Daily Archives: May 20, 2018

Platform – Solus Connect

solusconnect.com - Solus Connect comes with an internal Risk Scoring Module that allows organisations to track and analyse the overall risk during the authentication process. Besides the score generated by Behaviour, D…


Tweeted by @solusps https://twitter.com/solusps/status/998430731314450432

ThreatView Weekly Digest

threatview.ca - The CBC is warning more than 20,000 of its past, present and contract employees that their personal and financial information may be at risk after a break-in and the theft of computer equipment. "An …


Tweeted by @RiskviewInfo https://twitter.com/RiskviewInfo/status/998428219123552258

SecurityWeek RSS Feed: Two Vulnerabilities Patched in BIND DNS Software

Updates announced on Friday by the Internet Systems Consortium (ISC) for BIND, the most widely used Domain Name System (DNS) software, patch a couple of vulnerabilities.

While attackers may be able to exploit both of the flaws remotely for denial-of-service (DoS) attacks, the security holes have been assigned only a “medium” severity rating.

read more



SecurityWeek RSS Feed

Scientists Transfer Memory Between Snails

An anonymous reader quotes a report from Scientific American: UCLA neuroscientists reported Monday that they have transferred a memory from one animal to another via injections of RNA, a startling result that challenges the widely held view of where and how memories are stored in the brain. The finding from the lab of David Glanzman hints at the potential for new RNA-based treatments to one day restore lost memories and, if correct, could shake up the field of memory and learning. The researchers extracted RNA from the nervous systems of snails that had been shocked and injected the material into unshocked snails. RNA's primary role is to serve as a messenger inside cells, carrying protein-making instructions from its cousin DNA. But when this RNA was injected, these naive snails withdrew their siphons for extended periods of time after a soft touch. Control snails that received injections of RNA from snails that had not received shocks did not withdraw their siphons for as long. Glanzman's group went further, showing that Aplysia sensory neurons in Petri dishes were more excitable, as they tend to be after being shocked, if they were exposed to RNA from shocked snails. Exposure to RNA from snails that had never been shocked did not cause the cells to become more excitable. The results, said Glanzman, suggest that memories may be stored within the nucleus of neurons, where RNA is synthesized and can act on DNA to turn genes on and off. He said he thought memory storage involved these epigenetic changes -- changes in the activity of genes and not in the DNA sequences that make up those genes -- that are mediated by RNA. This view challenges the widely held notion that memories are stored by enhancing synaptic connections between neurons. Rather, Glanzman sees synaptic changes that occur during memory formation as flowing from the information that the RNA is carrying. The study has been published in the journal eNeuro.

Read more of this story at Slashdot.

NBlog May 21 – right on cue

I've mentioned already that we'll be using the imminent GDPR implementation deadline as an example of an incident in June's awareness module.

The eruption of Kilauea volcano on Hawaii's Big Island presents another awareness opportunity. To the people and organizations directly involved, it may qualify as a disaster already ... and it's not over yet.

The possibility of a massive explosive eruption cannot be totally discounted. Even the geologists, seismologists and vulcanologists aren't entirely sure what is going on and disagree on what will happen next. Yesterday's news coverage concerned lava flowing across major highways used as evacuation routes. Today it's acidic mists as molten lava hits the Pacific. Tomorrow there will probably be something else.

Dealing with that uncertainty, or risk, is bang on-topic for the awareness module. It's a classic contingency situation.

Some of our customers are also subject to volcanic/geological threats, while others face extreme weather, terrorism, intense commercial competition and more. There are valuable lessons to be gleaned from both GDPR and Kilauea, even for those who are not subject to those or even similar threats. 

So that's my task this afternoon, drawing out the main learning points and illustrating the materials by reference to a couple of specific incidents that everyone (hopefully!) will know something about.

3 Key Challenges To Being PCI 3.2 Compliant and How To Resolve Them

The latest revision to PCI DSS, PCI 3.2, provides specific security guidance on the handling, processing, transmitting and storing of credit card data. PCI 3.2 presents an opportunity for retail, healthcare, finance and hospitality organizations to minimize the theft, exposure and leakage of their customer’s personal and financial credit information by strengthening weakened security controls. […]… Read More

The post 3 Key Challenges To Being PCI 3.2 Compliant and How To Resolve Them appeared first on The State of Security.

5 Common DevOps Transition Mistakes to Avoid

When transitioning to a DevOps model, organizations must remember that people are essential to a successful switchover. It’s people who must learn new workflows, collaboration techniques, and tools during the move. This process will cause at least some disruption over a period as long as two years. Needless to say, they will need patience and […]… Read More

The post 5 Common DevOps Transition Mistakes to Avoid appeared first on The State of Security.

Amazon Offers Whole Foods Discounts To Prime Members

Amazon-owned Whole Foods debuted a loyalty program on Wednesday that offers special discounts to Prime members, including 10 percent off hundreds of sale items and rotating weekly specials. "The new loyalty strategy will test whether Amazon's $13.7 billion deal for Whole Foods brings much-feared disruption and an intensified price war to the $800 billion U.S. grocery industry dominated by Walmart and Kroger," reports Reuters. From the report: Those perks are available now in Florida and will roll out to all other stores starting this summer. Amazon previously announced free two-hour delivery from Whole Foods stores for members of Prime, its subscription club with fast shipping and video streaming. The new perks could make Whole Foods cheaper than conventional grocers for about 8 million of its customers who already subscribe to Amazon Prime, according to Morgan Stanley analysts. Prime members scan an app or input their phone numbers at checkout to receive the discounts.

Read more of this story at Slashdot.

MORE ‘TOP’ PAKISTANI JOURNALISTS SIDING WITH PML-N AGAINST ‘SMALL FAVOURS’ US FUNDING FOR PAKISTANI JOURNALISTS RAISES QUESTIONS OF TRANSPARENCY COUNTERING ENVIRONMENT OF MISINFORMATION MORE ‘TOP’ PAKISTANI JOURNALISTS SIDING WITH PML-N AGAINST ‘SMALL FAVOURS’ MORE BRIBED ‘TOP’ PAKISTANI JOURNALISTS SIDING WITH NAWAZ SHARIF TO HIDE HIS CORRUPTION Etymology

pakistanthinktank.org - Two Pakistani journalists filing reports home from  Washington are quietly drawing their salaries from US State Department funding through a nonprofit intermediary, highlighting the sophisticated nat…


Tweeted by @agamjd https://twitter.com/agamjd/status/998372498717659137

Microsoft acquires Semantic Machines, advancing the state of conversational AI

Group shot of team members from Semantic Machines.
Team members from Semantic Machines.

AI researchers have made great strides in recent years, but we are still at the beginning of teaching computers to understand the full context of human communication. Most of today’s bots and intelligent assistants respond to simple commands and queries, such as giving a weather report, playing a song or sharing a reminder, but aren’t able to understand meaning or carry on conversations. For rich and effective communication, intelligent assistants need to be able to have a natural dialogue instead of just responding to commands. We call this “conversational AI.”

We are excited to announce today that we have acquired Semantic Machines Inc., a Berkeley, California-based company that has developed a revolutionary new approach to building conversational AI. Their work uses the power of machine learning to enable users to discover, access and interact with information and services in a much more natural way, and with significantly less effort.

The company is led by many pioneers in conversational AI, including technology entrepreneur Dan Roth and two of the most prominent and innovative natural language AI researchers in the world, UC Berkeley professor Dan Klein and Stanford University professor Percy Liang, as well as former Apple chief speech scientist Larry Gillick.

Microsoft has driven research and breakthroughs in the fundamental building blocks of conversational AI, such as speech recognition and natural language understanding, for more than two decades. The goal has been to expand our vision of computers all around us to a world where they could see, hear talk and understand as humans. In 2016, we took another big step toward realizing this vision of conversational computing with the introduction of a framework for developing bots and the release of pre-built Cognitive Services for infusing speech recognition and natural language understanding into intelligent assistants. Today, there are more than 1 million developers using our Microsoft Cognitive Services and more than 300,000 developers using our Azure Bot Service, all helping to make computing more conversational.

We are further developing our work in conversational AI with our digital assistant Cortana, as well as with social chatbots like XiaoIce. XiaoIce has had more than 30 billion conversations, averaging up to 30 minutes each, with 200 million users across platforms in China, Japan, the United States, India and Indonesia. With XiaoIce and Cortana, we’ve made breakthroughs in speech recognition and more recently become the first to add full-duplex voice sense to a conversational AI system, allowing people to carry on a conversation naturally.

With the acquisition of Semantic Machines, we will establish a conversational AI center of excellence in Berkeley to push forward the boundaries of what is possible in language interfaces. Combining Semantic Machines’ technology with Microsoft’s own AI advances, we aim to deliver powerful, natural and more productive user experiences that will take conversational computing to a new level. We’re excited to bring the Semantic Machines team and their technology to Microsoft.

For more information on Semantic Machines, visit  http://www.semanticmachines.com/.

The post Microsoft acquires Semantic Machines, advancing the state of conversational AI appeared first on The Official Microsoft Blog.

As Gemini Embraces Zcash, Japan’s Coincheck Delists Privacy Coins

Japanese crypto exchange Coincheck has announced it will remove privacy coins from its trading platform in the wake of a “drastic review” of its internal controls. The decision paints privacy coins like Zcash in a negative light vis-a-vis consumer protection and stability. Coincheck to De-List Privacy Coins Beginning next month, trading of Zcash (ZEC), Monero […]

The post As Gemini Embraces Zcash, Japan’s Coincheck Delists Privacy Coins appeared first on Hacked: Hacking Finance.

Week in review: Office 365 phishing threats, companies ditch data as GDPR approaches

Here’s an overview of some of last week’s most interesting news, podcasts and articles: How can Office 365 phishing threats be addressed? The frequency of phishing within Office 365 is estimated to cost the average organization 1.3 compromised accounts each month via unauthorized, third-party login using stolen credentials. Personal encryption usage is increasing According to a Venafi survey of 512 security professionals attending RSA Conference 2018, sixty-four percent of respondents say their personal encryption usage … More

The post Week in review: Office 365 phishing threats, companies ditch data as GDPR approaches appeared first on Help Net Security.

200 Million Data sets sold on ‘dark web’



A data security firm has allegedly found a group of a hacker who is operating out of China has been seen selling the data of around 200 million Japanese users on the so-called dark web.

According to a FireEye iSIGHT Intelligence report, in December last year,  they spotted an underground Chinese-language website that was selling the sets of IDs, passwords and email addresses, and other important information.

It appears that the data have been assembled from hacking files of up to 50 smaller Japanese online retailers and gaming websites, and put up for sale as one big giant archive.

The BleepingComputer website has reported that "the price for the entire archive is ¥1,000 CNY ($150.96 USD). Several actors commenting on the forum thread where the suspected Chinese hacker was selling his data commented that they've bought the PII cache but did not receive their files. It is unclear if these comments are true, or if these were made by other data sellers trying to sabotage their competition."

The researchers say that they traced the hacker's online presence on a QQ social network ID that also gave a link to another hacker's social ID.

"This QQ address is connected to an individual living in China's Zhejiang province," researchers said.

Cryptocurrencies Rebound 8% from Recent Low as Tom Lee Gives Post-Consensus Takeaways

Cryptocurrenc prices have begun the week on a positive note, as bullish sentiment returned to the market following an underwhelming reaction to the Consensus blockchain summit. Crypto Prices Rally Bitcoin and the broader altcoin universe booked solid gains Monday. The combined value of all cryptocurrencies peaked at $392 billion, according to CoinMarketCap. At time time […]

The post Cryptocurrencies Rebound 8% from Recent Low as Tom Lee Gives Post-Consensus Takeaways appeared first on Hacked: Hacking Finance.

Tesla Unveils Dual Motor and Performance Specs For Model 3

Rei writes: Yesterday evening, Elon Musk announced the pricing and specs for two of the Model 3's most in-demand options -- dual motor and performance versions. The base dual motor configuration adds an AC induction front motor to the current partial-PM reluctance rear motor for $5,000; in addition to AWD and allowing the car to drive with either motor out, this cuts the 0 to 60 mph acceleration time from 5.1 seconds to 4.5 seconds. The performance package is available as a bundle, including the long-range pack, premium interior, 20" wheels, carbon fiber spoiler, and a new black-and-white interior. The vehicle will cost $78,000; 0 to 60 mph times are further cut to 3.5 seconds and the top speed increases from 140 mph to 155 mph. While these options have consistently polled as the most in-demand options not yet available, several still remain and are variously due late this year/early next year: cream interior, non-PUP, tow hitch, SR battery, and air suspension. EU-spec and China-spec are also due early next year. Production is currently over 3,500 per week, rumored to be 4,300 per week, and will be undergoing a shutdown from May 26-31 to raise production to the Q2 target of 5000-6000.

Read more of this story at Slashdot.

Trade Recommendation: USDCAD

This trade recommendation is setting up quickly and requires prompt attention. The Canadian Dollar (USDCAD) has a good setup to go long on a breakout above the swing high from last week’s closing move. The 3 Day Rolling Pivot Range (RPR) and the Weekly Pivot Range high level are providing near term support at the […]

The post Trade Recommendation: USDCAD appeared first on Hacked: Hacking Finance.

CVE-2018-11311

A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials.

‘TeenSafe’ Phone Monitoring App Leaked Thousands of User Passwords

An anonymous reader quotes a report from ZDNet: At least one server used by an app for parents to monitor their teenagers' phone activity has leaked tens of thousands of accounts of both parents and children. The mobile app, TeenSafe, bills itself as a "secure" monitoring app for iOS and Android, which lets parents view their child's text messages and location, monitor who they're calling and when, access their web browsing history, and find out which apps they have installed. But the Los Angeles, Calif.-based company left its servers, hosted on Amazon's cloud, unprotected and accessible by anyone without a password. "We have taken action to close one of our servers to the public and begun alerting customers that could potentially be impacted," said a TeenSafe spokesperson told ZDNet on Sunday. The database stores the parent's email address associated with their associated child's Apple ID email address. It also includes the child's device name -- which is often just their name -- and their device's unique identifier. The data contains the plaintext passwords for the child's Apple ID. Because the app requires that two-factor authentication is turned off, a malicious actor viewing this data only needs to use the credentials to break into the child's account to access their personal content data.

Read more of this story at Slashdot.

Did Octopuses Come From Outer Space?

A scientific paper, originally published in March, from peer-reviewed journal Progress in Biophysics and Molecular Biology has found its way in this week's news-cycle. The paper, which is co-written by 33 authors including molecular immunologist Edward Steele and astrobiologist Chandra Wickramasinghe, suggests that octopuses could be aliens, adding legitimacy to a belief, which otherwise has been debunked several times in the recent years. An excerpt from the paper, which makes the bold claim: The genetic divergence of Octopus from its ancestral coleoid sub-class is very great ... Its large brain and sophisticated nervous system, camera-like eyes, flexible bodies, instantaneous camouflage via the ability to switch color and shape are just a few of the striking features that appear suddenly on the evolutionary scene. [...] It is plausible then to suggest they [octopuses] seem to be borrowed from a far distant 'future' in terms of terrestrial evolution, or more realistically from the cosmos at large."Ephrat Livni of Quartz questions the basis of the finding: To make matters even more strange, the paper posits that octopuses could have arrived on Earth in "an already coherent group of functioning genes within (say) cryopreserved and matrix protected fertilized octopus eggs." And these eggs might have "arrived in icy bolides several hundred million years ago." The authors admit, though, that "such an extraterrestrial origin...of course, runs counter to the prevailing dominant paradigm." Indeed, few in the scientific community would agree that octopuses come from outer space. But the paper is not just about the provenance of cephalopods. Its proposal that octopuses could be extraterrestrials is just a small part of a much more extensive discussion of a theory called "panspermia," which has its roots in the ideas of ancient Greece. Newsweek spoke with Avi Loeb, the Frank B. Baird Jr. Professor of Science at Harvard University, who told the publication that the paper has raised "an interesting but controversial possibility." However, he added, that it offers no "indisputable proof" that the Cambrian explosion is the result of panspermia. Further reading: Cosmos magazine has outlined some flaws in the assumptions that the authors made in the paper. It has also looked into the background of some of the authors. The magazine also points out that though the paper has made bold claims, it has yet to find support or corroboration from the scientific community. News outlet Live Science has also questioned the findings.

Read more of this story at Slashdot.

masscan, macOS, and firewall

One of the more useful features of masscan is the "--banners" check, which connects to the TCP port, sends some request, and gets a basic response back. However, since masscan has it's own TCP stack, it'll interfere with the operating system's TCP stack if they are sharing the same IPv4 address. The operating system will reply with a RST packet before the TCP connection can be established.

The way to fix this is to use the built-in packet-filtering firewall to block those packets in the operating-system TCP/IP stack. The masscan program still sees everything before the packet-filter, but the operating system can't see anything after the packet-filter.


Note that we are talking about the "packet-filter" firewall feature here. Remember that macOS, like most operating systems these days, has two separate firewalls: an application firewall and a packet-filter firewall. The application firewall is the one you see in System Settings labeled "Firewall", and it controls things based upon the application's identity rather than by which ports it uses. This is normally "on" by default. The packet-filter is normally "off" by default and is of little use to normal users.

Also note that macOS changed packet-filters around version 10.10.5 ("Yosemite", October 2014). The older one is known as "ipfw", which was the default firewall for FreeBSD (much of macOS is based on FreeBSD). The replacement is known as PF, which comes from OpenBSD. Whereas you used to use the old "ipfw" command on the command line, you now use the "pfctl" command, as well as the "/etc/pf.conf" configuration file.

What we need to filter is the source port of the packets that masscan will send, so that when replies are received, they won't reach the operating-system stack, and just go to masscan instead. To do this, we need find a range of ports that won't conflict with the operating system. Namely, when the operating system creates outgoing connections, it randomly chooses a source port within a certain range. We want to use masscan to use source ports in a different range.

To figure out the range macOS uses, we run the following command:

sysctl net.inet.ip.portrange.first net.inet.ip.portrange.last

On my laptop, which is probably the default for macOS, I get the following range. Sniffing with Wireshark confirms this is the range used for source ports for outgoing connections.

net.inet.ip.portrange.first: 49152
net.inet.ip.portrange.last: 65535

So this means I shouldn't use source ports anywhere in the range 49152 to 65535. On my laptop, I've decided to use for masscan the ports 40000 to 41023. The range masscan uses must be a power of 2, so here I'm using 1024 (two to the tenth power).

To configure masscan, I can either type the parameter "--source-port 40000-41023" every time I run the program, or I can add the following line to /etc/masscan/masscan.conf. Remember that by default, masscan will look in that configuration file for any configuration parameters, so you don't have to keep retyping them on the command line.

source-port = 40000-41023

Next, I need to add the following firewall rule to the bottom of /etc/pf.conf:

block in proto tcp from any to any port 40000 >< 41024

However, we aren't done yet. By default, the packet-filter firewall is off on some versions of macOS. Therefore, every time you reboot your computer, you need to enable it. The simple way to do this is on the command line run:

pfctl -e

Or, if that doesn't work, try:

pfctl -E

If the firewall is already running, then you'll need to load the file explicitly (or reboot):

pfctl -f /etc/pf.conf

You can check to see if the rule is active:

pfctl -s rules



Errata Security: masscan, macOS, and firewall

One of the more useful features of masscan is the "--banners" check, which connects to the TCP port, sends some request, and gets a basic response back. However, since masscan has it's own TCP stack, it'll interfere with the operating system's TCP stack if they are sharing the same IPv4 address. The operating system will reply with a RST packet before the TCP connection can be established.

The way to fix this is to use the built-in packet-filtering firewall to block those packets in the operating-system TCP/IP stack. The masscan program still sees everything before the packet-filter, but the operating system can't see anything after the packet-filter.


Note that we are talking about the "packet-filter" firewall feature here. Remember that macOS, like most operating systems these days, has two separate firewalls: an application firewall and a packet-filter firewall. The application firewall is the one you see in System Settings labeled "Firewall", and it controls things based upon the application's identity rather than by which ports it uses. This is normally "on" by default. The packet-filter is normally "off" by default and is of little use to normal users.

Also note that macOS changed packet-filters around version 10.10.5 ("Yosemite", October 2014). The older one is known as "ipfw", which was the default firewall for FreeBSD (much of macOS is based on FreeBSD). The replacement is known as PF, which comes from OpenBSD. Whereas you used to use the old "ipfw" command on the command line, you now use the "pfctl" command, as well as the "/etc/pf.conf" configuration file.

What we need to filter is the source port of the packets that masscan will send, so that when replies are received, they won't reach the operating-system stack, and just go to masscan instead. To do this, we need find a range of ports that won't conflict with the operating system. Namely, when the operating system creates outgoing connections, it randomly chooses a source port within a certain range. We want to use masscan to use source ports in a different range.

To figure out the range macOS uses, we run the following command:

sysctl net.inet.ip.portrange.first net.inet.ip.portrange.last

On my laptop, which is probably the default for macOS, I get the following range. Sniffing with Wireshark confirms this is the range used for source ports for outgoing connections.

net.inet.ip.portrange.first: 49152
net.inet.ip.portrange.last: 65535

So this means I shouldn't use source ports anywhere in the range 49152 to 65535. On my laptop, I've decided to use for masscan the ports 40000 to 41023. The range masscan uses must be a power of 2, so here I'm using 1024 (two to the tenth power).

To configure masscan, I can either type the parameter "--source-port 40000-41023" every time I run the program, or I can add the following line to /etc/masscan/masscan.conf. Remember that by default, masscan will look in that configuration file for any configuration parameters, so you don't have to keep retyping them on the command line.

source-port = 40000-41023

Next, I need to add the following firewall rule to the bottom of /etc/pf.conf:

block in proto tcp from any to any port 40000 >< 41024

However, we aren't done yet. By default, the packet-filter firewall is off. Therefore, every time you reboot your computer, you need to enable it. The simple way to do this is on the command line run:

pfctl -e

Or, if that doesn't work, try:

pfctl -E

Ideally, you'd want it to start automatically on bootup. I haven't figure out how to do this one macOS in an approved fashion that doesn't conflict with something else. Apparently there are a few GUIs that will do this for you.




Errata Security

Relax! The real AI is not coming any soon!

cognisity.how - Lately, Google Assistant mimicking a person has given a new boost to speculations about the role of AI, and how close we are to the point when “AI will take over the world”, well, at least the busine…


Tweeted by @VV_TeachOlogy https://twitter.com/VV_TeachOlogy/status/998309858884620290

Trade Recommendation: CAD/PHP

The Canadian Dollar/Philippine Peso (CAD/PHP) pair started to look bearish when it generated a lower high of 45.595 in April 2011. The downtrend was confirmed in October 2012 when the pair broke support of 42. This activated the double top reversal pattern on the monthly chart. The reversal triggered a selling frenzy that saw the […]

The post Trade Recommendation: CAD/PHP appeared first on Hacked: Hacking Finance.

CVE-2018-11319

Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a directory that is a parent of the base directory of the project being checked. NOTE: exploitation is more difficult after 3.8.0 because filename prediction may be needed.

Tesla Releases Some of Its Software To Comply With Open-Source Licenses

Jeremy Allison - Sam shares a blog post from Software Freedom Conservancy, congratulating Tesla on their first public step toward GPL compliance: Conservancy rarely talks publicly about specifics in its ongoing GNU General Public License (GPL) enforcement and compliance activity, in accordance with our Principles of Community Oriented GPL Enforcement. We usually keep our compliance matters confidential -- not for our own sake -- but for the sake of violators who request discretion to fix their mistakes without fear of public reprisal. We're thus glad that, this week, Tesla has acted publicly regarding its current GPL violations and has announced that they've taken their first steps toward compliance. While Tesla acknowledges that they still have more work to do, their recent actions show progress toward compliance and a commitment to getting all the way there.

Read more of this story at Slashdot.

A Shift in Cybercrimes – Facexworm, the Crypto Trading Platforms’ Malware | [blokt] – Blockchain, Bitcoin & Cryptocurrency News

blokt.com - During the last month of April 2018, a malware named FacexWorm has spread through Facebook messenger all the way to cryptocurrency trading platforms and web-wallets. With the recent wave of cyber-att…


Tweeted by @MyShield_TM https://twitter.com/MyShield_TM/status/998287195667484672

Bill Gates Shares His Memories of Donald Trump

MSNBC recently published a video of Bill Gates telling his staff at the Gates Foundation that he had two meetings with Donald Trump since the president was elected. In the video, Gates says Trump doesn't know the difference between two sexually transmitted diseases -- human papillomavirus (HPV) and human immunodeficiency virus (HIV) -- and that it was "scary" how much Trump knew about Gates' daughter's appearance. Gates also said he urged Trump to support innovation and technology during those meetings. CNN reports: Taking audience questions about his interactions with Trump at a Bill & Melinda Gates Foundation meeting, the former Microsoft honcho said he first met Trump in December 2016. He told the audience that Trump had previously come across his daughter, Jennifer, at a horse show in Florida. "And then about 20 minutes later he flew in on a helicopter to the same place," Gates said, according to video of the event broadcast by MSNBC late Thursday. "So clearly he had been driven away but he wanted to make a grand entrance in a helicopter. "Anyway, so when I first talked to him, it was actually kind of scary how much he knew about my daughter's appearance. Melinda (Gates' wife) didn't like that too well." Gates also said he discussed science with Trump on two separate occasions, where he says the President questioned him on the difference between HIV and HPV. "In both of those two meetings, he asked me if vaccines weren't a bad thing because he was considering a commission to look into ill-effects of vaccines and somebody -- I think it was Robert Kennedy Jr. -- was advising him that vaccines were causing bad things. And I said no, that's a dead end, that would be a bad thing, don't do that. "Both times he wanted to know if there was a difference between HIV and HPV so I was able to explain that those are rarely confused with each other," Gates said.

Read more of this story at Slashdot.

Check Chain Mail and Hoaxes: HoweyCoins: fake offer, real education

US Securities and Exchange Commission: The SEC Has an Opportunity You Won’t Want to Miss: Act Now! – “The SEC set up a website, HoweyCoins.com, that mimics a bogus coin offering to educate investors about what to look for before they invest in a scam. Anyone who clicks on “Buy Coins Now” will be led instead to investor education tools and tips from the SEC and other financial regulators.” Commentary from Sophos: Don’t invest! The ICO scam that doesn’t want your money

And, returning to a more common scam topic on this site…

Malwarebytes: Fake Malwarebytes helpline scammer caught in the act – Given how much work Malwarebytes have done on these scams, not good targeting on the scammer’s part.

David Harley

Advertisements




Check Chain Mail and Hoaxes

Weekly Forecast: Economic Data, Post-Consensus Wrap-Up and Zcash’s Gemini Listing

It’s shaping up to be another active week in the financial markets, as currency and stock traders shift their attention to economic data and geopolitics. Cryptocurrency traders will be looking for clues about the direction of the market following a highly successful Consensus blockchain summit. To get a better sense of what’s ahead, we encourage […]

The post Weekly Forecast: Economic Data, Post-Consensus Wrap-Up and Zcash’s Gemini Listing appeared first on Hacked: Hacking Finance.

Security Affairs newsletter Round 163 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

·      A new flaw in Electron poses a risk to apps based on the framework
·      Malicious package containing Bytecoin cryptocurrency miner found on the Ubuntu Snap Store
·      UK mobile operator EE left a critical code system exposed with a default password
·      Chilis restaurant chain is the last victim of a Payment Card Breach
·      Critical Flaws in PGP and S/MIME Tools – Immediately disable tools that automatically decrypt PGP-encrypted email
·      Nigelthorn malware infected over 100,000 systems abusing Chrome extensions
·      PANDA Banker malware used in several campaigns aimed at banks, cryptocurrency exchanges and social media
·      Researchers disclosed details of EFAIL attacks on in PGP and S/MIME tools. Experts believe claims are overblown
·      Adobe issued security updates for 47 vulnerabilities in Acrobat DC and Reader
·      Dutch Government plans to phase out the use of Kaspersky solutions
·      Hackers shared technical details of a Code Injection flaw in Signal App
·      Massive DDoS attack hit the Danish state rail operator DSB
·      Rail Europe North America hit by payment card data breach
·      Anonymous defaced Russia govt website against Telegram ban
·      Mysterious hackers ingenuously reveal two Zero-Days to security community
·      Operation Hotel – Ecuador spent millions on spy operation for Julian Assange
·      Red Hat Linux DHCP Client affected by a command injection flaw, patch it now!
·      Mexican central bank confirmed that SWIFT hackers stole millions of dollars from Mexican Banks
·      Nethammer – Exploiting Rowhammer attack through network without a single attacker-controlled line of code
·      Russian Telegrab malware harvesting Telegram Desktop credentials, cookies, desktop cache, and key files
·      A New Mexico man sentenced to 15 Years in jail for DDoS Attacks and possession of firearms
·      CISCO issued security updates to address three critical flaws in Cisco DNA Center
·      Satori Botnet is targeting exposed Ethereum mining pools running the Claymore mining software
·      The new Wicked Mirai botnet leverages at least three new exploits
·      A dataset of 200 million PII exfiltrated from several Japanese websites offered on underground market
·      Chrome evolves security indicators by marking with a red warning for HTTP content
·      More than 800,000 DrayTek routers at risks due to a mysterious zero-day exploit
·      Updated – The new Wicked Mirai botnet leverages at least three new exploits

 

Pierluigi Paganini

(Security Affairs – Newsletter)

The post Security Affairs newsletter Round 163 – News of the week appeared first on Security Affairs.

The Verge Goes Hands-On With the ‘Wildly Ambitious’ RED Hydrogen One Smartphone

It's been almost a year since RED, a company known for its high-end $10,000+ cameras, teased a smartphone called the RED Hydrogen One. Several months have passed since the phone was announced and we still don't know much about it, aside from it having a very industrial design and "Hydrogen holographic display." Earlier this week, AT&T and Verizon confirmed that they'll launch the device later this year. Now, The Verge's Dieter Bohn has shared his hands-on impressions with the device, which he claims to be "one of the most ambitious smartphones in years from a company not named Apple, Google, or Samsung." Here's an excerpt from the report: The company better known for high-end 4K cameras with names like "Weapon" and "Epic-w" isn't entering the smartphone game simply to sell you a better Android phone. No, this phone is meant to be one piece of a modular system of cameras and other media creation equipment -- the company claims it will be "the foundation of a future multi-dimensional media system." To that end, it has a big set of pogo-pins on the back to connect it to RED's other cameras also to allow users to attach (forthcoming) modules to it, including lens mounts. If it were just a modular smartphone, we'd be talking about whether we really expected the company to produce enough modules to support it. RED is planning on starting with a module that is essentially a huge camera sensor -- the company is not ready to give exact details, but the plan is definitely more towards DSLR size than smartphone size. Then, according to CEO Jim Jannard, the company wants any traditional big camera lens to be attached to it. Answering a fan question, he joked that support for lenses will be "pretty limited," working "just" with Fuji, Canon, Nikon, Leica, and more. [...] The processor inside will be a slightly-out-of-date Qualcomm Snapdragon 835, but it seemed fast enough in the few demos I was able to try. Honestly, though, if you're looking to get this thing just as a phone, you're probably making your decision based on the wrong metrics. It's probably going to be a perfectly capable phone, but at this price (starting at $1,195) what you're buying into is the module ecosystem.

Read more of this story at Slashdot.

Trade Recommendation: Zcash

This trade recommendation is setting up quickly and requires prompt attention. The ZECUSDT coin price has tested the 3 Day Rolling Pivot Range and held support there. With a clear reversal Hammer candle in place the price could see a strong reversal move. The Daily Pivot Range low is current near term resistance. This is […]

The post Trade Recommendation: Zcash appeared first on Hacked: Hacking Finance.

DAN HODGES: Putin really IS coming to get you

dailymail.co.uk - This morning Britain is under attack from Russia. As we remove the bunting and fold away our Union Jacks, Putin's army is mobilising. Every household in every street of every town is a potential targ…


Tweeted by @chey_cobb https://twitter.com/chey_cobb/status/998254360508358656

Chinese ‘Accelerators’ In Silicon Valley Aim To Bring Startups Home

An anonymous reader quotes a report from Reuters: Beijing's unslakeable thirst for the latest technology has spurred a proliferation of "accelerators" in Silicon Valley that aim to identify promising startups and bring them to China. The surge in the number of China-focused accelerators -- which support, mentor and invest in early-stage startups -- is part of a larger wave of Chinese investment in Silicon Valley. At least 11 such programs have been created in the San Francisco Bay Area since 2013, according to the tech-sector data firm Crunchbase. Some work directly with Chinese governments, which provide funding. Reuters interviews with the incubators showed that many were focused on bringing U.S. startups to China. For U.S. government officials wary of China's growing high-tech clout, the accelerator boom reaffirms fears that U.S. technological know-how is being transferred to China through investments, joint ventures or licensing agreements. "Our intellectual property is the future of our economy and our security," Senator Mark Warner, the Democratic vice-chairman of the U.S. Senate Intelligence Committee, said in a statement to Reuters about Chinese accelerators. "China's government has clearly prioritized acquiring as much of that intellectual property as possible. Their ongoing efforts, legal or illegal, pose a risk that we have to look at very seriously."

Read more of this story at Slashdot.

Misconfigured CalAmp server allowed hacker to take over a lot of vehicles

Security researchers discovered that a misconfigured server operated by the CalAmp company could allow anyone to access account data and takeover the associated vehicle.

CalAmp is a company that provides backend services for several well-known systems.

Security researchers Vangelis Stykas and George Lavdanis discovered that a  misconfigured server operated by the CalAmp company could allow anyone to access account data and takeover the associated vehicle.

The experts were searching for security vulnerabilities in the Viper SmartStart system, a device that allows users to remotely start, lock, unlock, or locate their vehicles directly using a mobile app on their smartphones.

As with many other mobile applications, it used secure connections with SSL and Certificate Pinning (Hard-code in the client the certificate is known to be used by the server) to automatically reject a connection from sites that offer bogus SSL certificates.

The experts noticed that the app was connecting to mysmartstart.com domain and also to the third party domain (https://colt.calamp-ts.com/), it is the Calamp.com Lender Outlook service.

The experts discovered that using the credentials for the user created from the viper app it was possible to login the panel.

“This panel seemed to be the frontend for Calamp.com Lender Outlook service. We tried our user created from the viper app, to login and it worked!” reads the blog post published by Stykas.

“This was a different panel which seemed to be targeted to the companies that have multiple sub-accounts and a lot of vehicles so that they can manage them.” 

CalAmp car hacking.png

Further tests allowed the researchers to verify that the portal was secured, but during the assessment, the experts discovered that the reports were delivered by another dedicated server running tibco jasperreports software.

This was the first time the experts analyzed this type of server, they had to improvise and after removing all parameters they discovered they were logged in as a user with limited rights but with access to a lot of reports.

“None of us were familiar with that so we had to improvise. Removing all the parameters we found out that we were already logged in with a limited user that had access to A LOT of reports.” continues the report.

“We had to run all those reports for our vehicles right? Well the ids for the user was passed automatically from the frontend but now we had to provide them from the panel as an input.And…well..we could provide any number we wanted.”

The researchers gained access to all the reports for all the vehicles (including location history), and also data sources with usernames (the passwords were masked and there was no possibility to export them).

The server also allowed for the copying and editing any existing reports.

“We could not create a report or an adhoc or pretty much anything else, but we could copy paste existing ones and edit them so we can do pretty much anything.We could also edit the report and add arbitrary XSS to steal information but this was not something that we (or anyone in their right lawful mind) would want to do.” continues the report.

The availability of all production databases on the server, including CalAmp connect device outlook, was exploited by the researchers to take over a user account via the mobile application. If the attacker knows the older password for the account can simply walk to the car, unlock it, start the engine, and possibly steal the vehicle.

