Category Archives: Legislation

Senate Judiciary and Ethics Cmte call for Several Reviews

Posted on by

Investigate, review, examine… no wonder nothing is advancing inside the beltway.

Abbe Lowell is Senator Menendez’s lawyer by the way, who case was declared a mistrial.

Menendez’s bribery and corruption trial ended with the judge declaring a mistrial on Thursday after jurors were unable to come to a consensus on the felony charges after days of deliberating.

The decision is largely considered a win for Menendez, with 10 jurors favoring acquitting him on the charges, while two did not.

But McConnell said the months-long trial “shed light on serious accusations of violating the public’s trust as an elected official, as well as potential violations of the Senate’s Code of Conduct.”

McConnell’s request came hours after he also called on the Ethics Committee to review allegations of sexual misconduct against Democratic Sen. Al Franken (Minn.). McConnell has also warned GOP Senate candidate Roy Moore that he will face an ethics investigation if he wins the special election in Alabama next month. More here.

Foreign Agent Registry, in U.S. and Russia for Media

Posted on by

FARA is the most broken system we have when it comes to checks and balances…we cant begin to determine foreign media operations in the U.S. that are really espionage networks much less ad agencies or lobbyists. Scary right? How about foreign students that are operatives or foreign workers with jobs in government roles or in government contractor positions…we dont even know what we dont know….

Senator Chuck Grassley has called for some changes to FARA.

This is getting testier by the day….the United States is requiring RT to register as a foreign agent. Likewise, Moscow is requiring the same…so thinking about WikiLeaks or Fusion GPS, is there enough evidence they should be registered as foreign agents? Sheesh…here is the rub…

Russian Lawmakers: 9 US-Funded News Outlets Could Be Forced to Register as ‘Foreign Agents’

Russia said Thursday it has warned nine United States government-funded news operations they will probably be designated “foreign agents” under new legislation in retaliation to a U.S. demand that Kremlin-supported television station RT register as such in the United States.

The Russian Justice Ministry said Thursday it had notified the Voice of America (VOA), Radio Free Europe/Radio Liberty (RFE/RL) and seven separate regional outlets active in Russia they could be affected.

The ministry published a list of the outlets on its website, including a statement that said the changes were likely to become law “in the near future.”

Expands 2012 law

Russia’s lower house of parliament approved amendments Wednesday to expand a 2012 law that targets non-governmental organizations to include foreign media. A declaration as a foreign agent would require foreign media to regularly disclose their objectives, full details of finances, funding sources and staffing.

Media outlets also may be required to disclose on their social platforms and internet sites visible in Russia that they are “foreign agents.” The amendments also would allow the extrajudicial blocking of websites the Kremlin considers undesirable.

“We can’t say at this time what effect this will have on our news gathering operations within Russia,” said VOA Director Amanda Bennett. “All we can say is that Voice of America is, by law, an independent, unbiased, fact-based newsorganization, and we remain committed to those principles.”

RFE/RL President Tom Kent said until the legislation becomes law, “we do not know how the Ministry of Justice will use this law in the context of our work.”

No access to cable in Russia

Kent said unlike Sputnik and other Russian media operating in the U.S., U.S. media outlets operating in Russia do not have access to cable television and radio frequencies.

“Russian media in the U.S. are distributing their programs on American cable television. Sputnik has its own radio frequency in Washington. This means that even at the moment there is no equality,” he said.

The speaker of Russia’s lower house, the Duma, said Tuesday that foreign-funded media outlets that refused to register as foreign agents under the proposed legislation would be prohibited from operating in the country.

However, since the law’s language is so broad, it potentially could be used to target any foreign media group, especially if it is in conflict with the Kremlin. Comparatively, the U.S. law targets only state-funded groups. The privately owned American television channel CNN and the German public broadcaster Deutsche Welle also have been mentioned as potential targets.

The amendments, which Amnesty International said would inflict a “serious blow” to media freedom in Russia if they become law, were approved in response to a U.S. accusation that RT executed a Russian-mandated influence campaign on U.S. citizens during the 2016 presidential election, a charge the television channel denies.

Putin has last word

The amendments must next be approved by the Russian Senate and then signed into law by President Vladimir Putin.

RT, which is funded by the Kremlin to provide Russia’s perspective on global issues, confirmed Monday it met the Justice Department’s deadline by registering as a foreign agent in the U.S.

The United States considers RT a propaganda arm of Russia, and told it to register its foreign operation under the Foreign Agents Registration Act aimed at attorneys and lobbyists representing political interests.

Mandatory Anti-Harrassment Training for House Members

Posted on by

So, members misbehave in this manner, there is no consequence except sign this non-disclosure and the taxpayer pays off the victim to be quiet….nice system….NOT

There is virtually nothing in the Code of Ethics for the House and even if there is a violation, whatever that may be, there is no listed punishment…cool huh? No wonder there are no investigations….

