FBI is Investigating a Mysterious Postcard

SolarWinds hackers also breached the US NNSA nuclear ... source

(Reuters) – The FBI is investigating a mysterious postcard sent to the home of cybersecurity firm FireEye’s chief executive days after it found initial evidence of a suspected Russian hacking operation on dozens of U.S. government agencies and private American companies.

U.S. officials familiar with the postcard are investigating whether it was sent by people associated with a Russian intelligence service due its timing and content, which suggests internal knowledge of last year’s hack well before it was publicly disclosed in December.

Moscow has denied involvement in the hack, which U.S. intelligence agencies publicly attributed here to Russian state actors.

The postcard carries FireEye’s logo, is addressed to CEO Kevin Mandia, and calls into question the ability of the Milpitas, California-based firm to accurately attribute cyber operations to the Russian government.

People familiar with Mandia’s postcard summarized its content to Reuters. It shows a cartoon with the text: “Hey look Russians” and “Putin did it!”

The opaque message itself did not help FireEye find the breach, but rather arrived in the early stages of its investigation. This has led people familiar with the matter to believe the sender was attempting to “troll” or push the company off the trail by intimidating a senior executive.

Reuters could not determine who sent the postcard. U.S. law enforcement and intelligence agencies are spearheading the probe into its origin, the sources familiar said.

The FBI did not provide comment. A FireEye representative declined to discuss the postcard.

A disinformation researcher from the Rand Corporation, Todd Helmus, received a similar postcard in 2019, based on an image of it Helmus posted to Twitter. Helmus, who studies digital propaganda, said he received the postcard after testifying to Congress about Russian disinformation tactics.

FireEye discovered the Russian hacking campaign – now known as “Solorigate” for how it leveraged supply chain vulnerabilities in network management firm Solarwinds – because of an anomalous device login from within FireEye’s network. The odd login triggered a security alert and subsequent investigation, which led to the discovery of the operation.

FireEye worked closely with Microsoft to determine that the infiltration at FireEye in fact represented a hacking campaign that struck at least eight federal agencies including the Treasury, State and Commerce Departments.

When the postcard was sent, FireEye had not yet determined who was behind the cyberattack. A person familiar with the postcard investigation said “this is not typically the Russian SVR’s playbook” but “times are rapidly changing.” SVR is an acronym for the Foreign Intelligence Service of Russia.

A former U.S. intelligence official said the postcard reminded him of a now public mission by U.S. Cyber Command where they sent private messages to Russian hackers ahead of the 2018 congressional elections in the United States.

“The message then from the U.S. was ‘watch your back, we see you’ similar to here,” the former official said.

The extent of the damages tied to the U.S. government hack remains unclear. Emails belonging to senior officials were stolen from an unclassified network at the Treasury and Commerce Departments.FBI says 'ongoing' SolarWinds hack was probably the work ...

Related reading: Third malware strain discovered in SolarWinds supply chain attack

Now known in the cyber world, the heck of Solarwinds continues to rock the nation.

Kaspersky reports finding code similarities between the Sunburst backdoor in SolarWinds’ Orion platform and a known backdoor, Kazuar, which Palo Alto Networks in 2017 associated with the Turla threat group. Kaspersky is cautious about attribution, and notes that there are several possibilities:

  • Sunburst and Kazuar are the work of the same threat group.
  • Sunburst’s developers borrowed from Kazuar.
  • Both backdoors derived from a common source.
  • Kazuar’s developers jumped ship to another threat group that produced Kazuar.
  • Whoever developed Sunburst deliberately introduced subtle false flag clues into their code.

Reuters points out that Estonian intelligence services have long attributed Turla activity to Russia’s FSB (which was unavailable to Reuters for comment).

In an updated Solorigate advisory, CISA released detection and mitigation advice for post-compromise activity in the Microsoft 365 (M365) and Azure environment.

The US District Court for the Southern District of Ohio has responded to Solorigate by requiring that court documents be filed on paper, the Columbus Dispatch reports.

***

Related reading: The SolarWinds Hackers Shared Tricks With a Notorious Russian Spy Group

Reuters: Investigators at Moscow-based cybersecurity firm Kaspersky said the “backdoor” used to compromise up to 18,000 customers of U.S. software maker SolarWinds closely resembled malware tied to a hacking group known as “Turla,” which Estonian authorities have said operates on behalf of Russia’s FSB security service.

The findings are the first publicly-available evidence to support assertions by the United States that Russia orchestrated the hack, which compromised a raft of sensitive federal agencies and is among the most ambitious cyber operations ever disclosed.