According to the experts the exploitation of the flaw could allow:

  • Well the very obvious just change the user password to a known one go to the car, unlock, start and leave.
  • Get all the reports of where everyone was
  • Stop the engine while someone was driving ?
  • Start the engine when you shouldn’t.
  • Get all the users and leak.
  • As we haven’t actually seen the hardware we might be able to pass can bus messages though the app ?
  • Get all the IoT devices from connect database or reset a password there and start poking around.
  • Really the possibilities are endless…

The experts reported the issue to CalAmp at the beginning of May 2018, and the company addressed the flaw in ten days.

Pierluigi Paganini

(Security Affairs – CalAmp, car hacking)

The post Misconfigured CalAmp server allowed hacker to take over a lot of vehicles appeared first on Security Affairs.

Estonia To Become the World’s First Free Public Transport Nation

On July 1st, the country of Estonia will create the largest 24/7 free public transit zone in the world, making it feasibly possible to travel by bus from one end of the 1.3 million-strong Baltic nation to the other without paying a cent. CityLab reports: Estonia is already a world leader in free public transit: In 2013, all public transit in its capital, Tallinn, became free to local residents (but not tourists or other visitors, even those from other parts of the country). The new national free-ride scheme with extend this model even further, making all state-run bus travel in rural municipalities free and extending cost-free transit out from the capital into other regions. The plan will not, however, extend Tallinn's existing free public transit policies to other Estonian cities, and it also won't make riding Tallinn transit free to visitors (at least, not initially). So while most of the country's land area and population -- which is overwhelmingly concentrated around Tallinn -- should get fare-free daily lives, it's not precisely the case that no Estonian will ever buy a bus ticket in their own country again. Further reading: Pop-Up City

Read more of this story at Slashdot.

The Pentagon has a project that aims to verify identity via smartphone

If a project funded by the Defense Department goes well, then new technology to verify identity and ultimately to assign a “risk score” to you could be new smartphones within two years.

The identity verification tech will be embedded in the hardware of smartphones. Steve Wallace, technical director at the Defense Information Systems Agency (DISA), told Nextgov that the tech “will analyze a variety of identifiers that are unique to an individual, such as the hand pressure and wrist tension when the person holds a smartphone and the person’s peculiar gait while walking.”

To read this article in full, please click here

Pentagon’s project to verify identity via smartphones within two years

If a project funded by the Defense Department goes well, then new technology to verify identity and ultimately to assign a “risk score” to you could be new smartphones within two years.

The identity verification tech will be embedded in the hardware of smartphones. Steve Wallace, technical director at the Defense Information Systems Agency (DISA), told Nextgov that the tech “will analyze a variety of identifiers that are unique to an individual, such as the hand pressure and wrist tension when the person holds a smartphone and the person’s peculiar gait while walking.”

To read this article in full, please click here

Trade Recommendation: aelf

The Aelf/Bitcoin pair (ELF/BTC) has been trapped in a wide range between 0.000056 to 0.00022 since December 22, 2017. For about a month and a half, market participants accumulated positions as seen on the daily average Aelf volume of 30 – 40 million units. By February 6, 2018, volume began to exponentially decline. This suggests […]

The post Trade Recommendation: aelf appeared first on Hacked: Hacking Finance.

Popular ‘Gboard’ Keyboard App Has Had a Broken Spell Checker For Months

The popular Gboard keyboard app for iOS and Android devices has a fundamental flaw. According Reddit user SurroundedByMachines, the red underline has stopped appearing for incorrectly spelled words since November of last year -- and it doesn't appear to be limited to any one device. Issues with the spell checker have been reported on multiple devices across Android and iOS. A simple Google search brings up several different threads where people have reported issues with the feature. What's more is that nobody at Google seems to get the memo. The Reddit user who first brought this to our attention filed several bug reports, left a review, and joined the beta channel to leave feedback there, yet no response was given. "Many people have been having the issue, and it's even been escalated to the community manager," writes SurroundedByMachines. Since the app has over 500 million downloads on the Play Store alone, this issue could be frustrating a lot of users, especially those who use their phones to send work emails or write documents. Have you noticed Gboard's broken spell checker on your device? If so, you may want to look into another third-party keyboard, such as SwiftKey or Cheetah Keyboard.

Read more of this story at Slashdot.

Interview: Tax Strategies for Crypto Traders

With cryptocurrencies going mainstream, more and more people are asking how trading and holding of it should be reported to the tax authorities in their respective countries. And not only are people wondering, even the tax authorities themselves sometimes seem to have a hard time figuring out how they should deal with it. Although guidelines […]

The post Interview: Tax Strategies for Crypto Traders appeared first on Hacked: Hacking Finance.

How to Define and Build an Effective Cyber Threat Intelligence Capability: How to Understand, Justify and Implement a New Approach to Security

tobem.com - Intelligence-Led Security: How to Understand, Justify and Implement a New Approach to Security is a concise review of the concept of Intelligence-Led Security. Protecting a business, including its in…


Tweeted by @CyberToolsBooks https://twitter.com/CyberToolsBooks/status/998215283633524736

CVE-2018-11242

An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally stored) are not encrypted and have cleartext that might lead to sensitive information disclosure, as demonstrated by data/com.makemytrip/databases and data/com.makemytrip/Cache SQLite database files.

No Fossil Fuel-Based Generation Was Added To US Grid Last Month

An anonymous reader quotes a report from Ars Technica: In the U.S., two types of electricity generation are on the rise: natural gas and renewables. If one of those is set to make a bigger mark than the other this year, it's natural gas: in 2018, natural gas-burning capacity is expected to outpace renewable capacity for the first time in five years, according to data from the Energy Information Agency. Although natural gas additions are expected to overtake renewable energy additions in 2018, forecasts for renewable energy additions to the grid roughly match what we saw in 2017. Natural gas is overtaking renewables not because renewable energy adoption is slowing, but more because natural gas facilities are seeing a considerable boom. In fact, barring any changes in the EIA numbers, natural gas, wind, and solar generation are the only electricity generation sources that will be added to the U.S. grid in any consequential manner in 2018. Battery, hydroelectric, and biomass facilities make up the small percentage of "other" sources that are expected to come online this year. Renewable energy also started off the year strong. According to the EIA, "in February 2018, for the first time in decades, all of the new generating capacity coming online within a month were non-fossil-fueled. Of the 475 MW of capacity that came online in February, 81 percent was wind, 16 percent was solar photovoltaic, and the remaining 3 percent was hydro and biomass."

Read more of this story at Slashdot.

Hack the Trollcave VM (Boot to Root)

Hello friends! Today we are going to take another CTF challenge known as Trollcave. The credit for making this vm machine goes to “David Yates” and it is another boot to root challenge in which our goal is to gain root access and capture the flag to complete the challenge. You can download this VM from here.

Let’s Breach!!!

Let’s start with getting to know the IP of VM (Here, I have it at 192.168.1.124 but you will have to find your own)

netdiscover

Now let’s move towards enumeration in context to identify running services and open of victim’s machine by using the most popular tool Nmap.

nmap -A 192.168.1.124

Awesome!! Nmap has dumped the details of services running on open port 22 and 80.

Knowing port 80 is open in victim’s network I preferred to explore his IP in a browser. At first glance, we saw three tabs Home, login and Register.

Then we scroll down the page and look at Ruby gem and found that this site is based on Ruby on rails. And on the right side we saw two categories i.e. 0nline users and Newest users, when we click on “xer” a new web page gets opened.

From its URL we perceived that user xer has user ID 17 and hence there must be any user between user ID 1 to 17.

So we manually replace id 17 from id 1 and found King’s page which was for superadmin account.

At its home page we read the post password reset by coderguy, represented by ruby gem for rail password reset and from Google we found default directory for password reset for reset. So we explored http://192.168.1.124/password_resets/new  and obtained password reset form.  Very first we try to reset superadmin password but unfortunately get failed, BUT successfully got the link for xer password reset.

Yeah!! It was Pretty Good to see a link for xer password reset, then we have copied that link.  

http://192.168.1.124/password_resets/edit.dphWuziPVk6ELBIQ0P-poQ?name=xer

 

And past the copied link in URL, then swap name=xer from king as given below, later entered a new password for superadmin (king), it is known as IDOR.

http://192.168.1.124/password_resets/edit.dphWuziPVk6ELBIQ0P-poQ?name=king

Well!!! On executing URL; it gives a message “password reset successfully” and then we logged in superadmin account.

Yippee!!! Finally, we logged in as superadmin and access admin console, we saw many tabs and apparently click on file manager.

 

Here we saw enable file upload option, and we enabled it so that we can upload any backdoor whenever we need to upload that.

Thus we start from uploading PHP backdoor but failed to upload, similarly, we tried so many backdoors such as ruby, C shell and many more but get failed each time. After so many attempts we successfully upload ssh RSA file.

To do so follow the below steps:

ssh-keygen -f rails
mv rails.pub authorized_keys
chmod 600 rails

 Here we have generated ssh RSA key file by the name of rails without a password and transferred rails.pub into authorized_keys and gave permission 600 for proper authentication.

Then upload the authorized_keys and add ../../../../../../home/rails/.ssh/authorized_keys path manually.

