Connect with us

Global Affairs

Russia threatens military deployment to Cuba, Venezuela

Russia has refused to rule out a military deployment in Cuba and Venezuela if talks with the West on European security and Ukraine failed to go its way, while warning the latest discussions with Nato were hitting a dead end, The Guardian writes. Sergei Ryabkov, who recently led Russia’s delegation in a meeting with the US, said “it all depends on the actions by our US counterparts”.

Source link

Global Affairs

Witness in Pegasus case accuses Peña Nieto of ordering spying operation on Carlos Slim | International

The Pegasus case has finally gone to trial in Mexico. On Monday, the court heard testimony from Mexican journalist Carmen Aristegui, who was allegedly spied on during the government of Enrique Peña Nieto (2012-2018). Aristegui was the first witness called by the Prosecutor’s Office in a trial that could go on for months.

The Pegasus case is one of the biggest scandals to hit Mexico. It centers on the powerful spyware called Pegasus, which was developed by the Israeli company NSO Group and is only available to government agencies. Pegasus can take control of a cellphone without its owner noticing and, in addition to accessing all its contents, it can also turn it into a listening and image capture terminal.

The Pegasus case in Mexico involves potentially thousands of victims and various government administrations. Speaking in court on Monday, Aristegui demanded that those responsible be held accountable. “I hope that the Attorney General’s Office has enough elements to clarify the case,” she said, according to the Mexican newspaper Reforma.

The prosecutor’s star witness, a whistleblower with the code named Zeus, also appeared in court on Monday. They accused Peña Nieto and his direct subordinates of ordering the alleged spying operation against Aristegui, and other key figures such as business magnate Carlos Slim and mining mogul Germán Larrea.

The trial is just one part of the sprawling Pegaus case; the Prosecutor’s Office (FGR) is also investigating the alleged fraudulent purchase of the spyware during the last administration. But the probe has yet to reach court, which has angered the FGR. In May, the agency reported that it had requested the trial start three times, but with no success.

The scandal also goes beyond the Peña years. During the current administration of President Andrés Manuel López Obrador, government agencies also acquired the spyware. According to an investigation by the Digital Rights Defense Network released at the end of last year, the armed forces acquired Pegasus in 2019, and spied on at least three people, including journalist Ricardo Raphael and human rights defender Raymundo Ramos.

But the case first broke out when Peña Nieto was still in office. It sparked widespread outrage, with the public questioning whether the country’s security agencies were being used to spy on journalists and activists.

Aristegui was one of the few to take the case to court. During Peña Nieto’s early years, the reporter and her investigative team had tracked corruption among the president and his entourage. At the end of 2014, the team published a report on the president’s relationship with one of his government’s favorite business conglomerates, Grupo Higa. Peña Nieto and his family owned a house in an upmarket neighborhood in the capital, which was actually registered in the name of Group Higa, and enjoyed the protection of the army.

It was a huge blow to Peña Nieto’s image, which was already floundering in the wake of the military executions of civilians in Tlatlaya and the disappearance of dozens of students from Ayotzinapa. It was at this time that Aristegui’s phone was targeted by Pegasus. The investigative journalist, who created her own news network, reported on the espionage. During this time, she received thousands of documents from a source about the surveillance carried out by the Peña Nieto administration. That source was Zeus, the star witness of the Pegasus case. The information provided by Zeus indicated that the espionage campaign had been carried out by a subsidiary of one of the suppliers of Pegasus in Mexico, the KBH business group.

Aristegui handed over this information to the FGR, which in 2021 arrested the alleged operator of the spyware, Juan Carlos García Rivera, a worker at a KBH subsidiary. His arrest raised a number of questions. If NSO Group only sold to governments, how was it possible that Aristegui had been spied on by a private firm? Is NSO Group lying? Or was the Mexican government outsourcing a compromising part of its operations? According to Zeus, the former is most likely to be true.

The FGR is calling for García Rivera to be sentenced to 16 years in prison for illegal phone tapping. Prosecutors offered him a reduced sentence in exchange for pleading guilty, but he refused. It is not known how long the trial will last, but the number of witnesses and evidence that must be presented before the judge, in addition to the upcoming holiday season, may delay the process for months.

