FBI Cyber Research revealed

The FBI identified incidents over the past few months in which cyber actors scanned for and sought to exploit audio and visual communication devices on networks to identify vulnerabilities which could later be used to gain access and unlawfully acquire information about the organization. In addition to targeting corporate information, vulnerable devices may be targeted for compromise for use in botnets or other criminal activities. The types of devices targeted include: Voice over Internet Protocol (VoIP) phones, video conferencing equipment, conference phones, VoIP routers, and cloud-based communication systems. While cyber actors have targeted VoIP and other communication devices in the past, the FBI continues to see these devices scanned by cyber actors for vulnerabilities.

Threat

Specifically, the FBI observed cyber actors identifying and probing communication devices by issuing HTTP GET requestsa to a business server or network to retrieve device configuration files. Information contained in configuration files often reveals IP addresses, usernames, passwords, system management URLs, and assigned phone numbers – all of which could be used by cyber actors for malicious purposes. Many of the requests are specific to particular brands of devices. Victims will often receive several GET requests in succession with the actors scanning for multiple brands of devices.

In addition, cyber actors retrieve IP addresses for further exploitation by using businesses’ customer service VoIP hyperlinks, which are traditionally made available for customers to use in contacting the business. Once those hyperlinked calls are answered, the actor retrieves the IP address belonging to the phone which answered the call. Once the IP address is retrieved, an actor could send a large volume of packets to the IP address, overloading it and taking the service offline for the targeted business and its legitimate customers.

In addition to the above techniques, cyber actors target devices with brute-force attacks, attempting unauthorized access through the use of common usernames and passwords. Open source scanning tools can also be used to identify vulnerable communication devices and any associated ports.

All of the information obtained through scans and other methods are likely used for specific targeting efforts by cyber actors. This includes leveraging access to compromised audio and video devices to eavesdrop on meetings or conference calls, placing fraudulent international phone calls, leveraging the compromised device for use in botnets, and conducting man-in-the-middle attacks to redirect corporate network traffic.

Recommendations

The following recommendations may limit the success of these types of attacks:

Conduct daily server log reviews to identify unusual activity, including GET and POST requests from external IP addresses.

Work with the communication device/system providers to ensure servers are patched and updated regularly.

Consider restricting access to configuration files or configuring firewalls to block traffic from unauthorized IP addresses.

Restrict communication devices/systems to only non-sensitive business networks.

Conduct regular penetration testing exercises on communication devices to identify and address vulnerabilities in a timely matter.

Enable encryption on teleconference programs and applications and consider disabling auto-answer capabilities.

Password protect configuration files, if possible.

Regularly review and update users with access to administrative accounts.

Segment configuration files on the network. Be sure to protect configuration and other device-related files after getting the device out of the box. Don’t just plug and play.

 

DHS & FBI about ISIS Leader Baghdadi’s current Situation

Image result for baghdadi video

Executive Summary:
(U//FOUO) This Joint Intelligence Bulletin (JIB) is intended to provide information on the recent video appearance by the Islamic State of Iraq and ash-Sham (ISIS) leader Abu Bakr al-Baghdadi. The video addresses the group’s territorial defeat in Syria, discusses the acceptance of pledges of allegiance from ISIS supporters, and praises recent attacks in Sri Lanka and Saudi Arabia. This JIB is provided by the FBI, DHS, and NCTC to support their respective activities and to assist federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials and private sector security partners in deterring, preventing, or disrupting terrorist attacks against the United States. All video details described in this JIB are taken from the translated transcript of Baghdadi’s speech. The information cutoff date is 1 May 2019.

(U) Details of ISIS Leader Abu Bakr al-Baghdadi’s Video Message

(U//FOUO) On 29 April 2019, ISIS’s al-Furqan Media Establishment publicly released an 18-minute video message in Arabic titled “In the Company of the Amir of the Believers”, which shows ISIS leader Abu Bakr al-Baghdadi sitting on a carpet in an undisclosed location with an assault rifle at his side. This is Baghdadi’s first public statement since his August 2018 audio message, and his first video appearance since July 2014, when Baghdadi was filmed introducing himself as “caliph” of the newly-declared caliphate at the Grand Mosque in Mosul, Iraq.

