Microsoft Reveals Continued Hacks of Technology Companies

The Russia-linked hackers behind last year’s compromise of a wide swath of the U.S. government and scores of private companies, including SolarWinds Corp. , have stepped up their attacks in recent months, breaking into technology companies in an effort to steal sensitive information, cybersecurity experts said.

In a campaign that dates back to May of this year, the hackers have targeted more than 140 technology companies including those that manage or resell cloud-computing services, according to new research from Microsoft Corp. The attack, which was successful with as many as 14 of these technology companies, involved unsophisticated techniques like phishing or simply guessing user passwords in hopes of gaining access to systems, Microsoft said.

***SolarWinds Hackers Accessed US Justice Department Email ...

Source: In a recent blog post to the company’s website, Microsoft’s corporate vice president of customer security and trust, Tom Burt, wrote that “state actor Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain.”

Nobelium is “attacking a different part of the supply chain: resellers and other technology service providers that customize, deploy and manage cloud services and other technologies on behalf of their customers,” according to the company.

Burt wrote that 609 Microsoft customers had been informed that they’d been attacked between July and October of this year close to 23,000 times “with a success rate in the low single digits.”

The attacks, according to the executive, were not aimed at a specific flaw in any of the systems, rather, they were “password spray and phishing” attacks, which are aimed at stealing credentials that grant the attackers access to privileged information.

The Russian state-backed hacking group is, according to Burt, “trying to gain long-term, systematic access to a variety of points in the technology supply chain, and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government.”

***

Over 600 Microsoft customers targeted since July

“Since May, we have notified more than 140 resellers and technology service providers that have been targeted by Nobelium,” said Tom Burt, Corporate Vice President at Microsoft.

“We continue to investigate, but to date we believe as many as 14 of these resellers and service providers have been compromised.”

As Burt added, in all, more than 600 Microsoft customers were attacked thousands of times, although with a very low rate of success between July and October.

“These attacks have been a part of a larger wave of Nobelium activities this summer. In fact, between July 1 and October 19 this year, we informed 609 customers that they had been attacked 22,868 times by Nobelium, with a success rate in the low single digits,” Burt said.

“By comparison, prior to July 1, 2021, we had notified customers about attacks from all nation-state actors 20,500 times over the past three years.”

Nobelium MSP attacks
Nobelium MSP attacks (Microsoft)

This shows that Nobelium is still attempting to launch attacks similar to the one they pulled off after breaching SolarWinds’ systems to gain long-term access to the systems of targets of interest and establish espionage and exfiltration channels.

Microsoft also shared measures MSPs, cloud service providers, and other tech orgs can take to protect their networks and customers from these ongoing Nobelium attacks.

Nobelium’s high profile targets

Nobelium is the hacking division of the Russian Foreign Intelligence Service (SVR), also tracked as APT29, Cozy Bear, and The Dukes.

In April 2021, the U.S. government formally blamed the SVR division for coordinating the SolarWinds “broad-scope cyber espionage campaign” that led to the compromise of multiple U.S. government agencies.

At the end of July, the US Department of Justice was the last US govt entity to disclose that 27 US Attorneys’ offices were breached during the SolarWinds global hacking spree.

In May, the Microsoft Threat Intelligence Center (MSTIC) also reported a phishing campaign targeting government agencies from 24 countries.

Earlier this year, Microsoft detailed three Nobelium malware strains used for maintaining persistence on compromised networks: a command-and-control backdoor dubbed ‘GoldMax,’ an HTTP tracer tool tracked as ‘GoldFinder,’ a persistence tool and malware dropper named ‘Sibot.’

Two months later, they revealed four more malware families Nobelium used in their attacks: a malware downloader known as ‘BoomBox,’ a shellcode downloader and launcher known as ‘VaporRage,’ a malicious HTML attachment dubbed ‘EnvyScout,’ and a loader named ‘NativeZone.’

Meet The White Coat Waste Project and Poor Harvey

The poor Beagles….animal abuse and death…you’re paying for it too.

.White Coat Waste Project is a taxpayer watchdog group representing more than 2 million liberty-lovers and animal-lovers who all agree: taxpayers shouldn’t be forced to pay over $20 billion every year for wasteful and cruel experiments on dogs, cats, monkeys and other animals.

