Wednesday, February 28, 2018

you know the drill--code red code red code red


-1)       2-27-18    Then (Valentine's day afternoon north of Miami) a sound like gunfire ripped through the air.   That was her first thought-- it sounded like gunfire, not firecrackers.  And it was close.  Taylor was in one of 11 classrooms on the first floor of the freshman building.
It couldn’t be an actual shooting.  In the announcements that morning the school had reminded teachers not to let their students out during the first and last 10 minutes of the day when there might be a Code Red drill that would intentionally feel real.
Drill or not, the class--about 29 students--stood up and hid, some behind the teacher’s desk, others lined up against the back wall.  http://www.miamiherald.com/news/local/community/broward/article202442664.html
............................................................................................................................
‘We were lying in that classroom crying while we knew people outside were dying’ : Connor Dietrich yesterday.  https://www.theaustralian.com.au/news/world/florida-massacre-never-miss-telling-your-kids-you-love-them/news-story/f38eb97acd4379f66211ec50788445e7
................................................................................................................................
zer0000)   [14:10:10] CONNOR DIETRICH, SURVIVED SHOOTING AT MARJORY DOUGLAS HIGH SCHOOL:  I mean, it's really hard. ...
BALDWIN: How did you know there was a he?  So you heard shots?  

DIETRICH: Yes we did, the shots.  

BALDWIN: And did you think instantly oh, my God, those are gun shots or did you think it was balloons popping as one student told me?  And how would you even know what it would sound like? DIETRICH:  I thought it was a drill because they told us you will have police officers who are going to be firing blanks like scare us, get us like, you know, trained for this.  So no one took it seriously until I heard like screaming, the worst screaming you will ever hear.  It was awful like major heart stop beating and --.  

BALDWIN: That's when you knew?  

DIETRICH: Yes.  It hit me really hard at that time.  Everyone in the hallway was crying.  We finally got a teacher to let us into a room.    http://www.cnn.com/TRANSCRIPTS/1802/15/cnr.05.html

................................................................................................................................................
1)  Earlier that day at a staff meeting, teachers had been told there would soon be a “code red” or “lockdown” drill — in which teachers and students practice their response to an immediate threat — but they hadn’t been told the date.
Rospierski was sitting at his desk around 2:25 p.m. when the fire alarm rang.  His students filed out of their third-floor classroom and made their way toward the stairs. Then Rospierski heard the sound of gunfire.  http://www.miamiherald.com/news/local/community/broward/article200190199.html
.........................................................................................................................
2)        2-26-18  “I assumed that it was a code red drill because they had told us earlier in the day that they were going to be having a code red drill,” the teacher explained.  “I assumed it was blanks.”  That’s when Rospierski acted quickly to get as many students as he could to go back into the rooms while the shooter continued his rampage at the east end of the hallway.  https://www.intellihub.com/parkland-teacher-code-red-drill-blanks/
..................................................................................................................
3)    2-23-18   Just a month earlier, teachers had been trained for an emergency situation.  Melissa remembers being told there would be a Code Red, or active shooter, drill, and that it would feel real.  This must be it, she thought.  http://www.tampabay.com/news/She-s-taught-at-the-Parkland-high-school-for-14-years-Can-she-go-back-_165770289
.............................................................................................
4)    2-15-18    So when Hogg heard a “pop” while sitting in an AP environmental science class around 2:30 p.m. Wednesday,  he told his teacher it sounded strangely like a gunshot.  But there had been a fire drill that very morning and talk of a “Code Red” exercise to prepare for an active shooter.  This must just be a surprise drill, he reasoned.  http://time.com/5161034/florida-school-shooting-survivor/
..................................................................................................................
  Remember the Boston Marathon Bombing.  That day the Boston newspaper had announced that there would be a bombing drill at the end of the race, and in videos of the event an announcement of a drill is made at the scene just prior to the explosion, which the announcement says will not be a real bomb.  https://www.paulcraigroberts.org/2018/02/26/shooting-marjory-stoneman-douglas-high-school-parkland-florida/
......................................................................................................................





