Terrorist Names SEARCH:
Saturday, March 08, 2008
Ops and Intel update
( NO PICS GOOGLE HAVING PROBLEMS: 4 HRS NOW, bX-p52J72 AND BXMAYS8W ??? )
WASHINGTON (AFP) - The United States has put ships making port calls in Syria on a watchlist, an official said Thursday, as Washington ratcheted up the pressure on Damascus over its alleged links with terrorism.
The move allows the Coast Guard "to impose some additional port security measures to ships traveling to or arriving in US ports that have previously been either departing from Syria or have called on Syrian ports," he said.
Casey added he understood the measures would affect any ship that has visited Syria during its last five ports of call, but referred reporters to the Coast Guard and Department of Homeland Security (DHS) for further information.
But building the Frontier Corps into something more is precisely what the United States aims to do. "The basic assumption in terms of dealing with the militancy in the FATA is that the Pakistani army is too blunt an instrument and too much of an occupying force to be effective," says Daniel Markey, a former member of the State Department's policy-planning staff for South and Central Asia and now a senior fellow at the Council on Foreign Relations. The hope is that the Frontier Corps will "offer a local face and a greater connection to the local population…winning hearts and minds and doing things that are more constabulary in nature than full-scale military operations."
The idea to beef up the Frontier Corps appears to have originated on the Pakistani side, said Markey, as a sort of desperate response to the failure of both diplomacy and military invasion to rid the tribal areas of Al Qaeda and Taliban safe havens. "It was sort of the next thing on the list," he said. "First you try to get the tribes to work with you, cajoling them, paying them off. That doesn't work. Then you send in the troops and knock some heads, and that doesn't work. You pull out the troops and make another deal. That doesn't work. Then you say, 'What's wrong with the deal?' It needs an enforcement mechanism. It's better to have a local one than a foreign one, so maybe we'll try this!"
The State Department has already been providing counternarcotics funding to the Frontier Corps for several years, primarily for vehicles and radios. But the latest defense budget taps the Pentagon's deep pockets for the first time. Last year, a U.S. military assessment team ventured to the FATA to determine how best to assist the Frontier Corps. The resulting budget allocation includes money for vehicles, helmets, flak jackets, night-vision goggles, and communications equipment—the sort of general military aid that can be provided with the fewest possible American fingerprints. "A high U.S. profile in the tribal areas, in the NWFP, is the kiss of death," said Robert Grenier, a former chief of the CIA's Counterterrorism Center, speaking at a recent Council on Foreign Relations event in Washington. But Pakistan, he said, "may be willing to accept low-level support from the Americans, particularly in the form of training."
Future intelligence, surveillance, and reconnaissance systems, along
with new weapons platforms, are expected to at least double the current
demand on the global communications infrastructure.
(During OPERATION ENDURING FREEDOM, General Tommy Franks required 32 times more bandwidth than did General Norman Schwarzkopf during OPERATION DESERT STORM.)
Change Two of the Unified Command Plan directs US Strategic Command to coordinate C4
capabilities in support of strategic force employment
The Global Strike mission embodies US Strategic Command "capabilities-
based" strategy and employs various assets to execute limited-duration,
extended-range, and precision kinetic and/or non-kinetic strikes anywhere on
Congress Grills White House Cybercrats
Andy Greenberg 02.28.08, 3:00 PM ET
Since hackers penetrated Pentagon servers last June, pilfering untold amounts of sensitive data, the Bush administration has pledged billions to plug the holes in government cyber-security. But in testimony before a congressional committee on Thursday, administration officials said little that eased concerns about the effectiveness, the cost or the intrusiveness of the monitoring program they are building.
"The fact that you don't have the threat information and are working on projects that will take years to complete is absolutely shocking. It's not timely. I'm not getting any sense of urgency. I don't think much of it will work," said Rep. Jane Harman, D-Calif., speaking to representatives of the Department of Homeland Security and the White House's Office of Management and Budget.
Many details of the cyber-security initiative, a collaboration between the Department of Homeland Security, the Office of the Director of the National Intelligence, and the National Security Agency, remain classified. Former officials say the plan will cost as much as $6 billion in its first year and as much as $30 billion over seven years, and will vastly expand monitoring of all government networks. But just how comprehensive that monitoring will be remains unclear.
In the hearing, the administration was represented by Karen Evans, the White House's administrator of e-government and DHS's undersecretary Robert Jamison. No one from the National Security Agency or the defense sector testified. Evans and Jamison emphasized that the program would create real-time network monitoring of malicious activity, limit the number of access points to government networks and standardize government security across all federal systems.
They offered scarce details, however, on the key element of the project: the improvement of the DHS's surveillance program known as Einstein.
DHS are missing the point, WHAT HAPPENS IF THE WWW GOES DOWN?
Terrorists beat the Shin Bet defense system
Exclusive: Terrorists beat the Shin Bet defense system in Jerusalem for the first time since 2006
March 7, 2008, 6:53 PM (GMT+02:00)
DEBKAfile's counter-terror sources report that for almost two years the Shin Bet's uniquely effective defense system succeeded in thwarting almost every Palestinian terrorist attacks inside Israel. But with the deadly shooting rampage at Jerusalem's Yeshivat Harav which claimed eight lives Thursday night, March. 5. Israel's eight-year terror ordeal at Palestinian hands has now taken a new direction. Under the guidance of Iran, Syria and Hizballah, terror planners have learned how to bypass the universally-acclaimed Shin Bet counter-terror system by dispensing with large operational teams which include accomplices who drive the suicide killer to target. The Israeli security service found this set-up highly susceptible to penetration for advance tip-offs of attacks in store.
