Sunday, May 3, 2020

Is it true that Rwandese army is in North kivu and south Kivu?

"Presence of Rwandan military" in eastern DRC: decryption of the silence of F. Tshisekedi and ambiguous words from J. Makelele Makelele
May 3, 2020
For weeks, months, despite the continuing rumors of the presence of Rwandan military in the provinces of North and South Kivu, the people of these lands have been waiting for the reaction of the DRC from above. Recently, some have even mentioned the "invasion" of Congolese territory by the Rwandan army. Kinshasa stayed inaudible. Or almost.
" With respect to the security situation following the restrictions taken following the proclamation of the state of health emergency, the Head of State invited the Government and all the services concerned to double vigilance, both inside and at our borders, to prevent any attempt to disturb public order and illegal foray into our territory whose borders remain closed to the passage of people. " (Report of the extraordinary meeting of the Council of Ministers of 17 April 2020). " Underground Incursion ": from where? Who is he referring to? We won't know any more. Unfortunately. Something to exacerbate.
The "investigation" that finally makes it react...
In these Meanwhile, Sonia Rolley publishes the results of her "investigation" of the alleged presence of the Rwandan army in both Kivu. A careful reading of this "survey" is enough to identify methodological weaknesses. That doesn't matter. In the background, what about the advanced facts? In Kinshasa, as if a instructions were given, it is indifference or what is similar to it. Contact by RFI, to give the official version, the Minister of Communication and Media, Government spokesperson, jolino Makelele, wants to be almost silent.
Better late than never. On 30 April 2020, the authorized voice of the Government explains on Top Congo radio: " There are no foreign troops in the proper sense of the term, that is, an organized army that comes with targeted well determined on Congolese soil ", he said. And to continue: " We can find ourselves in the face of elements of foreign troops, but there is no confirmation that these troops are indeed neighbours and that they have come with a clear mission. So we have to complete our investigations first. "
One thing is to say whether or not there are any Rwandan military in the eastern part of the country. Another to explain the reasons. Either Rwandan troops have been invited. Either they crossed the national border without being invited by the Congolese State. This would be a violation of territorial integrity, or even an act of aggression. We understand the discomfort in the Makelele's speech. "Not all truth is good to say".
One doubt: the words of the Government's spokesperson have not calmed the minds of the millions of Congolese people forced to drink until the bond of security problems in the eastern part of the country. On the contrary. Because, a few days earlier, on April 27, Paul Kagame said that " There is not a single soldier of the Rwandan Defense Forces who went to this territory.
Not a single one. The government of the Democratic Republic of the Congo knows the facts. He knows that the Rwandan Defense Forces are not out there. ". If it is true that the Congolese Government " knows it ", why doesn't he explain it easily and quickly to crush the rumors and Turn off the counter-truths?
We expected the reaction of President Tshisekedi, new ally of Paul Kagame. In vain. To this day. Under the leadership of the two leaders, the DRC and Rwanda resumed their military cooperation last year.
As such, " We also gave information to the Congolese government and they started to act on the basis of some of the information we gave them, because they had the opportunity to check it and see what grew in the North Kivu. And they started operations against these groups such as FDLR and others, because they have multiple names ", added the President of Rwanda on 27 April. From sharing military intelligence to participating in operations, there is no ten thousand steps.
Two hypotheses...
Two hypotheses about the silence of President Tshisekedi and the ambiguous words of jolino Makelele. Either Congolese intelligence services have a lack of speed in the collection, ranking, processing and transmission of data to the decision maker on the security situation in the eastern part of the country.
Either this data has indeed been passed on to the decision maker whose confusion would be the basis of the aphonia and the ambiguity of the executive authority. The second hypothesis seems more likely to me. Because explicit recognition of the presence of Rwandan troops in Kivu or not to admit it clearly would not be without negative consequences for the Head of State.
To admit the presence of the Rwandan troops requires clarification of the Agreement between the two countries. Problem: the President of the Republic will have to prove that this matter is being submitted to the Council of Ministers and brought to the attention of both houses of Parliament. What reality is insane.
In addition, in view of the UN Security Council's sanctions regime to combat the institutionalization of armed violence in the DRC, the Congolese Government is required to notify the UN Sanctions Committee in advance of " arms delivery and related material, or to the provision of assistance or staff " (Resolution 2293, para. 3, point d of the United Nations Security Council).
Kinshasa is thus required to be transparent. In this connection, the's Non-aggression and mutual defence protocol provides: " Member States shall promote and strengthen their mutual defence by creating a climate of trust and good faith between themselves and their peoples through policy making, measures and mechanisms to strengthen good-neighborhood relations and multisectoral cooperation. " (Article 6 (5)).
This requires giving or procrastinating information to people and dialogue with them on facts that they can observe directly and understand without a sudden difficulty. Unfortunately, neither silence nor ambiguity contribute to the trust of Congolese people in the official speech on the presence of Rwandan military in the eastern DRC.
On the other hand, not specifically recognize the presence of Rwandan military in Kivu, it is, for the President of the Republic, exposing himself to the perseverance of the historical truth. Indeed, the United Nations Group of Experts on the DRC is expected to submit to the UN Security Council by 15 June 2020 its final report of investigations launched in August 2019 under the Resolution 2478 of 26 June 2019.
In its mid-term report to the Security Council in December 2019, the group of experts reported, among other things, the presence of Burundian troops in South Kivu. This, by waving the evidence provided by the Congolese side.

