LATimes: Her fingerprints were on the ammunition. Her casino players’ card was found in his room. Investigators scoured her social media accounts and emails — one of which he, Stephen Paddock, had access to.
Marilou Danley may not have been present when Paddock unleashed a furious barrage of bullets down on a crowd of 20,000 at a Las Vegas country music festival, killing 58 people and wounding more than 500 others, but her links to his life seemed to be everywhere.
The facts about Danley were among the details revealed when a U.S. District Court judge in Las Vegas unsealed more than 300 pages of search warrants and affidavits at the request of several media outlets, including the Los Angeles Times. The request was unopposed by prosecutors.
But why the 64-year-old Paddock shot up the Route 91 Harvest festival on Oct. 1 remains a mystery, and the search warrants — despite revealing his large cache of weaponry — raise more questions than answers about his actions and motive.
Paddock came to Las Vegas with an arsenal — more than 20 firearms and hundreds of rounds of ammunition and spent casings were found in his room on the 32nd floor of the Mandalay Bay Hotel and Casino. Other search warrants revealed more than 1,000 rounds and 100 pounds of explosive material in his car.
Authorities also recovered 18 firearms and more than 1,000 rounds at Paddock’s house in Mesquite, Nev. A “large quantity of firearms” was recovered from another residence he had in Reno.
The search warrants also covered electronic accounts and social media accounts of Paddock and Danley. They revealed an exchange about a money wire transfer. Danley returned from a trip to the Philippines days after the shooting, but wasn’t arrested when she arrived in the United States.
Las Vegas Shooting Warrants by MikeBalsamoReports on Scribd
According to an affidavit, Danley was identified early on “as the most likely person who aided or abetted Stephen Paddock based on her informing law enforcement that her fingerprints would likely be found on the ammunition used during the attack.”In the court documents, she told investigators she occasionally participated in the loading of the magazines.
Danley has fully cooperated with authorities and has released statements saying she had no idea what Paddock was planning and that she was devastated by the massacre. She was never arrested, though was deemed “a person of interest” by police after the shooting. Her attorney could not be reached for comment.
Officials with the Las Vegas Metropolitan Police Department did not return a request for comment.
Not much is known about Danley’s and Paddock’s relationship, though workers at a Starbucks in a Mesquite casino recalled that he had a habit of berating her in public. The abuse would come if she asked to use his casino card to make a purchase. Danley stood only elbow high to Paddock, a tall man with a beer belly.
Esperanza Mendoza, a supervisor at the Starbucks, told The Times in October: “He would glare down at her and say — with a mean attitude — ‘You don’t need my casino card for this. I’m paying for your drink, just like I’m paying for you.’ Then she would softly say, ‘OK,’ and step back behind him. He was so rude to her in front of us.”
On Friday, U.S. District Judge Jennifer Dorsey said she saw no reason to keep the warrants sealed, especially since lawyers with the federal government did not oppose the unsealing, with some minor redactions. However, 10 pages were kept under seal pending a hearing in state court Tuesday.
Authorities also revealed in the court documents emails from Amazon to Paddock’s email account with his home in Mesquite as the destination. It showed that on Sept. 7, 2017, he received an email related to the purchase of a “EOTech 512 A65 Tactical Holographic firearm accessory.”
Amazon confirmed the delivery would go to his residence. “Investigators believe this piece of equipment was utilized in the attack carried out by Stephen Paddock,” the affidavit read.
The warrants released Friday also produced a puzzling email exchange that Paddock appeared to have with himself.
One instance where investigators identified two email account attached to him — [email protected] and [email protected] — an exchange began with “Try an ar before u buy. We have a huge selection. Located in the Las Vegas area.”
Later that day, an email was received back from [email protected] that read “we have a wide variety of optics and ammunition to try.”
Then Paddock sent an email to [email protected] that read: “for a thrill try out bumpfire ar’s with 100 round magazine.”
