Data is assessed by our team members

Investigations can reveal some very sensitive & personal data. This intel is assessed by us & closely guarded used only for the purpose of fullfilling the needs of our clients to achieve the results we are commissioned to undertake More »

Team leader heads a group of professional investigators on the ready

We are proud to have access to the finest team members & discreet qualified persons who pride themselves in obtaining results for our clients where others fail. More »

The latest technology & equipment allow us to keep our finger on the intel pulse

Scientific apparatus & technical staff allow us to get sensitive & usefull information by utilizing the latest technology in getting information for our clients.The storage, use & availability of this data is done with great care More »

Communications between team members & networks is critical

In these days of world wide communications being at a peak of efficiency, the task of passing on & receiving information in the blink of an eye becomes possible between our team members & the network we have access to More »

Team leader & CEO of the intel agencies group is Donna-Lee Sapiecha Eyers

Donna-Lee is here at her graduation law degree ceremony proudly supported by her mother Karen, her sister Sharah-Lee & father Henry More »

 

Intel: We’ve found severe bugs in secretive Management Engine, affecting millions

An attacker can use Intel’s flaws to run malware that’s invisible to the operating system.

 Intel’s self-learning AI chip aimed at autonomous machines

Thanks to an investigation by third-party researchers into Intel’s hidden firmware in certain chips, Intel decided to audit its firmware and on Monday confirmed it had found 11 severe bugs that affect millions of computers and servers.

The flaws affect Management Engine (ME), Trusted Execution Engine (TXE), and Server Platform Services (SPS).

Intel discovered the bugs after Maxim Goryachy and Mark Ermolov from security firm Positive Technologies found a critical vulnerability in the ME firmware that Intel now says would allow an attacker with local access to execute arbitrary code.

The researchers in August published details about a secret avenue that the US government can use to disable ME, which is not available to the public.

Intel ME has been a source of concern for security-minded users, in part because only Intel can inspect the firmware, yet many researchers suspected the powerful subsystem had bugs that were ripe for abuse by attackers.

Goryachy and Ermolov will present their research on an ME flaw at Blackhat in December, detailing how an attacker can run unsigned code in the microprocessor and remain invisible to the main CPU and any anti-malware software.

ME runs on its own microprocessor and, as a Google engineer recently revealed, a modified version of the MINIX operating system.

Google was so afraid of UEFI and Intel ME that it created NERF, or the Non-Extensible Reduced Firmware, which it uses to manage Chromebooks. NERF runs on a Linux kernel rather than MINIX and removes ME’s web server and IP stack, key EUFI drivers, and neuters the ability for ME and EUFI to self-reflash the firmware.

The ME engine supports Intel’s Active Management Technology (AMT), which allows admins to remotely manage and fix devices.

A flaw discovered this May in AMT, which affected chips from 2008, highlighted another problem: patching it required an ME firmware update on machines that hardware vendors had stopped supporting. Only enterprise machines with vPro were affected, but the bug prompted EFF’s demands for Intel to provide a way to disable ME.

Similarly, patching machines will depend on OEMs pushing Intel’s fixes to devices. So far, Intel only lists Lenovo as having fixes available.

To help users address the current batch of bugs, Intel has released a detection tool for Windows and Linux systems, which displays a risk assessment of the system. Intel says the bugs may affect PCs, servers, and IoT platforms.

The bugs affect systems using Intel’s 6th, 7th, and 8th Generation Core CPUs, a range of Xeon processors, as well the Apollo Lab Atom E3900 series, Apollo Lake Pentium, and Celeron N and J series chips.

Intel says the flaws would allow an attacker to “Impersonate the ME/SPS/TXE, thereby impacting local security feature attestation validity”.

The attacker could also load and execute arbitrary code that would be invisible to the user and operating system.

The highest severity issue was the flaw discovered by Goryachy and Ermolov, which concerned multiple buffer overflows in the ME’s kernel. Intel’s audit found several other high-severity buffer overflows in AMT in the ME firmware, TXE, and SPS.

One of the flaws it found would allow a remote attacker to execute arbitrary code if they had Admin access.

Intel unveils the 8th Gen Intel Core processor family and launches the first of the family on Monday, Aug. 21, 2017. The 8th Gen Intel Core processors are designed for what’s next and deliver up to 40% gen over gen performance boost. (Credit: Intel Corporation)

The bugs affect systems using Intel’s 6th, 7th, and 8th Generation Core CPUs, and a range of Xeon Celeron processors, among others. Image: Intel

Previous and related coverage

Researchers say Intel’s Management Engine feature can be switched off

Updated: Researchers have shown how Intel’s all-powerful Management Engine in its CPUs could be disabled.

MINIX: Intel’s hidden in-chip operating system

Buried deep inside your computer’s Intel chip is the MINIX operating system and a software stack, which includes networking and a web server. It’s slow, hard to get at, and insecure as insecure can be.