Thursday's attack was carried out single-handed by a lone gunman, a local man and Israeli citizen who could move around Jerusalem unnoticed. As a delivery-man, he could conduct his own surveillance and choose his method of attack and its timing. The Kalashnikov assault rifle he used is available for cash in most Israeli towns.
The yeshiva attack revealed that senior terror planners have found they can leave operational details to a lone suicide killer after selecting him, identifying his target and setting the date. In this way, they reduce the chances of leaks to almost zero.
Jerusalem district police commander Aharon Franko stated after the attack that no advance warning had been received. The institution was unguarded and unaware of the menace in store.
This departure in Palestinian methods of operation makes the next stage in the terror war confronting Israel particularly dangerous. More atrocities on the lines of the yeshiva attack may be in the pipeline before Israel's security services catch up with the revised methods of slaughter and evolve fitting methods of prevention.
The events of this week, the yeshiva murders, the roadside bomb which killed an Israeli soldier patrolling the Gaza border, the bottle bombs and rock-throwing on the West Bank, the riots in Jerusalem, all indicate that the Palestinians have launched a fresh wave of terror primarily targeting Israeli civilians. It is timed to coincide with the spring festivals of Purim, Passover and Easter, with the 60th anniversary celebrations of Israel's statehood ahead.
But these guys must have considerable training, acting independently without support
shows very advanced training.
Friday, March 07, 2008
The Army cracked down on soldier-bloggers and Youtube. The Air Force blocked blog-access on official networks. All this despite the military paying lip service to New Media, the open-source phenomenon and information warfare. Now the Coast Guard, America's smallest military branch, is finally checking out this whole internet thing -- and last week it totally panicked, maybe.
Join the Civilian Cyber Forces: HERE.
wE are coNNecteD
ZHadum writes: "9 February 2007, Moscow, Russian Federation.
He was tired. It is a long flight from the one part of country to the capital. They arrived to meet him, at Sheremet'evo. He looked over their heads.
- Supposing somebody else? - one of them asked, they call him - the mister Z. His tricky smile sometimes really irritates Alexander. Mister Z has created a mighty things in the past, but for now, he retired. As well as all others from the group. Alexander doesn't answer and pointed on others.
- I wouldn't say I am like to see most of us.
- Just leave it, 2002 is over, - said one of them - lame man with a small cane. He smiled just like the mister Z. Mister Z doesn't like it, because they were no friends and more - almost enemies.
13 February 2007, somewhere in Moscow.
- It is wonderful, - she said. She was standing right with window and can see a vista of the part of Moscow Kremlin.
- I saw photos, - Alexander doesn't looked into the window and moves to table where heap of equipment were located. Two notebooks (AMD Turion), several hard drives with overall capacity up to 1 Tb and a lot of wires.
- You lost all of your romantic, - she ascertained the fact.
- And you are not? - he asked by the way turning notebook power. The Windows 2003 R2 welcome screen appeared. Hard drives were blinking with blue lights. She moved and watched on login. R2 has launched, and restored network connection. He started cmd.exe and typed
ping http://******cops.com (actual name hidden, ZHadum remark)
They wait few second. Packets doesn't come. 50% lost.
He switched window and launched Miranda. They all were here. Waiting for assistance.
-Huh, - she told and has gone to the bathroom.
V: I'm getting 50% packet lost during ping
Z: checking from outside
Z: 75% are lost
V: what is the peak of bandwidth?
A: around 700 M/bits per second
L: it is jumping through
Z: growing baby
V: can we locate the source of attack?
Z: suppose to be no for now :)
K: this attack isn't managed, fully automatic
Z: sync-flood and teardrop, guess
V: doesn't like that it is working, I'm still able to ping them
K: and what we suppose to be do? storm doesn't answers, it is fully automatic
Z: depends on the number of bots, guess this is not a network limit
L: more to go :)
He logged out and started Opera browser. Then typed a web resource address and begins wait, it was predictable slow. Network still hold the line. Alexander smiled and turned off R2.
1X February, the same place.
"All your base are belongs to us", lalala
He and she laughed a lot. Even mister L enjoyed such approach.
- Remembers old MSDOS times, - he said.
Alexander has noded and again start laughing.
On the Miranda screen they can see a last message
Peak bandwidth rate is 860 M/Bits per second
1X February, the same place.
"We are sorry, maintenance problems". F5 was pressed and site has been resolved to 127.0.0.1.
Network was almost dead, bandwidth was around 1G/bit.
- Can rdbot give the same results? - asked she (she always interested in network security) from mister L.
- If they will gain more resources it is possible to shutdown whole target network.
- It is depends on what kind of hardware they have, - noted Z. - If they are rich... you can continue.
- Guys and girls did you read the stuff they are posting around? - Alexander smiled. - They tracked several bots and went to the Moscow.
- Bugaga, - said mister Z. - They can reach this result with a lot of other captured bots.
- Computer Police is upcoming - she was in the high spirits state. "Computer Police" was a something unreal and unknown for this country, well because most of it members were totally lame and nobody doesn't really wanned to do his job, all doesn't matters.
- Thats a Storm problems, - mister L said.
- Attack strength will decrease its rate while bots will die - added mister L. - Three days maximum.