In the affidavit, investigators said they believed the communications may have been related to the eventual attack. Authorities have said Paddock used a “bump stock,” a device that can make semiautomatic guns mimic the rapid fire of automatic weapons.
But FBI investigators appeared perplexed by the exchange.
“Investigators have been unable to figure out why Stephen Paddock would be exchanging messages related to weapons that were utilized in the attack between two of his email accounts. Conversely, if the Target Account was not controlled by Stephen Paddock, investigators need to determine who was communicating with him about weapons that were used in the attack,” according to a warrant.
There was also a warrant that revealed Paddock’s room at Mandalay Bay had three cellphones. Two were unlocked, but “neither contained significant information that allowed investigators to determine the full scope of Stephen Paddock’s planning and preparation for the attack.”
The third phone, however, was unable to be unlocked, the affidavit said.
Category Archives: Department of Homeland Security
UN Declaration, Regular, Constant Global Migration = Insurgency
Berlin – A new series launched by the Global Migration Data Analysis Centre (GMDAC) of IOM, the UN Migration Agency, aims to summarize the existing evidence on migration in an accurate and accessible fashion, to support discussions and any follow-up activities of the Global Compact for Safe, Orderly and Regular Migration.
Note the words orderly and regular….if the United Nations and peacekeeping operations as well as the aid, education, construction and protection campaigns were successful, migration would not be required especially in non-war torn countries. Right? Or how about all these other global human interest organizations….they failing too? Those like the Clinton Foundation or hey how about the Gates Foundation, which is a private foundation founded by Bill and Melinda Gates. It was launched in 2000 and is said to be the largest private foundation in the US, holding $38 billion in assets, improving lives from Seattle to South Africa….ahem.
Check here for the largest 10 organizations…. if all this work and money and resources were effective, then why the migration at all?
For the first time on 19 September 2016 Heads of State and Government came together to discuss, at the global level within the UN General Assembly, issues related to migration and refugees. This sent an important political message that migration and refugee matters have become major issues in the international agenda. In adopting the New York Declaration for Refugees and Migrants, the 193 UN Member States recognized the need for a comprehensive approach to human mobility and enhanced cooperation at the global level.
What are the aims of the global compact for migration?
The global compact is framed consistent with target 10.7 of the 2030 Agenda for Sustainable Development in which member States committed to cooperate internationally to facilitate safe, orderly and regular migration and its scope is defined in Annex II of the New York Declaration. It is intended to:
- address all aspects of international migration, including the humanitarian, developmental, human rights-related and other aspects;
- make an important contribution to global governance and enhance coordination on international migration;
- present a framework for comprehensive international cooperation on migrants and human mobility;
- set out a range of actionable commitments, means of implementation and a framework for follow-up and review among Member States regarding international migration in all its dimensions;
- be guided by the 2030 Agenda for Sustainable Development and the Addis Ababa Action Agenda; and
- be informed by the Declaration of the 2013 High-Level Dialogue on International Migration and Development.
The development of the global compact for migration – an open, transparent and inclusive process
The Modalities Resolution for the intergovernmental negotiations of the global compact for safe, orderly and regular migration outline the key elements and timeline of the process. The global compact will be developed through an open, transparent and inclusive process of consultations and negotiations and the effective participation of all relevant stakeholders, including civil society, the private sector, academic institutions, parliaments, diaspora communities, and migrant organizations in both the intergovernmental conference and its preparatory process.
US Treasury to Publish Russian Oligarch Corruption Index
In December of 2015, Obama took aggressive action expelling Russian diplomats over hacking and political intrusion.
“In addition, the Russian Government has impeded our diplomatic operations by, among other actions — forcing the closure of 28 American corners which hosted cultural programs and English-language teaching; blocking our efforts to begin the construction of a new, safer facility for our Consulate General in St Petersburg; and rejecting requests to improve perimeter security at the current, outdated facility in St Petersburg.” Some additional actions and those expelled include:
Two Russian intelligence agencies, the GRU and the FSB, four GRU officers and three companies “that provided material support to the GRU’s cyber operations”.
