Saturday, June 9, 2018

world news update

-near Black Sea
https://upnorth.eu/putins-palaces-the-life-of-a-galley-slave-nemtsov/
......................................................................................................................................................
  At least in 1998-1999, they were co-owners of the bank "Russia", which brought together friends of Vladimir Putin.
Both Gennady Petrov and Sergei Kuzmin owned 2,2% of the bank shares, and at the meetings of shareholders they had been represented by Shumkov Andrew, who in 1998-2000 was a member of its Board of Directors (first reported by the business newspaper «Vedomosti»).  In 1998-1999, 14,2% stake in «Russia» belonged to the Petersburg company "Ergen," Forward Limited", and "Fuel Investment Company» ( "FIC"), which were associated with Shumkov.  Shumkov and Kuzmin owned "Ergen", and co-owners of "TEC" were the firms "BHM" and "Finance Company Petroleum», affiliated with Kuzmin and Petrov.
Among the shareholders of the bank "Russia" St. Petersburg there many friends of the former president and current prime minister of Russia. The main shareholder and Chairman of the Board of Directors Yuri Kovalchuk, created a dacha cooperative "Lake" together with Vladimir Putin.  Shareholder Nicholas Shamalov and former shareholder Viktor Myachin were also co-founders of the «Lake».

Press found out that the bank "Russia" was also associated with partners of the son of Gennady Petrov, Anton Petrov, 28 years old.  He is co-founder and chairman of construction company "Baltic monolith», which is building luxury properties in Moscow, St. Petersburg and Sochi.  The general director of the «Baltic monolith", a partner of Petrov - Arkady Buravov was co-owner of the «Concern Ekomt-Investconsalting».  According to data by 1995, the firm owned 5% of the bank "Russia", and Buravov was a member of its audit committee at least until 2001.  Source: Novaya Gazeta № 48, dated 13.05.2009
.............................................................................
6-8-18    The murderous Syrian regime led by Bashar Assad, dependent on Iranian-backed forces, is disguising Iran-allied militias as Syrian fighters so that Israel won’t target them, according to a commander with the rebel Salvation Army.
The Wall Street Journal spoke with that commander, Ahmad Azam, who said, “It’s a camouflage.  They are leaving … in their Hezbollah uniform and they are returning in regime vehicles and dressed in regular [Syrian] army uniforms.”  https://www.dailywire.com/news/31658/iranian-backed-forces-syria-disguise-themselves-hank-berrien
................................................................................................................
6-7-18  Beginning June 11, the U.S. State Department will begin implementing these limits, including restricting Chinese citizens studying in certain fields—such as robotics, aviation, and high-tech manufacturing—to one-year visas.
Those are fields the Chinese regime has said are high-priority goals for its manufacturing sector, outlined in its economic 10-year plan, Made in China 2025. This industrial policy was also the target of the recent Office of the U.S. Trade Representative’s (USTR) investigation into China’s intellectual property theft practices, commissioned by President Donald Trump.  https://www.theepochtimes.com/white-house-limits-on-chinese-visas-highlights-academic-espionage-problem_2553263.html
.....................................................................................................
6-8-18  A recent study detailing how and where environmental philanthropic grants are allocated shows a lack of “intellectual diversity on the climate issue,” according leading political scientist, Roger Pielke, Jr.
The study, authored by Matthew Nisbet, Professor of Communication Studies and Affiliate Professor of Public Policy and Urban Affairs at Northeastern University, analyzed $556.7 million in “behind-the-scenes” grants distributed by 19 major environmental foundations from 2011-2015 in the immediate aftermath of the failure to pass cap-and-trade legislation in 2010.  https://wattsupwiththat.com/2018/06/fail-wealthy-organizations-sunk-150-million-to-sway-u-s-climate-opinion/
...........................................................................................................
5-2-18  
Because of the way the LoJack agent is built, attackers have access to a powerful piece of software that comes with a potent built-in persistence system that allows LoJack to survive hard drive replacements and operating system (OS) re-imaging, but also with the ability to execute any code on the target's system, with the highest privileges possible.
This latter feature would allow APT28 operators to download other malware, search sensitive data, exfiltrate stolen data to remote servers, clean logs of any intrusion artifacts, and even wipe or damage infected PCs.
Because the modification to tainted LoJack binaries is extremely small and insignificant —made to a configuration file— most antivirus scanners don't pick these tainted versions as malicious....
Arbor wasn't able to identify how APT28 distributed these tainted LoJack binaries to targets, but they believe hackers used spear-phishing emails —like most of their ops— to trick victims into installing the malicious LoJack versions on their systems.
Researchers also believe that APT28 might have been inspired by a Black Hat talk from 2014 [PDF]when security researchers explored the idea of using the LoJack software —popular at the time— as an extremely persistence and modular backdoor.  The LoJack software is a product of Computrace, a company specialized in creating surveillance software.    https://www.bleepingcomputer.com/news/security/apt28-hackers-caught-hijacking-legitimate-lojack-software/
