Directorate General of Customs and Excise (DGDA) seized 22 packages of colton ores fraudulently left at the Great Barrier in Goma, in the province of North Kivu, on August 19. This umpteenth shipment of minerals seized contained 15 packages of white coltan and 7 packages of black coltan, weighing a total of 585.5 kg. There were also 7 jam boxes, a TVS motorbike, and a bag of Momo milk. The traffickers wanted to fraudulently cross the border into Rwanda with these minerals. According to the communication service of the DGDA, this umpteenth seizure of minerals is the consequence of the anti-fraud policy put in place by Director General a.i. Nkongolo, who has pledged to "fight mercilessly against fraudsters".
Monday, August 24, 2020
788 people killed in a space of 9 months in north kivu.ADF has an upperhand in these killings.
More than 788 people have
died in the space of nine months in the
territory of beni .Civilians are the main target and many complain that FARDC does little to save them from the attrocities of ADF rebels.Many go ahead to indicate that ADF may be at a sympath of some rogue elements in DRC politics and businesses
According to the cepadho, these victims
were taken away from life by armed groups
present in this area. Among the death cases,
this organization highlights the number of 34
people killed last week. Cepadho reminds
regional authorities that the ADF remains a
real threat to the region and that it is crucial
to address it.
died in the space of nine months in the
territory of beni .Civilians are the main target and many complain that FARDC does little to save them from the attrocities of ADF rebels.Many go ahead to indicate that ADF may be at a sympath of some rogue elements in DRC politics and businesses
According to the cepadho, these victims
were taken away from life by armed groups
present in this area. Among the death cases,
this organization highlights the number of 34
people killed last week. Cepadho reminds
regional authorities that the ADF remains a
real threat to the region and that it is crucial
to address it.
Sunday, August 23, 2020
Who are these thugs terrorising bukavu town??Is Panzi hospital a safe haven for Dr Denis Mukwege?
There has been a series of thwarted rebel attacks in greater kivu this weekend and i suspect more attacks this coming night of sunday.I call upon the gorvenmennt of DRC to beef up security in bukavu and specifically security at Panzi hospital.I know and i know it well that these terrorists seeking to kill denis mukwege may use or plan such scenerios to get qn easy way of eliminating him.i know these people and how thehy have tried to play victims in South Africa,USA,...etc,they are ready to use such situation of various rebel attacks to kill Mukwege Denis,please ,DRC gorvenmennt ,wake up,This Noble peace prize winner must be protected in all instances.
Example of such attacks this weekend included,a money changer killed on the night of Saturday 22th to Sunday 23th August 2020 around 2 am in the City of Bukavu, municipality of KADUTU, Quartier KASALI, Avenue Camps CINEMA.
These criminals after demanding him to give everything he had (money, phones and other goods,) they shot the changer, his body was led to the HGPB morgue. That same night the thugs operated in the Panzi neighborhood ending another person's life,such thugs may be used or are suspiciously on a disguised different mission.The society see Bukavu Urban Security Council as failures and the inefficiency in putting and supporting Bukavu's security plan!!
Civil society regrets that taxes are more concerned about Urban authority than citizen safety.
Civil society costant also The lightness in the performance of police throughout the city of Bukavu and asks the Provincial Minister of the Interior and the provincial police commissioner to play their roles correctly to identify different gaps that are currently visible .......
Please!!! DRC army,wake up,save Denis Mukwege,I know and we know how these terrorists of East and Central Africa work!!! They use all means that will make the world see them as victims or innocent!!! FARDC wake up and beef up security for Mukwege Denis!!!!
FRDC repelled maimai rebel attack in Rubugho village in lubero territory
The same source explains that the attackers did not resist much to the response of the Congolese army. From there, they withdrew to other towns located in Manguredjipa, the capital of the Bapere sector.
“Today, the FARDC controls the entity. It is truly a feeling of satisfaction since the population has long suffered from the looting of these armed CND groups. We ask the FARDC to pursue the enemy to their last entrenchments, ”she said.
Last Tuesday, the official delegate of the governor affected in the sector of Bapere, Julio Mabanga Monga, denounced the recruitment of minors within the militia "Congo ebebi" of the warlord Dragon, active in the agglomeration of Liboyo who, however, had just expressed his will to lay down his arms.
President Tshisekede calls upon ministries in charge of security,internal affairs and justice to make sure that Denis Mukwege is safe.