RollCall: Rep. Jackie Speier said Tuesday that the House of Representatives has paid out more than $15 million over the last decade to settle harassment cases, though that number also includes discrimination claims.

Speier made the assertion on “Meet the Press Daily” after testifying in Congress about sexual harassment on Capitol Hill.

“Now, we do know that there is about $15 million that has been paid out by the House on behalf of harassers in the last 10 to 15 years,” the California Democrat told Chuck Todd.

However, when asked how many members were involved in cases, Speier said she did not know the specific answer.

Speier’s office clarified Wednesday that the Office of Compliance, which handles workplace and accessibility issues on Capitol Hill, does not provide a breakdown for the type of discrimination payments made.

The OOC’s $15 million figure covered more than 200 payouts made from fiscal years 1997 to 2016 for all claims the office covered, such as racial and religious discrimination cases, discrimination against people with disabilities and sexual harassment, a Speier staffer said.

During her testimony earlier Tuesday, Speier said that two current members of Congress had sexually harassed women.

“Well, it is my responsibility to address the seriousness of this issue,” she said. “These survivors are subject to a non-disclosure agreement. I’m not going to violate their non-disclosure agreement.”

Paul Ryan orders mandatory anti-harassment training for House

Nov. 14 (UPI) House Speaker Paul Ryan announced all House members and staff will be subject to mandatory anti-harassment and discrimination training.

Ryan issued a statement Tuesday after the Committee on House Administration held a hearing as part of its review of the House’s sexual harassment policies, which he said was an “important step” to combatting sexual assault.

“Going forward, the House will adopt a policy of mandatory anti-harassment and anti-discrimination training for all members and staff,” he said. “Our goal is not only to raise awareness, but also make abundantly clear that harassment in any form has no place in this institution.”

During the review, two members of Congress, Rep. Jackie Speier, D-Calif., and Rep. Barbara Comstock, R-Va., shared reports that colleagues sexually harassed staffers and others within the House.

“These harasser propositions such as, ‘are you going to be a good girl?’ to perpetrators exposing their genitals, to victims having their private parts grabbed on the House floor. All they ask as staff members is to be able to work in a hostile-free work environment. They want the system fixed, and the perpetrators held accountable,” Speier said.

She added she had been told two sitting members of Congress had allegedly engaged in sexual harassment.

“I have had numerous meetings with phone calls with staffers, both present and former, women and men who have been subjected to this inexcusable and often illegal behavior,” she said. “In fact, there are two members of Congress, Republican and Democrat, right now, who … have engaged in sexual harassment.”

Comstock said she recently had been informed of a current member of Congress who exposed himself to a female staffer who was delivering materials to his home.

“There is a new recognition of this problem and the need for change of culture that looks the other way because of who the offenders are,” she said. “Whether it’s Bill Cosby, Bill O’Reilly, Mark Halperin, Roger Ailes, Kevin Spacey or one of our own, it’s time to say no more.”

Ryan said the House will work to install proper policies to combat sexual harassment as its review of the matter continues.

“As we work with the administration, ethics, and rules committees to implement mandatory training, we will continue our review to make sure the right policies and resources are in place to prevent and report harassment,” he said.

Drug Cartels Upped the Game with Weaponized Drones

Posted on by

Image result for cartels weaponized drones

photo

Police in Mexico pulled over four men in a pickup truck near the city of Salamanca in Guanajuato state on October 20 and got a nasty surprise. Along with an AK-47 assault rifle, the men had in their possession an unmanned aerial vehicle fitted with a “large explosive device” and a remote detonator.

That’s right: a weaponized drone.

Police didn’t say whether they suspected the men of ties to drug cartels. But Guanajuato is currently contested by several drug gangs, including the Sinaloa cartel, Los Zetas, and Cártel Jalisco Nueva Generación, or CJNG, according to Dr. Robert Bunker, a fellow with Small Wars Journal, a military trade publication.

ISIS set up factories in Iraq and Syria to modify mortar bombs—basically, small artillery shells—to fit on small drones. During intensive fighting in the Iraqi city of Mosul in February, ISIS’s drones were “the main problem” for coalition troops, Captain Ali, an Iraqi officer, told War Is Boring.

The cartels, for their part, have been using so-called “potato bombs”—hand-grenade-size improvised explosive devices—in attacks on each other and authorities. Bunker said the explosive the police found alongside the drone in Guanajuato is “consistent” with a potato bomb.

The cartels could also draw inspiration from online-retailer Amazon and its delivery drones. “As both Islamic State and Amazon have shown, small drones are an efficient way of carrying a payload to a target,” said Nick Waters, a former British Army officer and independent drone expert. “Whether that payload is your new book or several hundred grams of explosive is up to the sender.”

