1502 displaced congolese helplessly stranded in kalungu after fleeing clashes in Rutare and muko

A total of 1,502 displaced people who fled the clashes in Rutare and Muko are unassisted and stranded in the town of Kalungu in the Kalehe territory in South Kivu.

According to Hakizimana Bwira Moïse, spokesperson for these displaced persons, they do not have food and sick children do not have access to health care.

"More than 500 displaced people have come from Rutare and others from Muko to Masisi in North Kivu. The lives of all these displaced people are in danger. They have no food, children are caught hand in the bag in the fields and patients do not even have medicines, "he said on this wednesday.

He calls on the authorities and humanitarian organizations to provide assistance to these displaced people in order to save their lives.

It should be remembered that clashes between armed groups are recurrent in the territory of Kalehe and in the surrounding entities.

North kivu records the highest number of new COVID19 case for the third time in less a fortnight

Out of 462 samples tested on Tuesday, the multisectoral committee to fight the coronavirus pandemic confirmed 39 new confirmed cases, including 26 in North Kivu, 7 in Kinshasa, 3 in Kongo Central, 2 in Haut-Uélé and 1 in North. Ubangi.

No new deaths among the confirmed cases. But 46 new people came out of covid-19 treatment centers, and among patients followed at home, including 25 in Kinshasa and 21 in other provinces.

Since the start of the epidemic declared on March 10, 2020, the cumulative number of cases is 9,538, including 9,537 confirmed cases and 1 probable case. In total, there were 225 deaths (224 confirmed cases and 1 probable case) and 8,421 people cured.

The 17 affected provinces are Kinshasa 7,780 cases; North Kivu 472 cases; Kongo Central 424 cases; Haut-Katanga 314 cases; South Kivu 295 cases; Lualaba 88 cases; Ituri 73 cases; Haut-Uélé 39 cases; Tshopo 26 cases; Kwilu 6 cases; Nord-Ubangi 6 cases; Ecuador 5 cases; Sud-Ubangi 5 cases; Haut-Lomami 1 case; Kasai 1 case; Kasaï Central 1 case and Kwango 1 case.

Network forensics and IOC

“Indicator of compromise (IOC) in computer forensics is an artifact observed on a network or in an operating system that with high confidence indicates a computer intrusion. Typical IOCs are virus signatures and IP addresses, MD5 hashes of malware files or URLs or domain names of botnet command and control servers. After IOCs have been identified in a process of incident response and computer forensics, they can be used for early detection of future attack attempts using intrusion detection systems and antivirus software.” Wikipedia

Hello w0rld! In this post I am planning to do a brief introduction into network forensics and how network monitoring can be used to identify successful attacks. Network monitoring is essential in order to identify reconnaissance activities such as port scans but also for identifying successful attacks such as planted malware (such as ransomware) or spear-phishing. Generally when doing network forensics the network footprint is of significant importance since it allows us to replicate the timeline of events. With that said, network footprint can still be obscured/hidden by using cryptographic means such as point-2-point encryption. Even if you can’t see the actual traffic because it is encrypted, what you can see is the bandwidth load which might be an IoC.

In incident response the first step is the time that is needed for the attack realization. If the attack is not realized then of course there is no ‘incident response’ (doh!). There is a list of things that the analyst should go over in order to try to identify if an attack was successful. The list is not definite and there are far more things that need to be checked than those discussed here.
Whether an attack is targeted or non-targeted, if it is utilizing the Internet connection in any way it will leave network footprints behind. In targeted attacks we see things like spear-phishing and USB planting that quite often are targeting susceptible individuals with lack of security awareness. Non-targeted attacks might include attack vectors such as malware, ransomware, malicious javascripts, flash exploits, etc. This is not exhausting since flash exploits and malicious javascripts can be used also in a targeted fashion.
By identifying the Indicators of Compromise (IoC), we can have briefly describe each attack vector as follows depending on the network footprint that will have:

• IP addresses
• domain names
• DNS resolve requests/response
• downloadable malicious content (javascripts, flash, PDF files with embedded scripts, DOCX with Macros enabled)

There are also indicators coming out from behavioural analysis. For example a malware which contacts a Command & Control server will ‘beacon’ in a timely (usually) fashion. This ‘beaconing’ behaviour can be identified by monitoring spikes of specific traffic or bandwidth utilisation of a host. Moreover it can be spotted by monitoring out-of-hours behaviour since a host shouldn’t send data except of X type (which is legit) or shouldn’t be sending any data at all.
Ransomware will encrypt all accessible filesystems/mounted drives and will ask (guess what!?) for money! Most likely it will be downloaded somehow or will be dropped by exploit kits or other malware. Sometimes it is delivered through email attachments (if mail administrator has no clue!). As stand-alone ‘version’ ransomware comes in portable executable (PE file) format. However variants of Cryptolocker are employing even PowerShell for doing so. In order to detect them we need a way to extract the files from the network dump. There are couple of tools that does this such as foremost but it is also possible to do it ‘manually’ through wireshark by exporting the objects. This assumes that the file transfer happened through an unencrypted channel and not under SSL.
Malware might serve many different purposes such as stealing data, utilizing bandwidth for DDoS, or used as a ‘dropper’ where a ransomware is pushed. One of the more concerning is turning a compromised host into a zombie computer. Fast flux malware have numerous IPs associated with a single FQDN whereas domain flux malware have multiple FQDN per single IP. The latter is not ideal for malware authors since this IP will be easily identified and traffic will be dropped (a bit more about ‘sinkhole‘ in the next paragraph!).
Assuming that we are after a fast flux malware that uses a C&C, then there are ways to locate the malware by looking for beaconing. Quite often these malware make use of DGAs (Domain Generation Algorithms) which basically hide the C&C IP behind a series of different domain names. Malware that uses DGA are actively avoiding ‘sinkhole’ which allows ISPs to identify the malicious IP (C&C) and leading to the ‘blackhole’ of the traffic, shunning the communication of the infected system with it.
An infected host will attempt to resolve (through DNS) a series of domain names acquired from the DGAs, This behaviour will lead to lots of ‘Non-Existent’ NX responses from the name server back to the infected machine. Monitoring the number ofNX responses might help us identify infected systems. Moreover monitoring the DNS queries should also help.