- Storm Manipulation stage complete - said Alexander and turned notebook power off."
1. Is The Storm Worm Finally Blowing Over?
Spam report from Marshal says yes. But other security vendors have their doubts.
2. 3/6: Monagrey Trojan Still in the Wild
Security vendors continue to issue alerts for W32/Monagrey, a Trojan that will infect
Windows systems, terminate applications and modify IE start page.
3. 3/6: Wince_Infojack.A Worm Runs in Mobile Devices
Wince_Infojack.A is a worm that is designed to run in the Windows CE environment used in
4. 3/6: Backdoor.Sanjicom Trojan Uses Rootkit
Backdoor.Sanjicom is a Trojan horse that opens a back door on the compromised computer
and uses a rootkit to avoid detection.
5. 3/5: Trojan.Mdropper.AA May Download Malicious Files
Trojan.Mdropper.AA is a Trojan horse that may download potentially malicious files on to
the compromised computer.
6. 3/5: Mytob.SA Mass-Mail Worm Lowers Security Settings
W32.Mytob.SA@mm is a mass-mailing worm that opens a back door and lowers security
settings on the compromised computer.
7. 3/5: Drop-J a Windows Trojan
Troj/Drop-J is a Windows Trojan.
8. 3/5: Agent-GRI Trojan Installs Itself in Registry
Troj/Agent-GRI is a Trojan that installs itself in the system registry.
9. 3/5: Delf.APB Trojan Drops Files, Deletes Hosts File
W32/Delf.APB is a Trojan that will infect Windows systems.
10. 3/5: Banker.KTG Trojan Steals Passwords
Banker.KTG is a Trojan whose main objective is to steal passwords from the affected
11. 3/5: SymbOS.Kizaha.A Trojan Dropped Into Compromised Devices
SymbOS.Kizaha.A is a Trojan that is dropped into compromised devices by
12. 3/5: PWSDla-Gen an Information-Stealing Trojan
Troj/PWSDla-Gen is an information-stealing Trojan for the Windows platform.
13. 3/5: PWSDlb-Gen Trojan Steals Information
Troj/PWSDlb-Gen is an information-stealing Trojan for the Windows platform.
14. 3/5: VirFire-A a Windows Virus
W32/VirFire-A is a virus for the Windows platform.
15. 3/5: Sdbot-DKE Worm Copies Itself, Creates Files
W32/Sdbot-DKE is a worm for the Windows platform.
16. 3/5: Dwnldr-ZLA Trojan Drops, Executes Files
Troj/Dwnldr-ZLA is a Trojan for the Windows platform.
17. 3/5: Monagrey Trojan Modifies IE Start Page
Monagrey is a Trojan that modifies IE start page and prevents common applications from
18. 3/4: Agent.FRV Trojan May be Unknowingly Downloaded
Troj_Agent.FRV is a Trojan that may be downloaded unknowingly by a user when visiting
certain malicious Web sites.
19. 3/4: Agent-GRF Trojan Copies Itself
Troj/Agent-GRF is a Trojan for the Windows platform.
20. 3/4: Agent-GRE Trojan Installs FIle
Troj/Agent-GRE is a Trojan for the Windows platform.
21. 3/4: Repet-A a File Infector With Backdoor Functionality
W32/Repet-A is a file infector with backdoor functionality.
22. 3/4: Agent.FRV Trojan May be Unknowingly Downloaded
Troj_Agent.FRV is a Trojan that may be downloaded unknowingly by a user when visiting
certain malicious Web sites.
23. 3/4: OnLineGames.RYH Trojan Infects Windows Systems
W32/OnLineGames.RYH is a Trojan that infects Windows systems.
24. 3/4: Vimm Virus Infects Executable Files on Local, Remote Drives
W32.Vimm is a virus that infects executable files on local and remote drives.
25. 3/4: Trojan.Monagrey Displays Virus Message
Trojan.Monagrey is a Trojan horse that displays a message stating that the computer is
compromised by the "MonaRonaDona" virus.
26. 3/4: SymbOS/Kiazha.A Trojan Attempts to Extort Money From Device User
SymbOS/Kiazha.A is a Trojan that attempts to extort money from device user.
27. 3/4: SymbOS/MultiDropper.CR Trojan Signs User Up to QQ Account
SymbOS/MultiDropper.CR is a Trojan that attempts to sign the user up to a QQ account.
28. 3/4: SymbOS/SmsSend.F Malware Sends Random SMS Messages
SymbOS/SmsSend.F is a malware that randomly sends SMS messages to a preset number.
29. 3/4: SymbOS/SmsSend.G Trojan Forwards User's SMS to Number
SymbOS/SmsSend.G is a Trojan that forward users SMS to a phone number in a
30. 3/4: SymbOS/Beselo Worm Spreads Via MMS
SymbOS/Beselo is a worm that is distributed in a SIS file named "beauty.jpg."
31. 3/3: ExePage-A Trojan Detects Malicious Web Pages
Troj/ExePage-A Trojan detects malicious web pages that will attempt to automatically
download EXE files.
32. 3/3: SillyW-A a Windows Virus
W32/SillyW-A is a virus for the Windows platform.
33. 3/3: Scrapkut-A a Windows Worm
W32/Scrapkut-A is a worm for the Windows platform.
34. 3/3: Diehard.EV.Downloader Trojan Drops Files, Modifies Registry
W32/Diehard.EV.Downloader is a Trojan that will infect Windows systems.