36 Beagles to Be Released From Michigan Animal Testing Lab .... There are even beagle puppy farms….

And it could be that other deadly disgusting nefarious testing is going on with the approval of our own government agencies….check this out —>

In part: According to the most recent reports, approximately 60,000 dogs are used in testing and research in the United States each year, with an additional 6,500 dogs reported as being held in laboratories but not yet used. The Michigan lab alone used thousands of beagles and hounds last year in testing for companies seeking federal approval for potentially poisonous products, like pharmaceuticals and pesticides (fungicides). Harvey and the other dogs who were at the lab during our investigation were bought from two major breeders, Marshall BioResources and Covance Research, which sell specifically to laboratories. Marshall had 22,000 dogs at its facility in New York at the time of a U.S. Department of Agriculture inspection in 2018. Beagles are most commonly used in research because of their docile nature.

The Charles River Laboratories now has 36 beagles in its facility for a pesticide test commissioned by Dow AgroSciences (now known as Corteva), and we need your help to get those beagles out.

The test, which involves force-feeding the dogs with various doses of a fungicide each day for a full year, has been universally deemed as unnecessary, including by Dow scientists. Dow itself has actively advocated for eliminating this test in numerous countries, and we have been grateful for Dow’s work in the past. When we reached out to the company, we were told the test is required in Brazil. The country has taken steps to remove the one-year dog test from its pesticide requirements, but the changes haven’t been formally adopted yet. When Humane Society International swiftly contacted Brazilian regulatory authorities, we received a response that they were readily granting waiver requests from companies to forego this test. Dow asked for a more formal assurance from Brazil to end the dog study already underway, which HSI obtained, but Dow’s regulatory affairs division now says they need additional confirmation that their specific pesticide product will be approved without the dog study results before ending the study.

Our discussions with Dow have hit an impasse and meanwhile, time is running out for the Dow beagles. Unless we act fast, these 36 dogs will likely die for a test that is not needed.

It is too late to help Harvey and the other dogs seen during our investigation. But with your help, we can make a difference for these 36 dogs still at Charles River. Please join us in asking Dow to immediately end the test and release the beagles to us. We will work on getting them placed into loving homes, even as we continue to work toward the day when invasive testing on dogs becomes a thing of the past.

 

Biden’s Nominee for the Treasury Dept is Member of a Facebook Marxist Group

It used to be that anyone chosen to be in a presidential cabinet role experienced exceptional resume scrutiny before they were selected. It is likely that remains the case under the Biden administration and that should tell another part of the story….the Biden advisors are supporters themselves are Marxists. Further, the American people are forced to accept associated policies and legislation that is playing out today under this administration.

So, who is Saule Omarova? Apparently she is a person that all democrats approve of since not one person on the Left has expressed worry or criticism.Saule Omarova specializes in regulation of financial institutions, banking law, international finance, and corporate finance. Before joining Cornell Law School in 2014, she was the George R. Ward Associate Professor of Law at the University of North Carolina School of Law.

She is also part of the Berggruen Institute. What is that?

Founded in 2010 by philanthropist and investor Nicolas Berggruen, the Berggruen Institute develops the foundational ideas and critical analysis needed to unlock enduring progress for political, economic, and social institutions in the 21st century. Since its inception, the Berggruen Institute has launched the 21st Century Council, the Council for the Future of Europe, the Berggruen China Center, the Think Long Committee for California, and the signature Berggruen Prize for Philosophy and Culture.

In partnership with the University of Southern California Dornsife Center on Science, Technology and Public Life (STPL), Berggruen Fellowships offer scholars flexible periods of work and study in both the United States and China.

Saule Omarova Height, Weight, Net Worth, Age, Birthday ...

 

FNC:

Saule Omarova, President Biden’s pick to be the comptroller of the currency within the Treasury Department, appears to have joined a Facebook group for Marxist and socialist discussion in 2019, according to a post in the group called “Marxist Analysis and Policy.”

This week, the right-leaning American Accountability Foundation first resurfaced a 2019 post from the public Facebook group. A member posted, “Let’s welcome our newest members: Saule Omarova.”

