Mediaboss Marketing

Sugar Grove, West Virginia was, by the accounts of its residents, a fine place to live until the Pentagon shuttered the sprawling naval base that sustained the town for decades leaving it with a state secret as its sole remaining attraction. A new documentary film by director Elaine McMillion Sheldon, a longtime chronicler of West Virginian life, visitsSugar Grove after the base was decommissioned and being auctionedoff, and traces the abiding shadow of a nearby National Security Agency facility still looming over the town.

The film is embedded above.

Antennae at the NSA listening post, codenamed TIMBERLINE, were built to capture Soviet satellite messages as they bounced off the moon, imbuing a pristine stretch of Appalachia with a sort of cosmic gravity. Residents lived with the knowledge that something was hidden away on a hilltop above the town, even if it was something they could never know. TIMBERLINEs mission has, to say the least, changed in the intervening years, as submarine-laid internet cables have become a greater priority for American spies than foreign satellite communication.

TIMBERLINE remains operational, but the facility, known to locals as the off-limits Upper Base, was never what kept Sugar Grove alive. The towns heart was the sprawling Lower naval base that served as a robust employer and de facto community center until the Sept. 11 attacks, when residents say even the Navy gym and recreational areas theyd always enjoyed were sealed up, like forbidding TIMBERLINE. Sheldons film reveals a parcel of the country thats dealing not just with a faltering economy and collapsed job base hardly unique to Sugar Grove but also with a legacy thats literally unspeakable. One of the only moments the film captures of anyone talking about the NSAs presence in Sugar Grove comes from a General Services Administration auctioneer Kristine Carson in a vacant naval gymnasium. Asked about the Upper Base, Carson notes, with a small smile, Its underground, I understand. Of course I cant speak to that.

Top video: The film is directed and produced by Elaine McMillion Sheldon/Field of Vision.

Read more here:
Film: The Tiny West Virginia Town Haunted by an NSA Secret - The Intercept

WASHINGTON, D.C.The Electronic Frontier Foundation (EFF) asked the Supreme Court to review and overturn an unprecedented ruling allowing the government to intercept, collect, and storewithout a warrantmillions of Americans electronic communications, including emails, texts, phone calls, and online chats.

This warrantless surveillance is conducted by U.S. intelligence agencies under Section 702 of the Foreign Intelligence Surveillance Act. The law is exceedingly broadSection 702 allows the government to conduct surveillance of any foreigner abroadand the law fails to protect the constitutional rights of Americans whose texts or emails are incidentally collected when communicating with those people.

This warrantless surveillance of Americans is unconstitutional and should be struck down.

Yet the U.S. Court of Appeals for the Ninth Circuit, ruling in U.S. v. Mohamud, decided that the Fourth Amendment doesnt apply to Americans whose communications were intercepted incidentally and searched without a warrant. The case centered on Mohammed Mohamud, an American citizen who in 2012 was charged with plotting to bomb a Christmas tree lighting ceremony in Oregon. After he had already been convicted, Mohamud was told for the first time that information used in his prosecution was obtained using Section 702. Further disclosures clarified that the government used the surveillance program known as PRISM, which gives U.S. intelligence agencies access to communications in the possession of Internet service providers such as Google, Yahoo, or Facebook, to obtain the emails at issue in the case. Mohamud sought to suppress evidence gathered through the warrantless spying, arguing that Section 702 was unconstitutional.

In a dangerous and unprecedented ruling, the Ninth Circuit upheld the warrantless search and seizure of Mohamuds emails. EFF, the Center for Democracy & Technology, and New Americas Open Technology Institute filed a petition today asking the Supreme Court to review that decision.

The ruling provides an end-run around the Fourth Amendment, converting sweeping warrantless surveillance directed at foreigners into a tool for spying on Americans, said EFF Senior Staff Attorney Mark Rumold. Section 702 is unlike any surveillance law in our countrys history, it is unconstitutional, and the Supreme Court should take this case to put a stop to this surveillance.

Section 702, which is set to expire in December unless Congress reauthorizes it, provides the government with broad authority to collect, retain, and search Americans international communications, even if they dont contain any foreign intelligence or evidence of a crime.

We urge the Supreme Court to review this case and Section 702, which subjects Americans to warrantless surveillance on an unknown scale, said EFF Staff Attorney Andrew Crocker. We have long advocated for reining in NSA mass surveillance, and the incidental collection of Americans private communications under Section 702 should be held unconstitutional once and for all.

For the petition: https://www.eff.org/document/mohamud-eff-cert-petition

For more on Section 702: https://www.eff.org/document/702-one-pager-adv

For more on NSA spying:https://www.eff.org/nsa-spying

See the rest here:
EFF Urges Supreme Court to Take On Unconstitutional NSA Surveillance, Reverse Dangerous Ruling That Allows ... - EFF

Enlarge / Part of a booby-trapped Microsoft Word document that was sent to multiple hotels. Once infected, computers would attempt to compromise other computers connected to the same network.

FireEye

A Russian government-sponsored group accused of hacking the Democratic National Committee last year has likely been infecting other targets of interest with the help of a potent Windows exploit developed by, and later stolen from, the National Security Agency, researchers said Friday.

Now, researchers at security firm FireEye say they're moderately confident the Russian hacking group known as Fancy Bear, APT 28, and other names has also used Eternal Blue, this time in a campaign that targeted people of interest as they connected to hotel Wi-Fi networks. In July, the campaign started using Eternal Blue to spread from computer to computer inside various staff and guest networks, company researchers Lindsay Smith and Ben Read wrote in a blog post. While the researchers didn't directly observe those attacks being used to infect guest computers connected to the network, they said a related campaign from last year used the control of hotel Wi-Fi services to obtain login credentials from guest devices.

In the earlier attack, the APT 28 members used a hacking tool dubbed Responder to monitor and falsify NetBIOS communications passed over the infected networks.

"Responder masquerades as the sought-out resource and causes the victim computer to send the username and hashed password to the attacker-controlled machine," the FireEye researchers wrote. "APT 28 used this technique to steal usernames and hashed passwords that allowed escalation of privileges in the victim network." The researchers continued:

In the 2016 incident, the victim was compromised after connecting to a hotel Wi-Fi network. Twelve hours after the victim initially connected to the publicly available Wi-Fi network, APT28 logged into the machine with stolen credentials. These 12 hours could have been used to crack a hashed password offline. After successfully accessing the machine, the attacker deployed tools on the machine, spread laterally through the victim's network, and accessed the victim's OWA account. The login originated from a computer on the same subnet, indicating that the attacker machine was physically close to the victim and on the same Wi-Fi network.

We cannot confirm how the initial credentials were stolen in the 2016 incident; however, later in the intrusion, Responder was deployed. Since this tool allows an attacker to sniff passwords from network traffic, it could have been used on the hotel Wi-Fi network to obtain a users credentials.

The attack observed in July used a modified version of Eternal Blue that was created using the Python programming language and later made publicly available, Fire Eye researchers said in an e-mail. The Python implementation was then compiled into an executable file using the publicly available py2exe tool.

Fancy Bear used a spear phishing campaign to distribute a booby-trapped Microsoft Word document to several unnamed hotels, FireEye said. When the document was opened on computers that allowed Word macros to execute, the machines were infected by Fancy Bear malware known as Gamefish. Once a computer was infected, it attempted to infect other computers connected to the same Wi-Fi network.

See more here:
Russian group that hacked DNC used NSA attack code in attack on hotels - Ars Technica

Im beginning to wonder: Has Americas NSA has been too busy with spying on Americans to bother with North Korea and their nukes?

It was Bill Clinton, of course, who fixed the North Korean problem by paying them not to build nukes. Perhaps there was some language confusion, and they thought the money was to build nukes. That seems to be what happened. Maybe thats why Hillary was supposed to become president? To pay North Korea more to not build more nukes.

With the Obama administration, the NSA became fully weaponized as the tool of choice to conduct opposition research and provide the necessary blackmail evidence to destroy any non-elitist candidate who might still have thought that the NSAs targets were rogue regimes rattling nukes or stirring chemical weapons in other parts of the world.

Perhaps the real targets were always Americans; or rather, Americans with whom the reigning political party disagreed. As I asked at the beginning of Obamas reign of domestic terror, why would anyone expect Chicago politics to be any different once it moved from Chicago and into the White House?

The CIA and the FBI also wanted to get into the game of picking winners by destroying the competition. Both the CIA and the NSA had their entrails handed to them by their own leakers, who placed our software espionage tools Americans had paid billions of dollars to develop onto hacker sites worldwide. These organizations must be a complete joke among Russian, Chinese and probably North Korean intelligence agencies.

Or maybe the tools were intentionally released by NSA and CIA. Maybe those organizations wanted plausible deniability when variants of their tools were used to plant evidence on a political suspects computer. To change the texts or email contents. Whos to know who actually did the deed? The agency? The hackers? Or another agency battling for budgetary power against one with compromised code?

Maybe the FBI generates its warrants by using illegal intercepts from these agencies. Maybe they lie to the secret courts that issue the warrants. Is that where the FBIs warrants for Manafort came from? The Constitution is so burdensome by requiring evidence of a crime and descriptions of what is to be seized. Under constitutional law, it would be overly difficult for the administration in power to prevent a new one from winning the next election. Is that the real reason Hillary was convinced she couldnt lose?

If we had a Congress that was worth a penny on the dollar of what we actually pay for it, that congress would cancel its summer town-hall lovefests (its not an election year), go back to the Capitol and when they arrived begin discussing the amount of rope to buy and where to build the gallows. A coup is no less a coup because it is being conducted in secret. This behavior wont end until those perpetrating it are brought to justice.

