Friday, July 3, 2020
South Sudanese army illegally enters DRC again
According to witnesses, they raped two women, then looted a few animals and valuables from the inhabitants, before returning back to south sudan on Wednesday 01 July.
Local sources say that the local population managed to "capture one of these Sudanese soldiers with his AK-47 weapon".
On Thursday, July 2, these South Sudanese soldiers turned to "recover one of them captured by the population" indicated by sources from the local communities "They were pushed back by the FARDC and a few police officers,".
Following this situation, the population living along the border of the DRC with South Sudan, have begun to flee inside the chiefdom of the Kakwa, some are destined for Ingokolo,as we learned from sources in these communities and Information confirmed by security sources in the region. The captured Sudanese soldier and his weapon were handed over to the Congolese authorities from Aru.
In another similar incidence of insecurities, yesterday people in bunia town were in panick as a lot of unfamiliar sound of heavy blasts was heard.
....we need smart officers along that border, let these idiots not dare or attempt to also feel they can joke with our peace.........
....
DRC refugees coming to Uganda must first be screened to make sure they are safe from COVID19
Thousands of people stranded in areas of the Democratic Republic of the Congo (DRC) arrived in Uganda on Wednesday, July 1st.
These refugees from the DRC can now be safe in their new host land. They were stranded at the border since the end of May due to corona virus that ended in locking the border.
" We are not tired, we don't have much land, our country is small, but we receive them, out of sympathy. I hope that the international community will also be compassionate and help these people. It's not our problems, it's the world's problems, international problems ", said Hilary Onek, Minister in charge of Rescue, Disaster Preparation and Refugees in Uganda.
The United Nations Refugee Agency (UNHCR) said it was working with the Government of Uganda and its partners to ensure that humanitarian aid, including food and shelter, is made available to these refugees.
The agency also reported that it was working with border security forces and the Ministry of Health to ensure screening, testing and measures against the-19.
" We ensure, of course, accommodation, screening for them. As you know, this is a very special emergency. This is the first time people have gone via the border in the middle of a Covid situation. You need intelligence to set everything up, security check, Ebola and Ebola control ", says Philippy Creppy, Operations Assistant Operations Operations, UNHCR.
After first screening, asylum-seekers will be transported by UNHCR to an institutional quarantine centre located 13 kilometres from the border.
After 14 days, in accordance with health protocols and protocols, they will be moved to existing refugee facilities.
Thursday, July 2, 2020
Reverse RDP vulnerabilities can let cyber criminals chieve full control over the Guacamole server, intercept, and control all other connected sessions.
A new research has revealed multiple critical reverse RDP vulnerabilities in Apache Guacamole, a popular remote desktop application used by system administrators to access and manage Windows and Linux machines remotely.
The reported flaws could potentially let cyber criminals chieve full control over the Guacamole server, intercept, and control all other connected sessions.
According to a report published by Check Point Research and shared to various cyber security firms .Among the firms are the hackernews who has already successfully compromised a computer inside the organization, to launch an attack on the Guacamole gateway when an unsuspecting worker tries to connect to an infected machine."
You can read more Here
The reported flaws could potentially let cyber criminals chieve full control over the Guacamole server, intercept, and control all other connected sessions.
According to a report published by Check Point Research and shared to various cyber security firms .Among the firms are the hackernews who has already successfully compromised a computer inside the organization, to launch an attack on the Guacamole gateway when an unsuspecting worker tries to connect to an infected machine."
You can read more Here
Hunting for default logins!!
The NNdefaccts dataset made by nnposter is an alternate fingerprint dataset for the Nmap http-default-accounts.nse script.
The NNdefacts dataset can test more than 380 different web interfaces for default logins. For comparison, the latest Nmap 7.80 default dataset only supports 55.
Here are some examples of the supported web interfaces:
Network devices (3Com, Asus, Cisco, D-Link, F5, Nortel..)
Video cameras (AXIS, GeoVision, Hikvision, Sanyo..)
Application servers (Apache Tomcat, JBoss EAP..)
