Mediaboss Marketing

An international team has completed a preliminary investigative analysis of the black boxes from a Ukrainian passenger jetliner accidentally shot down by Iran in January, Canadas Transportation Safety Board said Thursday.

"The work in Paris is finished, but the investigation is far from over. There are still many key questions that need to be answered," board chair Katy Fox said in a statement, without giving further details.

Fox urged Iran, the country that is leading the investigation, to release information as soon as possible, adding that the country has not authorized the board to release details.

Investigators from the countries of the victims of the plane crash met in Paris this week at France's BEA accident investigation agency to begin extracting the data.

The Ukraine International Airlines plane was hit by two missiles after taking off from Teheran for Kyiv on January 8 and crashed, killing all 176 people on board.

Iran admitted days later its forces accidentally shot the airliner down.

Most of the victims were Iranian and Canadian, and many were dual nationals.

More here:
International Team Completes Analysis of Ukrainian Jet Shot Down by Iran - Voice of America

WASHINGTON - An Iranian father who became an outspoken critic of Irans Islamist rulers after their security forces killed his son in nationwide antigovernment protests last November has begun a second week in the custody of authorities, who rearrested him in response to his ongoing activism.

Iranian security agents arrested Manouchehr Bakhtiari on July 13 at the airport of Irans Kish Island as he and his wife Saeedeh (Sara) Abbasi were finishing a visit to Kish in the countrys south and preparing to board a north-bound flight to their home in Tehran, according to family members who spoke to Western-based media outlets. They said Abbasi also was detained for several hours before being released and allowed to fly to Tehran on her own.

Speaking to VOA Persian from Tehran on Monday, Manouchehr Bakhtiaris brother Mehrdad said Manouchehrs detention had stretched into a second week.

In an earlier Instagram video posted on July 17, Mehrdad Bakhtiari said Iranian intelligence ministry agents told the family that Manouchehr had been transferred from Kish to a prison in the southern city of Bandar Abbas.

It is the second time Iranian authorities have arrested Manouchehr Bakhtiari since he began speaking out against the Iranian government for its killing of his son Pouya and hundreds of people who joined the November 2019 street protests. Irans ruling clerics sparked the demonstrations by announcing a 50% increase in subsidized gasoline prices in a recession-hit economy plagued by mismanagement and U.S. sanctions.

Pouya Bakhtiari, 27, was shot in the head and killed by Iranian security forces in the northern city of Karaj on November 16, as he participated in the second day of themostly-peacefulprotests.

ManouchehrBakhtiari was first arrested with his ex-wifeNahidShirbisheh,Pouyasmother, on December 23, 2019, three days before a publicgatheringthey were organizing atPouyasgrave in a Karaj cemetery to mark the end of a traditional 40-day mourning period for their son.

They had used Instagram to appeal to the public and journalists to join them at the gravesite. But on the day of the gathering, security forces dispersed mourners who heeded the call and made arrests.

Iran Ramps up Repression to Stop Memorials for Slain Protesters

In one of several repressive moves Thursday, Iranian authorities broke up a gathering marking end of 40-day mourning period for a man killed in anti-government protests last month

Authorities released the grieving father, whom they had charged with national security offenses, on bail on January 25.

There has been no comment from Iranian officials in state media regarding Manouchehr Bakhtiaris status since his July 13 re-arrest.

In an interview with VOA Persian on July 17, Mehrdad Bakhtiari said his brother last had contact with family members on the night of July 13 at Kish airport prior to being detained. He said he later learned that authorities had arrested Manouchehr for allegedly stealing a mobile phone.

Manouchehr Bakhtiari and his wife had traveled to Kish as part of a social media campaign against a proposal by cash-strapped Iran to accept massive Chinese investments in key Iranian infrastructure as part of a draft agreement between the two economic allies.

Iranian critics of the proposal, which has yet to be approved by Irans parliament or outlined in detail by China, say they believe it will grant Beijing ownership of Iranian natural resources and islands such as Kish. The Iranian government has denied offering such concessions to China.