Read more here: http://www.miamiherald.com/news/local/community/broward/article200190199.html#storylink=cpy



Read more here: http://www.miamiherald.com/news/local/community/broward/article202442664.html#storylink=cpy

Tuesday, February 27, 2018

Julia Gillard wants more $millions from Australian public

2-3-18  Rihanna has tweeted Prime Minister Malcolm Turnbull and Minister for Foreign Affairs Julie Bishop, calling for them to pledge $200 million to an education charity chaired by former prime minister Julia Gillard.  (her education charity run out of World Bank in Washington, D.C.)   https://www.smh.com.au/entertainment/celebrity/rihanna-tweets-malcolm-turnbull-to-pledge-200m-to-julia-gillards-education-charity-20180202-h0sbj7.html
………………………………………………………………………...........................................………..
10-29-16    The Australian taxpayer shovelled at least $88 million into the Clinton Foundation and associated entities from 2006 to 2014, reaching a peak of $10.3 million in 2012-13, Gillard’s last year in office.
On the Clinton Foundation website, AusAID and the Commonwealth of Australia score separate entries in the $10 million-plus group of donors, one rung up from American teacher unions.
In 2009-10 Kevin Rudd handed over another $10 million to the foundation for climate research, part of $300 million he squandered on a Global Carbon Capture and Storage Institute.
Gillard also donated $300 million of our money to the Clinton-affiliated Global Partnership for Education.
Lo and behold, she became chairman in 2014 and has been ­actively promoting Clinton as president ever since — in a campaign video last December slamming Trump, in op-eds trumpeting the next woman president and in appearances with Clinton spruiking girls’ education.
The Abbott government topped up the left-wing organisation’s coffers with another $140 million in 2014, bringing total Australian largesse to $460 million, according to a press release from Foreign Minister Julie Bishop.  

Hillary Clinton and Julia Gillard share a lot in common — peal earrings, playing the gender card ... and the influence-peddling political slush fund that is the Clinton Foundation. (Pic: David Caird/News Corp Australia)

And yet, apart from the beautiful friendship with Gillard, what did Australia get from the Clintons for all that cash?
A whole lot of trouble is what.
The latest treasure trove of Wikileaks emails released last week shows that Australian green groups have been secretly funded to destroy our coal industry by ­environmental activists connected to the Clinton campaign.
The email account of Clinton’s campaign chairman John Podesta reveals extraordinary details of the sabotage of the $16 billion Adani coalmine in Queensland, which has damaged Australia’s national interest and denied cheap electricity to millions of poor Indians.   https://www.dailytelegraph.com.au/rendezview/miranda-devine-foreignfunded-green-groups-could-take-whole-swathes-of-australia-out-of-the-productive-economy/news-story/016e5d9ff252f2444790d05269f4ed90

………………………………………………………………………..

Parkland, FL news--3 eyewitness videos

Stacy Lippel https://www.youtube.com/watch?v=cPvYxTa1ph4
.......................................................................................................................................
'https://www.naturalnews.com/2018-02-27-bombshell-broward-county-deputies-were-ordered-to-stand-down.html
...........................................................................................................................................

https://twitter.com/lauraloomer/status/964006493900234752?lang=en
video also at https://twitter.com/lauraloomer/status/964006493900234752?lang=en
  "        "     "   http://www.northcrane.com/2018/02/multiple-jewish-eye-witness-confirm-multiple-shooters-involved-florida-massacre/
....................................................................................................................................


