Mediaboss Marketing

by LINDSAY WHITEHURST, Associated Press

NSA officials deny mass surveillance during Utah Olympics (Photo: MGN)

SALT LAKE CITY (AP) A former top spy agency official who was the target of a government leak investigation says the National Security Agency conducted blanket surveillance in Salt Lake City during the 2002 Winter Olympics in Utah, according to court documents.

Ex-NSA official Thomas Drake wrote in a declaration released Friday that the NSA collected and stored virtually all electronic communications going into or out of the Salt Lake City area, including the contents of emails and text messages.

"Officials in the NSA and FBI viewed the Salt Lake Olympics Field Op as a golden opportunity to bring together resources from both agencies to experiment with and fine tune a new scale of mass surveillance," Drake wrote.

It comes as part of a lawsuit filed by attorney Rocky Anderson, who was the mayor of Salt Lake City during the games held a few months after the Sept. 11, 2001, attacks. Anderson said the document was disclosed to the U.S. Department of Justice on Wednesday.

Former CIA and National Security Agency director Michael Hayden has denied in court documents that such a program existed. Hayden was NSA director from 1999 to 2005.

Current NSA operations director Wayne Murphy said in court documents that NSA surveillance in Salt Lake City was limited to international communications in which at least one participant was reasonably believed to be associated with foreign terrorist groups.

Drake disputed that statement, writing that he spoke with colleagues who worked on the operation and were concerned about its legality. He said he also saw documents showing surveillance equipment being directed to the Utah program.

His declaration was written in support of the former mayor's lawsuit. Anderson said the lawsuit is designed to get more information about what he calls covert, illegal operations.

The NSA has argued the lawsuit's claims are far-fetched speculation about a program that may never have existed. A judge, though, refused a Justice Department push to dismiss the lawsuit in January.

Drake started working for the NSA in 2001 and blew the whistle on what he saw as a wasteful and invasive program. He was later prosecuted for keeping classified information. Most of the charges were dropped before trial in 2011, and he was sentenced to one year of probation.

Read more:
Ex-spy says NSA did mass surveillance during Utah Olympics - KUTV 2News

Brooks Kraft LLC/Corbis via Getty Images

Russian hackers attacked a voting software company and election officials across the country right before Election Day, according to a top secret National Security Agency report.

In the NSA's classified report from May 5, the agency detailed how Russian government hackers tried to phish US officials and VR Systems, a technology company that creates election software for eight states: California, Florida, Illinois, New York, North Carolina, Indiana, Virginia and West Virginia.

The timing of the attack happened right before the Election Day, with multiple hacking attempts centered around late October.

The report had been leaked to The Intercept on Monday, and confirmed by CBS News. Russia's cyberattacks and influence on the 2016 presidential election continue to plague the White House, as President Donald Trump sits embroiled with investigations of ties to the Kremlin. Trump has continued to deny reports of any Russian hackers meddling on his behalf, even as the FBI launched a formal investigation into any ties between his campaign and foreign cyberattacks.

The leaked report comes just three days before fired FBI director James Comey is expected to testify to the Senate Intelligence Committee about the investigation. Russian President Vladimir Putin continues to deny any nation-state hackers on the country's behalf, insisting that it could have been the work of patriotic Russians, and most recently, a child.

The NSA's report detailed that hackers on behalf of the Russian government posed as an e-voting company to fool government workers into opening emails packed with hidden malware in Microsoft Word documents.

The Russian hackers also pretended to be Google by using the email "noreplyautomaticservice@gmail.com," which they registered on August 24, 2016, according to the report. It would send emails to victims asking them to click on a link that would ultimately phish them. The NSA's report identified seven potential victims so far.

On October 27, 2016, just 12 days before the election, the hackers pretended to be VR Systems with the email address vr.elections@gmail.com, and sent fake user guides to customers on how configure their Windows machines meant for voting. Of course, those were also filled with viruses.

"It is unknown whether the aforementioned spear-phishing deployment successsfully compromised the intended victims, and what potential data could have been accessed," the NSA wrote in its report.

VR Systems didn't respond to requests for comment.

That cyberattack went out to more than 120 different local government organizations, according to the report.

Days before the report leaked, the Department of Justice filed charges against Reality Leigh Winner, a federal contractor working in Georgia, for providing classified materials to a news outlet. She was arrested at her home on Saturday, and appeared in court on Monday afternoon.

According to court documents, the classified report she had leaked was also from May 5. Winner worked for Pluribus International Corporation, an analytical and engineering company that provides services to the NSA, as well as other agencies in the intelligence community.

The NSA didn't respond to requests for comment.

Read the original here:
NSA report discloses Russian hacking days before US election - CNET

Atlanticmagazine writer Steve Clemons said during a Saturday panel on MSNBCs The Point with Ari Melber that National Security Administration (NSA) Director Michael Rogers may have a bomb to drop on the Trump administration.

Rogers will testify Wednesday before theSenate Intelligence Committee, which is currently investigating whether President Donald Trumps campaign colluded with Russian officials to sway the results of the 2016 election.

We now know for certain that Vladimir Putin waged political warfare against Americas democracy with the election last year, saidMother Jonesmagazines David Corn. While thats going on, Donald Trump is saying, No, its not happening. Its like a guy in front of a bank robbery saying, Nothing is going on here. He was helping.