In one of several mobile phone videos that he posted on his Instagram account from a Kish shoreline on July 12, Manouchehr Bakhtiari held up a flag of Iran predating its 1979 Islamic Revolution and said he seeks justice for all those killed by the nations Islamist rulers, as well as justice for Iranian territory, as he put it. In another video, he accused those rulers of trying to sell out that territory to China.

In the weeks before his Kish visit, Bakhtiari had made other public statements criticizing the Iranian government.

In a June 22 Instagram video, Bakhtiari disavowed images, published by Iranian state media earlier in the month, appearing to show him honoring top Iranian military commander Qassem Soleimani, who was killed in a January 3 U.S. airstrike on Baghdad. One such image, seen by VOA Persian, showed Bakhtiari holding up a poster of a smiling Soleimani.

In the Instagram video, Bakhtiari said Iranian authorities had forced him to hold the poster at a memorial for Soleimani in the days after the U.S. attack, while Bakhtiari was still in his first period of detention. He accused the government of trying to fool Iranians by circulating the imagesand alsodenounced Soleimani as a mercenary.

Bakhtiari kept up the pressure on Irans government by writing to U.N. human rights officials to urge them to establish a commission to investigate what he called Tehranslethal repressionof the November 2019 protests. The New York-based Center for Human Rights in Iran (CHRI) posted Bakhtiaris letter online on June 28.

Irans regime is trying to silence Manouchehr,Mehrdad Bakhtiari told VOA Persian.

The activism of Manouchehr Bakhtiari and his family and the Iranian governments attempts to suppress it have captured the attention of the Trump administration.In a March 11 speech unveiling the annual U.S. report on international human rights practices,Secretary of State Mike Pompeo said the Bakhtiari family wasliving in fear under house arrest.

I want great Iranians like theBakhtiaristo know America remembers those lost and stands for their freedom,Pompeo said.

This article originated in VOAs Persian Service.Click here for the original Persian version of the story.

The rest is here:
Slain Iranian Protester's Activist Father Detained by Iran for 2nd Week Following Rearrest - Voice of America

Text Size:A- A+

The Democratic Partys draft platformfor the 2020 election cycle sees the world as I did when I was a Model United Nations delegate: A place where foreign policy is a vessel for pious intentions, and informed by the common good.

Back then, I argued that India and Pakistan could sheath the daggers they held at each others throat if the leaders in New Delhi and Islamabad simply set aside their blood-soaked history and had a rational, reasonable discussion. So what if General Mohammed Zia-ul-Haq, the Pakistani dictator at the time, was a religious fanatic, menacing his own people as much as the neighborhood? Surely he would recognize the benefits, economic and political, of peace in South Asia?

In my defense, I was 14 at the time.

The authors of the Democratic platform, all grown-ups, have the same faith in Ayatollah Ali Khamenei as my wide-eyed schoolboy had in General Zia. They imagine that the Supreme Leader of the Islamic Republic will mend his ways if only he can be persuaded that the U.S. is not out to get him.

Democrats believe the United States should not impose regime change on other countries, and reject that as the goal of U.S. policy toward Iran, they write. Instead, under President Joe Biden, Washington should prioritize nuclear diplomacy, de-escalation, and regional dialogue.

That means a return to the 2015 nuclear deal with Iran, known as the Joint Comprehensive Plan of Action. The authors argue that the Trump Administrations unilateral withdrawal from the JCPOA isolated us from our allies and opened the door for Iran to resume its march toward a nuclear weapons capacity that the JCPOA had stopped. Thats why returning to mutual compliance with the agreement is so urgent.

Once that happens, there should be a comprehensive diplomatic effort to extend constraints on Irans nuclear program and address Irans other threatening activities, including its regional aggression, ballistic missile program, and domestic repression.

