained by CloudBees and the Jenkins community.

The automation server supports developers build, test and deploy their applications, it has more than 133,000 active installations worldwide with more than 1 million users.

Jenkins servers

According to the researchers, threat actors behind the massive mining operation were leveraging the CVE-2017-1000353 RCE vulnerability in the Jenkins Java deserialization implementation.

The vulnerability is due to lack of validation of the serialized object, its exploitation allowed the attackers to make Jenkins servers download and install the JenkinsMiner.

“The operation uses a hybridization of a Remote Access Trojan (RAT) and XMRig miner over the past months to target victims around the globe. The miner is capable of running on many platforms and Windows versions, and it seems like most of the victims so far are personal computers. With every campaign, the malware has gone through several updates and the mining pool used to transfer the profits is also changed.” continues the post.

Most of the downloads for the JenkinsMiner are from IP address located in China and assigned to the Huaian government information center, of course, we are not able to determine if the server was compromised or explicitly used by state-sponsored hackers.

Jenkinminer

Further details and IoCs are included in the analysis published by CheckPoint.

In January, security expert Mikail Tunç analyzed Jenkins servers exposed online discovering that many instances leak sensitive information.

Tunç highlighted that Jenkins typically requires credentials to the code repository and access to an environment in which to deploy the code, usually GitHub, AWS, and Azure. Failure to configure the application correctly can expose data to serious risk.

The researcher discovered that many misconfigured systems provided guest or administrator permissions by default, while others allowed guest or admin access to anyone who registered an account.

Pierluigi Paganini

(Security Affairs – JenkinsMiner, Monero cryptocurrency miner)

The post JenkinsMiner made $3.4 million in a few months by compromising Jenkins servers appeared first on Security Affairs.



Security Affairs

Give Workers 10,000 Pound To Survive Automation, British Top Think Tank Suggests

Britons should be able to bid for 10,000 pound (roughly $14,000) to help them prosper amid huge changes to their working lives, a leading think tank suggests today. From a report: The Royal Society for the Arts (RSA) has released research proposing a radical new sovereign wealth fund, which would be invested to make a profit like similar public funds in Norway. The returns from the fund would be used to build a pot of money, to which working-age adults under-55 would apply to receive a grant in the coming decade. People would have to set out how they intend to put the five-figure payouts to good use, for example, by using the cash to undergo re-training, to start a new business, or to combine work with the care of elderly or sick relatives. It would be funded like the student grant system and wealthier individuals could be required to pay back more in tax as their earnings increase. Ultimately, the RSA paper suggests, the wealth fund would finance a Universal Basic Income (UBI) as the world of modern work is turned upside down by increased automation, new technology and an ageing population.

Read more of this story at Slashdot.

Contractors Pose Cyber Risk To Government Agencies

Ian Barker, writing for BetaNews: While US government agencies are continuing to improve their security performance over time, the contractors they employ are failing to meet the same standards according to a new report. The study by security rankings specialist BitSight sampled over 1,200 federal contractors and finds that the security rating for federal agencies was 15 or more points higher than the mean of any contractor sector. It finds more than eight percent of healthcare and wellness contractors have disclosed a data breach since January 2016. Aerospace and defense firms have the next highest breach disclosure rate at 5.6 percent. While government has made a concerted effort to fight botnets in recent months, botnet infections are still prevalent among the government contractor base, particularly for healthcare and manufacturing contractors. The study also shows many contractors are not following best practices for network encryption and email security.

Read more of this story at Slashdot.

For Presidents’ Day, Here’s One Vicious, Ghastly and/or Fascinating Fact About Every U.S. President

Happy Presidents’ Day! Even though it’s not exactly Presidents’ Day. According to the federal government, the name of this holiday is merely Washington’s Birthday. The Office of Personnel Management insists that while “other institutions such as state and local governments and private businesses may use other names, it is our policy to always refer to holidays by the names designated in the law.”

The OPM is grumpy about this because a majority of U.S. states do call this Presidents’ Day. It’s popularly become about all U.S. presidents, not just Washington. Even the U.S. Mint says “it’s a great day to celebrate everything that our past presidents, including Washington and Lincoln, have done for our nation.”

So let’s take a look at all of America’s presidents. We don’t need to celebrate them, but it’s important to rescue them from the drab, sepia-tinted version of U.S. history. There’s a conscious effort to drain all human interest out of our past. But in fact it was shockingly vicious, ghastly and fascinatingly bizarre, and if you don’t understand it you will never comprehend our present.

Here’s an assortment of some of my favorite facts about every U.S. president:


George Washington's dentures are shown after their installation into a display at the Heinz Regional History Center in Pittsburgh, Monday, July 24, 2000. The teeth, part of a temporary exhibit on George Washington at the museum that opens on Saturday, July 29, are not carved from wood, but made with human and cow teeth according to Mount Vernon Estate collections manager Rebecca Eddins. (AP Photo/Keith Srakocic)

George Washington’s dentures are shown after their installation into a display at the Heinz Regional History Center in Pittsburgh, Monday, July 24, 2000.

Photo: Keith Srakocic/AP

George Washington (1789-1797) appears to have had dentures that used the teeth of some of the people enslaved on his plantation. This is not 100 percent proven, but the evidence is, let’s say, highly suggestive. The good news is the teeth weren’t stolen, although the suppliers only received one-third of the market rate.

John Adams (1797-1801) endorsed, in 1776, the concept of what Friedrich Engels would 117 years later call “false consciousness.” According to Adams, “very few men who have no property, have any judgment of their own. They talk and vote as they are directed by some man of property, who has attached their minds to his interest.” The solution, said Adams, was massive property redistribution.

Thomas Jefferson (1801-1809) was an intelligent man torn between his desire to see himself as moral and his desire to own lots of other people. To resolve this conflict he needed to believe Africans were a different type of being from Europeans. It didn’t matter how and it didn’t need to make sense. Therefore, in his book “Notes on Virginia,” he revealed that Africans need less sleep than normal, white people. Then six sentences later he said that Africans sleep more.

James Madison (1809-1817) was America’s shortest president at just 5 foot 4, perhaps due to bad nutrition.

James Monroe (1817-1825) promulgated the Monroe Doctrine, which, as Dave Barry says, states that:

1. Other nations are not allowed to mess around with the internal affairs of nations in this hemisphere.

2. But we are.

3. Ha-ha-ha.

John Quincy Adams (1825-1829) frequently went skinny dipping as president in the Potomac River. There’s an excellent story about an investigative reporter named Anne Royall sitting on his clothes while he was swimming and refusing to get up until he agreed to an interview, although it is marred by the fact that it is not true.

Andrew Jackson (1829-1837) was famously in command at the 1814 Battle of Horseshoe Bend, in what’s now Alabama. After they won, some of his troops cut strips of skin off dead members of the Red Stick tribe and used the skin for bridles for their horses. You can read about this and much more in an 1895 book that recounts the testimony of some of the soldiers.

Martin Van Buren (1837-1841) was perhaps our schmanciest president, wearing outfits that make you regret he came along before color film. An observer of an early Van Buren campaign stop at a church remembered him like this: “He wore an elegant snuff-colored broadcloth coat, with velvet collar to match; his cravat was orange tinted silk with modest lace tips; his vest was of pearl hue; his trousers were white duck … his nicely fitting gloves were yellow kid.”

William Henry Harrison (1841-1841) was the first president to die in office, after just a month. Only recently have we realized that he was probably killed by Washington, D.C.’s lack of a sewage system: There was a giant field of human excrement a few blocks upstream of 1600 Pennsylvania Avenue, and bacteria likely got into the White House’s water supply.

John Tyler (1841-1845) looked like a horse but had a lot of energy and fathered (at least) 15 children. The last of them was born in 1860 when he was 70. Two of his grandchildren are still alive!

James K. Polk (1845-1849) was almost picked off by the same crap-filled swamp that got Harrison. However, he survived to leave the White House and then immediately die of cholera.

Zachary Taylor (1849-1850) was not as lucky as Polk and became the second president to be felled by the neighborhood’s huge feculent pond. This era not a high point of U.S. science.

Millard Fillmore (1850-1853) is today best-remembered as the inspiration for the name of Mallard Fillmore, the worst comic strip in human history.

Franklin Pierce (1853-1857) completed the Gadsen Purchase of territory from Mexico, buying a chunk of territory in what’s now southern New Mexico and Arizona. Mexico was likely willing to sell because we’d simply stolen Texas a few years before and they figured they might as well get some bucks this time around.

James Buchanan (1857-1861) often comes in last in historians’ rankings of all U.S. presidents, thanks to his dithering as America drifted toward civil war. On the upside, he’s the basis for the most historically-sophisticated masturbation joke ever made. (Here starting around 1:55.)

Abraham Lincoln (1861-1865) does not get enough credit for kicking off the Golden Age of Presidential Facial Hair, a period of 52 years during which 9 of the 11 presidents had a beard, mustache, or miscellaneous.

Andrew Johnson (1865-1869) had strong feelings, such as, “This is a country for white men, and by God, as long as I am President, it shall be a government for white men.” Also, during a speech purportedly celebrating Washington’s Birthday — i.e., this holiday — Johnson mentioned himself over 200 times. It’s difficult today not to wonder if there’s a correlation between believing in white supremacy and constantly talking about yourself.

Ulysses S. Grant (1869-1877) won the 1868 election, the first in which African American men could participate, by 300,000 votes. About 500,000 black men voted, providing Grant with his margin of victory. This was immediately noticed by white Americans, who have gone on noticing such things ever since.

Rutherford B. Hayes (1877-1881) took office thanks to the grievously evil Hayes-Tilden Compromise. It was difficult to say who’d actually won the 1876 election, so the Republican Party agreed to withdraw all remaining federal troops from the South in return for Democrats accepting Hayes as president. Every promise of Reconstruction was betrayed. The white Southern plantation class took the opportunity and ran with it, essentially reinstituting slavery for the next 90 years.

James Garfield (1881-1881) was nominated by the GOP as a compromise candidate on the 36th ballot after an exhausting fight between the party’s delightfully-named “Half-Breed” and “Stalwart” factions. Chester A. Arthur was added to the ticket to keep his obstreperous fellow Stalwarts happy. Then a Stalwart assassin shot Garfield soon after he took office so that Arthur would become president. This should put today’s intra-party twitter spats in perspective.

Chester A. Arthur (1881-1885) came up in the staggeringly corrupt New York State Republican machine. The Nation (it’s been around since 1865) called his origins “a mess of filth.” Frederick Douglass later said Arthur “allowed the country to drift … towards the howling chasm of the slaveholding Democracy.” On the other hand: Check out his mutton chop whiskers.

Grover Cleveland (1885-1889 and 1893-1897) is the only president elected to non-consecutive terms. He also appears to have been a rapist who brutally smeared his victim.

Benjamin Harrison (1889-1893) had policies that were no great shakes but he said some remarkable stuff that’s been totally forgotten, along with Harrison himself:

“We Americans have no commission from God to police the world.”

“Things may be too cheap. They are too cheap when the man or woman who produces them upon the farm or the man or woman who produces them in the factory does not get out of them living wages with a margin for old age.”

“When and under what conditions is the black man to have a free ballot? When is he in fact to have those full civil rights which have so long been his in law? … This generation should courageously face these grave questions, and not leave them as a heritage of woe to the next.”

William McKinley (1897-1901) started America’s extremely brutal colonization of the Philippines. One Kansas soldier told a reporter that “The country won’t be pacified until the niggers [i.e., Filipinos] are killed off like the Indians,” impressively squeezing all of America’s ugliest racial ideology into one sentence.

Teddy Roosevelt (1901-1909) was an appropriate choice for the U.S. at the dawn of the 20th century with its incipient industrialized genocides. “I don’t go so far as to think that the only good Indian is the dead Indian,” Roosevelt said pre-presidency, “but I believe nine out of every ten are, and I shouldn’t like to inquire too closely into the case of the tenth.”

William Taft (1909-1913) didn’t want to be president and wasn’t good at it. But he was renominated in 1912 by GOP mandarins even though they knew he’d lose, in order to block a rebellion from progressive rank and file Republicans. “When we get back in four years,” explained Sen. James Watson of Indiana, “instead of the damned insurgents, we will have the machine.” Once you understand this kind of maneuver, politics makes much more sense.

Woodrow Wilson (1913-1921) is a great lesson in never believing what politicians say about foreign policy. In 1916 he campaigned on the slogan “He Kept Us Out of War.” Then he led the U.S. into World War I one month after his second inauguration.

William G. Harding (1921-1923) would be more exciting if he had in fact, as malicious rumors had it, been poisoned by his wife. Instead he almost certainly died of a heart attack.

Calvin Coolidge (1923-1929) believed “The chief business of the American people is business,” which gets more profound the more you think about it. Moreover, he said it in a speech to the American Society of Newspaper Editors, as part of an argument about why it wasn’t a problem that the press was, as Coolidge put it, “controlled by men of wealth.”