35. 3/3: Mdrop-BQG a Windows Trojan
Troj/Mdrop-BQG is a Trojan for the Windows platform.
36. 3/3: Looked-EF an Executable File Virus
W32/Looked-EF is an executable file virus for the Windows platform.
37. 3/3: Anpir-A Worm Targets Windows
W32/Anpir-A is a worm for the Windows platform.
38. 3/3: ZlobDr-H Trojan Hits Windows
Troj/ZlobDr-H is a Trojan for the Windows platform.
39. 3/3: Scrapkut.worm Sends Orkut Users Scraps of Itself
W32/Scrapkut.worm attempts to spread itself by sending orkut users scraps that contains
the link to the worm itself.
Thursday, March 06, 2008
Muqtada Al-Sadr Comatose
Muqtada Al-Sadr Comatose In Iranian Hospital
Shi'ite cleric and leader Muqtada Al-Sadr was secretly transferred a few days ago from Iraq to Iran for hospitalization as he was comatose.
It was reported that his illness resulted from food poisoning.
Al-Sadr is being treated by Iranian specialists, as well as by Russian doctors brought in to help the Iranian medical staff treat him.
Source: Al-Siyassa, Kuwait, March 3, 2008
Posted at: 2008-03-03
CIA we don't want your damn terrorist IP's.
Email was filled in: deleted for screen shot.
Info was submitted under my name.
Notice it says "Error(s) were encountered during the processing of your submission, and with the exception of the message field, the field with the error has been cleared:"
BUT THE MESSAGE FIELD WAS CLEARED...WTF ?
"WE DON'T WANT INFO FROM THE PUBLIC." CIA
Associate tried 5 times to send terrorist IPs and urls
VIA CIA's form for submitting information.
Form deletes all data upon submitting.
TRIED 5X times.
All hand typed, no code.
Maybe Congress should look into this.
What Intel have they rejected?
Bin Ladens location?
Chances to end the GWOT?
Nobody will ever know.
We are working on it, maintence, backed up 10 min, before .
Check back for Instructions.
Wednesday, March 05, 2008
Al Qaeda looking for media-savvy geeks
The logo of al-Sahab, al Qaeda's media branch, provided by IntelCenter on Wednesday, Feb. 27, 2008. (AP Photo/IntelCenter)
Al Qaeda looking for a few media-savvy geeks
Updated Wed. Mar. 5 2008 11:48 AM ET
The Associated Press
PESHAWAR, Pakistan -- In an Internet age, al Qaeda prizes geek jihadis as much as would-be suicide bombers and gunmen.
The terror network is recruiting computer-savvy technicians to produce sophisticated web documentaries and multimedia products aimed at Muslim audiences in the United States, Britain and other western countries.
Already, the terror movement's al-Sahab production company is turning out high-quality material, some of which rivals productions by western media companies. The documentaries appear regularly on Islamist websites, which al Qaeda uses to recruit followers and rally its supporters.
That requires people whose skills go beyond planting bombs and ambushing American patrols in Iraq and Afghanistan.
"The al Qaeda men who are coming today are not farmers, illiterate people,'' said Qari Mohammed Yusuf, an Afghan and self-declared al-Sahab cameraman. "They are PhDs, professors who know about this technology. Day by day they are coming. Al Qaeda has asked them to come.''
It was impossible to verify Yusuf's claim, although a former police chief in Yusuf's home province of Kunduz verified his links to al Qaeda and the Taliban. Yusuf's information has proven reliable in the past.
Nevertheless, western experts who monitor Islamist websites say the technical quality of al Qaeda postings -- including those from Iraq and Afghanistan -- has dramatically increased from the grainy, amateurish images that were the hallmark of al-Sahab's work only a few years ago.
Now, postings are often in three languages -- Arabic, English and Urdu, the language of Pakistan where al Qaeda hopes to draw fresh recruits. Videos look like professionally edited documentaries or television news broadcasts, with flashy graphics, maps in the background and split screens.
Footage lifted from Arab and western television is often interlaced into the videos -- and al-Sahab appears to have a wide-ranging video library.
A speech by deputy al Qaeda leader Ayman al-Zawahri issued to mark last year's Sept. 11 anniversary included U.S. television interviews with wounded American soldiers, CIA analysts and talking-head journalists and experts, excerpts from a President George W. Bush press conference, audiotape of Malcolm X, even old Second World War footage -- all edited in to back al-Zawahri's case that the United States is losing the war on terror.
Production quality up
"What has changed dramatically is the quality, with documentaries and messages sometimes in three languages,'' said Rita Katz, director of SITE Intelligence Group, a U.S. terrorism research centre. "They are trying to outreach to as many people as possible.''
Use of the Internet enables al Qaeda to reach a broad global audience within the worldwide Muslim community rather than having to rely on Arabic language satellite stations, whose audiences are limited to the Middle East and who exercise some degree of editorial control.
"What is really amazing to me is watching how would-be terrorists living in the West are drawn in and captivated by al-Sahab videos,'' said Evan Kohlmann, a terror consultant for Globalterroralert.com.
He said watching al-Sahab videos eventually leads some Muslim youth in the West into "making official contact with the al Qaeda organization.''
Katz said the quality of some recent al-Sahab productions was "good enough to be on the Discovery Channel.''
"We are not talking about people who don't know technology,'' she said. "They are very skilled. Al-Sahab must have a large team of people who have specific computer skills. These type of technically adept individuals are in high demand by al Qaeda.''