Monitoring software (Cacti, Nagios, OpenNMS..)
Server management (Dell iDRAC, HP iLO..)
Web servers (WebLogic, WebSphere..)
Printers (Kyocera, Sharp, Xerox..)
IP Phones (Cisco, Polycom..)
Citrix, NAS4Free, ManageEngine, VMware..
See the following link for a full list:
https://github.com/InfosecMatter/http-default-logins/blob/master/list.txt
The usage is quite simple — we simply run the Nmap script with the alternate dataset as a parameter. Like this:
nmap --script http-default-accounts --script-args http-default-accounts.fingerprintfile=~/http-default-accounts-fingerprints-nndefaccts.lua -p 80 192.168.1.1
This is already pretty great as it is.
Nmap script limitations
Now the only caveat with this solution is that the http-default-accounts.nse script works only for web servers running on common web ports such as tcp/80, tcp/443 or similar.
This is because the script contains the following port rule which matches only common web ports:
So what if we find a web server running on a different port — say tcp/9999? Unfortunately the Nmap script will not run because of the port rule..
..unless we modify the port rule in the Nmap script to match our web server port! And that’s exactly where this new tool comes handy.
Introducing default-http-login-hunter
The default-http-login-hunter tool, written in Bash, is essentially a wrapper around the aforementioned technologies to unlock their full potential and to make things easy for us.
The tool simply takes a URL as an argument:
default-http-login-hunter.sh <URL>
First it will make a local temporary copy of the http-default-accounts.nse script and it will modify the port rule so that it will match the web server port that we provided in the URL.
Then it will run the Nmap command for us and display the output nicely.
You find a default credentials for Apache Tomcat running on port tcp/9999. Now we could deploy a webshell on it and obtain RCE. But that one is meant for me the "acidic"
List of URLs
The tool also accepts a list of URLs in a file. So, for instance, we could feed it with URLs found during Nessus scans extracted using our Nessus CSV parser.
The tool will go through all the URLs one by one and check for default logins. Like this:
default-http-login-hunter.sh urls.txt
Here the tool found a default login to the Cisco IronPort running on port https/9443.
Resume-friendly
Another useful feature is that it saves all the results in the current working directory. So if it gets accidentally interrupted, it will just continue where it stopped. Like in this example:
Here we found some Polycom IP phones logins.
Staying up-to-date
To make sure that we have the latest NNdefacts dataset, just run the update command:
default-http-login-hunter.sh update
And that’s pretty much it. If you want to see more detailed output, use -v parameter in the command line.
The NNdefacts dataset can test more than 380 different web interfaces for default logins. For comparison, the latest Nmap 7.80 default dataset only supports 55.
Here are some examples of the supported web interfaces:
Network devices (3Com, Asus, Cisco, D-Link, F5, Nortel..)
Video cameras (AXIS, GeoVision, Hikvision, Sanyo..)
Application servers (Apache Tomcat, JBoss EAP..)
Monitoring software (Cacti, Nagios, OpenNMS..)
Server management (Dell iDRAC, HP iLO..)
Web servers (WebLogic, WebSphere..)
Printers (Kyocera, Sharp, Xerox..)
IP Phones (Cisco, Polycom..)
Citrix, NAS4Free, ManageEngine, VMware..
See the following link for a full list:
https://github.com/InfosecMatter/http-default-logins/blob/master/list.txt
The usage is quite simple — we simply run the Nmap script with the alternate dataset as a parameter. Like this:
nmap --script http-default-accounts --script-args http-default-accounts.fingerprintfile=~/http-default-accounts-fingerprints-nndefaccts.lua -p 80 192.168.1.1
This is already pretty great as it is.
Nmap script limitations
Now the only caveat with this solution is that the http-default-accounts.nse script works only for web servers running on common web ports such as tcp/80, tcp/443 or similar.
This is because the script contains the following port rule which matches only common web ports:
So what if we find a web server running on a different port — say tcp/9999? Unfortunately the Nmap script will not run because of the port rule..