Herbert Hoover (1929-1933) is scorned for his dreadful response to the beginning of the Great Depression. But he was in many ways an incredible, exemplary person, and just a prisoner of the time’s awful conventional wisdom on economics. The relief effort he led in the early 1920s before becoming president rescued untold numbers of Soviet citizens from starvation. Maxim Gorky told Hoover: “Your help will enter history as a unique, gigantic achievement, worthy of the greatest glory, which will long remain in the memory of millions of Russians whom you have saved from death.”

Franklin D. Roosevelt (1933-1945) was president for twelve years, yet not nearly long enough. In 1944 he called for the U.S. to have a “Second Bill of Rights,” including the right to a job and the right to medical care.

Harry Truman (1945-1953) was encouraged by his advisers to increase tensions with the Soviet Union while running for president in 1948 because it would help him win: “There is considerable political advantage to the administration in its battle with the Kremlin. … In times of crisis the American citizen tends to back up his President.” To the detriment of everyone on earth, Truman took this advice.

Dwight Eisenhower (1953-1961) did 9/11. Let me explain.

Eisenhower approved America’s covert support for the 1953 coup which overthrew Iran’s democratically-elected prime minster and replaced him with the dictatorial Shah. The Shah allowed the U.S. to use Iran as a base for American power in the mideast. We now know that when the Shah was finally overthrown in 1979 and the U.S. was kicked out of Iran, the Soviets were worried that America would try to take Afghanistan, or that there would be a similar Islamist revolution there, or both. The Soviets invaded, the U.S. funded the mujahideen, and Osama bin Laden rose to prominence and got the idea it was easy to defeat superpowers. Hence 9/11.

Funnily enough, American Airlines Flight 77, which hit the Pentagon on 9/11, took off from Dulles Airport in Virginia. Dulles Airport is named after John Foster Dulles, Eisenhower’s secretary of state and one of the main forces behind the 1953 Iranian coup.

John F. Kennedy (1961-1963) is the subject of one of the best videos on the entire internet.

Lyndon B. Johnson (1963-1969) opined, in a 1948 speech in Congress, that “without superior air power America is a bound and throttled giant; impotent and easy prey to any yellow dwarf with a pocket knife.” He then vigorously put these views into action during the Vietnam War.

Richard Nixon (1969-1974) was likely the most cruel and cynical human being ever to hold the U.S. presidency. And not because of Watergate.

Gerald Ford (1974-1977) was the first modern president to use his status to cash in after he left office, setting an example for everyone (except Jimmy Carter) who followed. You can see pictures of one of Ford’s homes, his huge mansion in Vail, Colorado, here. Note the seal of the president of the United States inlaid in the marble floor.

Jimmy Carter (1977-1981) was, in the popular made-up version of American history, a namby-pamby weak-kneed capital-L Liberal. In fact, he commenced the turn to the right in U.S. politics that would accelerate under Reagan. Of course, he’s changed a great deal since then, and now calls the U.S. “an oligarchy with unlimited political bribery.”

Ronald Reagan (1981-1989) was the prototype for the final product that is Donald Trump.

George H.W. Bush (1989-1993) privately told Mikhail Gorbachev in 1987 that “Reagan is a conservative. An extreme conservative. All the blockheads and dummies are for him.” Bush also said to Gorbachev that he would have to use harshly anti-Soviet rhetoric while running for president in 1988, but that Gorbachev shouldn’t take it seriously.

Bill Clinton (1993-2001), according to his Secretary of Defense William Perry, helped lay the groundwork for the today’s terrible present-day relations between Russia and the U.S. While “the problems today I think are mostly … Russian actions,” Perry recently said, “it’s as much our fault as it is the fault of the Russians, at least originally.” Perry specifically cited the expansion of NATO and Clinton’s decision to send U.S.-led NATO troops to Bosnia in 1996.

George W. Bush (2001-2009) told a Bush family friend in 1999 that if he was elected he wanted to attack Iraq because it would help him politically. According to the friend, Bush said, “One of the keys to being seen as a great leader is to be seen as a commander-in-chief. … If I have a chance to invade … if I had that much capital, I’m not going to waste it. I’m going to get everything passed that I want to get passed and I’m going to have a successful presidency.”

Barack Obama (2009-2017) lived in Indonesia for several years just after a 1965 U.S.-supported coup and subsequent mass slaughter there. In his book “Dreams From My Father,” Obama wrote, “we had arrived in Djakarta less than a year after one of the more brutal and swift campaigns of suppression in modern times … rivers of blood [had] once coursed through the streets.” You can listen to Obama reading this section for the audio version of his book here.

Donald Trump (2017-present) has never said or done anything worth noting, but perhaps one day he shall.

Of course, this barely scratches the surface of our presidents’ freakish lives and American’s vagarious history. So if you have your own favorite facts not mentioned here, please leave them in the comments — maybe we can do this every year.

The post For Presidents’ Day, Here’s One Vicious, Ghastly and/or Fascinating Fact About Every U.S. President appeared first on The Intercept.

Who Killed The Junior Developer?

Melissa McEwen, writing on Medium: A few months ago I attended an event for women in tech. A lot of the attendees were new developers, graduates from code schools or computer science programs. Almost everyone told me they were having trouble getting their first job. I was lucky. My first "real" job out of college was "Junior Application developer" at Columbia University in 2010. These days it's a rare day to find even a job posting for a junior developer position. People who advertise these positions say they are inundated with resumes. But on the senior level companies complain they can't find good developers. Gee, I wonder why? I'm not really sure the exact economics of this, because I don't run these companies. But I know what companies have told me: "we don't hire junior developers because we can't afford to have our senior developers mentor them." I've seen the rates for senior developers because I am one and I had project managers that had me allocate time for budgeting purposes. I know the rate is anywhere from $190-$300 an hour. That's what companies believe they are losing on junior devs.

Read more of this story at Slashdot.

Trump plan calls for new nuclear weapons

politico.com - "Expanding flexible U.S. nuclear options now, to include low-yield options, is important for the preservation of credible deterrence against regional aggression," states the Pentagon's Nuclear Postur…


Tweeted by @Swiftteagle https://twitter.com/Swiftteagle/status/965254292239241216

US’s Greatest Vulnerability is Ignoring the Cyber Threats From Our Adversaries, Foreign Policy Expert Says

America's greatest vulnerability is its continued inability to acknowledge the extent of its adversaries' capabilities when it comes to cyber threats, says Ian Bremmer, founder and president of leading political risk firm Eurasia Group. From a report: Speaking to CNBC from the Munich Security Conference on Saturday, the prominent American political scientist emphasized that there should be much more government-level concern and urgency over cyber risk. The adversarial states in question are what U.S. intelligence agencies call the "big four": Russia, China, North Korea, and Iran. "We're vulnerable because we continue to underestimate the capabilities in those countries. WannaCry, from North Korea -- no one in the U.S. cybersecurity services believed the North Koreans could actually do that," Bremmer described, naming the ransomware virus that crippled more than 200,000 computer systems across 150 countries in May of 2017. Borge Brende, president of the World Economic Forum, weighed in, stressing the economic cost of cyber crimes. "It is very hard to attribute cyberattacks to different actors or countries, but the cost is just unbelievable. Annually more than a thousand billion U.S. dollars are lost for companies or countries due to these attacks and our economy is more and more based on internet and data."

Read more of this story at Slashdot.

The Low-Tech Secret to Cyber Resilience

worldview.stratfor.com - Cities around the globe are increasingly striving to become smarter. As they take on 21st century challenges — including the strain of growing populations, social tensions and environmental issues — …


Tweeted by @UrbanVN https://twitter.com/UrbanVN/status/965246854693883906

[PDF] Cyber Warfare: Its Implications on National Security Popular Online | CONTENT MARKETING, CYBER SECURITY E COMMERCE, INTERNET PRIVACY, SEARCH ENGINES, SOCIAL MEDIA, TECHNOLOGY

megalegit.com - Contributed by Hope Lozada on February 18, 2018 at 3:17 pm Click Here http://ebook4share.org/?book=B018SJPBIA Originally posted 2017-04-06 17:37:19. Republished by Blog Post Promoter Originally poste…


Tweeted by @dark_email https://twitter.com/dark_email/status/965244006119673858

Banned from the U.S. Due to Terrorist Threats, Yemenis Are Themselves the Victims of Attacks

Khaldoon Gahleeb was sitting on the curb outside his home in Yemen on a quiet morning last November, when two extremists drove up on a motorbike and shot him twice in the back of the head.

Khaldoon, a 37-year-old government prison security guard, had been looking down at his phone, waiting for his salary. He’d just complained to his older brother, Mamoon, that he didn’t have any money to buy khat, Yemen’s popular narcotic. Mamoon went inside their family home to get some cash to lend his brother.

When Mamoon returned, Khaldoon was lying on the curb, bleeding from the back of his head. It was an image that the local branch of the Islamic State, who claimed responsibility for the attack, would spread on their own media channels, later published by Yemeni news outlets.


Khaldoon-son-1518559392

Khaldoon Gahleeb holds his son.

Photo: Mohamed Gahleeb


Mamoon rushed Khaldoon to the hospital, but it was too late: The doctors declared his younger brother dead.

In New York City, more than 7,000 miles from the southern Yemeni port city of Aden, the brothers’ father Mohamed Gahleeb couldn’t believe the news. The 73-year-old U.S. citizen had immigrated in 2008, a decade after one of his daughters married a Yemeni-American and moved to Michigan.

Mohamed Gahleeb applied for Khaldoon to join him in 2009. Mohamed has five other children in Yemen, but he chose Khaldoon because his middle son was the one most in need of work. Mohamed also didn’t want to push his luck: He knew how difficult and long of a process it could be to bring even one family member to the United States.

“I was waiting and waiting for him for years, until the day they killed him,” Mohamed said.

Sitting in the kitchen of his basement apartment deep in Brooklyn, Mohamed showed a picture on his phone of Khaldoon holding his toddler son. The elder Gahleeb choked on tears as he kissed the screen and murmured: “My son. It’s not easy for me to talk about. It hurts me too much.”

Visas for married children of U.S. citizens can take more than a decade to process. After Mohamed Gahleeb submitted a DNA test, conducted two immigration interviews, and waited for eight years, President Donald Trump declared his travel ban in January 2017. It barred citizens from seven Muslim-majority countries, including Yemen. The Supreme Court allowed a third version of the ban to go into effect in December, stopping all Yemeni immigrant visas.

The travel ban has left families like the Gahleebs trapped in a war that has killed thousands and created a humanitarian crisis starving millions. Conflict erupted between the Iranian-backed Houthi rebels and the Yemeni government, supported by a Saudi-led and U.S.-armed coalition, in early 2015.

Extremist groups filled the ensuing power vacuum. Al Qaeda in the Arabian Peninsula, active in Yemen since 2009, strengthened, while ISIS, currently waning in Iraq and Syria, seized the chance to move into the region and recruit in 2015. These terror threats were the justification for Trump’s travel ban, but the policy has left Yemenis with liberal views and government affiliations vulnerable to extremists.

“Part of the reason we are not being allowed in the United States is the fact that they say we are connected with terrorists, and here we are getting killed by terrorists,” said Zaid Nagi, community activist and vice president of the Yemeni American Merchants Association in New York City.

Even Yemenis who might qualify to be resettled as refugees face stiff odds. In Trump’s first executive order on immigration allowed to go into effect in June 2017, he banned all refugee admissions for 120 days. When that expired in October, he put into place a 90-day review for 11 countries deemed high risk, including Yemen. Although that leaves open the possibility of refugee admissions, a Reuters investigation in December reported that even when the ban was lifted, refugee admissions plummeted. According to United States Citizenship and Immigration Services, only 16 Yemenis were resettled as refugees in fiscal year 2015, 26 in 2016, 21 in 2017, and none yet in this fiscal year.


Mohamed-Gahleeb-at-home-in-Brooklyn-1518559479

Mohamed Gahleeb at home in Brooklyn.

Photo: Mallory Moench


Mohamed Gahleeb said Yemenis have lived under terrorism for nearly a decade.

“The terror people are everywhere,” he said. “They like to make people fear, they want to kill. Those are people who think themselves that they are Muslims. But God doesn’t say kill your people.”

“We don’t know what they want,” Mohamed added. He also doesn’t know why they targeted his son.

Khaldoon Gahleeb’s death followed a slew of attacks against civilians and pro-government security forces in Aden in November 2017. The local branch of ISIS claimed responsibility for at least two suicide bombings and two assassinations, including Khaldoon’s, although the motivation was unclear.

Elisabeth Kendall, a senior research fellow at Oxford University who monitors extremists in Yemen, said assassinations flagged as terrorist attacks could actually be motivated by political rivalry or criminal activity. In the tumult of war, it’s hard to tell.