We are deeply grateful to our readers & viewers for their time, trust and subscriptions.

Quality journalism is expensive and needs readers to pay for it. Your support will define our work and ThePrints future.

SUBSCRIBE NOW

Under normal political circumstances, all this policy pablum is easily dismissed as the kind of virtue-signaling to be expected from both parties ahead of their presidential conventions. The 180-member platform committee will examine the Democratic draft next week and recommend any amendments before ratification at the convention in Milwaukee next month.

After the conventions, the presidential candidates cherry-pick talking points from their party platforms. Once elected, a president is in no way bound to follow through on the promises therein.

But the Iran-related proposals in the Democratic platform merit alarm, not only becauseBiden is listed as one of the 15 authors, but because they are consistent with his position on the Islamic Republic. If Tehran complied with the terms of the JCPOA, he wrote earlier this year, I would rejoin the agreementand use our renewed commitment to diplomacy to work with our allies to strengthen and extend it, while more effectively pushing back against Irans other destabilizing activities.

As Ive pointed out, the former vice president has ahistory of endorsing woolly and reckless ideas, especially in connection with the Middle East. But few are more dangerous than the notion that Iran can be talked out of its other destabilizing activities. That catch-all term encompasses the slaughter of Sunni Muslims in Syria and Iraq, support for fanatical Shiite militias across the Middle East, the promotion of Lebanese and Palestinian terrorist groups, attacks against civilian shipping in international waters, assistance for the Maduro regime in Venezuela, assassination campaigns against opposition figures in Europeand cyber attacks against the U.S.

Taken together, these activities comprise the bulk of Irans foreign policy since the formation of the Islamic Republic in 1979. Biden imagines Khamenei can be persuaded to give it all up, in exchange for relief from U.S. economic sanctions and after more diplomacy. That was the expectation of his boss, President Barack Obama, when the JCPOA was signed.

But that was never in the realms of possibility. While the nuclear deal was being negotiated, Khamenei repeatedly said he would brook no discussion about anything else. Nor did he demonstrate any goodwill on this front, much less a change of heart,after the JCPOAwas signed. Iran did not and will not hold talks with (the U.S.) onissues other than nuclear negotiations, he said. We agreed to hold talks with America only on the nuclear issue and for particular reasons.

Iran stepped up all those other destabilizing activities even as the world powers that signed the JCPOA began to dismantle the economic sanctions. Tehran ramped up its support for Syrian dictator Bashar al-Assad, for Shiite militias in Iraq and for the Houthi rebels in Yemen. Having turned a blind eye to Irans misbehavior in his eagerness to get a deal done, Obama was unwilling to punish the regime afterward, whether for fear of endangering what he saw as his biggest foreign-policy success or out of consideration for the other signatories.

Trumps withdrawal from the JCPOA was arguably hasty, possibly even unnecessary: A more politic and defensible strategy would have been to simply impose tight U.S. sanctions on the regime for those other activities, while giving it no excuse to resume nuclear enrichment and denying the other signatories the high horse from which they now criticize Washington for reneging on a deal.

But to promise a unilateral American return to the JCPOA is to ignore the lessons of recent history. The nuclear deal was always meant to be the beginning, not the end, of our diplomacy with Iran, say the authors of the Democratic platform. For Khamenei, it was and ever will be the end, not the beginning. As long as he and his ilk remain in power, Iran will remain an intractable menace. Bloomberg

Also read: What is Mahdi Army? The group Iraqi Shia cleric wants to reactivate after Soleimani killing

Subscribe to our channels on YouTube & Telegram

News media is in a crisis & only you can fix it

You are reading this because you value good, intelligent and objective journalism. We thank you for your time and your trust.

You also know that the news media is facing an unprecedented crisis. It is likely that you are also hearing of the brutal layoffs and pay-cuts hitting the industry. There are many reasons why the medias economics is broken. But a big one is that good people are not yet paying enough for good journalism.

We have a newsroom filled with talented young reporters. We also have the countrys most robust editing and fact-checking team, finest news photographers and video professionals. We are building Indias most ambitious and energetic news platform. And we arent even three yet.

At ThePrint, we invest in quality journalists. We pay them fairly and on time even in this difficult period. As you may have noticed, we do not flinch from spending whatever it takes to make sure our reporters reach where the story is. Our stellar coronavirus coverage is a good example. You can check some of it here.

This comes with a sizable cost. For us to continue bringing quality journalism, we need readers like you to pay for it. Because the advertising market is broken too.

If you think we deserve your support, do join us in this endeavour to strengthen fair, free, courageous, and questioning journalism, please click on the link below. Your support will define our journalism, and ThePrints future. It will take just a few seconds of your time.

Support Our Journalism

See more here:
Why the US Democratic Party just doesnt get Irans ruling regime - ThePrint

Mon, Jul 20, 2020

IranSourcebyTahereh Hadian-Jazy

A 15-acre fire in Ardabil, Iran (IRNA)

Iran has been ravaged by hundreds of brush and wildfires spreadingacross thousands of acres since May 22. The phenomenon is not entirely new but, the number of fires have increased by 2.5 percent compared to last year at this time. The fires have raised questions and concerns as to whether they were caused by accident or arson.

The Arasbaran forest in northwestern Iran was the latest to catch fire in early July. The Kurdistan, Kermanshah, and Bushehr provinces have also been dealing with forest fires in the past few months, while fires in the Khuzestan, Lorestan, and Ilam provinces in June not only destroyed forests, but acres of vegetation, pastureland, and grassland. The fires in the Ludab region of Kohgiluyeh and Boyer-Ahmad province devastated pastureland and also burned down many trees. On June 26, 3,217 square yards of the protected forests of Fasa in Fars province burned.

According to Deputy Agriculture Minister and head of the Forest Organization Masoud Mansour, 90 percent of the fires were caused unintentionally by human error. The fires in Estahban in Fars province started because of the carelessness of visitors.

Iranians have told me that another reason for the fires is the lack of precautionary measures taken by smokers who dont dispose of their cigarettes properly.

The remaining 10 percent or intentional fires were often motivated by personal interest. Some farmers burn parts of the forest adjacent to their land to expand crop planting or because of their rivalry with other landowners. Some seek to use the land for other purposes.

An individual reportedly involved in the Rezvanshahr forest fire in Gilan province was arrested and confessed to committing arson. He is apparently a resident of that northern region. The alleged arsonist said he acted out of revenge because he had been prosecuted for chopping down trees and illegally selling the wood earlier this year.

Climate change also plays a role. Recently, in Gilan province, strong warm winds caused fires to spread over about 104 acres of forest. During the summer, when high winds are prevalent, fires spread swiftly. Talesh, Rudbar, Rasht, Siahkal, Rezvanshahr, Astaneh, and Ashrafieh are among the northern cities affected by high winds that can spread wildfires. Even more importantly, drought has played a big role in contributing to the fires in the south and central parts of the country. Dried-out vegetation provides more fuel for the fires, igniting easily and spreading flames quickly.

Iranians have taken to social media to post their concerns about the environmental impact of the fires. There are worries about the wild life in Khenj in Fars province, where unique types of animals and birds exist. Wildfires have also threatened the Khaeez Protected Area, which was registered as a sanctuary in 1998 due to its 82 acres of forest inhabited by unique life forms. Khaeez forest is home to more than 1,500 wild goats and other rare wildlife, such as leopards and caracalsalso known as the Persian lynx. These animals are now endangered due to the forest fires.

Though the Iranian government has managed to contain the wildfires quickly in most cases, there have been instances where they have fallen short. Deputy Agriculture Minister Mansour noted that there have been six cases in which putting out forest fires took longer than expected. This is because they did not have the required resourcesnamely firefighter helicopters, which spray and drop buckets of water. While the helicopters are not that expensive, there is a deficiency of this specific type of helicopter, according to Mohammad Darvish, an environmental activist. Mansour explained, While we have had about eight hundred conflagrations since March 21, if it werent for financial provisions, the harm of such cases would be even more.