Shore up your defenses: Budget extra for an IT audit in 2018 [Tech Pro Research]

With the odds of a data breach on the rise, companies should consider increasing their IT audit budget for 2018. Auditors can spot and help remedy security holes that may have been overlooked.

Read more about Intel and security

Henry Sapiecha

Australia likely to get its own GDPR

Everyone in the Australian cybersecurity ecosystem has a role to play to ensure the security of the nation, according to Nationals Senator Bridget McKenzie.

The mandatory data breach notifications laws coming into effect in Australia next year will be followed by other laws to ensure everyone in the digital ecosystem — including government divisions, large corporates, small to medium-size enterprises (SMEs), and consumers — are playing their role in keeping Australia “cyber secure”, according to Senator Bridget McKenzie.

McKenzie, who is the chair of the Foreign Affairs, Defence, and Trade Legislation Committee, likened cyber breaches to the “system of disease in the pre-industrial revolution that just swept through”.

“Cyber breaches have the capacity to wipe out industries, wipe out systems, wipe out communities, if every member of that community or that cyber ecosystem isn’t following best practice when it comes to keeping their information secure,” McKenzie told ZDNet at the Australian Computer Society’s Reimagination Thought Leaders’ Summit.

“It’s not just defence’s job or ASIO’s or DSTO’s or the government’s indeed, but every SME and private homeowner needs to have an eye for cybersecurity, making sure their data’s safe.”

McKenzie said mandatory data breach notifications laws, set to come into effect next year, is a step towards keeping organisations alert and accountable, with other laws expected to be introduced in Australia in the upcoming years, possibly similar to those coming into effect next year in the European Union.

The European Union’s (EU) General Data Protection Regulation (GDPR) will require organisations around the world that hold data belonging to individuals from within the EU to provide a high level of protection and explicitly know where every piece of data is stored.

Organisations that fail to comply with the regulation requirements could be fined up to €20 million, or, in the case of an undertaking, up to 4 percent of the total worldwide annual turnover of the preceding financial year — whichever is higher.

“No longer can you say, ‘Oh I’ll leave it to someone else because the flow-on effects, the interconnectedness, the Internet of Things, is such that if one member of that web, if you like, has a security breach, it has flow-on effects for everybody involved,” McKenzie said.

Additionally, Australians need to have the confidence that they can share private information such as their health details and not have it end up in the public sphere, otherwise the nation will not be able to experience the full benefits of technology, McKenzie said.

Shadow Minister for the Digital Economy Ed Husic said, however, that the government has a long way to go in building that confidence, given 50,000 Australians have been affected by a government data breach that occurred in October. He noted that the breach was not a technological error, but a human error.

“How do we build consumer or citizen confidence about protection of privacy?” Husic said. “50,000 people were affected by a data breach across government, releasing details of passwords and credit cards. It’s not all tech related … people often blame tech for this. It’s people and the way that they use data and it’ll be interesting to see the details that come out on this in the next few days.”

“This data breach occurred back in October, no public explanation of it, no detail about what was known, what was being done to fix it. If we want people to be confident that data is being used well by government, then the government’s got a long way to go to build that confidence.”

Husic added that the government needs to lead by example; it should be notifying the public about data breaches if it wants businesses to do the same.

“[The government’s] got to do some things itself. And you can’t lecture business about getting focused on cybersecurity if you’re losing your own moral authority … because you’re not looking after data within your own batch,” he said.

McKenzie believes in Australia’s growing status as a cybersecurity hub, saying that the nation is equipped with the right expertise in this area. She added that Australia is in the process of creating a strong cybersecurity industry capable of exporting.

“Our law enforcement and intelligence agencies are world-class. We’re also part of Five Eyes, which means we have a lot of access to information and technology and collaboration opportunities,” she said. “We lead the world in quantum computing … and it [has the] potential to contribute further to security of data and security of communications particularly in the intelligence and defence spheres.

“We’ve really got some technical expertise, but also I think a richness around governance frameworks and excellence in regulatory frameworks that can also assist other governments and other organisations worldwide to understand best practices in the area.”

In September, Ambassador for Cyber Affairs Dr Tobias Feakin communicated a similar sentiment, saying Australia has an international standing in cybersecurity, and brings “key qualities” to the table.

Australia has also played a role in the creation of international peacetime norms for cyberspace, including chairing the first United Nations Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (UN GGE) in 2013, and helping develop the 11 international norms agreed to in subsequent UN GGE meetings.

“We have regional knowledge beyond most. We have a trusted diplomatic brand, and that’s something that we intend to capitalise on. We have strategic and economic interests in the region. And we have long-standing development partnerships across the region already,” Feakin said at the second annual SINET61 conference in Sydney.

“We need to capitalise on those, make the most of them. Not just for us as a government, [and] for regional partners as well, but also for our private sector … We see this issue as central to our economic future,” he said.

