Friday, July 12, 2024

somali president warns the civilians against opening bank accounts on behalf of terrorists



Somalia president Hassan.S.Mohamud warns citizens against acting as finance facilitators and carriers for the militant groups. He warned individuals who open bank accounts for wanted militants and handle their finances. 


He said people who are providing support to the militants will be questioned and prosecuted.


“Terrorists are not relatives, don’t be fooled. You cannot contact them, you cannot call them, and you cannot be called by a criminal in the forest who is wanted by the government. Whoever aides or supports such person is another criminal.”

video below



Alshabaab published a video clip of Goofgadud assault.



The regional leaders must be careful about this propaganda.The publishing of these videos and photos is for these terrorists  to claim that they are strong and then gain public following.




watch the videos from somalia:




Some few days ago ,the alshabaab through their media wing of "Alshabaab Alkata'ib", had released pictures showing the FOB that was overrun by their fighters in the Goofgaduud-buurey area, which is under the city of Baidoa, the capital of the Bay region.






 

Thursday, July 11, 2024

The Government of the Republic calls on all civilized Nations, lovers of peace and justice, as well as the entire international community, to take severe political, economic and judicial measures against Rwanda and its leaders

 


“The Government of the Republic calls on all civilized Nations, lovers of peace and justice, as well as the entire international community, to take severe political, economic and judicial measures against Rwanda and its leaders, whose troops operating in the Democratic Republic of Congo also target MONUSCO peacekeepers and infrastructure, which constitute war crimes.”, (Press release)

Rwandan trucks banned from entering Goma

 


The authorities of the state of siege regret to see that their decision banning Rwandan trucks in Goma is “violated”.


“The mayor of Goma notes that, despite the ban on trucks transporting sand imported from Rwanda , these trucks continue to unload into third-party enclosures and construction sites deep in the different districts of the city” (press release)

The most notorious state sponsored hacker groups your gorvenment must be aware of!


 As conventional conflicts between great powers have been deterred by the threat of mutually assured nuclear holocaust, cyber warfare has been slowly taking their place in the global arena. Now, some groups of state-sponsored threat actors are coming into the spotlight.


With countless covert cyber espionage and sabotage attacks launched to steal sensitive data and cripple an opponent’s infrastructure and defense systems, state-sponsored hacking operations are now regarded as the biggest threat to government institutions and organizations alike.


Attacks by state-sponsored actors are not made exclusively against servers in dusty government offices, nuclear facilities, and military bases, however. Dissidents, political opponents, and nonprofits, as well as private companies that include public institutions as their clients, are just as likely to be targeted by state-backed hacker groups.


These are some of most dangerous groups that have been a major headache for both policymakers and security researchers.

State-sponsored hacker groups are generally referred to as advanced persistent threats (APTs) by security researchers. Some companies simply assign them a number. Others have different naming conventions, referring to groups backed by different states as different animals, e.g. Iran’s calling card is a kitten.


As a consequence, one threat actor group can go by several nicknames: for example, FireEye calls Cozy Bear ‘APT29’, while other companies refer to the group as Cozy Bear, CozyDuke, or The Dukes.


So, with that in mind, let’s take a look at the world's most dangerous bears, dragons, and kittens.


Cozy Bear (APT29)

Lazarus Group (APT38)

Double Dragon (APT41)

Fancy Bear (APT28)

Helix Kitten (APT34)

Cozy Bear (APT29)


Allegiance: Russia

Active since: 2008

Best known for: 2015 attack on the Pentagon, FireEye hack (allegedly), SolarWinds hack (allegedly), COVID-19 vaccine data theft

Cozy Bear (not to be confused with Fancy Bear, Venomous Bear, or Voodoo Bear) is a name that is widely known among both security experts and the media.


What makes Cozy Bear special? Well, allegedly playing a key part in Russian attempts to influence the 2016 US presidential elections, for one. From its suspected inception back in 2008, the group has targeted many organizations, including governments, think tanks, telcos, energy companies, even cybersecurity firms, in patterns that likely point towards methods of operation mainly employed by state security services. After all, Cozy Bear is one of two state-sponsored hacker groups that researchers have long since believed is linked to GRU, Russia’s premier military intelligence service.


In fact, if expert suspicions are correct, Cozy Bear might prove the most dangerous state-sponsored hacker group to wreak havoc on companies and government institutions in 2020.


The group's second (alleged) massive hit last year was FireEye - a leading security company that counts multiple US federal agencies and the better part of the Forbes Global 2000 list among its clients.


In December 2020, the security firm confessed that it had been hacked by undisclosed assailants, with its proprietary adversary simulation toolkit stolen. Officially, FireEye is still mum about who is to blame for the intrusion. However, sources say it was a Russia-backed hacker outfit. Namely, Cozy Bear. The impact of the FireEye hack is difficult to understate, showing that state-sponsored attackers, given enough time and resources, can breach any organization, even those previously thought unassailable.


But as with most of 2020’s nasty surprises, that wasn’t the end of it.


