An experienced CYBER SECURITY ANALYST dealing in transborder crimes on phones,computers,threat intelligence, bug hunting,.... White hat hacking and Repairing phones and reviewer of new technology gadgets
Friday, July 12, 2024
A Congolese by names of Claude Maluma authors book titled "Genocide in Congo" blaming Rwanda and kagame for killing Congolese.
A book purposely for collective awareness is the motivation approach against the Congolese Genocide perpetrated by the chief terrorist Paul Kagame. The first batch of the book Genocide in the Congo for your comfort written by the Congolese writer Claude Maluma is already available in Kinshasa, contact us via inbox and you will be served The Book “Genocide in Congo” traces the war in the East of the DRC, the complicity of certain Congolese and the policy of international silence established by Kagame and his Allies The book is already available on the international market and on the Congolese market A Genocide is happening in the Congo, to remain silent is to be complicit.
M23 and FARDC accuse each other of violating the Truce
The M23 rebels and the FARDC accuse each other of continuing the fighting. In a statement made public this Friday, the rebellion accused Kinshasa of violating the humanitarian truce, while this Thursday, the Congolese army and its partners denounced the Kigali regime's non-compliance with the said truce and its "belligerent" attitude. " legendary for wanting to keep displaced populations in atrocious conditions, thus depriving them of access to humanitarian aid. The M23 rebellion, however, reiterates its call for “direct dialogue to address and resolve the root causes of conflicts”.
egypt air to start Bi-weekly flights to Mogadishu
A high-level Egyptian delegation led by Foreign Minister Badr Abdelatty, landed in Mogadishu, inaugurating the commencement of Egypt Air’s biweekly flight from Cairo to Mogadishu. The delegation will meet their Somali counterparts to discuss further strengthening bilateral relations.
The launch of new bi-weekly flights between Mogadishu and Cairo by EgyptAir marks a significant milestone in Somalia's reintegration into the global business landscape.
The inaugural flight, attended by Somalia's Foreign Minister Ahmed Moallim Fiqi and his Egyptian counterpart Badr Abdelatty, highlights the deep fraternal bond between the two nations.
This new air route is expected to greatly enhance connectivity between Somalia and the international community, emphasizing the strength and importance of the relationship between Somalia and Egypt, as emphasized by the Foreign Ministers during the flight's inauguration ceremony.
.
FARDC's General Tchaligonza Nduru is in Beni city,sources claim that he will meet the commander of Ugandan troops deployed in DRC.
At Beni-Mavivi airport, he was greeted by officers of the Congolese army and the authorities of the state of siege. General Bruno Mandefu, commander of SOKOLA 1 operations, was present on the tarmac alongside other senior army officers.
The Deputy Chief of the General Staff in charge of Operations and Intelligence arrived for a working mission, says Colonel Mak Hazukay, spokesman for SOKOLA 1 operations. General Tchaligonja Nduru has a well-defined agenda related to security issues, he added.
It should be noted the presence of several other generals in the delegation, including General Camille Bombele, former commander of the FARDC-UPDF joint operations and deputy commander of SECAS.
According to my confidant military sources, General Tchaligonza Nduru is expected to meet with the commander of Ugandan troops deployed in Beni and Ituri as part of joint operations against ADF rebels, as well as assess the security situation in Beni-Butembo and Lubero.
General Ychaligonza Nduru is the first high-ranking Congolese army officer to arrive in the region since the occupation by M23 rebels of some towns in Lubero territory.
Terrorism review in DRC June to July
In June 2024, the security situation in the Democratic Republic of Congo (DRC) had significantly deteriorated, especially in the eastern provinces of North Kivu and Ituri. The Islamic State Central Africa Province (ISCAP) notably increased its activity in the Lubero area of North Kivu, leading to widespread violence, displacement, and humanitarian crises.
