Category Archives: The Denise Simon Experience

Meanwhile, Microsoft Details the Russian Hack of Ukraine

Posted on by

The Windows maker’s Threat Intelligence Center (MSTIC) is tracking the cluster under the moniker ACTINIUM (previously as DEV-0157), sticking to its tradition of identifying nation-state activities by chemical element names.

The Ukrainian government, in November 2021, publicly attributed Gamaredon to the Russian Federal Security Service (FSB) and connected its operations to the FSB Office of Russia in the Republic of Crimea and the city of Sevastopol. Details.

***

Gamaredon APT Improves Toolset to Target Ukraine Government, Military | Threatpost source

The Gamaredon APT was first spotted in 2013 and in 2015, when researchers at LookingGlass shared the details of a cyber espionage operation tracked as Operation Armageddon, targeting other Ukrainian entities. Their “special attention” on Eastern European countries was also confirmed by CERT-UA, the Ukrainian Computer Emergency Response Team.

The discovered attack appears to be designed to lure military personnel: it  leverage a legit document of the “State of the Armed Forces of Ukraine” dated back in the 2nd April 2019. Source

For this reason, Cybaze-Yoroi ZLAB team dissected this suspicious sample to confirm the possible link with Russian threat actors.

***

There are several outside government cyber experts that are reporting much the same as Microsoft as noted here.

Source: While Gamaredon has mainly targeted Ukrainian officials and organizations in the past, the group attempted an attack on January 19 that aimed to compromise a Western government “entity” in Ukraine, researchers at Palo Alto Networks’ Unit 42 organization reported Thursday. Gamaredon leadership includes five Russian Federal Security Service officers, the Security Service of Ukraine said previously.

Microsoft threat researchers released their own findings on Gamaredon in the blog post today, disclosing that the group has been actively involved in malicious cyber activity in Ukraine since October 2021.

While the hacker group has been dubbed “Gamaredon” by Unit 42, Microsoft refers to the group by the name “Actinium.”

“In the last six months, MSTIC has observed ACTINIUM targeting organizations in Ukraine spanning government, military, non-government organizations (NGO), judiciary, law enforcement, and non-profit, with the primary intent of exfiltrating sensitive information, maintaining access, and using acquired access to move laterally into related organizations,” the threat researchers said in the post. “MSTIC has observed ACTINIUM operating out of Crimea with objectives consistent with cyber espionage.”

Evading detection

Tactics used frequently by the group include spear-phishing emails with malicious macro attachments, resulting in deployment of remote templates, the researchers said. By causing a document to load a remote document template with malicious code—the macros—this “ensures that malicious content is only loaded when required (for example, when the user opens the document),” Microsoft said.

“This helps attackers to evade static detections, for example, by systems that scan attachments for malicious content,” the researchers said. “Having the malicious macro hosted remotely also allows an attacker to control when and how the malicious component is delivered, further evading detection by preventing automated systems from obtaining and analyzing the malicious component.”

The Microsoft researchers report that they’ve observed numerous email phishing lures used by Gamaredon, including those that impersonate legitimate organizations, “using benign attachments to establish trust and familiarity with the target.”

In terms of malware, Gamaredon uses a variety of different strains—the most “feature-rich” of which is Pterodo, according to Microsoft. The Pterodo malware family brings an “ability to evade detection and thwart analysis” through the use of a “dynamic Windows function hashing algorithm to map necessary API components, and an ‘on-demand’ scheme for decrypting needed data and freeing allocated heap space when used,” the researchers said.

Meanwhile, the PowerPunch malware used by the group is “an agile and evolving sequence of malicious code,” Microsoft said. Other malware families employed by Gamaredon include ObfuMerry, ObfuBerry, DilongTrash, DinoTrain, and DesertDown.

‘Very agile threat’

Gamaredon “quickly develops new obfuscated and lightweight capabilities to deploy more advanced malware later,” the Microsoft researchers said. “These are fast-moving targets with a high degree of variance.”

Payloads analyzed by the researchers show a major emphasis on obfuscated VBScript (Visual Basic Script), a Microsoft scripting language. “As an attack, this is not a novel approach, yet it continues to prove successful as antivirus solutions must consistently adapt to keep pace with a very agile threat,” the researchers said.