“It’s only this year that it’s just reached the point, of tipping over, to 50 percent of all internet users living in the Asia-Pacific. But really, still, there’s huge economic growth to unravel there, because still 60 percent of all households don’t have internet coverage.”

Last month, launching the International Cyber Engagement Strategy, Foreign Minister Julie Bishop said that for the purpose of national security, cyberspace cannot be an ungoverned space.

“Just as we have international rules that guide how states behave, and how states should behave towards each other, the international rules-based order that’s been in place for about 70 years, so too must states acknowledge that activities in cyberspace are governed by the same set of rules as military and security activities in traditional domains,” Bishop said in October.

“The 2016 US presidential election focused the world’s attention on the potential for cyber operations to interfere with democratic processes. This cannot be allowed to continue. It strikes at the very heart of the sovereignty of nations.”

According to the International Cyber Engagement Strategy, Australia will develop an international “architecture for cooperation” including mechanisms to respond to unacceptable behaviour in cyberspace in a timely manner.

“Australia’s responses to malicious cyber activity could comprise law enforcement or diplomatic, economic, or military measures as appropriate for the circumstances. This could include, but is not restricted to, offensive cyber capabilities that disrupt, deny, or degrade the computers or computer networks of adversaries,” the strategy states.

The strategy also implies that the nation has the capability to identify the source of cyber attacks.

“Depending on the seriousness and nature of an incident, Australia has the capability to attribute malicious cyber activity in a timely manner to several levels of granularity — ranging from the broad category of adversary through to specific states and individuals,” the strategy states.

In September, the federal government pledged AU$50 million over seven years for the cybersecurity cooperative research centre (CRC), with over AU$89 million in further funding to come from 25 industry, research, and government partners.

The cybersecurity CRC will deliver solutions to increase the security of critical infrastructure, the government said at the time, which includes “frameworks, products, and approaches that will service existing and future ICT enterprises across a broad range of platforms and operating systems”.

Assistant Minister for Industry, Innovation and Science Craig Laundy said the activities of the cybersecurity CRC will contribute to the objectives laid out in Australia’s AU$240 million Cyber Security Strategy, which is aimed at defending the nation’s cyber networks from organised criminals and state-sponsored attackers.

Related Coverage

Just one day after its release, iOS 11.1 hacked by security researchers

The bugs were found in Apple’s Safari web browser.

With a physical key, Google says it can protect you from nation-state hackers

When two-factor doesn’t cut it against the most sophisticated adversary, Google thinks it has an answer.

IoT security: Keeping users on their toes means staying on yours

IoT has introduced new vulnerabilities that can put your network at risk. Providing users with ongoing security training — and examples that relate to their work — will help keep your data safe.

Hacking group targets banks with stealthy trojan malware campaign

Stolen credentials are used to launch attacks which include the ability to stream live video of the screens of infected users.

This destructive wiper ransomware was used to hide a stealthy hacking campaign

“ONI” ransomware deployed on hundreds of machines in an effort by attackers to cover tracks of “Night of the Devil” campaign — which exploited leaked-NSA exploits.

www.scamsfakes.com

www.crimefiles.net

Henry Sapiecha

Malaysia data breach compromises 46.2M mobile numbers

Suspected to have originated from a 2014 attack, the breach is estimated to affect 46.2 million mobile numbers and compromise data such as home addresses and SIM card information.

A massive cybersecurity breach is reported to have compromised personal data of 46.2 million mobile numbers in Malaysia, exposing details such as home addresses and SIM card information.

The breach affected both postpaid and prepaid numbers as well as subscribers from all major mobile carriers in the country, including Maxis, Altel, Digi, and Celcom, according to Lowyat.net. The local website earlier this month said it received information that personal data linked to millions of Malaysians were being peddled online.

Apart from customer data from local telcos, it added that the information included those that belonged to various websites such as Jobstreet.com, Malaysian Medical Association, and Malaysian Housing Loan Applications. Leaked data from Jobstreet.com, for instance, contained the candidate’s login name, nationality, and hashed passwords.

Timestamps in the compromised data suggested that the breach occurred between 2014 and 2015, said Lowyat.

Commenting on the breach, Darktrace’s Asia-Pacific managing director Sanjay Aurora said such “low and slow” attacks could lay stealthily in networks for years without anyone noticing. He added that traditional defense tools would not be able to identify and block such attacks.

“Lateral movements are incredibly difficult to catch, with attackers spending an average of 260 days in a network before striking,” Aurora explained. He pointed to the need for machine learning tools that could learn on-the-job and dynamically tweak its analysis based on new information.

“Alongside this, there needs to be a cultural change,” he added, stressing the need to stop victim-blaming so businesses would not fear coming forward.Lowyat

Lowyat said it had handed the information to industry regulator, Malaysian Communications And Multimedia Commission, which later released a statement confirming it was investigating the incident.

According to local reports, Communications and Multimedia Minister Datuk Seri Salleh Said Keruak said the police also was involved in the investigation.