The White House named Igor Valentinovich Korobov, the current chief of the GRU; Sergey Aleksandrovich Gizunov, deputy chief of the GRU; Igor Olegovich Kostyukov, a first deputy chief of the GRU; and Vladimir Stepanovich Alexseyev, also a first deputy chief of the GRU. The Obama Executive Order is here.
Russia’s Oligarchs Brace for U.S. List of Putin Friends
(Bloomberg) — The U.S. Treasury Department is finishing its first official list of “oligarchs” close to President Vladimir Putin’s government, setting off a flurry of moves by wealthy Russians to shield their fortunes and reputations.
Some people who think they’re likely to land on the list have stress-tested the potential impact on their investments, two people with knowledge of the matter said. Others are liquidating holdings, according to their U.S. advisers.
Russian businessmen have approached former Treasury and State Department officials with experience in sanctions for help staying off the list, said Dan Fried, who previously worked at the State Department and said he turned down such offers.
Some Russians sent proxies to Washington in an attempt to avoid lobbying disclosures, according to one person that was contacted.
The report is expected to amount to a blacklist of Russia’s elite. It was mandated by a law President Donald Trump reluctantly signed in August intended to penalize the Kremlin for its alleged meddling in the 2016 election.
A rare piece of legislation passed with a bipartisan veto-proof margin, the law gave Treasury, the State Department and intelligence agencies 180 days to identify people by “their closeness to the Russian regime and their net worth.”
That deadline is Jan. 29.
Shamed Oligarchs
The list has also become a headache within Treasury, where some officials are concerned it will be conflated with sanctions, a person familiar with the matter said.
Treasury officials are considering keeping some portions of the report classified — which the law allows — and issuing it in the form of a letter from a senior official, Sigal Mandelker, instead of releasing it through the Office of Foreign Assets Control, which issues sanctions.
That would help distinguish it from separate lists of Russians subject to U.S. economic penalties, said the person, who spoke on condition of anonymity.
“You’re going to have people getting shamed. It’s a step below a sanction because it doesn’t actually block any assets, but has the same optics as sanctions — you’re on a list of people who are engaged in doing bad things,” said Erich Ferrari, who founded Ferrari & Associates in Washington and has helped people get removed from the sanctions designation list.
Corruption Index
The report must include “indices of corruption” with the oligarch’s names and list any foreign assets they may own. Lawmakers expect the list to provide a basis for future punitive actions against Russia.
“Because of the nervousness that the Russian business community is facing, a number of oligarchs are already beginning to wind back businesses, treating them as if they are already designated, to stay ahead of it,” said Daniel Tannebaum, head of Pricewaterhousecoopers LLP’s global financial sanctions unit.
He advises a handful of wealthy Russian individuals and some businesses who he declined to identify.
Treasury’s terrorism and financial intelligence unit is working with the State Department and Office of National Intelligence to complete the report, said a spokesman who declined to elaborate on the criteria for the list or whether it would be made public.
“It should be released in the near future,” Treasury Secretary Steve Mnuchin said at a White House briefing. ‘It’s something we’re very focused on.”
‘Allows Mischief’
The list’s impact will depend on how it’s released, said Adam Smith, a former senior adviser in Treasury’s sanctions unit and now a partner at Gibson, Dunn & Crutcher LLP in Washington.
The law is “written in a way that it allows mischief if the administration wanted to go a different way,” Smith said. “If the president wanted to provide little or a lot and be very selective, he has the ability to do that.”
That discretion partly flows from the criteria used to assemble the list, which Congress left up to Treasury.
Senator Ben Cardin of Maryland, the ranking Democrat on the committee on foreign relations, said he would like to see “as much transparency as possible” from Treasury when it finishes the list.
Russia has sought to defend its elites. Putin warned of worsening U.S. sanctions last month and introduced a capital amnesty program to encourage wealthy nationals to repatriate some of their overseas assets.