So after uploading SSH key, it was time to connect target’s machine through ssh key.

ssh -i rails rails@192.168.1.124

Awesome!! From below image, you can observe the target machine’s tty shell.

Then we execute lsb_release -a command to know the version of the kernel and found 16.04. After then with the help of searchsploit found kernel exploit 44298.c for local privilege escalation.

At that moment we copied this exploit on Desktop and compiled it, now it was impossible to transfer the exploit using simple complied file, therefore, we need to encode it file into base64. You use below command to follow same steps.

cd Desktop
cp /usr/share/exploitdb/exploits/linux/local/44298.c .
gcc 44298.c -o kernel
base64 kernel

We copied the base64 encoded value then movie into target’s terminal where we created an empty file exploit.base64 with the help of nano and past above copied encode code.

nano exploit.base64

Far ahead decoded it in a new file as rootshell and give all permission to the decoded file. At last, we run the rootshell file to get root privilege.

cat exploit.base64 |base64 -d > rootshell
chmod u+x rootshell
./rootshell
id
cd /root
cat flag.txt

BINGO!!!! We got the root flag!!!

Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets. Contact here

The post Hack the Trollcave VM (Boot to Root) appeared first on Hacking Articles.

Code Name Jaguar: How a Top Police Official Carried Out a Reign of Terror in Mexico

Hugo Murrieta could draw anything. As their birthdays approached, children from the Mexican town of Coatepec would come knocking on the door of the small house he shared with his mother in the violence-riddled Gulf Coast state of Veracruz. They’d tell Murrieta their favorite cartoon characters, mostly from Disney movies, and he’d recreate them with celebratory messages to be hung at their birthday parties.

“He never charged them, just that they’d bring him the materials,” said his mother, María del Carmen. “He did it because he liked to draw.”

Murrieta’s mother was well-known in Coatepec for the delicious chiles she handmade and sold daily for decades. Each day, Murrieta, 22 years old, would help his mother by delivering them around Coatepec and nearby Xalapa, the state capital, in the taxi he occasionally drove.

Unfortunately for Murrieta, that taxi was on a police hit list, marking it for targeting by the Fuerza de Reacción, or “Reaction Force,” instated by former Veracruz Secretary of Public Security Arturo Bermúdez, an official who gave himself the code name Jaguar. On the afternoon of April 16, 2013, Murrieta was seized, beaten, and never seen again.


EUM20170203NAC12.JPG<br /><br /><br /><br /><br />
XALAPA, Ver. Security/Seguridad-Veracruz.- Aspectos de la detención del ex secretario de Seguridad Pública de la entidad durante la gubernatura de Javier Duarte, Arturo Bermúdez Zurita, 3 de febrero de 2017. Foto: Agencia EL UNIVERSAL/JMA (GDA via AP Images)

Arturo Bermúdez Zurita, alias Jaguar, center, when he was detained on Feb. 3, 2017.

GDA via AP Images

Nearly five years later, on February 8, 2018, a Mexican federal judge charged 31 members of the state police, including Bermúdez, for the forced disappearance of 15 people between April and October 2013. Details of Murrieta’s case emerged during the more than 13-hour arraignment hearing (although he was not among the 15 these officers were charged with disappearing). The accused, the press, and families of the disappeared listened as statements were read from two former police officers turned state witnesses and a survivor who had been held and tortured by Bermúdez’s men. The state attorney general’s office’s indictment stated that during Bermúdez’s tenure as security secretary, he had implemented an illegal, clandestine policy that included the “systemic violation of human rights” by “detecting, arresting, torturing and forcibly disappearing people supposedly linked to organized criminal groups.”

Murrieta’s mother doesn’t know why he was on a police hit list. According to her, he worked every weekend as a waiter, while during the week he delivered her chiles and operated his taxi. He never had money for art supplies; she still had to buy his clothes and shoes.

“At that time in Coatepec, they were kidnapping a lot of people, but many didn’t report it because they were afraid of the repercussions,” said del Carmen. She did call the police after Murrieta disappeared, with the hope that they’d help. They came to her home and tore apart his bedroom, flung his art supplies off the table, ripped the drawings he hung up off the wall, and found nothing illegal. She claimed that no piece of evidence has ever been presented to suggest that he had done anything wrong. She keeps a box of what remains of his art to look at when she wants to remember him.

In his statement read at the arraignment hearing, one of the ex-police witnesses who took part in the kidnapping detailed how a Reaction Force, under the command of Alejandro Trujillo — a subordinate to Bermúdez who went by the alias El Cyber — surrounded Murrieta’s taxi at around 4:30 p.m. that April day in 2013, just outside City Hall. Trujillo had a list of taxi numbers; Murrieta’s white-and-red 505 was one of them.

The officers took Murrieta behind a gas station where Trujillo interrogated him as two of his men beat him. Trujillo made a phone call, then instructed his men to take Murrieta to Xalapa’s Lencero Police Academy and transfer him to a secret special unit named Los Fieles, or “the Loyal Ones.” Murrieta’s mother never saw him again.

In Mexico, at least 33,000 people are believed to have disappeared at the hands of cartels or corrupt state forces since the war on drugs was declared in 2006. Impunity is the norm, and Bermúdez is possibly the highest ranking Mexican official to be charged with the human rights crime. The entire country is watching the case to see if the charges will reach even higher up the chain of command to Javier Duarte, Veracruz’s ex-governor, who is currently awaiting trial for corruption charges. Last week, the current state governor said that his predecessor Duarte had personally known of at least 19 disappearances that took place during his term.

The case also has implications for the embattled legacy of Mexican President Enrique Peña Nieto, who has been dogged by corruption scandals himself and has failed to stem the violence that led to Mexico hitting a record number of homicides in 2017. State violence in Veracruz cast a harsh light on Peña Nieto and Duarte’s Institutional Revolutionary Party, known by the Spanish acronym PRI; ahead of Mexico’s presidential elections in July, their candidate, José Antonio Meade, sits in a distant third in the most recent polls.

Veracruz State Attorney General Jorge Winckler insists that the new state government — under the opposing National Action Party, known by the Spanish acronym PAN — is committed to uncovering the truth of what happened during Duarte’s six-year governorship. The disappearances under investigation, he said in a statement to The Intercept, go beyond the 15 people in 2013 who were named in the charges against Bermúdez; many cases, like Murrieta’s, remain open. To date, there are 53 municipalities across the state where there has been at least one report of state security forces likely participating in a forced disappearance.

“The investigation will continue until everyone that participated in this illegal and clandestine policy of systematic forced disappearances are punished,” Winckler said.


Javier Duarte, former governor of the Mexican state of Veracruz, accused of graft and involvement in organized crime, is escorted by police officers for a hearing to decide on his extradition, at the Supreme Court in Guatemala City on June 27, 2017.<br /><br /><br /><br /><br /><br /><br /><br /><br />
Duarte, suspected of embezzling hundreds of millions of dollars, was arrested on April 15 in Guatemala after six months on the run with Mexico filing its extradition request later that night. / AFP PHOTO / Johan ORDONEZ        (Photo credit should read JOHAN ORDONEZ/AFP/Getty Images)

Javier Duarte, former governor of the Mexican state of Veracruz, is escorted by police officers for a hearing to decide on his extradition at the Supreme Court in Guatemala City on June 27, 2017.

Photo: Johan Ordonez/AFP/Getty Images

Javier Duarte became the governor of Veracruz in December 2010 and immediately began to syphon public funds, taking money destined for social programs and laundering it through phantom companies, among other strategies. By the end of his governorship, it’s alleged that he and his associates stole approximately $3.2 billion. Although Duarte’s term didn’t finish until December 2016, he stepped down two months early and quickly disappeared. The Mexican government charged the governor, along with Bermúdez and other officials, with illegal enrichment and other corruption charges. The disgraced Duarte remained on the lam for six months before finally being arrested in Guatemala and extradited back to Mexico, where he is incarcerated and awaiting trial.

Duarte’s public fall from grace was an emblematic representation of Peña Nieto’s failure to address corruption, one of his central campaign promises when he ran in 2012. Peña Nieto is the latest man to lead Mexico from the PRI, which was famously dubbed “the perfect dictatorship” by author Mario Vargas Llosa. The PRI ruled Mexico for 71 years during the 20th century, creating a nearly feudal state system of governorships, passed down through friends and family, where officials often treated state funds like their own personal piggy banks.

The PRI’s presidential reign ended in 2000, when the PAN won subsequent presidential campaigns with Vicente Fox and Felipe Calderón. Peña Nieto’s victory returned the PRI to power, and during his campaign he repeatedly claimed that, finally, this time, the party would be different. On the campaign trail, Peña Nieto infamously paraded out Javier Duarte, along with other relatively young, recently elected Govs. Roberto Borge, of Quintana Roo, and César Duarte (no relation), of Chihuahua, labelling them the “New PRI.”

It seems the new PRI is much like the old: Both Borge and César Duarte also fled amidst corruption allegations after their governorships ended. Borge is currently incarcerated in Mexico after his arrest in Panama earlier this year, while César Duarte remains at-large and has been said to be hiding in the United States, where he owns several properties.