The post links to a Facebook account that’s been in operation since at least 2017 with a profile picture that appears to be of Omarova. The account’s profile picture has 85 visible likes and 14 visible comments, some of which appear to be from people who would reasonably run in the same social circles as Omarova. Those include a University of Minnesota law professor and a Cornell engineering professor.

The White House announced that it is nominating Omarova – a Cornell law professor – to run the key post that regulates national banks last month. Since then, Omarova has drawn harsh scrutiny for her past comments that were very hostile toward the financial services industry. She’s also been attacked over her Moscow State University thesis about Marxism, which Sen. Pat Toomey, R-Pa., is demanding that she turn over to the Banking Committee.

FOX Business sent messages to both Omarova and the White House requesting confirmation that the Facebook account is authentic, and asking for comment. Neither responded.

The Facebook group’s description states that it is for socialism and against capitalism.

“This Marxist group is a platform for analysis, policy (sic) and polemics from the perspectives of a diverse range of Socialist and anti-capitalist views,” it says. “We are against exploitation, inequality, racial (sic) discrimination and ecological destruction at the core of Capitalist social relations. The working class has the potential and the ability to change Capitalism and in the process change itself. Only working people, by (sic) their own efforts, can free themselves from Capitalism. We stand for the self emancipation of the working class and Socialism.”

The group’s rules say, “No personal abuse will be allowed. Nor will racist or fascist comments be tolerated. Support for the Tory party is not acceptable. A culture of diverse Marxist, Socialist and radical views is the framework for the group.”

The posts in the group appear to indicate that it is a forum for serious ideological discussion, and not a parody forum. A post in the group from Oct. 19 promotes a lecture by a Dublin City University professor about “A Marxist Narrative, From Marx and Engels to COVID-19.”

Older posts include the “ACAB” (All Cops are Bastards) slogan, and celebrate the 2020 Seattle autonomous zone protest as at the center of the battle for socialism.

“Seattle emerged once again as the center of anti-capitalist mobilizations,” one poster wrote. “The protestors occupied 6 blocks, and declared them to be police-free areas. They operate like a ‘soviet’ with many radical anti-police, and anti-capitalist speeches.”

The poster added: “The radicalization of the youth and young workers in Seattle is very important. It shows a way for the protests in the rest of the country. This is one of these times that the masses radicalize very fast, and they are open for revolutionary socialist alternatives to the decaying capitalism.” More here

***

Will anyone in the media ask Jen Psaki or ol Joe himself if they support Marxist’s ideology of if they themselves are Marxists?

 

Supply Chain Crisis and Where is the Defense Production Act?

What is the Defense Production Act?

The Defense Production Act is the primary source of presidential authorities to expedite and expand the supply of materials and services from the U.S. industrial base needed to promote the national defense. DPA authorities are available to support: emergency preparedness activities conducted pursuant to title VI of the Stafford Act; protection or restoration of critical infrastructure; and efforts to prevent, reduce vulnerability to, minimize damage from, and recover from acts of terrorism within the United States. DPA authorities may be used to:

  • Require acceptance and preferential performance of contracts and orders under DPA Title I. (See Federal Priorities and Allocations System (FPAS).)
  • Provide financial incentives and assistance (under DPA Title III) for U.S. industry to expand productive capacity and supply needed for national defense purposes;
  • Provide antitrust protection (through DPA voluntary agreements in DPA Title VII) for businesses to cooperate in planning and operations for national defense purposes, including homeland security.

But national security? Yes. We remain the midst of the Covid 19 pandemic and those affected could and often are our protectors, not only medically but when it comes to legally or militarily.

While we are fretting over shortages and necessities in our daily lives there are two real areas of major concern, they are medicines and micro-chips (semiconductors) used for advanced technology of many varieties.

China Is Getting Ready to Take On the World's Biggest ...

Basic medicines in use either by prescription or over the counter are manufactured in Asia, mostly China that is. It is a fact we learned in the early days of the pandemic. Imagine now that we are faced with a shortage of antibiotics, insulin, aspirin or Lasix and Dyazide. Could we once again face personal protection equipment shortages?