(U) Baghdadi Vows a “Long Battle Ahead” Despite Defeat in Syria

• (U//FOUO) Baghdadi emphasizes that ISIS’s fight is not over, stating, “In truth, the battle between Islam and its people with the Cross and its people is long.” He further explains that ISIS is engaged in a multigenerational struggle and they plan to wear down their enemies with attrition, emphasizing that “jihad will continue until Judgement Day” and that “God Almighty ordered us to wage jihad and did not order us to achieve victory.”

• (U//FOUO) Baghdadi acknowledges that ISIS lost the war in Baghuz, Syria, but emphasizes that the “bravery, steadfastness, and endurance of the Ummah of Islam was evident.” He states that ISIS’s soldiers did not abandon their faith during the battle, and sacrificed their lives rather than giving away land to ISIS’s enemies.

• (U//FOUO) Baghdadi praises the members in all of ISIS’s provinces for their “unified raid to avenge their brothers in Syria, which amounted to 92 operations in eight countries.” He states these attacks indicate the cohesion and steadfastness of the “mujahedeen.” Baghdadi praises and thanks the now-deceased emirs, provincial governors, military personnel, and media members from various countries for their support to ISIS.

(U) Baghdadi Praised the Attacks in Sri Lanka and Saudi Arabia and Calls for Additional Operations

• (U//FOUO) Video footage displays the Sri Lanka attackers—who conducted a series of suicide bombings against luxury hotels and Christian churches in Sri Lanka on 21 April, killing approximately 250 people—pledging allegiance to Baghdadi, while audio of purportedly Baghdadi’s voice is heard stating, “You brothers in Sri Lanka have pleased the monotheists by their commando operations that unsettled the Crusaders in their Easter celebrate to avenge their brothers in Baghuz.” Baghdadi continues with “praise be to God, for among those killed were some Americans and Europeans.” Baghdadi congratulates the Sri Lanka attackers on their pledge of allegiance to join the “caliphate,” and asked God to accept them as martyrs.

• (U//FOUO) Baghdadi acknowledges the attack in Saudi Arabia—where ISIS fighters attacked a Saudi security building in Az Zulfi on 21 April—and asked God that it be “followed by another one.” He calls on members in Saudi Arabia “to continue down the path of jihad” against the Saudi regime.

• (U//FOUO) While Baghdadi appears in discussion with unidentified men, text on the screen indicates he was giving directives to “double the effort and intensify the blows against the Crusaders, apostates, and their supporters.”

(U) Baghdadi Accepts Pledges of Allegiance and Praises Global Network

• (U//FOUO) The video shows Baghdadi being handed booklets by one of the unidentified men which are labeled with the names of ISIS provinces, including Libya, Khorasan, Somalia, Yemen, Caucasus, West Africa, Central Africa, and Turkey, as well as Tunisia, which is not publicly identified as a province. This is the first time ISIS has referred to Turkey as an official province, or “wilayah,” in its media releases.

• (U//FOUO) Additionally, Baghdadi accepts pledges of allegiance from ISIS members in Burkina Faso and Mali, and congratulates them for joining the “caliphate.” He recommends they intensify their attacks against France and its allies and to avenge their brothers in Iraq and Syria.

• (U//FOUO) Baghdadi congratulates ISIS members in Libya for their resoluteness and their raid on the town of Al Fugaha, Libya. He states that despite their withdrawal from it, they have shown their enemies that they are capable of taking the initiative, knowing their battle today is a battle of attrition.

(U) Baghdadi’s Image Starkly Contrasts with Last Appearance in 2014

(U//FOUO) The video’s presentation of Baghdadi as an insurgent leader—similar to the images of now-deceased al-Qa‘ida (AQ) leader Usama Bin Laden and now-deceased AQ in Iraq leader Abu Musab al-Zarqawi from prior videos—contrasts with Baghdadi’s July 2014 appearance at the Grand Mosque in Mosul, Iraq, where he delivered a formal address from the mosque’s pulpit wearing a black turban and robe probably to evoke images of the last caliphs who ruled from Baghdad.

(U) Outlook

(U//FOUO) The FBI, DHS, and NCTC assess Baghdadi’s appearance almost certainly will bolster the morale for ISIS’s existing supporters around the world, including those in the United States, by indicating Baghdadi is alive and in control of the group as of late April 2019. Most homegrown violent extremists (HVEs) generally do not mobilize to violence in response to specific events and instead are usually influenced by a confluence of sociopolitical, ideological, and personal factors.a However, those wavering in their commitment to ISIS might feel a sense of renewed devotion to the group as Baghdadi is alive and apparently still managing ISIS.