Relatives try identify their missing loved ones at the morgue of Cosamaloapan, with the hope of finding their bodies, retreived from a mass grave which has been recently discovered, in Veracruz , Mexico, Wednesday, June 18, 2014. More than two dozen bodies have been recovered from the mass grave in Veracruz, an eastern Mexican state plagued by attacks on migrants and drug cartel violence, officials said Wednesday. (AP Photo/Felix Marquez)

Relatives try to identify their missing loved ones at the morgue of Cosamaloapan, with the hope of finding their bodies, retrieved from a mass grave which was discovered in Veracruz in June 2014.

Photo: Felix Marquez/AP

Beyond corruption, Peña Nieto’s tenure has seen horrific levels of violence in Mexico, committed by both state and nonstate actors. The death squads in Veracruz are not the first instance of authorities being implicated in cases of forced disappearance — most notoriously, 43 students from a teachers college in Ayotzinapa, in the state of Guerrero, went missing in 2014.

“Impunity has been, in general, almost absolute for all crimes, including crimes committed by the authorities,” said Carlos Zazueta, a researcher at Amnesty International’s Mexico office.

In Zazueta’s opinion, the police now are even worse, and the few efforts Peña Nieto’s government has made to improve the security forces “have still been insufficient.”

“There are no public policies in place that effectively seek to stop impunity or punish those who are responsible for a crime,” he said.

Authorities arrested Bermúdez while Javier Duarte was on the run, but both men could be out of jail in a few years if they are only found guilty on corruption charges. Their relatives continue to live lavishly around the world, and no doubt, the ex-officials would join them when released. With the charges of forced disappearances, however, Bermúdez could face 90 years in prison.

Lucy Díaz, a representative of a collective of families of those disappeared in Veracruz, called the current arrests just the “tip of the iceberg,” noting how many countless complicit and guilty remain free, including “the worst of all of them,” Duarte.

Díaz said that unless he is held responsible for forced disappearances, “Duarte’s going to leave [jail] with his money all laundered, his money all cleaned.”

“That’s the disgrace of all this,” she added.


Women wearing T-shirts with pictures of missing persons, react during a march to mark Women's Day in Xalapa, in the state of Veracruz, Mexico May 10, 2018. REUTERS/Yahir Ceballos - RC1B955D4500

Family and friends wearing clothing and holding signs to call attention to the desaparecidos, or disappeared, during a march to mark Women’s Day in Xalapa, in the state of Veracruz on May 10, 2018.

Photo: Yahir Ceballos/Reuters

Collectives of grieving families like Díaz’s have self-organized for years, investigating cases and leading searches throughout the state for their relatives because they didn’t trust the government’s claims. At the end of Duarte’s term, his government only recognized the disappearance of 524 people in Veracruz. The PAN government which succeeded Duarte has reviewed existing case files and upped the number to at least 3,600 between 2006 and 2016, and has since discovered numerous clandestine grave sites, such as the more than 250 skulls found at Colinas de Santa Fe, outside of Veracruz Port, in 2017.

The litany of abuses allegedly committed by state forces working for Duarte goes beyond disappearances. His security forces operated an illegal detention center out of the Lencero Police Academy — complete with garish touches like a zoo full of exotic animals — and ran arrests, interrogations, and disappearances with ruthless efficiency and no regard for due process.

The police academy was revealed as an illegal detention center in October 2013, after a Veracruz highway police officer named Jacqueline Espejo was mistakenly taken there and tortured for several days. According to police witness testimony, Trujillo’s team detained Espejo after she left her shift in a taxi driven by Andrés Aguilar — who was on the police hit list. According to the indictment, the Fieles allowed Espejo to leave Lencero if she “would forget the taxi driver”; Aguilar was never seen again.

Espejo feared for her life and gave a press conference a few days later, detailing her abuse at Lencero. According to the Mexican weekly publication Proceso, a local journalist named Carlos Hernández had also been unlawfully detained and tortured at Lencero, in 2012. (Under Duarte’s administration, 17 journalists were killed and three disappeared; the region is widely considered one of the most dangerous places in the world to practice journalism.)

In January 2014, the corpses of Gibrán Martiz, a former contestant on “The Voice Mexico,” and his 17-year-old friend Sergio Luís Martínez, appeared by a bridge with signs of torture. They had disappeared 13 days prior, along with a third friend, after police performed a warrantless search of their apartment in Xalapa. Martiz’s father independently investigated the case and says that the final GPS coordinates of the singer’s phone were at Lencero.

Lencero operated as somewhat of an open secret. Duarte’s government remodeled the old building at the beginning of his term, expanding and updating the facilities, and added a few accoutrements, like Bermúdez’s zoo of exotic animals, which reportedly had four crocodiles, a lion, and of course, a jaguar.


vicky-carlos-1526669345

Vicky Delgadillo, left, and Carlos Saldaña have joined search parties around the state looking for their missing children.

Photo: Nathaniel Janowitz

Vicky Delgadillo, who has spent years searching ranches, graveyards, and wild areas for her disappeared daughter Yunery, has heard awful rumors about the zoo.

“Now they’re saying a lot of things, that many of the kidnapped were taken to the academy, that they had them there, they killed them, and then they’d give them to the animals” said Delgadillo.

Yunery disappeared on November 28, 2011, one of 13 young women who disappeared from Xalapa in a three-day period. Some of the women are alleged to have attended parties at ranches with men from the government and criminal figures, and disappeared because they knew too much.

“It’s something inhumane, something unforgivable. If [Bermúdez] did these things and he was doing it with his police …,” Delgadillo trailed off. “That they’d do those kinds of things …”

The two witness statements presented at Bermúdez’s trial, along with Espejo’s earlier testimony, paint a dark picture of the inner workings of Duarte’s security forces under Bermúdez’s leadership.

On September 22, 2012, federal authorities arrested 35 Veracruz police officers who allegedly worked with the Zetas drug cartel. Shortly after, according to witness testimony, Bermúdez held a meeting surrounded by police from at least eight different units around the state.

Bermúdez aggressively explained the new protocol of no mercy, the witness recalled: “Pendejos, if you have family members, friends, or acquaintances that are involved with the Zetas, report them, and if among your colleagues there are people connected with crime, report them, or bring them to the Fieles at the academy because I don’t give a fuck.”

Two teams of the Fuerza de Reacción were created, one under the control of Trujillo, or El Cyber, and a second under another commander named Mario Duran. Each team worked in 24-hour shifts, and, according to one witness, they picked up approximately 15 people a month.

After a suspect was arrested, they were taken to one of several locations to be interrogated and tortured; women were systematically raped. One of the disappeared was a 17-year-old girl named Cecilia de la Cruz, who was raped by several members of the Fuerza de Reacción, including El Cyber, according to the indictment of the state police. One witness also stated that El Cyber had a predilection for transgender women, who he would detain to interrogate and then rape.

Once the initial interrogation was complete, the team leader would call Bermúdez himself, or one of his direct subordinates, to decide if the accused would be transferred to the Fieles at Lencero. One of the witnesses estimated that about five people each month were taken to the Fieles; he personally remembered his team transferring roughly 50 people to them. The Fuerza de Reacción had little relationship with the Fieles, which was led by Roberto González Meza. When they transferred detainees, the witness claimed the Fieles were almost always hooded and masked. According to Duarte’s government, the Fieles didn’t exist. They were never reported in the state budget; however, both witnesses alleged that they received much higher salaries than normal officers.

The Fieles held the detained in cells in a private part of Lencero, known as “the Bunker,” where they were further interrogated and tortured, before being disappeared. A second ex-police witness, who worked around the academy in another capacity, alleged that they heard the Fieles talk about taking people swimming in “la Laguna Negra” — the Black Lagoon. The witness alleged that “Laguna Negra” was a code word for the nearby Barranca de Aurora, a large woody area filled with steep cliffs and rugged canyons on the outskirts of Xalapa.

Search parties discovered the remains of at least 15 bodies at the Barranca de Aurora in January 2016, but to this date, only a small fraction of the area has been checked.

Carlos Saldaña has accompanied dozens of searches over the past few years, including rappelling down a cliff in the Barranca de Aurora. Saldaña’s two children, Karla and Jesús, disappeared in 2011. The car they were driving in was later found with an ex-police officer.

“That was an administration that you didn’t know who to be careful of. You had to be more concerned with the authorities than with the criminals,” said Saldaña.

It appears that the federal government is starting to take the Veracruz disappearances seriously. A police source in a recently created special investigation unit within the federal Attorney General’s Office focused on forced disappearance crimes confirmed that in May, his unit will team up with state investigators to lead searches in the Barranca de Aurora and other areas.

“We have to start to find the bodies because the families are fed up. We need to start holding people accountable at all levels,” said the detective, who asked not to be named to discuss an active investigation. He searches for bodies across Mexico.

“This type of thing isn’t only in Veracruz; it happens in Tamaulipas, Chihuahua, Guerrero, lots of states in Mexico. But because this case implicates the governor, all eyes are focused on Veracruz.”


