Lavrov Roasts American Liberal Hawk Michael McFaul: His "If" Questions A...

U.S., Russia clash over Ukraine at UN Security Council meeting

MEUTE - Peace

CONCERNED ENOUGH . . .

Privacy Advocates, Lawmakers Concerned About IRS's Facial Recognition Plan

“No one should be forced to submit to facial recognition as a condition of accessing essential government services," said Sen. Ron Wyden.

By Mary Papenfuss Trends Reporter, HuffPost

HuffPost |

2014 UKRAINE RE-PLAY REWIND: NeoCon Victoria Nuland

Intro: There must be a "7-Year Itch" thing to this re-amplified retread, but at least one comment out of 1,023 hit it all on-the-head:

Moral of the story is '''Always beware of Americans with cookies promising Freedumb and Democrazy''

 

31 Jan, 2022 10:04

US has secret weapon against Russia – Nuland

    

If Washington discloses its sanctions in advance, Moscow will take steps to get around them, a top officials warns

RT International |

By Jonny Tickle

"The US is to keep its planned sanctions against Russia completely secret, so Moscow doesn’t have the opportunity to mitigate them in advance, a senior American official said on Sunday.

Speaking to CBS, US Under Secretary of State Victoria Nuland explained that Washington was working on a set of measures that would be imposed were Russia to invade Ukraine, but would not be letting the Kremlin know what they were beforehand.

“With regard to this package of sanctions … deterrence is best when there’s a little bit of strategic ambiguity around exactly what we are going to do,” Nuland explained. “So, we’ve said financial measures, we’ve said export controls, we’ve said new sanctions on Russian elites. But if we put them on the table now, then Russia will be able to start mitigating, and that doesn’t make any sense to us.”

Nuland’s statement came as a group of US lawmakers from both the Democratic and Republican parties, led by Senator Bob Menendez (D-NJ), reported that they were close to agreeing on a set of sanctions that could be implemented immediately after any Russian invasion.

READ MORE: EU split over plan for colossal sanctions against Russia – media

According to Washington, the package of measures is designed to deter Russia from considering a military incursion into Ukraine. Moscow stands accused of placing 100,000 troops on the border, with some alleging it is planning an attack. This claim has been repeatedly denied by the Kremlin and played down by Ukrainian President Volodymyr Zelensky.

Reports have suggested the sanctions will focus on Russian banks and the export and import of certain goods. The US has also been working with the EU to develop a multilateral response that could take aim at the energy industry.

“We are working intensively with Congress on this piece of legislation that we expect will be very well aligned with what we are building with our NATO allies and partners,” Nuland said."

Source: https://www.rt.com/russia/547807-us-keep-sanctions-secret/ 

====================================================

RELATED CONTENT ON THIS BLOG

Ukraine on Fire | Victoria Nuland and Geoffrey Pyatt phone call

This is early February 2014
Phone call intercepted between Conservative Republicans Victoria Neuland and Ambassador Geoffrey - who are 'interfering in the election' by essentially selecting who will be-in-charge,
Guy named YAZ for short ... Let's cut through the current bullshit

Published on Jun 28, 2017

 

 

Markets: Rough Month Ends on High Note

BLEEPING COMPUTER: Active Threats + Current Vulnerabilities

NOTE: With the addition of these eight vulnerabilities, there is now a total of 351 exploited vulnerabilities listed in CISA's Known Exploited Vulnerabilities Catalog.

CISA adds 8 vulnerabilities to list of actively exploited bugs

Bill Toulas

BleepingComputer |

The US Cybersecurity & Infrastructure Security Agency (CISA) has added eight more flaws to its catalog of exploited vulnerabilities that are known to be used in attacks, and they're a mix of old and new.

The goal of publishing these vulnerabilities is to raise awareness and remind federal organizations of their obligation to apply security updates by a specified strict deadline.

As all of the vulnerabilities in the catalog are leveraged in active threats and current cyber-attacks, they carry a significant risk to organizations, allowing the takeover of mobile devices, network access, the ability to execute commands remotely.