At the same time, the number of top-quality al Qaeda productions is on the rise.
According to the IntelCenter, a private U.S. counterterrorism organization, al Qaeda's propaganda wing produced and posted 74 video programs last year, an increase of 16 over 2006.
"It is clear that significant resources and efforts are being expended by al-Sahab to produce and release more videos than ever before and with consistently faster turnaround times than ever previously seen,'' IntelCenter said in a report last year.
Interviewed in a car with tinted windows as it swerved through colourful buses and ox-drawn carts, the bearded Yusuf, dressed in the loose-fitting clothing of a Pakistani farmer, outlined how al Qaeda has jumped into the Internet age.
Instead of elaborate studios and equipment, the geek jihadis use laptops, generators and the right software to edit their material. For transmission, all they need is a high-speed Internet connection, which is available at scores of Internet cafes in towns and cities throughout Pakistan and Afghanistan.
Yusuf, speaking in Pashto through an interpreter, boasted that he once transmitted video from an Internet cafe across the street from the Afghan Ministry of Interior in Kabul.
Katz said producing propaganda videos for al-Sahab is a three-step process.
The first is to shoot the video. The second step -- the most time-consuming -- is to edit and produce the material, a process which requires skilled technicians but can be done in a simple mud hut anywhere in Afghanistan or the rugged border area of Pakistan.
Once the material is ready, step three is transmitting through an Internet cafe.
"The al-Sahab man doesn't have to lug his computer on his back into the cafe,'' Katz said. "All he needs is a small USB stick and the high-speed Internet connection.''
Al Qaeda technicians have also become skilled at evading American detection techniques. Katz said they often use techniques such as "proxy servers'' to disguise the point of origin. Documentaries are sent in multiple files to improve security.
"The al-Sahab people know and study technology, the latest law-enforcement techniques,'' Katz said. "They know they can transfer files and they know not to transfer the entire file, to divide it into small pieces that eventually is stored in a single location.''
Yusuf said al Qaeda maintains its own cyberspace library, storing material in a secret server or servers so that the al-Sahab members do not have to keep incriminating material on their own laptops.
"There is a plan to make al-Sahab very big,'' Yusuf said. "It is part of the strategy. There are two parts. One is the fighting and the other part of the war is the media. We should carry out the media war because it inspires our people to come and fight.''
Company "C" cyber warriors also looking for a few media-savvy geeks.
For anti-terrorism, anti-alQaeda, anti-Taliban videos.
Saudi Al-Qaeda Supporters Renouncing aQ
Saudi Al-Qaeda Supporters Renouncing Views
A senior source in a Saudi Interior Ministry advisory committee that works to bring Saudi extremists to renounce their views has reported that over 150 intellectuals and psychologists have successfully rehabilitated over 1,300 extremists who once supported Al-Qaeda and incited young Saudis.
Also, Sheikh 'Abd Al-Mun'im Al-Mushawwah, director of the Al-Sakinah online campaign to bring extremists to moderate their views, which is under the supervision of the Saudi Islamic Affairs Ministry, has reported that Al-Sakinah staff was currently in dialogue with 25 extremists. He added that 695 of the 1,566 extremists with whom they had conducted a dialogue had renounced their former extremist views.
Sources: Al-Riyadh, Al-Iqtisadia, Saudi Arabia, March 5, 2008
USA's Intel system is a "Dumb Waiter"
I had to read this 3 times.
"Chertoff disputed the premise of the question, saying he didn't know what Stein meant using the term "harvesting," and that, anyway, the intelligence "products" don't specify where information comes from."
the intelligence "products" don't specify where information comes from.
don't specify where information comes from.
Product user can't transmit feedback to originators.
That's what he said,
Homeland Security Secretary Michael Chertoff says"
Intelligence Product user can't transmit feedback to originators.
That just can't be right, it boggles the mind.
That means an FBI agent in the field that gets terrorist IP's
doesn't ever know the value of that IP or other technical Internet data he gets.
It gets passed up the line anonymously.
The Military Troops raiding the compound the IP has been traced to, where they
capture al Qaeda PC with biographys, plans and members and connections can't
put in a request for more.
The civilian originator can read about the raid and capture, arrest and deaths of terrorist's
in the news related to Intel reports they submitted, with IP's, technical data and geo location.
And wonder why there is no financial consideration. ( Even with out of pocket expenses, $1,000 a month )
And no feedback, no requests for more?
The Intel delivery system is a DUMB WAITER.
NO downline method of feedback.
This paradigm pre-supposes the collectors know the value of the Intel they collect
and will pursue valuable Intel.
That hypothesis is false.
It supposes everyone is Internet savvy, with the understanding and insight of a White hat.
This is not the case.
At the very least the system needs a method to push the rating of the value of the Intel back DOWN the line.
Click on what "they" like and pass ratings back to field collectors for Intel pursuit.
Intel collection based on feedback, value and use,
Intel collection based on user targeted values.
Tuesday, March 04, 2008
Major banks, telecos top identity-theft chart
Major banks, telecos top identity-theft chart
Customers of top companies -- including Bank of America, HSBC, Sprint and AT&T -- are suffering the most identity theft, according to a survey of complaints to the U.S. Federal Trade Commission published last week.
The study, Measuring Identity Theft at Top Banks, found that the Bank of America, AT&T, Sprint and JP Morgan were associated with the largest number of identity theft complaints each month. When the data was compared to the size of the bank's existing deposits (a similar measure of size was not available for telecommunications companies), the survey found that HSBC, Bank of America and Washington Mutual were the top-three most defrauded institutions.SOURCE:
The paradigm for ID theft is based on the profit the Instutions make from ID theft.