Moscow has repeatedly denied the allegations. The FSB did not respond to a request for comment.

Costin Raiu, head of global research and analysis at Kaspersky, said there were three distinct similarities between the SolarWinds backdoor and a hacking tool called “Kazuar” which is used by Turla.

The similarities included the way both pieces of malware attempted to obscure their functions from security analysts, how the hackers identified their victims, and the formula used to calculate periods when the viruses lay dormant in an effort to avoid detection.

“One such finding could be dismissed,” Raiu said. “Two things definitely make me raise an eyebrow. Three is more than a coincidence.”

Confidently attributing cyberattacks is extremely difficult and strewn with possible pitfalls. When Russian hackers disrupted the Winter Olympics opening ceremony in 2018, for example, they deliberately imitated a North Korean group to try and deflect the blame.

Raiu said the digital clues uncovered by his team did not directly implicate Turla in the SolarWinds compromise, but did show there was a yet-to-be determined connection between the two hacking tools.

It’s possible they were deployed by the same group, he said, but also that Kazuar inspired the SolarWinds hackers, both tools were purchased from the same spyware developer, or even that the attackers planted “false flags” to mislead investigators.

Security teams in the United States and other countries are still working to determine the full scope of the SolarWinds hack. Investigators have said it could take months to understand the extent of the compromise and even longer to evict the hackers from victim networks.

U.S. intelligence agencies have said the hackers were “likely Russian in origin” and targeted a small number of high-profile victims as part of an intelligence-gathering operation.

 

States Begin to Push Back on Big Tech Censorship

Google abused its monopoly power, FTC experts found - Mar ... source

The nation is watching the actions of big tech and legislators are pursuing actions to be taken due to censorship. Existing law including anti-trust and new law is being reviewed and rightly so.

Below are a couple of states on the path in the legal realm. State AG’s as well as state legislators are accountable to protect respective citizens and their rights, however private corporations are not subject to 1st Amendment violations but other violations are on the table including abuse of user data and spying. Section 230 in the pivot point when it comes to Congressional action.

Big Tech's biased algorithms abuse consumers and limit ... source

Idaho:

Newsweek: Your T1 WiFi, an internet service provider based in northwestern Idaho, will implement firewalls that restrict access to Facebook and Twitter at its customers’ requests. The provider notified patrons of the new option in emails sent over the weekend. Although customers received an initial message that indicated they would need to opt out of firewalls to continue accessing both social networking sites, Your T1 WiFi later clarified that only those who prefer restrictions will see changes.

The internet provider said that all customers will be filtered into two separate lists, one that signals their interest in firewalls and another that denotes regular coverage. Bret Fink, the owner of Your T1 WiFi, told Newsweek on Monday that the company decided to restrict service this way after receiving numerous calls from individuals using its services. The customers requested that Facebook and Twitter become inaccessible to their respective households, citing concerns about “censorship,” as Your T1 WiFi noted in one of its recent emails.

“It has come to our Attention that Twitter and Facebook are engaged in Censorship of our Customers and Information,” the company wrote. A customer posted screenshots of the email to Twitter on Sunday evening, and Fink verified its contents in his comments to Newsweek.

“We have the past couple days been fielding calls from customers voicing the concern that they do not want these sites allowed to be displayed on their internet feed…and that they do not want their children to go to these sites,” the email continued. “They could do this themselves but some do not have the technical knowledge to do so and it would be very tiresome for us to do it for them and it would be expensive to visit each customer that wants this done.”

Even more interesting is Florida:

(WFLA) — Some Florida Republicans are calling for action against social media “censorship” after President Donald Trump was removed from several platforms last week.

Multiple bills have been filed in Florida’s 2021 Legislative Session to prevent de-platforming on the basis of political speech.

After an insurrection at the U.S. Capitol last Wednesday, social media sites like Facebook and Twitter banned President Trump from their platforms. Facebook said it was banning Trump indefinitely, or at least through the inauguration of President-elect Joe Biden. Twitter later followed suit and permanently suspended the @realDonaldTrump account due to “the risk of further incitement of violence.” Twitter also took action against the official @POTUS account.

Those moves by social media companies were applauded by Florida Democrats.

“We have never seen a president that would conduct himself in such a despicable way. So I think that his removal was justified,” State Sen. Perry Thurston (D-Fort Lauderdale) said.

Google, Apple and Amazon also took action to de-platform the conservative-leaning social media app Parler.

Florida Republicans like State Sen. Ray Rodrigues consider the actions an assault on free speech.

“It seems like big tech is using their resources to push their political agenda and to silence those who do not agree with them,” Rodrigues (R-Fort Myers) said.