..unless we modify the port rule in the Nmap script to match our web server port! And that’s exactly where this new tool comes handy.
Introducing default-http-login-hunter
The default-http-login-hunter tool, written in Bash, is essentially a wrapper around the aforementioned technologies to unlock their full potential and to make things easy for us.
The tool simply takes a URL as an argument:
default-http-login-hunter.sh <URL>
First it will make a local temporary copy of the http-default-accounts.nse script and it will modify the port rule so that it will match the web server port that we provided in the URL.
Then it will run the Nmap command for us and display the output nicely.
You find a default credentials for Apache Tomcat running on port tcp/9999. Now we could deploy a webshell on it and obtain RCE. But that one is meant for me the "acidic"
List of URLs
The tool also accepts a list of URLs in a file. So, for instance, we could feed it with URLs found during Nessus scans extracted using our Nessus CSV parser.
The tool will go through all the URLs one by one and check for default logins. Like this:
default-http-login-hunter.sh urls.txt
Here the tool found a default login to the Cisco IronPort running on port https/9443.
Resume-friendly
Another useful feature is that it saves all the results in the current working directory. So if it gets accidentally interrupted, it will just continue where it stopped. Like in this example:
Here we found some Polycom IP phones logins.
Staying up-to-date
To make sure that we have the latest NNdefacts dataset, just run the update command:
default-http-login-hunter.sh update
And that’s pretty much it. If you want to see more detailed output, use -v parameter in the command line.
Changes in positions within police Directorate of ICT.
Police Human Resource Director Maj. Gen. Jesse Kamunanwire moved Assistant Commissioners of Police (ACPs), Senior Superintendents of Police (SSPs), SPs and ASPs to serve as senior regional ICT commanders.
Gen. Kamunanwire moved Warren Mugwizi from the ICT Directorate, which oversees CCTV operations, to the ICT department at police headquarters in Naguru, Kampala as directorate of operations.
He’ll be supervised by Assistant Inspector General of Police (AIGP) Edward Osiru Ochom.
The changes also indicate that Moses Ekudot will head the communication department at police headquarters while Alice Komuhangi has been moved from ICT directorate at the police headquarters to greater Masaka as the Regional ICT commander.
Monica Mugeni is the new Kiira Regional ICT commander.
Yowasi Ruteera from ICT headquarters has been asked to report to human resource management in order to be investigated for yet to be known reasons.
The installation of CCTV spy cameras for upcountry places is ongoing under phase two.
At least 3,100 CCTV cameras have been installed in the 18 policing divisions that make up Kampala Metropolitan Area, which covers Kampala city, Wakiso and Mukono districts.
President Museveni launched the National CCTV National Command Center at Naguru in November of 2018.
The facility is linked to 18 divisional centers and 83 police stations.
General Sabiti Abdullah Patrick , the new police commissioner of Ituri province officially begun his work.
On the spot, he was greeted by the president of the deliberative body of the province, Simeon Banga Tchombe, surrounded by his deputy and other members of the office.
"It is the first time that I arrive at the office of the Provincial Assembly, I should have come there since my arrival but the security emergencies, that did not allow me. Today, I am here to greet and present my civilities to the president of the provincial assembly and to the members of the bureau, "he confided to the members of the press of the provincial assembly.
According to the General, the discussions revolved around the security situation and the relations that must exist between the police and the provincial assembly as a representation of the population.
Note that General Sabiti succeeded General Henry Kapend transferred to the neighboring province of Haut-Uélé to exercise the same functions.
The balkanisation of DRC may be ripe now!As of our various leaks last month,we may soon have a country named the Republic of KIVU.
" Republic of Kivu " these are visible inscriptions on a " flag " visible on several outskirts oftof city of Bukavu onon Wednesd, July 1st, 2020.
Hanging on tree sticks in several places in the city, this flag with yellow, black and blue colors and a star in the middle keeps mobilizing the curious population.
In the morning of Wednesday some inhabitants of the commune of Kadutu have moved to Buholo 3 to observe a flag installed at a little roundabout.