As a reminder, it is since July 26, 2020 that Dr. Denis Mukwege as well as members of his family have been victims of numerous acts of intimidation and threats, including death threats, in particular through appeals. anonymous phone calls and hate messages posted on Twitter.
These threats follow the denunciation by Dr. Mukwege of the massacre perpetrated in the village of Kipupu, in the Itombwe sector (Mwenga territory, South Kivu province), on the night of July 16 to 17, 2020 and in during which more than 220 people were reportedly killed by combatants from armed groups.
The Congolese Nobel Prize winner then spoke on Twitter to denounce the impunity of the massacres committed in the DRC since 1996 and called for compliance with the recommendations of the Mapping Project report published by the United Nations High Commissioner for Human Rights in August 2010.
Dr. Mukwege also reiterated his call for "the creation of a special jurisdiction to try crimes in Congo"
Armed Forces of the Democratic Republic of Congo (FARDC) in south kivu repelled on Saturday, August 22, 2020,
According to Captain Dieudonné Kasereka, spokesman for the army operational sector Sukola 2 South South Kivu, it is the elements of the armed group Makanaki (different from the deserter Makanika) united with the foreign FNL elements who attacked several positions of the regular army and wanted to destabilize the security situation in the city of Uvira.
"It was saturday morning that these elements attacked our positions. We have pushed back the enemy and we are now in a search operation. For the moment the balance sheet is difficult to establish, because we are still in pursuit of the enemy. But temporarily on the FARDC forces side, we have 2 wounded, "he said.
He calls on the population for calm because the loyalist army is already controlling the situation.
Civil society sources point out that the clashes took place in the Kitundu groupement on the hills overlooking the Mulongwe and Kasenga neighborhoods in the city of Uvira. All activities have been paralyzed and traffic in the city disrupted since before noon on Saturday but also bullets are still heard.
North kivu,Congolese army (FARDC) repelled an ADF attack on Saturday
The enemy who wanted to advance towards the areas inhabited by civilians was quickly pushed back to kilometer point 5 according to Nicolas Kikuku, burgomaster of the commune of Oicha.Like I also earlier said in some articles on this blog,ADF has mastered the deployment and movement schedule of FARDC but thank God that FARDC is alert now and seemingly knows or has known that.
The information was confirmed by the military spokesperson for the Grand-Nord operational sector.
Lieutenant Antony Mualushayi indicated that the situation on the Mbau-kamango road is under the control of the loyalist army.
As a reminder, in the midday of Saturday, detonations of heavy and light weapons were heard in the aforementioned axis. This situation was at the base of a panic in several regions including Cafeza, Masosi, Kelekele, etc. Residents who suspected a rebel incursion fled before returning a few hours later.
Saturday, August 22, 2020
Zambian army has move out of the DRC villages they had occupied for over 90 days
This is what the Minister of National Defense and Veterans Affairs announced on the general security situation in the country during the 45th meeting of the Council of Ministers held this Friday, August 21, 2020.
In their retreat they would be in Kanyungo, 150 meters from the terminal set by members of the Zambian and Congolese delegations under the mediation of SADC.
The tenth session of the Permanent Mixed Commission on Defense and Security closed on August 13, 2020 in Lubumbashi, welcomed the commitment of SADC.
Thursday, August 20, 2020
The United States and Canada condemn the acts of intimidation and death threats against Denis Mukwege
- The United States and Canada condemn the acts of intimidation and death threats against Denis Mukwege, medical director of the Panzi General Reference Hospital in South Kivu and winner of the 2018 Nobel Peace Prize.Through his tweet last Wednesday, the American ambassador to the DRC denounced these unacceptable threats. For lasting peace, he said calls for accountability for the restoration of state authority in the east of the country are essential.
“We are concerned about the continued brutal violence which claims so many innocent victims and also about the unacceptable threats against Denis Mukwege. Calls for accountability for violence in eastern DRC are essential to build lasting peace, ”said Mike Hammer.
As the violence escalates in eastern DRC, Canadian diplomat Nicolas Simard finds it inconceivable that death threats could be made against Dr. Mukwege.
“Canada is working closely with Nobel Prize winner Denis Mukwege and his team at the Panzi Foundation to support survivors of gender-based and sexual violence. It is unacceptable that death threats can be made against him as violence escalates in eastern DRC. We urge an end to impunity to ensure lasting peace in the region, ”wrote the Canadian Ambassador to the DRC.