The DRC government has been attempting to stabilize the region by deploying additional troops and enhancing security operations. However, the effectiveness of these measures remains limited due to the complex and volatile nature of the conflict. Additionally, The Wazalendo militia, a community defense force, has been involved in local defense efforts. Despite their efforts, they face challenges due to limited resources and training compared to the well-armed insurgents
The United Nations Organization Stabilization Mission in the Democratic Republic of the Congo (MONUSCO) has been actively assessing the security situation and providing support to local communities. From June 20-25, MONUSCO conducted a mission to assess the security and humanitarian situations in southern Lubero territory. MONUSCO has been working to facilitate humanitarian assistance and provide protection to displaced populations. However, attacks on MONUSCO personnel and assets have complicated their efforts, with the UN calling for a responsible and sustainable withdrawal of the mission.
Additionally, as part of the hunt for ISCAP, the Congolese army and MONUSCO launched a joint operation in the territory of Beni, in North Kivu. MONUSCO made this information public on Monday, June 3, 2024. The operation called “Cheng Gong” is aimed at establishing mobile bases in several towns in Beni in order to limit the movements of the ISCAP in order to neutralize them. According to the iontelligence, these mobile bases will be established in Mamove, Samboko and on the Musuku – Kudukudu-Mandumbi axis.
The launch of this joint operation comes in a context of renewed terror activities in the surroundings of the rural commune of Mangina and part of the neighboring Babila Babombi chiefdom in the Mambasa territory.
The security situation in the DRC, particularly in North Kivu’s Lubero territory, remains dire with ISCAP’s increased activity exacerbating the already fragile environment. While the DRC government, local militias, MONUSCO, and SADC troops are making concerted efforts to counter the insurgency and provide humanitarian relief, significant challenges persist. The international community continues to call for enhanced support and coordinated actions to address the multifaceted crisis in the region.
Series of terror events in Democratic Republic of Congo (DRC) in the month of June
28th June- ISCAP insurgents attacked Congolese Armed forces in Kambau, Lubero Region in North Kivu.
28th June- insurgents led and armed assault against civilians in Kambau, Lubero region
27th June- several Christians were captured and executed in Idohu in Ituri Province.
26th June- civilians were attacked by ISCAP militants in Ngere, Lubero Region.
25th June- ISCAP militants ambushed Christians near Ndjiapanda in Lubero region.
24th June- two Christians were captured and executed by ISCAP militants in Ndjiapanda in Lubero region.
22nd June- ISCAP militants conducted an armed assault against civilians in Ofai in Ituri province.
20th June- ISCAP militants ambushed militia forces loyal to the Congolese armed forces in Ndjiapanda in Lubero Region.
20th June- Militants clashed with a foot patrol of the Congolese armed forces in Ndjiapanda in Lubero.
20th June- ISCAP militants capture and execute 22 Christians in Bamande Village in Ituri.
19th June- ISCAP militants conducted an armed assault against Congolese Army Barracks near Samboko in Ituri.
19th June- ISCAP insurgents led and armed assault against civilians in Esege, Lubero region.
19th June- ISCAP insurgents led and armed assault against Congolese security forces in Esege, Lubero region.
18th June- militants led an armed assault against civilians in Mbata in Lubero Region.
14th June- ISCAP insurgents led and armed assault against civilians in Lumba, North Kivu
12th June- insurgents attacked the Christian Village of Masongo along RN2 in Beni region.
12th June- at least 45 Christians were killed by ISCAP insurgents uin Mayikengo village in Lubero area
11th June- at least 10 Christians were killed by ISCAP insurgents in Manya village in Ituri
11th June- ISCAP militants attacked and terrorized Mbandaka and four surrounding villages in Beni region.
10th June- ISCAP militants captured and executed 3 Christians near Kantin in Beni.
9th June- Makwasa village in Beni region was attacked by suspected militants ISCAP militants.
9th June- Islamists conducted and armed assault on the village north of the town of Kantin in Beni.
6th June- ISCAP militants ambushed a vehicle, in Kanialuna village, between Kabasha and Kalunguta, on the Beni-Butembo-Kasindi Road in Beni Region.
7th June- armed militants killed at least 60 civilians in Masali area in Beni.
7th June- at least 4 Christians were killed in Kantin region in Beni.
5th June- several civilians were attacked by ISCAP militants on the RN2 in Kyavikere in North Kivu.
4th June- ISCAP Militants led an armed assault on civilians on the RN4 in Sesa Ituri Province.
4th June- ISCAP Militants led an armed assault on civilians in the Mashua area in North Kivu.
