This Presidential Policy Guidance (PPG) establishes the standard operating procedures for when the United States takes direct action, which refers to lethal and non-lethal uses of force, including capture operations, against terrorist targets outside the United States and areas of active hostilities.
The purpose of this document is to recommend a simple set up for taking frontal face (mugshot) images. Different cameras will obviously produce different results but there are other important factors to take into consideration which can have a big impact on the effectiveness of facial recognition software.
This document is intended as a primer—a brief, informative treatment—concerning the ongoing conflict in Ukraine. It is an unclassified expansion of an earlier classified version that drew from numerous classified and unclassified sources, including key US Department of State diplomatic cables. For this version, the authors drew from open source articles, journals, and books. Because the primer examines a very recent conflict, it does not reflect a comprehensive historiography, nor does it achieve in-depth analysis. Instead, it is intended to acquaint the reader with the essential background to and course of the Russian intervention in Ukraine from the onset of the crisis in late 2013 through the end of 2014.
This Joint Intelligence Bulletin (JIB) is intended to provide situational awareness concerning the domestic extremist threat to national public and political events. This JIB is provided by the FBI and DHS to support law enforcement in their respective activities and to assist federal, state, local, tribal, and territorial government counterterrorism and law enforcement officials and private sector security partners in deterring, preventing, or disrupting terrorist attacks against the United States.
The ‘Locky’ malware is a ransomware variant, which has extensively utilized spam campaigns to distribute malicious files that download and execute code capable of encrypting numerous critical file types on both local and networked file stores. Encrypted files are renamed with a unique hexadecimal filename and receive the “.locky” extension. Each directory containing encrypted files contains instructions on how to utilize Bitcoin in order to pay a ransom for file recovery, and the system’s computer background is also changed to contain payment instructions. Recovery of encrypted files is impossible without data backup or acquisition of the private key due to the well-implemented, strong encryption. Historically, while payment of the ransom may result in receipt of the valid private key, enabling decryption of the targeted files, the FBI does not recommended the victim pay the ransom.
A collection of all Combat Integration Support Team (CIST) Global IED Reports for the month of June 2016. The reports are produced by the Joint Improvised-Threat Defeat Agency, formerly the Joint Improvised Explosive Device Defeat Organization (JIEDDO).
A presentation from the FDNY analyzing the June 12, 2016 terror attack on a nightclub in Orlando, Florida.
This guide is a quick reference of Unconventional Warfare (UW) theory, principles, and tactics, techniques and procedures. It is not a complete treatment of the subject. To guide further study, it includes (in annotated form) as many references as possible starting with established law, policy and doctrine, includes scientific studies, and finishes with recommended reading on the subject.
While in the United States, some of the September 11 hijackers were in contact with, and received support or assistance from, individuals who may be connected to the Saudi Government. There is information, primarily from FBI sources, that at least two of those individuals were alleged by some to be Saudi intelligence officers. The Joint Inquiry’s review confirmed that the Intelligence Community also has information, much of which has yet to be independently verified, indicating that individuals associated with Saudi Government in the United States may have other ties to al-Qa’ida and other terrorist groups. The FBI and CIA have informed the Joint Inquiry that, since the September 11 attacks, they are treating the Saudi issue seriously, but both still have only a limited understanding of the Saudi Government’s ties to terrorist elements. In their testimony, neither CIA nor FBI witnesses were able to identify definitively the extent of Saudi support for terrorist activity globally or within the United States and the extent to which such support, if it exists, is knowing or inadvertent in nature.
As of 5 May 2016, the Islamic State of Iraq and the Levant (ISIL) Sympathizer hacking group United Cyber Caliphate (UCC) defaced a Nigerian-hosted Web site, posting an html file containing the heading “USA Online Company Data Dumped by United Cyber Caliphate,” there was no other message or threat associated with the file. The file contained approximately 1,137 entries, many of which appeared to be US-based individuals with corresponding personally identifiable information (PII) fields such as name, company, e-mail, phone, city, state, and zip code. The PII was doxed from the personnel directory of a US business, according to FBI and open source reporting.
A collection or records released via a Freedom of Information Act request for all records “relating to NSA Director Gen. Keith B. Alexander’s attendance of the Bilderberg Meetings held in 2008 in Chantilly Virginia; in 2009 in Vouliagmeni, Greece; and in 2011 in St. Moritz, Switzerland.”
The purpose of this Situational Information Report (SIR) is to alert first responders of threats to law enforcement and potential threats to the safety of the general public. The threats stem from an officer involved shooting in Baton Rouge, Louisiana on 5 July 2016.