Sign up for our weekly newsletter to get more English-language news coverage from EL PAÍS USA Edition

Source link

Continue Reading

Global Affairs

Israel orders new evacuations and advances with tanks in southern Gaza

Israel calls them blocks 36, 38 to 54 and 219 to 221. These are the areas of Gaza’s second-largest city, Khan Yunis, which dozens of Israeli tanks are approaching on Monday, that the army is urging civilians to evacuate, forcing them to move to other areas also targeted by Israeli bombardments. The Israeli Defense Forces (IDF) has disseminated, with leaflets falling from the sky and via text messages, a map with three yellow arrows in the direction of another southern city, Rafah, and the Mediterranean coast. But very few are following the map. Under the constant sound of airstrikes and gunfire, the population feels that there is no safe place in Gaza, and each evacuation is only a prelude to the next.

The Israeli text message links to another map (with hundreds of boxes and in which the Khan Yunis blocks appear) to be consulted through a cell phone with a QR code, in an enclave without any type of internet connection and with frequent telecommunications outages. The IDF began disseminating these maps last Friday, when the week-long truce between Israel and Hamas came to an end and Israel launched its military campaign in southern Gaza. Cities in the south currently hold 1.8 million of Gaza’s population of 2.3 million after the Israeli military campaign forcibly displaced millions of people from their homes in northern Gaza, which now lies in ruins.

Khan Yunis, whose population is estimated to have grown from 200,000 to 400,000 due to the internal displacement caused by the war, has become one of the main targets of Israeli bombardment. The army has partially declared it a “dangerous combat zone.” The IDF has destroyed numerous buildings in Hamad City, a residential project of more than 1,000 properties where displaced persons from other parts of the Strip sought refuge. According to residents quoted by Agence France Presse, they were warned of the bombing an hour in advance.

Qatar — today a key mediator in the conflict between Israel and Hamas and a key financier of Gaza over the years — built Hamad City to rehouse destitute Palestinians who had lost their homes in the 2014 Israeli offensive, the most lethal until the one triggered by the Hamas attack on October 7. In 2014, some 2,300 Palestinians were killed. In the past two months of the war in Gaza, 15,899 people have been killed, 70% of them children and women, according to data released Monday by the Gazan Health Ministry.

Palestinians gather at the site of an Israeli strike, amid the ongoing conflict between Israel and the Palestinian Islamist group Hamas, in Rafah, in the southern Gaza Strip, December 4, 2023
Several people in the rubble after an attack on Rafah, in the southern Gaza Strip, this Monday. STAFF (REUTERS)

Israel has set itself the goal of politically and militarily destroying Hamas, the Islamist movement that rules Gaza. It foresees a long war lasting at least another two months, followed by regime change, permanent security control by Israel and the establishment of a security buffer zone. To achieve this, for Israel it is not enough to have taken over the capital and the rest of northern Gaza; it considers it essential to also penetrate the urban centers in the south, such as Khan Yunis. Considered a Hamas fiefdom, the city has an added symbolic component: it is the birthplace of Yahya Sinwar, leader of the Islamist party-militia and Israel’s most wanted man. He is presumed to be hiding underground and without access to electronic devices that can be traced by intelligence services.

“Our Munich”

The targets are not limited to Gaza. Israel intends to emulate with Hamas the assassination campaign — brought to fiction by Steven Spielberg — conducted by the Mossad in different parts of the world after the murder of 11 Israeli athletes at the 1972 Munich Olympics. This campaign was originally meant to last 20 years.

This past Sunday, Israeli public television broadcast a recording in which Ronen Bar, the head of the Shin Bet (the secret services in Israel and Palestine), is heard assuring that his country is determined to kill all Hamas leaders “in every location, in Gaza, in the West Bank, in Lebanon, in Turkey, in Qatar, everywhere.” “It will take a few years, but we will be there in order to do it,” he is heard adding. “The cabinet set a goal for us, to take out Hamas. And we are determined to do it, this is our Munich.”