The eight flaws added by CISA last week are listed below:

CVE ID	Description	Patch Deadline
CVE-2022-22587	Apple IOMobileFrameBuffer Memory Corruption Vulnerability	2/11/2022
CVE-2021-20038	SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability	2/11/2022
CVE-2014-7169	GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability	7/28/2022
CVE-2014-6271	GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability	7/28/2022
CVE-2020-0787	Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability	7/28/2022
CVE-2014-1776	Microsoft Internet Explorer Use-After-Free Vulnerability	7/28/2022
CVE-2020-5722	Grandstream Networks UCM6200 Series SQL Injection Vulnerability	7/28/2022
CVE-2017-5689	Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability	7/28/2022

The most recent vulnerability, CVE-2022-22587, was discovered in 2022 and is a memory corruption flaw in the IOMobileFrameBuffer affecting iOS, iPadOS, and macOS "Monterey."

Apple released a security update to fix the zero-day last Wednesday, warning that it is actively exploited in attacks. Due to the potential impact of this vulnerability on devices with wide circulation, CISA has given federal agencies until February 11, 2022, to apply the security updates.

CISA also added the CVE-2021-20038 vulnerability affecting SonicWall SMA 100 Appliances after it was discovered that threat actors were actively scanning for and attempting to exploit the vulnerability. As a result, CISA also requires agencies to patch this bug by February 11, 2022.

Some attempts itw on CVE-2021-20038 (SonicWall SMA RCE). Also some password spraying of default passwords from the past few days

Remember to update AND change default passwords :) pic.twitter.com/WyDIXVKb4m

— Rich Warren (@buffaloverflow) January 24, 2022

Of the older flaws, CVE-2013-6271 holds special significance for being a reliable long-term intrusion channel for adversaries.

It surfaced again via the 'Sea Turtle' campaign, which took place between 2017 and 2019, being among a set of flaws exploited in the context of global-scale sophisticated DNS hijacking attacks.

It appears that many system administrators still find it practically challenging to apply the fixing updates after almost eight years since they were first made publicly available.

With the addition of these eight vulnerabilities, there is now a total of 351 exploited vulnerabilities listed in CISA's Known Exploited Vulnerabilities Catalog

Security

Over 20,000 data center management systems exposed to hackers

Researchers have found over 20,000 instances of publicly exposed data center infrastructure management (DCIM) software that monitor devices, HVAC control systems, and power distribution units, which could be used for a range of catastrophic attacks.

• Bill Toulas
• January 29, 2022
• 11:08 AM
• 0

 

Latest Articles

• 
  Security

  QNAP: DeadBolt ransomware exploits a bug patched in December

  Taiwan-based network-attached storage (NAS) maker QNAP urges customers to enable firmware auto-updating on their devices to defend against active attacks.

  • Sergiu Gatlan
  • January 31, 2022
  • 02:28 PM
  • 0 

Microsoft, Security

Microsoft Office 365 to add better protection for priority accounts

Microsoft is working on updating Microsoft Defender for Office 365 with differentiated protection for enterprise accounts tagged as critical for an organization (i.e., accounts of high-profile employees including executive-level managers, the ones most often targeted by attackers).

• Sergiu Gatlan
• January 31, 2022
• 12:17 PM
• 0

Security

Russian 'Gamaredon' hackers use 8 new malware payloads in attacks

The Russia-linked hackers known as 'Gamaredon' (aka Armageddon or Shuckworm) were spotted deploying eight custom binaries in cyber-espionage operations against Ukrainian entities.

• Bill Toulas
• January 31, 2022
• 11:14 AM
• 1

Security

277,000 routers exposed to Eternal Silence attacks via UPnP

A malicious campaign known as 'Eternal Silence' is abusing Universal Plug and Play (UPnP) turns your router into a proxy server used to launch malicious attacks while hiding the location of the threat actors.

• Bill Toulas
• January 31, 2022
• 10:40 AM
• 0 

Security

Researchers use GPU fingerprinting to track users online

A team of researchers from French, Israeli, and Australian universities has explored the possibility of using people's GPUs to create unique fingerprints and use them for persistent web tracking.

• Bill Toulas
• January 30, 2022
• 10:12 AM
• 0

Security

FTC: Americans lost $770 million from social media fraud surge

Americans are increasingly targeted by scammers on social media, according to tens of thousands of reports received by the US Federal Trade Commission (FTC) in 2021.

• Sergiu Gatlan
• January 30, 2022
• 10:00 AM
• 0