Malaysia has a population of some 31.2 million, so some subscribers likely will hold more than one compromised mobile number. The report added that the list may contain inactive numbers as well as temporary ones issued to visitors to the country.

Henry Sapiecha

Huge Locky ransomware campaign sends 23M messages in 24 hours

Locky ransomware is making a comeback, with one of the largest attacks this year. Here’s how to protect your business.

www.scamsfakes.com

White smudge letter background with metal folder icon and red skull filled with random letters ransomware concept 3D illustration

Earlier this week, a Locky ransomware campaign sent more than 23 million messages out across the US in one of the largest attacks in the second half of 2017, according to a post from AppRiver.

Ransomware dominated the cyberthreat landscape in 2016, increasing more than 600% over the year before, with Locky attacks leading the way. As noted by ZDNet, at the start of 2017 distribution of Locky sharply declined, with Cerber variants taking its place.

But Locky made a comeback in recent months, and this massive attack shows just how dangerous it can be. On Monday, just as many US workers were arriving to their offices, the malicious email campaign began inundating their inboxes. The malware traffic spike began that morning just after 7 a.m. CST, the post noted.

The emails in the attack were “extremely vague,” Troy Gill, manager of security research at AppRiver, wrote in the post. They included subject lines such as “please print,” “documents,” “photos,” “images,” “scans,” and “pictures.”

SEE: 17 tips for protecting Windows computers and Macs from ransomware (free PDF)

Each message included a ZIP attachment that contained a Visual Basic Script (VBS) file nested inside a secondary ZIP file, the post say. When a user clicks on it, the VBS file starts a downloader that reaches out to “greatesthits[dot]mygoldmusic[dotcom]” to pull the latest Locky ransomware.

After that, Locky begins encrypting all files on the user’s machine, and adding [.]lukitus to those encrypted files.

Once the victim’s files have all been encrypted, the attackers change their desktop background to an image with instructions for decryption. They also place an HTM file named “Lukitus[dot]htm” on the desktop.

Then, the victim is instructed to install a TOR browser, and is provided a Darkweb site to pay 0.5 Bitcoins, or about $2,150. Once the payment is made, the attackers promise to redirect the victim to the decryption service.

This attack is still occurring, the post noted. On Monday, AppRiver had quarantined more than 5.6 million messages in the campaign. And there currently are no publicly shared methods to reverse this Locky strain, Gill wrote.

AppRiver recommends the following tips to protect your computer from ransomware attacks:

1. Run regular software and hardware updates. These updates often contain security patches to holes that ransomware and other malware variants exploit. Automatic software updates are the best option, but if not possible, then you should set up alerts for the newest updates. You should also set a max number of times they can “snooze” the alert.

2. Have layered, redundant security in place. Ransomware is often delivered via an email attachment or malvertisement on the web. By having email and web protection, you can prevent ransomware from ever entering your network.

3. Back up your files. A secure backup allows you to rid your network of malware and then restore your files, so you don’t have to pay a criminal and hope he keeps his word to un-encrypt your data.

For more tips on how to avoid and mitigate ransomware attacks, click here

www.scamsfakes.com

Henry Sapiecha

The top 10 extremely destructive ransomware attacks of 2017, to date

Ransomware variants NotPetya, WannaCry, and Locky are among those that wreaked havoc for businesses worldwide this year.

 

Laptop in a dark room with red skull and crossbones on glowing binary code screen background

www.scamsfakes.com

Ransomware continues to dominate the cybersecurity landscape in 2017, with businesses large and small paying millions of dollars to unlock encrypted files. These attacks appeared in 64% of all malicious emails sent in Q3, and with major successful campaigns such as NotPetya and WannaCry, show no signs of slowing down, according to a new report from security firm Webroot, released Tuesday.

“This past year was unlike anything we’ve ever seen,” David Dufour, vice president of engineering and cybersecurity at Webroot, said in a press release. “Attacks such as NotPetya and WannaCry were hijacking computers worldwide and spreading new infections through tried-and-true methods. This list is further evidence that cybercriminals will continue to exploit the same vulnerabilities in increasingly malicious ways. Although headlines have helped educate users on the devastating effects of ransomware, businesses and consumers need to follow basic cybersecurity standards to protect themselves.”

Here are the top 10 worst ransomware attacks of 2017 so far, according to Webroot:

1. NotPetya

NotPetya started as a fake Ukranian tax software update, and went on to infect hundreds of thousands of computers in more than 100 countries over the course of just a few days. This ransomware is a variant of Petya, but uses the same exploit behind WannaCry. It hit a number of firms in the US and caused major financial damage: For example, the attack cost pharmaceutical giant Merck more than $300 million in Q3 alone, and is on track to hit that amount again in Q4.

SEE: Cybersecurity spotlight: The ransomware battle (Tech Pro Research)

2. WannaCry

WannaCry (also known as WannaCrypt) has been one of the most devastating ransomware attacks in history, affecting several hundred thousand machines and crippling banks, law enforcement agencies, and other infrastructure. It was the first strain of ransomware to use EternalBlue, which exploits a vulnerability in Microsoft’s Server Message Block (SMB) protocol.