The complicated story epitomizes Yemen’s spiraling crisis, where factions constantly shift allegiances. When the war was about to break out in late 2014, Khaldoon joined government forces fighting against the rebel Houthis and former Yemeni President Ali Abdullah Saleh.

The Gahleebs are also staunch supporters of South Yemen, which was an independent country until unification in 1990. Mohamed Gahleeb, who welcomes U.S. and Saudi support for the war against the Houthis, dreams of an independent South Yemen again one day. He celebrated when southern separatist soldiers, backed by the United Arab Emirates, attempted what the prime minister called a “coup” against Aden’s government in January 2018. Fighting in the city is still ongoing.

In this chaos, extremist groups have thrived. Gerald Feierstein, U.S. ambassador to Yemen from 2010 to 2013, explained that the government breakdown undermined counterterrorism aims.

“They have been able to expand their presence in places that have been particularly affected by civil conflict, where the level of governmental control is particularly weak,” Feierstein told The Intercept. “Because of the collapse of a strong Yemeni counterterrorism program with us and others, they have been able to regain territory that they lost.”

Post-9/11 U.S. foreign policy in Yemen has targeted alleged terrorists with air attacks and ground raids. Drone strikes since 2002 have killed at least 1,000 militants and more than 100 civilians in Yemen, watchdog groups estimate.


Yemenis gather at the scene of an explosion near a security post in the southern port city of Aden on November 14, 2017. / AFP PHOTO / NABIL HASSAN        (Photo credit should read NABIL HASSAN/AFP/Getty Images)

Yemenis gather at the scene of an explosion near a security post in the southern port city of Aden on November 14, 2017.

Photo: Nabil Hassan/AFP/Getty Images

Under Trump, counterterrorism attacks have surged. A widely criticized raid a week after he took office ended in the deaths of one Navy SEAL and at least 16 Yemeni civilians. Drone strikes tripled from 2016 to 2017. In January 2018, U.S. forces conducted 10 airstrikes targeting AQAP and ISIS.

There is evidence that strikes may have been effective in weakening these groups, according to Kendall, who monitors extremist social media and news reports.

“Right now, both groups are under so much pressure,” Kendall told The Intercept.

She has tracked AQAP commanders killed by drones replaced by increasingly younger men and both groups changing tactics. According to her research, AQAP has shifted its target from the Houthis to the UAE-backed military, because of the threat it posed to the extremist group. ISIS moved from civilian suicide bombings to battling Houthis – except for the spike of violence in November that killed Khaldoon.

But more than 15 years after the first U.S. airstrike in Yemen, extremists continue to evolve, and experts like Kendall and Feierstein are quick to point out that counterterrorism attacks fail to address the root causes of extremism, fueled by political instability and the current humanitarian crisis.

“If you’re going to achieve a longer-term success and going to actually eliminate the operational environment for these groups,” said Feierstein, “you have to be engaged in other things like institutional capacity-building, developing law and order, providing services and convincing people that their interests are best served by supporting the government and cooperating to achieve them.”

Until that is possible, Yemeni extremists are still active – and lethal. Mohamed Gahleeb said he now fears for the safety of his five children still in Yemen.

“I can’t let them stay there because they are wanted, maybe like their brother,” he said. “As they killed him, maybe they want to kill the others. I am afraid for the whole family.”

Mohamed wants to bring Khaldoon’s wife and son to the United States, but until the Supreme Court addresses the travel ban, they remain trapped between terrorism and war.

Top photo: Yemenis inspect the site of a suicide bombing that targeted the finance ministry building of the Saudi-backed Yemeni government in the country’s second city of Aden on Nov. 29, 2017.

The post Banned from the U.S. Due to Terrorist Threats, Yemenis Are Themselves the Victims of Attacks appeared first on The Intercept.

New AI Model Fills in Blank Spots in Photos

A new technology uses artificial intelligence to generate synthetic images that can pass as real. From a report, shared by a reader (the link may be paywalled): The technology was developed by a team led by Hiroshi Ishikawa, a professor at Japan's Waseda University. It uses convolutional neural networks, a type of deep learning, to predict missing parts of images. The technology could be used in photo-editing apps. It can also be used to generate 3-D images from real 2-D images. The team at first prepared some 8 million images of real landscapes, human faces and other subjects. Using special software, the team generated numerous versions for each image, randomly adding artificial blanks of various shapes, sizes and positions. With all the data, the model took three months to learn how to predict the blanks so that it could fill them in and make the resultant images look identical to the originals. The model's learning algorithm first predicts and fills in blanks. It then evaluates how consistent the added part is with its surroundings.

Read more of this story at Slashdot.

Germany’s defense minister: Cyber security is going to be the main focus of this decade.

On Saturday, Germany defense minister Ursula von der Leyen told CNBC that cyber attacks are the greatest challenge threatening global stability.

The cybersecurity is a pillar of modern states, the string of recent massive attacks including NotPetya and WannaCry is the demonstration that we are all potential targets.

Cyber attacks could hit governments, private companies and citizens in every time and from every where causing severe problems to the victims and huge financial losses. The cyber risk is directly linked to geopolitical, environmental, technological, and economic risks. A cyber attack could destabilize governments worldwide, it can get a business out of the business.

When journalists asked about the “single greatest threat to global stability,” to the German defense minister, she confirmed the disconcerting scenario.

“I think it’s the cyber threats because whatever adversaries you can think of and even if you talk about Daesh (the terrorist group) they use the cyber domain to fight against us.” Germany’s defense minister Ursula von der Leyen told CNBC.

Germany defense minister urges European states to invest in collective defense

“This decade will be the decade of improvement in cyber security and information ruling,” she added.

 

Governments and companies are already investing to improve the resilience to cyber attacks of their networks. The Germany defense minister also noticed that Governments are also working to improve their offensive cyber capabilities.

The US and UK are reportedly using cyber soldiers to fight the Islamic State.

The video interview is available at the following link:

https://www.cnbc.com/video/2018/02/17/cyber-threats-biggest-threat-to-stabililty-german-defense-minister-says.html

Pierluigi Paganini

(Security Affairs – Germany defense minister:, Information Warfare)

The post Germany’s defense minister: Cyber security is going to be the main focus of this decade. appeared first on Security Affairs.

A Border Patrol Memoir Gets Caught Up in the Deportation Fight

Francisco Cantú, author of “The Line Becomes a River,” remembers watching the heated rallies engulfing his home state of Arizona. To one side were immigration advocates, activists who demanded the migrants running for their lives through the Sonoran Desert be treated as human beings, regardless of their citizenship status. To the other, were vocal, angry crowds, carrying signs and calling for increased fortification along the divide between the U.S. and Mexico, more Border Patrol agents, and a wall between the two countries.

This was not the 2016 presidential election. This was a decade earlier, in 2006, and the people with the signs ended up getting just about everything they wanted. Cantú was in college at the time, a student of international relations obsessed with untangling the knotted policy fights that surround the borderlands. After graduation and a stint at a non-profit, Cantú concluded there was a world of information critical to understanding those fights that was beyond his grasp. So, at 23-years-old, Cantú signed up for the U.S. Border Patrol, joining one of the final waves of new recruits in the last major push to bolster the size of the agency.

Cantú’s mother opposed the decision. A former federal employee herself, she reminded her son that his employer was a paramilitary organization, and that such organizations have a way of bending, stretching, and breaking the moral limits of even the most principled of employees. “You must understand you are stepping into a system, an institution with little regard for people,” she warned.

Self-assured and idealistic, Cantú told himself that he would be one of the good ones. His grandfather was born in Mexico, he spoke Spanish, he came from the border — maybe, down the line, he could bring his unique experiences to bear to change policy for the better, to help people. “I’m not going to become someone else,” Cantú assured his mother.

Over the next four years, as he patrolled the vast expanses of the American southwest, where U.S. enforcement strategies have driven migrants into some of the country’s deadliest terrain, culminating in thousands of deaths, Cantú was proven wrong. While he was granted the ground-level view of immigration enforcement that he had been looking for, it came at a cost. There was no way to be half-in, he learned. When you become a cog in “the thing that crushes” — a name Cantú later gave to the U.S. immigration enforcement apparatus — your good intentions have a way of evaporating and you become implicated whether you like it or not.


“The Line Becomes a River,” by Francisco Cantú.


Sitting on a stage in the ornate Wachenheim Trustees Room at the New York Public Library earlier this week, Cantú was thousands of miles from the desert and a world away from the life he used to live. His green uniform was gone, replaced by a sharp ensemble of blue. Cantú was in town to promote his new book. Broken into three acts, the memoir details Cantú’s decision to join the Border Patrol and the psychological unraveling he experienced during his time on the job, which eventually led to his exit from the agency. It ends with Cantú outside of law enforcement, working to support the family of a friend caught in the machinery of deportation.

In the week since “The Line Becomes a River” was released, Cantú has appeared in a nonstop string of media interviews. The book has enjoyed critical acclaim, but it has not been without controversy. In California, Bay area activists called on local bookstores to cancel Cantú’s readings on the grounds that he was a cop, and cops deserve no sympathy, particularly at time when millions of immigrants across the country are living in fear of law enforcement. The readings were not cancelled. In Austin, Texas, demonstrators called Cantú a “traitor,” and accused him of profiting off migrant pain. The radical news website It’s Going Down, further argued that Cantú possess an “insidious ability to minimize complicity,” and that he has “built his career and fame as a writer through participating in the culture of cruelty that typifies Border Patrol.”

The broader sentiment behind the pushback is not difficult to understand. In recent years, the Border Patrol hiring surges that Cantú was part of, which President Trump seeks to repeat, have been followed by startling increases in serious misconduct by agents. And, as the historian Kelly Lytle Hernandez, author of “Migra,” has noted, the agency’s history is littered with examples of Border Patrol agents serving as a frontline force executing draconian and punishing immigration enforcement policies. Just last month The Intercept highlighted a report by the faith-based humanitarian group No More Deaths, which operates out of Cantú’s hometown of Tucson, Arizona, documenting Border Patrol agents systematically destroying water left for migrants crossing the desert. Hours after the report was published, one of the group’s volunteers was arrested by Border Patrol for providing food and shelter to two undocumented immigrants. More than a half-dozen other volunteers with the group have been hit with federal charges in recent months for leaving water in the desert.

Responding to the criticism he’s received, Cantú tweeted last week, “To be clear: during my years as a BP agent, I was complicit in perpetuating institutional violence and flawed, deadly policy. My book is about acknowledging that, it’s about thinking through the ways we normalize violence and dehumanize migrants as individuals and as a society.” He added: “I’m not here to defend BP. But I am here to listen and learn from the ways my writing may be construed to normalize, eroticize, or beautify border violence, and the ways my voice may amplified at the expense of those who suffer from it. Ultimately, I’m here to work against it.”

There’s no getting around the fact that Cantú’s work in law enforcement will, for some, render his contributions to the conversation around immigration null and void. In this view, one might argue, Cantú willingly contributed to the problem he wishes to address and conclusions that, yes, in fact, the system is broken are far from revelatory — and certainly do not require participation in that system to prove. But while there’s a coherence to the critique, to dismiss Cantú’s work entirely would be to risk missing out on a unique glimpse inside a closed-off set of institutions with tremendous power.

In the years since September 11, the publishing world has produced a wealth of literature, mostly novels, from veterans who came of age in the aftermath of the attacks and fought in the wars they led to. In a 2015 article for Harper’s Magazine, Sam Sacks made the case that the significant praise these works have received can be attributed, in part, to the general public’s alienation from the wars it underwrites. Sacks also wrote that these accounts are almost always “stories of personal struggle that are built around abstract universal truths,” which typically refuse to grapple with the critical context surrounding the conflicts in which they are set. This appears to be no accident, Sacks added, given that nearly all of the post-9/11 veteran writers who have succeeded in recent years have emerged from the same creative writing and MFA programs.

“I think that what these humanitarian groups are doing by putting water out in the desert, is they’re attempting to fill a deadly void that is left by our border policy,” Cantú said.

Cantú shares some similarities with his counterparts in the veteran novelist community. He, too, is an MFA grad, in addition to a former Fulbright fellow, and “The Line Becomes a River” does detail a story of personal struggle. But there are also some critical differences. Like the war on terror, the interlocking conflicts along the border are at times regarded as abstractions among those who are removed from its realities. But unlike the wars abroad, the disaster at home has yielded few firsthand, literary accounts from officers and agents tasked with fighting that fight (though perhaps that will change as the face of U.S. immigration enforcement evolves).

“The Line Becomes a River” provides a rare window into that world, but Cantú also attempts to go deeper, reflecting on the border itself and the clichéd narratives that surround the region. Woven throughout his personal story is a deep body of research and critical analysis that seeks to explain how the status quo came to be. And while reasonable minds can disagree on whether he’s succeeded, Cantú, in both his book and public comments, has clearly attempted to address the underlining conditions that made his experience what it was, along the way demonstrating a willingness to publicly challenge the mission of his former employer.