Shortly after the FireEye hack, news hit that the Texas-based IT giant SolarWinds was the subject of a cyberattack. It appears that the attackers broke into SolarWinds’ systems and injected malicious code into an update for the company's software system "Orion," which spread to more than half of Solarwinds’ 33,000 clients, including Fortune 500 companies and multiple US government departments (Department of Treasury, Commerce, and Homeland Security among them).


What’s even worse, the breach went undetected for months, and the attackers could have exfiltrated data in the highest echelons of the US government, including the US military and the White House.


According to the Washington Post, Cozy Bear was identified as the hacker group responsible for the attack. Its impact even prompted the US Cybersecurity and Infrastructure Security (CISA) agency to issue an emergency directive about the breach.


So, is Cozy Bear the most dangerous state-sponsored hacker group of all time? Maybe. Was it the scariest in 2020? Definitely.


Lazarus Group (APT38)

Allegiance: North Korea

Active since: 2010

Best known for: Operation Troy, WannaCry attack, COVID-19 vaccine data theft

Lazarus, also known as Zinc, Hidden Cobra, and North Korea’s sole profitable enterprise, is a notorious hacker group backed by the Pyongyang regime. North Korea has been investing significant resources in its cyberwarfare capabilities, and it shows. Lazarus Group has been linked to some of the most high-profile cyberattacks in recent years, including the infamous WannaCry ransomware attack in 2017 that infected more than 300,000 devices across the planet, making untold amounts of money in ransoms for the rogue state regime.


Since the unit’s inception in 2010, Lazarus’ cyberattacks have become increasingly sophisticated and destructive, mostly targeting financial institutions such as banks and fintech companies.


According to security experts, the state-sponsored group is being run akin to an espionage operation, carefully infiltrating targets over time, learning the ins and outs of the systems they compromise, and striking from the shadows when the victims least expect it.


The group’s latest large-scale raid involved attacks on a pharmaceutical company and a government health ministry in an attempt to steal COVID-19 vaccine data. Experts at Kaspersky suspect that the hackers stole the data from the pharmaceutical firm by deploying the Bookcode malware in a supply-chain attack via another company, while the ministry’s servers were compromised by installing wAgent, a sophisticated fileless malware program that fetches additional malicious payloads from a remote server.


This level of sophistication leads experts to believe that the North Korean hacking group will continue to evolve and pose even more danger in 2021 and beyond.


Double Dragon (APT41)

Allegiance: China

Active since: 2012

Best known for: Massive global hacking campaign in 2020

Double Dragon, aka Cicada, is a Chinese state-sponsored espionage group by day that’s also known to dabble in financially motivated cybercrime for personal gain by night. The group’s activities have been traced back to 2012 and have included espionage operations against 14 different countries, including the US and the UK.


Since its first sightings by security experts, Double Dragon has been observed conducting a wide range of operations. These include supply-chain attacks and data exfiltration, as well as the use of complex proprietary tools.


The group’s highly sophisticated targeting techniques and particularly offensive methods of operation distinguish them from other state-sponsored groups, making them a double (dragon) threat to contend with.


Apart from directly attacking government institutions, Double Dragon is also targeting private companies in the travel and telecommunications industries in order to access data they can use for surveillance operations.


For example, the group will steal reservation information, call data recordings and text messages to track high-ranking foreign government officials, as well as dissidents closer to home.



However, espionage is not the group’s only forte: it’s not called Single Dragon for a reason.


According to FireEye, Double Dragon “also conducts explicit financially motivated activity, which has included the use of tools that are otherwise exclusively used in campaigns supporting state interests." In other words, the group uses top-notch espionage tools to steal money for themselves “outside of their normal day jobs.”


In 2020, Double Dragon was one of the most prolific hacker groups, attempting to exploit vulnerabilities in hardware, as well as continuing to target government institutions in multiple countries and companies across dozens of industries.


However, it seems that the group’s ‘quantity over quality’ approach could be its downfall.


APT 41 members picture in an FBI wanted poster

In September 2020, the US identified and charged 5 members of the group in a case that was part of a larger US crackdown against Chinese cyber-espionage efforts.


Did this operation hurt the state-sponsored group? Definitely. Will this spell the end of Double Dragon? Probably not.


Fancy Bear (APT28)

Allegiance: Russia

Active since: 2005

Best known for: 2016 DNC and Podesta leaks, attacks on anti-doping agencies in 2019


Fancy Bear (not to be confused with Cozy Bear, Venomous Bear, or Voodoo Bear) gained notoriety following reports of the group’s involvement in the Great DNC Hack of 2016, as well as a series of cyberattacks on Emmanuel Macron's campaign websites in the run-up to the 2017 French Presidential elections. Ever since, the cybersecurity community has been observing the group’s attacks far beyond the US and Western Europe.


Fancy Bear has a long history of committing sophisticated phishing attacks against high-value targets in the news media, dissident movements, the defence industry, and foreign political parties.