Why are big media and the deep state so close together in the tank for this coup? Did they have something else in mind for America besides another election? Stop braying at the ideological idiots writing the news and the talking fools discussing it. The real problem is well above them in the organizations sponsoring this domestic terror. Its time for some housecleaning in the executive offices. These are publicly traded companies responsible to the public for their actions.

Paging Congress paging Congress.

See the rest here:
North Korea, nukes and NSA - WND.com

August 11th, 2017 by StorageReview Enterprise Lab

We are in the process of upgrading our networking fabric;a major part of that includes moving to the NSA 3600 from the SonicWall Network Security Appliance (NSA) Midrange Firewall Series. Ideal for smallto medium-sized corporate environments, this firewall series is highlighted by its advanced automated threat-prevention technologies. Previously, we usedSonicwalls TZ500W, an easy-to-deploy, all-in-one SMB desktop firewall solution that is great for smaller-scale networks. Moving to an entry-enterprise rack platform, the NSA 3600 acts as a significant upgrade in our labs, offering 10G support with SFP+ ports and support for jumbo frames.

The NSA 3600 is powered by SonicOS, a comprehensive operating system that is simple to configure and easy to use. SonicOS helps to streamline management and offers admins substantial network control and versatility through features such as application intelligence and control, real-time visualization, and intrusion prevention system.

With its comprehensive control options, real-time visualization and WLAN management, we will be able to easily monitor activity across our entire network. Moreover, the NSA 3600 comes with SonicWalls Reassembly-Free Deep Packet Inspection technology, which scans traffic for all threats (both known and unknown) and eliminates them before they are able to infect a network. Capture Advanced Threat Protection Service also gives enterprises cloud-based, multi-engine sandboxing that blocks unknown and zero-day gateway attacks. This technology works by scanning all traffic in a wide range of file sizes and types, then extracting any suspicious code for further analysis.The SYN flood protection offers protection against DoS attacks through Layer 3 SYN proxy and Layer 2 SYN blacklisting technologies while defendingagainst DOS/DDoS using UDP/ICMP flood protection and connection rate limiting. This NSA Mid Range Series firewall also provides threat API, Stateful packet inspection, WAN load balancing, biometric authentication and more. Through all of these defense measures,the NSA 3600 is capable of delivering 3.4 Gbps, 1.1 Gbps, and 600 Mbps in Firewall, IPS, and Anti-malware throughput, respectively.

SonicWall NSA 3600 Specifications

Design and Build

The SonicWall NSA 3600 comes in a 1U rack form factor and has the same connectivity layout as the 4600 and 5600 models. On the left side of the front panel is the console port (which gives access to the SonicOS CLI when connected via an enclosed serial CLI cable), a SDHC port, two USB ports, and a SafeMode button (press until blinking to access). There are also four LED status Indicators: the Power LED, where blue means the power supply is operating normally and yellow means the power supply has been disconnected; the Test LED, which displays Initializing, Test, SafeMode statuses; the red Alarm LED; and the M0 LED, which shows expansion module 0 activity.

Next to the status indicators is the Management Port (1 GE), two X16-X17 (10 GE SFP+) hot-swappable ports, four X12-X15 (1 GE SFP) ports for high-speed fiber or copper Ethernet communication, and twelve X0-X11 (1 GE) High-speed copper Gigabit Ethernet ports.

The back panel is home to the expansion bay, which supports SonicWall-approved expansion modules, as well as dual auto-throttling fans and the power supply port/switch.

Upgrade Process

SonicWall makes the process of upgrading firewalls very simple. In our case to move from the TZ500W to the NSA 3600, we were able to take the saved configuration file from one and import it into the other, no additional conversion necessary. This was quite important for us, since while deploying the firewall is simple, manually adding in all of our existing firewall rules would be a time consuming process otherwise. In this case we had our networking environment swapped over to the NSA 3600 within a few minutes from the file import, once the NSA 3600 was upgraded to the same firmware version (or newer) than the TZ500W.

During the upgrade process we kept the same interface connections; connecting to the firewall over 1GbE. The main reason for the upgrade though is the SFP+ 10GbE ports the NSA 3600 offers, allowing us to uplink the firewall directly into our new 48-port 10G Dell S4048 or 32-port 100G Dell Z9100 switches as they come online. This upgrade is a large undertakingas we migrate off our 40GbE fabric over to 100G for next-gen storage and compute hardware. The NSA 3600 deployment was an easy first step in this process though as we work to modernize our network.

SonicWallNSA 3600 product page

Discuss This Story

Sign up for the StorageReview newsletter

Read more:
In the Lab: SonicWall NSA 3600 Firewall Upgrade - StorageReview.com