Posted for Posterity (Historical Record) uploaded to DTube due to You Tube often deleting and burying videos via algorithmic censorship. Original video uploaded to You Tube on February 15, 2018
A student witness to the mass shooting event at Marjory Stoneman Douglas High School in Parkland, Florida states to a reporter from KPRC TV news that there were three shooters involved in the mass shooting event.
At the 0:01 second mark the student witness states "They told all the kids to go outside so they could start shooting up, so they started shooting from the first floor up because there is only two exits in the building so everybody started running to the other exits and thats when the shooter, the other shooter started coming up".
At 0:35 second mark the witness states "they started yelling at us to keep focused and pay attention ahead, the army people, cause they didn't want us to see the bodies they hid in the corner. They were putting mats over them so we wouldn't see them. There was dust all over the floor from this weird stuff (obscure word) they threw in there."
At 0:49 second mark the reporter asks " Do you think there was more than one shooter?"
Witness response at 0:51 second mark: "There was three shooters, (obscure word), definitely".
At the 1:53 mark she states "You could see a bunch of kids just going down that way, but stopping because the other shooter was coming"
At the 2:16 mark the reporter states "One student told me that the shooter was wearing a bulletproof vest and a helmet, did you see that?"
Student response: 'I saw some other kid, who, when, the other kid who came into the classroom was wearing some type of thing and what I don't know"  https://steemit.com/news/@clarityofsignal/3fog4wv2
video of this testimony at https://www.youtube.com/watch?v=4iFd8UalQWs
...................................................................................................................
2-15-18    On top of the report of multiple shooters, there were multiple reports of active shooter drills happening the same day.
It has not been confirmed that a drill was planned—other than a fire drill that morning—but students said they'd heard a 'rumor' that they would have to take part in a 'code red' practice exercise.
"I thought, 'I don't know if this is real or fake,'" Kelsey Friend explained to CNN.
"We had rumors going around the school that police would do a fake code red with fake guns but sounding real," Friend explained to reporters.  "I thought, at the beginning that this was all a drill...until I saw my teacher dead on the floor."
Another student, Will Gilroy, reportedly said that students at the high school in were told there would be an active shooter drill at their school this week.  He said that's why students thought they were participating in a drill when they were evacuating.
Again, it is important to point out that we are merely reporting on eeyewitness testimony and not drawing any conclusions from their statements.  However, the reason it is important to report this—outside of the obvious one that the mainstream media is not—is the fact that it is highly suspicious and raises questions like, did Cruz know there were be an active shooter drill that day?   https://steemit.com/news/@tftproject/watch-students-report-multiple-shooters-and-mass-shooting-drill-at-florida-high-school
.................................................................................
Student says multiple shooters were involved blocking the only two exits from each side of the building.  The shooters started on the first floor and worked their way up to the third floor.  One brave teacher was shot in the head while trying to defend students and the other was shot in the arm while opening the door for students to hide.
Another student, named Kenneth Anthony confirms the first eyewitness account mentioning multiple shooters to DNN in a quick interview as he fled the scene.
http://itshappening.pcriot.com/2018/02/15/parkland-florida-high-school-shooting-three-students-have-testified-there-were-multiple-shooters-yet-no-mainstream-media-outlet-has-picked-it-up/
...........................................................................................

Asian Infrastructure Investment Bank

   From 2014-5 China is the largest member country of their AIIB (Asian Infrastructure Investment Bank) with 27.8 percent of voting power, followed by India (8 percent), Russia (6.3 percent), Germany (4.4 percent), and South Korea (3.7 percent).  https://gbtimes.com/china-led-aiib-approves-first-loan-india
……………………………………………………………………………………….…….........................….
3-22-17   The approved applicants include eight non-Asian countries - Canada, Belgium, Ethiopia, Hungary, Ireland, Peru, Republic of Sudan and Venezuela - and five regional members - Hong Kong, Afghanistan, Armenia, Fiji and Timor Leste.  https://www.reuters.com/article/us-china-aiib/china-led-aiib-approves-13-new-members-canada-joins-idUSKBN16U0CG

……………………………………………………………….…….............................…

a few cases:   Germany, France, Italy, U.K., Russia, Australia, Brazil, Denmark join AIIB 2015
Switz, Poland join AIIB 2016
Argentina, Tonga, Canada, Iran join 2017; full readout (except for UK) on membership AIIB and voting at:
https://www.cgdev.org/blog/aiib-growing-pains-and-opportunities-three-takeaways
………………………………………………………………………………………......................…
add in Canada, Argentina, ...
.............................................................................................................................................