Legislation filed in the Florida Senate would require social media companies to inform users why they were banned within 30 days. SB 520 – filed Monday by Sen. Danny Burgess (R-Zephyrhills) – would take effect July 1, 2021 if passed.

A bill in the House goes much further. HB 33 would allow users to sue if they’re banned for political or religious speech for a minimum of $75,000 in damages. The bill is sponsored by State Rep. Anthony Sabatini (R-Clermont).

“All we’re doing here is saying, ‘hey, there’s a new business regulation.’ If you’re ‘X’ amount of size, you cannot discriminate based on political viewpoint,” Sabatini said.

The House bill does allow social media companies to ban users for calls to violence, posting pornography, impersonation or if a court orders the account to be removed.

“The companies could still moderate but they can’t use the moderation exception to Section 230 to basically publish what it is they like and don’t like,” Sabatini explained.

While the Senate version currently doesn’t go as far as the House bill, the sponsor pledged to make it stronger as it moves through the Legislature.

If the legislation ultimately passes, it could potentially be used by President Trump – who is a Florida resident – to seek retribution for his bans from social media platforms.

Parler Sues Amazon

There are 3 counts in the lawsuit where a jury is demanded for a temporary restraining order such that Parler can restore the network.

Count One: Sherman Act, Section 1

AWS is prohibited from contracting or conspiring to restrain trade or commerce.

Count Two: Breach of Contract

AWS breached its contract with Parler by not providing thirty days’ notice before terminating its account.

Count Three: Tortious Interference with a Contract or Business

Expectancy By terminating Parler’s account, AWS will intentionally interfere with the contracts Parler has with millions of its present users, as well as with the users it is projected to gain this week.

The lawsuit is found here.

Parler received more than three-quarters of a million downloads between last Wednesday, when a mob stormed the United States Capitol, and Sunday, when the app was suspended.

And as of Monday:

Face­book Inc. said Mon­day it is re­mov­ing all con­tent men­tion­ing “stop the steal,” a phrase pop­u­lar among sup­port­ers of Pres­i­dent Trump’s claims about the elec­tion, as part of a raft of emer­gency mea­sures to stem mis­in­for­ma­tion and in­cite­ments to vi­o­lence on its plat­form in the lead up to Pres­i­dent-elect Joe Biden’s in­au­gu­ra­tion. More censorship…Stop the Steal is hardly violent speech in a public forum.

The logical question now is will Twitter and Facebook or Signal, WhatsApp and Telegram come clean about what was planned and coordinated on their platforms? Facebook owns WhatsApp, Telegram is owned by 2 Russians based in Germany and Signal was developed by the Signal Foundation and Signal Messenger LLC Whisper, of which Jack Dorsey invested.

Per Wikipedia with footnotes: Signal was reportedly popularized in the United States during the George Floyd protests. As U.S. protests gained momentum, on June 3, Twitter CEO Jack Dorsey tweeted a recommendation for users to download Signal Messenger.[70] Heightened awareness of police monitoring led protesters to use the app to communicate. Black Lives Matter organizers had used the app “for several years”.[71][44] During the first week of June, the encrypted messaging app was downloaded over five times more than it had been during the week prior to the death of George Floyd.[71] In June 2020, Signal Foundation announced a new feature that enables users to blur faces in photos, in response to increased federal efforts to monitor protesters.[44][72]

Read that? Dorsey endorsed the protests and encouraged the protestors to use Signal…..blur faces? WTH?

How about this one just a few days ago?

Terror and Big Tech

How many protests were plotted and launched on big tech platforms and yet AWS targets Parler? Oh the irony….maybe just maybe….there should be a counter-suit against big tech or by Parler….

How about we just just exposing facts…this lil website and author is trying…can you help?

ABC reported:

A few weeks ago, several members of President-elect Joe Biden’s transition team set up a Zoom meeting with senior members of the Anti-Defamation League, the group that studies and tracks hate crimes, to hear recommendations for fighting domestic terrorism and right-wing extremism.

The weighty meeting, focused on one of the most complex threats facing America today, was initiated in the simplest of ways: The ADL requested a meeting through a form on Biden’s transition team website.

“I find it remarkable that … [they] are taking substantive time to meet with advocacy organizations like ours,” said ADL senior adviser George Selim, who participated in the meeting.

“What it says is that this issue is a priority for the incoming administration,” added Selim, one of the Department of Homeland Security’s top experts on domestic terrorism until he was sidelined in the early days of the Trump administration.

But even if such threats are a priority for the incoming team, transition officials acknowledge that when they take charge of the federal government in three weeks, the recent promise Biden made to “shut down violence and hate” will face significant challenges.