Christchurch May Inspire Other Terrorists – DHS-FBI

Christchurch May Inspire Other Terrorists – DHS-FBI

This Joint Intelligence Bulletin (JIB) is intended to provide information on Australian national and violent extremist Brenton Tarrant’s 15 March 2019 attacks on two mosques in Christchurch, New Zealand. These attacks underscore the enduring nature of violent threats posed to faith-based communities. FBI, DHS, and NCTC advise federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials and private sector security partners responsible for securing faith-based communities in the Homeland to remain vigilant in light of the enduring threat to faith-based communities posed by domestic extremists (DEs), as well as by homegrown violent extremists (HVEs) who may seek retaliation. This JIB is provided to assist federal, state, local, tribal, and territorial counterterrorism and law enforcement officials and private sector security partners to effectively deter, prevent, preempt, or respond to incidents and terrorist attacks in the United States.

(U) Attack Details

(U//FOUO) On 15 March 2019, New Zealand police arrested an Australian national who appeared to be inspired by a white supremacist ideology and who allegedly conducted a shooting attack on two mosques in Christchurch, New Zealand. This attack highlights the enduring threat of violence posed to faith-based communities. There are currently 49 victims deceased, and 20 others are listed as being in critical condition following the attack.

» (U//FOUO) On 15 March 2019, at about 1:40 PM local time, Australian national Brenton Tarrant used firearms to attack the Masjid Al Noor Mosque in the city of Christchurch, New Zealand, before conducting a similar shooting attack at the Linwood Masjid Mosque, approximately four miles away. Tarrant drove to the attack sites and livestreamed a video of the attack. Police also discovered improvised explosive devices in a vehicle connected with the attack. Tarrant is currently the only known perpetrator; however, investigation of his movements and associates continues.

» (U//FOUO) Tarrant disseminated a manifesto prior to the shooting which detailed his concerns of perceived “white genocide.” The manifesto contains a wide range of anti-immigrant and anti-Muslim views. One reason listed as to why he carried out the attack was “to create conflict…within the United States on the ownership of firearms in order to further the social, cultural, political, and racial divide within the United states [sic].”

» (U//FOUO) Tarrant claimed to have been planning the attack for two years and recently relocated to New Zealand to live temporarily while he “planned and trained.” He claimed to have chosen to conduct his attack in Christchurch three months prior to show such attacks could happen anywhere.

(U) Mosque Attacks Could Incite Like-Minded and Retaliatory Attacks

(U//FOUO) We are concerned online sharing of Tarrant’s livestreamed footage could amplify viewer reaction to the violent attack and possibly incite similar attacks by those adhering to violent extremist ideologies in the United States and abroad, as well as retaliatory attacks from HVEs and individuals otherwise affiliated with foreign terrorist organizations. Tarrant appeared to have been influenced by prior attacks by violent extremists in the United States and other countries, and we remain concerned that US-based DEs of similar ideologies could become inspired by this attack. Although most HVEs generally do not mobilize to violence in response to specific events and instead are usually influenced by a confluence of sociopolitical, ideological, and personal factors, exceptions may occur and we remain concerned for the potential of retaliatory attacks by some HVEs, as we have already seen calls for attacks by violent extremists online.

» (U//FOUO) Tarrant claimed Norwegian mass attacker Anders Brevik gave his “blessing” for the attack. Tarrant’s ammunition cases also displayed handwritten names of violent extremists in Canada and elsewhere who previously conducted violent attacks on Muslims or in support of violent extremist ideologies.

» (U//FOUO) An examination of online jihadist media following the mosque attacks indicates various al-Qa‘ida and ISIS supporters are posting attack images to express outrage and are calling upon all Muslims to respond to the New Zealand attacks by launching their own near-term attacks in retaliation.