3rd June- ISCAP Militants led an armed assault on civilians in Mangina, North Kivu.
3rd June- ISCAP militants captured and killed a civilian on RN4 near Ndalya in Ituri.
2nd June- Islamic State militants attacked civilians In Kainama, North Kivu.
Recommendations
To effectively combat the rising threat of terrorist groups in East and Central Africa, a multifaceted approach is essential. The following recommendations outline critical steps to enhance regional security and stability:
Enhanced regional collaboration is crucial. Strengthening alliances and fostering joint operations among countries in East and Central Africa will address the transnational nature of terrorist activities. Improved coordination and intelligence sharing will enhance the collective ability to track and dismantle insurgent networks that operate across borders.
To effectively combat the rising threat of terrorist groups in East and Central Africa, a multifaceted approach is essential. The following recommendations outline critical steps to enhance regional security and stability:
Enhanced regional collaboration is crucial. Strengthening alliances and fostering joint operations among countries in East and Central Africa will address the transnational nature of terrorist activities. Improved coordination and intelligence sharing will enhance the collective ability to track and dismantle insurgent networks that operate across borders.
Support for local forces must be increased. Providing more training and resources for local security forces and community defense groups will significantly improve their effectiveness in counter-insurgency operations. Empowering these forces to protect their communities more effectively is vital for sustained security.
Developing comprehensive counter-insurgency strategies is necessary. These strategies should integrate military actions with initiatives to address the underlying socio-economic grievances that fuel insurgency. By tackling the root causes of terrorism, these holistic approaches can help reduce the appeal of insurgent groups and prevent future recruitment.
Ensuring sustained humanitarian assistance is also essential. Continuous international support for humanitarian efforts is needed to aid displaced populations and rebuild affected communities. This support will help mitigate the impact of violence on civilians and contribute to long-term regional stability.
Finally, monitoring and adaptation are key components of an effective counter-terrorism strategy. Regularly assessing and adapting counter-terrorism strategies in response to the evolving tactics of insurgent groups will ensure that efforts remain relevant and effective. This dynamic approach will enable security forces to stay ahead of terrorist threats and respond promptly to new challenges.
Conclusion and Insights
The security landscape in East and Central Africa remains fraught with challenges as terrorist activities by Islamic State affiliates continue to destabilize the region. Despite some successful counter-terrorism efforts, such as the repelling of ISM’s assault in Mozambique and joint operations in the DRC, insurgent groups remain resilient and capable of conducting lethal attacks. The effectiveness of military responses is hampered by the insurgents’ mobility, use of improvised explosive devices (IEDs), and their ability to exploit local grievances.
Key Insights:
1. Persistent Threat: The Islamic State affiliates in Mozambique and the DRC are showing a persistent threat capability, evidenced by the frequency and brutality of their attacks in June 2024.
2. Humanitarian Impact: The ongoing violence is exacerbating humanitarian crises, displacing populations, and overwhelming local resources. Efforts by MONUSCO and other international bodies are critical but insufficient in the face of escalating violence.
3. Cross-Border Dynamics: The withdrawal of SAMIM and the increased role of Tanzanian forces in Mozambique highlight the importance of regional cooperation in countering terrorism. The porous borders and shared security challenges necessitate coordinated efforts across East and Central Africa.
4. Rehabilitation and Reintegration: Mozambique’s initiative to establish rehabilitation centers for former insurgents is a positive step towards long-term peace. However, the success of such programs depends on sustained security and community support.
5. Digital Crackdown: The dismantling of IS’s online platforms is a significant achievement in disrupting their propaganda and recruitment efforts. Continued international collaboration is essential to target and dismantle these digital networks.
somali president warns the civilians against opening bank accounts on behalf of terrorists
Somalia president Hassan.S.Mohamud warns citizens against acting as finance facilitators and carriers for the militant groups. He warned individuals who open bank accounts for wanted militants and handle their finances.
He said people who are providing support to the militants will be questioned and prosecuted.
“Terrorists are not relatives, don’t be fooled. You cannot contact them, you cannot call them, and you cannot be called by a criminal in the forest who is wanted by the government. Whoever aides or supports such person is another criminal.”
video below
Alshabaab published a video clip of Goofgadud assault.