AIIB, hq at Beijing.           China’s decision to fund a new multilateral bank rather than give more to existing ones reflects its exasperation with the glacial pace of global economic governance reform.  The same motivation lies behind the New Development Bank established by the BRICS (Brazil, Russia, India, China and South Africa).  Although China is the biggest economy in Asia, the ADB (Asian Development Bank) is dominated by Japan; Japan’s voting share is more than twice China’s and the bank’s president has always been Japanese.  Reforms to give China a little more say at the International Monetary Fund have been delayed for years, and even if they go through America will still retain far more power.  China is, understandably, impatient for change.  It is therefore taking matters into its own hands.  https://www.economist.com/blogs/economist-explains/2014/11/economist-explains-6
.....................................................................................................................
https://www.cgdev.org/blog/aiib-growing-pains-and-opportunities-three-takeaways
..............................................................................................................................................


-Steven et. alia:  Unwinding of Globalist Dream, Nov. 2017, p. 244   see https://books.google.com/books?id=r0NBDwAAQBAJ&pg=PA257&lpg=PA257&dq=russia+aiib&source=bl&ots=0EykVo-f9a&sig=4voDnSJl6J1GYaRAkZSqrWXmRHQ&hl=en&sa=X&ved=0ahUKEwiunbuw_cbZAhWKEbwKHS8iCWcQ6AEI1AEwHA#v=onepage&q=russia%20aiib&f=false
.........................................................................................

Monday, February 26, 2018

PM Turnbull: China lacks "any hostile intent." Yeah, sure.

   China is not a threat to Australia because it lacks “any hostile intent”, Malcolm Turnbull has said as he embarks on his US visit.
   Speaking to Sky News on Thursday, the Australian prime minister sought to play down a more hostile approach to China by the US, rejecting the “out-of-date cold-war prism” of seeing the two superpowers as in competition.  https://www.theguardian.com/world/2018/feb/22/china-is-no-threat-to-australia-turnbull-says-before-visit-to-us

…….................................................................…
2-14-18      
 
     U.S. intelligence leaders warned Congress Tuesday that China poses a major security threat by stealing and buying sensitive American technology. …
  Chinese technology collectors are focusing on smaller startup companies that are not well informed about the Chinese threat, Wray noted.  "The reality is that the Chinese have turned more and more to more creative avenues, using nontraditional collectors, which I think we in the intelligence community recognize, but I think the private sector is not used to spotting," Wray said….
  Cornyn is co-sponsoring legislation that would increase the power of CFIUS to check illicit Chinese technology gathering efforts, something he said is "extraordinarily important."
"China has weaponized investment in an attempt to vacuum up our advanced technologies and simultaneously undermine our defense industrial base," said Cornyn, who is the Senate Majority Whip, the second highest-ranking Republican in the chamber.  "As it acquires U.S. firms, and technology, and intellectual property, as well as the know-how to put it to use, the risk is that the Chinese government, which has its tentacles not just in state-owned Chinese companies but also in so-called private Chinese firms, that it will get its hands on these capabilities and use them against us.” …
  HNA, according to U.S. officials, misled the CFIUS during two reviews of proposed purchases of American companies by not fully disclosing that the company, worth an estimated $100 billion, is partially owned by members Communist Party of China, some of whom are current Chinese government officials.
  Sen. Marco Rubio (R., Fla.) warned that China poses a long-term threat to U.S. security.
"The biggest issue of our time, in my view and, I think, in the view of most of the members of this committee and I would venture to guess, most of the members of this panel, is China and the risk they pose," Rubio said.  "I'm not sure in the 240-some-odd-year history of this nation we've ever faced a competitor and potential adversary of this scale, scope, and capacity." …