The Daily Show – A Special Prosecutor Steps In

The Daily Show – A Special Prosecutor Steps In

Special Prosecutor Russia, Special Prosecutor Definition, Special Prosecutor Trump, Special Prosecutor Trump Russia, Special Prosecutor Nixon, Special Prosecutor Vs Independent Commission, Special Prosecutor Mueller, Special Prosecutor Appointment, Special Prosecutor Clinton, Special Prosecutor Obama, Special Prosecutor Appointment, Special Prosecutor Act, Special Prosecutor And Trump, Special Prosecutor Authority, Special Prosecutor Appointed Today, Special Prosecutor Archibald, Special Prosecutor Attorney General, Special Prosecutor Assigned, Special Prosecutor After Cox, Special Prosecutor Announcement, Special Prosecutor Benghazi, Special Prosecutor Bush, Special Prosecutor Bbc, Special Prosecutor Bad Idea, Special Prosecutor Budget, Special Prosecutor Bc, Special Prosecutor Clinton, Special Prosecutor Cox, Special Prosecutor Clinton Emails, Special Prosecutor Congress, Special Prosecutor Comey, Special Prosecutor Criminal, Special Prosecutor Cases, Special Prosecutor Candidates, Special Prosecutor Conflict Of Interest, Special Prosecutor Crs, Special Prosecutor Definition, Special Prosecutor Donald Trump, Special Prosecutor Doj, Special Prosecutor Duties, Special Prosecutor During Obama, Special Prosecutor Department Of Justice, Special Prosecutor Definition Quizlet, Special Prosecutor Dead, Special Prosecutor Dershowitz, Special Prosecutor Document, Special Prosecutor Examples, Special Prosecutor Explained, Special Prosecutor Ethics, Special Prosecutor Expert, Special Prosecutor Scott Ellington, Special Prosecutor Hillary Email, Special Prosecutor Clinton Email, Special Prosecutor Thomas E. Carluccio, Eulex Special Prosecutor’s Office, Special Prosecutor For Trump, Special Prosecutor For Russia, Special Prosecutor For Watergate, Special Prosecutor Fitzgerald, Special Prosecutor For Trump Russia, Special Prosecutor For Clinton, Special Prosecutor Fbi, Special Prosecutor For Benghazi, Special Prosecutor For Nixon, Special Prosecutor Fired By Nixon, Special Prosecutor Gop, Special Prosecutor Grand Jury, Special Prosecutor George Bush, Special Prosecutor Good For Trump, Special Prosecutor Ghana, Special Prosecutor Gansler, Special Prosecutor Freddie Gray, Special Prosecutor Vs Grand Jury, Special Prosecutor Attorney General, Garner Special Prosecutor, Special Prosecutor Hillary, Special Prosecutor History, Special Prosecutor House Of Cards, Special Prosecutor How, Special Prosecutor Hired, Special Prosecutor How Appointed, Special Prosecutor How Does It Work, Special Prosecutor Hillary Email, Special Prosecutor Us History Definition, Special Prosecutor Independent Commission, Special Prosecutor In Watergate, Special Prosecutor Investigation, Special Prosecutor Independent Counsel, Special Prosecutor Iran Contra, Special Prosecutor In Spanish, Special Prosecutor Investigated President Clinton’s Investments, Special Prosecutor Independent Investigation, Special Prosecutor Investigating Trump, Special Prosecutor Independent, Special Prosecutor Job, Special Prosecutor Justice Department, Special Prosecutor Jeff Sessions, Special Prosecutor Jaworski, Special Prosecutor Grand Jury, Special Prosecutor Vs Grand Jury, Special Prosecutor Ken, Special Prosecutor Korean, Special Prosecutor Kosovo, Special Prosecutor Kent Schaffer, Special Prosecutor Killed, Koschman Special Prosecutor, Special Prosecutor Law, Special Prosecutor Letter, Special Prosecutor Legislation, Special Prosecutor List, Special Prosecutor Law 1999, Special Prosecutor Lawrence Walsh, Special Prosecutor Lapse, Special Prosecutor Law Expiration, Special Prosecutor Law Usa, Special Prosecutor Mueller, Special Prosecutor Meme, Special Prosecutor Meaning, Special Prosecutor Molar, Special Prosecutor Mccain, Special Prosecutor March, Special Prosecutor Mcconnell, Special Prosecutor Mueller Wiki, Special Prosecutor Mandate, Special Prosecutor Mueller Age, Special Prosecutor Nixon, Special Prosecutor Needed, Special Prosecutor News, Special Prosecutor Nixon Fired, Special Prosecutor Npr, Special Prosecutor