Source: United States Navy (Logistics Group Western Pacific)
Issued by: on
SINGAPORE (May 8, 2025) Rear Adm. S.M. Waddell, Deputy Commander, Royal Canadian Navy, signs a guest book during a scheduled visit to Sembawang Naval Installation, May 8, 2025. Commander, Logistics Group Western Pacific/Task Force 73 supports deployed maritime forces, along with regional allies and partners, to sustain Western Pacific operations. (U.S. Navy photo by Mass Communication Specialist 2nd Class Jordan Jennings)
Source: United States Senator for New Hampshire Jeanne Shaheen
(Washington, DC) – Today, U.S. Senator Jeanne Shaheen (D-NH), a top member and former Chair of the U.S. Senate Small Business and Entrepreneurship Committee, pressed Small Business Administration (SBA) Administrator Kelly Loeffler on the Trump administration’s failure to support small businesses facing economic upheaval in the wake of President Trump’s global trade war. Click HERE to watch the full exchange.
Key quotes from Senator Shaheen:
On staffing cuts at SBA district offices, Shaheen said, “I was concerned when I saw that the budget requests a 30 percent cut to staffing of district offices. Administrator Loeffler, in your confirmation hearing I asked you about ensuring that the district offices have the support and the staff they need. And at that time you said, ‘you have my commitment,’ I’m quoting you now. And you also said, ‘I can assure you we will put an emphasis on the field,’ but I can tell you that New Hampshire’s district office started with seven staff this year. Now they’re down to only three.”
Administrator Loeffler was unable to provide a timeline for filling the vacant positions.
On the Trump administration’s proposed elimination of the State Trade Expansion Program (STEP), Shaheen said, “This is a program that, again, has really made a difference for small businesses in New Hampshire where we do a lot of exporting and we’re trying to do it much better. So that again, is why I was surprised to see that that program got zeroed out in the budget request.”
On the impact of Trump’s trade war in New Hampshire, Shaheen said, “I visited a bakery in Derry, New Hampshire, that was started over 25 years ago. It was started to address sugar free baked goods. They do 85 percent of their business with Canada. They used to have 25 employees. Now they have two because the president’s tariffs have put them out of business.”
On support for small businesses impacted by Trump’s tariffs, Shaheen asked, “While I appreciate that [tariffs are] the president’s idea for how to help small businesses, we have a lot of small businesses in New Hampshire who are not being helped by those tariffs. And so, what I want to know is what SBA can do to help those small businesses to compensate for the impact that those tariffs are having on them?”
Administrator Loeffler did not respond.
Senator Shaheen is helping lead efforts in Congress to mitigate the harmful impacts of President Trump’s tariffs. In January, Shaheen introduced the Protecting Americans from Tax Hikes on Imported Goods Act which would limit the president’s ability to leverage sweeping tariffs that increase costs for American consumers and families. Her effort to pass this bill by unanimous consent was blocked by Senate Republicans. In recent months, Shaheen has traveled across the Granite State to visit businesses including Chatila’s Bakery, C&J, DCI Furniture, Mount Cabot Maple, American Calan Inc. and NH Ball Bearings to hear directly from Granite Staters impacted by the administration’s tariffs.
A top member and former chair of the U.S. Senate Small Business and Entrepreneurship Committee, Shaheen helped create STEP as a pilot program in 2010. The program was fully authorized by Shaheen’s small business trade amendment that was signed into law in 2016. Since its creation, STEP has awarded $235.5 million in grants and directly supported more than 13,000 small businesses’ international expansion and export growth.
Believes the Board Continues to Take Oppressive Actions Which Fundamentally Disregard the Rights and Interests of Shareholders
Asserts the Board’s Unlawful, Desperate and Self-Serving Tactics Clearly Indicate That the Current Directors Will Go to Any Lengths Necessary to Entrench Themselves
Requests that MediPharm Agree to Conduct the June 16th Annual Meeting Under the Oversight of an Independent Chair to Ensure Shareholders Have the Opportunity to Hold the Current Board Accountable and Elect New Leaders
TORONTO, May 21, 2025 (GLOBE NEWSWIRE) — Apollo Technology Capital Corporation (“Apollo Capital”) which together with its affiliates and associates collectively is one of the largest shareholders of MediPharm Labs Corp. (TSX: LABS) (OTCQB: MEDIF) (FSE: MLZ) (“MediPharm”, “MediPharm Labs”, or the “Company”), owning approximately 3% of the Company’s common stock, today issued a “With Prejudice” offer to MediPharm’s Board of Directors (the “Board”) in order to ensure that the rights of shareholders are protected in connection with the Company’s upcoming 2025 Annual and Special Meeting of Shareholders to be held on June 16, 2025 (the “Annual Meeting”).
CEO and Chairman Regan McGee of Apollo Capital commented:
After disastrous Q1 2025 financial results and 22 consecutive quarters of losses, rather than assume accountability for its value-destructive decisions, we believe that the Board continues to take oppressive actions against shareholders, demonstrating that its sole priority is self-preservation and entrenchment.
All indications point to the Board’s desire to run a corrupt election process to ensure their victory so that they can continue to siphon the remainder of MediPharm’s cash reserves into their own pockets until the Company runs out of money in November.
What possible objection could they have to an independent chair running the meeting if this was not the case?
This is why we have taken the step of publicly extending this offer which can be accessed at this LINK.
While we expect Chairman Chris Taves (Managing Director and Head of Asia for Bank of Montreal, BMO Capital Markets) to continue to obstruct the appointment of an independent chair, Apollo Capital will not be deterred and will continue to do whatever is necessary to ensure that all shareholders have an opportunity to replace the directors whose decisions have completely destroyed shareholder value.
MediPharm and its Board have consistently acted in a manner that unfairly disregards the rights and interests of shareholders by pursuing a strategy of entrenchment, obfuscation and character assassination of dissenting shareholders, improperly placing their own personal interests ahead of the interests of the Company and its shareholders, including by:
Undermining and disenfranchising Apollo Capital and all other MediPharm shareholders from exercising their rights to hold the board accountable for running the Company into the ground;
Making groundless public attacks on Apollo Capital, including false allegations of us acting jointly or in concert with other understandably disgruntled shareholders, and fabricating malicious and completely meritless accusations of criminal behaviour like harassment and the utterance of threats;
This is nothing less than thug behaviour and a menacing attempt to deter and silence any shareholders from raising their valid concerns in a public forum.
Apollo Capital urges all of our fellow shareholders to reject the Board’s intimidation tactics, which are evidently geared to silencing anyone who demands change and accountability. It is sad that this is the tactic that the board has resorted to in an attempt shift attention away from their own epic failures and to discourage other shareholders from speaking out.
It is Apollo Capital’s belief that not accepting this offer would clearly demonstrate that the board of directors of MediPharm’s only priority is self-preservation and entrenchment, improperly placing their own personal interests ahead of the law and the interests of the company and its shareholders.
What possible objection could they have to a lawful and fair election with an independent Chair if this is not the case?
All MediPharm stakeholders, including its employees and shareholders, deserve an independent third party running the Annual Meeting to ensure a fair, transparent and lawful process.
Shareholders can visit www.CureMediPharm.com, to sign up for important campaign updates.
To access Apollo Capital’s Circular and related proxy materials, including a proxy or voting instruction form, visit SEDAR+ at www.sedarplus.ca.
Contacts
For Shareholders: Carson Proxy North American Toll-Free Phone: 1-800-530-5189 Local or Text Message: 416-751-2066 (collect calls accepted) E: info@carsonproxy.com
Information in Support of Public Broadcast Exemption under Canadian Law
In connection with the Annual Meeting, Apollo Capital has filed an amended and restated dissident information circular (the “Circular”) in compliance with applicable corporate and securities laws. Apollo Capital has provided in, or incorporated by reference into, this press release the disclosure required under section 9.2(4) of NI 51-102 – Continuous Disclosure Obligations (“NI 51-102”) and the corresponding exemption under the Business Corporations Act (Ontario), and has filed the Circular, available under MediPharm’s profile on SEDAR+ at www.sedarplus.ca. The Circular contains disclosure prescribed by applicable corporate law and disclosure required under section 9.2(6) of NI 51-102 in respect of Apollo Capital’s director nominees, in accordance with corporate and securities laws applicable to public broadcast solicitations. The Circular is hereby incorporated by reference into this press release and is available under MediPharm’s profile on SEDAR+ at www.sedarplus.ca. The registered office of the Company is 151 John Street, Barrie, Ontario, Canada L4N 2L1.
SHAREHOLDERS OF MEDIPHARM ARE URGED TO READ THE CIRCULAR CAREFULLY BECAUSE IT CONTAINS IMPORTANT INFORMATION. Investors and shareholders are able to obtain free copies of the Circular and any amendments or supplements thereto and further proxy circulars at no charge under MediPharm’s profile on SEDAR+ at www.sedarplus.ca. In addition, shareholders are also able to obtain free copies of the Circular and other relevant documents by contacting Apollo Capital’s proxy solicitor, Carson Proxy Advisors Ltd. (“Carson Proxy”) at 1-800-530-5189, local (collect outside North America): 416-751-2066 or by email at info@carsonproxy.com.
Proxies may be revoked in accordance with subsection 110(4) of the Business Corporations Act (Ontario) by a registered shareholder of Company shares: (a) by completing and signing a valid proxy bearing a later date and returning it in accordance with the instructions contained in the accompanying form of proxy; (b) by depositing an instrument in writing executed by the shareholder or by the shareholder’s attorney authorized in writing; (c) by transmitting by telephonic or electronic means a revocation that is signed by electronic signature in accordance with applicable law, as the case may be: (i) at the registered office of the Company at any time up to and including the last business day preceding the day the Annual Meeting or any adjournment or postponement of the Annual Meeting is to be held, or (ii) with the chair of the Annual Meeting on the day of the Annual Meeting or any adjournment or postponement of the Annual Meeting; or (d) in any other manner permitted by law. In addition, proxies may be revoked by a non-registered holder of Company shares at any time by written notice to the intermediary in accordance with the instructions given to the non-registered holder by its intermediary. It should be noted that revocation of proxies or voting instructions by a non-registered holder can take several days or even longer to complete and, accordingly, any such revocation should be completed well in advance of the deadline prescribed in the form of proxy or voting instruction form to ensure it is given effect in respect of the Annual Meeting.
The costs incurred in the preparation and mailing of any circular or proxy solicitation by Apollo Capital and any other participants named herein will be borne directly and indirectly by Apollo Capital. However, to the extent permitted under applicable law, Apollo Capital intends to seek reimbursement from the Company of all expenses incurred in connection with the solicitation of proxies for the election of its director nominees at the Annual Meeting.
This press release and any solicitation made by Apollo Capital is, or will be, as applicable, made by such parties, and not by or on behalf of the management of the Company. Proxies may be solicited by proxy circular, mail, telephone, email or other electronic means, as well as by newspaper or other media advertising and in person by managers, directors, officers and employees of Apollo Capital who will not be specifically remunerated therefor. In addition, Apollo Capital may solicit proxies by way of public broadcast, including press release, speech or publication and any other manner permitted under applicable Canadian laws, and may engage the services of one or more agents and authorize other persons to assist it in soliciting proxies on their behalf.
Apollo Capital has entered into an agreement with Carson Proxy Advisors (“Carson Proxy”) for solicitation and advisory services in connection with the solicitation of proxies for the Meeting, for which Carson Proxy will receive a fee not to exceed $250,000, together with reimbursement for reasonable and out-of-pocket expenses. Apollo Capital has also engaged Gasthalter & Co. LP (“G&Co”) to act as communications consultant to provide Apollo Capital with certain communications, public relations and related services, for which G&Co will receive a minimum fee of US$75,000 in addition to a performance fee of US$250,000 in the event that Apollo Capital’s nominees make up a majority of the Board following the Annual Meeting, plus excess fees, related costs and expenses.
No member of Apollo Capital nor any of their associates or affiliates has or has had any material interest, direct or indirect, in any transaction since the beginning of the Company’s last completed financial year or in any proposed transaction that has materially affected or will or would materially affect the Company or any of the Company’s affiliates. No member of Apollo Capital nor any of their associates or affiliates has any material interest, direct or indirect, by way of beneficial ownership of securities or otherwise, in any matter to be acted upon at the Annual Meeting, other than setting the number of directors, the election of directors, the appointment of auditors and the approval of the ordinary resolution approving, among other things, the Company’s amended and restated equity incentive plan dated May 8, 2025 and the unallocated awards available thereunder.
This press release contains forward‐looking statements. All statements contained in this filing that are not clearly historical in nature or that necessarily depend on future events are forward‐looking, and the words “anticipate,” “believe,” “expect,” “estimate,” “plan,” and similar expressions are generally intended to identify forward‐looking statements. These statements are based on current expectations of Apollo Capital and currently available information. They are not guarantees of future performance, involve certain risks and uncertainties that are difficult to predict, and are based upon assumptions as to future events that may not prove to be accurate. All forward-looking statements contained herein are made only as of the date hereof and Apollo Capital disclaims any intention or obligation to update or revise any such forward-looking statements to reflect events or circumstances that subsequently occur, or of which Apollo Capital hereafter becomes aware, except as required by applicable law.
Source: United States Senator for Washington State Patty Murray
***WATCH: Senator Murray’s Q&A with SBA Administrator Loeffler***
Washington, D.C. — Today, U.S. Senator Patty Murray (D-WA), Vice Chair of the Senate Appropriations Committee, questioned Small Business Administration (SBA) Administrator Kelly Loeffler at a Senate Appropriations Financial Services and General Government (FSSG) Subcommittee hearing on the president’s fiscal year 2026 budget request for SBA. Murray pressed Administrator Loeffler on the Trump administration’s cancellation of SBA grants and how Trump’s trade war is imposing serious costs on small businesses in Washington state.
[GRANT TERMINATIONS]
Senator Murray began by pressing Loeffler on funding she terminated: “I’ve been hearing from small businesses in my state about the SBA grants that have been cancelled and frozen. One example is you canceled a $2.5 million Regional Innovation Cluster contract in Washington state that would have supported small businesses that were working on carbon capture and utilization and storage. It’s not an isolated case but that is a program that Congress historically funded with strong bipartisan support. I wanted to ask you today: why have you canceled funding for a program that has both bipartisan support and really drives small business growth in emerging sectors?”
Administrator Loeffler refused to answer the question directly but stated in part: “I have broad authority in this administration to reshape the Regional Innovation Clusters, and we are undertaking a review of those programs to right-size them and form them to where the needs are most urgent right now.”
Senator Murray countered: “I would just say this is a regional need, and I would just ask you to go back and look at that one. Happy to provide you information, but it really is a critical one for our region.”
[TRUMP’S TRADE WAR]
Senator Murray then asked about the steep cost of Trump’s trade war on small businesses: “I met with small business owners in Seattle, one of them runs a coffee shop and imports green tea. Like a lot of small business owners that I am talking to, and you know, they operate on thin margins so even the current tariffs are hitting them really hard. We don’t grow much green tea in the United States. I doubt we ever will. Given that the increased costs imposed by these tariffs could really—he told me—shutter his business. What should they do in this situation?”
Administrator Loeffler replied: “This period of negotiation, you know, is not one where we don’t acknowledge their near-term effects, but for the long term, we want—”
Senator Murray interjected: “This is a small business. They can’t last much longer.”
Avoiding the question of how a small business is supposed to cope, Loeffler replied: “We’re focused on is ensuring that we never get in the position again of having unfair trade. And that’s what President Trump’s fighting for. That’s what we’re fighting for. We, just yesterday, put out our Make Onshoring Great Again directory to ensure that small businesses have access to millions—a million suppliers across this country that can offer alternatives—”
Senator Murray again interjected: “But this country doesn’t produce green tea, and this small business is not going to last more than a few months. I hear your bigger scheme is that someday this will all pay off. This small business won’t be there. I’m just asking you: what are they supposed to do? Are you going to – do you have anything drafted? Are you looking at anything that can help these small businesses who are on the verge of closing right now? They can’t wait 2, 3, 5, 6 months from now.”
Offering SBA loan financing to cover turbulent times thanks to Trump’s tariffs, Secretary Loeffler replied in part: “Well, what the SBA is offering is certainly the capital, the counseling that they need, as well as import and export loan financing to deal with these times of uncertainty.”
Senator Murray replied: “I appreciate that you have an optimistic view. I’m just telling you, having sat down and met with these small businesses, whether it’s shutting the regional SBA office or canceling these grants to support our entrepreneurs, or these tariffs that are having impact, there are small businesses that will not make it based on your optimism.”
______________________
Senator Murray has been a vocal opponent of Trump’s chaotic trade war from the very start and has been lifting up the voices of people in Washington state harmed by this administration’s approach to trade and calling on Republicans to end Trump’s trade war—which Congress has the power to do—and take back Congress’ Constitutionally-granted power to impose tariffs. Earlier last month, Senator Murray brought together leaders across Washington state who highlighted how Trump’s ongoing trade war is already a devastating hit to Washington state’s economy, businesses, and our agriculture sector. Senator Murray also took to the Senate floor to lay out how Trump’s chaotic trade war is seriously threatening our economy, American businesses, families’ retirement savings, and so much else.
Murray has also been sounding the alarm on Trump’s tariffs across Washington state. Recently, Senator Murray held a roundtable discussion in Tacoma with local businesses and ports, met with farmers in Yakima to discuss the consequences of Trump’s tariffs, and held a roundtable discussion in Vancouver at a local metal fabrication company to highlight how Trump’s trade war is hurting businesses and our economy Washington state. Just last week, Senator Murray met with small business owners in Seattle’s University District to hear how Trump’s tariffs and the broader economic uncertainty are affecting them, and later she met with farmers in Skagit County to discuss tariffs, and visited Blaine near the Canadian border to highlight the impacts of Trump’s trade war. Earlier this month, Senator Murray rallied her West Coast colleagues and ports from Washington state and California to sound the alarm on how Trump’s tariffs will mean bare shelves, higher prices, and painful layoffs.
Ravi Parmar, Minister of Forests, has released the following statement in response to Gorman Group’s purchase of Weyerhaeuser’s operations in Princeton:
“I welcome Gorman Group’s purchase of Weyerhaeuser’s operations in Princeton. Locally, family-owned-and-operated forest companies are the lifeblood of the forest industry and a cornerstone of our economy. For too long, most major milling operations have been the realm of big industrial conglomerates. But today, the West-Kelowna-based business is reversing that trend. Companies like Gorman Group believe in the future of forestry and they know that B.C. is a great place to invest in that future. Their investment is good for the forestry sector, good for workers and their families, good for the people of Princeton and good for B.C.”
TORONTO, May 21, 2025 (GLOBE NEWSWIRE) — Greenhawk Resources Inc. (“Greenhawk” or the “Company“) (CSE: GRHK) announces that it has executed an arms-length Option and Joint Venture Agreement (the “Option Agreement”) with 1531323 BC Ltd. (“1531323 BC”) to advance the exploration and development of Greenhawk’s Greenland properties, which include the Storø and Qingaaq mineral exploration licenses (the “Properties”).
Under the Option Agreement, 1531323 BC is granted an option to acquire an 80% interest in the Properties in exchange for: (a) an upfront payment of $100,000, which shall be paid within 90 days, and (b) incurring $1,400,000 in spending at the Properties within 24 months according to the following schedule.
Payment Period
Minimum Expenditures
Within 6 months of the Closing Date
Minimum of $450,000
Within 12 months of the Closing Date
Minimum of $350,000
Within 18 months of the Closing Date
Minimum of $300,000
Within 24 months of the Closing Date
Minimum of $300,000
Total:
Minimum of $1,400,000
1531323 BC will be responsible for the operations of the Properties while the Option Agreement is in effect. If 1531323 BC satisfies the expenditure requirement at the Properties, the Company and 1531323 BC will establish a joint venture for the exploration and development of the Properties.
The Storø project (“Storø”) is a 12 km² license which hosts an inferred mineral resource estimated in 2021 by SRK Consulting (Sweden) AB at 885,000 tonnes, grading 3.4 g/t Au and totaling 95,000 oz of gold Mineral Resources. The Mineral Resource has a cut-off grade of 0.8 g/t Au for material located within the conceptual open-pit shell and 2.5 g/t Au for underground Mineral Resources located below the pit shell. Since 1995, a total of 102 drillholes totaling 17,371 m have been drilled into the known mineralized zones at Storø. Storø is surrounded by the Qingaaq license (“Qingaaq”), which covers some 540 km².
Martin Pittuck, CEng, FGS, MIMMM, a “Qualified Person” for the purpose of National Instrument 43-101, has reviewed and approved the scientific and technical information included in this news release.
1531323 BC intends to enter into a management services contract with the Company to provide advice in respect of the Properties.
The Company continues to actively pursue the acquisition of other properties and opportunities in the mineral exploration and resources sector.
The Company is also announcing that it has cancelled an aggregate of 8,600,000 stock options. The subject stock options are comprised of 4,600,000 stock options with an exercise price of $0.27 per share and an expiry date of October 20, 2025, and 4,000,000 stock options with an exercise price of $0.20 per share and an expiry date of June 24, 2026.
AboutGreenhawkResourcesInc.
Greenhawk is a Canadian resources exploration and development company. Greenhawk owns a 100% legal and beneficial interest in two mineral exploration licenses and one prospecting license in Greenland known as the Storø Gold Project. Additional Information on Greenhawk can be obtained from SEDAR+ at sedarplus.ca. Greenhawk is listed on the Canadian Securities Exchange (www.thecse.com) (CSE: GRHK).
Issued on behalf of the Board of Directors of Greenhawk Resources Inc. For information, please contact:
David Jagodzinski, Director Corporate Development Phone: +1 (416) 504-2020 Email: info@grhk.ca
NEITHER THE CANADIAN SECURITIES EXCHANGE NOR ITS REGULATIONS SERVICES PROVIDER HAVE REVIEWED OR ACCEPT RESPONSIBILITY FOR THE ADEQUACY OR ACCURACY OF THIS RELEASE
CautionaryNoteRegardingForward-LookingInformation
Certain statements in this press release may contain forward looking information which can be identified by the use of forward-looking terminology such as “believes”, “expects”, “may”, “desires”, “will”, “should”, “projects”, “estimates”, “contemplates”, “anticipates”, “intends”, or any negative such as “does not believe” or other variations thereof or comparable terminology. No assurance can be given that potential future results or circumstances described in the forward-looking statements will be achieved or will occur. By their nature, these forward-looking statements necessarily involve risks and uncertainties that could cause actual results to significantly differ from those contemplated by these forward-looking statements including, but not limited to: the completion of the Transaction, including the receipt of the upfront payment, 1531323 BC making the requisite expenditures on the Properties to exercise the option on the Properties, the ability to obtain requisite corporate and regulatory approvals, including that of the CSE, the operator obtaining requisite permits and authorizations to allow for exploration on the Properties. Such statements reflect the view of the Company with respect to future events and are based on information currently available to the Company and on assumptions, which it considers reasonable. Management cautions readers that the assumptions relative to the future events, several of which are beyond management’s control, could prove to be incorrect, given that they are subject to certain risk and uncertainties, and that actual results may differ materially from those projected. Management disclaims any intention or obligation to update or revise any forward-looking statements whether as a result of new information, future events or otherwise, except as required by applicable securities laws. The reader is cautioned not to place undue reliance on forward-looking information.
Jay Clayton, the United States Attorney for the Southern District of New York, announced today the arrest of THOMAS JAMES PUCCINI, 28. PUCCINI is charged with the sexual exploitation of three minors and with receiving and distributing child pornography. PUCCINI was arrested today and presented today before U.S. Magistrate Judge Judith C. McCarthy in White Plains federal court and detained.
“Thomas James Puccini’s alleged crimes are every parent’s nightmare,” said U.S. Attorney Jay Clayton. “Puccini, a football coach, held himself out as a trusted member of his school community, yet he was preying on our most innocent and vulnerable. The women and men of the Southern District will use every tool available to bring to justice those who exploit our children.”
HSI New York Acting Special Agent in Charge James Manning said: “As alleged, the defendant violated parents’ and students’ trust through his vile acts against children. A wolf in sheep’s clothing, he worked closely with kids and teenagers nearly every day, all allegedly while hiding his shameful dark side of exploitation, and committing crimes against the same minors placed under his care. The abhorrent crimes of which he is accused have no place in our society, and I commend HSI New York’s Hudson Valley investigators, alongside our law enforcement partners, for placing the safety of vulnerable New Yorkers above all else.”
Westchester County District Attorney Susan Cacace said: “For months, our criminal investigators worked hard to build the strongest possible case against the defendant, and today’s federal charges are the product of these efforts. I extend my thanks to U.S. Attorney for the Southern District of New York Jay Clayton for his collaboration and partnership on this case. Our office will continue to assist S.D.N.Y. throughout all phases of Mr. Puccini’s prosecution.”
As alleged in the Complaint filed on May 20, 2025 in White Plains federal court and statements made in court[1]:
THOMAS JAMES PUCCINI worked as a football coach for a high school (“School-1”) in Westchester County. In July of 2024, PUCCINI became the interim athletic director for the school district in which the high school was located.
Victim-1: In November 2021, Victim-1, who was 17 years old and a student at School-1, was contacted by a Snapchat account with the name “alex_fundi2.” Victim-1 received a nude image of a female from “alex_fundi2” and believed that he was communicating with a female. “She” told him that she knew him and went to School-1. Victim-1 sent “her” nude photos of himself, including photos showing his penis. After sending images for approximately a week or two, Victim-1 blocked the “alex_fundi2” account. Then, Victim-1 received messages from a CashApp account (“CashTag-1”) directing Victim-1 to add “alex_fundi2” back. The messages stated, among other things, “I have your pics and vids,” and told Victim-1 to “add me or I send your pics.” Victim-1 unblocked “alex_fundi2” and sent “alex_fundi2” sexually explicit images of Victim-1.
Victim-1 continued to send sexually explicit images to “alex_fundi2” until in or about 2023, when Victim-1 was a freshman in college.
The user of CashTag-1 provided CashApp with the name “Thomas Puccini,” PUCCINI’s date of birth, and PUCCINI’s address in Westchester. Records from Snapchat relating to the “alex_fundi2” account show that an IP address that returned to PUCCINI’s residence in Westchester County was used over 13,000 times to access the “alex_fundi2” account. Further, the “alex_fundi2” account is associated with an email that begins with “puccini01” and ends in “.edu.”
Victim-2: Victim-2 and other middle-schoolers used School-1’s weight room to prepare for Junior Varsity football. PUCCINI supervised them in the weight room. Beginning when Victim-2 was 13 years old and in eighth grade, PUCCINI communicated with Victim-2 through Snapchat, using a Snapchat account with the user name, “tommytutts66,” and requested that Victim-2 take and send PUCCINI photos and videos of Victim-2’s penis. PUCCINI also sent Victim-2 photos of his penis. PUCCINI specified exactly what he wanted Victim-2 to show him, and, based on his instructions, Victim-2, on numerous occasions, took and sent PUCCINI photos and videos showing various angles of Victim-2’s penis, showing Victim-2 masturbating, showing Victim-2 “finishing” (i.e., ejaculating) with the audio on, and showing Victim-2 laying with his semen on his chest. On numerous occasions, at PUCCINI’s request, PUCCINI and Victim-2 would “race” to see who could masturbate to ejaculation first. The winner would have to send a video or photo capturing the “finish.”
A search warrant executed at PUCCINI’s residence on November 1, 2024 resulted in the seizure of, among other things, PUCCINI’s desktop computer. The computer contained an iCloud backup with approximately 8000 messages to or from Victim-2 between January 2017 and December 2020. In hundreds of these messages, PUCCINI referred to masturbating, to Victim-2’s penis, and/or requested that Victim-2 take and send him photos of his penis.
Victim-3: Victim-3, who was 16 years old, and “alex_fundi2” communicated via Snapchat in 2023. Victim-3 took and transmitted sexually explicit images to “alex_fundi2” in exchange for the promise of expensive gifts. On January 10, 2023, at approximately 11:24 p.m., “alex_fundi2” told Victim-3, “If I send you for the jacket, I’m going to need you to send those 2 vids and then…. As many vids as I want and of anything that I want until Monday.” At 11:25 p.m., Victim-3 responded, “monday” and “jesus” and “and as long as it doesn’t involve ass stuff.” Thereafter, Victim-3 transmitted numerous files to “alex_fundi2” containing sexually explicit images of Victim-3.
Victim-4: Victim-4 and “alex_fundi2” communicated via Snapchat in 2023. Victim-4 told “alex_fundi2” that he was 18 years old and “alex_fundi2” told Victim-4 that he was similarly aged. “Alex_fundi2” asked Victim-4 for sexually explicit images of Victim-4 when he was 15 or 16. On June 11, 2023, at approximately 1:50 p.m., Victim-4 transmitted a sexually explicit photo and a sexually explicit video of Victim-4 to “alex_fundi2.” In both the photo and video, Victim-4 was 15.
In November 2024, PUCCINI was charged in Westchester County, New York with Grand Larceny in the Fourth Degree.
On an occasion in February 2022, the “alex_fundi2” account engaged in a conversation with a user (“User-1”) on Snapchat and asked, “Can I give you a snapchat to add and you try to get pics/vids from the account?” User-1 told “alex_fundi2,” “Sure” and “I don’t mind being yo undercover bud.” Thereafter, “alex_fundi2” transmitted a Snapchat user name to User-1. The Snapchat user name belonged to a student who had attended School-1 from 2015 to 2019. PUCCINI’s desk top computer contained thousands of messages with that student from in or about August 2015 to September 2020. Many of the messages contained requests for sexually explicit images from the student.
PUCCINI changed the display name of the “alex_fundi2” account on multiple occasions and the various display names he used included, Young & Horny,” “Young NY Vers Bottom Horny,” “Zach,” “Alexandra Fundi,” “Alex Fundi,” “Horny Twink,” and “zach _parker0.”
There may be more victims of this alleged conduct. If you have information to report or you had contact with the Snapchat accounts, “alex_fundi2,” “tommytuts66,” or any of the display names described above contact Homeland Security Investigations through its toll-free Tip Line at 1-866-DHS-2-ICE or by completing its online tip form. Both are staffed around the clock by investigators. From outside the U.S. and Canada, callers should dial 802-872-6199. Hearing-impaired users can call TTY 802-872-6196.
* * *
PUCCINI, 28, of Eastchester, New York is charged in Counts One, Two and Three with sexual exploitation of a minor. Counts One, Two and Three each carry a maximum sentence of thirty years’ imprisonment and a mandatory minimum of fifteen years’ imprisonment. Count Four carries a maximum of twenty years’ imprisonment and a mandatory minimum of five years. The statutory maximum sentences are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendant will be determined by the judge.
Mr. Clayton praised the efforts of Homeland Security Investigations, the Westchester County District Attorney’s Office, the Westchester County Police Department,the Eastchester Police Department, the Rockland Police Department, the Lake Forest Police Department, and the Cullman County Sheriff’s Office.
The prosecution is being handled by the Office’s White Plains Division. Assistant United States Attorney Marcia S. Cohen is in charge of the prosecution.
[1] As the introductory phrase signifies, the entirety of the text of the Complaint and the description of the Complaint set forth herein constitute only allegations, and every fact described should be treated as an allegation.
Defendant Admits to Concealing 50% Ownership of $7B Defense Contracting Business to Evade Taxes
WASHINGTON – Douglas Edelman, 73, a former defense contractor, pleaded guilty today to tax crimes related to a scheme to defraud the United States and evade taxes on income he earned from his contracts with the U.S. Department of Defense.
The sentence was announced U.S. Attorney Jeanine Ferris Pirro, Acting Deputy Assistant Attorney General Karen E. Kelly of the Justice Department’s Tax Division, and Special Agent in Charge Kareem A. Carter with IRS-Criminal Investigation (IRS-CI) Washington, D.C. Field Office.
Edelman pleaded guilty to 10 felony counts: conspiracy to defraud the United States, seven counts of tax evasion, and two counts of making a false statement. U.S. District Court Judge Colleen Kollar-Kotelly scheduled a hearing on issues related to sentencing on Nov. 17, 2026. Trial on the remaining counts of the indictment will be in 2026.
According to court documents and statements made in court, Edelman founded and owned 50% of Mina Corp. and Red Star Enterprises (Mina/Red Star), a defense contracting business that received more than $7 billion from contracts with the U.S. Department of Defense to provide jet fuel in the United States’ post-9/11 military efforts in Afghanistan and the Middle East.
Working with others, Edelman engaged in a lengthy scheme to hide his Mina/Red Star profits to evade U.S. taxes, including by concealing his income in undisclosed foreign bank accounts, creating false documents and making false statements that one of his co-conspirators — a French citizen residing abroad and without U.S. tax obligations — founded and owned Mina/Red Star.
For example, when the company became profitable in 2005, Edelman began taking distributions which he deposited into Swiss bank accounts, primarily at Credit Suisse, in the name of other companies he owned. In 2008, Credit Suisse informed Edelman that he had to either close his accounts or disclose them to U.S. authorities. Rather than come into compliance with his tax and reporting obligations, Edelman closed his accounts and opened new ones at Bank Julius Baer in Singapore in the name of a nominee entity, the beneficiaries of which were purportedly Edelman’s daughters. He then directed the subject income he earned from Mina/Red Star to those bank accounts.
In 2010 the U.S. House of Representatives Committee on Oversight and Government Reform’s Subcommittee on National Security and Foreign Affairs began investigating allegations of corruption in connection with Mina/Red Star’s contracts with the Department of Defense. As part of this inquiry, the subcommittee became interested in the identity of Mina/Red Star’s owners. At this time, Edelman had not filed U.S. tax returns to report the millions of dollars he had earned from Mina/Red Star and had not paid U.S. taxes on his income.
Rather than disclose his ownership, Edelman caused his attorneys to tell Congress a false story that a French co-conspirator who had no U.S. tax or reporting obligations founded and co-owed Mina/Red Star with another individual. To corroborate the false story, Edelman and a co-conspirator caused false and backdated paperwork to be created.
To continue the scheme, Edelman conveyed the false story about Mina/Red Star’s ownership to other arms of the U.S. government, including to the Department of Defense during contract negotiations in 2010 and 2011, to the IRS in a 2016 application to the Offshore Voluntary Disclosure Program, and to the Justice Department in a 2018 presentation.
In conjunction with his 2016 application to the IRS’s Voluntary Disclosure Program, Edelman filed false tax returns for several prior years that only reported income from gifts or purported consulting payments, continuing to conceal the millions he had earned from his company. On the returns, he also concealed profits he had earned from a separate business to provide internet service to members of the armed forces at Kandahar Air Base in Afghanistan.
Instead of paying the taxes that he knew he owed, Edelman used the money to fund his lifestyle and additional investments. He invested in a music television franchise in Eastern Europe, a land venture in Tulum, Mexico, and a farm in Kenya, and purchased property around Europe, including a home in Ibiza, Spain, and a townhouse in London.
Edelman faces a maximum penalty of five years in prison for each of the 10 counts to which he has pleaded. He also faces a period of supervised release, restitution, and monetary penalties. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.
This case is being investigated by special agents from IRS-CI’s International Tax & Financial Crimes specialty group, a team based out of Washington, D.C., that is dedicated to uncovering international tax crimes, along with the Special Inspector General for Afghanistan Reconstruction. The Justice Department’s Office of International Affairs assisted in the investigation. His Majesty’s Revenue & Customs of the United Kingdom also provided assistance, as did the Joint Chiefs of Global Tax Enforcement (J5), which brings together the taxing authorities of Australia, Canada, the Netherlands, the United Kingdom, and the United States. The Guardia Civil of Spain assisted with the arrest.
This case is being prosecuted by Assistant U.S. Attorney Joshua Gold for the District of Columbia and Assistant Chief Sarah Ranney and Trial Attorney Ezra Spiro of the Tax Division.
Defendant Misappropriated Millions of Dollars of Investors’ Funds for His Own Use Including to Purchase Real Estate and Luxury Vehicles
Earlier today, at the federal courthouse in Brooklyn, a federal jury convicted Braden John Karony on all counts of a three-count indictment charging him with conspiracy to commit securities fraud, wire fraud, and money laundering. The charges arose from the defendant’s and his co-conspirators’ roles in defrauding investors in a decentralized finance digital asset called “SafeMoon,” issued by their company SafeMoon LLC. As alleged, the defendant agreed with his co-conspirators to lie to SafeMoon investors about whether SafeMoon executives could access the liquidity pool and whether they were using the assets from the liquidity pool for their personal benefit. As SafeMoon’s market capitalization grew to more than $8 billion, the defendant fraudulently diverted and misappropriated millions of dollars’ worth of liquidity from the SafeMoon liquidity pool for their personal benefit. The verdict followed a 12-day trial before United States District Judge Eric R. Komitee. When sentenced, Karony faces up to 45 years in prison. The jury also issued a verdict to forfeit one residential property and the proceeds from the sale of another residential property, amounting to approximately $2 million.
Joseph Nocella, Jr., United States Attorney for the Eastern District of New York; Christopher G. Raia, Assistant Director in Charge, Federal Bureau of Investigation, New York Field Office (FBI); Harry T. Chavis, Jr., Special Agent in Charge, Internal Revenue Service Criminal Investigation, New York (IRS-CI); and Darren B. McCormack, Acting Special Agent in Charge, Homeland Security Investigations, New York (HSI New York) announced the verdict.
“As proven at trial, the SafeMoon digital asset was anything but safe and turned out to be pie in the sky for investors who were deliberately misled by Karony, a man who sought to get rich quick by stealing and diverting millions of dollars,” stated United States Attorney Nocella. “Karony used his scheme to purchase multiple homes, sports cars, custom trucks, and other luxury goods. Today’s guilty verdict should serve as a warning to all would-be fraudsters that my Office will vigorously prosecute individuals like the defendant who victimize digital asset investors and undermine investor confidence in digital assets markets, thereby threatening the stability and growth of these emerging technologies.”
Mr. Nocella expressed his appreciation to the U.S. Securities and Exchange Commission for its work on the case.
“Braden Karony, the CEO of SafeMoon, exploited his company’s digital portfolio with fictional success stories and stole millions of dollars in crypto-assets to finance luxury purchases,” stated FBI Assistant Director in Charge Raia. “Along with his co-conspirators, Karony violated his clients’ trust and wallets while attempting to conceal his misconduct through discreet transactions. May today’s conviction emphasize the FBI’s commitment to securing all markets and protecting the American people from individuals who abuse their position to satisfy personal greed.”
“Braden Karony misled investors; intentionally diverted and misappropriated millions in cryptocurrency for his personal benefit; and lined the driveways of his million dollar homes with luxury cars. While the name of his company is SafeMoon, there was nothing safe about this investment that was just a front for theft. By following the money with complex cryptocurrency tracing, IRS-CI New York’s Cyber and J5 groups worked with our investigative partners to see that this conman is held accountable for his greedy acts,” stated IRS-CI New York Special Agent in Charge Chavis. “The Joint Chiefs of Global Tax Enforcement (J5) is a global partnership that works together to gather information, share intelligence, and conduct coordinated operations against transnational financial crimes. The J5 includes the Australian Taxation Office, the Canada Revenue Agency, the Dutch Fiscal Intelligence and Investigation Service, His Majesty’s Revenue and Customs from the U.K. and IRS-CI from the U.S.”
“Steered by his selfish desires and insatiable greed, Braden John Karony treated millions of dollars in investors’ funds as his own personal bank account,” stated HSI New York Acting Special Agent in Charge McCormack. “The defendant will soon be trading his sprawling real estate and luxury vehicles for a jail cell within the four walls of a federal penitentiary. As reflected by today’s conviction, whether it involves fiat or crypto, HSI New York’s El Dorado Task Force will relentlessly pursue individuals intent on exploiting investors and the American financial system for their own gain.”
Background on SafeMoon
As proven at trial, SafeMoon tokens were digital assets first issued in March 2021 by SafeMoon LLC on a public blockchain. Through the operation of SafeMoon’s smart contract, every transaction in SafeMoon was automatically subject to a 10% tax, meaning, for example, that if a holder of SafeMoon transferred 10 SafeMoon to another user, 1 SafeMoon would automatically be retained from the transfer as a tax and the remaining 9 SafeMoon would be received by the other party. As marketed to SafeMoon investors, the proceeds of SafeMoon’s 10% tax were split into two 5% tranches, the proceeds of which were supposed to benefit holders of SafeMoon in specific ways. The first 5% tranche of the tax proceeds would be “reflected” back to, and distributed among, all SafeMoon holders in proportion to their current SafeMoon holdings and thereby increase the total quantity of SafeMoon held by every SafeMoon investor automatically. The remaining 5% tranche of SafeMoon tax proceeds would be deposited into designated SafeMoon liquidity pools. The larger the SafeMoon liquidity pool, the greater the liquidity in the market for SafeMoon. In the months after its launch in March 2021, SafeMoon grew to have millions of holders and a market capitalization of more than $8 billion.
The Defendants’ Fraudulent Scheme
Karony and his co-conspirators misrepresented various material aspects of the SafeMoon offering to investors. Such misrepresentations included that SafeMoon relied on “locked” liquidity pools that would automatically increase in size due to a 10% tax imposed on every SafeMoon transaction; that the “locked” SafeMoon liquidity pool prevented the defendants and other insiders at SafeMoon from being able to “rug pull”—a type of crypto fraud— SafeMoon investors by removing liquidity from the SafeMoon liquidity pool; that tokens in the liquidity pool would only be used for limited pre-defined business purposes, not personal enrichment; that the defendants would manually add token pairs to the SafeMoon liquidity pool when transactions of SafeMoon occurred on specific centralized exchanges; and that the developers were not and had not been holding and trading SafeMoon for their benefit.
In reality, Karony and his co-conspirators retained access to the SafeMoon liquidity pools and used that access to intentionally divert and misappropriate millions of dollars’ worth of tokens for their personal benefit. In addition, although they publicly denied that they personally held or traded SafeMoon, they repeatedly bought and sold SafeMoon, sometimes at the height of SafeMoon market price, which generated millions of dollars in profits. Karony and his co-conspirators masked their movement of the fraudulent proceeds via numerous private un-hosted crypto wallet addresses, complex transaction routing, and pseudonymous centralized exchange accounts. Karony acquired over $9 million in crypto assets from the scheme and used some of the proceeds to purchase luxury vehicles and real estate, including a $2.2 million home in Utah, additional homes in Utah and Kansas, a $277,000 Audi R8 sports car, another Audi R8, a Tesla, and custom Ford F-550 and Jeep Gladiator pickup trucks.
Co-conspirator Thomas Smith previously pleaded guilty and is awaiting sentencing. Co-conspirator Kyle Nagy remains at large.
The government’s case is being handled by the Office’s Business and Securities Fraud Section. Assistant United States Attorneys Dana Rehnquist, Sara K. Winik, and Jessica K. Weigel are in charge of the prosecution, with assistance from Paralegal Specialists Asher Martin-Rosenthal and Madison Bates. Assistant United States Attorney Laura Mantell is handling forfeiture matters.
TORONTO, May 21, 2025 (GLOBE NEWSWIRE) — BlackRock Asset Management Canada Limited (“BlackRock Canada”), an indirect, wholly-owned subsidiary of BlackRock, Inc. (NYSE: BLK), today announced the final May 2025 cash distributions for iShares Premium Money Market ETF. Unitholders of record on May 22, 2025 will receive cash distributions payable on May 30, 2025.
Details regarding the final “per unit” distribution amounts are as follows:
About BlackRock BlackRock’s purpose is to help more and more people experience financial well-being. As a fiduciary to investors and a leading provider of financial technology, we help millions of people build savings that serve them throughout their lives by making investing easier and more affordable. For additional information on BlackRock, please visit www.blackrock.com/corporate | Twitter: @BlackRockCA
About iShares ETFs iShares unlocks opportunity across markets to meet the evolving needs of investors. With more than twenty years of experience, a global line-up of 1500+ exchange traded funds (ETFs) and US$4.3 trillion in assets under management as of March 31, 2025, iShares continues to drive progress for the financial industry. iShares funds are powered by the expert portfolio and risk management of BlackRock.
iShares® ETFs are managed by BlackRock Asset Management Canada Limited.
Commissions, trailing commissions, management fees and expenses all may be associated with investing in iShares ETFs. Please read the relevant prospectus before investing. The funds are not guaranteed, their values change frequently and past performance may not be repeated. Tax, investment and all other decisions should be made, as appropriate, only with guidance from a qualified professional.
CALGARY, Alberta, May 21, 2025 (GLOBE NEWSWIRE) — Reconnaissance Energy Africa Ltd. (the “Company” or “ReconAfrica”) (TSXV: RECO) (OTCQX: RECAF) (Frankfurt: 0XD) (NSX: REC) announces an update to its investor relations contact, an update on the transaction with Namcor Exploration and Production (Pty) (“NAMCOR”) announced in the Company’s news release dated September 22, 2022 and that it intends to extend the expiry date of certain common share purchase warrants of the Company.
UPDATE TO INVESTOR RELATIONS CONTACT
Mr. Grayson Andersen has left ReconAfrica to pursue new career opportunities. The Company, its Board of Directors and Management thank Grayson for his contributions and wish him the best in his future endeavours.
Effective immediately, Mark Friesen has joined ReconAfrica as Managing Director, Investor Relations and Capital Markets and is based in Calgary. Mark has extensive energy finance and investor relations experience in the Canadian and U.S. markets. Mark’s prior corporate experience includes being the Director of Investor Relations with Kiwetinohk Energy Corp. and doing business development and corporate planning with Kiwetinohk, Murphy Oil Corporation and through his own consulting company. Mark began his career in equity research covering the energy sector at Bank of Montreal (BMO), FirstEnergy Capital Corp., TD Bank and Royal Bank of Canada (RBC). Mark holds a CFA (Chartered Financial Analyst) designation and received a Bachelor of Commerce (Hons) degree in Finance from the University of Manitoba.
Investors can continue to contact the Company by email at investors@reconafrica.com or by phone at +1-877-631-1160.
UPDATE ON NAMCOR TRANSACTION
The Company and NAMCOR have not yet completed the transaction pursuant to the definitive purchase and sale agreement announced September 22, 2022, but report that discussions are ongoing.
PROPOSED WARRANT EXTENSION
The Company intends to extend the expiry date of an aggregate 6,795,454 outstanding common share purchase warrants of the Company (the “July Warrants”) by 18 months to January 18, 2027 and an aggregate 1,071,500 outstanding common share purchase warrants of the Company (the “September Warrants” and collectively with the July Warrants, the “Warrants”) by 18 months to February 1, 2027 (collectively with the extension of July Warrants, the “Extension”).
The July Warrants were issued pursuant to a public offering which closed on July 18, 2023 and are set to expire on July 18, 2025. The July Warrants were issued pursuant to a warrant indenture dated July 18, 2023 between the Company and Odyssey Trust Company. Each July Warrant entitles the holder thereof to acquire one common share of the Company at a price of CAD $1.35 and all other terms of the July Warrants, including exercise price, will remain the same.
A total of 295,227 outstanding compensation warrants issued as compensation to the underwriters for part of the financing in July 2023 cannot be extended and will expire on July 18, 2025.
The September Warrants were issued pursuant to a non-brokered private placement which closed on September 1, 2023 and are set to expire on September 1, 2025. Each September Warrant entitles the holder thereof to acquire one common share of the Company at a price of CAD $1.40 and all other terms of the September Warrants, including exercise price, will remain the same.
220,000 of the July Warrants are held by parties who are considered to be “related parties” of the Company. The September Warrants are all held by parties who are considered to be “related parties” of the Company. Therefore, the amendment of Warrants constitutes a “related party transaction” as contemplated by Multilateral Instrument 61-101 Protection of Minority Shareholders in Special Transactions, and TSXV Policy 5.9 Protection of Minority Shareholders in Special Transactions. However, the exemptions from formal valuation and minority approval requirements provided for by these guidelines have been relied upon as the fair market value of the Warrants held by insiders does not exceed 25% of the market capitalization of the Company.
The Extension remains subject to receipt of approval of the TSX Venture Exchange.
About ReconAfrica
ReconAfrica is a Canadian oil and gas company engaged in the exploration of the Damara Fold Belt and Kavango Rift Basin in the Kalahari Desert of northeastern Namibia, southeastern Angola, and northwestern Botswana, where the Company holds rights to petroleum licences comprising over 13 million acres. The Company will be drilling its next well, Prospect I which is located onshore Namibia in Petroleum Exploration Licence 073 (“PEL 73”). This will be the Company’s largest exploration prospect drilled to date. In all aspects of its operations, ReconAfrica is committed to minimal disturbance of habitat in line with international standards and implementing environmental and social best practices in all of its project areas.
Neither the TSXV nor its Regulation Services Provider (as that term is defined in policies of the TSXV) accepts responsibility for the adequacy or accuracy of this release.
For further information contact:
Brian Reinsborough, President and Chief Executive Officer | Tel: +1-877-631-1160
Mark Friesen, Investor Relations | Tel: +1-877-631-1160
Certain statements contained in this press release constitute forward-looking information under applicable Canadian, United States and other applicable securities laws, rules and regulations, including, without limitation, the Company’s commitment to minimal disturbance of habitat, in line withbest international standards and its implementation of environmentalandsocialbestpracticesinallofitsprojectareas.Thesestatementsrelatetofutureeventsorfutureperformance. The use of any of the words “could”, “intend”, “expect”, “believe”, “will”, “projected”, “estimated” and similar expressions and statements relating to matters that are not historical facts are intended to identify forward-looking information and are based on ReconAfrica’scurrentbelieforassumptionsastotheoutcomeandtimingofsuchfutureevents.Therecanbenoassurancethat such statements will prove to be accurate, as the Company’s actual results and future events could differ materially from those anticipatedintheseforward-lookingstatementsasaresultofthefactorsdiscussedinthe“RiskFactors”sectionintheCompany’s annual information form for the period ended December 31, 2024, available under the Company’s profile atwww.sedarplus.ca. Actual future results may differ materially. Various assumptions or factors are typically applied in drawing conclusions or making the forecasts or projections set out in forward-looking information. Those assumptions and factors are based on information currently available to ReconAfrica. The forward-looking information contained in this release is made as of the date hereof and ReconAfrica undertakes no obligation to update or revise any forward-looking information, whether as a result of new information, future events or otherwise, except as required by applicable securities laws. Because of the risks, uncertainties and assumptions contained herein, investors should not place undue reliance on forward-looking information. The foregoing statements expressly qualify any forward-looking information contained herein.
CALGARY, Alberta, May 21, 2025 (GLOBE NEWSWIRE) — Prospera Energy Inc. (TSX.V: PEI, OTC: GXRFF) (“Prospera”, “PEI” or the “Corporation”)
Financing Update Prospera Energy is pleased to announce it has secured commitments for $3 million, with a substantial portion coming from company insiders through the recently announced convertible debenture and existing financing instruments. The funding is specifically earmarked for the recently initiated capital program and will be released in multiple tranches. This financing reflects strong internal alignment and confidence in Prospera’s strategic business plan. The capital injection accelerates the Corporation’s operational plans and positions it for continued production growth momentum throughout the summer. The recently announced convertible debenture offering remains open, presenting a timely opportunity for investors to participate alongside insiders as Prospera advances its execution strategy.
Operational Update Service rig activity has begun at Cuthbert, with capital allocated to five well workovers (including a high impact horizontal well remediation from the 2023 drilling program), multiple water injector cleanouts and continued infrastructure upgrades. At Luseland, a five-well reactivation program is planned with equipment ordered and preparations started to build five single well batteries (“SWB”).
The polymer flood pilot site has been finalized following reservoir analysis, injection capability & compatibility assessments, and source water confirmation. Lab and core analysis is now in progress with leading polymer partners as Prospera advances toward execution.
Prospera has completed its Q1 2025 reserves update, which reflect a $5 million increase in PDP reserves, now totaling $33 million —strengthening net asset value and capital-raising capacity.
Live Webinar to Accompany Q1 2025 Financial Results Stakeholders are encouraged to join Prospera Energy for a live investor webinar on May 22nd, 2025, at 10:00 AM MST, where management will review Q1 2025 financial results, key operational milestones, and the Company’s strategic direction: Click here to register.
Q1 2025 Financials In the first quarter of 2025, Prospera deployed $2.3 million of reactivation focused capital towards twenty-seven wells within its core, 100% owned Hearts Hill and Luseland properties. This program resulted in an additional production capability of 249 boe/d at an average capital efficiency of $9,317/boe. The full benefit of the Q1 capital program is expected to be realized in Q2 with all of the wells being online. Additionally, Prospera successfully advanced several strategic initiatives during the quarter, including:
1)
Secured Additional Term Debt Funding Obtained $3.3 million in additional advances pursuant to the term debt financing agreement executed in July 2024. This strategic funding enhances liquidity and supports the Corporation’s ongoing development and optimization programs.
2)
Acquisition of White Tundra Petroleum On March 6, 2025, the Corporation entered into an agreement to acquire 100% of the issued and outstanding common shares of White Tundra Petroleum (“WTP”), whose assets are located near Loyalist and Hanna, Alberta.
This related party transaction—due to the Corporation’s Executive Chairman also serving as WTP’s CEO and a shareholder—includes consideration of 18,000,000 Prospera common shares, contingent upon WTP achieving 85 boe/d for three consecutive days, and the assumption of $645,000 in debt. An additional 7,312,500 performance-based shares may be issued if production reaches 128 boe/d for seven consecutive days within six months of closing. The transaction, subject to TSXV approval, is expected to close on June 1, 2025.
3)
Convertible Debt Settlement On March 6, 2025, the Corporation reached a settlement agreement with the holders of $1,500,000 in convertible debt maturing on March 26, 2025. The agreement includes:
Refinancing the principal into a 12-month, $1,500,000 promissory note bearing 12% interest, with $250,000 monthly repayments beginning six months post-issuance. Interest will be paid as a balloon payment at the end of the term.
$200,000 of the total $559,375 accrued interest payable on the convertible debentures will be settled through the issuance of a 12-month convertible note bearing 12% interest, convertible into common shares of the Corporation at $0.05 per share. The Corporation retains the right to settle the convertible note in cash by providing thirty days notice, during which time the holder retains the right to convert.
the remaining $359,375 of accrued interest payable will be settled through the issuance of 8,984,371 common shares of the Corporation at a deemed price of $0.04 per share, subject to TSXV acceptance.
4)
Corporate Workforce Optimization Prospera completed a workforce optimization initiative that streamlined corporate decision-making and improved operational efficiency. This resulted in reductions in staffing, office, software, parking, and other G&A-related costs.
Operational highlights for Q1 2025 are as follows:
PEI realized average net sales of 660 boe/d in Q1 2025, an increase of 3% from Q1 2024 net sales of 640 boe/d; an increase of 6% from Q4 2024 net sales of 625 boe/d .
Sales revenue was $4,598,472 ($77.33/boe) in Q1 2025 compared to $3,932,190 ($67.44/boe) in Q1 2024, representing a 17% increase.
Operating costs per boe increased 54% in Q1 2025 at $59.46 per boe compared $38.69 per boe in Q1 2024. Costs were higher due to multiple unplanned electricity outages, one-time infrastructure and road upgrades, bringing field equipment to baseline operating conditions followed by enhanced maintenance programs, health and safety upgrades, and additional costs associated with extreme cold weather experienced during the quarter.
PEI earned an operating netback of $627,266 ($10.55/boe) in Q1 2025 compared to $1,608,373 ($27.56/boe) in Q1 2024; $153,901 ($2.68/boe) in Q4 2024.
About Prospera Prospera Energy Inc. is a publicly traded Canadian energy company specializing in the exploration, development, and production of crude oil and natural gas. Headquartered in Calgary, Alberta, Prospera is dedicated to optimizing recovery from legacy fields using environmentally safe and efficient reservoir development methods and production practices. The company’s core properties are strategically located in Saskatchewan and Alberta, including Cuthbert, Luseland, Hearts Hill, and Brooks. Prospera Energy Inc. is listed on the TSX Venture Exchange under the symbol PEI and the U.S. OTC Market under GXRFF.
Prospera reports gross production at the first point of sale, excluding gas used in operations and volumes from partners in arrears, even if cash proceeds are received. Gross production represents Prospera’s working interest before royalties, while net production reflects its working interest after royalty deductions. These definitions align with ASC 51-324 to ensure consistency and transparency in reporting. It is important to note that BOEs (barrels of oil equivalent) may be misleading, particularly if used in isolation. The BOE conversion ratio of 6 Mcf:1 bbl is based on an energy equivalency conversion method primarily applicable at the burner tip and does not represent a value equivalency at the wellhead.
FORWARD-LOOKING STATEMENTS This news release contains forward-looking statements relating to the future operations of the Corporation and other statements that are not historical facts. Forward-looking statements are often identified by terms such as “will,” “may,” “should,” “anticipate,” “expects” and similar expressions. All statements other than statements of historical fact included in this release, including, without limitation, statements regarding future plans and objectives of the Corporation, are forward-looking statements that involve risks and uncertainties. There can be no assurance that such statements will prove to be accurate and actual results and future events could differ materially from those anticipated in such statements.
Although Prospera believes that the expectations and assumptions on which the forward-looking statements are based are reasonable, undue reliance should not be placed on the forward-looking statements because Prospera can give no assurance that they will prove to be correct. Since forward-looking statements address future events and conditions, by their very nature they involve inherent risks and uncertainties. Actual results could differ materially from those currently anticipated due to a number of factors and risks. These include, but are not limited to, risks associated with the oil and gas industry in general (e.g., operational risks in development, exploration and production; delays or changes in plans with respect to exploration or development projects or capital expenditures; the uncertainty of reserve estimates; the uncertainty of estimates and projections relating to production, costs and expenses, and health, safety and environmental risks), commodity price and exchange rate fluctuations and uncertainties resulting from potential delays or changes in plans with respect to exploration or development projects or capital expenditures.
The reader is cautioned that assumptions used in the preparation of any forward-looking information may prove to be incorrect. Events or circumstances may cause actual results to differ materially from those predicted, as a result of numerous known and unknown risks, uncertainties, and other factors, many of which are beyond the control of Prospera. As a result, Prospera cannot guarantee that any forward-looking statement will materialize, and the reader is cautioned not to place undue reliance on any forward- looking information. Such information, although considered reasonable by management at the time of preparation, may prove to be incorrect and actual results may differ materially from those anticipated. Forward-looking statements contained in this news release are expressly qualified by this cautionary statement. The forward-looking statements contained in this news release are made as of the date of this news release, and Prospera does not undertake any obligation to update publicly or to revise any of the included forward-looking statements, whether as a result of new information, future events or otherwise, except as expressly required by Canadian securities law.
Neither TSXV nor its Regulation Services Provider (as that term is defined in the policies of the TSXV) accepts responsibility for the adequacy or accuracy of this release.
Source: United States Senator Kevin Cramer (R-ND)
WASHINGTON, D.C. – The United States and Canada share three oceans and the world’s longest border. About 400,000 people and more than $2.5 billion worth of goods and services move across the U.S.-Canada border each day. The relationship between the two countries fosters one of the most significant bilateral trading relationships in the world.
U.S. Senators Kevin Cramer (R-ND) and Angus King (I-ME), co-chairs of the bipartisan, bicameral American Canadian Economy and Security (ACES) Caucus, introduced a resolution today to recognize the U.S.-Canada partnership and its shared interests in economic, energy and critical minerals, and national security.
In 2023, North Dakota’s largest market was Canada. The state exported $5.9 billion in goods to Canada in 2023, representing 79% of North Dakota’s total goods exports. Top North Dakota goods exported to Canada include crude petroleum, cereals, natural gas, agricultural machinery, and more.
“Representing a Northern border state, I recognize the importance of the unique partnership between the United States and Canada,” said Cramer. “Not only are our neighbors to the north crucial economic and national security partners, but they are literally our closest ally. This resolution celebrates our closeness and is a testament to the enduring strength, friendship, and importance of the U.S.-Canada alliance across the country and the globe.”
“The United States and Canada have always been closely tied; we share our economies, cultures, military interests and more. In fact, in Maine, even our next door neighbor lives right across the border,” said King. “I continue to be proud of the work we have achieved under the American-Canadian Economy and Security (ACES) Caucus alongside my Senate Co-Chair Kevin Cramer, but know that the current situation presents many unfortunate challenges. While I am excited to reintroduce this resolution to reaffirm our two nations’ commitment to one another, we must acknowledge the close ties between our countries to resolve and mitigate any potential disruptions to our intertwined interests. As close trade partners and allies, I look forward to strengthening this close alliance to tackle these shared challenges and seize new opportunities.”
Among other provisions, the resolution recognizes the relationship between the United States and Canada is critical to promoting peace, expanding global economic opportunity, and being prepared to respond to unforeseen events. It also reaffirms the bilateral and international alliance between the two countries, which allows both countries to face common threats together and uphold common values, including democracy, human rights, and the rule of law.
Additionally, the resolution emphasizes the shared defense and security commitments between the two nations, including the modernization of the North American Aerospace Defense Command (NORAD), joint border security initiatives, and cooperation in combating transnational threats such as illegal migration and fentanyl trafficking.
The resolution is supported by U.S. Senators Marsha Blackburn (R-TN), Susan Collins (R-ME), Mike Crapo (R-ID), Maggie Hassan (D-NH), Amy Klobuchar (D-MN), Lisa Murkowski (R-AK), Mike Rounds (R-SD), and Peter Welch (D-VT). A similar resolution was introduced in the House by U.S. Representative Mark Amodei (R-NV-02).
Click here for bill text.
On May 20, 2025, the Food and Drug Administration announced a new stance on who should receive the COVID-19 vaccine.
The agency said it would approve new versions of the vaccine only for adults 65 years of age and older as well as for people with one or more risk factors for severe COVID-19 outcomes. These risk factors include medical conditions such as asthma, cancer, chronic kidney disease, heart disease and diabetes.
However, healthy younger adults and children who fall outside of these groups may not be eligible to receive the COVID-19 shot this fall. Vaccine manufacturers will have to conduct clinical trials to demonstrate that the vaccine benefits low-risk groups.
The Conversation U.S. asked Libby Richards, a nursing professor involved in public health promotion, to explain why the changes were made and what they mean for the general public.
According to Makary and Prasad, the Food and Drug Administration is moving away from these universal recommendations and instead taking a risk-based approach based on its interpretation of public health trends – specifically, the declining COVID-19 booster uptake, a lack of strong evidence that repeated boosters improve health outcomes for healthy people and the fact that natural immunity from past COVID-19 infections is widespread.
The FDA states it wants to ensure the vaccine is backed by solid clinical trial data, especially for low-risk groups.
Was this a controversial decision or a clear consensus?
The FDA’s decision to adopt a risk-based framework for the COVID-19 vaccine aligns with the expected recommendations from the Advisory Committee on Immunization Practices, an advisory group of vaccine experts offering expert guidance to the Centers for Disease Control and Prevention on vaccine policy, which is scheduled to meet in June 2025. But while this advisory committee was also expected to recommend allowing low-risk people to get annual COVID-19 vaccines if they want to, the FDA’s policy will likely make that difficult.
Although the FDA states that its new policy aims to promote greater transparency and evidenced-based decision-making, the change is controversial – in part because it circumvents the usual process for evaluating vaccine recommendations. The FDA is enacting this policy change by limiting its approval of the vaccine to high-risk groups, and it is doing so without any new data supporting its decision. Usually, however, the FDA broadly approves a vaccine based on whether it is safe and effective, and decisions on who should be eligible to receive it are left to the CDC, which receives research-based guidance from the Advisory Committee on Immunization Practices.
Another question is how health officials’ positions on COVID-19 vaccines affect public perception. Makary and Prasad noted that COVID-19 vaccination campaigns may have actually eroded public trust in vaccination. But some vaccine experts have expressed concerns that limiting COVID-19 vaccine access might further fuel vaccine hesitancy because any barrier to vaccine access can reduce uptake and hinder efforts to achieve widespread immunity.
What conditions count as risk factors?
The New England Journal of Medicine article includes a lengthy list of conditions that increase the risk of severe COVID-19 and notes that about 100 million to 200 million people will fall into this category and will thus be eligible to get the vaccine.
Pregnancy is included. