Archive for the ‘NSA’ Category

Quashing Detention Order, Allahabad HC Asks Govt to Exercise NSA With ‘Extreme Care’ – The Wire

New Delhi: The Allahabad high court on Monday quashed the detention order of Javed Siddiqui under the stringent National Security Act (NSA) on the grounds that the authorities did not present his petition report before the advisory board on time.

According to a report in the Indian Express, a division bench of Justice Pradeep Kumar Srivastava and Justice Printinker Diwaker quashed the detention order on a habeas corpus plea by Siddiqui and observed that a law such as the NSA had to be exercised by the executive with extreme care.

Where the law confers extraordinary power on the executive to detain a person without recourse to the ordinary law of the land and to trial by courts, such a law has to be strictly construed and the executive must exercise the power with extreme care, the court said and noted that the executive was under obligation to pass detention order according to procedure established by law.

The court also ordered the forthwith release of Siddiqui, if he was not required in any other case.

The history of personal liberty is largely the history of insistence on observation of the procedural safeguards. The law of preventive detention, though is not punitive, but only preventive, heavily affects the personal liberty of individual enshrined under Article 21 of the Constitution of India and, therefore, the Authority is under obligation to pass detention order according to procedure established by law and will ensure that the constitutional safeguards have been followed, the high court observed.

Siddiqui was arrested earlier this year in June and booked under for arson and rioting after a number houses belonging to people from the Dalit community had been burnt down at Bhadethi village in the Sarai Khwaja locality of Jaunpur.

As per the courts order, the detention order against Siddiqui was passed on July 10 and the petitioner gave his representation July 20. The detention order for Siddiqui was approved on July 21, 2020. It is evident that the representation so given by the petitioner (Siddique) was well within the prescribed period of 12 days, the court said and noted that Siddiquis representation was rejected on August 14, 2020, after the advisory board had already made the recommendation for approval of the detention order on August 12.

Also read: UP is Primarily Using the National Security Act Against Those Accused of Cow Slaughter

The record shows that the representation of the petitioner was not placed before the Advisory Board till 12.08.2020 (August 12) even though the same was filed on 20.07.2020 (July 20). It remained pending with the State Government and after two days from the date the Advisory Board sent the recommendation, the same was rejected, the high court said.

The court also said that the state authority had given no reasonable explanation for the delay in forwarding the petitioners representation and not placing it before the advisory board. It is evident from the record that while extraordinary haste was shown in taking action against the petitioner, the authorities remained reluctant and there was complete inaction on their part causing an unjustified delay in processing the detenues representation against his detention under the NSA, the bench said in its order.

This inaction on the part of the authorities certainly resulted in deprivation on the right of the petitioner of the fair opportunity of hearing and it also resulted in denial of the opportunity of fair hearing to the petitioner as provided under the law. This is not permissible and is in gross violation of established legal and procedural norms and legal and constitutional protection, the Allahabad high court said.

The court said that it was of the opinion that delaying and not placing the representation before the advisory board speaks in volume about the reluctance on the part of opposite parties.

The plea of Covid-19, officials suffering from pandemic, intervening holiday or negligence on the part of an official on account of which he was suspended, are no reason, which could be attributed towards any fault or lapse on the part of the petitioner. Even on the date when the case was fixed before the Advisory Board, the authorities could have placed the representation of the petitioner before the Board. Thus, we find that no reasonable explanation has been given for the delay and not placing the representation before the Board, the high court said.

Reportedly in June, following an alleged brawl among children, over a dozen huts of people from the Dalit community were set ablaze and massive damages were caused to 14 other houses. The FIR registered against Javed Siddiqui accused him of attacking the Bhadethi village slums along with 80 people and indulging in riots and arson there while heaping anti-Dalit abuses on the slum inhabitants.

Siddiqui was later arrested and the Jaunpur district magistrate subsequently on July 10 issued a detention order against him under section 3(2) of the National Security Act.

In his habeas corpus plea, Siddiqui contended that he was not given a fair opportunity to present his case before the UP advisory board, Lucknow to challenge the detention order. He alleged that neither his representation was placed before the advisory board in time nor he was supplied relevant documents about his detention under the NSA.

Earlier this year, in response to the Uttar Pradesh governments repeated instances of invoking the National Security Act against alleged cow slaughter cases, the Allahabad high court raised concerns that the law was being misused to target innocent people.

(With inputs from PTI)

See more here:
Quashing Detention Order, Allahabad HC Asks Govt to Exercise NSA With 'Extreme Care' - The Wire

VMware fixes zero-day vulnerability reported by the NSA – BleepingComputer

VMware has released security updatesto address a zero-day vulnerability inVMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector.

The vulnerabilityis a command injection bug tracked asCVE-2020-4006 and publicly disclosed two weeks ago.

While it did not issue any security updates at the time it disclosed the zero-day, VMware provided a workaround to help admins mitigatethe bug on affected devices.