Another goal is the return of the hostages taken by Hamas. Although negotiations continue behind the scenes, there is a feeling that the return of hostilities has put the issue even further on the back burner, despite the fact that 137 hostages (115 men, 20 women and two children) are still in Gaza. Fifteen of them, both soldiers and civilians, have been declared dead, following the release of hostages who have returned with information confirming their deaths. It does not mean that they were killed there by Hamas or died in Israeli bombardments, as they could have been killed in the October 7 attack and then taken to Gaza.

This Sunday, Defense Minister Yoav Gallant has again insisted that the military advance does not clash with efforts to free the abductees, but quite the contrary: it pushes Hamas to negotiate their exchange for Palestinian prisoners. “Over the past two months, I’ve been working single-mindedly to achieve the aims of this war — to destroy Hamas’s military and governance capabilities, and to bring the hostages home,” Gallant said in a meeting with representatives of the families. “And these two goals are tightly linked. Every day is crucial.”

A day earlier, thousands of people demonstrated in Tel Aviv to call on the government to work to bring back the remaining hostages who are still in Gaza. The protest was marked by two slogans — “Everyone!” and “Now!” — and included for the first time the participation of former hostages. Later on, a smaller group of protesters charged against Prime Minister Benjamin Netanyahu, threatening to launch a sit-in if the Israeli war cabinet does not receive them to explain what they are doing to bring their loved ones back.

Source link

Continue Reading

Global Affairs

Open Source Software (OSS) Supply Chain, Security Risks And Countermeasures

OSS Security Risks And Countermeasures

The software development landscape increasingly hinges on open source components, significantly aiding continuous integration, DevOps practices, and daily updates. Last year, Synopsys discovered that 97% of codebases in 2022 incorporated open source, with specific sectors like computer hardware, cybersecurity, energy, and the Internet of Things (IoT) reaching 100% OSS integration.

While leveraging open source enhances efficiency, cost-effectiveness, and developer productivity, it inadvertently paves a path for threat actors seeking to exploit the software supply chain. Enterprises often lack visibility into their software contents due to complex involvement from multiple sources, raising concerns highlighted in VMware’s report last year. Issues include reliance on communities to patch vulnerabilities and associated security risks.

Raza Qadri, founder of Vibertron Technologies, emphasizes OSS’s pivotal role in critical infrastructure but underscores the shock experienced by developers and executives regarding their applications’ OSS contribution. Notably, Qadri cites that 95% of vulnerabilities surface in “transitive main dependencies,” indirectly added open source packages.

Qadri also acknowledges developers’ long-standing use of open source. However, recent years have witnessed heightened awareness, not just among developers but also among attackers. Malware attacks targeting the software supply chain have surged, as demonstrated in significant breaches like SolarWinds, Kaseya, and the Log4j exploit.

Log4j’s widespread use exemplifies the consolidation of risk linked to extensively employed components. This popular Java-based logging tool’s vulnerabilities showcase the systemic dependency on widely used software components, posing significant threats if exploited by attackers.

Moreover, injection of malware into repositories like GitHub, PyPI, and NPM has emerged as a growing threat. Cybercriminals generate malicious versions of popular code to deceive developers, exploiting vulnerabilities when components are downloaded, often without the developers’ knowledge.

Despite OSS’s security risks, its transparency and visibility compared to commercial software offer certain advantages. Qadri points out the swift response to Log4j vulnerabilities as an example, highlighting OSS’s collaborative nature.

Efforts to fortify software supply chain security are underway, buoyed by multi-vendor frameworks, vulnerability tracking tools, and cybersecurity products. However, additional steps, such as enforcing recalls for defective OSS components and implementing component-level firewalls akin to packet-level firewalls, are necessary to fortify defenses and mitigate malicious attacks.

Qadri underscores the need for a holistic approach involving software bills of materials (SBOMs) coupled with firewall-like capabilities to ensure a comprehensive understanding of software contents and preemptive measures against malicious threats.

As the software supply chain faces ongoing vulnerabilities and attacks, concerted efforts are imperative to bolster security measures, safeguard against threats, and fortify the foundational aspects of open source components.

We Can’t Thank You Enough For Your Support!

By John Elf | Science, Technology & Business contributor Digital

— For more information:

— Anonymous news submissions:

Continue Reading


Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!