Several Institutions offer programs to prevent ID theft, and even back it with $1,000,000 insurance policy.
The profit the banks make from ID theft, is the only motivation I can find for the Paradigm.
This is like a Bank taking your money then charging you extra to put it in a vault.
They have our data are NOT protecting it, and making a profit off its theft.
aQ manual in Pashto
Tuesday, March 4, 2008
Afghanistan: Al-Qaeda Releases New Training Manual in Pashtu Language for its Fighters in Afghanistan
The Al-Qaeda movement has released a 144-page training manual for its fighters in Afghanistan in the Pashtu language. The Pashtu-language newspaper Wrazparana Wahdat reported that the book gives lessons in guerrilla warfare, technical knowledge in bomb-making and use of heavy and automatic weapons. The title of the book is ‘Training Lessons’ and is written by one Mukhtar Khurasani. It has 10 chapters and is priced 50 Pakistani Rupees. The publisher is named as Al-Qaeda but the place of publication is not given.
According to the report, the book teaches military lessons for the regional fighters of the Al-Qaeda movement. It gives lessons in methods of making remote-control bombs, lessons in GPS-based wireless system, techniques of firing missiles and use of weapons. The book details how much explosive is to be used if a house, room or a big building is to be blown up. It also carries images of different types of light and heavy weapons and describes their range and power.
According to the report, the book also imparts lessons about the values of jihad, besides security and protection methods for Al-Qaeda fighters. It is supposed to be the third book in a series from Al-Qaeda for its fighters.
Source: Wrazparana Wahdat, Peshawar, March 4, 2008
FARC seeking dirty bomb.
Even as Venezuela was rushing soldiers to its border with Colombia, the Colombians hurled one more incendiary charge: in Geneva, Uribe's vice-president, Francisco Santos, told the UN disarmament conference that captured FARC documents revealed the group was seeking to acquire uranium to build a radioactive "dirty bomb". According to Vice President Santos, on March 3, Colombia's national police submitted an initial report regarding the content of two computers found with Raul Reyes, second in command of FARC, who was killed on March 1. Santos said the computers contained "information from one commander to another indicating that FARC was apparently negotiating for radioactive material, the primary basis for generating dirty weapons of mass destruction and terrorism."
Given the allegations that the captured FARC computers showd financial support to FARC from Chavez, and Chavez himself expressed sympathy and support for Reyes and his efforts, it would be hard to rule out, at this time, a Venezuelan role in any efforts by FARC to acquire nuclear material for a dirty bomb.
While tensions between Venezuela and its neighbors rapidly escalate, any further information about alleged Venezuelan ties to terrorist groups, illicit financial activities, or a terrorist dirty bomb that may emerge can only add fat to an already bubbling fire.
March 4, 2008 02:16 PM Link/MORE
The Colombian response has been equally vehement. The country's government says documents recovered from a laptop belonging to Reyes showed the Chávez government gave the rebel group - which the US and EU consider to be a terrorist organisation - $300m (£150m) in funding.
Such support for Farc meant Chávez should be tried by the international criminal court, Uribe said today.
Labels: FARC seeking dirty bomb.
Pushtun War of Revenge Against Taliban
Potential Pushtun War of Revenge Against Taliban
Attacks on Pashtuns could trigger war of revenge: analysts
Daily Times, March 4, 2008
* Former Tribal Areas security chief says all institutions representing Pashtun society have been targeted
* Editor says situation could ignite tribal enmities
ISLAMABAD: A spate of suicide attacks by militants could spark a war of revenge among ethnic Pashtun tribesmen in the NWFP just as moderate, secular political parties appear poised for power, analysts say.
The militants want to destabilise President Pervez Musharraf, and convince Pakistanis his alliance with the United States is the root cause of conflict in the area.
For their part, Pakistan's Western allies want its new prime minister and government, once they emerge from the hung parliament, to provide the democratic legitimacy for the war on terrorism that Musharraf has been unable to engender.
"You may not question Musharraf's policy on terrorism, you may say it's all right but the point is nobody is ready to own this policy," said Talat Masood, a former general and security analyst.
"The greatest advantage of the civilian government will be that the policy will be owned by the people of Pakistan."
The remote Waziristan region has seen the worst of the violence over the past few years, in recent months hitherto dormant tribal areas have erupted in violence. At least 40 people were killed on Friday in a suicide attack in Swat during the funeral of a policeman hours after he was killed in a roadside attack.
On Sunday, another 40 people died and scores were wounded when a young bomber blew himself up as hundreds of tribesmen left a jirga, that had discussed how to restore peace in Darra Adam Kheil.
The army has been fighting militants in Swat since October, and just last week had claimed it had cleared all but a few pockets of resistance.
But attacks like a roadside bomb that killed 13 members of a wedding party, including the bride, on February 22, again in Swat, demonstrated the insecurity ordinary families are encountering. Analysts noted a "dangerous trend" towards attacks that struck at the heart of Pashtun society.
"These are direct attacks on Pashtun society," said Mahmood Shah, a former security chief for the Tribal Areas.
Institutions:"All institutions, which represent Pashtun society, the mosque, a wedding, a funeral or a jirga, they have all been targeted.
"They want to bomb the entire Pashtun society into submission."