If successfully exploited, the vulnerabilityenables attackers to escalate privileges and execute commands on the host Linux and Windows operating systems.

The full list of VMware product versions affected by thezero-day includes:

While initially, the company didn't disclose the identity of the organization or researcher who reported the vulnerability, VMware acknowledged the US DefenseDepartment'sintelligence agency contribution in an update to the security advisory made on Thursday.

VMware also lowered the bug'sCVSSv3 base score to 7.2/10 and the maximum severity rating from 'Critical' to 'Important.'

CVE-2020-4006 exists intheadministrative configurator of some releases of VMware Workspace ONE Access, Access Connector, Identity Manager, and Identity Manager Connector.

"A malicious actor with network access to the administrative configurator on port 8443 and a valid password for the configurator admin account can execute commands with unrestricted privileges on the underlying operating system," the advisory explains.

"This account is internal to the impacted products and a password is set at the time of deployment. A malicious actor must possess this password to attempt to exploit CVE-2020-4006."

Threat actors can obtain the password needed to exploit the vulnerability using techniques documented in the MITRE ATT&CK database.

VMware released security updates that fully mitigate the vulnerability on devices running one of the affected products.

Information onpatch deployment steps, expected changes, and how to confirm that the patch has been applied are available within the patch files.

Links to download security updates forCVE-2020-4006 are available in the table embedded below.

DHS-CISAencouragedadmins and users on Thursday to apply the patchissued by VMware to thwart attackers' attempts to take over vulnerable systems.

Admins who can't immediately download and deploy the patch can still use the temporary workaroundthat fully removes the attack vector on impacted systems and prevents CVE-2020-4006 exploitation.

Details on how to implement and revert the workaroundonLinux-based appliances andWindows-based servers are available HERE.

However, once the workaround is applied, "configurator-managed setting changes will not be possible" asVMware explains.

More:
VMware fixes zero-day vulnerability reported by the NSA - BleepingComputer

AMESIA:33 IoT device vulnerabilities. Mexican police alleged to pass spyware to cartels. The US NDAA nears passage. Hacking lockers. – The CyberWire

Researchers at Forescout this morning released a report on a set of TCP/IP vulnerabilities theyre calling AMNESIA:33, the 33 referring to the number of vulnerabilities theyve found. Four they consider critical, and in general the issues are believed to broadly and deeply affect Internet-of-things devices. SC Magazine says that the US Department of Homeland Security is expected to release a report on the vulnerabilities soon, perhaps as early as today.

Both Haaretz and the Guardian are reporting on Forbidden Stories Cartel Project, which describes the ways in which Mexican police, users of NSO Groups lawful intercept products, have allegedly been reselling that technology to drug cartels, which in turn have used the spyware to monitor journalists and other third-parties. Some of the allegations are attributed to sources in the US Drug Enforcement Agency.

According to the Washington Post, despite the prospect of a Presidential veto, the US House appears ready to pass the National Defense Authorization Act (NDAA). CyberScoop summarizes the significant cybersecurity measures the NDAA ("biggest cyber bill ever") includes.

ZDNet reports that 2,732 PickPoint package delivery lockers across Moscow were opened by a criminal who hacked the PickPoint app. Landlords and guards responded quickly to keep an eye on obviously malfunctioning lockers. Russian security organizations (and by implication law enforcement organizations) take a lot of stick in these pages (see, for example, yesterdays warning from NSA that Russian intelligence services are actively exploiting a VMware bug), but this is one case where we wish the Militia good hunting.

View original post here:
AMESIA:33 IoT device vulnerabilities. Mexican police alleged to pass spyware to cartels. The US NDAA nears passage. Hacking lockers. - The CyberWire

NSA warns livestock worrying is on the rise – South West Farmer

The National Sheep Association (NSA) has received an increase in reports of attacks on sheep by dogs over recent weeks, most likely linked to continuing Covid-19 restrictions including several regional and national lockdowns across the UK.

Consequently, it is urging the public to take responsibility for their actions when in the countryside, and especially near livestock.

A spokesperson said: "First and foremost, dog owners must keep their animals under control and on a lead when walking near sheep. Not only do dogs pose a threat of injury to sheep, but at this time of year, when most ewes are already or soon to be in lamb the stress of being chased can lead to the pregnant sheep losing their lambs.

"Sheep are a hugely valuable asset to the farmer, and any damage to the flock can have detrimental effects. Likewise, sheep worrying is also a hugely traumatic experience for the shepherd, with several studies carried out by NSA showing that the risk of a potential attack happening causes significant stress and anxiety to farmers.

"Recent cases of sheep worrying have resulted in dogs being shot as a last resort option to halt a serious attack. This, of course, is never an action carried out by a farmer with ease but the law states that a farmer is in his/her rights to shoot an animal if it is found to be in the act of worrying livestock and dog owners should be aware of the potential danger they put their pet dog in if they are not responsible whilst out walking."