Alfredo Carmona alias "el Capi," alleged leader of the New Generation gang that dubs itself "Mata Zetas," or "Zetas Killers," front row left, and Aquiles Cruz, alleged operations leader of the Zetas drug cartel in Veracruz, front row right, stand with alleged members of the New Generation gang, left, and alleged members of the Zetas cartel, right, as they are presented to the press by the marines in Mexico City, Friday, Oct. 7, 2011. Marines arrested 12 alleged Zetas and eight members of the Jalisco New Generation drug gang on Thursday.  The relatively new drug gang,  New Generation, is responsible for killing at least 67 people whose bodies were found over the course of a couple of weeks in the Gulf coast state of Veracruz, Mexican authorities said Friday.  (AP Photo/Eduardo Verdugo)

Alleged members of the New Generation gang and alleged members of the Zetas cartel are presented to the press by the marines in Mexico City on Oct. 7, 2011.

Photo: Eduardo Verdugo/AP

Defenders of these dirty war tactics might point to the government of Veracruz’s ostensible foes: criminal groups like the Zetas, arguably once the most ruthless and hyperviolent of all of Mexico’s drug cartels. The group was founded as an elite cadre of deserters from the military, and their atrocities have been well-documented, including the 2010 murder of 72 unarmed migrants in San Fernando, Tamaulipas, and the weeks-long massacre in the town of San Allende, Coahuila, in 2011. The Zetas are also notorious for using teenagers for low-level jobs like lookouts and drug mules, for little money and often through coercion.

However, Duarte had his own relationship with Veracruz’s murky underworld.

His predecessor, Fidel Herrera, governed from 2004 to 2010, and it is widely alleged that he invited the Zetas, then the military wing of the Tamaulipas-based Gulf Cartel, into the state after receiving financial backing from the group for an electoral campaign. As the Zetas broke away from their Gulf bosses to the north, they aggressively took Veracruz away from state control.

Alberto Olvera, an investigator at Veracruz University who recently published a report on authoritarianism and violence in Veracruz under Duarte, called it an “irregular war.”

“In Veracruz, it’s important to note that there have been distinct cycles of how this relationship occurs between government, police forces, and organized crime,” Olvera said. He explained that while Herrera’s time was the “era” of the Zetas, Duarte’s government “permitted” another group to enter Veracruz to eliminate them. In September 2011, 35 bodies were dumped on the road in the seaside city of Boca del Río, with a banner that announced the arrival of the “Cártel de Jalisco Nuevo Generación” — the Jalisco New Generation Cartel, known by its Spanish acronym CJNG — a former offshoot of Joaquín “El Chapo” Guzmán’s Sinaloa Cartel. The banner reportedly stated: “this is what’s going to happen to all the Zeta shits that stay in Veracruz. It has a new owner now.”

People began disappearing in large waves.

“As always happens in these kinds of wars, there are a lot of innocent victims,” said Olvera, specifically pointing to the poor and vulnerable, the lookouts, small time dealers, and mules. “Very few mid-level players, and even fewer higher-ups.”

The CJNG is led by Nemesio Oseguera Cervantes, or “El Mencho,” and is considered to be the most powerful and fastest growing criminal organization in Mexico. As of last year, the Mexican government reported that the group had a presence in 22 of the country’s 31 states. The war for Veracruz, between the CJNG and the Zetas, would turn the state into a bloodbath.

Few people know this side of the irregular war like a man I interviewed two years ago, a regional boss of a small team of assassins for the Zetas. He confirmed Herrera’s invitation and Duarte’s allegiance shift to CJNG.


zeta-1526669151

A regional boss of the Zetas cartel agreed to meet only under strict conditions and complete anonymity.

Photo: Nathaniel Janowitz

I met the self-admitted mass murderer a second time, on a rainy morning in a Veracruz mountain town in March of this year, and like the last time, he only agreed to meet with strict conditions: He could not be named; the interview must be shorter than 30 minutes, due to the fact that he must change locations every hour to avoid being killed; and a team of his assassins were nearby in case of problems. The Zeta is a former police officer, who quit in 2011 because the cartel offered him more money.

The Zeta said he and his team had “various” violent encounters with the Fieles, since they “were created by Duarte’s people.” In his view, Duarte “had to form those groups to disappear the criminal group. Those people [the Fieles], they were there to get us.”

It seemed to him that the rules were obvious: There were no rules in Veracruz. The government was an equal part in the “desmadre — a Mexican slang word with no equivalent in English, though its closest may be “clusterfuck.”

Then, he added, “you began to see that [the Fieles] were disappearing a lot of innocent people that didn’t have anything to do with anything.” It’s a bit audacious for a Zeta to be protesting the disappearance of innocents, given his own group’s history, but he made a point that stuck: It would be “impossible” for the current government to change the police complicity in criminality, because “the salaries are really low.”

Under Duarte, police forces often acted like cartels, or worked with them; justice was decided outside the rule of law. 

Zazueta, the Amnesty International researcher, underlined that even if some of Duarte’s targets did indeed have ties to cartels, “everybody has all the same rights, and any person accused of a crime, even if it is a crime under international law, must be able to access a fair trial with dignity.”

The authorities accused of the forced disappearances will get their day in court, something their alleged victims never received.


EUM20170203NAC14.JPG<br /><br /><br /><br /><br /><br /><br /><br /><br />
XALAPA, Ver. Security/Seguridad-Veracruz.- Aspectos de la detención del ex secretario de Seguridad Pública de la entidad durante la gubernatura de Javier Duarte, Arturo Bermúdez Zurita, 3 de febrero de 2017. Foto: Agencia EL UNIVERSAL/JMA<br /><br /><br /><br /><br /><br /><br /><br /><br />
 (GDA via AP Images)

The detention of ex-Secretary of Public Security Arturo Bermúdez Zurita, on Feb. 3, 2017.

Photo: GDA via AP Images

The arrest of Bermúdez and his men felt like a watershed moment, but many jaded Veracruz citizens are skeptical and believe that the arrests could simply be a short-term election-year tactic for the new governor, Miguel Ángel Yunes, of PAN.

Yunes’s 2016 victory ended 86 years of PRI rule in Veracruz, but the Mexican federal government recently changed the electoral system to bring state elections in line with the 2018 presidential election year, making Yunes’s governorship last only two years. The current PAN candidate to succeed him is his son, also named Miguel Ángel Yunes. Whether the prosecutions will lead to long prison sentences, and whether PAN can bring lasting reforms to the state of Veracruz, remains to be seen. (Yunes’s office did not respond to questions regarding whether the arrests were a political tactic.)

Local human rights lawyer Celestino Espinoza said the arrests have “clear overtones of the electoral, not of justice.”

Espinoza represents the families of five people who were disappeared in the city of Tierra Blanca while returning from a vacation at the beach in January 2016. The family’s investigation led to the arrest of eight state police for their role in detaining and escorting the five to a CJNG ranch near Tlalixcoyan — where authorities would later discover the remains of roughly 400 people.

The Tierra Blanca case is one of dozens with evidence of police involvement that proceeded through the court system only by the determination of the families of the victims. Nor did the case bring a focus on authorities higher up the chain of command, according to the lawyer.


View of an altar with pictures of five youngsters who went missing past January 11 in Tierra Blanca community, Veracruz State, Mexico on January 25, 2016. The parents of five youngsters, who were taken by policemen and later supposedly handed to members of the organized crime, have camped for over 15 days at the local public prosecutor's office to put pressure on authorities to find their children. AFP PHOTO/ALFREDO ESTRELLA / AFP / ALFREDO ESTRELLA        (Photo credit should read ALFREDO ESTRELLA/AFP/Getty Images)

An altar with pictures of five people who went missing in the Tierra Blanca community, Veracruz, in January 2016.

Photo: Alfredo Etstrella/AFP/Getty Images

Still, Espinoza applauded the government’s recent arrests. The families needed to know “that there existed mechanisms to achieve justice and to know the truth about how their children were disappeared.”

While 12 of the 31 charged in connection with the 2013 disappearances remain at-large, Yunes’s government recently issued a warrant for Luis Ángel Bravo, the former Veracruz attorney general and one of Duarte’s closest consiglieres, bringing the reach of the law ever nearer to the center of power. 

While 15 families wait for justice, countless others will watch the trial wondering if Bermúdez and his men disappeared their relatives too, and waiting to see if Duarte could also be held accountable.

When Perla Damián first heard of the arrests, she thought that maybe her 16-year-old son Víctor could have also ended up at Lencero. He was one of six youth that disappeared after being detained in police sweeps in the Formando Hogar neighborhood of Veracruz Port on December 6 and 11, 2013.

The families in Formando Hogar have, for years, claimed the police were behind the mass disappearance, but they were always told it couldn’t have been the cops, it must have been the criminals.

“At first, people didn’t believe us,” said Damián. But with arrests “in front of everyone’s eyes, now they believe us, no?”

Correction, May 20, 1:33 p.m.

This story originally said that the Veracruz Attorney General had stated that Duarte had known of 19 disappearances that took place during his term. In fact, it was the current governor of Veracruz who made the statement.

Top photo: Maria del Carmen’s son, Hugo, was on a list no one wanted to be on — Arturo Bermúdez’s hit list.

The post Code Name Jaguar: How a Top Police Official Carried Out a Reign of Terror in Mexico appeared first on The Intercept.