In a passage reflecting on what it meant to become “good” at his job, Cantú writes, “It’s true that we slash their bottles and drain their water into the dry earth, that we dump their backpacks and pile their food and clothes to be crushed and pissed on and stepped over, strewn across the desert and set ablaze.” While Cantú says that he never took part in the practice, the fact that he was part of a force that would intentionally increase the likelihood of migrant deaths was haunting. “I have nightmares,” he writes, “visions of them staggering through the desert, men from Michoacán, from places I’ve known, men lost and wandering without food or water, dying slowly as they look for some road, some village, some way out.”

In New York City, Cantú’s panel was moderated by John B. Washington, an accomplished border journalist in his own right, who befriended Cantú while working on a novel and volunteering with No More Deaths, the organization that documented the destruction Cantú described. Noting that the group has called for disbanding the Border Patrol, Washington asked Cantú about the legitimacy of his former employer. “I think its only legitimacy is that it already exists,” Cantú replied. “Something like destroying water, that’s an unforgivable act,” he went on to say. “I think that what these humanitarian groups are doing by putting water out in the desert, is they’re attempting to fill a deadly void that is left by our border policy,” Cantú said, adding that the country needs groups like No More Deaths, though he doubts the Border Patrol will ever be abolished.

Over coffee the next morning, I asked Cantú for a fuller explanation on his reason for joining the Border Patrol in the first place. “It’s really hard to answer that question now,” he replied. He had read the critiques, he knew what he was getting into, but in his 23-year-old mind he had come up with a script to assure himself that he could “do the good parts and not participate in the bad parts.” More than a decade later, Cantú acknowledges this was “a defense mechanism against, probably, a much bigger, scarier, realer realization,” namely that, “You can’t separate who you are as an individual, really, from the work that you do as part of an institution.”

“I think that disconnect is at the heart of the book,” he added.

The response will no doubt leave some of critics unsatisfied, but Cantú seems willing to accept criticism. During the protests in Texas, The Austin Chronicle reported that he quietly listened to the demonstrators’ complaints, without attempting to shut them down. “I have plenty of opportunities to speak,” he said. “I have a book in the world.”

While those opportunities are available, Cantú remains intent on making at least a couple things clear. First, that there’s a humanitarian catastrophe unfolding along the border every day. And, second, that the so-called big picture issues of immigration can distract from the individual human stories. And that if those stories aren’t known or heard, then the conversation becomes hollow and false. Addressing core criticism of his own book, one centered on the question of who gets to have their stories told and who tells them, is part of that process, Cantú added. “I totally agree that the voices that we need to be listening to are the voices of the undocumented. Those are the people that being the most effected by this and those are the people who are being diminished by the current climate and debate,” he said.

“It’s so weird,” Cantú told me, to see the same uninformed fights that led to his career in the Border Patrol playing out all over again. “We’re literally doing the same thing, expecting different results,” he said. It’s mid-2000s Arizona all over again. The only difference now, Cantú argued, is that there’s more rage. “It’s worse,” he said. “It’s crazy.”

Top photo: A new U.S. Border Patrol trainee is fitted for a uniform at the U.S. Border Patrol Academy on August 3, 2017 in Artesia, New Mexico.

The post A Border Patrol Memoir Gets Caught Up in the Deportation Fight appeared first on The Intercept.

Depois de início de devassa, Luciano Huck desiste da presidência

Quando a seleção tomou de 7 da Alemanha, Luciano Huck disse que o país passava pelo seu “11 de setembro”. Quando decidiu abandonar o sonho de ser presidente da República, um amigo disse que Huck estava triste “como quem interrompe uma gravidez”. Tudo parece ser grandioso na vida de Luciano. “Vou ali chorar um pouquinho e já volto”, disse para amigos. Depois de muito ensaio e indecisão, parece que o apresentador desistiu mesmo desse projeto pessoal amalucado que importantes setores da política e do empresariado tinham comprado.

Segundo a colunista Mônica Bergamo, a pressão da TV Globo para uma decisão final foi o principal motivo. Ele e Angélica perderiam os programas na emissora, o que é uma tremenda bobagem. Essa foi a mesma razão ventilada há meses, quando Huck anunciou a primeira desistência. Abandonar os programas seria óbvio para o casal que pretendia subir a rampa do Planalto. Os motivos foram outros.

No dia 8, Huck foi receber a benção de FHC, que o incentivou a disputar a eleição. Naquele momento sua candidatura parecia estar próxima de se consolidar. No dia 10, o jornalista Fernando Britto do blog Tijolaço revelou uma informação que colocou sua couraça à prova: o apresentador comprou o avião que usa duas vezes por semana para trabalhar na Globo com milhões emprestados do BNDES com juros subsidiados. Estado mínimo, meu jatinho primeiro!

É curioso lembrar que, nas últimas eleições, uma das promessas de Aécio era acabar com o “bolsa empresário” do governo Dilma, na qual ironicamente um dos seus principais cabo-eleitorais estava mamando.

Assim como Doria outro ricaço que posa de outsider puritano Huck não viu problema em tomar esse dinheiro do povo para bancar um luxo pessoal. Como também não havia visto problema em pegar emprestadas as aeronaves do estado de Minas Gerais, então governado pelo seu chapa Aécio, para se deslocar pelo interior com Sandy e Junior a bordo para gravar um quadro para o Caldeirão do Huck. Depois que Aécio rodou de azul e amarelo na Lava Jato, o apresentador se disse decepcionado com o amigo. Uma decepção que não teve quando viajou de graça às custas do contribuinte mineiro.

Um estudo da FGV mostrou que a repercussão negativa da notícia foi enorme nas redes sociais, mesmo com a Globo fingindo que ela nunca existiu. Isso provavelmente influenciou em sua decisão. O nome de Huck  foi colocado no centro do ringue assim que sua candidatura se aproximou de se concretizar. E não resistiu às primeiras pancadas. O empréstimo do BNDES foi só uma amostra do que estaria por vir e talvez fosse o menor dos esqueletos do seu armário.

Há uma infinidade de conexões suspeitas de Huck que fatalmente seriam exploradas por seus adversários. Seus melhores amigos na política e no empresariado são Aécio Neves e Alexandre Accioly, ambos bastante enrolados com a Lava Jato. O apresentador é sócio de Accioly em diversos empreendimentos, como na rede de academias Bodytech. Accioly, que é padrinho de um dos filhos de Aécio, é acusado de ter recebido propinas da Odebrecht endereçadas a Aécio em uma conta sua no exterior. A relação de Huck com os dois vem de longa data e nunca foi superficial.

Outro esqueletinho que não passaria incólume pelo escrutínio público é a condenação por uma ação ilegal em Angra dos Reis. O apresentador cercou com bóias um pedaço do mar em frente à sua mansão em uma ilha da região, privatizando um pedacinho do mar para o desfrute exclusivo da sua família. O assunto é antigo, mas ainda pouco conhecido pelo eleitorado e seria ressuscitado com força na campanha, fazendo com que Huck tivesse que explicar essa confusão entre público e privado. Esse clássico da velha politicagem não cairia bem para um mocinho que pretende renovar a política.

Não é a primeira vez que Huck usou dinheiro público para patrocinar seus empreendimentos. Além dos R$17,7 milhões tomados do BNDES para financiar suas viagens aéreas de luxo, ele também captou pela Lei Rouanet R$19,5 milhões para financiar o Instituto Criar, que até onde se sabe trata-se de um projeto sério, mas que talvez Huck não teria feito sem ajuda do governo. A construção da imagem de bom samaritano do ex-futuro-candidato também teve um empurrãozinho das renúncias fiscais.

Mas há vários outros casos no mínimo polêmicos que rondam sua biografia. O caso Peixe Urbano, a sociedade com a Reserva, a pousada em Fernando de Noronha em sociedade com os filhos de Abílio Diniz, enfim, o armário seria revirado e mesmo fatos aparentemente irrelevantes ganhariam outra dimensão sob a perspectiva eleitoral.

Sair do conforto dos holofotes globais para entrar na guerra política, em seu momento mais pesado, não seria nada fácil, mesmo com a proteção da Globo. Huck se apresentaria como o messias que largou a vida de milionário para salvar a nação das garras da podridão política. Essa capa messiânica não resistiria aos questionamentos durante a campanha sobre seus negócios, sócios e aliados políticos históricos.

Apesar de negar ser candidato enquanto articulava sua candidatura, seguindo o script de todo bom e velho político. O apresentador estava mesmo sonhando com a presidência. Segundo interlocutores próximos, acreditava que teria força política para aprovar reformas em 100 dias de governo, fácil assim, como se fosse uma reforma de casa feita pelo Caldeirão. Um cálculo feito ignorando como será a configuração partidária do Congresso. O que vale são a boa vontade e o desejo de renovar a política, não é mesmo?

A renúncia de Huck à candidatura, que imagino agora ser definitiva, é a melhor notícia desse começo de ano. Só o fato de se cogitar seu nome, com forte apoio do PPS e de FHC, já foi vergonhoso para o país. Já temos muitos embustes eleitorais, muito menos um gerado nos estúdios da Globo. A má notícia é que ele continuará com seus programas que faturam milhões em troca da exploração da miséria alheia na TV, mas com isso já estamos acostumados.

The post Depois de início de devassa, Luciano Huck desiste da presidência appeared first on The Intercept.

We’ve Reached Peak Smartphone

You don't really need a new smartphone. From a column on the Washington Post (may be paywalled): Sure, some of them squeeze more screen into a smaller form. The cameras keep getting better, if you look very close. And you had to live under a rock to miss the hoopla for Apple's 10th-anniversary iPhone X or the Samsung Galaxy S8. Many in the smartphone business were sure this latest crop would bring a "super cycle" of upgrades. But here's the reality: More and more of Americans have decided we don't need to upgrade every year. Or every other year. We're no longer locked into two-year contracts and phones are way sturdier than they used to be. And the new stuff just isn't that tantalizing even to me, a professional gadget guy. Holding onto our phones is better for our budgets, not to mention the environment. This just means we -- and phone makers -- need to start thinking of them more like cars. We may have reached peak smartphone. Global shipments slipped 0.1 percent in 2017 -- the first ever decline, according to research firm IDC. In the United States, smartphone shipments grew just 1.6 percent, the smallest increase ever. Back in 2015, Americans replaced their phones after 23.6 months, on average, according to research firm Kantar Worldpanel. By the end of 2017, we were holding onto them for 25.3 months.

Read more of this story at Slashdot.

Crypto Update: The First Test of the Uptrend

The major coins continue to trade in a bullish general setup, despite the dip today in early trading, as the preceding rally on Saturday carried Bitcoin and the other leaders of the rally to important technical levels. The current correction is a crucial one, as we already mentioned, as an orderly pull-back with higher swing […]

The post Crypto Update: The First Test of the Uptrend appeared first on Hacked: Hacking Finance.

A Massive U.S. Drone Base Could Destabilize Niger — and May Even Be Illegal Under Its Constitution

Late in the morning of October 4 last year, a convoy of Nigerien and American special forces soldiers in eight vehicles left the village of Tongo Tongo. As they made their way between mud-brick houses with thatched roofs, they were attacked from one side by dozens of militants, if not hundreds. Outnumbered and outgunned, the Nigeriens and Americans fled, some on foot, running for cover behind trees and clusters of millet, their boots caked in the light brown earth. By the time the fighting was over, five Nigeriens and four Americans were killed, their bodies left naked in the bush after the militants took their uniforms.

The news went straight to the front pages in the United States and sparked a conflict between the family of one of the soldiers and President Donald Trump, after the president made insensitive remarks during a condolence call to the soldier’s widow. But the story also spread like wildfire throughout Niger, where the big news wasn’t so much that American soldiers had been killed, but that Americans soldiers were fighting in the country in the first place.

“I was surprised to learn that Americans had died in the Tongo Tongo attack,” Soumana Sanda, the leader of an opposition party in the Nigerien Parliament and taekwondo champion, told me in an interview in his pristine and sparsely decorated office in Niamey, the country’s quiet capital on the banks of the Niger River. “That was the moment I found out, as a Nigerien, as a member of parliament, as a representative of the people, that there is indeed (an American) base with ground operations.”

It was the same on the street. Moussa, a middle-aged man who sells children’s textbooks and novels on a busy corner in Niamey, captured the feelings of many I talked with. “We were surprised,” he said. “For us, this is another form of colonization.” Out of apprehension that he could get in trouble for voicing his views openly, he declined to give his last name.

In fact, U.S. Special Operations forces have been in Niger since at least 2013 and are stationed around the country on forward operating bases with elite Nigerien soldiers. What happened in Tongo Tongo is just a taste of the potential friction and instability to come, because the pièce de resistance of American military engagement in Niger is a $110 million drone base the U.S. is building about 450 miles northeast of Niamey in Agadez, a city that for centuries has served as a trade hub on the southern edge of the Sahara Desert, not far from Mali, Algeria, Libya and Chad. In January, I hopped aboard an aging plane that followed a roundabout route to one of America’s largest-ever military investments in Africa, its latest battleground in an opaque, expensive, and counterintuitive war on the continent.