Read next: Loose dog kills flock of 16 sheep overnight

NSA chief executive Phil Stocker said: It must be stressed to owners who allow their dogs to chase, attack and potentially kill livestock that it is a criminal act and for very good reason. Few people would understand the stress and anger that a farmer or shepherd goes through by finding a dog attacking and killing sheep and very occasionally this can result in dogs being shot. We appreciate how distressing this would be for a dog owner but very few farmers would do this out of choice and anyone driven to do this would be highly distressed by the action as well I am certain.

Attacks on dogs often cause huge financial cost for the farmer but for most the initial stress and anxiety is equally impactful. The only way to avoid incidents like this is for dog owners to take proper responsibility for the dogs know where they are at all times and keep them on leads anywhere in the vicinity of livestock.

NSA is also urging dog walkers as well as others enjoying the countryside at this time to be aware of their responsibility in terms of the Covid-19 pandemic. When passing through farmland and farmyards walkers must be vigilant and consider that touching gates, fence posts, and stiles could potentially contaminate them which in turn could increase the viral spread to farmers and other walkers. Contact with these objects should be minimised and hands sanitised or washed as often as possible.

More here:
NSA warns livestock worrying is on the rise - South West Farmer

Madhya Pradesh: Raid on Congress leaders gambling den unearths illegal weapons and ammunition, booked under NSA – OpIndia

On 6th November, a special police team in Madhya Pradesh had raided a gambling den owned by Congress leader Gajendra Sonkar alias Gajju and recovered many illegal weapons and live ammunition. Out of the 17 recovered pistols, two were found to be licensed in the name of an employee at his stone crusher plant. Police have arrested the employee and initiated the process of cancelling the license.

During the search at his house, 17 illegal weapons, including two carbines, 19 magazines, and 1478 different cartridges, were recovered. Two of them were registered in the name of one Prashant Patial, a resident of Modivada Cantt. During the investigation, the special team found that Patial works at Sonkars stone crusher as a supervisor at a monthly salary of 15,000 rupees.

In the initial interrogation, police found out that Sonkar got the license in Patials name as there were criminal cases registered against him. Sonkars arms license was cancelled in 2014. SP Sidharth Bahuguna said that they had initiated the process to cancel the license of the two pistols.

On 6th November, Madhya Pradesh Police raided the house of former MP Congress Committee secretary and Congress leader Gajendra Sonkar. During the house search, they recovered a large cache of weapons, including 17 pistols that included two carbines, 1478 live cartridges, 19 magazines, an axe, and more. The police arrested 41 gamblers and recovered 42 mobile phones, playing cards, and 7.4 lakh cash as well.

SP Siddharth Bahuguna said on 6th November that they had booked Gajendra Sonkar, his brother Mahendra Sonkar alias Monu, his father Rajkumar Sonkar alias Babu Nati, manager Rajneesh Verma, Bhailal Patel, and Omkar alias Babua Sonkar in the case. While the police arrested Gajendra and Mahendra, others are still absconding. Police have announced Rs.5000 bounty on the absconding accused.

The illegal weapons and other incriminating material were recovered when the special police team had raided a gambling den run by Sonkar on November 6. 41 gamblers were caught in the act and over 7 lakh rupees in cash was also found.

As per the reports, the District Magistrate and Collector Karmaveer Sharmas court imposed the National Security Act on the Sonkar brothers on Friday based on the report submitted by SP Bahuguna. Gajendra has 12 cases registered against him under the Prevention of Gambling Act, assault, Arms Act, attempt to murder, Explosive Substances Act, etc. His brother Mahendra has five cases under assault, theft, arms act, gambling registered against him. As the NSA has been imposed on the brothers, they will remain in Central Jail even after their remand period is over.

Other accused in the cases, Gajendra Sonkars father Nati Babu Sonkar, manager Rajnish Varma, associates Bhailal Patel and Omkar Sonkar are absconding. The district police has declared rewards of Rs 5000 each on them.

Gajendra Sonkar is a Congress leader and has been seen with senior party leaders in the past. His Twitter account says that he had been spearheading party membership campaigns in the area. He had shared photographs of himself with Rahul Gandhi and Kamal Nath.

In another news, Jabalpur Police has raided an illegal arms manufacturing factory. As per the reports, long-distance slingshots used during CAA-NRC protests and riots were manufactured here. The infamous slingshots were made with the help of YouTube tutorials and were highly accurate even at 150-200 meter range. During the protests, they were in high demand in Hanumanatal, Gohalpur, Adhartal region.

Police have recovered six swords, airguns, and other weapons during the raid. Hanumanatal police station in-charge of Umesh Golhani said that the factory belonged to Shahnawaz alias Ravi Ansari, resident of Thakkar village. According to CSP, Akhilesh Gaur said that Ansari has been manufacturing arms for a long time. He had manufactured many custom-made weapons for criminals in the past. Police are now making a list of his customers for further action.

The rest is here:
Madhya Pradesh: Raid on Congress leaders gambling den unearths illegal weapons and ammunition, booked under NSA - OpIndia