The regional leaders must be careful about this propaganda.The publishing of these videos and photos is for these terrorists to claim that they are strong and then gain public following.
Thursday, July 11, 2024
The Government of the Republic calls on all civilized Nations, lovers of peace and justice, as well as the entire international community, to take severe political, economic and judicial measures against Rwanda and its leaders
“The Government of the Republic calls on all civilized Nations, lovers of peace and justice, as well as the entire international community, to take severe political, economic and judicial measures against Rwanda and its leaders, whose troops operating in the Democratic Republic of Congo also target MONUSCO peacekeepers and infrastructure, which constitute war crimes.”, (Press release)
Rwandan trucks banned from entering Goma
The authorities of the state of siege regret to see that their decision banning Rwandan trucks in Goma is “violated”.
“The mayor of Goma notes that, despite the ban on trucks transporting sand imported from Rwanda , these trucks continue to unload into third-party enclosures and construction sites deep in the different districts of the city” (press release)
The most notorious state sponsored hacker groups your gorvenment must be aware of!
As conventional conflicts between great powers have been deterred by the threat of mutually assured nuclear holocaust, cyber warfare has been slowly taking their place in the global arena. Now, some groups of state-sponsored threat actors are coming into the spotlight.
With countless covert cyber espionage and sabotage attacks launched to steal sensitive data and cripple an opponent’s infrastructure and defense systems, state-sponsored hacking operations are now regarded as the biggest threat to government institutions and organizations alike.
Attacks by state-sponsored actors are not made exclusively against servers in dusty government offices, nuclear facilities, and military bases, however. Dissidents, political opponents, and nonprofits, as well as private companies that include public institutions as their clients, are just as likely to be targeted by state-backed hacker groups.
These are some of most dangerous groups that have been a major headache for both policymakers and security researchers.
State-sponsored hacker groups are generally referred to as advanced persistent threats (APTs) by security researchers. Some companies simply assign them a number. Others have different naming conventions, referring to groups backed by different states as different animals, e.g. Iran’s calling card is a kitten.
As a consequence, one threat actor group can go by several nicknames: for example, FireEye calls Cozy Bear ‘APT29’, while other companies refer to the group as Cozy Bear, CozyDuke, or The Dukes.
So, with that in mind, let’s take a look at the world's most dangerous bears, dragons, and kittens.
Cozy Bear (APT29)
Lazarus Group (APT38)
Double Dragon (APT41)
Fancy Bear (APT28)
Helix Kitten (APT34)
Cozy Bear (APT29)
Allegiance: Russia
Active since: 2008
Best known for: 2015 attack on the Pentagon, FireEye hack (allegedly), SolarWinds hack (allegedly), COVID-19 vaccine data theft
Cozy Bear (not to be confused with Fancy Bear, Venomous Bear, or Voodoo Bear) is a name that is widely known among both security experts and the media.
What makes Cozy Bear special? Well, allegedly playing a key part in Russian attempts to influence the 2016 US presidential elections, for one. From its suspected inception back in 2008, the group has targeted many organizations, including governments, think tanks, telcos, energy companies, even cybersecurity firms, in patterns that likely point towards methods of operation mainly employed by state security services. After all, Cozy Bear is one of two state-sponsored hacker groups that researchers have long since believed is linked to GRU, Russia’s premier military intelligence service.
In fact, if expert suspicions are correct, Cozy Bear might prove the most dangerous state-sponsored hacker group to wreak havoc on companies and government institutions in 2020.
The group's second (alleged) massive hit last year was FireEye - a leading security company that counts multiple US federal agencies and the better part of the Forbes Global 2000 list among its clients.
In December 2020, the security firm confessed that it had been hacked by undisclosed assailants, with its proprietary adversary simulation toolkit stolen. Officially, FireEye is still mum about who is to blame for the intrusion. However, sources say it was a Russia-backed hacker outfit. Namely, Cozy Bear. The impact of the FireEye hack is difficult to understate, showing that state-sponsored attackers, given enough time and resources, can breach any organization, even those previously thought unassailable.
But as with most of 2020’s nasty surprises, that wasn’t the end of it.