...........................................................................................
6-8-18    Security researchers from ESET have discovered a complex piece of spyware that was used sparingly in the last five years to infect and spy on a very small number of targets in Russia and Ukraine.
While the origin of this new malware strain —named InvisiMole— have not been determined yet, it is believed that this is an advanced cyber-espionage tool, most likely created for nation-state or financially-motivated hacks.
This assessment is based on the fact that the malware has been seen very rarely, being found on "only a few dozen computers," but also because of its broad spectrum of capabilities, something that would have taken months if not years to develop, and certainly not the work of your ordinary slash-and-grab cyber-criminal.
RC2FM can also turn on the user's webcam and take screenshots. It can also monitor local drives, retrieve system info, and make system config alterations.
The second InvisiMole module is the most advanced of the two. This one supports 84 backdoor commands and includes almost all the capabilities you expect from an advanced spyware strain.
This includes support for running remote shell commands, registry key manipulation, file execution, getting a list of local apps, loading drivers, getting network information, disabling UAC, turning off the Windows firewall, and more. RC2CL can also record audio via the microphone and take screenshots via the webcam —like the first module.  https://www.bleepingcomputer.com/news/security/invisimole-is-a-complex-spyware-that-can-take-pictures-and-record-audio/
...................................................................................................................
6-8-18  The string came to light by accident, while security researcher Aaron Blair from RIoT Solutions was researching another WaaS vulnerability (CVE-2018-0253).  This second vulnerability was a privilege escalation in the WaaS disk check tool that allowed Blair to elevate his account's access level from "admin" to "root." Normally, Cisco users are permitted only admin access.  The root user level grants access to the underlying OS files and is typically reserved only for Cisco engineers.
By using his newly granted root-level access, Blair says he was able to spot the hidden SNMP community string inside the /etc/snmp/snmpd.conf file.
"This string can not be discovered or disabled without access to the root filesystem, which regular administrative users do not have under normal circumstances," Blair says.
But while it took Blair root access to spot the hidden SNMP creds, they don't require root access to be exploited, and anyone knowing the string can retrieve stats and system info from affected devices.
The researcher reported the issue to Cisco in March.  Cisco released updates for WaaS this week.  There are no mitigations or workarounds for avoiding the exploitation, and users must apply the WaaS software updates.
The Cisco WaaS patches are part of a batch of 28 security fixes that Cisco released on June 6, this week.  Twice in March and again in May, Cisco removed other similar backdoor accounts and mechanisms in other software such as the Prime Collaboration Provisioning (PCP), the IOS XE operating system, and the Digital Network Architecture (DNA) Center.  Unlike this latest issues, the first three were discovered by Cisco engineers during internal audits.  https://www.bleepingcomputer.com/news/security/cisco-removes-backdoor-account-fourth-in-the-last-four-months/
....................................................................................
II, vi, 1.  Striving towards a true cooperation lies at the foundation of evolution.  Only by the awakening of creativeness may the march of ignorance be destroyed....New discoveries will stimulate the collecting.  Instead of stock market speculation let there be striving for discoveries, supported by cooperative societies.           

-Leaves of Morya's Garden 1925  
........................................................................................
162.  In upward flights we learn the great gift of patience. Radiant, creative patience does not resemble the murky cloak of non-resistance to evil.  Stooped non-resisters sit like unsuccessful fishermen.  Their stake of a length of yarn cannot check the dance of the elements.  Creative patience holds the key to the new world, therefore patience creates a power which is intensified with each hour of reality.

-M:  Community 1926
............................................................................................
60.  As long as people are preoccupied with magi and sorcerers they are not with us.  The heart alone is needed for the Abode.  A beautiful heart will always suffer on Earth, but the suffering heart becomes trustworthy.  A fish cannot live without water, and the eagle does not rejoice without freedom.  We want to suggest simplicity to our friends, for the complexity of life has already become harmful....
  Let those people who know us guard this knowledge.  A treacherous apostate will receive a wound that will not heal. But let us not speak about consequences,because some will take it as a threat.  Every weaver grieves over a torn thread and rejoices at strong yarn--thus it is also with the human spirit.     -M:  Supermundane 1, 1930
................

No comments:

Post a Comment