He also approved a plan to issue special bonds designed to give the wealthy a way to hold their dollar assets out of reach of the U.S. Treasury.
‘Disgusting’ Relations
While compilation of the list doesn’t mean there’ll be a new round of tit-for-tat sanctions, Russia will react to any punitive measures against its business people, Kremlin spokesman Dmitry Peskov told reporters on a conference call Friday.
“The principle of reciprocity remains,” and it would be for Putin to decide on the best response, he said.
Prime Minister Dmitry Medvedev, a Putin lieutenant for two decades, called the state of the relationship “disgusting” in November.
Congress has also requested that Treasury submit an impact analysis of potential sanctions on Russian sovereign bonds. A Treasury spokesman said its international affairs office is working on the analysis.
U.S. sanctions on the bonds would deal a major blow to Russia’s finances, raising the prospect of a selloff in the bond market, posing a risk to the ruble and the potential for higher borrowing costs.
The Russian Finance Ministry relies on debt to cover budget shortfalls and is seeking to borrow $18 billion domestically in 2018.
APT 28 Fancy Bear Espionage Target US Senate
While Robert Mueller continues his robust investigation into all things Russia and his team is under critical pushback, one must consider that his work could and should produce a report on the constant and critical threat of cyber hacking by Russia. The United States does not have a cyber policy but it does have a CyberCommand. Congress cannot draft any legislation on global cyber policy and consequence.
Beginning in June 2017, phishing sites were set up mimicking the ADFS (Active Directory Federation Services) of the U.S. Senate. By looking at the digital fingerprints of these phishing sites and comparing them with a large data set that spans almost five years, we can uniquely relate them to a couple of Pawn Storm incidents in 2016 and 2017. The real ADFS server of the U.S. Senate is not reachable on the open internet, however phishing of users’ credentials on an ADFS server that is behind a firewall still makes sense. In case an actor already has a foothold in an organization after compromising one user account, credential phishing could help him get closer to high profile users of interest. More here from:
Update on Pawn Storm: New Targets and Politically Motivated Campaigns
PARIS (AP) — The same Russian government-aligned hackers who penetrated the Democratic Party have spent the past few months laying the groundwork for an espionage campaign against the U.S. Senate, a cybersecurity firm said Friday.
The revelation suggests the group often nicknamed Fancy Bear, whose hacking campaign scrambled the 2016 U.S. electoral contest, is still busy trying to gather the emails of America’s political elite.
“They’re still very active — in making preparations at least — to influence public opinion again,” said Feike Hacquebord, a security researcher at Trend Micro Inc., which published the report . “They are looking for information they might leak later.”
The Senate Sergeant at Arms office, which is responsible for the upper house’s security, declined to comment.
Hacquebord said he based his report on the discovery of a clutch of suspicious-looking websites dressed up to look like the U.S. Senate’s internal email system. He then cross-referenced digital fingerprints associated with those sites to ones used almost exclusively by Fancy Bear, which his Tokyo-based firm dubs “Pawn Storm.”
Trend Micro previously drew international attention when it used an identical technique to uncover a set of decoy websites apparently set up to harvest emails from the French presidential candidate Emmanuel Macron’s campaign in April 2017. The sites’ discovery was followed two months later by a still-unexplained publication of private emails from several Macron staffers in the final days of the race.
Hacquebord said the rogue Senate sites — which were set up in June and September of 2017 — matched their French counterparts.
“That is exactly the way they attacked the Macron campaign in France,” he said.
Attribution is extremely tricky in the world of cybersecurity, where hackers routinely use misdirection and red herrings to fool their adversaries. But Tend Micro, which has followed Fancy Bear for years, said there could be no doubt.
“We are 100 percent sure that it can attributed to the Pawn Storm group,” said Rik Ferguson, one of the Hacquebord’s colleagues.