mighty museveni to address the nation tommorrow on international youth day

THE MYSTERIOUS AND DEADLIEST UGANDAN Sukhoi SU-30MK2 MULTIROLE COMBAT FIGHTERJET

The Russian su-30MK2 is a two sitter multi-role fighter designed by sukhoi and produced by Komsomolsk on air Amur air craft production association. It is an improved version of su-30 MKK and is also a member of the various su-30 family of aircrafts.
The aircraft are currently operational only with Vietnam 28, Indonesia 6, Uganda 6, Venezuela 24 and China 24.
In africa,it is only Uganda that currently has this stealth bomber but one cannot rule out that other countries may have not ordered for the purchase of this mysterious aircraft..but truth is that in Africa it is only uganda that currently has it!!!
The SU-30MK2 is currently at a price of 37.5million US dollars and Uganda placed an order with Rosoboronexport for six Su-30MK2 fighters for use by the Uganda Peoples Defence Force (UPDF), in April 2010. The first two aircraft were delivered in July 2011. The third and fourth were delivered in November 2011, followed by the final two aircraft in May 2012.
The Su-30MK2 combat aircraft offers superior manoeuvrability and can be deployed to engage manned and unmanned aerial vehicles (UAVs) which you literary call drones, medium- and short-range guided missiles, high-precision munitions, and other airborne weapons. It can also be used in aerial reconnaissance and training missions.
Su-30MK2 design and features
The Su-30MK2 fighter aircraft features reinforced airframe and a tricycle landing gear. It is capable of engaging targets in all weather conditions during day and night.
It has a length of 21.9m, a height of 6.4m and wing-span of 14.7m. The maximum and limit take-off weights are 34,500kg and 38,000kg respectively, and the payload carrying capacity is 8,000kg.
The Su-30MK2 is fitted with an in-flight refuelling system for extended flight range. The open architecture of the aircraft allows for installation of a variety of combat equipment and an improved avionics suite.
Cockpit and avionics of Su-30MK2
The digital glass cockpit accommodates two crew members in tandem configuration. It is equipped with new colour multi-functional, digital LCD screens for displaying flight and navigation information and graphical data. It also incorporates electromechanical indicators and advanced navigation and radio communications.
The aircraft is also fitted with an infrared search-and-tracking (IRST) system, a helmet-mounted target designation system, teplopelengator, laser range-finder and a target designator for detection and tracking of air and ground targets. The optoelectronic sighting systems provide improved surveillance capabilities.
The airborne radar aboard the Su-30MK2 is capable of searching and designating aerial targets, as well as short and medium-range guided missiles. It is also used to measure co-ordinates of ground-based radio-contrast targets.
The IRST technology is a passive and doesn't highlight the location of the aircraft only if the pilot decides the onboard radar which cqn give its location as radar frequents energy out bursts are emmitted.The IRST works in all weather conditions since the use of infrared rather that the visible part of electromagnetic spectrum.This means that Su-30MK2 is invisible and cannot be detected by the radars and its able to sense the enemy aircrafts and destroy them befire it is seen.USA has been incorporating the IRST technology in its naval aircrafts like the F/A -18E/F and airforce F15 eagle, other aircraft with this technology is the superb Euro fighter Typhoon which i advise the gorvenment to purchase.
Armament fitted to the Sukhoi fighter aircraft
The Su-30MK2 combat aircraft is attached with 12 hardpoints under the wings and fuselage to carry a range of missiles, bombs and rockets. It also integrates a built-in, 30mm GSh-301 automatic, single-barrelled gun with 150 rounds of ammunition.
A number of guided and unguided weapons are also fitted to the aircraft to destruct surface targets. The guided weapons fitted for air-to-ground operations include Kh-31A high-speed, medium-range anti-ship airborne missile, Kh-31P high-speed, medium-range air-to-surface guided missile, Kh-59ME air-to-surface weapon, Kh-35E anti-ship unified guided missile, Kh-59MK airborne enhanced-range air-to-surface guided missile, X-29L (with semi-active laser guidance) / X-29TE (with passive TV guidance) air-to-surface missiles, and KAB-500KR electro-optical television-guided bomb.
The unguided weapons package constitutes 100kg, 250kg and 500kg aerial bombs and single cluster bombs as well as C-8, C-13 and C-25-RPM roflies.Meaning that it can carry up to 2 tonnes of bombs as it flies(bombs only) and if you add on other armaments it can carry up to 8 tonnes of both bombs and missiles.The type of missiles it carries include,short range A2A missiles,medium rangeA2A missiles, air to surface(A2S)missiles, Anti radiation missiles.The bombs it carries include Drop bombs and guided drop bombs(meaning that once it is elctronically set it has to hit the target whatsoever). This SU-30MK2 has stand off launch range of of over 120km meaning that if it is operating in Kabale it has ability to hit targets in mbarara town.
The medium-range air-to-air missiles carried by the Su-30MK2 include R-27T1, R-27ET1 with infrared homing, R-27R1, R-27ER1 with semi-active radar homing, R-27P1, R-27EP1 with passive IR homing, RVV-AE with active radar homing, and R-73E with all-aspect IR passive homing.
Engine and performance
The Su-30MK2 multi-role combat aircraft is powered by two AL-31F high-temperature double-circuit turbojet engines, which generate a thrust of 12,500kgf each.
The aircraft can fly at a maximum speed of 2,100km/h, with a horizontal speed of 1,400km/h.The means that for example if SU-MK2 is to be started near the border of Rwanda and it wants to strike kampala,and lets assumme the aerial distance from kagitumba border to kampla is 400km,the it would take this SU-30Mk2 only 18 minutes to reach kampla and do its work.The unrefuelled range of the fighter is 3,000km,it can fly all these kilometres without refuelling again. The in-flight refuelling system provides a flight range of up to 5,600km,the amount of fuel in its refuellng system can sustain it up to the mentioned distance in air before landing to get more fuel. The maximum altitude of the aircraft is 17,300m.Meaning that it can fly up to a height of 17.3 km above the earth surface.