According to many analysts, including an anonymous former official that has worked in the Science and Higher Educational Ministry, the Iranian governments failure to procure sufficient helicopters is partly due to US-imposed sanctions and the economic harms caused to the Iranian economy. Mansour blamed the lack of resources on a debt the Forest Organization owed the Defense Ministryanother consequence of sanctions, which has increased budget deficits. It is also possible that officials at the Forest Organization did not foresee the need for this equipment.

Now that these fires are becoming more common, the government has announced that it will provide the necessary equipment.

Its worth noting that many Iranian volunteers on the local level have played a major role in putting out forest fires. Some have also lost their lives. Alborz Zarei, a volunteer, died while extinguishing the fire in Zagros Mountains in the southwestern part of the country. Zarei was an environmental activist and enjoyed hiking in the mountains.

The cascade of forest fires has increased frustration and skepticism among many Iranians. Shima, a lawyer in Tehran, who asked that her last name not be mentioned, told me that it is hard for her to accept that the forest fires are happening so frequently. She is among the Iranians that are concerned that the issue of the environment has been used for political purposes by individuals and groups. As the debate continues, fires continue to burn.

Tahereh Hadian-Jazy is a freelance writer in Iran. She holds a masters degree in modern Middle Eastern studies from Oxford University and has been accepted for a PhD at the University of St. Andrews.

Tue, Jul 14, 2020

While the attacks have been embarrassing to Iran and exposed the shortcomings of its intelligence and security apparatuses, they could also backfire, adding support to those who argue that Iran should withdraw completely from the Joint Comprehensive Plan of Action or even the nuclear Non-Proliferation Treaty.

IranSourcebySina Azodi and Mohsen Solhdoost

Fri, Mar 29, 2019

The Iranian new year, Nowruz, is supposed to be a time of joy and celebration when Iranians visit family and go on vacation in other provinces. But for many this year, it was a time of sorrow and loss. Heavy rains, first welcomed in the drought-stricken country, turned into catastrophic floods. Twenty-eight of Irans thirty-one []

IranSourcebyHolly Dagres

Read more:
The forest fires in Iran that won't stop burning - Atlantic Council

Even top-tier security professionals make catastrophic mistakes, and this time it was the operators at Irans ITG18. Were once again talking about the strange shadowy world of state sponsored hacking. This story comes from the IBM X-Force Incident Response Intelligence Services (IRIS). I suspect a Deadpool fan must work at IBM, but thats beside the point.

A server suspected to be used by ITG18 was incorrectly configured, and when data and training videos were stored there, that data was publicly accessible. Among the captured data was records of compromised accounts belonging to US and Greek military personnel.

The training videos also contained a few interesting tidbits. If a targeted account used two factor authentication, the attacker was to make a note and give up on gaining access to that account. If a Google account was breached, the practice was to start with Google Takeout, the service from Google that allows downloading all the data Google has collected related to that account. Yoiks.

Weve covered many kernel level exploits in this column, but never have we covered a guide quite like the one just published by Secfault Security. They attempt to bridge the gap between being a developer and an exploit author, walking us through the process of building an actual working exploit PoC based on a Google Project Zero write-up.

Microsoft is continuing to develop their Linux presence, this time by re-engineering Process Monitor as ProcMon for Linux. A bit of history, Process Monitor is part of the Sysinternals suite, originally developed by [Bryce Cogswell] and [Mark Russinovich], founders of Winternals. Incidentally, they also broke the Sony BMG rootkit story, using sysinternals tools. Less than a year after that story broke, Winternals was acquired by Microsoft, and while [Cogswell] has moved on, [Russonovich] has stayed with Microsoft, and is now the CTO of Azure.