A Department of Homeland Security assessment released in April states that critical infrastructure throughout the U.S. faces “immeasurable vulnerabilities and attack vectors” due to the increasingly prominent role of information and communication technology (ICT) in critical infrastructure sectors. The strategic risk assessment, authored by the Office of Cyber and Infrastructure Analysis within DHS, was obtained by Public Intelligence and describes the “convergence of cyber and physical domains” as a strategic threat to the nation’s infrastructure.
This strategic risk assessment provides an overview of six distinguishable trends emerging in U.S. critical infrastructure. These trends, when combined or examined singularly, are likely to significantly influence critical infrastructure and its resiliency during the next 10 years.
In accordance with the President’s direction and consistent with the President’s commitment to providing as much information as possible to the American people about U.S. counterterrorism activities, the Director of National Intelligence (DNI) is releasing today a summary of information provided to the DNI about both the number of strikes taken by the U.S. Government against terrorist targets outside areas of active hostilities and the assessed number of combatant and non-combatant deaths resulting from those strikes. “Areas of active hostilities” currently include Afghanistan, Iraq, and Syria.
Incident reports from deputies with the Orange County Sheriff’s Office responding to the mass shooting at Orlando’s Pulse nightclub on June 12, 2016.
The FBI has identified two Android malware families, SlemBunk and Marcher, actively phishing for specified US financial institutions’ customer credentials. The malware monitors the infected phone for the launch of a targeted mobile banking application to inject a phishing overlay over the legitimate application’s user interface. The malware then displays an indistinguishable fake login interface to steal the victim’s banking credentials. According to cyber threat industry reports, both malware families have targeted foreign financial institutions since 2014, gradually broadening the list to include Western banks, and offered the malware for lease or purchase, respectively, in underground forums. At least as of December 2015, the malware expanded its configuration to include the Android package names of US financial institutions.
The United States US Army Chief of Staff Studies Group has identified the megacity as a future challenge to the security environment. Due to their complexity, megacities present a vulnerable and challenging future operational environment. Currently, however, the US Army is incapable of operating within the megacity. The US Army must think and learn through leveraging partnerships, which enhance institutional understanding. Historical experiences and lessons learned should assist in refining concepts and capabilities needed for the megacity.
A collection obtained from a variety of sources who contributed copies of documents related to the Bilderberg Group from academic institutions. Documents contributed to the collection are sometimes photocopied and in other cases photographed page by page during visits to academic institutions, diplomatic libraries and legal archives including the Presidential Library of Dwight D. Eisenhower, the Harvard Law Library, the National Archive and the archive of former State Department official and member of the Bilderberg Steering Committee Robert Murphy held at the Hoover Institution at Stanford University.
The 64th Bilderberg meeting is set to take place from 9 – 12 June 2016 in Dresden, Germany. A total of around 130 participants from 20 countries have confirmed their attendance. As ever, a diverse group of political leaders and experts from industry, finance, academia and the media have been invited.
The Department of Homeland Security National Cybersecurity and Communications Integration Center (NCCIC) has notified the Department of Health and Human Services (HHS) of an increase in ransomware incidents at some healthcare organizations in the U.S. This Bulletin provides Healthcare and Public Health (HPH) Partners with information regarding ransomware, mitigation strategies, as well as additional materials to reference located within the HSIN HPH Cyber Threat Library.
A financially motivated cyber crime insider trading scheme targets international law firm information used to facilitate business ventures. The scheme involves a hacker compromising the law firm’s computer networks and monitoring them for material, non-public information (MNPI). This information, gained prior to a public announcement, is then used by a criminal with international stock market expertise to strategically place bids and generate a monetary profit.
The purpose of the present background paper is to provide a snapshot of policies and practices of some major US service providers regarding their “voluntary” disclosure of information to law enforcement authorities in foreign jurisdictions, and thus to facilitate discussion of future options regarding criminal justice access to electronic evidence in the cloud.
The Financial Crimes Enforcement Network (FinCEN) is issuing this advisory to provide financial institutions with information on identifying and reporting transactions possibly associated with Foreign Terrorist Fighters (FTFs) who support the Islamic State of Iraq and the Levant (ISIL), al-Qa’ida, and their affiliates in Iraq and the Lev ant region. Financial institutions may use this information to enhance their Anti-Money Laundering (AML) risk-based strategies and monitoring systems. This advisory is not intended to call into question financial institutions’ maintenance of normal relationships with other financial institutions, or to be used as basis for engaging in wholesale or indiscriminate de-risking practices.
KeySweeper is a covert device that resembles a functional Universal Serial Bus (USB) enabled device charger which conceals hardware capable of harvesting keystrokes from certain wireless keyboards. If placed strategically in an office or other location where individuals might use wireless devices, a malicious cyber actor could potentially harvest personally identifiable information, intellectual property, trade secrets, passwords, or other sensitive information. Since the data is intercepted prior to reaching the CPU, security managers may not have insight into how sensitive information is being stolen.
Technical Details