3. Locky

Locky is currently the top payload in terms of ransomware and across all malware families, according to a report from security firm Proofpoint. While Locky was 2016’s most popular ransomware strain, new variants called Diablo and Lukitus also surfaced this year, using the same phishing email attack vector to initiate their exploits.

4. CrySis

CrySis—typically spread by hacking into Remote Desktop Services and manually installing the ransomware—started last year in Australia and New Zealand. RDP is one of the most common ways to deploy ransomware, Webroot noted, because cybercriminals can compromise administrators and machines that control entire organizations. In May, some 200 master keys were released allowing victims to decrypt and unlock their systems, ZDNet reported.

5. Nemucod

The Nemucod ransomware family has been active since at least 2015, and arrives in the form of a phishing email that appears to be a shipping invoice. Then, it downloads malware and encryption components stored on compromised websites.

SEE: End user data backup policy (Tech Pro Research)

6. Jaff

Jaff arose in May 2017, and heavily mimics tactics used by Locky. It uses the Necurs botnet to send millions of spam emails to targets globally over just a few hours, and demands victims pay 1.79 Bitcoins—currently more than $6,000.

7. Spora

Spora ransomware is distributed when cybercriminals hack legitimate websites and add JavaScript code, making a pop-up alert appear that prompts users to update their Chrome browsers. Upon infection, the ransomware can steal credentials from victims, making money from both extorting ransoms and potentially selling the stolen information, as ZDNet noted.

8. Cerber

Cerber uses ransomware-as-a-service to allow non-technical cybercriminals to extort payments from victims, with the developers of the malware taking a cut of the money gained.

9. Cryptomix

Cryptomix is one of the few types of ransomware that does not have a type of payment portal available on the dark web, the report noted. Instead, victims must wait for the cybercriminals who locked their machine to email them instructions for payment in Bitcoin.

10. Jigsaw

Jigsaw, first seen in 2016, embeds an image of the clown from the Saw movies into a spam email. When the user clicks it, the ransomware encrypts their files, but also deletes files if the user takes too long to make the ransom payment of $150, according to Webroot.

To learn more about how your business can avoid ransomware attacks like these, click here.

MORE STUFF TO KNOW BELOW ABOUT SCAMS & RANSOMWARE

www.scamsfakes.com  

Henry Sapiecha

NATIONAL AFFAIRS 150 Australian jihadis pose terror threat if they return home: Julie Bishop

ABOUT 150 Australians are, or have been, fighting with Arab insurgents & Muslim Extremests in Syria and Iraq and pose a security threat if they return home, says Julie Bishop.

DO NOT ALLOW PEOPLE BACK INTO AUSTRALIA WHO CARRIED OUT ATTROCITIES IN SYRIA & IRAQ

The Foreign Minister’s warning came amid evidence convicted terrorist Khaled Sharrouf, who fled Australia earlier this year, has joined the Islamic State of Iraq and al-Sham’s uprising in northern Iraq.

As ISIS militants battle with Iraqi government troops, The Australian today revealed that Sharrouf — who left for Syria using his brother’s passport — was thought to be among the thousands of ISIS fighters swarming threatening Baghdad.

Intelligence agencies told Ms Bishop this morning that the cohort of about 150 Australian fighters “in Syria and beyond” initially supported “more moderate opposition groups” but are increasingly turning to “more extreme” groups such as ISIS.

“These are brutal people (in ISIS). The executions and the killings and their boasting of it on social media makes this a particularly virulent form of terrorism,” Ms Bishop told ABC Radio after the briefing.

“These people are so extreme that al-Qa’ida is even distancing itself from them.

“I had an intelligence briefing from our agencies this morning and our best estimate is that there are about 150 Australians … who have been or are still fighting with opposition groups in Syria and beyond.”

AUSSIE JIHADI: Joins Iraq conflict

ACTION: Calls to revoke radicals’ citizenship

Ms Bishop said she had cancelled numerous Australian passports belonging to suspected extremists and Australian intelligence agencies were working with regional partners to counter the threat posed by the fighters’ return.

“We are concerned that Australians are working with (these militants), becoming radicalised, learning the terrorist trade, and if they come back to Australia of course it poses a security threat and we’re doing what we can to identify them.”

Ms Bishop said it was an offence under Australian law to take part on either side of the Iraqi conflict, or support a listed terrorist organisation such as ISIS, with penalties of up to 25 years’ jail.

Tony Abbott said he was making preparations to ensure the safety of Australian personnel in Baghdad, should the Iraqi capital be attacked.

“It is a dangerous and difficult situation. You have a terrorist army consolidating its hold over a large swath of Iraq and Syria with the intention presumably of creating a terrorist state with dangerous and unpredictable consequences for the region and for the wider world,” Mr Abbott said.

“We are redoubling our vigilance at our borders to try to ensure that jihadists do not gain access to our country or are monitored if they have the right of access to this country.”

Immigration Minister Scott Morrison said he was able to cancel the visas of permanent residents suspected of fighting overseas, just as he cancelled the visa of Rebels Motorcycle Club president Alex “The Maltese Falcon” Vella last week.

“I’m not going to comment on any specific cases for obvious reasons, but Australians should know this — they’ve seen my decision in relation to another matter, Mr Vella, and they know what I do on character grounds more generally; so they’ll know I will act when I need to act, every time,” he told ABC TV.

Labor’s foreign affairs spokeswoman Tanya Plibersek described returning Australian fighters as a “very serious risk’’, and says she supports government efforts to stop the threat.

Overseas fighters returned well trained, radicalised, and with a “sick sort of street cred’’, she said.

“That allows them to convince other impressionable young people that perhaps going to fight is a good idea, or perhaps committing crimes here in Australia might be a good idea,’’ she said.

Ms Bishop, who has announced $5 million aid for refugees fleeing ISIS’s advance, conceded the Western and Iranian-backed government of Shia prime minister Nouri al-Maliki was “not a good” administration.

“It is the only government in place in Iraq at present. It’s not a good one and the problems between the Sunnis and the Shias are exacerbated by his manner of excluding them from the government.

“He’s now calling for national unity — that’s a start — we need to see a political solution because a military solution could be catastrophic.”

In the wake of authorities failing to stop Sharrouf from leaving Australia, the Independent National Security Legislation Monitor, Bret Walker SC, said there should be reporting requirements for those convicted of terror offences, and an associated national database established.

As The Australian reported in May, Sharrouf travelled to Syria with fellow Australian Mohamed Elomar, who is also believed to be fighting with ISIS. Elomar is the nephew of Mohamed Elomar, one of the ringleader’s of the 2005 Pendennis conspiracy. Sharrouf and Elomar Sr were convicted in the Pendennis trial. Sharrouf served three years and 11 months in jail for his role in the conspiracy, which saw 18 people convicted over a plot to attack targets in Sydney and Melbourne.

Before fleeing Australia, Sharrouf was facing charges relating to alleged weapons offences committed last year. His friends and family denied any knowledge of him fighting with ISIS, and claimed a Facebook account detailing Sharrouf’s activities in Iraq was a fake.

Additional Reporting: Paul Maley and Mark Schliebs

www.crimefiles.net

Henry Sapiecha

Malcolm Turnbull and Benjamin Netanyahu witness MOU on defence industry co-operation Australia & Israel

Jerusalem: The prime ministers of Australia and Israel have shared a warm bearhug and pledged deeper cooperation on cyber-security in the fight against global terror threats.

Mr Turnbull arrived in Jerusalem on Monday afternoon, local time, on a trip that had been delayed and truncated by the political fallout from the High Court’s dual citizenship ruling.

But there was no ill feeling on show at Benjamin Netanyahu’s headquarters, where he was welcomed by the Israeli prime minister pronouncing him “mishpacha” – family.

“Malcolm you are a true friend of Israel,” Mr Netanyahu said. “Our two nations understand each other in the deepest sense… and your personal commitment to Israel is absolutely clear.”

Mr Turnbull said it was a “long schlepp” from Australia but “it feels like family”.

“We are all fighting together against militant Islamist terrorism,” he said. “It’s a threat to Israel, it’s a threat to Australia and it’s a threat to all who value and cherish freedom.”

After two hours of meetings, including a one-on-one discussion then an official bilateral, the men witnessed the signing of a new memorandum of understanding on defence industry co-operation.

Mr Turnbull said they had spoken at length on the Islamist terror threat, and the role of technology in both enabling and fighting against it.

The prime ministers of Australia and Israel shared a warm bearhug and pledged deeper cooperation on cyber-security Photo: Dan Peled

Technology has “empowered individuals who seek to do us harm”, he said, and cyber security was more important than ever.

Israel is considered a cyber warfare superpower, alongside the US, Russia, China and the UK.

It accounts for 10 per cent of global sales of computer and network security technology.

But it also has significant offensive powers.

In October it emerged that in 2015 an Israeli security agency hacked into Russian antivirus firm Kaspersky, which enabled it to watch Russian spies as they worked to infiltrate sensitive US networks.

Israel was reported to have used cyber weapons to spy on the Iran nuclear negotiations in 2014 and 2015.

And Israel was reportedly behind the Stuxnet virus, dubbed the world’s first digital weapon, which was used to disrupt Iran’s uranium enrichment plants.

Last year Mr Turnbull announced a $230 million cyber security strategy, which would include an offensive capability to launch pre-emptive attacks on ‘cyber raiders’.

Mr Turnbull said Monday’s agreement would lead to closer collaboration between the two countries on cyber security.

“It is vitally important that we work more closely together, more of the time, to keep our people safe from terrorism,” he said.