ProcMon is written in C++, and released under the MIT license. It keeps track of the system calls happening on machine in real time, giving a detailed look at the activity of the system. Its useful for security, debugging, and troubleshooting performance issues. All in all, its a really handy tool, and should be a useful part of the sysadmins toolbox. The source is available under an OSI approved license, so the various distros should pick up and package ProcMon before long.

Windows Server supports a couple of ways to run processes in containers: HyperV containers, and Windows Server Containers. Its fairly widely accepted that virtualization based containerization provides a more secure isolation. That is, if a virtualized container is compromised, is far more difficult for an attacker to migrate out and attack the host machine, as compared to a kernel based containerization.

The news is a new way to escape a Windows Server Container. While not encountered as often as on a Linux machine, Windows does support symbolic links. Reading through the deep dive also makes it clear how much modern Windows machines are becoming POSIX machines with a Windows compatibility layer on top. For example, the C: directory is actually a global symlink to DeviceHarddiskVolumeX.

If a containerized process could create a global symlink, AKA one that pointed to the root directory, then the container escape would be trivial. As expected, the container security controls dont allow the isolated processes to create such a symlink during runtime. That said, there is a particular function that can be abused to create the global symlink. The specific function parameters have yet to be disclosed, in order to make in-the-wild exploitation just a bit more difficult.

The story of a security audit on a website caught my eye this week, put together by [Maxwell Dulin]. The password reset form is the focus here, and it has a few problems. The first one is a common flaw: the password reset form verifies whether a given email address is in the system. Its not the worst flaw, but it does give an attacker information he can guess email addresses, and gets confirmation when there is an account with that address.

The next flaw is a subtle one, the contents of the password reset email are generated using the host sent in the HTTP request. That normally works as expected: A user goes to ourwebsite.com/reset, inputs their email address, and submits the form to generate a password reset request. They get an email with a link back to ourwebsite.com that allows the password reset. An attacker, however, can send a malicious HTTP request to the password reset form, using someone elses address, and manipulate the Host value. The reset email now points to the injected host. If the user clicks the link in the email, the magic value is sent to host specified by the attacker, who can then go reset the users password.

The last flaw [Maxwell] found was the worst of the bunch. The reset token is confirmed when the user first clicks the link sent via email, but it isnt confirmed when the password is actually updated. You could create your own account, go through the password reset process, and then change the password reset form to point at another users account. Because the back-end sees you as already authenticated, it dutifully sets the new password, even if the account specified isnt yours.

None of us will likely use the little website that this audit was performed on, but the steps described and problems to look for are a good guide for anyone needing doing the same.

CVE-20191367 is an older bug at this point, found being exploited in the wild in 2019, and given a full write-up by Confiant. Its yet another vulnerability in Internet Explorers jscript engine. For a very brief review, jscript.dll is the deprecated IE implementation of Javascript. Its no longer the default implementation, but can be requested by a web page for compatibility purposes. It appears that jscript.dll is only accessible in Internet Explorer, and neither iteration of Edge support the legacy implementation at all.

This vuln was being actively used by state actors and was a watering hole style attack, where simply visiting the malicious site was enough to compromise. The next page of the write-up goes into the technical details. This is a class of vulnerability that we havent covered before. Its a use-after-free in a garbage collected language.

Garbage collection is the alternative to manually freeing memory when finished with it. One of the advantages is that it is supposed to make use-after-free bugs a thing of the past, so whats going on here? The garbage collection code in jscript.dll doesnt properly track the reference count in certain situations. This bug specifically deals with the Array.sort() callback function. Arguments to that function arent properly tracked, so the JS instance can be manipulated such that a GC sweep frees an object that will be later accessed.

For the exploit and further analysis of how this flaw was used in the wild, check out part 2 and part 3 of the full write-up.

See the article here:
This Week In Security: Iran's ITG18, ProcMon For Linux, And Garbage Collection Fail - Hackaday