Now, Special Prosecutor Names, Special Prosecutor New York Times, Special Prosecutor Not The Answer, Special Prosecutor Named Today, Special Prosecutor Obama, Special Prosecutor Vs Special Counsel, Special Prosecutor On Russia, Special Prosecutor Or Commission, Special Prosecutor Vs Independent Commission, Special Prosecutor Obama Administration, Special Prosecutor Office, Special Prosecutor In Watergate, Special Prosecutor On Trump, Special Prosecutor Options, Special Prosecutor Process, Special Prosecutor Poll, Special Prosecutor Patrick, Special Prosecutor Pros And Cons, Special Prosecutor Police Misconduct, Special Prosecutor Pay, Special Prosecutor President Clinton, Special Prosecutor Past, Special Prosecutor Protest, Special Prosecutor Power, Special Prosecutor Quizlet, Special Prosecutor Qualifications, Special Prosecutor Russia, Special Prosecutor Russia Trump, Special Prosecutor Rules, Special Prosecutor Requirements, Special Prosecutor Robert, Special Prosecutor Republican, Special Prosecutor Role, Special Prosecutor Regulations, Special Prosecutor Reagan, Special Prosecutor Rod Rosenstein, Special Prosecutor Statute, Special Prosecutor Starr, Special Prosecutor Salary, Special Prosecutor Special Counsel, Special Prosecutor Schumer, Special Prosecutor Scalia, Special Prosecutor Statute Expired, Special Prosecutor Select Committee, Special Prosecutor Script, Special Prosecutor Senate, Special Prosecutor Trump, Special Prosecutor Trump Russia, Special Prosecutor Twitter, Special Prosecutor Trump Clinton, Special Prosecutor Trump Comey, Special Prosecutor To Investigate Clinton, Special Prosecutor To Investigate, Special Prosecutor Today, Special Prosecutor Tax Returns, Special Prosecutor Trump Investigation, Special Prosecutor Unconstitutional, Special Prosecutor Us History, Special Prosecutor Usa, Special Prosecutor Under Obama, Special Prosecutor Under Bush, Special Prosecutor Used In A Sentence, Special Prosecutor Uk, Special Prosecutor Us History Definition, Special Public Prosecutor Under Crpc, Special Victims Unit Prosecutor, Special Prosecutor Vs Independent Commission, Special Prosecutor Vs Special Counsel, Special Prosecutor Vs Select Committee, Special Prosecutor Vs Independent Counsel, Special Prosecutor Vote, Special Prosecutor Vs Independent Investigation, Special Prosecutor Cox, Special Prosecutor Vs Commission, Special Prosecutor Vs Independent, Special Prosecutor Vs Counselor, Special Prosecutor Wiki, Special Prosecutor Who Appoints, Special Prosecutor Whitewater, Special Prosecutor Watergate, Special Prosecutor Walsh, Special Prosecutor White House, Special Prosecutor With Larry Klayman, Special Prosecutor Wapo, Special Prosecutor West Wing, Special Prosecutor Washington Post, Special Prosecutor New York, Special Prosecutor New York State, Special Narcotics Prosecutor New York, Zimmerman Special Prosecutor

Revealed – FBI Updates Congress on Threats Involving Insiders

C. Frank Figliuzzi speaking before House Committee on Homeland Security
C. Frank Figliuzzi, assistant director of the Counterintelligence Division, briefs members of Congress.

FBI Counterintelligence executive C. Frank Figliuzzi briefed members of a House subcommittee on our efforts to disrupt economic espionage activity in the U.S., which—based on our pending cases—has resulted in losses of more than $13 billion to the American economy. Figliuzzi highlighted two growing threats: the willingness of so-called insiders to steal trade secrets and other proprietary information and hand it over to foreign entities; and the illegal transfer of U.S. technology, which could potentially end up in weapons of mass destruction.

The hearing, titled “Economic Espionage: A Foreign Intelligence Threat to Americans Jobs and Homeland Security,” also featured officials from the Department of Homeland Security’s Immigration and Customs Enforcement, the U.S. Patent and Trademark Office, and the U.S. Government Accountability Office. Figliuzzi noted that the “partnerships represented at this hearing”—coupled with public awareness—are a vital component to combating economic espionage.