   The intelligence assessments are "a very, very deep dive into what China's plan is doing now and what their plans are for the future and how it would impact the United States," DNI Coats said.  http://freebeacon.com/national-security/intel-chiefs-sound-alarm-china-threat/

On traditional values, social success and being inner-directed


             
           Traditional or lasting values have come about through (a) long experience/overview with some memory thereof, (b) sifting, weighing, studying and being honest with cause-and-effect dynamics, (c) consistent appreciation/usage of value/principle itself.  So (a) is either genetic memory/instinct or ethereal memory/inspiration; (b} is basically science/reason; (c) is devotion, belief, hope, commitment, refinement of the principle one tests out and cares about.

  A problem with being socially successful is that the maze of the world can be seemingly “solved” by willfulness and cleverness.  Thus a certain amount of worldly success appears to exist tangibly, at least from a superficial angle.  Money status often is a measure of worldly success, and power status is similar.  There is much superficiality in cleverness and willfulness--these elements do not require genuineness, full heartedness and rapport with life.  What cleverness, willfulness and superficiality do generally is to lead one to suppose various things and to play at things and to aim somewhat at things.  But it is a difficult act to see through to solid conclusion or to find the truth at root through such means; therefore we tend to get cynical, quite compromising, confused or convenience-oriented by going such a road.  Considering that mind, will, feeling and habit can drag us along a road that we may not comprehend, life is thusly a tough challenge which the badge of socially successful won't resolve.


  Inner-directed means a whole array including self -monitoring, -controlling, -determining, -discriminating, -accounting, -disciplining, -surrender to holistic life, -poise, -reliance, -calm in silence.  Out of this inner-directed effort and stance by and by will be born a greater rapport and opportunity with life, a sense of higher direction, timing, decisiveness, perspective, clarity.  One is one’s own touchstone for potentiality if one chooses so to be.  But then there is a great test in trying to integrate this whole array; so the inner-directed path is not such an easy road to go.  Yet it calls to brave ones, requiring however that we give way at times, learn patience and tempering, and give back to life instead of being overly self-driven.               -r, mt. shasta, 2-26-2018

Duterte says same thing as Kim Jong Un

"Maniwala kayo kasi 'yan ang commitment sa akin ni China.  Si Xi Jinping mismo nagsabi and he's a man of honor."  (Believe it because that is China's commitment to me.  Xi Jinping himself said it and he's a man of honor.)...
"Military bases, I must admit it, but is it intended for us?  You must be joking.  It's not intended for us," he said.  China is building up its defense capability against just the United States, according to Duterte on 2-19-18.  "It's really intended for those who China thinks will destroy them and that is America, hindi tayo kasali diyan (we aren't part of that)," said the President.  https://www.rappler.com/nation/196426-duterte-philippines-province-china
.......  compare this to the following:
1-9-18  
And Kim Jong-un’s hermetic dictatorship apparently wants to assure the rest of the world that it doesn’t have any serious beef with its southern neighbor — just with America.
On Tuesday morning, a North Korean official said that the country’s weapons were pointed only at the United States, not at South Korea, Russia, or China.  The official also said that North Korea’s rapidly expanding nuclear program is not an issue between North and South Korea.  http://nymag.com/daily/intelligencer/2018/01/north-korea-our-nukes-are-aimed-only-at-united-states.html
................................................................................................................................................
    The AIIB was announced in October 2013, when 57 countries were accepted by China as founding members; 20 others have since joined.  About 30 countries were waiting to join in January, AIIB President Jin Liqun said then.  Member countries want to boost links with China and to do deals in its once-protected currency, the yuan This includes Canada, U.K., Germany, France and Italy....
The ADB  (Asian Development Bank, hq Manila) estimates the region will require $8 trillion in new infrastructure by 2020.  