Agadez_6.04.2017-1518803396

Aerial view of the American drone base in Agadez, Nigeria, on June 4, 2017.

Photo: Google Earth

Flying into Agadez requires a tour around Niger’s countryside. I boarded a 30-year-old Fokker 50 propeller plane that is owned by Palestinian Airlines and leased to state-owned Niger Airlines with a Palestinian crew. After stopping in the southern cities of Zinder and Maradi, we descended on Agadez, its rectangles and triangles of compounds and dirt roads forming a mosaic, with the surrounding reddish beige of the desert stretching out in all directions as far as the eye can see.

On the southeast edge of the civilian airport, accessible by tracks in the sand used mainly to exit the town, is Nigerien Air Base 201, or in common parlance “the American base.” The base, scheduled for completion in late 2018, is technically the property of the Nigerien military, though it is paid for, built, and operated by Americans. It is being constructed on land formerly used by Tuareg cattle-herders. So far, there is one large hangar, ostensibly where the drones could be housed, a runway under construction, and dozens of smaller structures where soldiers live and work.

The air strip will be large enough for both C-17 transport planes and MQ-9 Reaper armed drones, as The Intercept’s Nick Turse found out in 2016. A Nigerien military commander with direct knowledge of the base, who asked not to be named because he is not authorized to speak to the press, told me that it will be mainly used to surveil militants like Al Qaeda in the Islamic Maghreb, Al Mourabitoun, Movement for Oneness and Jihad in West Africa, and local Islamic State affiliates including Boko Haram, which operate in border zones in neighboring countries. The U.S. currently flies drones out of an airport in Niamey, but those operations will be shifted to Agadez once the new base is completed.

American Special Forces operate separately from the drone base, which is run by the Air Force. The Green Berets are on the ground “training” Niger’s special forces and carrying out capture missions with them from the outposts of Ouallam near the Malian border, Aguelal near the Algerian border, Dirkou along the main transport routes between Niger and Libya, and Diffa, along the southeastern border with Nigeria and Chad, according to the same Nigerien commander. I’ve actually seen them at the Diffa base, a prominent local journalist has seen them at Dirkou, and I spoke to a person who worked at the Aguelal base.

When asked to confirm the American presence in those areas of Niger, U.S. Africa Command spokesperson Samantha Reho replied, “I cannot provide a detailed breakdown of the locations of our service members in Niger due to force protection and operational security limitations. With that said, I can confirm there are approximately 800 Department of Defense personnel (military, civilian, and contractor) currently working in Niger, making that country the second-highest concentration of DoD people across the continent, with the first being in Djibouti at Combined Joint Task Force-Horn of Africa.”

The U.S. is just one of several Western militaries that have established and strengthened military ties to Niger over the past few years. France has had soldiers in the country since 2013, when it launched Opération Serval in neighboring Mali. In 2015, France reopened a colonial fort in Madama, close to the border with Libya — unthinkable during the times of Moammar Gadhafi; the Libyan leader maintained a sphere of influence in the region that would have been at odds with a French military presence. Germany sent its own troops in Niger to support the United Nations peacekeeping mission across the border in Mali, and German Chancellor Angela Merkel even visited Niger in 2017. And Italy recently announced it would send 470 troops to a French base in the north of Niger to fight migrant transporters.


Sugar cane vendors stand outside during an official ceremony in Agadez, Niger, January 15, 2018.

Sugarcane vendors stand outside during a ceremony at a police station in Agadez, Niger, Jan. 15, 2018.

Photo: Joe Penney


I tried to find out what people think of the base and the drones that will soon be hovering overhead. After all, this was the biggest foreign military base in the region, an unprecedented uptick in Western involvement, as well as a major economic investment. But after a few days in Agadez speaking to a host of different people, I got the impression that the issue was taboo, and that very few people wanted to openly voice their concerns lest they be tagged with criticizing the current Nigerien administration, which could come back to haunt them.

I visited a school in Agadez and the principal, extremely hesitant about my presence, called me into a back room and declined to give his name. He told me that he couldn’t have an opinion on the Americans because he couldn’t figure out why they were really here. In my two weeks in Niger, I heard theories that the Americans were fomenting the terrorists themselves, digging for gold, or they’re after uranium, or oil, or even possibly the natural water aquifer beneath the Sahara, one of the largest in the world. Other than government officials, no one believed the Americans were here for security.

The base is a mystery for a reason. AFRICOM, which is the division of the Department of Defense that oversees U.S. military operations in Africa, has only allowed access to one news outlet so far that I know of, CNN, and denied me entry for this reporting trip. The public affairs office of the U.S. Embassy in Niger responded to repeated requests for an interview by saying they were processing the request and then eventually refused to answer my questions, explaining they were understaffed due to the three-day government shutdown in late January.

AFRICOM is notoriously restrictive in its access to reporters. A journalist for The Intercept was not allowed to visit another drone base in Cameroon, and people there were also cautious about discussing or criticizing it. This underlines a transnational fact: It’s not clear that American drones in Africa have made things safer. They are often more a source of fear than anything else.

The base in Agadez is about 6 square kilometers, though most of the land is yet to be developed. American troops patrol its perimeter, according to a neighboring village chief I talked with. The base is tucked away and hidden from Agadez first by the 8-to-10-foot wall that separates the city of 125,000 from the airport, and it is surrounded by a barbed wire fence with sandbags, so despite there being a few hundred Americans in Agadez, you would hardly know they were there unless you went looking. Both the Nigerien and the American governments prefer to keep it this way.


A woman and two children walk during blowing winds in Agadez, Niger, January 15, 2018.

A woman and two children walk during blowing winds in Agadez, Niger, Jan. 15, 2018.

Photo: Joe Penney

There is an unusual question floating around Niger: Is the American base even legal? Activists, lawyers, and opposition politicians say it is isn’t, arguing that it violates Articles 169 and 66 of the Nigerien Constitution. These state that defense treaties require parliamentary approval – which hasn’t happened with the base — and that the defense of Niger is carried out only by Nigerien armed forces, not foreign forces. In an interview, opposition Member of Parliament Soumana Sanda told me that while he and his party, Moden Lumana, support the American military presence in his country, “just because we don’t respect democracy or rule of law in Niger doesn’t mean we should drag the great democracies of the world into illegality.”

The government’s defense of the base’s legality often fluctuates. The interior minister, Mohamed Bazoum, said in January during a speech for the 27th anniversary of the president’s political party that because the American and French parliaments never debated the bases, Niger shouldn’t have to either. “The protocols we signed are not defense agreements. If they were, they would be for our partners, too,” Bazoum told a cheering crowd of cadres clad in the ruling party’s signature pink sashes.


Activist and head of Alternatives NGO Moussa Tchangari holds a copy of the Nigerien constitution at his office in Niamey, Niger, January 10, 2018.

Moussa Tchangari, an activist and head of Alternatives, an NGO, holds a copy of the Nigerien Constitution at his office in Niamey, Niger, on Jan. 10, 2018.

Photo: Joe Penney

I showed the U.S.-Nigerien Status of Forces agreement, which is available to the public on the State Department website, to Soumana Sanda and Justice Minister Marou Amadou, as well as a leading constitutional lawyer, a member of Niger’s constitutional court, and a prominent NGO head. None of them had ever seen the document and were surprised that it was available online. When I read one sentence from the agreement to Sanda —  that “the Parties waive any and all claims (other than contractual claims) against each other for damage to, loss, or destruction of the other’s property or injury or death to personnel of either Party’s armed forces or their civilian personnel arising out of the performance of their official duties in connection with activities under this Agreement” — he responded, “I wasn’t aware of all this.” He added, “Today I learned a little more” about the terms of American engagement. The base is rarely reported on by the Nigerien media, and most people who knew about it before Tongo Tongo got their information from foreign media reports.

The divide over the base’s legality and its value for Niger tends to fall under sharp lines based on proximity to the power structure. For instance, in Niamey I interviewed Brig. Gen. Mahamadou Abou Tarka, whose brother-in-law, Ahmed Mohamed, was recently named armed forces chief of staff. Tarka heads a $600 million fund for peace in the north of the country set up by the presidency, and he batted away questions about American mission creep. Before being escorted by bodyguards from his air-conditioned office to his chauffeured black sedan, Tarka told me that the government didn’t need to go through parliament because “we have not declared war, so the executive power considers it in its purview to strengthen the capacity of our military by bringing in allies.”

Any member of parliament can ask questions in parliament about the base, and one-tenth of parliament can call for an official inquiry into its legality. There are more than enough opposition MPs to do so, but so far they haven’t acted on their own questions about the base’s legality. Sahirou Youssoufou, journalist and editor-in-chief of L’événement newspaper, said it’s because at the end of the day, the opposition values good relations with the Americans over constitutional law. “These are political calculations. They don’t want to get in power and have all these partners at their back, their relations with them tainted,” Youssoufou told me.

The irony is that while the American presence is supposed to help keep the country stable, the U.S. has participated with the Nigerien government in a constitution-bypassing maneuver that undermines the country’s already-fragile democratic process.


American and French soldiers attend a daily briefing with the Nigerien military commander in charge of the fight against Boko Haram (not pictured) at a Nigerien military base in Diffa, Niger, March 26, 2015.

American and French soldiers attend a daily briefing with the Nigerien military commander in charge of the fight against Boko Haram at a Nigerien military base in Diffa, Niger, March 26, 2015.

Photo: Joe Penney

In the meantime, sightings of white soldiers in the desert animate residents’ imaginations and WhatsApp conversations. U.S. Special Forces seem to be involved in far-flung operations that go beyond the mandate of training Nigerien soldiers — Tongo Tongo is not the only example — and generate a lot of confusion, even among the government and its military.

For example, on a recent afternoon, local journalist Ibrahim Manzo Diallo received a video of a Tuareg woman and her two small children in the bush. She recounted how Nigerien and white soldiers abducted her husband and her husband’s friends, who had been camping in a nomadic tent outside Arlit, north of Agadez.

Curious about this incident, Diallo and I called the local prefect, Aghali Hamadil, who said that a mixed American and Nigerien patrol had indeed stormed a Tuareg camp, and while they released eight people, including the woman and her children, they detained four others and sent them to Niamey. When I asked Marou Amadou, the justice minister, whether this was true, he affirmed the account. “Yes, it’s the Americans. … They were looking for Goumour,” he said, referring to Goumour Bidika, who is “the main facilitator” for drug traffickers and terrorists in the Agadez region, according to a Nigerien commander with direct knowledge of the operation.

But that commander said Americans didn’t participate in the operation itself —  the woman in the video who said she saw white soldiers had probably seen them at the Americans’ Aguelal base where the Tuareg captives were detained. The commander, who requested anonymity because he is not authorized to speak to the press, said Bidika had been communicating with several terrorists they were looking for, and that he had escaped during the raid; four of his lieutenants were detained at Aguelal and sent to a Niamey prison instead.

Aguelal, west of Arlit, is near the Algerian border, and the secret American base there is a recent one. Its existence was partially confirmed in February, inadvertently, when it was discovered that Strava, a fitness app used mostly  by westerners, had released location data that showed the global movements of the users of workout trackers like Fitbit — and the data showed unusual activity in far-off Aguelal.

Reached via email after the operation, Reho, the AFRICOM spokesperson, said “U.S. forces were not involved in any arrests in that region within the past week.”


Young men at a fada in Agadez, Niger, January 16, 2018.

Young men at a fada (meeting house), in Agadez, Niger, Jan. 16, 2018.

Photo: Joe Penney

After NATO’s bombing of Libya in 2011 and the subsequent fall of Gadhafi, Agadez emerged as a main hub of migration of Africans to Europe – a trend that brought much-needed economic activity to the impoverished Agadez region. However, the economic spurt that surrounded migration has been throttled in the past few years by Nigerien police and military activity in the area, and the addition of American forces in Agadez will not help the situation.

Young men and women from all over West Africa ride buses to Agadez, and then pay hundreds of dollars to sit on top of yellow water jugs in the back of Toyota Hilux pickup trucks, holding onto pieces of wood to keep them aboard as they speed across the desert to enter Libya on their way to Europe. Up until 2015, the pickups were escorted north in convoys led by the Niger military for safety, and the migrants were made to pay bribes to Nigerien officials at checkpoints along the way.

Agadez depended on this industry for vital income, and the authorities profited from bribes the migrants paid. Things began to change when the city attracted media attention for the migration activity. The European Union held a joint summit with African nations in Valletta, Malta, and resolved to “set up a joint investigation team in Niger against migrant smuggling and trafficking.”