He made it easier for Putin to pull this off, Corn said. That in itself should be a big scandal.

While a lot of people have focused on James Comey and thats obviously a huge anchor in this, Clemons said at the end of the segment, watch the Senate Intelligence Committee hearings on Wednesday. National Security Agency Director Mike Rogers may have a bomb to drop in this, as well as Dan Coates. I have been tipped off that Mike Rogers has a story to tell as well that goes right along the lines that our friend David Corn has shared.

Watch the video, embedded below:

Follow this link:
NSA Director Mike Rogers Poised to 'Drop a Bomb' on Trump Admin During Wednesday Testimony: MSNBC - AlterNet

NEW DELHI: Cow smugglers and those indulging in cow slaughter must be booked under the National Security Act, Uttar Pradeshs director general of police Sulkhan Singh has said in an order issued to senior police officials in the state.

There is a need to clamp down on cow slaughter and transport of cows for the same. The National Security Act (NSA), 1980 or Gangsters Act must be invoked against criminals indulging in the same, the DGP said in an order to all senior police officials present in a review meeting in Lucknow on Monday.

The Act allows for detention of any persons for three months or more with a view to preventing them from acting in any manner prejudicial to the security of the state or from acting in any manner prejudicial to the maintenance of public order. The Centre has to be informed within seven days by the state government about any case of invocation of the NSA.

There have been cases of right-wing groups taking the law into their own hands to stop purported cow smuggling and incidents of lynching of people undertaking transportation of cows have been reported. Cow slaughter and transportation of cows for slaughter is banned in UP.

The DGP spelt out several other directives to improve the law and order scenario in the state, for which the new Yogi Adityanath government has been facing flak.

The directives include transferring out police officials posted in one district for long and taking departmental action against police officials having connections with criminals.

The DGP ordered that police must make efforts to get bails cancelled for mafia and criminal elements, and maintain a proper register with a record of known enmities and disputes in an area to take preventive action if required. He ordered that policing in Noida and Ghaziabad should be better than in Delhi and that efforts be made to ensure disciplined traffic and policemen turning out in wellkept uniforms.

The DGP also directed that police posts be set up outside jails to keep a watch on visitors to known criminals lodged behind bars. Duties of police officials accompanying criminals to courts should also be frequently changed, he ordered, so that no official accompanies any criminal regularly.

As a people-friendly measure, the DGP directed that a police report be given within a week in case of inquiries for passport or character verification and strict action be taken in case of delay on the part of the police.

View original post here:
Book cow killers under NSA: UP Police Chief - Economic Times

Cybercriminals have taken the EternalBlue exploits and used them to build more effective Trojans.

A leaked NSA exploit which helped the WannaCry ransomware outbreak become so prolific is now being used to distribute Trojan malware.

A Windows security flaw known as EternalBlue was one of many allegedly known to US intelligence services and used to carry out surveillance before being leaked by the Shadow Brokers hacking group.

The exploit leverages a version of Windows' Server Message Block (SMB) networking protocol to spread itself across an infected network using wormlike capabilities.

But while, for the most part, the spread of WannaCry has been stopped, cybercriminals and hackers are still using the leaked EternalBlue exploit to carry out a much more discreet form of cyberattack, say researchers at FireEye.

This time, the SMB vulnerabilities are being used to distribute Backdoor.Nitol - a Trojan horse which opens a backdoor on the infected computer - and Gh0st RAT, a form of malware capable of taking full control of a machine in addition to conducting espionage and stealing data.

The latter is particularly dangerous and is repeatedly a thorn in the side of the aerospace and defence industries, as well as government agencies and even activists. Now those behind this new Gh0st RAT campaign are using EternalBlue exploits in an effort to compromise Singapore, while Nitol is attacking the wider South Asia region.

Researchers note that machines vulnerable to the SMB exploit are attacked by hackers using the EternalBlue exploit to gain shell access to the machine.

The initial exploit used at the SMB level is similar to what's been seen in WannaCry attacks, but this time, instead of being used to deploy ransomware, the attack opens a shell to write instructions into a VBScript file which is when executed to retrieve the payload from another server in order to create the required backdoor into the machine using Nitol or Gh0st RAT.

While neither attack is new - both have plagued victims for years - the addition EternalBlue adds additional potency to attacks, although nothing so far has suggested that it could spread so widely as quickly as WannaCry did.

And with the EternalBlue exploits now out in the open for any malicious actor to use, it's likely that we'll see it used again and again in new types of attacks.

"The addition of the EternalBlue exploit has made it easy for threat actors to exploit these vulnerabilities. In the coming weeks and months, we expect to see more attackers leveraging these vulnerabilities and to spread such infections with different payloads," said researchers at FireEye Dynamic Threat Intelligence.

"It is critical that Microsoft Windows users patch their machines and update to the latest software versions as soon as possible," they add.

While WannaCry exploited the vulnerability to infect networks across the globe, poor-coding behind the ransomware played a part in it not being as damaging as it could've been, resulting in those behind it not making much money, considering the scale of the campaign.

However, if something like Nitol or Gh0st RAT could simultaneously infected hundreds of thousands across the globe - and the nature of the Trojan attacks means they wouldn't be obvious about it - then future attacks could have much worse consequences.

Read the rest here:
Leaked NSA hacking exploit used in WannaCry ransomware is now powering Trojan malware - ZDNet