denying responsibility in the cyber age

4-18-17   Documents release by Edward Snowden revealed that the initial malware and exploits made public did originate from the NSA.  The files released by Snowden in 2013 contained some of the same code that was initially publicised by the Shadowbrokers group.  A string of numbers in malware called SecondDate-3021.exe appeared in both the Snowden documents and those released by the Shadow Brokers.  http://www.wired.co.uk/article/nsa-hacking-tools-stolen-hackers
...................................................................................................................................
5-17-17  In the case of EternalBlue, the intelligence haul was “unreal,” said one former employee.  “It was like fishing with dynamite,” said a second.
(comment below article:)
The problem with fishing with dynamite is that eventually you will blow a hole in your boat.
https://www.washingtonpost.com/business/technology/nsa-officials-worried-about-the-day-its-potent-hacking-tool-would-get-loose-then-it-did/2017/05/16/50670b16-3978-11e7-a058-ddbb23c75d82_story.html?utm_term=.489aa211d48c
.....................................................................................................................................................
  Once TAO owns the environment, its goal may be data theft, destructive behavior, data corruption, or data modification.  Rob Joyce, hacker-in-chief of NSA' TAO, noted that nation-state attacks are persistent.   https://techbeacon.com/nsas-tao-leader-speaks-usenix-enigma-conference
.....................................................................................................................................................
  It looks like some recent NSA document leaks may suggest that the Cisco PIX and ASA firewalls have the ability to be compromised by the NSA.  It appears that a firmware implant for both the ASA and PIX devices called JETPLOW can be deployed on a firewall target with an exfiltration path to the NSA’s Remote Operations Center.  It seems that as long as DNT’s BANANAGLEE  software implant is on the Cisco PIX or ASA firewall, JETPLOW can be remotely installed and upgraded.  It’s backdoor is pretty far reaching from what we are hearing....
  The NSA seems to have a smorgasbord of options to take over remote devices. One of the ways is to even have he NSA to intercept a shipment of networking gear going from the vendor to customer and then the NSA will install its backdoor exploit on the device.  Another that has been mentioned is the NSA can even review the Windows crash dumps that are sent to Microsoft from your PC and use data from that to exploit a PC.  Other reports state that there are various exploits that are commonly used to remote controll iOS devices (iPhones and iPads) and any GSM based cell phone.  Finally, there is the NIGHTSTAND exploit which is for your WI-FI 802.11 setups that in a perfect scenario can be deployed from 8 miles away!      Now another piece of interesting news is that Cisco is stating that all US networking devices are required by law to have surveillance capabilities built-into them.  This is for legitimate court-ordered wiretaps and the such.  But the key here is it seems that Cisco is indicating that the NSA was not leveraging these features but the reported exploits that are noted above.  https://www.certificationkits.com/cisco-asa-5500-series-compromised-by-nsa/
...................................................................................................................................................
6-28-17   Developed by the U.S. National Security Agency (NSA), EternalBlue is an exploit that abuses a vulnerability in Microsoft’s implementation of the Server Message Block (SMB) protocol....
MeDoc responds by denying any responsibility for the attacks in a Facebook post, noting it pushed out its last update starting on June 22 – five days before the attack occurred.  But some in the security community say they have the logs to prove that MeDoc was the source of the ransomworm campaign.  Among them, Malwarebytes releases a blog post later that afternoon reiterating security researchers’ belief that an update released by MeDoc at 10:30 GMT on June 27, 2017, allegedly installed the malware on the “victim zero” system.https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/notpetya-timeline-of-a-ransomworm/