In 2015, the Nigerien government passed a law that targeted smugglers and human traffickers. With the legal backing and the political push from the European Union, by 2016 the government began arresting the drivers of migrants and impounding their vehicles. It also carried out patrols in the desert to turn back cars before they reached Libya. “By all accounts, the impetus behind passing this law was … European policymakers and European governments coming to Niger and saying, ‘You need to have a migrant smuggling law on the books,’” said journalist and researcher Peter Tinti, who has co-written a book on migration in the Sahel.

Once again, Western governments were forcing the Nigerien government to engage in legally dubious activity. Under Nigerien law, all citizens of West Africa have freedom of movement within Niger up until the Libya border, and most migrants making the journey aren’t coerced into doing so. Therefore, because trafficking is against the law only if a person is being transported against their will, the only crime that can be prosecuted is crossing into Libya without a visa. But since 2011, the central Libyan government recognized by the U.N. does not control the border with Niger, and the militias that control the southern towns in Libya ask for money, not visas, according to migrant transporter Bachir Amma. So the EU is trying to stop a flow of migrants that does not appear to break any local laws.


Justice minister Marou Amadou poses for a picture in his office in Niamey, Niger, January 21, 2018.

Justice Minister Marou Amadou poses for a picture in his office in Niamey, Niger, Jan. 21, 2018.

Photo: Joe Penney


With their cars impounded, Agadez’s migrant transporters are now without jobs. The government does not seem to care. During an interview on the leather sofas in his office in Niamey, Justice Minister Marou Amadou laughed about the travails of Mohamed Anacko, the president of the Agadez Regional Council. “Anacko calls me whining all the time,” Amadou said. “I tell him, ‘Anacko, you can cry all you want, but it will continue’” — referring to regular police sweeps against migrant smugglers.

The EU had promised money to people involved in migrant transportation to start small businesses, but the “people who formerly worked in the migration industry are growing increasingly frustrated,” according to a report by the Clingendael Institute in the Netherlands. Migrant transporter Bachir Amma said that 6,550 people registered as ex-participants in the migrant industry, and he himself had been approved for a $2,800 grant to start a restaurant in Agadez six months ago, but he still hasn’t seen the money. The Niger government also shut down a popular gold-mining site in the north of the country for opaque reasons, compounding the economic hardship.

The European response has been to ratchet up the number of soldiers in the country. The Italians opened an embassy in Niger in January 2018, shortly after they announced that they were sending troops to the north of the country to fight migration. It’s another sign that individual European governments decided they couldn’t depend on the EU as a bloc to protect their borders, and have been aggressively pursuing their own anti-migrant agendas in Africa. In 2017, for instance, Italian Interior Minister Marco Minniti struck deals with southern Libyan tribal leaders in an attempt to stem migration before people get a chance to cross the Mediterranean, in effect pushing Europe’s southern border into the Sahara.

The American base isn’t likely to bring reprieve to the region either. Despite the total cost of $110 million for construction and roughly $15 million in operating costs per year, very little of that money will go to the local economy. A young man who worked in the cafeteria of the base showed me the agreement he signed with the contractor that runs the cafeteria, Sakom. He was paid roughly $1.20 per hour, a low salary in Niger, and said he only got one day off every two weeks, working 12-hour days (the contract showed the hourly rate, but not the overtime or the number of days off). Most food, other than some fruits and vegetables, is shipped in from abroad. When I drove around the base’s perimeter with my colleague Diallo, a Sakom security vehicle began following us. Sakom’s representative in Agadez declined an interview request for this article.


Zara Ibrahim, the head of the Association of Women Against War, poses for a picture in her office in Agadez, Niger, January 15, 2018.

Zara Ibrahim, head of the Association of Women Against War, poses for a picture in her office in Agadez, Niger, Jan. 15, 2018.

Photo: Joe Penney

The Americans have done very little to help people in Agadez, other than holding a handful of workshops that appeared to be ineffective. Zara Ibrahim, head of the Association of Women Against War in Agadez, facilitated a workshop in which U.S. soldiers demonstrated to a group of mothers how to brush their teeth. Despite the fact that no one in the room needed to be taught how to brush their teeth, over 60 women came, according to Ibrahim, who told me about the workshop while sitting on a plastic mat on the floor of her association’s office. A strong gust of wind kicked up sand outside the building we were sitting in, and passing residents leaned forward and shielded their faces with their elbows. “Some women thought they would get something out of it. … They told us they would prefer 50 kilo bags of rice instead of toothbrushes,” she admitted.

Other workshops have included manuals on hand-washing and sexually transmitted infections, while soldiers donated some benches and notebooks to a local school. Some people appreciate the contact, but it hasn’t offered them much help. Ibrahim doesn’t understand why the local government never even explained what the Americans are doing in Agadez, arguing that the lack of communication lends itself to conspiracy theories, and that the political consequences can be dire. “It would be really easy to communicate to people in Agadez,” Ibrahim said, adding that “there’s a concrete example in Mali” of what happens if the local population is kept in the dark. In 2012, rebels and jihadi groups allied with Al Qaeda took over northern Mali following a Tuareg rebellion. As Ibrahim put it, northern Mali “woke up one morning under occupation.” The jihadi groups occupied the country’s three northern regions for nine months, until a French, Chadian, and Malian military intervention pushed them out of the towns and into the desert.

By staying behind their barbed-wire fences and providing little economic support to Agadez, the Americans run the risk of destabilizing the region. As Ibrahim remarked, “anyone can understand that.”


Niger's incumbent President and candidate to his re-election, Mahamadou Issoufou speaks to journalists after voting at the city hall in Niamey on March 20, 2016.Voters in Niger cast ballots in the country's first-ever presidential run-off on March 20, 2016, with incumbent Mahamadou Issoufou on track for a second term as the opposition observed a boycott. The election pits 64-year-old Issoufou, a former mining engineer nicknamed "the Lion", against jailed opposition leader Hama Amadou, 66, known as "the Phoenix" for his ability to make political comebacks. / AFP / ISSOUF SANOGO (Photo credit should read ISSOUF SANOGO/AFP/Getty Images)

President Mahamadou Issoufou speaks to journalists after voting in Niamey on March 20, 2016.

Photo: Issouf Sanogo/AFP/Getty Images

The man in the middle is Mahamadou Issoufou, the president of Niger. In power for six years, he has adopted a clear strategy for trying to keep control of things – by aligning himself closely with Europe and the United States, while presiding over an electoral system that his opponents describe as rigged. This is not a recipe for stability in a country that has had little of it since its founding in 1960, at the end of French colonial rule. 

Issoufou is a trained engineer and a former secretary-general of Somaïr, a uranium mine that was run by the French company Areva. Until migration and terrorism, uranium was the focal point of outside, particularly French, interest in Niger. France’s electricity grid is powered by nuclear energy, and Areva’s uranium concessions in Niger provide up to one-fifth of the uranium necessary to power that grid. Issoufou’s predecessor, Mamadou Tandja, had sparred with the French over the concession, and in 2009, then-French President Nicholas Sarkozy visited Niger to negotiate a deal on opening a new mine called Imouraren. After a $1.2 billion deal was struck, Tandja tried to reverse the constitution to stay in power for a third term, and after street protests, a group of low-ranking army officers carried out a coup d’état.

When the transition period ended with Issoufou’s election in 2011, the Fukushima nuclear disaster in Japan caused a sharp downturn in global uranium prices. Areva dropped its plans for Imouraren, and Issoufou acquiesced to the French firm’s plans for delaying the mine until prices rose, denting economic growth prospects for the country. But despite losing out on Imouraren, Issoufou quickly became a donor darling and found that the closer he was to France and the West, the better his image and the more firm his hold on political power. Issoufou was criticized heavily for going to Paris to attend the “Je Suis Charlie” march in January 2015, and some human rights organizations view him as a lackey of the West. He works with Image Sept, a French firm with close ties to the Parisian political elite, to manage his image.

A couple of months before his re-election in 2016, Issoufou jailed his main political opponent and former close ally, Hama Amadou of the Moden Lumana party. Amadou was accused of trafficking babies from Nigeria — a charge that Amadou vehemently denies, but which few political observers in the country have cast serious doubt on. His party boycotted the election yet still managed to finish second, behind Issoufou’s 92 percent. The opposition coalition called the election “a sham,” while the EU didn’t send an observer mission, which is rare in West Africa. Amadou is now in exile in France, having been released from prison temporarily for medical treatment.

Issoufou has taken unprecedentedly pro-Western stances on a number of key issues. He has allowed for the rapid expansion of the French and American troop presence, as well as opening up the country to German and Italian soldiers. He has shut down migration on Europe’s demand, against the economic interests of his own country. He has been rewarded for his efforts by French President Emmanuel Macron, who lauded Issoufou as “an example” of democracy on a recent state visit to Niger. And Issoufou has rewarded those in his administration who follow his vision: A couple of days after our interview, Issoufou had promoted Mahamadou Abou Tarka from colonel major to general.


Police officers stand guard during an official ceremony in Agadez, Niger, January 15, 2018.

Police officers stand guard during an official ceremony in Agadez, Niger, Jan. 15, 2018.

Photo: Joe Penney


Amadou, the justice minister, says the real reason the opposition complains about the foreign soldiers in Niger is because they are “interested in demoralizing our troops.” Amadou’s voice rose at this point in the interview. “They tell the soldiers, ‘They don’t have respect for you, they’re bringing bases in and the only way to restore our dignity is to get rid of them.’ These are calls for a coup d’état.”

His phone began buzzing, and he paused our conversation to take a call. It was son excellence, the new Italian ambassador, and Amadou’s mood lifted. “Happy new year. … For the judge? …  I know him very well. … That will be in what domain? I’ll tell you what, we should meet early next week,” he told the ambassador.

Amadou is right to worry about a coup d’état. In 2010, he was a leading member of the civil society opposition to Tandja, the president at the time, and supported the coup that overthrew him in February of that year. Amadou was named leader of the transitional legislative body by the junta, and when he helped usher elections that Issoufou won, he was rewarded with the post of justice minister. He has held the post ever since. During his eight years as garde des sceaux, he hasn’t prosecuted any participants in the 2010 coup nor the transitional government for any wrongdoing, despite blatant corruption detailed by Transparency International. This is because when Amadou was the head of the transitional legislative body in 2010, he helped pass a new constitution that included an entire article guaranteeing amnesty for those involved in the coup, as well as their accomplices. Meanwhile, a number of soldiers have been arrested and convicted for coup plots during Issoufou’s two terms.

As a region, West Africa is no stranger to military power seizures. In neighboring Burkina Faso, the American-trained elite presidential guard carried out a coup that eventually failed in 2015, while an American-trained captain named Amadou Sanogo led a destabilizing coup in Mali in 2012. Niger has had four coups since 1960.


A band performs at the French cultural center in Agadez, Niger, January 14, 2018.

A band performs at the French cultural center in Agadez, Niger, Jan. 14, 2018.

Photo: Joe Penney

Many people I spoke to in Niger feel their country has had its autonomy usurped by Westerners. “The reality is that Niger is not at a level where it can say yes or no to the French or Americans. … We only have sovereignty on paper,” said Djibril Abarché, president of the Nigerien Human Rights Association. When I asked Amadou, the justice minister, if his country has effectively ceded its military command to Westerners, he balked and explained that the Americans “don’t give orders to our generals, they give orders to our soldiers.”

Is the American presence helping security at all? It’s up for debate. “If I put guards in front of my house to stop criminals from entering and the criminals still come, are the guards worth anything?” asked the secretary-general of Niger’s Islamic University, Seydou Boubacar Touré. “We have the American base, the French base, but Boko Haram continues to kill us. … I don’t see their utility here.” Attacks along the border with Mali and in the southeast on the border with Nigeria have been frequent for years. During my time in Niger, a Boko Haram attack in Diffa killed seven Nigerien soldiers and injured 25.

According to AFRICOM, based in Germany, “U.S. Forces are in Niger to work by, with, and through Nigerien partners to promote stability and security while enabling them to address their security threats.” The word “through” leaves the most question marks. Prior to the disastrous mission in Tongo Tongo, the U.S. had said that its troops were only in an advisory role in Niger. It’s a peculiar role. “It is a training mission,” Mahamadou Abou Tarka, the general, said about Tongo Tongo. The Americans were “training those (Nigerien) special forces in the area. It just so happens that those special forces received a mission to go and capture a terrorist,” he said.

The Tongo Tongo ambush is instructive because, according to Nigerien soldiers interviewed for this article, the American soldiers were in charge of the mission and didn’t listen to Nigerien advice. The soldiers had spent the previous day looking for Doundoun Cheffou, who is connected to militant group leader Abu Walid, in a village called Akaba across the border in Mali. Instead of Cheffou, they found food and other goods indicating he and his men were in the area.

Rather than going directly back to their Nigerien base in Ouallam, they continued looking for him and when night fell, they set up camp 5 kilometers from Tongo Tongo, where the village chief had been known to give false alerts, according to a top Nigerien military officer with direct knowledge of the operation. By spending the night along the border area, they heightened the risks that they faced. There is talk of a sort of competition between the French and U.S. militaries, with each willing to undertake risky missions to prove there is a reason for them to be on the ground. However, Andrew Lebovich, Sahel specialist and visiting fellow at the European Council on Foreign Relations, said, “It’s not really a competition, so much as they both have priorities and a desire to work with the government. Sometimes those priorities overlap, sometimes they don’t.”