Their usual MO involves using email domains to trick their would-be victims into believing that the elaborate phishing emails produced by the group are coming from legitimate sources.


For example, when trying to hack Macron’s presidential campaign, the group used email domains that looked almost identical to that of his party’s official website, en-marche.fr. Fancy Bear used these domains to launch phishing campaigns similar to those that tricked senior officials in the US Democratic Party into giving away their email account credentials to the hackers.


The group’s extensive operations against victims in the political and defense sectors seem to mirror the strategic interests of the Russian government, which strongly points to an affiliation with the country’s military intelligence service, GRU.


According to CrowdStrike, Fancy Bear “has dedicated considerable time to developing their primary implant known as XAgent, and to leverage proprietary tools and droppers such as X-Tunnel, WinIDS, Foozer and DownRange.” And judging from the results, it seems that their implant has been rather effective.


In 2020, the group has allegedly conducted dozens of cyberattacks against multiple US federal agencies. While seemingly less successful than their counterparts from Cozy Bear, Fancy Bear remains a constant thorn in the backside for many cybersecurity firms and government institutions across the world.


Helix Kitten (APT34)

Allegiance: Iran

Active since: 2007

Best known for: The 2013 New York Dam hack, attacks on the Australian Parliament House in 2019

Contrary to the other countries in this list, Iran seems to be increasingly utilizing contract hackers to conduct the regime’s offensive operations. Such ‘freelancers’ can hail from different countries and backgrounds, and may or may not be ‘true believers’ of the regime they’re working for.


Helix Kitten (also known as OilRig and APT34), however, is suspected to be one of the few groups of dedicated local operators working on behalf of the Iranian government.


Security experts believe that the group conducts most of its operations in the Middle East, targeting financial, energy, chemical, telecom, and other industries, as well as government institutions in countries seen by Iran as competitors to its regional dominance, such as Saudi Arabia and the UAE.


The use of communications infrastructure in Iran, as well as the “timing and alignment with the national interests” of the Iranian regime also lead experts to assess that Helix Kitten is not a bunch of freelancers from all over the world.


However, just like Double Dragon, the group also seems to be running projects ‘on the side’ by launching independent cybercrime campaigns by using attack toolkits provided by their employer.


In April 2019, Helix Kitten was dealt a major blow after a series of leaks on Telegram that exposed the names, tools, and activities of the hacker group. In the leak, ten individuals from Helix Kitten were publicly named, with three employed by Iran’s Ministry of Intelligence, and the others working at the Iranian cybersecurity company Rahacrop. This was seen as a coup de grĂ¢ce to the notorious group, with its activities seemingly ceasing for the remainder of the year.

However, the rumors of Helix Kitten’s death appear to have been exaggerated, as the group seemed to continue its attacks well into 2020, wreaking havoc across the Middle East and South Asia.


Tuesday, July 9, 2024

Alshabaab claims to have attacked the Bariire base that was recently handed over to SNA

 


Alshabaab claims to have attacked the newly handed-over bases in Bariire village today; ATMIS forces transferred this base to the  control of SNA. The Alshabaab claims that the SNA commander at this base was killed in the assault.


Let us all team up to fight terrorism.

M23 finalises training for cadres and recruits

 



The prime minister of Ethiopia Abiy Ahmed is in Port Sudan to meets with General Abdel Fattah


 The prime minister of Ethiopia Abiy Ahmed arrives in Port Sudan and meets with General Abdel Fattah al-Burhan the military commander who has for years been the de facto leader of Sudan.


Ethiopia is trying to resolve the conflict by reaching out to the two warring parties to engage in peaceful dialogue. Sudan's war impacted the Horn of Africa.

Abdulkadir Mumin, the head of the ISIS affiliate in Somalia is still alive despite being declared dead in an airstrike in May this year.

 




Abdulkadir Mumin, the head of the ISIS affiliate in Somalia is alive, sources say following a U.S. drone strike that targeted him on May 31 in the country's Northeastern Federal State of Puntland.


In 2016, the U.S. declared him a specially designated global terrorist, saying that he posed a significant risk of committing acts of terrorism that threaten the security of U.S. nationals or the national security, foreign policy, or economy of the U.S

Has Magloire Paluku joined the M23?

  Several sources claim that the Congolese journalist, Magloire Paluku may have joined the M23 rebellion. This information is also confirmed by the movement of M23 : "He is here with us, like many other Congolese who are joining us", declared Willy NGOMA , military spokesperson of M23 . Shortly before, the journalist was advisor to the National Minister of Culture and Arts, Furaha Katungu of the UNC.


CLICK ON THE LINK BELOW TO READ OUR  EARLIER INTELLIGENCE STORY BELOW,MANY MAY HAVE JOINED M23

M23 dedicated the whole of June for the search of key figures in support of their rebellion

 


A heads of state meeting on war in eastern DRC to convene on 20/11/2024 under the presidence of Munangwangwa

 An extraordinary summit of SADC Heads of State will be held on November 20, 2024 in Harare, under the presidency of Emmerson Mnangagwa, to ...