But don’t panic, Waters and other experts said. Drug cartels were plenty dangerous before they weaponized flying robots. Potato bomb-hauling drones might just give narcos more options for perpetrating crimes they are perfectly capable of pulling off some other way. “Considering their already impressive traditional capability, I think this will probably be another tool rather than a game-changing capability,” Waters said.

You should be “no more worried than you should be by cartels also using machine guns, car bombs, machetes, etc,” Singer said. More here.

New report shows how Mexican cartels are infiltrating Texas

Mexican cartels smuggle more drugs into the U.S. than any other criminal group, the federal Drug Enforcement Administration said in a new report.

The 2017 National Drug Threat Assessment released in October lists six cartels as having major influences across the country and Texas.

Cartels’ influence in Texas is far-reaching, affecting cities hundreds of miles from the state’s border with Mexico.

San Antonio is the only city in the state with a drug trade controlled by the Cartel Jalisco Nueva Generacion, which deals mostly with methamphetamine, cocaine, heroin and marijuana, according to the DEA.

The Gulf Cartel has a hold on cities in Texas’ tip and coastal bend. McAllen, Brownsville, Corpus Christi, Galveston, Houston and Beaumont are impacted most by the Gulf Cartel which mostly brings marijuana and cocaine into the area, according to the DEA. Drugs smuggled through the Gulf Cartel are mostly brought in through the area between the Rio Grande Valley and South Padre Island.

Every week in Houston, a relative of a Gulf Cartel leader receives 100 kilograms of cocaine, according to the DEA.

Moving West, Los Zetas control two cities and the Juarez Cartel has a hold on Alpine, Midland, El Paso and Lubbock.

While the arrests of two Los Zetas leaders has weakened the cartel’s influence on Eagle Pass and Laredo, its presence is still felt because of members who have assumed control, bringing cocaine, heroin, methamphetamine and marijuana into Texas.

The Sinaloa Cartel, formerly run by prison escape artist Joaquin “El Chapo” Guzman,” is most found in Dallas, Lubbock and Fort Worth, according to the DEA.

DEA map of Mexican cartels in the US photo

The FY 2017 OCDETF Program Budget Request comprises 2,975 positions, 2,902 FTE,
and $522.135 million in funding for the Interagency Crime and Drug Enforcement (ICDE)
Appropriation, to be used for investigative and prosecutorial costs associated with OCDETF cases targeting high-level criminal drug and money laundering networks as well as priority transnational poly-crime organizations whose primary criminal activity may not necessarily be drug-related. Go here to read the full report.
.

 

Hacking Public Schools, 757’s and the Defense Dept

Posted on by

Hack-O-Matic…some good ones and others not so much.

800 Schools

“Unless we have irrefutable evidence to suggest otherwise, we need to assume confidential data has been compromised,” Hamid Karimi, vice president of business development and the security expert at Beyond Security. “That should be a cause for concern. To remedy the situation, all schools and institutions that serve minors must submit to (a) stricter set of cybersecurity rules.”

photo

The breached school websites, which spanned nationwide from New Jersey to Arizona and Virginia to Connecticut, are all powered by a company called SchoolDesk. The company since has handed over its server —  which runs out of Georgia —  to the FBI for investigation and also has hired external security firms to trace the hackers. The Atlanta-based company said after the hack that technicians detected that a small file had been injected into the root of one of its websites.

“The websites were redirected to an iframed YouTube video. No data was lost or altered in any way. Because we’re currently working with the FBI in an active investigation of this incident, as well as forensic team from Microsoft, we cannot yet discuss any technical details or exact methods of access to SchoolDesk’s network or software,” a spokesperson for SchoolDesk told Fox News.

The company has insisted that no personal or student information was exposed, but some security experts say the matter should be closely monitored, especially as minors are involved.

“In most hacks, organizations do not have full visibility into what happened or what information was compromised,” surmised Eric Cole, who served as commissioner on cyber security for President Barack Obama, and was formally a senior vice president at MacAfee and the chief scientist at Lockheed Martin. “In almost every breach, what is initially reported is usually extremely conservative and over the weeks following a breach, it is always worse than what was originally reported.”

The proud culprits of the hack? A shadowy pro-ISIS hacktivist outfit known as “Team System DZ.” Barely reported by Fox News, while other media outlets did nothing about about.

***

Pentagon Hackers for Hire

Just over a year ago, following the success of the pilot, we announced the U.S. Department of Defense was expanding its “Hack the Pentagon,” initiatives. To date, HackerOne and DoD have run bug bounty challenges for Hack the Pentagon, Hack the Army and Hack the Air Force.

The success of these programs has been undeniable and our amazing community of hackers continues to impress even us!

DoD has resolved nearly 500 vulnerabilities in public facing systems with bug bounty challenges and hackers have earned over $300,000 in bounties for their contributions — exceeding expectations and saving the DoD millions of dollars. You can read more in our recent case study “Defending the Federal Government from Cyber Attacks.”

htp

2,837 Bugs Resolved With DoD’s Vulnerability Disclosure Policy

The DoD’s Vulnerability Disclosure Policy (VDP) is another essential, likely less talked about, part of the Hack the Pentagon initiative pioneered by DoD’s Defense Digital Service team.

A VDP is the, “see something say something of the internet”. DoD’s policy, and others like it, provide clear guidance for any hacker anywhere in the world to safely report a potential vulnerability so it can be resolved. Maintaining the security of the DoD’s networks is a top priority and their VDP is another proven way to resolve unknown security issues.

While a bounty or cash incentives are not awarded for vulnerabilities reported through the VDP, that has not stopped hackers eager to do their part to help protect the DoD’s assets. Nearly 650 hackers from more than 50 countries have successfully reported valid vulnerabilities through the VDP.

Thanks to these hackers and the pioneering team at DoD, 2,837 security vulnerabilities have been resolved in nearly 40 DoD components. Of these vulnerabilities, over 100 have been high or critical severity issues, including remote code executions, SQL injections, and ways to bypass authentication.

While the majority of participating hackers have been from United States, the top contributing countries include India, Great Britain, Pakistan, Philippines, Egypt, Russia, France, Australia and Canada. More here, at least this was a positive objective, we think.

*** Related reading: Boeing 757 Testing Shows Airplanes Vulnerable to Hacking, DHS Says

Hacking Through Aircraft Wi-Fi

A Department of Homeland Security official admitted that a team of experts remotely hacked a Boeing 757 parked at an airport.

During a keynote address on Nov. 8 at the 2017 CyberSat Summit, a Department of Homeland Security (DHS) official admitted that he and his team of experts remotely hacked into a Boeing 757.

This hack was not conducted in a laboratory, but on a 757 parked at the airport in Atlantic City, N.J. And the actual hack occurred over a year ago. We are only now hearing about it thanks to a keynote delivered by Robert Hickey, aviation program manager within the Cyber Security Division of the DHS Science and Technology (S&T) Directorate.

“We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative, penetration,” Hickey said in an article in Avionics Today. “[That] means I didn’t have anybody touching the airplane; I didn’t have an insider threat. I stood off using typical stuff that could get through security, and we were able to establish a presence on the systems of the aircraft.”

While the details of the hack are classified, Hickey admitted that his team of industry experts and academics pulled it off by accessing the 757’s “radio frequency communications.”

We’ve been hearing about how commercial airliners could be hacked for years.

You might remember when a governmental watchdog admitted that the interconnectedness of modern commercial airliners could “potentially provide unauthorized remote access to aircraft avionics systems.” The concern was that a hacker could go through the Wi-Fi passenger network to hijack a plane while it was in flight.

And in a 2015 report by the U.S. Government Accountability Office (pdf), the agency warned, “Internet connectivity in the cabin should be considered a direct link between the aircraft and the outside world, which includes potential malicious actors.”

At the time, U.S. Rep. Peter DeFazio (D-Ore.) said, the “FAA must focus on aircraft certification standards that would prevent a terrorist with a laptop in the cabin or on the ground from taking control of an airplane through the passenger Wi-Fi system.”

The same year, security researcher Chris Roberts ended up in hot water with the feds after tweeting about hacking the United Airlines plane he was traveling on. The FBI claimed Roberts said he took control of the navigation.

A Hack In The Box presentation by Hugo Teso in 2013 suggested that thanks to the lack of authentication features in the protocol Aircraft Communications Addressing and Report System (ACARS), an airliner could be controlled via an Android app. Flight management software companies, as well as the FAA, disputed Teso’s claims.

All of that means that airline pilots have heard of those vulnerabilities before, too. Yet at a technical meeting in March 2017, several shocked airline pilot captains from American Airlines and Delta were briefed on the 2016 Boeing 757 hack. Hickey said, “All seven of them broke their jaw hitting the table when they said, ‘You guys have known about this for years and haven’t bothered to let us know because we depend on this stuff to be absolutely the bible.’”

As CBS News pointed out, Boeing stopped producing 757s in 2004, but that aircraft is still used by major airlines, such as American, Delta and United. President Trump has a 757, and Vice President Pence also uses one. In fact, Avionics Today claimed 90 percent of commercial planes in the sky are legacy aircraft that were not designed with security in mind.

Boeing told CBS that it firmly believes the test “did not identify any cyber vulnerabilities in the 757, or any other Boeing aircraft.”

Furthermore, an unnamed official briefed on the test told CBS the results of the hack on an older aircraft was good information to have, adding, “but I’m not afraid to fly.” (Not feeling good about this aircraft hack at all, dont we have a missing plane or one that crashed where it was suspected there may have been a hack involved?)