It is precisely this logic that is so dangerous: American troops are deployed in an advisory and training role. But once on the ground, there is a tendency to push for more activity and engagement, and the Nigeriens have to consistently push back against that. A Nigerien officer with direct knowledge of the Agadez base said on condition of anonymity that what the Americans can and can’t do is a point of discussion on a daily basis. “I say no to the Americans every day,” he said.

The risks the Americans take result in mistakes, and the mistakes, rather than leading to a reconsideration of the risks, can lead to more escalation. After Tongo Tongo, for example, Niger authorized the U.S. to arm its drones in the country, though there are reports that ground missions by the U.S. may face greater scrutiny.

Sitting in the living room of his house in Agadez with his young daughter, Abbas Yahaya, a prominent imam, told me that he is concerned the American drones won’t be able to tell the difference between militants and regular convoys in the desert, who are often armed for protection against criminality. “A drone is manned by people on a military base in America, and many times they make mistakes, killing people who aren’t extremists,” he said. “This won’t solve anything; it will only bring more insecurity.”

Indeed, if a handful of Green Berets can conduct a botched mission that leads to a major escalation of the conflict, what happens when there are 2,000 to 3,000 U.S. troops operating on a base with armed drones and little to no accountability to the public?

I got the feeling that Agadez was just one or two mistakes away from a radical change in which the American military becomes the focal point of hostility. Armed drones are a major issue anywhere the U.S. uses them, but in Niger, the American base is in a major city not far from potential drone targets. Judging from the secrecy and lack of trust thus far, it’s not hard to envision a future in which an errant drone strike causes the population of Agadez to turn against the base.


President of the Regional Council of Agadez Mohamed Anacko poses for a picture in his office in Niamey, Niger, January 10, 2018.

Mohamed Anacko, president of the Regional Council of Agadez, poses for a picture in his office in Niamey, Niger, Jan. 10, 2018.

Photo: Joe Penney


The Americans don’t even need to make a mistake to get into trouble. Italian, German, and French military forces are active in the country, and if any one of them makes a mistake, they can all become targets for retribution. And the two mission that these Western militaries are engaged in – against migration and against terrorism – are at odds with each other, as Anacko, the president of the Agadez Regional Council, is trying to explain to the rest of the world.

Anacko is practically an institution in Agadez: Everyone knows him and he knows everyone. He has spent the last couple of years arguing with the government in Niamey and the EU that their anti-migrant measures are increasing youth unemployment and resentment towards “the West” at a time when Western militaries are rapidly expanding their presence on the ground. As he explains, you can either stop migration or terrorism, but not both.

When I met Anacko, he was meeting with other regional council leaders at his secondary office in Niamey, across the road from the national soccer stadium. I asked him where he saw the country headed. “In five years, maybe I’ll be a terrorist and you’ll find me in the mountains,” he said, ashing his Rothman cigarette in a blue plastic cup, desaturated by the fluorescent bulb above. I couldn’t tell if he was being serious, or if he had answered enough questions from Western journalists and researchers that he knew exactly how to pique their attention. “Would you come and interview me in the mountains?” he asked, laughing.

A knock on the door signaled the interview was over. On his way out of the office, he walked past a sign that read “Thanks to Swiss cooperation funds” that was taped on the door, and got into his chauffeured white Toyota Hilux pickup truck. I left with my colleague Omar Saley, past the fruit stands and past the smoke from meat grilled by the roadside, which wafted through the windows of our car on the cool, dry night. We had reached the Kennedy Bridge in the center of Niamey when we spotted Anacko in his truck, going to a meeting at one of the main hotels in the city. As his pickup turned, I noticed the words emblazoned on its side: “Gift from the European Union.”

The Pulitzer Center on Crisis Reporting contributed funding for this article.

Additional reporting: Omar Saley and Ibrahim Manzo Diallo

Top photo: The American military base is seen in the distance in Agadez, Niger, Jan. 15, 2018.

The post A Massive U.S. Drone Base Could Destabilize Niger — and May Even Be Illegal Under Its Constitution appeared first on The Intercept.

Security Affairs newsletter Round 150 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Once again thank you!

·      FSB arrested researchers at the Russian Federation Nuclear Center for using a supercomputer to mine Bitcoins
·      Hackers are exploiting the CVE-2018-0101 CISCO ASA flaw in attacks in the wild
·      Thousands of websites worldwide hijacked by cryptocurrency mining code due Browsealoud plugin hack
·      49% of crypto mining scripts are deployed on pornographic related websites
·      CSE CybSec ZLAB Malware Analysis Report: Dark Caracal and the Pallas malware family
·      Victims of some versions of the Cryakl ransomware can decrypt their files for free
·      Victims of the current version of the Cryakl ransomware can decrypt their files for free
·      A new variant of the dreaded AndroRAT malware appeared in threat landscape
·      Hackers in the Russian underground exploited a Telegram Zero-Day vulnerability to deliver malware
·      Necurs botnet is behind seasonal campaigns of Valentines Day-themed spam
·      New details emerge from Equifax breach, the hack is worse than previously thought
·      Pyeongchang – Olympic Destroyer Unleashed to Embarrass Pyeongchang 2018 Games
·      All You Need to Know About North Korea and its cyber army
·      DoubleDoor, a new IoT Botnet bypasses firewall using two backdoor exploits
·      Microsoft Patch Tuesday for February 2018 addresses 14 critical flaws
·      Windows Analytics now includes Meltdown and Spectre detector
·      Android Security Bulletin – Google fixed several Critical Code Execution vulnerabilities
·      Hackers have exploited a zero-day in Bitmessage client to steal Electrum wallet keys
·      SAP Security Notes – February 2018 addresses tens of flaws including High Risk issues
·      UK Foreign Office Minister blames Russia for NotPetya massive ransomware attack
·      Unknown Threat Actor Conducts OPSEC Targeting Middle East
·      119,000 Scanned IDs of FedEx-owned company Bongo Internationals customers exposed online
·      A new text bomb threatens Apple devices, a single character can crash any apple iPhone, iPad Or Mac
·      DELL EMC addressed two critical flaws in VMAX enterprise storage systems
·      OpenSSL alpha adds TLS 1.3 support in the alpha version of OpenSSL 1.1.1
·      Effective Tips for Internet Safety for Kids You Must Read
·      Prosecutor Robert Mueller indicted 13 Russians for a massive operation aimed to influence Presidential election
·      Researchers spotted a new malware in the wild, the Saturn Ransomware
·      Unknown hackers stole $6 million from a Russian bank via SWIFT system last year

 

Pierluigi Paganini

(Security Affairs – Newsletter)

The post Security Affairs newsletter Round 150 – News of the week appeared first on Security Affairs.

Security Affairs: Security Affairs newsletter Round 150 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Once again thank you!

·      FSB arrested researchers at the Russian Federation Nuclear Center for using a supercomputer to mine Bitcoins
·      Hackers are exploiting the CVE-2018-0101 CISCO ASA flaw in attacks in the wild
·      Thousands of websites worldwide hijacked by cryptocurrency mining code due Browsealoud plugin hack
·      49% of crypto mining scripts are deployed on pornographic related websites
·      CSE CybSec ZLAB Malware Analysis Report: Dark Caracal and the Pallas malware family
·      Victims of some versions of the Cryakl ransomware can decrypt their files for free
·      Victims of the current version of the Cryakl ransomware can decrypt their files for free
·      A new variant of the dreaded AndroRAT malware appeared in threat landscape
·      Hackers in the Russian underground exploited a Telegram Zero-Day vulnerability to deliver malware
·      Necurs botnet is behind seasonal campaigns of Valentines Day-themed spam
·      New details emerge from Equifax breach, the hack is worse than previously thought
·      Pyeongchang – Olympic Destroyer Unleashed to Embarrass Pyeongchang 2018 Games
·      All You Need to Know About North Korea and its cyber army
·      DoubleDoor, a new IoT Botnet bypasses firewall using two backdoor exploits
·      Microsoft Patch Tuesday for February 2018 addresses 14 critical flaws
·      Windows Analytics now includes Meltdown and Spectre detector
·      Android Security Bulletin – Google fixed several Critical Code Execution vulnerabilities
·      Hackers have exploited a zero-day in Bitmessage client to steal Electrum wallet keys
·      SAP Security Notes – February 2018 addresses tens of flaws including High Risk issues
·      UK Foreign Office Minister blames Russia for NotPetya massive ransomware attack
·      Unknown Threat Actor Conducts OPSEC Targeting Middle East
·      119,000 Scanned IDs of FedEx-owned company Bongo Internationals customers exposed online
·      A new text bomb threatens Apple devices, a single character can crash any apple iPhone, iPad Or Mac
·      DELL EMC addressed two critical flaws in VMAX enterprise storage systems
·      OpenSSL alpha adds TLS 1.3 support in the alpha version of OpenSSL 1.1.1
·      Effective Tips for Internet Safety for Kids You Must Read
·      Prosecutor Robert Mueller indicted 13 Russians for a massive operation aimed to influence Presidential election
·      Researchers spotted a new malware in the wild, the Saturn Ransomware
·      Unknown hackers stole $6 million from a Russian bank via SWIFT system last year

 

Pierluigi Paganini

(Security Affairs – Newsletter)

The post Security Affairs newsletter Round 150 – News of the week appeared first on Security Affairs.



Security Affairs

Amidst Election Security Worries, Suddenly Paper Ballots Are Making A Comeback

The nation’s secretaries of state gathered for a multi-day National Association of Secretaries of State (NASS) conference in Washington, D.C. this weekend, with cybersecurity on the mind.

Panels and lectures centered around the integrity of America’s election process, with the federal probe into alleged Russian government attempts to penetrate voting systems a frequent topic of discussion.

Cybersecurity experts from the federal government and military were in high supply. Every secretary of state was invited to a closed-door briefing at the Department of Homeland Security, while federal experts spoke to a wider audience at the conference.

Brigadier General Timothy T. Lunderman, a cybersecurity expert at the National Guard, ran a session laying out to the assembled officials the resources available to them in the event of a cyberattack or intrusion on their systems. “If you take something away from today’s message, it is that we are a team,” he said.

One way to allay concerns about the integrity of electronic voting machine infrastructure, however, is to simply not use it. Over the past year, a number of states are moving back towards the use of paper ballots or at least requiring a paper trail of votes cast.

For instance, Pennsylvania just moved to require all voting systems to keep a paper record of votes cast. Prior to last year’s elections in Virginia, the commonwealth’s board of elections voted to decertify paperless voting machines — voters statewide instead voted the old-fashioned way, with paper ballots.

“It works. I understand. At least if we’re having to spend some time on it, we’re the only ones in control, perhaps is the idea. Nobody else hacking on in I guess is their theory so hopefully it’s safe,” voter Ken Rafferty told the local press on voting day.

Oregon Secretary of State Lucien Heath proudly touted his state’s system to The Intercept during an interview at NASS.

Oregon is one of two states in the country to require its residents to vote by mail, a system that was established via referendum in 1998. Heath argued that this old-fashioned system offers some of the best defense there is against cyber interference.

“We’re using paper and we’re never involved with the Internet. The Internet is not involved at all until there’s an announcement by each of our 36 counties to [the capital] Salem of what the results are and then that’s done orally and through a confirmation e-mail and the county clerks in each of the counties are very careful to ensure that the numbers that actually are posted are the ones that they have,” he said. “Oregon’s in a pretty unique situation.”

Democratic Congressman Jim Cooper of Tennessee recently urged his state to use $29 million in federal funds from the Help America Vote Act to reinforce the state’s paperless machines with a paper trail. “We have an opportunity to improve our election system so that it cannot be hacked, so the voters have complete faith in the integrity in the system, so that democracy works well here in Tennessee,” he said, explaining his request for the funds.

Heath agrees with the logic that a system that doesn’t rely on electronic voting machines is more secure.

“It’s a system that works….every [ballot] envelope that comes in has a bar code and a signature on the outside envelope. So the bar code brings up on the scanner the signature that’s part of the registration process and then it’s compared on the screen with the signature on the envelope. So every ballot that comes in on paper, the signatures are checked, and it’s just a system that we feel can’t really be hacked. It’s worked really well for us.”

In New Hampshire, the state uses a hybrid system that includes both paper ballots and machines that electronically count paper ballots with a paper trail.

Karen Ladd, the assistant secretary of state for New Hampshire, touted the merits of the system to The Intercept. “We do a lot of recounts, and you can only have a recount with a paper ballot. You can’t do a recount with a machine!” she said.