The threats against Dr. Mukwege follow his denunciation of the massacre perpetrated in the village of Kipupu, in the sector of Itombwe (territory of Mwenga, province of South Kivu) on the night of July 16 to 17, 2020 and during of which more than 220 people were reportedly killed by combatants from armed groups.
This prompted the Congolese gynecologist to hammer home the recommendations of the Mapping Project report published by the United Nations High Commissioner for Human Rights in August 2010 to end impunity for crimes committed in the DRC since 1996.
Dr. Mukwege also reiterated his call for "the creation of a special jurisdiction to try crimes in the Congo".
How spies and foreign intelligence can use your cellphone to find you – and eavesdrop on your calls and texts.Are we safe with our telecommunication companies?
But as the number of companies with access to SS7 grew from a handful to many thousands, the lack of built-in security became a growing problem. It was easy for anyone with access to the network to pretend to be a carrier making legitimate requests for information about customers.
Early research of SS7 surveillance focused on its use in tracking user locations through cellphones. But in recent years, a more serious issue has emerged around its ability to intercept calls, texts and data.The most advanced SS7 surveillance systems can monitor the movements of dozens of people for hours at a time, sending alerts if they get close to select areas or to one another,this is very dangerous to some vulnerable targeted group of people or individuals.
Very many of us may be ignorant or underrate this SS7 vulnerability but risks posed by SS7 surveillance go beyond privacy to affect national security. American, Chinese, Israeli and Russian intelligence agencies (but I also am sure that a foreign country neighbouring us is using SS7 to track some people it deems are not good to it and this country is too treacherous) are the most active users of SS7 surveillance, and private-sector vendors have put systems within the reach of dozens of other governments worldwide. Sophisticated criminals and private providers of business intelligence also use the surveillance technology.
I started getting interest in this vulnerability way back in 2015 up to now where i documented various international and local phone numbers that tried to intercept 2FA authentication codes of phone numbers aligned to facebook,instagram,twitter accounts of Ugandans.
Very many of us may be ignorant or underrate this SS7 vulnerability but risks posed by SS7 surveillance go beyond privacy to affect national security. American, Chinese, Israeli and Russian intelligence agencies (but I also am sure that a foreign country neighbouring us is using SS7 to track some people it deems are not good to it and this country is too treacherous) are the most active users of SS7 surveillance, and private-sector vendors have put systems within the reach of dozens of other governments worldwide. Sophisticated criminals and private providers of business intelligence also use the surveillance technology.
I started getting interest in this vulnerability way back in 2015 up to now where i documented various international and local phone numbers that tried to intercept 2FA authentication codes of phone numbers aligned to facebook,instagram,twitter accounts of Ugandans.
Read more here
Ss7 vulnerability exposes the network for SMS and voice hack. Along with this, once access to the ss7 network, the real-time location of a person can be obtained.
SS7 is the traditional network that uses standard ISUP and MAP protocol for call and SMS.
SS7 hack is not simple as it looks, people claim to install software and then just enter phone number to hack SMS or calls. Getting calls and SMS via a hack is the process to connect to the ss7 network and run an application so that the home network of an original subscriber gets the impression that software is the roaming VLR/MSC node in a network. The first step is to get the ss7 connection.
Get an SS7 Connection for the hack:
Get SS7 Global Title and Point Code: For an SS7 connection, one should have a Global Title and a point code (international), a local point code (local, between you and mobile operator )can be used, depends on ss7 connection provider. If one is a mobile operator, then get this from the standard GSM body. New network code is assigned by gsm so that you can have a big range of global titles or MSISDNs and IMSIs.
If not a mobile operator, one can take a global title on lease from a mobile operator. Once you have GT, now there are the following options.
SS7 connection via an aggregator: In this, you can connect to an SS7 aggregator and they can publish you GT, on all networks. So any traffic coming to your GT will be forwarded by aggregator towards your node or application. Mostly MVNO does this, they have GT ranges, those are published to an aggregator for connecting mobile network operators globally.
Directly with a Mobile Operator: In this, you will have direct links with mobile operators, each will set routing for your GT, towards the serving node. In this, you need to connect each mobile operator Individually.