Pashtuns, whose lands straddle both sides of the border between Pakistan and Afghanistan, live to a code of honour, commonly known as Pashtunwali, that calls on men to take revenge if a family member is killed. The attacks on the funeral and the jirga could trigger inter-tribal feuds, in a region where guns are commonly referred to as "Pashtun jewellery".
Enmities: "This situation could ignite tribal enmities. This will create a very explosive and dangerous situation for the government," said Rahimullah Yusufzai, a newspaper editor and an expert on Pashtun affairs.
A moderate Pashtun party, the Awami National Party, won the most seats in the NWFP by trouncing religious parties and is likely to lead the provincial government in a coalition with the PPP, but if they fail to quell the violence voters will soon become disenchanted, analysts said. afp
Monday, March 03, 2008
ACTION ALERT against Terrorism
Taking down Leemedia, UPDATE DOWN.
Background and email addys to file complaints.
In your complaint tell them:
Dear Sir or Madam,
Lee-Media violates the TOS (terms of service), encourages acts of violence against U.S. troops, and encourages terrorism.
Providing business services, even free ones, to supporters of the Taliban or other known terrorist organizations violates the US & International Emergency Economic Powers Act (IEEPA). Each IEEPA violation of carries a fine of up to $250,000. Violation authority cited:
Domain Name: LEEMEDIA.NET
Please archive any evidence you may have and notify the proper authorities, then remove the site ASAP
We we would appreciate your quick response in this matter. More info below.
leemedia.net = 22.214.171.124
Emails for your complaint: use blind copy if you know how.
Please send to all/
You can refererence this URL: disgustingly graphic.
YOUR ACTIONS WILL HELP OUR TROOPS.
These guys are bad, and involved in al Qaeda terrorism.
Join our Cyber Troops: Company "C".
Labels: ACTION ALERT against Terrorism
Race to Root.
|MBR Rootkit, A New Breed of Malware||Posted by Kimmo @ 11:08 GMT |
The MBR is the first physical sector of the hard drive and contains the first code loaded and executed from the drive during the boot process.
In the competition between rootkits and rootkit detectors, the first to execute has the upper hand. And you can't execute earlier than from the MBR. Of course, MBR viruses used to be very common in the DOS days, 15 years ago or so. But this is 2008.
This new Windows MBR rootkit launches itself very early during the Windows startup process without requiring any registry or file modifications. In fact, it is quite surprising that it's possible to write to the MBR from within Windows to begin with.
The MBR rootkit — known as "Mebroot" — is very advanced and probably the stealthiest malware we have seen so far. It keeps the amount of system modifications to a minimum and is very challenging to detect from within the infected system.
Below are some details about the MBR rootkit's stealth features:
The ntoskrnl.exe module hook that executes the kernel-mode downloader payload is set to the nt!Phase1Initialization function which resides in the INIT section. This means that after the system has initialized the section is wiped out from memory and no sign of the hook is any longer present.
The rootkit stores data that's required to survive reboots in physical sectors instead of files. This means that the data, including the real payload, is not visible or in any way accessible to normal applications. Therefore the rootkit does not have to hook the normal set of interfaces to keep them hidden.
The MBR is the rootkit's launch point. Therefore it doesn't need to make any registry changes or to modify any existing startup executables in order to launch itself. This means that the only hooks it needs to make are used to hide and protect the modified MBR. Essentially this means that the rootkit hooks only two DWORDs from the disk.sys driver object which is shown in the picture below.
Another interesting feature of the MBR rootkit that has not received very much public discussion is its networking layer and firewall bypassing capabilities. One reason for this might be that this part of Mebroot's code is heavily obfuscated and time consuming to analyze.
It is known that the rootkit's main purpose is to act as an ultimate downloader. To be stealthy and effective it is essential that the rootkit does not trigger nor is blocked by personal firewalls. It is able to achieve this by operating in the lowest parts of the NDIS layer just above the physical hardware.
Only a single DWORD is hooked at all times from the NDIS internal structures. To send packets the rootkit uses the SendPacketsHandler function implemented by the actual hardware specific driver.
The rootkit uses its own unmodified versions of NDIS API functions it needs to operate. This has been done before by some malware, such as Rustock and Srizbi. However, what we have not seen before is the fact that the MBR rootkit uses a "code pullout" technique to only load the relevant code from the ndis.sys driver instead of loading the whole ndis.sys driver as its private module into memory.
This means that the memory fingerprint of the malware is smaller and there are no additional modules loaded into the system address space which might trigger some forensic tools.
This malware is very professionally written and produced. Which of course means it's not written for fun. Initial samples from December 2007 and January 2008 were at beta stage. Now it appears that the malware is fully-baked and more active distribution has begun. During the weekend our Security Lab started to receive information about multiple drive-by exploit sites spreading the latest version. (However, at the moment these attacks cannot be considered as widespread.)
The actual site hosting the exploit code utilizes the following exploits:
Microsoft Data Access Components (MDAC) Function vulnerability (MS06-014)
AOL SuperBuddy ActiveX Control Code Execution vulnerability (CVE-2006-5820)
Online Media Technologies NCTsoft NCTAudioFile2 ActiveX Buffer Overflow (CVE-2007-0018)
GOM Player "GomWeb3" ActiveX Control Buffer Overflow (CVE-2007-5779)
Microsoft Internet Explorer WebViewFolderIcon setSlice (CVE-2006-3730)
Yahoo! JukeBox datagrid.dll AddButton() Buffer Overflow
DirectAnimation.PathControl KeyFrame vulnerability (CVE-2006-4777)
Microsoft DirectSpeechSynthesis Module Remote Buffer Overflow
Proof of concept code for two of the exploits was publicly disclosed just less than a month ago.