Saturday, May 2, 2020

A novel approach to hacking can allow cybercriminals to exploit biometric identifiers such as voices and faces along with device identifiers to steal information and pinpoint a user's location,

A novel approach to hacking can allow cybercriminals to exploit biometric identifiers such as voices and faces along with device identifiers to steal information and pinpoint a user's location, it was revealed in a study.
Devices such as smartphones and internet-of-things (IoT) devices could allow cybercriminals to identify people using a combination of biometric and WiFi MAC addresses, to expose up to 70 percent of device identifiers, according to a new study.
The study " Nowhere to Hide: Cross-modal Identity Leakage between Biometrics and Devices", was researched by academics from New York University, University of Liverpool, The Chinese University of Hong Kong and University at Buffalo SUNY. Findings were presented at the Web Conference 2020 in Taipei last week.
— Sophia McCavanaugh (@SMcCavanaugh) April 28, 2020
"The attacker can be either insider like co-workers who share the same office with victims or outsiders who use their laptops to eavesdrop random victims in a coffee shop. So launching such an attack is not difficult, considering multi-modal IoT devices are very small and can be disguised well, like a spy camera with Wi-Fi sniffing function. All in all, there is little setup effort on the side of the attacker," University of Liverpool assistant professor, Chris Xiaoxuan Lu,
told The Hacker News .
Researchers used a Raspberry Pi with an audio recorder, 8 megapixel camera and WiFi device capable of detecting device IDs on WiFi networks. The experiment determined that such devices could find individuals within a crowd of people.
— Norton (@Norton) January 22, 2020
Using encryption programmes like virtual private networks (VPNs) can help while working in public spaces, but strong countermeasures were needed, the researchers added.
"Avoid connecting Wi-Fi to public wireless networks as it leaves your underlying Wi-Fi MAC address exposed. Don't allow multi-modal IoT devices (such as smart doorbell or voice assistants) to monitor you 24/7, because they send data back to third parties with no transparency to you, and they can be easily hacked and can compromise your ID in multiple dimensions," Xiaoxuan Lu said.
The news comes after a survey conducted in 2019 revealed that 7 out of 10 organisations had reported successful or attempted system breaches to IoT devices, with the survey probing the opinions of 540 IT professionals on network security, revealing that organisations lacked confidence in network security and underestimated insider threats.
European firms adopting IoT devices has almost reached levels in North America, with 83 percent in the former deploying such tools compared to 85 percent compared to the latter, the survey found.