.....................................................................................................................................
June 2017   The National Security Agency (NSA) began using a hacking tool called EternalBlue more than five years ago.  During that time, the agency discovered its unparalleled ability to breach networks, a flaw considered so dangerous within the NSA it considered revealing it to the company whose software it was exploiting, Microsoft....Let’s not forget, NotPetya was entirely preventable — if the NSA had the foresight.  https://thenextweb.com/security/2017/06/27/nsa-knew-about-the-vulnerability-exploited-by-notpetya-for-over-5-years/  
...........................................................................................................................
6-28-17   Microsoft tracked the infections to a software update from a program called "ezvit.exe" -- MEDoc's update process.  Through this method of infection, even if your computer system's have been patched, even a seemingly safe update could slip through, packed with malware.  "Software supply chain attacks are a recent dangerous trend with attackers, and it requires advanced defense," Microsoft wrote in its blog.  
In a defense posted to its Facebook page, MEDocs denied that it was responsible for helping the ransomware spread. The company argued Microsoft was wrong because the source code for its software update does not contain the command "rulldll32.exe."  https://www.ncsc.gov.uk/news/russian-military-almost-certainly-responsible-destructive-2017-cyber-attack
................................................................................................................................
10-26-17   Bad Rabbit was reportedly distributed via drive-by download attacks via compromised Russian media sites, using fake Adobe Flash players installer to lure victims' into install malware unwittingly and demanding 0.05 bitcoin (~ $285) from victims to unlock their systems.



According to the researchers, Bad Rabbit first scans the internal network for open SMB shares, tries a hardcoded list of commonly used credentials to drop malware, and also uses Mimikatz post-exploitation tool to extract credentials from the affected systems.

Bad Rabbit can also exploit the Windows Management Instrumentation Command-line (WMIC) scripting interface in an attempt to execute code on other Windows systems on the network remotely, noted EndGame.

However, according to Cisco's Talos, Bad Rabbit also carries a code that uses EternalRomance, which allows remote hackers to propagate from an infected computer to other targets more efficiently.   ... "EternalRomance allows the attacker to read/write arbitrary data into the kernel memory space."...

NotPetya has previously been linked to the Russian hacking group known as BlackEnergy and Sandworm Team, but since Bad Rabbit is primarily targeting Russia as well, not everyone seems convinced with the above assumptions.  https://thehackernews.com/2017/10/bad-rabbit-ransomware.html
.......................................................................................................................................
1-12-18    The (NotPetya) attacks reflect Russia’s mounting aggression in cyberspace as part of a larger “hybrid warfare” doctrine that marries traditional military means with cyber-tools to achieve its goal of regional dominance.   “It’s a pattern of more bold, aggressive action,” said Robert Hannigan, former head of Britain’s GCHQ intelligence agency. ...
The hackers used what is known as a “watering hole” attack.  They infected a website to which they knew their targets would navigate — in this case, a Ukrainian site that delivered updates for tax and accounting software programs.