DOD Announces $74.9 Million in Defense Production Act ...

When it comes to semiconductors, the following is important to know:

In part from a senate committee: To mitigate supply chain risks and ensure that semiconductors used in sensitive military systems do not have malware embedded in them, in 2004 the Department of Defense established the “Trusted Foundry Program.” Under this program the government identifies companies deemed secure and trustworthy enough to produce chips exclusively for the military. Two facilities currently operate under this program, one in Vermont and one in New York.

The program only produces a small percentage of the nearly 2 billion semiconductors DOD acquires each year. Some observers have expressed concern that the trusted foundries are falling behind technologically compared to commercial fabrication facilities in East Asia. This could leave the U.S. military at a technological disadvantage to China and other countries that buy superior chips.

In 2017, the Defense Advanced Research Projects Agency launched the Electronics Resurgence Initiative, which seeks to address market and technological trends and challenges in the microelectronics sector.

Sounds shaky right? It is as we need results and we need them now. So where is that order by the Biden administration for the Defense Production Act which would jump start real action in all the various reasons for the log jam at ports around the United States? There is no one single reason for the cargo ships being stacked up in Long Beach, Los Angeles, Port Houston, Savannah to name a few.

The United States can relieve the cargo pressures immediately by deploying the National Guard, signing waivers on regulations and by stopping all the financial payments that encourage people to simply not go to work.


The BBC reports in part: 

The shortages hitting countries around the world

A “perfect storm” in China is hitting shoppers and businesses at home and overseas.

It is affecting everything from paper, food, textiles and toys to iPhone chips, says Dr Michal Meidan from the Oxford Institute for Energy Studies.

She says these items “may end up being in short supply this Christmas”.

Then there is the Department of Transportation and the Secretary has been absent….his involvement in this?

Maritime administration –>

U.S. maritime ports are critical links in the U.S. domestic and international trade supply-chain.  Ports serve as centers of commerce where freight and commodities are transferred between cargo ships, barges, trucks, trains, and pipelines.

The Port Infrastructure Development Program supports the efficient movement of commerce upon which our economy relies through discretionary grant funding that helps strengthen, modernize, and improve our country’s maritime systems and gateway ports. Grants are awarded on a competitive basis and support the Nation’s long-term economic vitality.

Port Infrastructure Development grants provide planning, operational and capital financing, and project management assistance to improve port capacity and operations.

Authorization History

The Port Infrastructure and Development Program was authorized by Congress as part of the National Defense Authorization Act for Fiscal Year 2010 (Public Law 111-84). The legislation states that “The Secretary of Transportation, through the Maritime Administrator, shall establish a port infrastructure development program for the improvement of port facilities.”

The law specifically authorizes the Administrator to:

  1. Receive funds provided for the project from Federal, non-Federal, and private entities that have a specific agreement or contract with the Administrator to further the purposes of this subsection;
  2. Coordinate with other Federal agencies to expedite the process established under the National Environmental Policy Act of 1969 (42 U.S.C. 4321 et seq.) for the improvement of port facilities to improve the efficiency of the transportation system, to increase port security, or to provide greater access to port facilities;
  3. Seek to coordinate all reviews or requirements with appropriate local, State, and Federal agencies; and
  4. Provide such technical assistance and financial assistance, including grants, to port authorities or commissions or their subdivisions and agents as needed for project planning, design, and construction.

The authorizing legislation also established a Port Infrastructure Development Fund for use by the Administrator in carrying out projects under the program. The fund is available for the Administrator to:

  1. Administer and carry out projects under the program;
  2. Receive Federal, non-Federal, and private funds from entities which have specific agreements or contracts with the Administrator; and
  3. Make refunds for projects that will not be completed.

There are also additional legislative provisions for the crediting and transfer of monies into the fund.

 

Mexico Cartels Use Video Games to Recruit Children

Beyond the constant threat of Tik Tok, Facebook and Instagram there are at least 2 video games, World of Warcraft and Second Life. Parents, are you managing this or paying attention…globally?

World of Warcraft: Cataclysm | RPG Site.Second Life Review | Game Rankings & Reviews

Beyond parents…what about State Attorneys General or the Department of Justice? crickets….