Like many cybersecurity companies, Trend Micro refuses to speculate publicly on who is behind such groups, referring to Pawn Storm only as having “Russia-related interests.” But the U.S. intelligence community alleges that Russia’s military intelligence service pulls the hackers’ strings and a months-long Associated Press investigation into the group, drawing on a vast database of targets supplied by the cybersecurity firm Secureworks, has determined that the group is closely attuned to the Kremlin’s objectives.
If Fancy Bear has targeted the Senate over the past few months, it wouldn’t be the first time. An AP analysis of Secureworks’ list shows that several staffers there were targeted between 2015 and 2016.
Among them: Robert Zarate, now the foreign policy adviser to Florida Senator Marco Rubio; Josh Holmes, a former chief of staff to Senate Majority Leader Mitch McConnell who now runs a Washington consultancy; and Jason Thielman, the chief of staff to Montana Senator Steve Daines. A Congressional researcher specializing in national security issues was also targeted.
Fancy Bear’s interests aren’t limited to U.S. politics; the group also appears to have the Olympics in mind.
Trend Micro’s report said the group had set up infrastructure aimed at collecting emails from a series of Olympic winter sports federations, including the International Ski Federation, the International Ice Hockey Federation, the International Bobsleigh & Skeleton Federation, the International Luge Federation and the International Biathlon Union.
The targeting of Olympic groups comes as relations between Russia and the International Olympic Committee are particularly fraught. Russian athletes are being forced to compete under a neutral flag in the upcoming Pyeongchang Olympics following an extraordinary doping scandal that has seen 43 athletes and several Russian officials banned for life. Amid speculation that Russia could retaliate by orchestrating the leak of prominent Olympic officials’ emails, cybersecurity firms including McAfee and ThreatConnect have picked up on signs that state-backed hackers are making moves against winter sports staff and anti-doping officials.
On Wednesday, a group that has brazenly adopted the Fancy Bear nickname began publishing what appeared to be Olympics and doping-related emails from between September 2016 and March 2017. The contents were largely unremarkable but their publication was covered extensively by Russian state media and some read the leak as a warning to Olympic officials not to press Moscow too hard over the doping scandal.
Whether any Senate emails could be published in such a way isn’t clear. Previous warnings that German lawmakers’ correspondence might be leaked by Fancy Bear ahead of last year’s election there appear to have come to nothing.
On the other hand, the group has previously dumped at least one U.S. legislator’s correspondence onto the web.
One of the targets on Secureworks’ list was Colorado State Senator Andy Kerr, who said thousands of his emails were posted to an obscure section of the website DCLeaks — a web portal better known for publishing emails belonging to retired Gen. Colin Powell and various members of Hillary Clinton’s campaign — in late 2016.
Kerr said he was still bewildered as to why he was targeted. He said that while he supported transparency, “there should be some process and some system to it.
“It shouldn’t be up to a foreign government or some hacker to say what gets released and what shouldn’t.”
Jeff Sessions’ DoJ and Operation Janus
A Department of Homeland Security initiative, Operation Janus, identified about 315,000 cases where some fingerprint data was missing from the centralized digital fingerprint repository. Among those cases, some may have sought to circumvent criminal record and other background checks in the naturalization process. These cases are the result of an ongoing collaboration between the two departments to investigate and seek denaturalization proceedings against those who obtained citizenship unlawfully. USCIS dedicated a team to review these Operation Janus cases, and the agency has stated its intention to refer approximately an additional 1,600 for prosecution.
In 2009, CBP provided the results of Operation Targeting Groups of InadmissibleSubjects, now referred to as Operation Janus, to DHS. In response, the DHSCounterterrorism Working Group coordinated with multiple DHS componentsto form a working group to address the problem of aliens from special interestcountries receiving immigration benefits after changing their identities andconcealing their final deportation orders. In 2010, DHS’ Office of OperationsCoordination (OPS) began coordinating the Operation Janus working group.***
The Office of the Inspector General report on Operation Janus. So, we have our first case…appears more to come.