what WHO is saying about the Russian made COVID19 vaccine.

• 

  WHO in Close Contact With Russia Over First-Ever Vaccine for Coronavirus

  "We are in close contact with Russian health authorities and discussions are ongoing with respect to possible WHO prequalification of the vaccine, but again prequalification of any vaccine includes the rigorous review and assessment of all required safety and efficacy data," WHO spokesman Tarik Jasarevic told a U.N. briefing in Geneva, referring to clinical trials.
• Russia's Binnopharm Factory Can Produce 1.5Mln COVID-19 Vaccine Doses Annually

  MOSCOW (Sputnik) – Binnopharm’s factory in the Russian town of Zelenograd can produce about 1.5 million COVID-19 vaccine doses per year and several batches are ready for shipment to the regions, the AFK Sistema conglomerate said Tuesday.

  "Binnopharm factory has a capacity to produce 1.5 million vaccine units per year. The first batches of the vaccine are ready for shipment to the Russian regions", investment company AFK Sistema President Vladimir Chirakhov said, as quoted in the company's press release.

  Sistema's shares jumped by almost 6 percent on the news of the vaccine, Moscow stock exchange data showed.

  Earlier on Tuesday, the Russian Health Ministry registered the first coronavirus vaccine in the world. It was developed jointly by the Gamaleya Research Institute and the Russian Defence Ministry. According to Health Minister Mikhail Murashko, the vaccine will be produced by the Gamaleya centre and Sistema's Binnopharm.

The gorvenor of north kivu nzanzu kasivita in Kinshasha also had alot to talk about ADF and other militias in Kivu

Governor of North Kivu, Carly Nzanzu Kasivita is in Kinshasa. Like his colleagues from South Kivu and Ituri. He came to plead in favor of greater central government involvement in the fight against armed groups in the country's eastern provinces.

"We are challenged by the issue of armed groups and we wanted to have a serious debate on this issue and have a coherent plan to ensure that the demobilization and reintegration of children leaving armed groups are successful by the DRC", he said at the end of the meeting he had with Boniface Balamage, 2nd vice-president of the National Assembly.

And he added:

“We seem to be going in circles and it feels like a vicious circle. What brought us here, to meet the luminaries of the Republic. We are in the National Assembly. We will meet with sector ministers to share our concerns. We want the issue of armed groups to be prioritized. And that will allow us to assert the authority of the state. "

He insisted on the issue of ADF.

“Beni, the ADF, this issue has been on the table for more than 20 years. We have always said that the war in Beni is waged against the children of the Republic. We must always benefit from national solidarity. The ADF are now in Ituri. We don't know, they may end up in another province tomorrow ”.

The Joint United Nations Office for Human Rights (UNJHRO) in the DRC reported that the last six months have been among the most violent: at least 1,470 people including 298 women and 177 children, an average of eight civilians killed every day in the context of conflicts. Among the provinces in conflict, that of North Kivu remains by far the most affected (1,864 violations), followed in particular by Ituri (680 violations), South Kivu (475 violations), Tanganyika (275 violations), Kasaï (235 violations), Maniema (178 violations) and Kasaï Central (146 violations).