SS7 vs Sigtran:
If you are using pure SS7 (E1/T1), then the box with the application should be on the premises of mobile operators. If using SIGTRAN, which is IP based, You can have your box in a data center on the cloud.
Ss7 hack tool or Software:
Once one has an ss7 connection. Now time to develop an ss7 application over GSM MAP signaling. SDK for ss7 provides required ss7 stack and libraries for developing ss7 hack software. Before developing the application first finalize the requirements. If one wants to receive SMS, then the application should be developed to handle protocol messages for SMS. Now the ss7 application will simulate as it is a real device.
Application Registration as a real phone:
The first step is to register the application as a phone registers in the roaming network. This required the IMSI of the sim card, to which the mobile number belongs. Mobile number everyone has but IMSI don’t. So the first step is to get IMSI. Hacking Application sends SRI-SM with the phone number to the HLR, which sends IMSI and roaming information in response. Roaming information includes the county code and area code.
From IMSI the application builds the location update along with other parameters. The open a TCAP dialogue to the SS7 node. The open dialogue needs to fill SCCP called party address and SCCP Calling party address. Called Party address is derived from IMSI and calling party address is the GT of software application.
During Update Location, HLR will respond with ISD or Insert Subscriber Data. The software application needs to acknowledge the ISD to the HLR, else update location procedure will fail and the application will not attach as a phone. One HLR sends update location ACK, which means registration is done.
SS7 Hack for SMS:
Once the application registered with the home network. The global title of ss7 hack software updated on the home HLR as an outcome of update location procedure. When a request for authentication for mobile terminated SMS starts. HLR gets SRI-SM query from the hack application, in the response of SRI-SM, HLR sends have visiting MSC number and IMSI. In our scenario, the MSC number is the GT of application. The sender SMS will send the SMS to the software application using the MSC number. Now its applications responsibility to decode the message and display the message as a user-readable string. Now you have the authentication code you were looking for.
SS7 Hack for Voice:
For voice, after phone registration call flow. The hack software should activate the call forwarding to the new number. While activating call forwarding, the ss7 hack tool can send the type of call forwarding and the mobile number where the hacker wants to receive the call. The call forwarding type can be “Call Forwarding Unconditionally”. This will enable call forwarding all the time. In this case, even the mobile user never comes to know that his call has been hacked. After voice verification, the call forwarding can be removed.
SS7 hack applications examples:
Any application which required user verification from SMS or voice can be hacked by the ss7 network. We will cover the ss7 call flows for WhatsApp and Facebook.
ss7 hack Whatsapp:
Whatsapp is used everywhere. It does the message and file transfer over the IP network. It connects your phone book to the others using phone numbers. So no need to add a contact explicitly. Like in skype, we need to create an account and need to add other skype ids before any communication. But with this app, the phone number is the profile id. While installing WhatsApp it requires user authentication via SMS. If WhatsApp needs to hack, after installation, run the ss7 hack software app and received the authentication message on the hack software app. Enter the code in installed WhatsApp. Now you can have messages on your WhatsApp, while the number belongs to another guy.
ss7 hack Facebook:
Facebook also does authentication via SMS. One can get SMS on an ss7 hack software.
As i have said earlier;it is not the first time that am talking about this SS7 EXPLOIT.over a series of years i documented;took screenshots of various phone numbers that tried to intercept authentication messages of accounts on internet.As proof; i even dropped my whatsapp account in march this year and am still hesitant to join whatsapp because i know some foreighn spies or hackers may be having interest in some group of people or individuals.Last week i noticed over three numbers that tried to intercept my email 2FA codes and solely meant to take over this blog;my facebook messanger etc.I alert all who may be running patriotic blogs ,websites or any internet account ,social media account ;and if you feel you may be a target please strengthen the security of your website or account.
However;the unfortunate part of it is that i discovered that many people or organisations are still using computers or mobile phones with un upgraded operating systems.This is very dangerous for it opens up more vulnerabilities which the enemies can ride on to ease their attacks.
As the gorvenment has done much to regulate this form of cyber attacks; which of recent i can pinpoint the arrest of some individuals behind Simboxing.I call upon the gorvenment to strictly take a survey into the security of telecom companies to make sure innocent citzens do not fall prey to these cyber criminals.
The risk of surveillance of your average user, given the billions of mobile phone users across the globe, is small but those in a place of power or individuals targeted because of various reasons, within organisations or government, could be at risk of targeting, as all that’s required to perform the surveillance is access to the SS7 system and a phone number.