In fact, as part of its tone in recent years, the Trump administration has “chosen to defy the data” on domestic threats by publicly focusing on left-wing radical groups like Antifa, instead of white supremacists and anti-government ideologues “that the data show are much more prone to pushing people toward violence,” the former Homeland Security official said.

The majority of domestic terrorism investigations are focused on racially-motivated individuals, and white supremacists are “the biggest chunk of that,” Wray, the FBI director, told lawmakers in September. More here.

The progressives all dismiss the destruction and fear across America that began in Minneapolis and went on to major cities across the country by ANTIFA and BLM….that Wendy’s in Atlanta?

Atlanta protests after Wendy's shooting of Rayshard Brooks ...

Remember? The jewel of the south, Atlanta has yet to recover. Was all that coordinated on Facebook or Twitter? Inquiring minds want to know.

 

Procedures for the 25th Amendment

Speaker Nancy Pelosi announced Democrats are moving forward with trying to remove President Donald Trump from office days after he incited violent riots at the Capitol.
Pelosi told her members in a letter that the House would attempt to pass a measure Monday to call on Vice President Mike Pence to invoke the 25th Amendment and remove Trump from office. If he does not act, Democrats will proceed with impeaching Trump.
“In protecting our Constitution and our Democracy, we will act with urgency, because this President represents an imminent threat to both,” she wrote.

Many Trump supporters inside and outside government have called on Trump to resign to save and rebuild the government, transfer power peacefully and restore confidence in the Republican Party.

 

Pelosi introduces legislation for 25th Amendment ...

Some questions and answers about the 25th Amendment:

WHY WAS IT PASSED?

The push for an amendment detailing presidential succession plans in the event of a president’s disability or death followed the assassination of President John F. Kennedy in 1963. President Lyndon B. Johnson in his 1965 State of the Union promised to “propose laws to insure the necessary continuity of leadership should the President become disabled or die.” The amendment was passed by Congress that year and ratified in 1967.

HAS THE 25TH AMENDMENT BEEN INVOKED BEFORE?

Yes, presidents have temporarily given up power, but those instances have been generally been brief and voluntary, for example when the president was having a medical procedure.

In 2002, President George W. Bush became the first to use the amendment’s Section 3 to temporarily transfer power to Vice President Dick Cheney while Bush was anesthetized for a colonoscopy. Section 4 of the amendment, which allow the Cabinet to declare the president unfit, has never been invoked.

HOW CAN THE CABINET DECLARE THE PRESIDENT UNFIT?

The 25th Amendment’s Section 4 lays out what happens if the president becomes unable to discharge his duties but doesn’t transfer power to the vice president himself.

The vice president and majority of the Cabinet can declare the president unfit. They then would send a letter to the speaker of the House and president pro tempore of the Senate saying so. The vice president then becomes acting president.

The president can send his own letter saying he is fit to serve. But if the vice president and majority of the Cabinet disagree, they can send another letter to Congress within four days. Congress would then have to vote. The president resumes his duties unless both houses of Congress by a two-thirds vote say the president is not ready.

ISN’T THERE SOME OTHER LEGISLATION ABOUT THIS?

Section 4 of the amendment also gives Congress the power to establish a “body” that can, with the support of the vice president, declare that the president is unable to do the job. If they agree the president is unfit, the vice president would take over. But Congress has never set up the body.

Some questions and answers about the 25th Amendment:

WHY WAS IT PASSED?

The push for an amendment detailing presidential succession plans in the event of a president’s disability or death followed the assassination of President John F. Kennedy in 1963. President Lyndon B. Johnson in his 1965 State of the Union promised to “propose laws to insure the necessary continuity of leadership should the President become disabled or die.” The amendment was passed by Congress that year and ratified in 1967.

HAS THE 25TH AMENDMENT BEEN INVOKED BEFORE?

Yes, presidents have temporarily given up power, but those instances have been generally been brief and voluntary, for example when the president was having a medical procedure.

In 2002, President George W. Bush became the first to use the amendment’s Section 3 to temporarily transfer power to Vice President Dick Cheney while Bush was anesthetized for a colonoscopy. Section 4 of the amendment, which allow the Cabinet to declare the president unfit, has never been invoked.


HOW CAN THE CABINET DECLARE THE PRESIDENT UNFIT?

The 25th Amendment’s Section 4 lays out what happens if the president becomes unable to discharge his duties but doesn’t transfer power to the vice president himself.

The vice president and majority of the Cabinet can declare the president unfit. They then would send a letter to the speaker of the House and president pro tempore of the Senate saying so. The vice president then becomes acting president.