A particular problem was the encrypted apps that terrorists used to communicate in secret, he said.

“We look forward to deeper collaboration on defence, particularly in the cyber domain,” he said.

After the meeting Mr Turnbull told media the two men had also discussed the Iran nuclear deal, which Israel opposes but Australia supports.

It has recently come under pressure from the US, where president Trump has disavowed but so far not scrapped the agreement.

Mr Turnbull said Australia “absolutely understand Israel’s very real concerns and anxieties about Iran moving to a nuclear weapons capability but we are not persuaded that moving away from the agreement … would be beneficial in preventing that type of proliferation.”

Asked on the state of domestic politics, Mr Turnbull denied it was in a state of turmoil after the High Court decision.

“The business of government goes on,” he said. “It’s business as usual.”

Asked if he’d had enough with politics, Mr Turnbull responded “I’ve never had more fun in my life.”

Henry Sapiecha

New USA Federal Requirements On Cellphone Surveillance

WASHINGTON (AP) — Federal law enforcement officials will be routinely required to get a search warrant before using secretive and intrusive cellphone-tracking technology under a new Justice Department policy announced Thursday.

The policy represents the first effort to create a uniform legal standard for federal authorities using equipment known as cell-site simulators, which tracks cellphones used by suspects.

It comes amid concerns from privacy groups and lawmakers that the technology, which is now widely used by local police departments, is infringing on privacy rights and is being used without proper accountability.

“The policy is really designed to address our practices, and to really try to promote transparency and consistency and accountability — all while being mindful of the public’s privacy interest,” Deputy Attorney General Sally Yates told reporters in announcing the policy change.

The policy applies only to federal agencies within the Justice Department and not, as some privacy advocates had hoped, to state and local law enforcement whose use of the equipment has stirred particular concern and scrutiny from local judges.

The technology — also known as a Stingray, a suitcase-sized device — can sweep up basic cellphone data from a neighborhood by tricking phones in the area to believe that it’s a cell tower, allowing it to identify unique subscriber numbers. The data is then transmitted to the police, helping them determine the location of a phone without the user even making a call or sending a text message.

The equipment used by the Justice Department does not collect the content of communications.

Even as federal law enforcement officials tout the technology as a vital tool to catch fugitives and kidnapping suspects, privacy groups have raised alarms about the secrecy surrounding its use and the collection of cellphone information of innocent bystanders who happen to be in a particular neighborhood or location.

In creating the new policy the Justice Department was mindful of those concerns and also sought to address inconsistent practices among different federal agencies and offices, Yates said.

“We understand that people have a concern about their private information, and particularly folks who are not the subjects or targets of investigations,” Yates said.

The new policy requires a warrant in most cases, except for emergencies like an immediate national security threat, as well as unspecified “exceptional circumstances.” The warrant applications are to set out how the technology will be used.

In addition, authorities will be required to delete data that’s been collected once they have the information they need, and are expected to provide training to employees.

The policy could act as a blueprint for state and local law enforcement agencies in developing their own regulations. But it’s unclear how broad an impact Thursday’s announcement will have, since it does not directly affect local police agencies unless they’re working alongside federal authorities on a case or relying on their assistance.

Use of the technology has spread widely among local police departments, who have been largely mum about their use of the technology and hesitant to disclose details — often withholding materials or heavily censoring documents that they do provide.

Local departments have faced scrutiny from judges about how they deploy the equipment, though agencies have often insisted that non-disclosure agreements with the FBI limit what they can say.

The FBI has said that while specific capabilities of the equipment are considered sensitive, it did not intend for the agreements to prevent the police from disclosing to a court that the equipment was used in a particular case. Yates said she expected the FBI to revise any such agreements to be more transparent.

The American Civil Liberties Union called the policy a good first step, but expressed disappointment that it did not cover federal agencies outside the Justice Department or local police who use federal funds to purchase the surveillance equipment. It called on the Justice Department to close remaining loopholes, such as the one allowing for warrantless surveillance under undefined “exceptional circumstances.”

“After decades of secrecy in which the government hid this surveillance technology from courts, defense lawyers, and the American public, we are happy to see that the Justice Department is now willing to openly discuss its policies,” ACLU lawyer Nathan Freed Wessler said in a statement.

Nate Cardozo, a staff attorney with the Electronic Frontier Foundation, a privacy group, praised the policy as an important step, though he said he suspected Justice Department attorneys saw “the writing on the wall” and recognized that judges would increasingly begin requiring warrants.

Though the policy does not require local police to follow the lead of federal agencies, “this is going to let the air out of state law enforcement’s argument that a warrant shouldn’t be required.”

“We think that given the power of cell-site simulators and the sort of information that they can collect — not just from the target but from every innocent cellphone user in the area — a warrant based on probable cause is required by the Fourth Amendment,” Cardozo said.