America’s paper ballot states may seem antiquated to some, but our neighbors to the north have used paper ballots for federal elections for their entire history. Thanks to an army of officials at 25,000 election stations, the integrity of Canada’s elections is never in doubt. “It’s highly decentralized and it’s paper-based so documents can be verified easily afterwards,” Marc Mayrand, former Chief Electoral Officer of Elections Canada, told the National Post. “So, there may be an error in transmission from time to time or there may be somebody trying to hack the web system that publishes results for the general public. But it’s always verifiable, you can always go back to your paper trail.”

Top photo: Signage at an early voting center on September 23, 2016 in Minneapolis, Minnesota.

The post Amidst Election Security Worries, Suddenly Paper Ballots Are Making A Comeback appeared first on The Intercept.

Buckhacker : search engine to find servers that can be hacked

BuckHacker: A search tool that allows you to search leaky Amazon Web Services servers

The lives of hackers has just been made a lot easier, thanks to a tool created by anonymous hackers that allows security researchers and cybercriminals to search for sensitive information stored in the cloud.

The tool called BuckHacker scans servers at Amazon Web Services (AWS), a popular cloud computing platform that offers compute power, database storage, content delivery and other functionality to governments, universities and private firms, among others.

“The purpose of the project is to increase the awareness on bucket security, too many companies was [sic] hit for having wrong permissions on buckets in the last years,” one of the anonymous developers of BuckHacker, told Motherboard in an email.

The search engine is specifically focused on Amazon’s Simple Storage Service (S3), and S3 servers known as “buckets”, which is the part of AWS that BuckHacker directly targets and accesses.

Users can search the hackable servers either by bucket name, which may include company or organization name, or filename. Basically, BuckHacker collects bucket names and index pages, breaks down the results and stores it in a database that can be searched by others. Besides returning results for exposed servers, it also returns the entries labeled “Access Denied” and “The specified deposit does not exist”.

“The project is still in a really super alpha stage (there are several bugs at the moment that we try to fix),” the BuckHacker developer added. “I was sharing the project privately with some friends but unfortunately then we go public before the time. Actually we are even thinking to shutdown it because is quite unstable.”

The search engine has now been taken offline, with the developers behind BuckHacker site saying on Twitter: “Sorry guys, we are going offline for maintenance. We went online with the alpha version too early.”

Amazon has yet to comment on the issue.

Source: Motherboard

The post Buckhacker : search engine to find servers that can be hacked appeared first on TechWorm.

Facebook Plans To Use US Mail To Verify IDs of Election Ad Buyers

Facebook will start using postcards sent by U.S. mail later this year to verify the identities and location of people who want to purchase U.S. election-related advertising on its site, a senior company executive said on Saturday. From a report: The postcard verification is Facebook's latest effort to respond to criticism from lawmakers, security experts and election integrity watchdog groups that it and other social media companies failed to detect and later responded slowly to Russia's use of their platforms to spread divisive political content, including disinformation, during the 2016 U.S. presidential election.

Read more of this story at Slashdot.

COINHOARDER criminal gang made an estimated $50 million with a Bitcoin phishing campaign

Researchers with Cisco Talos have monitored a bitcoin phishing campaign conducted by a criminal gang tracked as Coinhoarder that made an estimated $50 million by exploiting Google AdWords.

Researchers with Cisco Talos have monitored a bitcoin phishing campaign for several months with the help of the Ukraine Cyberpolice.

The gang, tracked as Coinhoarder, has made an estimated $50 million by exploiting Google AdWords to trick netizens into visiting Bitcoin phishing sites. This is the element that characterized this phishing campaign, Coinhoarder attackers used geo-targeting filters for their ads, the researchers noticed that hackers were targeting mostly Bitcoin owners in Africa.

The Ukrainian authorities located and shut down the servers hosting some of the phishing websites used by crooks. The phishing sites were hosted on the servers of a bulletproof hosting provider located in Ukraine, Highload Systems. The operation was temporarily disrupted but the police haven’t arrested any individual.

“Cisco has been tracking a bitcoin theft campaign for over 6 months. The campaign was discovered internally and researched with the aid of an intelligence sharing partnership with Ukraine Cyberpolice. The campaign was very simple and after initial setup the attackers needed only to continue purchasing Google AdWords to ensure a steady stream of victims.” reads the analysis published by Talos. “This campaign targeted specific geographic regions and allowed the attackers to amass millions in revenue through the theft of cryptocurrency from victims.”

The Coinhoarder group used Google Adwords for black SEO purposes, on February 24, 2017, researchers at Cisco observed a massive phishing campaign hosted in Ukraine targeting the popular Bitcoin wallet site blockchain.info with over 200,000 client queries. Crooks used Google Adwords to poison user search results in order to steal users’ wallets.

Unfortunately, this attack scheme is becoming quite common in the criminal ecosystem, hackers implement it to target many different crypto wallets and exchanges via malicious ads.

The COINHOARDER gang leveraged the typosquatting technique, the hackers used domains imitating the Blockchain.info Bitcoin wallet service in conjunction SSL signed phishing sites in order to appear as legitimate. Based on the number of queries, the researchers confirmed that this is one of the biggest campaigns targeting Blockchain.info to date.

“The COINHOARDER group has made heavy use of typosquatting and brand spoofing in conjunction SSL signed phishing sites in order to appear convincing. We have also observed the threat actors using internationalized domain names.” continues the analysis. “These domains are used in what are called homograph attacks, where an international letter or symbol looks very similar to one in English. Here are some examples from this campaign. 

The Punycode (internationalized) version is on the left, the translated (homographic) version on the right:

xn–blockchan-d5a[.]com → blockchaìn[.]com

xn–blokchan-i2a[.]info → blokchaín[.]info”

Talos researchers revealed that one campaign that was conducted between September and December 2017, the group made around $10 million.

“While working with Ukraine law enforcement, we were able to identify the attackers’ Bitcoin wallet addresses and thus, we could track their activity for the period of time between September 2017 to December 2017. In this period alone, we quantified around $10M was stolen.In one specific run, they made $2M within 3.5 week period. ” states Cisco Talos.

Further technical details on the campaign, including Indicators of Compromise are included in the analysis published by Cisco Talos.

Pierluigi Paganini

(Security Affairs – Coinhoarder, Bitcoin phishing campaign)

The post COINHOARDER criminal gang made an estimated $50 million with a Bitcoin phishing campaign appeared first on Security Affairs.

[PDF] Leading Issues in Cyber Warfare and Security [Download] Online | CONTENT MARKETING, CYBER SECURITY E COMMERCE, INTERNET PRIVACY, SEARCH ENGINES, SOCIAL MEDIA, TECHNOLOGY

megalegit.com - Contributed by Steve Ford on February 18, 2018 at 7:40 am Read Now http://readebooksonline.com.e-bookpopular.com/?book=1910810649 [PDF] Leading Issues in Cyber Warfare and Security [Download] Online …


Tweeted by @dark_email https://twitter.com/dark_email/status/965128872537804800

Google is Making it Easier For 911 To Find You in an Emergency

An anonymous reader shares a report: When you call 911 from a cellphone, your location is typically sent to the call taker by a wireless carrier. But that information isn't always so accurate. Well Google might have a better way of going about it and it tested its system across a few states in December and January, the Wall Street Journal reports. In the states where the tests took place, Google sent location data from a random selection of 911 callers using Android phones straight to the people taking those calls. The test included 50 call centers that cover around 2.4 million people in Texas, Tennessee and Florida, and early reports of the results suggest the system is promising. One company involved in the test told the Wall Street Journal that for over 80 percent of the 911 calls where Googl's system was used, the tech giant's location data were more accurate than what wireless carriers provided. The company, RapidSOS, also said that while carrier data location estimates had, on average, a radius of around 522 feet, Google's data gave estimates with radii around 121 feet. Google's data also arrived more quickly than carrier data typically did.

Read more of this story at Slashdot.

CVE-2018-7216

Cross-site request forgery (CSRF) vulnerability in esop/toolkit/profile/regData.do in Bravo Tejari Procurement Portal allows remote authenticated users to hijack the authentication of application users for requests that modify their personal data by leveraging lack of anti-CSRF tokens.

CVE-2018-7217

In Bravo Tejari Procurement Portal, uploaded files are not properly validated by the application either on the client or the server side. An attacker can take advantage of this vulnerability and upload malicious executable files to compromise the application, as demonstrated by an esop/evm/OPPreliminaryForms.do?formId=857 request.

U.S. Crypto Regulation Unlikely to Materialize in the Near Future: White House Official

For all the doomsday scenarios surrounding cryptocurrency regulation, the United States is unlikely to adopt any of its own in the near future, according to a top White House official. Not Close on Crypto Regulation In a Friday interview with CNBC, White House cyber security coordinator Rob Joyce said new regulations for the digital asset […]

The post U.S. Crypto Regulation Unlikely to Materialize in the Near Future: White House Official appeared first on Hacked: Hacking Finance.

Fear This Man

foreignpolicy.com - As the sun rose over the banks of the Seine and the medieval, half-timbered houses of Rouen, France, on July 13, 2012, Hisham Almiraat opened his inbox to find “Denunciation” in the subject line of a…


Tweeted by @Mwirigi https://twitter.com/Mwirigi/status/965095275609116672

CVE-2018-7207

National Payments Corporation of India (NPCI) Bharat Interface for Money (aka BHIM) 1.4.1 sends messages to undocumented telephone numbers in conjunction with logout/login actions, which allows remote attackers to obtain sensitive information.

CVE-2018-7208

In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object.

CVE-2018-7209

An issue was discovered in iDashboards 9.6b. It allows remote attackers to obtain sensitive information via a direct request for the idashboards/config.xml URI, as demonstrated by intranet URLs for reports.

CVE-2018-7210

An issue was discovered in iDashboards 9.6b. It allows remote attackers to obtain sensitive information via a direct request for the idb/config?CMD=installLicense URI, as demonstrated by intranet IP addresses and names of guest accounts.

CVE-2018-7197

An issue was discovered in Pluck through 4.7.4. A stored cross-site scripting (XSS) vulnerability allows remote unauthenticated users to inject arbitrary web script or HTML into admin/blog Reaction Comments via a crafted URL.

CVE-2018-7206

An issue was discovered in Project Jupyter JupyterHub OAuthenticator 0.6.x before 0.6.2 and 0.7.x before 0.7.3. When using JupyterHub with GitLab group whitelisting for access control, group membership was not checked correctly, allowing members not in the whitelisted groups to create accounts on the Hub. (Users were not allowed to access other users' accounts, but could create their own accounts on the Hub linked to their GitLab account. GitLab authentication not using gitlab_group_whitelist is unaffected. No other Authenticators are affected.)

The United States is “vulnerable” to cybersecurity attacks said by the co-founder of the computer security firm CrowdStrike

Recent cyber attacks, including NotPetya last June, have been destructive to American organizations, causing them hundreds of millions of dollars

The post The United States is “vulnerable” to cybersecurity attacks said by the co-founder of the computer security firm CrowdStrike appeared first on Latest Hacking News.

Silicon Valley Singles Are Giving Up On the Algorithms of Love

The Washington Post: Melissa Hobley, an executive at the dating app OkCupid, hears the complaints about the apps [being unable to find good matches] regularly and thinks they get a bad rap. Silicon Valley workers "are in the business of scalable, quick solutions. And that's not what love is," Hobley said. "You can't hurry love. It's reciprocal. You're not ordering an object. You're not getting a delivery in less than seven minutes." Finding love, she added, takes commitment and energy -- and, yes, time, no matter how inefficiently it's spent. "You have a whole city obsessed with algorithms and data, and they like to say dating apps aren't solving the problem," Hobley said. "But if a city is male-dominant, if a city is known for 16-hour work days, those are issues that dating apps can't solve." One thing distinguishes the Silicon Valley dating pool: The men-to-women ratio for employed, young singles in the San Jose metro area is higher than in any other major area. There were about 150 men for every 100 women, compared with about 125 to 100 nationwide, of never-married young people between 25 and 34 in San Jose, U.S. Census Bureau data from 2016 shows. That ratio permeates the economy here, all the way to the valley's biggest employers, which have struggled for years to bring more women into their ranks. Men make up about 70% of the workforces of Apple, Facebook and Google parent Alphabet, company filings show.

Read more of this story at Slashdot.

Deep Neural Networks for Bot Detection

From a research paper on Arxiv: The problem of detecting bots, automated social media accounts governed by software but disguising as human users, has strong implications. For example, bots have been used to sway political elections by distorting online discourse, to manipulate the stock market, or to push anti-vaccine conspiracy theories that caused health epidemics. Most techniques proposed to date detect bots at the account level, by processing large amount of social media posts, and leveraging information from network structure, temporal dynamics, sentiment analysis, etc. In this paper [PDF], we propose a deep neural network based on contextual long short-term memory (LSTM) architecture that exploits both content and metadata to detect bots at the tweet level: contextual features are extracted from user metadata and fed as auxiliary input to LSTM deep nets processing the tweet text.

Read more of this story at Slashdot.