Two Rifle Manufacturing firms will compete for each order of a more than $383 million US Army contract to provide M16A4 rifles to Afghanistan, Grenada, Iraq, Lebanon, and Nepal


FN America and Colt's Manufacturing will compete for each order of a more than $383 million US Army contract to provide M16A4 rifles to Afghanistan, Grenada, Iraq, Lebanon, and Nepal, the Department of Defence said in a press release.
"FN America of Columbia, South Carolina and Colt's Manufacturing Company of West Hartford, Connecticut will compete for each order of the $383,311,941 ...contract to provide M16A4 rifles for Foreign Military Sales (Afghanistan, Grenada, Iraq, Lebanon, and Nepal)", the release stated on Wednesday.
Fabrique Nationale Herstal, also known as FN, is a leading firearms manufacturer in Belgium and is currently the largest exporter of military small arms in Europe, according to published reports.
Colt's Manufacturing Company is a US firearms manufacturer that traces its origins back to 1836, founded by Samuel Colt.
On 29 April, General Electric Aviation won $707 million for F110 engine production, including installs and spares and modernized engine management system computers. The engines are to be exported to Slovakia, Bulgaria, Taiwan, and Qatar, according to the US Department of Defence.

US army has wrapped up the final test of its Lockheed Martin next generation long range missiles



Lockheed Martin’s Precision Strike Missile (PrSM) has completed its third and final flight demonstration, as the US Army looks to replace its Army Tactical Missile System (ATACMS) with a weapon possessing a range previously prohibited under the expired Intermediate-Range Nuclear Forces (INF) Treaty.
“Today’s PrSM test, a highly stressful short-range shot, represents the third successful flight test proving the effectiveness, survivability and reliability of the tactical baseline missile,” Gaylia Campbell, vice president of Precision Fires and Combat Maneuver Systems at Lockheed Martin Missiles and Fire Control, said in an April 30 news release from the defense contractor.
The missile was launched out of the Lockheed-made High Mobility Artillery Rocket System (HIMARS) on Thursday morning at White Sands Missile Range in New Mexico and was reported to have flown some 85 kilometers to a target area, demonstrating a “highly accurate and lethal warhead event.”
Lockheed’s PrSM was required to complete a variety of tasks during the April 30 test, including those related to the confirmation of flight trajectory, overall missile performance and HIMARS launcher integration.
Thursday’s test was conducted as a demonstration of the next-gen weapon’s short-range capabilities. Previous tests examined the PrSM at target ranges of 240 kilometers and 180 kilometers.
“All objectives were achieved in the third and final flight demonstration as part of the Technology Maturation and Risk Reduction phase of the program,” the release read. “Today's flawless performance follows a highly accurate inaugural flight last December and equally successful March 10 test event.”
Raytheon revealed its exit from the competition for the missile contract in a March 25 company statement, but also noted that solutions had been found to technical issues that previously plagued its entry, dubbed DeepStrike. At the time, Lockheed had completed two successful tests, while Raytheon missed its inaugural test flight in December 2019 and was unable to recover and conduct a demonstration for the Army.
“Although we remain confident in our resolution to the technical issue that delayed our DeepStrike flight test, the Army and Raytheon have mutually come to the decision to conclude our participation in the PrSM Technology Maturation and Risk Reduction phase,” the defense contractor announced in the
statement provided to Defense News .
Despite Raytheon’s departure leaving Lockheed Martin as the only competitor for the missile contract, the Army has not slated the PrSM for fielding until 2023. Until then, a number of improvements will be made to the base missile developed by Lockheed Martin, which will have capabilities added to enhance its lethality and range - in that order - and additional industry competitions will be held.
Brig. Gen. John Rafferty, the Army’s Long Range Precision Fires cross-functional team director, told Defense News that the PrSM will have to be versatile, as it is expected to be utilized in multiple theaters.
“The early capability is against long-range artillery and integrated air defense systems,” he said “As you integrate the seeker technology, it gives you the ability to go after the mini-targets. Those mini-targets can be maritime in the Pacific; those mini-targets can be fire control radars [and airfields] in the European scenario.”
With the Russia-US INF Treaty no more due to Washington’s withdrawal from the agreement in August 2019, the US is expected to possibly increase the maximum range of the PrSM past the previously prohibited 499-kilometer mark, according to the outlet.
For now, however, the Army is looking at lessening the target range even further in the next flight test to get a better read on the weapon’s performance. Lockheed Martin will proceed with the next phase of the program and conduct another trio of tests once it receives its anticipated contract award from the service.

Lockheed Martin has won more than $6 billion to produce interceptors


Lockheed Martin has won more than $6 billion to produce interceptors and other equipment for the Patriot anti-aircraft and anti-missile defence system, the US Department of Defence said in a press release.
"Lockheed Martin Corporation of Grand Prairie, Texas, was awarded a $6,068,344,959 firm-fixed-price contract ...to produce Phased Array Tracking Radar to Intercept on Target Advanced Capability-3 missiles, missile segment enhancement configuration and associated ground support equipment and spares", the release said on Thursday.
The contract also includes incidental services, hardware, facilities, equipment, and all technical, manufacturing and testing efforts, missile segment enhancement configuration, and associated equipment, the Defence Department added.
Work on the contract will continue over the next seven years with an estimated completion date of 2027 in Huntsville, Alabama; Camden, Arkansas; Ocala, Florida; Chelmsford, Massachusetts; Grand Prairie and Lufkin, Texas; and Archbald, Pennsylvania, the release said.
On 1 April, Lockheed Martin was awarded a contract worth more than $818 million to produce 790 Joint Air-to-Surface Standoff Missiles (JASSM).

Kim Jong Un is not dead!


Kim Jong-un's well-being has been a matter of speculation over the past several weeks as the North Korean leader has been conspicuously absent from public events which led to rumours that he was either ill or even dead.
A video of North Korean leader Kim Jong-un inspecting a fertiliser plant in Sunchon after his several-week absence from public functions has been shared by the Korean Central News Agency.
In the footage, the supreme leader is seen cheered by locals in face masks outside of the plant, waving flowers and flags. Kim himself was filmed talking with top officials, seemingly in good health and spirits. Notably, none of them was wearing any facial protection.
May 2, 2020
He was also seen examining a machine installed in the plant and giving instructions to officials who escorted the chairman. Kim, a habitual smoker, was also spotted with a cigarette during a meeting at the facility.
Kim's previous public appearance took place on 12 April and his several-week-long absence, coupled with reports that he had been undergoing treatment following a heart-related surgery, fuelled rumours that he was gravely ill or even dead.

Android ransomware found extorting credit card information

Ransomware has long been one of the infamous malware types out there, perhaps due to the payday that it brings in. This has incentivized hackers to add such functionality to existing malware programs and this time Android ransomware is targeting unsuspecting users.
One such example is of the Black Rose Lucy malware family which was discovered in 2018 serving as a botnet and a dropper. Since then though, it has added ransomware capabilities targeting Android devices as discovered by researchers at Checkpoint.
See: How To Prevent Growing Issue of Encryption Based Malware (Ransomware)
Once Lucy infects a device, it starts by encrypting all the data on it and then displays a ransom note in the browser. The note claiming to be from the FBI scares the victim into believing that they have been found possessing pornographic material on the device which leads to a range of criminal offenses.
Furthermore, it states that their details have been sent to the FBI Cyber Crime Department’s Data Center and they should pay a sum of $500 as a fine.


A snapshot of the ransom note

A unique aspect emerging from this is that the payment is demanded by a request of credit card details rather than the usual method of receiving money via anonymity centric cryptocurrencies like Monero or
Bitcoin .
Featuring 4 encrypted C2 servers as a part of its code; these can be used by the malicious program to receive commands performing a range of tasks including but not limited to:
Making a phone call on any number specified.
Letting the server know of all installed applications on the device.
Opening a remote shell on the device which can let the attackers control the device remotely and also gain administrator privileges.
Deleting the malware itself.
How Lucy manages to infiltrate a smartphone is by abusing Android’s in-built accessibility features. As the researchers explain in a blog post,
Thereby, posing as a legitimate video application, the malware is installed without any user action making the process seamlessly smooth.

To add to this, 80 samples related to Lucy were found to be distributed through social media & instant messaging apps. The names of these apps aren’t known as of yet.
Concluding, this is one of the few smartphone ransomware that have been seen currently in the cybersecurity world with the majority usually aimed at larger computer systems . Hence, it would be just to say that this hints towards another trend arising that would haunt the world of smartphones soon.
This, however, is not the first time that Android users have been targeted by ransomware. Last year, ransomware was found infecting devices through pornographic posts . The list of ransomware infections against Android devices is never-ending.
To protect yourself, refrain from downloading any file regardless of its format from an unreputable source on your phone and also install a good anti-malware program alongside .

EventBot malware has ability to steal your bank,credit card details

EventBot malware has been active since March 2020.

Being a major mobile platform, Android is frequently targeted by hackers because of the lucrative benefits associated with it. That’s one major reason Android users normally find themselves coming across new types of malware built for the platform almost everyday.
Such is the case of a recent report by the Cybereason Nocturnus team who has discovered a new type of android Malware dubbed EventBot first seeing it in March 2020. To continuously accomplish its purpose, the attackers behind this malware have been releasing new versions with improvements & increased functionality over time. Currently, 4 of these were found named Version 0.0.0.1, 0.0.0.2, and 0.3.0.1 and 0.4.0.1.
The malware is believed to be a banking trojan and infostealer that exfiltrates important financial data from over 200 banking and cryptocurrency apps. This data is comprised of personal data, passwords, keystrokes, and banking information among others allowing EventBot to hijack transactions.
The targeted apps include the likes of PayPal, Coinbase, Barclays, Santander UK, and HSBC UK, among others, pointing to the fact that the majority of them are based in the United States & Europe in countries such as Italy, the UK, Spain, Switzerland, France, and Germany.
New Android malware targets over 200 top financial apps
Complete list of the apps targeted by EventBot (Via Cybereason)
EventBot uses different techniques to gain unauthorized access. Firstly for it to get installed on the victim’s device, it poses as a legitimate application on different third-party app stores. Unsuspecting users download these leading to the malware gaining a hold on their device.
New Android malware targets over 200 top financial apps
Some icons of the apps it has been imitating (Via Cybereason)
Once installed, it asks for permissions that it does not need including but not limited to accessing accessibility features, reading from external storage, letting the app run & use data in the background, allowing it to install packages & open network sockets, and open & read text messages. The lattermost permission also allows it to bypass two-factor authentication (2FA).
New Android malware targets over 200 top financial apps
An example of one such permission request (Via Cybereason)
All of these then allow EventBot to function unhindered as a keylogger collecting data from any open windows and other applications. To send the collected data back to the attackers, it also downloads C2 server URLs with the data sent is encrypted using Base64, RC4, and Curve25519 depending on the respective version currently operating.
Concluding, coming to the question of attribution, Cybereason said in its blog post that they could not find any sources connected to it on “underground communities”. One reason may be that EventBot is “still undergoing development and has not been officially marketed or released yet.”
For Android users who may be concerned, as evident, the easiest way to avoid being infected is to not install apps through third-party stores and stick to Google's playstore. Moreover, EventBot should not be underestimated because as in the words of the researchers themselves,
This brand new malware has real potential to become the next big mobile malware, as it is under constant iterative improvements, abuses a critical operating system feature, and targets financial applications.

The Five Eyes intelligence agencies of the US, the UK, New Zealand, and Australia have allegedly accused China of scrapping evidence of the coronavirus outbreak,

The Five Eyes intelligence agencies of the US, the UK, New Zealand, and Australia have allegedly accused China of scrapping evidence of the coronavirus outbreak, in what they claim amounts to an “assault on international democracy”.
In a 15-page research dossier,obtained by daily telegraph, the Five Eyes painted an alleged picture of “how the Chinese government deliberately covered up the coronavirus by […] destroying evidence from the Wuhan laboratory and refusing to provide live virus samples to international scientists working on a vaccine”, according to the Australian newspaper.
The dossier also claimed that Chinese authorities denied COVID19 could be spread between humans until 20 January, “despite evidence of human-human transmission from early December”. The Five Eyes also blame the World Health Organisation (WHO) for supporting Beijing’s stance.
The accusations come after Australian Prime Minister Scott Morrison told reporters on Friday that Canberra “has nothing” in terms of evidence to support speculations that the covid19 outbreak came from a Chinese lab late last year.
Morrison added that although “we know it [the outbreak] started” in China’s Wuhan, and “the most likely scenario that has been canvassed relates to wildlife wet markets”, it is “a matter that would have to be thoroughly assessed”.

Trump Says He ‘Hasn’t Seen’ Intel Statement on COVID-19 Origin

The remarks followed US President Donald Trump saying during Thursday’s press briefing that he “hasn’t seen the statement" by the office of Acting Director of National Intelligence Richard Grenell which, in particular, read that “the Intelligence Community […] concurs with the wide scientific consensus that the covid19 virus was not manmade or genetically modified”.
The office was previously echoed by chairman of the US Joint Chiefs of Staff, General Mark Milley, who stated that the country’s intelligence community agreed that the coronavirus was a natural pandemic and not linked to the laboratory facility in Wuhan, adding, however, that “we do not know for sure".
This came after WHO epidemiologist Maria van Kerkhove said earlier in April that China's upward revision of its coronavirus death toll is "an attempt to leave no case undocumented".
Health authorities in Wuhan, the very epicentre of the pandemic, revised the local death toll upward by 50%, to 3,869 from the earlier reported 1,290, thus acknowledging that they had not counted many fatalities, including people who died at home or in detention centres.
In a separate development in April, Trump withdrew the new funding of WHO after accusing the body of conspiring with China to conceal the real state of affairs about the coronavirus.
China has vehemently dismissed allegations that it reacted too slowly, or tried to cover up the initial outbreak of the coronavirus on its soil. In early April, Chinese Foreign Ministry spokeswoman Hua Chunying told reporters that “the comments made by those US politicians are just shameless and morally repulsive; they should abandon such politicising of public health issues".

China commences a mega 5G project on Mount Everest

Despite the ongoing US crackdown on Huawei, in place since May 2019, the Chinese tech giant continues to stay afloat, vowing to find replacements for American technologies in the near future to become independent of them.
Huawei Technologies and the network operator China Mobile have completed the world’s highest 5G base station at an altitude of 6,500 metres in the Mount Everest area, according to a press release.
The station, along with another two that were earlier installed at an altitude of 5,300 metres and 5,800 metres in the area, provides full 5G coverage of Mount Everest on the north ridge as well as the summit, with online download speed reportedly standing at about 1 gigabit per second.
The world’s highest peak, Mount Everest has an altitude of more than 8,840 metres (29,029 feet).
“Huawei strongly believes that technology means to make the world better. The beauty of Mount Everest can be displayed via 5G high-definition video and VR experience, which also provides further insights for mountaineers, scientists and other specialists into the nature. The ground-breaking establishment on Mount Everest once again proves that 5G technology connect mankind and the Earth harmoniously”, the press release underscored.
The remarks were echoed by China Mobile which, in turn,  the 5G project on Mount Everest as “not only another extreme challenge in a human life exclusion zone”, but also as something that “laid a solid foundation for the later development of 5G smart tourism and 5G communications for scientific research”.
The newspaper South China Morning Post earlier reported that about 25 kilometres of new optical cables had been laid out to support the project, with at least 150 China Mobile employees involved in the work.  

US Crackdown on Huawei

The installation of the world’s highest 5G base station comes as Huawei is still grappling with washington's crackdown that begun in May 2019, when the Department of Commerce prohibited internet providers from using the company’s products and US tech companies from selling technologies (hardware and software) to Huawei without obtaining a special license first.
The White House claims that the company is collaborating with the Chinese government to allow the latter to spy on those who use the tech giant's equipment, allegations that have been rejected by both Beijing and Huawei.
The US also began a campaign of discouraging countries from allowing the firm to build national 5G networks using similar claims, despite rejections from the UK, France, Germany, the Czech Republic, and some Canadian telecom providers.