Henry Sapiecha

NYPD Has Used Cell Tracking Technology around 1,000 Times Since 2008

The New York Police Department has used secretive cellphone tracking technology more than 1,000 times since 2008, according to data released Thursday by the New York Civil Liberties Union.

A cell-site simulator, also known as a Stingray, is a suitcase-sized device that can sweep up basic cellphone data from a neighborhood by tricking phones into believing it’s a cell tower, allowing it to identify unique subscriber numbers. The data are then transmitted to the police, helping them determine the location of a phone without the user even making a call or sending a text message.

Police records show the technology has helped catch suspects in kidnappings, rapes, robberies, assaults and murders. Missing people have been discovered. In some cases, no arrest was made or the phone was located but had been ditched. Officers with warrant squads, robbery squads and homicide units all used the technology, according to the records.

Federal law enforcement in September said it would be routinely required to get a search warrant before using the technology — a first effort to create a uniform legal standard for federal authorities. But the policy applies only to federal agencies within the Justice Department and not, as some privacy advocates had hoped, to state and local law enforcement whose use of the equipment has stirred particular concern and scrutiny from local judges. The NYPD would be required to get a warrant if the investigation was a joint effort with federal officials.

The NYPD said it has no written policy for use of the technology, according to the records released by the NYCLU, but general practice is to obtain a “pen register order” — a court order with a lower standard than a warrant.

Larry Byrne, the deputy commissioner of the police department’s legal bureau, said police only use the Stingray technology to retrieve cellphone numbers of calls to and from a particular phone, not the content of those communications. He said it was used only after a detective, appearing alongside an assistant district attorney, persuaded a state judge to grant the court order.

The civil liberties union urged the department to create a strict policy on use of the technology and to obtain a warrant.

“New Yorkers have very real concerns about the NYPD’s adoption of intrusive surveillance technology,” NYCLU Senior Staff Attorney Mariko Hirose said in a statement. “The NYPD should at minimum obtain warrants before using Stingrays to protect the privacy of innocent people.”

The police have already been adhering to the higher legal standard used by federal law enforcement when applying for a court order, even though state law requires the police present less, said Byrne, who added his office would put the policy in writing.

“Our practice is consistent with what the FBI and the other federal agencies now do,” he said.

The NYCLU requested documents under the Freedom of Information Law and received the first round of information that it asked for in November. Last year, the NYCLU released records showing the Erie County sheriff’s office used Stingrays 47 times in the past four years and indicating that the office obtained a pen register order only once, the agency said.

www.crimefiles.net

www.policesearch.net

www.freephonelink.net

Henry Sapiecha

FBI Couldn’t Access Almost 7K Devices Because Of Encryption

The FBI hasn’t been able to retrieve data from more than half of the mobile devices it tried to access in less than a year, FBI Director Christopher Wray said Sunday, turning up the heat on a debate between technology companies and law enforcement officials trying to recover encrypted communications.

In the first 11 months of the fiscal year, federal agents were unable to access the content of more than 6,900 mobile devices, Wray said in a speech at the International Association of Chiefs of Police conference in Philadelphia.

“To put it mildly, this is a huge, huge problem,” Wray said. “It impacts investigations across the board—narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation.”

The FBI and other  have long complained about being unable to unlock and recover evidence from cellphones and other devices seized from suspects even if they have a warrant, while technology companies have insisted they must protect customers’ digital privacy.

The long-simmering debate was on display in 2016, when the Justice Department tried to force Apple to unlock an encrypted cellphone used by a gunman in a terrorist attack in San Bernardino, California. The department eventually relented after the FBI said it paid an unidentified vendor who provided a tool to unlock the phone and no longer needed Apple’s assistance, avoiding a court showdown.

The Justice Department under President Donald Trump has suggested it will be aggressive in seeking access to encrypted information from . But in a recent speech, Deputy Attorney General Rod Rosenstein stopped short of saying exactly what action it might take.

“I get it, there’s a balance that needs to be struck between encryption and the importance of giving us the tools we need to keep the public safe,” Wray said.

In a wide-ranging speech to hundreds of police leaders from across the globe, Wray also touted the FBI’s partnerships with local and federal law enforcement agencies to combat terrorism and violent crime.

“The threats that we face keep accumulating, they are complex, they are varied,” Wray said, describing threats from foreign terror organizations and homegrown extremists.

Wray also decried a potential “blind spot” for intelligence gathering if Congress doesn’t reauthorize an intelligence surveillance law set to expire at the end of the year. The Foreign Intelligence Surveillance Act allows the government to collect information about militants, people suspected of cybercrimes or proliferation of weapons of mass destruction, and other foreign targets outside the United States. Intelligence and law enforcement officials say the act is vital to national security.

A section of the act permits the government, under the oversight of the Foreign Intelligence Surveillance Court, to target non-Americans outside the United States.

“If it doesn’t get renewed or reauthorized, essentially in the form that it already is, we’re about to get another blind spot,” Wray said

Henry Sapiecha