In full:

Mexican criminal groups have hit on a new way to recruit vulnerable young people into their ranks: reaching out to them while they play video games.

On October 11, authorities in the southern state of Oaxaca announced they had rescued three children, between the ages of 11 and 14, who had reportedly been convinced to run away from home by a human trafficking ring after being contacted through a video game named Free Fire.

The three were found at a home in the town of Santa Lucia de Camino, where they were being held and were set to be sent to Monterrey in the northern state of Nuevo León. They had left their homes a couple of days earlier after receiving messages from a trafficker, posing as a 13-year-old boy in the game.

Earlier in October, a young girl was also rescued after having been lured by a human trafficking group in the western state of Jalisco.

This was far from the most sophisticated such scheme to be discovered in Mexico this year. In September, Mexican investigative journalist Óscar Balderas revealed how one of the country’s foremost criminal actors is trying to recruit children through the most popular video games in the world.

On September 18, a teenage boy playing Grand Theft Auto V online at 3 a.m. received a message from a gamer purporting to be a young man, wearing a bulletproof vest and a military-style helmet in his profile picture. The boy was invited to an in-game event named “RECLUTAMIENTO ABIERTO CDN-ZETAZ VIEJA ESCUELA-35 BATALLON.” The Northeast Cartel (Cartel del Noreste – CDN) and the Old School Zetas (Zetas Vieja Escuela) are both splinter groups of the Zetas, which have been involved in some of Mexico’s worst violence in recent years.

SEE ALSO: Colombia’s Ongoing Child Recruitment Crisis

This fits a pattern reported by numerous young gamers in Mexico in recent months. According to Balderas, messages are sent in the early hours of the morning, when parents are unlikely to be supervising their children’s online activity, openly inviting young gamers to join criminal groups and selling this as a glamorous lifestyle. Some messages alleged that they were being sent by the Sinaloa Cartel or the Jalisco Cartel New Generation (Cartel Jalisco Nueva Generación – CJNG).

In an interview with InSight Crime, Balderas stated that after contacting young people online, the representatives of criminal groups invite them to in-person meetings where they are abducted and forced to join.

And it seems this tactic is more widespread. Since this story broke in September, around ten families have come forward to tell the journalist about similar experiences with online recruitment.

Criminal groups in Mexico routinely abuse numerous children and teenagers and force them to serve in a range of roles, including as hitmen, drug runners or to work in drug manufacturing facilities.

InSight Crime Analysis

Reaching out to impressionable teenagers through video games is fitting for the times.

“It could seem like a pretty inefficient way of getting one or two more sicarios (hitmen) but it’s a silent way of recruiting. If they go ahead and kidnap kids or teenagers in person, this will draw attention. But this is a way of inviting teenagers of their own free will, of getting their loyalty,” Balderas explained to InSight Crime.

It’s also a very low-risk way of proceeding. It appears the recruiters create profiles located in Mexican cities and then send out invitations to all players currently online in a certain radius. The vast majority will probably ignore such messages as spam but a few curious players will accept and get in touch.

Those contacted in this way state that the recruiters appeal to their sense of adventure, promising them excitement, action, money and possessions.

SEE ALSO: Going Door to Door: Mexico City’s Response To Child Recruitment

Islamic terror groups have used this technique for years, with leaks from former National Security Agency (NSA) operative in 2013 revealing how extremists had turned to video games such as World of Warcraft and Second Life.

And the COVID-19 pandemic has only made this strategy more attractive. With schools closed, children have been forced to study online but access to learning platforms and monitoring of their activities by parents and teachers has ranged widely.

Also in September, a Wall Street Journal investigation unveiled how Facebook leadership knew the CJNG was recruiting “aspiring cartel hitmen” via the social network. Despite warnings from a specialized team, pages advertising the CJNG on Facebook and Instagram remained up for up to five months. When they were taken down, new ones soon popped up.

It hasn’t helped. A search on Instagram, the day before this article was published, immediately turned up multiple accounts showing young children carrying weapons, wearing military-style gear or singing the praises of criminal groups in Mexico.