Shortly after the FireEye hack, news hit that the Texas-based IT giant SolarWinds was the subject of a cyberattack. It appears that the attackers broke into SolarWinds’ systems and injected malicious code into an update for the company's software system "Orion," which spread to more than half of Solarwinds’ 33,000 clients, including Fortune 500 companies and multiple US government departments (Department of Treasury, Commerce, and Homeland Security among them).
What’s even worse, the breach went undetected for months, and the attackers could have exfiltrated data in the highest echelons of the US government, including the US military and the White House.
According to the Washington Post, Cozy Bear was identified as the hacker group responsible for the attack. Its impact even prompted the US Cybersecurity and Infrastructure Security (CISA) agency to issue an emergency directive about the breach.
So, is Cozy Bear the most dangerous state-sponsored hacker group of all time? Maybe. Was it the scariest in 2020? Definitely.
Lazarus Group (APT38)
Allegiance: North Korea
Active since: 2010
Best known for: Operation Troy, WannaCry attack, COVID-19 vaccine data theft
Lazarus, also known as Zinc, Hidden Cobra, and North Korea’s sole profitable enterprise, is a notorious hacker group backed by the Pyongyang regime. North Korea has been investing significant resources in its cyberwarfare capabilities, and it shows. Lazarus Group has been linked to some of the most high-profile cyberattacks in recent years, including the infamous WannaCry ransomware attack in 2017 that infected more than 300,000 devices across the planet, making untold amounts of money in ransoms for the rogue state regime.
Since the unit’s inception in 2010, Lazarus’ cyberattacks have become increasingly sophisticated and destructive, mostly targeting financial institutions such as banks and fintech companies.
According to security experts, the state-sponsored group is being run akin to an espionage operation, carefully infiltrating targets over time, learning the ins and outs of the systems they compromise, and striking from the shadows when the victims least expect it.
The group’s latest large-scale raid involved attacks on a pharmaceutical company and a government health ministry in an attempt to steal COVID-19 vaccine data. Experts at Kaspersky suspect that the hackers stole the data from the pharmaceutical firm by deploying the Bookcode malware in a supply-chain attack via another company, while the ministry’s servers were compromised by installing wAgent, a sophisticated fileless malware program that fetches additional malicious payloads from a remote server.
This level of sophistication leads experts to believe that the North Korean hacking group will continue to evolve and pose even more danger in 2021 and beyond.
Double Dragon (APT41)
Allegiance: China
Active since: 2012
Best known for: Massive global hacking campaign in 2020
Double Dragon, aka Cicada, is a Chinese state-sponsored espionage group by day that’s also known to dabble in financially motivated cybercrime for personal gain by night. The group’s activities have been traced back to 2012 and have included espionage operations against 14 different countries, including the US and the UK.
Since its first sightings by security experts, Double Dragon has been observed conducting a wide range of operations. These include supply-chain attacks and data exfiltration, as well as the use of complex proprietary tools.
The group’s highly sophisticated targeting techniques and particularly offensive methods of operation distinguish them from other state-sponsored groups, making them a double (dragon) threat to contend with.
Apart from directly attacking government institutions, Double Dragon is also targeting private companies in the travel and telecommunications industries in order to access data they can use for surveillance operations.
For example, the group will steal reservation information, call data recordings and text messages to track high-ranking foreign government officials, as well as dissidents closer to home.
However, espionage is not the group’s only forte: it’s not called Single Dragon for a reason.
According to FireEye, Double Dragon “also conducts explicit financially motivated activity, which has included the use of tools that are otherwise exclusively used in campaigns supporting state interests." In other words, the group uses top-notch espionage tools to steal money for themselves “outside of their normal day jobs.”
In 2020, Double Dragon was one of the most prolific hacker groups, attempting to exploit vulnerabilities in hardware, as well as continuing to target government institutions in multiple countries and companies across dozens of industries.
However, it seems that the group’s ‘quantity over quality’ approach could be its downfall.
APT 41 members picture in an FBI wanted poster
In September 2020, the US identified and charged 5 members of the group in a case that was part of a larger US crackdown against Chinese cyber-espionage efforts.
Did this operation hurt the state-sponsored group? Definitely. Will this spell the end of Double Dragon? Probably not.