It’s a tactic that Russian government hackers also have used to compromise industrial control system networks.  The goal here was “the disruption of Ukraine’s financial system,” said Jake Williams, founder of the cybersecurity firm Rendition Infosec.  https://www.washingtonpost.com/world/national-security/russian-military-was-behind-notpetya-cyberattack-in-ukraine-cia-concludes/2018/01/12/048d8506-f7ca-11e7-b34a-b85626af34ef_story.html?utm_term=.2b142e472e8e
.........................................................................................................................
12-18-17  At least some of the focus, they say, belongs on the National Security Agency, which built and then lost control of the code that was integrated into WannaCry, and without which its infections wouldn't have been nearly as devastating....
At least some of the focus, they say, belongs on the National Security Agency, which built and then lost control of the code that was integrated into WannaCry, and without which its infections wouldn't have been nearly as devastating.  https://www.wired.com/story/korea-accountable-wannacry-nsa-eternal-blue/
.................................................................................................................................
1-18-18   When F5’s threat researchers first discovered this new Apache Struts campaign dubbed Zealot, it appeared to be one of the many campaigns already exploiting servers vulnerable to the Jakarta Multipart Parser attack (CVE-2017-56381) that have been widespread since first discovered in March 2017.  It also exploits the DotNetNuke (DNN) vulnerability (CVE-2017-98222), disclosed in July 2017.  The Zealot campaign aggressively targets both Windows and Linux systems with the DNN and Struts exploits together.  When looking more closely at the unusually high obfuscated payload, we discovered a much more sophisticated multi-staged attack, with lateral movement capabilities, leveraging the leaked NSA-attributed EternalBlue and EternalSynergy exploits.
The Zealot campaign is currently mining the cryptocurrency Monero, however, attackers could use compromised systems to do whatever they want....Zealot seems to be the first Struts campaign using the NSA exploits to propagate inside internal networks. There were other malware campaigns like NotPetya and WannaCry ransomware, and also Adylkuzz cryptominer launching attacks by directly scanning the Internet for SMBs to exploit with the NSA tools the ShadowBrokers released. The Zealot campaign, however, seems to be opening new attack vector doors, automatically delivering malware on internal networks via web application vulnerabilities. The level of sophistication we are currently observing in the Zealot campaign is leading us to believe that the campaign was developed and is being run by threat actors several levels above common bot herders.  https://f5.com/labs/articles/threat-intelligence/cyber-security/zealot-new-apache-struts-campaign-uses-eternalblue-and-eternalsynergy-to-mine-monero-on-internal-networks
...........................................................................................................................
2-15-18    Once an organization’s machine was infected, the highly crafted tool was designed to spread rapidly, in some cases overriding the Master Boot Record (MBR) on infected computers and displaying a ransom note asking for payment in Bitcoins.  The malware spread via trusted networks, rather than widely over the internet.  Therefore, it effectively bypassed the processes put in place to prevent ransomware attacks....
NotPetya used the EternalBlue and EternalRomance exploits, which the Shadowbrokers group released  (grabbed from NSA) in early 2017.   Microsoft issued a patch for both exploits.  https://www.ncsc.gov.uk/news/russian-military-almost-certainly-responsible-destructive-2017-cyber-attack
..............................................................................................................................
2-16-18     However, the (NotPetya attack) virus quickly spread to multinational corporations like FedEx and Merck, costing them hundreds of millions of dollars apiece.  Tens of thousands of computers across multiple continents were permanently encrypted as the malware barreled through networks with the help of leaked National Security Agency hacking methods.     https://slate.com/technology/2018/02/after-officially-blaming-russia-for-the-notpetya-virus-u-s-officials-promise-consequences.html
........................................................................................................................................
2-10-09   key points from the report :
  • 92% of Critical Microsoft vulnerabilities are mitigated by configuring users to operate without administrator rights
  • Of the total published Microsoft vulnerabilities, 69% are mitigated by removing administrator rights
  • By removing administrator rights companies will be better protected against exploitation of 94% of Microsoft Office, 89% of Internet Explorer, and 53% of Microsoft Windows vulnerabilities
  • 87% of vulnerabilities categorized as Remote Code Execution vulnerabilities are mitigated by removing administrator rights  http://www.zdnet.com/article/report-92-of-critical-microsoft-vulnerabilities-mitigated-by-least-privilege-accounts/
..........................................................................................................................
        Casala said the hosting firm had antivirus installed on the server, but that the ransomware slipped past those defenses.  That’s because the crooks who are distributing ransomware engineer the malware to evade detection by antivirus software . For more on how cybercriminals achieve that, see Antivirus is Dead: Long Live Antivirus....One big reason that ransomware scams are becoming more prevalent has to do with the proliferation of plug-and-play tools and services that make it simple to start your own cybercrime syndicate.  Earlier this month, security firm Emsisoft published a fascinating look at a crimeware-as-a-service product being marketed in the underground called Ransom32, which allows anyone to start their own ransomware campaign just by providing a Bitcoin address to which victims will be asked to send the funds.    https://krebsonsecurity.com/2016/01/ransomware-a-threat-to-cloud-services-too/   .................................................................................................................................             

        Refusing to allow that either God or man has created the very conditions which they deplore, they (some clever people) conclude that these conditions do not exist.  Going one step further in their proud logic these individuals conclude that they are therefore not responsible for the world in which they live, for the karma they have made or for God’s energies which they have misqualified.  The manifold works of imperfection which are the heritage of the race exist through misunderstanding and error; their days shall be shortened because of the mercy and love of God.                           
                                            -Kuthumi:  Pearls of Wisdom 11:23