Unit 42 had reported Thursday that Gamaredon’s attempted attack against a western government organization in January involved a targeted phishing attempt.

Instead of emailing the malware downloader to their target, Gamaredon “leveraged a job search and employment service within Ukraine,” the Unit 42 researchers said. “In doing so, the actors searched for an active job posting, uploaded their downloader as a resume and submitted it through the job search platform to a Western government entity.”

Due to the “steps and precision delivery involved in this campaign, it appears this may have been a specific, deliberate attempt by Gamaredon to compromise this Western government organization,” Unit 42 said in its post.

Unit 42 has said it’s not identifying or further describing the western government entity that was targeted by Gamaredon.

No connection to ‘WhisperGate’ attacks

The attempted January 19 attack by Gamaredon came less than a week after more than 70 Ukrainian government websites were targeted with the new “WhisperGate” family of malware.

However, the threat actor responsible for those attacks appears to be separate from Gamaredon, the Microsoft researchers said in the post today. The Microsoft Threat Intelligence Center “has not found any indicators correlating these two actors or their operations,” the researchers said.

The U.S. Department of Homeland Security (DHS) last month suggested it’s possible that Russia might be eyeing a cyberattack against U.S. infrastructure, amid tensions between the countries over Ukraine.

Estimates suggest Russia has stationed more than 100,000 troops on the eastern border of Ukraine. On Wednesday, U.S. President Joe Biden approved sending an additional 3,000 U.S. troops to Eastern Europe.

 

Could it be that Europe has more Guts in Suing Google than the U.S.?

Posted on by

Shame on our Congress but more…shame on the Justice Department for dragging it’s feet when it comes to anti-trust cases against big tech, especially Google.

Google is big…really big but perhaps $2.4 billion will get their attention…and that is just Europe. But then again, maybe not as Google just announced the following:

Google has completed the latest phase of construction at its data center in Council Bluffs, Iowa, bringing its total investment in its Iowa campus to $5 billion.

Google Has Invested $5 Billion in its Iowa Data Centers

A herd of deer outside the equipment yard of the Google data center campus in Council Bluffs, Iowa. (Photo: Google)

The investment milestone by Google is the latest data point on the extraordinary growth of the data center industry in Iowa, which is also home to Meta’s largest cloud campus and a massive build-out by Microsoft in West Des Moines. The Iowa cloud cluster shows the prominent role of the Midwest in cloud geography, providing a data distribution hub in the center of the United States.

***

Google-owner Alphabet faces a massive lawsuit in Europe.

It’s being sued by price-comparison firm PriceRunner for around $2.4 billion.

The Swedish company alleges the tech giant manipulated search results.

PriceRunner wants Google to pay compensation for profits it claims it has lost in the UK since 2008; and Sweden and Denmark since 2013.

A Google spokesperson said the company would defend the lawsuit in court.

It claimed changes made to shopping ads five years ago have worked successfully.

It also said PriceRunner chose not to use shopping ads on Google, so may not have seen the same successes as others.

But PriceRunner said it was ready to fight for years, with financing in place and steps prepared in the event it does not win.

In November Google lost an appeal against a fine of over $2.7 billion imposed by the European Commission in 2017.

It found that the search giant used its own price comparison shopping service to gain an unfair advantage over smaller European rivals.

The seven-year investigation came about due to complaints that Google distorted internet search results in favour of its own shopping service.

PriceRunner is currently in the process of being bought by payments firm Klarna.

***

Pricerunner sues Google for SEK 22 billion - Gamingsym

Source: PriceRunner said Monday that it plans to take Google to court in Stockholm. It’s seeking compensation for damages in relation to a 2017 ruling from the European Commission that Google breached antitrust laws by giving preference to its own shopping comparison product, Google Shopping, through its popular search engine.

After a seven-year investigation into the practices, the EU executive body dealt Google a historic $2.7 billion fine. Google appealed the penalty, but in November 2021, the decision was upheld by the EU’s General Court. The verdict can still be appealed and taken to the EU’s highest court.

PriceRunner CEO Mikael Lindahl said the company launched its lawsuit following “extensive and thorough preparations.”