VOA: A federal judge last week stripped an Indian national of his U.S. citizenship in what officials described as the first case to grow out of an Obama-era federal investigation that exposed rampant fraud among citizenship applicants.
Federal prosecutors had sought the denaturalization of Baljinder Singh in September, arguing that the 43-year-old native of India had fraudulently obtained his citizenship.
According to prosecutors, Singh first entered the U.S. under a false name in 1991 and subsequently faced deportation, but he failed to disclose that information in his 2004 citizenship application.
Under U.S. law, naturalization can be revoked if it was obtained through fraud.
On January 5, Federal Judge Stanley Chesler of the District of New Jersey, where Singh lives, granted the government’s request to revoke Singh’s citizenship, reverting his status to a green card holder and potentially subjecting him to deportation, the Justice Department announced Tuesday.
The judge’s order came after Singh failed to respond to the Justice Department’s denaturalization complaint and subsequent request for a summary judgment, according to court documents.
Singh could not be immediately reached.
Operation Janus
The Justice Department said the case was the first to result from Operation Janus, a Department of Homeland Security probe that identified 315,000 immigrants whose fingerprints were missing from government databases. The immigrants faced deportation or were criminal fugitives and “some may have sought to circumvent criminal record and other background checks in the naturalization process,” the Department said.
A 2016 audit by the Homeland Security Department’s inspector general first disclosed the missing fingerprint data and found that the U.S. Citizenship and Immigration Services had mistakenly granted citizenship to at least 858 immigrants facing deportation.
The immigrants used different names and birth dates to apply for citizenship, according to the audit.
The inspector general criticized Immigration and Customs Enforcement for failing to investigate the apparently fraudulently naturalized citizens but said the agency was “now taking steps to increase the number of cases to be investigated, particularly those who hold positions of public trust and who have security clearances.”
The pace of the investigations appears to have picked up over the past year, with the U.S. Citizenship and Immigration Services reporting a “growing body of cases” to the Justice Department.
Last year, the Justice Department filed 25 civil denaturalization cases and 57 criminal cases, according to a department spokesman.
The U.S. immigration agency said it plans to refer about 1,600 additional cases uncovered by Operation Janus for possible denaturalization.
“I hope this case, and those to follow, send a loud message that attempting to fraudulently obtain U.S. citizenship will not be tolerated,” USCIS Director Francis Cissna said in a statement. “Our nation’s citizens deserve nothing less.”
Denaturalization
Singh faces certain deportation, according to Amanda Frost, a professor at the American University Washington School of Law.
“Now that they’ve denaturalized him, their next move is to take away his green card and deport him,” Frost said. “If they don’t do that, I’m not sure what the purpose of this entire proceeding was.”
Chad Readler, the acting head of the Justice Department’s Civil Division, said Singh had “exploited our immigration system and unlawfully secured the ultimate immigration benefit of naturalization.”
“The Justice Department will continue to use every tool to protect the integrity of our nation’s immigration system, including the use of civil denaturalization,” Readler added.
The government is also seeking the denaturalization of two Pakistani nationals who are accused of concealing deportation orders from immigration officials.
In recent years, the number of denaturalization cases has been in the dozens, according to Frost. But Operation Janus suggests that the government is “putting more resources into this than it did before,” Frost said.
The U.S. government used denaturalization throughout the first half of the 20th century to take away the citizenship of people suspected of Communist sympathies or fighting in foreign wars.
But a landmark Supreme Court decision in 1967, Afroyim v. Rusk, put an end to the practice, said Frost, who researches denaturalization.
“The court made it clear that denaturalization was limited,” Frost said.
Last year, the Supreme Court handed down a decision in another denaturalization case, barring the government from denaturalizing citizens for making “non-material” false statements on their citizenship applications.
“It served to remind the government that there are many constitutional protections in this area and that denaturalization must be done carefully,” she said.