Fancy Bear (APT28)
Allegiance: Russia
Active since: 2005
Best known for: 2016 DNC and Podesta leaks, attacks on anti-doping agencies in 2019
Fancy Bear (not to be confused with Cozy Bear, Venomous Bear, or Voodoo Bear) gained notoriety following reports of the group’s involvement in the Great DNC Hack of 2016, as well as a series of cyberattacks on Emmanuel Macron's campaign websites in the run-up to the 2017 French Presidential elections. Ever since, the cybersecurity community has been observing the group’s attacks far beyond the US and Western Europe.
Fancy Bear has a long history of committing sophisticated phishing attacks against high-value targets in the news media, dissident movements, the defence industry, and foreign political parties.
Their usual MO involves using email domains to trick their would-be victims into believing that the elaborate phishing emails produced by the group are coming from legitimate sources.
For example, when trying to hack Macron’s presidential campaign, the group used email domains that looked almost identical to that of his party’s official website, en-marche.fr. Fancy Bear used these domains to launch phishing campaigns similar to those that tricked senior officials in the US Democratic Party into giving away their email account credentials to the hackers.
The group’s extensive operations against victims in the political and defense sectors seem to mirror the strategic interests of the Russian government, which strongly points to an affiliation with the country’s military intelligence service, GRU.
According to CrowdStrike, Fancy Bear “has dedicated considerable time to developing their primary implant known as XAgent, and to leverage proprietary tools and droppers such as X-Tunnel, WinIDS, Foozer and DownRange.” And judging from the results, it seems that their implant has been rather effective.
In 2020, the group has allegedly conducted dozens of cyberattacks against multiple US federal agencies. While seemingly less successful than their counterparts from Cozy Bear, Fancy Bear remains a constant thorn in the backside for many cybersecurity firms and government institutions across the world.
Helix Kitten (APT34)
Allegiance: Iran
Active since: 2007
Best known for: The 2013 New York Dam hack, attacks on the Australian Parliament House in 2019
Contrary to the other countries in this list, Iran seems to be increasingly utilizing contract hackers to conduct the regime’s offensive operations. Such ‘freelancers’ can hail from different countries and backgrounds, and may or may not be ‘true believers’ of the regime they’re working for.
Helix Kitten (also known as OilRig and APT34), however, is suspected to be one of the few groups of dedicated local operators working on behalf of the Iranian government.
Security experts believe that the group conducts most of its operations in the Middle East, targeting financial, energy, chemical, telecom, and other industries, as well as government institutions in countries seen by Iran as competitors to its regional dominance, such as Saudi Arabia and the UAE.
The use of communications infrastructure in Iran, as well as the “timing and alignment with the national interests” of the Iranian regime also lead experts to assess that Helix Kitten is not a bunch of freelancers from all over the world.
However, just like Double Dragon, the group also seems to be running projects ‘on the side’ by launching independent cybercrime campaigns by using attack toolkits provided by their employer.
In April 2019, Helix Kitten was dealt a major blow after a series of leaks on Telegram that exposed the names, tools, and activities of the hacker group. In the leak, ten individuals from Helix Kitten were publicly named, with three employed by Iran’s Ministry of Intelligence, and the others working at the Iranian cybersecurity company Rahacrop. This was seen as a coup de grĂ¢ce to the notorious group, with its activities seemingly ceasing for the remainder of the year.
However, the rumors of Helix Kitten’s death appear to have been exaggerated, as the group seemed to continue its attacks well into 2020, wreaking havoc across the Middle East and South Asia.
Atleast 9 people were killed, others kidnapped, and houses burned during a new ADF attack on Friday, November 15, in Mabisio, a village in the Bapere sector in the Lubero territory (North Kivu).
According to military Intelligence sources, the attackers targeted this village, where the army is not deployed, before attacking civilian...
-
With the widespread availability of the Internet today, there are still times when it may not be feasibly available. Be it on a flight, du...
-
msticpy is a package of python tools intended to be used for security investigations and hunting (primarily in Jupyter notebooks). Most ...
-
A new way for cybercriminals to create fake social media profiles and carry identity scams using Artificial Intelligence powered tool? A ...