The downloaded payloads seem to clearly target online banking and other financial systems.
We detect the latest MBR rootkit variant as Backdoor.Win32.Sinowal.Y.
The exploit site is currently resolving to an IP address of 126.96.36.199 and seems to still be active.
Here's some more information on Mebroot from Gmer, Prevx, and Symantec:
Gmer — MBR
Prevx — Master Boot Record Rootkit is here and ITW
Symantec — From BootRoot to Trojan.Mebroot: A Rootkit in Your MBR!
Symantec — The Flow of MBR Rootkit Trojan Resumes
Question: Is there any connection to terrorism funding?
Labels: Race to Root.
The police on February 18 seized four kg of low-grade uranium and arrested six persons in Supaul district along the Indo-Nepal border.
A police official on February 19 said acting on an intelligence tip-off, four kg of low-grade uranium was seized near Virpur bus stand in Supaul late on February 18 night.
The estimated value of the seized uranium is about Rs.50 million in the international market.
The police said the operation was conducted with the assistance of Seema Suraksha Bal (SSB) personnel. Six persons, including a schoolteacher and a SSB jawan posted in Assam, were arrested.
"We will interrogate the six persons," the police said.
The police suspect that the seized uranium was being smuggled from Meghalaya to Nepal.
Labels: uranium siezed
Sunday, March 02, 2008
Zee writes a paper.
Al-Qaida's leader ( Biny is dead ) wrote a paper, published Sunday on militant Islamic Web sites in which he slams radical militants who have disavowed armed struggle and turned their backs on violence.
The 215-page paper by Ayman al-Zawahri is the latest in an intellectual war between the founders of the terror group and the other Islamic militants, many of whom have become disillusioned with suicide bombings and attacks on civilians, bombing Mosques, killing Muslims, women, children and bombing market places.
"This message that I present to the reader today is the most difficult, if not the hardest I have written in my life," al-Zawahri "Exonerations," published by al-Sahab, al-Qaida's media wing.
We will post link soon.
Gadahn is ALIVE
Gadahn IS ALIVE.
From our sources.
The little coward is in hiding, afraid, but alive.
Damn, nice try though.
Will post more after officials announce the miss.
Zee kissed and kissed the boy toy.
They were afraid they lost aQ next leader.
I've been practicing my "Gadahn is DEAD" dance.
Mostly elbows flying and jumpin around.
Gadahn's notebook computer was found, at least one he set up.
But he set up many note books for al Qaeda leadership.
So you know the level of tech USA is dealing with.
DNA has been tested, none of it his.
Meanwhile, the Al-Qaeda Spokesman Ahmad Salman contradicted reports regarding killing of Ezzam Al-Americee in the recent missile attack at Khushhali Toorikhel near Mirali Town of North Waziristan Agency on January 29 last.
The Spokesman said that Ezzam Al Americee is alive.
Labels: Gadahn is ALIVE
Talbi KNEW, Harry was there, not likely.
TALIBAN fanatics knew Prince Harry was in Afghanistan and planned to capture and kill him, it was claimed last night.
Karim, speaking from Helmand province where Harry was fighting, said: “He is our special enemy. Our first option was to capture him as a prisoner. The second, to kill him.”
Karim claimed fanatics had reported possible sightings of Harry in their area on several occasions, but his fighters never got close enough.
Harry’s tour of duty had been scheduled to last until April but it ended abruptly on Thursday after an American internet site revealed his whereabouts.
Karim said: “He may be a Prince but he didn’t have a Prince’s heart. He proved as cruel and brutal as other British soldiers, bombing and shelling innocent Afghans and Taliban.”
Karim’s claims will add to the debate over the usefulness of the British media’s news blackout over Harry’s deployment.
Harry, 23, deployed to Helmand as a battlefield air controller (known as a JTAC) in December, was constantly shadowed by three SAS bodyguards.
A team of Gurkhas from Nepal, who are notoriously fierce fighters, were also on hand when he went out on patrol.
The SAS were with him when he touched down in Kandahar in December and watched over him for the next 10 weeks.
Historical note: When I was on an expedition in Belize I had arrived in a small backwater,
it only had a bar, inside there were 3 small brown guys setting with their backs to the wall.
And 20 locals, staring at them???
I asked if they were Naplese, Grukha and they said yes. I said they didn't look scary which brought smiles all around and asked where their knives were? They said they were not allowed
to carry their knives unless on duty, Knowing their reputation for loyalty and honesty I bought them drinks and asked them to watch my gear, back pack and duffel bag, while I arranged transport. No one was going to touch my stuff while they were there.
There had been a British officer kidnapped in the area that month.
In Vietnam war, the Gurkha's were asked to jump from planes and they asked how high,
and were told 5,000 feet. They requested to start at 500 feet for the first jump out of the plane.
No one had told them there were parachutes involved. Brave little Bastards and fiercely loyal.
Abu Yasir al-Saudi KILLED
"Jar Allah and Hamdan were barbaric terrorists who will never again threaten innocent Iraqi civilians with their indiscriminate violence," said Beck. "Iraqi and Coalition forces will continue operations to hunt down al-Qaeda leaders and operatives, disrupting their operations and improving security across Iraq."