“We are of course seeking compensation for the damage Google has caused us during many years, but are also seeing this lawsuit as a fight for consumers who have suffered tremendously from Google’s infringement of the competition law for the past fourteen years and still today,” Lindahl said in a statement.

A Google spokesperson said the company looks forward to defending its case in court. The company made a number of changes in 2017 aimed at addressing the commission’s concerns.

“The changes we made to shopping ads back in 2017 are working successfully, generating growth and jobs for hundreds of comparison shopping services who operate more than 800 websites across Europe,” the spokesperson said in an emailed statement.

“The system is subject to intensive monitoring by the EU Commission and two sets of outside experts. PriceRunner chose not to use shopping ads on Google, so may not have seen the same successes that others have.”

PriceRunner alleges Google has not complied with the commission’s ruling and is still abusing its dominant position among internet search engines. It expects the final damages to be “significantly higher” than the interim sum of 2.1 billion euros.

The company, which in November agreed to be taken over by Swedish fintech firm Klarna, wants Google to pay compensation for profits it lost in the U.K. since 2008, and in Sweden and Denmark from 2013 onward.

Klarna spokeswoman Aoife Houlihan said the company was “aware and supportive of this suit.”

“It is fundamental that all tech companies no matter where they operate, compete on the basis of their own merit with the best product and service and then gain consumers’ trust,” Houlihan told CNBC.

“European consumers have been denied real choice in shopping services for many years and this is one step to ensuring this ends now.”

PriceRunner says it’s the largest independent price comparison service in the Nordic region, with over 3.7 million products to select from 22,500 stores across 25 different countries.

U.S. Govt Spent Over $2.3 Million Injecting Puppies With Cocaine

Posted on by

The experiment, revealed through a Freedom of Information Act (FOIA) request filed by the White Coat Waste Project, follows previously unearthed studies funded by National Institute of Allergy and Infectious Disease Director Anthony Fauci that “debarked” beagle puppies.

Seven six-month-old Beagle puppies were forced to wear a drug-injecting jacket that allowed them to be dosed with cocaine again and again and again for months, along with an ‘experimental compound,’ to see how the two drugs interacted.

The year-long experiment, which began in September 2020, was filmed so research could evaluate the puppies’ adverse reactions” to the drugs. Prior to the drugs being administered, the puppies were forced to undergo surgery, where they were implanted with a “telemetry unit” to monitor their vital signs throughout the experiment.

  The study was funded by the National Institutes of Health’s (NIH) Institute on Drug Abuse and costed taxpayers of $2.3 million. More here.

But hold on…Dr. Fauci…Frankenstein was up to more disgusting funding….

The National Institutes of Health (NIH) is funding $27 million in studies marked for use of fetal tissue, according to a new analysis.

The White Coat Waste Project (WCW), which opposes animal experimentation, looked through NIH data to uncover the scope of funding, which includes support for things like transplanting fetal lungs, liver and thymus into mice.

The majority of the reported funding – 79.6% – comes from the National Institute of Allergy and Infectious Diseases (NIAID), which is run by White House Chief Medical Adviser Dr. Anthony Fauci. Overall, NIH expects to spend $88 million on this type of research in fiscal year (FY) 22.

NIH and the Department of Health and Human Services (HHS) did not respond to Fox News’ requests for comment.

Fauci’s institute has come under fire for research surrounding the coronavirus, among other things. More recently, WCW uncovered an experiment in which dogs were injected with cocaine. Other experiments involving humanized mice have surfaced.

One study involved humanizing mice through “reconstitution with human fetal liver (17 to 22 weeks of gestational age).” So far, that project has received funding through multiple NIAID grants, including one with more than $20 million between 2014-2018.

Another study, funded by the National Eye Institute, entailed studying fetal eye cells. That study says the eye cells were obtained from Advanced Biosciences Resources, which has come under fire for its connections to Planned Parenthood. Fetal lungs were also incorporated as part of federally funded research with the University of Wyoming and University of North Carolina – Chapel Hill.

The conservative watchdog Judicial Watch previously released documents showing that the Food and Drug Administration (FDA) sought “fresh” fetal organs from ABR. In one email, the FDA’s Dr. Kristina Howard tells ABR’s procurement manager Perrin Larton that her company “should be prepaid for $12K of tissue purchases.”

Exhibit from NIH-funded study utilizing fetal lungs, liver and thymus.

Exhibit from NIH-funded study utilizing fetal lungs, liver and thymus. (National Library of Medicine)

The issue will likely continue to gain political attention as legislators learn more about various research projects, including those involving human-animal hybrids. Last year, the Senate rejected an amendment geared toward criminalizing participation in research that created certain chimeras, or human-animal hybrids, in expectation that the federal government could lift a moratorium on funding for those projects.

“Dr. Fauci’s funding of research using aborted fetal tissue is disgusting and indefensible,” said Rep. Lisa McClain, R-Mich. “My Safe RESEARCH Act would ensure that scientists can continue important research so long as they’re not using fetal tissue from abortions.” More details here.

Gotta wonder how come not one person in the Biden administration has been critical of this abuse…but we certainly understand why so many loyal religious groups have filed lawsuits and pushed back. What about the Vatican….anyone???

 

The JFK Assassination Debate Rages on

Posted on by

Last December, President Biden authorized additional JFK assassination records to be declassified and released. The documents were so banal, there was virtually no additional chatter or reporting on it.

In case you missed it, click here for those additional documents. There may be some new names in the released documents and we should be asking what other countries have contributed to the whole affair such as Mexico….

Under the law, as of October 1997, ALL the JFK files in the National Archives were to be released and Biden issued an extension to the release date.

In part: Section 1.  Policy.  In the President John F. Kennedy Assassination Records Collection Act of 1992 (44 U.S.C. 2107 note) (the “Act”), the Congress declared that “all Government records concerning the assassination of President John F. Kennedy . . . should be eventually disclosed to enable the public to become fully informed about the history surrounding the assassination.”  The Congress also found that “most of the records related to the assassination of President John F. Kennedy are almost 30 years old, and only in the rarest cases is there any legitimate need for continued protection of such records.”  Almost 30 years since the Act, the profound national tragedy of President Kennedy’s assassination continues to resonate in American history and in the memories of so many Americans who were alive on that terrible day; meanwhile, the need to protect records concerning the assassination has only grown weaker with the passage of time.  It is therefore critical to ensure that the United States Government maximizes transparency, disclosing all information in records concerning the assassination, except when the strongest possible reasons counsel otherwise.

Sec. 2.  Background.  The Act permits the continued postponement of disclosure of information in records concerning President Kennedy’s assassination only when postponement remains necessary to protect against an identifiable harm to the military defense, intelligence operations, law enforcement, or the conduct of foreign relations that is of such gravity that it outweighs the public interest in disclosure.  Since 2018, executive departments and agencies (agencies) have been reviewing under this statutory standard each redaction they have proposed that would result in the continued postponement of full public disclosure.  This year, the National Archives and Records Administration (NARA) has been reviewing whether it agrees that each redaction continues to meet the statutory standard.  The Archivist of the United States (Archivist), however, has reported that “unfortunately, the pandemic has had a significant impact on the agencies” and NARA and that NARA “require[s] additional time to engage with the agencies and to conduct research within the larger collection to maximize the amount of information released.”  The Archivist has also noted that “making these decisions is a matter that requires a professional, scholarly, and orderly process; not decisions or releases made in haste.”  The Archivist therefore recommends that the President “temporarily certify the continued withholding of all of the information certified in 2018” and “direct two public releases of the information that has” ultimately “been determined to be appropriate for release to the public,” with one interim release later this year and one more comprehensive release in late 2022.

Amazon.com: The JFK Assassination Dissected: An Analysis by Forensic Pathologist Cyril Wecht eBook : Wecht, Cyril H., M.D., J.D., Dawna Kaufmann: Kindle Store

Meanwhile, an expert forensic pathologist. Cyril Wecht has just published a new book “The JFK Assassination Dissected”.

Wecht’s latest book, “The JFK Assassination Dissected” (Exposit Books), summarizes his six decades of research into the subject, and pokes holes in the conclusion made by the seven-man Warren Commission that Oswald, without any help, shot and killed Kennedy when his motorcade drove past the Texas School Book Depository in Dallas on Nov. 22, 1963.

“Young people are still being taught that the 35th president was murdered by a lone gunman, and that is simply bulls–t,” Wecht boomed during an interview at his modest office in downtown Pittsburgh last month.

Oswald “had almost certainly been a CIA agent of some kind,” says Wecht, but the directive to kill may have come from higher up. Allen Dulles, director of the CIA from 1953 to 1961, had overseen the disastrous Bay of Pigs invasion to oust Cuban dictator Fidel Castro and had reason to be disgruntled. Dulles also ended up in prime position to participate in a coverup, Wecht conjectured.

“Kennedy had fired Allen Dulles because he was really pissed off about what the CIA was doing,” said Wecht. “Then who gets appointed to the Warren Commission? Dulles. It stinks to high heaven.”

I’ve been working on the book for six years.”

The former coroner of Allegheny County, Pa., Wecht is both a trained lawyer and doctor who has conducted more than 17,000 autopsies and also provided expert testimony on high-profile cases including the deaths of Robert F. Kennedy, Martin Luther King Jr., Elvis Presley, JonBenet Ramsey and Laci Peterson.

The first non-governmental forensic pathologist to gain access to the National Archives to examine the assassination materials in 1972, Wecht discovered and exposed the ghastly fact that the 35th president’s brain had vanished.

“As we sit and talk today, the president’s brain remains missing. Unaccounted for,” he said. More here from the NY Post.

In full disclosure, Dr. Wecht has been on my radio show twice for his previous book(s)and frankly, I agree we are not being told the whole truth about the assassination. Government employees including some in the FBI and CIA challenged evidence and the Warren Commission report as well.

Will we ever know?

$6.4 Billion in U.S. Pandemic Aid Sent Abroad, Including China

Posted on by

Did you know this? Anyone reporting this? Anyone in Congress yelling about it? Crickets…. but it is an outrage. You gotta wonder if the FBI has assigned anyone to investigate…oh never mind. A billion here and there….does it matter to anyone in government or to the taxpayers….

Some 2,000 foreign contractors and nonprofits in 177 countries received more than $6.4 billion in United States’ federal pandemic response assistance between the spring of 2020 and the fall of 2021, according to a report by the U.S. Office of Inspector General’s (OIG) Pandemic Response Accountability Committee (PRAC).

Most of the “prime recipients” are based in the United States and distributed the funds overseas. The $6.4 billion in foreign payments came from two pandemic relief packages passed by Congress in March 2020 and March 2021 totaling $4.1 trillion.

Those prime recipients include federal agencies, including the departments of Defense, Homeland Security and Health & Human Services, the U.S. Agency for International Development (USAID), and nonprofits, such as North Carolina-based Family Health International and Boston-based JSI Research & Training Institute.

Collectively between spring 2020 and Sept. 30, 2021, these federal agencies and nonprofits have approved more than 4,000 contracts and issued 1,000 grants from pandemic relief funds to “sub-recipients” across the globe, including foreign contractors that provide services for the U.S. government and international development and health care organizations.

The largest single international prime recipient is the United Nations, which received $831.4 million in direct pandemic funding, according to the report.

The United Nations, the Global Fund to Fight AIDS, Tuberculosis and Malaria, and the U.N.’s High Commissioner for Refugees received 43 percent of U.S. pandemic relief funding spent overseas, according to the report.

The other top nine prime recipients which spend the relief funds overseas included were: UNICEF ($224 million); FHI ($99.945 million); General Dynamics Global Force LLC ($96.5 million); United Kingdom-based Acrow Global Ltd. ($83.5 million); International Red Cross/Red Crescent ($73.667 million); International Organization for Migration ($68.242 million); JSI ($64.32 million); the African Field Epidemiology Network ($62.5 million) and “miscellaneous foreign contractors” ($366.5 million).

About $2.132 billion of the $6.4 billion in internationally distributed U.S. pandemic relief funds was deposited and distributed through banks in Switzerland because many international nonprofits and organizations are headquartered in Geneva.

According to PRAC, those Geneva-based recipients include $1.5 billion for the Global Fund to Fight AIDS, Tuberculosis and Malaria; $401 million for the U.N. High Commission; $87.856 million for the International Organization for Migration; $78.688 million for the World Health Organization; and $61.4 million for Le Comite International de La Croix-Rouge (Red Cross).

The recipient mix varies from nation to nation. For instance, sub-recipients in Kuwait received the second-highest allocation by nation after Switzerland, $411 million, with most providing services for U.S. information technology and defense contractors, such as Colorado-based Vectrus Systems Corp., which distributed $339 million in pandemic relief funds on contractors and organizations in Kuwait.

The pandemic relief funds that went to non-domestic recipients are in addition, or supplementary, to existing U.S. foreign aid programs, which totaled $51 billion in aid obligations to 11,000 recipients across the globe in 2020.

In 2021, while pandemic relief funds were distributed through USAID, its direct allocation actually declined to $36 billion, which was committed to 8,000 “activities” in 181 countries.

Since spring 2020, USAID maintains it has supported “more than 120 countries in their fight to contain and combat the virus” by providing $5.7 billion for vaccinations, including $700 million to strengthen vaccination programs and to purchase 1 billion Pfizer vaccines for distributions around the world.

During fiscal year 2022, USAID reports it had $4.7 billion “obligated”—$502 million in contracts, $4.2 million in grants—and dispersed $3.1 billion in 781 pandemic relief awards to 287 recipients, including many in Africa.

Phone calls and emails left with officials listed as USAID media contacts did not to elicit a response over a two-week period.Watchdogs warn government faces difficulties stopping ...

PRAC was created within the OIG’s independent Council of the Inspectors General on Integrity & Efficiency (CIGIE) in spring 2020 to track the $2.2 trillion in CARES Act allocations to state and local governments, nonprofits, contractors, and individuals.

With the subsequent adoption of additional federal COVID-19 relief and stimulus packages, including the March 2021 American Rescue Plan Act, PRAC’s 22 inspector generals are now tracking more than $5 trillion in federal pandemic allocations and documenting what is reported by “prime recipients” on its webpage that is accessible to the public on the committee’s website.

But accessibility and transparency doesn’t always translate into comprehensive accounting; there are 21 million “rows” of data on one of PRAC’s dashboards.

OpenTheBooks.com founder Adam Andrzejewski told Epoch Times that while doing a “deep dive” August analysis of the $282.6 billion the U.S. distributed in foreign aid between 2013-18, researchers found discrepancies between the numbers posted by PRAC, USAID, the Department of Treasury, the Congressional Budget Office, the Office of Management and Budget, and the Congressional Research Service.

Many of the discrepancies across the varied tracking and oversight programs are related to specific agency reporting requirements, the type of recipients they deal with, and can mix in assorted federal allocations from different times and programs that are not related to the COVID-19 response.

The bottom line, Andrzejewski said, is it can be daunting to find the bottom line when there are nearly as many haystacks as needles.

“It takes hard work” to ferret through and comprehend the data, he said. “They don’t make it easy.”

According to the Treasury, in 2020 Congress appropriated $3.8 billion for international COVID-19 relief efforts and by April 2021, had added another $10.8 billion in COVID-19 foreign-aid funding, totaling $14.6 billion.

OpenTheBooks maintains the $6.4 billion figure cited by PRAC, and even the $14,6 billion cited by Treasury, does not include all foreign-related COVID-19 spending, such as allocations for the U.S. Health & Human Services global vaccine program, the $9.6 billion in “total COVID-19 budgetary resources” earmarked for USAID, or the American subsidiaries of foreign companies,

According to OpenTheBooks.com, that includes 125 Chinese firms—with “strong ties to the Communist Chinese Party (CCP)”—that received forgivable loans from the $660 billion Paycheck Protection Program (PPP) in 2020, which is also not included in the foreign aid outlays.

PRAC’s Award Details Report lists 27 allocations totaling $14.539 million in pandemic assistance on its webpage to contractors in China through U.S.-based organizations and businesses with the largest —$5.18 million—allocated by DHS to U.S. Tactical Supply, Inc., based in Post Falls, Idaho.

According to USASpending, the May 18, 2020 allocation was for U.S. Tactical Supply’s procurement of 5.396 million face masks made in China.

FHI of Durham, N.C., distributed $99.945 million and the JSI Research & Training Institute, based in Boston, dispersed $64.32 million to contractors and organizations overseas.