Also in the municipality of Ibanda, these flags were visible in the morning towards the roundabout ISP of Bukavu and on the road section of Place Mulamba-College said called "witness mile" in the old days.
It's hard to identify those who wanted to express themselves by these flags "Republic of Kivu" spread across the city but the idea is no longer new in South Kivu.
Indeed, opinion leaders, scientists and other inhabitants have in the informal, started the discussion about the need for Kivu to detach from the rest of Congo and its capital Kinshasa in particular. They justify this by the concern of the wealth of Kivu to benefit the inhabitants of the region.
On the other hand, many others do not hesitate to say that Kivu is insecure because Kinshasa does not know how to find solutions for a region considered just as a "dairy cow" and not part of the country.
Many political actors in Bukavu comment each in their sense and support do not want to speak publicly at the moment. They count themselves in all political parties.
Another opinion that still disagree with this approach of having Kivu as a country warn against an idea that could destabilize Congo and also serve a likely future country by setting the example of the current South Sudan.
Journalist Prince murhula wonders
Journalist and trainer, Prince murhula notes that this is for the first time that this feeling has invaded communities in South Kivu.
This journalist, one of the most respected in the city, reminds that even at the time of the RCD, it was Bukavu who resisted this temptations.
" I remind you that it is for the first time in the history of the DRC that this feeling is increasingly invading communities. Many of the becomingly by combining him with the "frustrations of the UNC members" following the condemnation of Kamerhe. But never, to my knowledge, I've never seen such a thing come from Kivu. As a reminder, During the 1998-2003 s, while the RCD Rebellion occupied the eastern part, resistance was strong in the community. In Kivu, everyone swore for the reunion of the country.
Civil society organizations, trade unions, student s' college have put in place a "peaceful" internal resistance but which destabilize the armed movement that did not hesitate to shoot protesters. Among the strategies used by the movement, the use of the Kinshasa national flag which was raised to public places.
In fact, during the Rebellion, Kinshasa had its flag (blue colors, six stars and a big yellow star in the middle) while the RCD used the current DRC flag. So this was an affront to the rebels. But it was a clear message that had passed to him: We want unity. Today seeing the "flag of the Republic of Kivu" float, I wonder he writes.
In any case, for now, the comments go in every way on social media as in political fairs but one thing is clear: never this question has also been discussed easily as at present in the city known as answers of Bukavu.
Hanging on tree sticks in several places in the city, this flag with yellow, black and blue colors and a star in the middle keeps mobilizing the curious population.
In the morning of Wednesday some inhabitants of the commune of Kadutu have moved to Buholo 3 to observe a flag installed at a little roundabout.
Also in the municipality of Ibanda, these flags were visible in the morning towards the roundabout ISP of Bukavu and on the road section of Place Mulamba-College said called "witness mile" in the old days.
It's hard to identify those who wanted to express themselves by these flags "Republic of Kivu" spread across the city but the idea is no longer new in South Kivu.
Indeed, opinion leaders, scientists and other inhabitants have in the informal, started the discussion about the need for Kivu to detach from the rest of Congo and its capital Kinshasa in particular. They justify this by the concern of the wealth of Kivu to benefit the inhabitants of the region.
On the other hand, many others do not hesitate to say that Kivu is insecure because Kinshasa does not know how to find solutions for a region considered just as a "dairy cow" and not part of the country.
Many political actors in Bukavu comment each in their sense and support do not want to speak publicly at the moment. They count themselves in all political parties.
Another opinion that still disagree with this approach of having Kivu as a country warn against an idea that could destabilize Congo and also serve a likely future country by setting the example of the current South Sudan.
Journalist Prince murhula wonders
Journalist and trainer, Prince murhula notes that this is for the first time that this feeling has invaded communities in South Kivu.
This journalist, one of the most respected in the city, reminds that even at the time of the RCD, it was Bukavu who resisted this temptations.
" I remind you that it is for the first time in the history of the DRC that this feeling is increasingly invading communities. Many of the becomingly by combining him with the "frustrations of the UNC members" following the condemnation of Kamerhe. But never, to my knowledge, I've never seen such a thing come from Kivu. As a reminder, During the 1998-2003 s, while the RCD Rebellion occupied the eastern part, resistance was strong in the community. In Kivu, everyone swore for the reunion of the country.
Civil society organizations, trade unions, student s' college have put in place a "peaceful" internal resistance but which destabilize the armed movement that did not hesitate to shoot protesters. Among the strategies used by the movement, the use of the Kinshasa national flag which was raised to public places.
In fact, during the Rebellion, Kinshasa had its flag (blue colors, six stars and a big yellow star in the middle) while the RCD used the current DRC flag. So this was an affront to the rebels. But it was a clear message that had passed to him: We want unity. Today seeing the "flag of the Republic of Kivu" float, I wonder he writes.
Wednesday, July 1, 2020
Can UCC,MTN,Airtel,Africell,UTL tell us who are the culprits behind these phone numbers? Are our emails ,mobile money accounts,mobile banking and social media accounts safe???
+37258882780,+37282340769,+37282340209,+37282340480,+37282340388,+37282340219,
You can read more Here
You can also read more Here
You can read more Here
You can also read more Here
China's new-generation fighter jet is scheduled to make its maiden flight in 2021, an aviation industry report revealed on Monday. Analysts speculate that it will be China's new aircraft carrier-based fighter jet
A team at China Aero-Polytechnology Establishment under the state-owned Aviation Industry Corporation of China (AVIC) has resumed work while fighting the COVID-19 epidemic with the aim of supporting the scheduled maiden flight of a new-generation fighter jet in 2021, according to a statement the Chinese Aeronautical Establishment released on its WeChat public account on Monday.
The statement was removed by its publisher as of Tuesday evening.
This team is responsible for the new fighter jet's basic technology project, and other institutes, including AVIC Shenyang Aircraft Design and Research Institute and the Chengdu-based No.29 Research Institute under the state-owned China Electronics Technology Group Corporation (CETC), are also involved in its development, according to the statement.
The statement did not elaborate on the details of the new fighter jet, but the Shenyang institute is known for the development of the J-15, China's first type of aircraft carrier-based fighter jet , and the FC-31, China's second type of stealth aircraft rumored to be under deep modification to become a new aircraft carrier-based fighter jet.
Based on available information, it is possible that the new fighter jet introduced in the Chinese Aeronautical Establishment statement is indeed a new aircraft carrier-based fighter jet developed from the FC-31, Fu Qianshao, a Chinese air defense expert, told the Global Times on Tuesday.
Fu said that while the Chinese Air Force may eventually require a medium-sized stealth fighter jet to accompany the heavy J-20 stealth fighter jet, the Chinese Navy is in more urgent need of a stealth fighter jet on China's future aircraft carriers, as the US has already developed F-35B and F-35C stealth fighter jets for amphibious assault ships and aircraft carriers.
If this is the case, it will likely take another five years or so of testing following the maiden flight in 2021 to put the new fighter jet into active service, Fu said, noting that this time period could be shortened because the FC-31 has been tested as a technical demonstrator for many years.
According to a statement released by the Shenyang institute in December 2019, it has started developing a new type of fighter jet jointly with AVIC Manufacturing Technology Institute since 2018. This older report did not elaborate on the specifics of the new aircraft.
China is reportedly building its third and more advanced aircraft carrier at Shanghai's Jiangnan Shipyard, which is expected to be launched and commissioned in the 2020s. A more advanced fighter jet could greatly enhance the carrier's combat capability, analysts said.
There has also been speculation online by military enthusiasts claiming the new fighter jet could be a drone fighter jet or a space fighter jet.
Subscribe to:
Posts (Atom)
-
With the widespread availability of the Internet today, there are still times when it may not be feasibly available. Be it on a flight, du...
-
msticpy is a package of python tools intended to be used for security investigations and hunting (primarily in Jupyter notebooks). Most ...
-
A new way for cybercriminals to create fake social media profiles and carry identity scams using Artificial Intelligence powered tool? A ...