One of the biggest dangers, beyond someone listening to calls and reading text messages, is the interception of two-step verification codes that are often used as a security measure when logging into email accounts or other services sent via text message.
Banks and other secure institutions also use phone calls or text messages to verify a user’s identity, which could be intercepted and therefore led to fraud or malicious attacks.
Given that the vulnerabilities and the possibilities of spying on users relies on systems outside of user control, there is very little you can do to protect yourself beyond not using the services.
For text messages, avoiding SMS and instead using encrypted messaging services such as Apple’s iMessage, Facebook’s WhatsApp or the many others available will allow you to send and receive instant messages without having to go through the SMS network, protecting them from surveillance.
For calls, using a service that carries voice over data rather than through the voice call network will help prevent your calls from being snooped on. Messaging services including WhatsApp permit calls. Silent Circle’s end-to-end encrypted Phone service or the open-source Signal app also allow secure voice communications.
Your location could be being tracked at any stage when you have your mobile phone on. The only way to avoid it is to turn off your phone or turn off its connection to the mobile phone network and rely on Wi-Fi instead.
One of the biggest dangers, beyond someone listening to calls and reading text messages, is the interception of two-step verification codes that are often used as a security measure when logging into email accounts or other services sent via text message.
Banks and other secure institutions also use phone calls or text messages to verify a user’s identity, which could be intercepted and therefore led to fraud or malicious attacks.
Given that the vulnerabilities and the possibilities of spying on users relies on systems outside of user control, there is very little you can do to protect yourself beyond not using the services.
For text messages, avoiding SMS and instead using encrypted messaging services such as Apple’s iMessage, Facebook’s WhatsApp or the many others available will allow you to send and receive instant messages without having to go through the SMS network, protecting them from surveillance.
For calls, using a service that carries voice over data rather than through the voice call network will help prevent your calls from being snooped on. Messaging services including WhatsApp permit calls. Silent Circle’s end-to-end encrypted Phone service or the open-source Signal app also allow secure voice communications.
Your location could be being tracked at any stage when you have your mobile phone on. The only way to avoid it is to turn off your phone or turn off its connection to the mobile phone network and rely on Wi-Fi instead.
Security hygiene. We’re all busy at work, so ensuring that our mobile phones and apps have the latest patches may not be our top priority. But if you’re a heavy user of your phone for business, you must make sure it has the most up-to-date security. Also, antivirus for mobile phones is a myth. Compared to our computers, an antivirus app on mobile phone will often fail to protect against malicious apps. However, one security control you can use for network security is secure VPN or Secure Access Service Edge (SASE) . Such a solution can block traffic to malicious websites or data exfiltration attempts.
2. Application hygiene. Any app on your phone can expose data and be used as a bridge to compromise your device.
Whitelisting and blacklisting applications are now becoming standard practice for IT and security administrators, and you should follow these practices on your own phone as well. For instance, do you really need those five messenger apps? Are you automatically downloading content across social media apps? Do your kids or grandchildren use your phone and download games?
3. Privacy hygiene. I know this will sound like the lecture you got from your parents many years ago, but here goes: Don’t give out personal information, especially your phone number, to strangers. A phone number alone will allow cyber criminals to trace you, physically and electronically, anywhere in the world. And remember that your colleagues, suppliers and customers store your number and other contact details on their phones as well — allowing your number to be easily exfiltrated by any fraudulent app they carelessly install.
The more you use your phone for work reasons, the greater you expand cybersecurity threat vectors into your organization’s applications, databases and data. It’s like opening the door of your factory wide open and handing strangers an access card to your mainframe and robotics equipment. It can only end badly.
THERE IN,THERE BY and THERE OF Niyikiza emmanuel.
FOR God and my country.
You can even read more here
THERE IN,THERE BY and THERE OF Niyikiza emmanuel.
FOR God and my country.
You can even read more here
Subscribe to:
Posts (Atom)
-
With the widespread availability of the Internet today, there are still times when it may not be feasibly available. Be it on a flight, du...
-
msticpy is a package of python tools intended to be used for security investigations and hunting (primarily in Jupyter notebooks). Most ...
-
A new way for cybercriminals to create fake social media profiles and carry identity scams using Artificial Intelligence powered tool? A ...