The president can send his own letter saying he is fit to serve. But if the vice president and majority of the Cabinet disagree, they can send another letter to Congress within four days. Congress would then have to vote. The president resumes his duties unless both houses of Congress by a two-thirds vote say the president is not ready.

ISN’T THERE SOME OTHER LEGISLATION ABOUT THIS?

Section 4 of the amendment also gives Congress the power to establish a “body” that can, with the support of the vice president, declare that the president is unable to do the job. If they agree the president is unfit, the vice president would take over. But Congress has never set up the body.

Biden Inauguration Donors

It is a cyber war of a financial order…against America..

Let’s begin here with Section 230 shall we? Full immunity…and never amended. Just how decent is big tech? Well on the heels of Alphabet, the parent company of Google giving exclusive assistance to then candidate Hillary Clinton and later as we find out that all big tech uses our data, which we are forced to approve is their terms of service as we are users, while they make big money off of us. Then we find out the conspiracy and collusion between all big tech operations against little and new Parler, much less thousands of other websites as competitors, big tech is more powerful than the Federal government.

Section 230 is a piece of Internet legislation in the United States, passed into law as part of the Communications Decency Act (CDA) of 1996 (a common name for Title V of the Telecommunications Act of 1996), formally codified as Section 230 of the Communications Act of 1934 at 47 U.S.C. § 230.[a] Section 230 generally provides immunity for website publishers from third-party content. At its core, Section 230(c)(1) provides immunity from liability for providers and users of an “interactive computer service” who publish information provided by third-party users:

No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.

The statute in Section 230(c)(2) further provides “Good Samaritan” protection from civil liability for operators of interactive computer services in the removal or moderation of third-party material they deem obscene or offensive, even of constitutionally protected speech, as long as it is done in good faith.

There has been hearing after hearing on The Hill in many committees where the CEO’s of big tech are called on their abuses and they simply defer to feeble apologies or blame algorithmic operations. As President Trump worked diligently to stop or amend Section 230….it ever happened at the congressional level…reading on, perhaps we know why…

Big Tech, Media, Fashion Exec.s Seek to Blackmail Pro-Life ...

Donations and donations and more donations.

Big tech colludes to protect Biden - Advance Australia Even Australia gets-it.

TheBlaze reports: The Biden Inaugural Committee released its list of donors, which included big tech companies Google, Microsoft, and Qualcomm. The Biden Inaugural Committee published the list of its top donors on Saturday, all of whom contributed “over $200 to the 59th Presidential Inaugural activities.”

Besides the big tech giants, other notable benefactors include multinational telecommunications conglomerate Verizon, cable television behemoth Comcast, mass media company Charter Communications, defense and aerospace manufacturer Boeing, health insurance provider Anthem, and medical technology company Masimo Corporation.

Several unions made donations, including the American Federation of Teachers COPE, United Food And Commercial Workers, and the International Brotherhood of Electrical Workers.

The amount of the donations are not provided, but the committee will have to disclose that information within 90 days after Inauguration Day, according to FEC guidance.

“President-elect Joe Biden’s newly formed inaugural committee will accept donations from individuals up to $500,000 and from corporations up to $1 million,” CNBC reported on Nov. 30.

An organization can be named a chair of the inaugural if it gives $1 million, and an individual can be designated as a chair if they donate $500,000. The VIP chair package includes “an invitation to virtual events with the President-elect and Vice President-elect and their spouses with virtual signed photos, along with ‘preferred viewing’ for the inauguration, among other things,” according to Fox News.

A since-deleted “donor” page on the Biden inauguration website had stated the committee “does not accept contributions from fossil fuel companies (i.e., companies whose primary business is the extraction, processing, distribution or sale of oil, gas or coal), their executives, or from PACs organized by them.”

Biden’s campaign had also banned donations from lobbyists and the oil and gas industry. Employees of fossil fuel companies were allowed to donate up to $200.

Biden’s inauguration on Jan. 20 is expected to be significantly smaller in scale because of the coronavirus pandemic. Biden’s inauguration will have a “virtual parade across America,” and feature “diverse, dynamic” performances.

“The parade will celebrate America’s heroes, highlight Americans from all walks of life in different states and regions, and reflect on the diversity, heritage, and resilience of the country as we begin a new American era,” the inaugural committee said in a press release.

“We are excited about the possibilities and opportunities this moment presents to allow all Americans to participate in our country’s sacred inaugural traditions,” said Presidential Inaugural Committee executive director Maju Varghese.

President Donald Trump has proclaimed that he will not attend Biden’s inauguration.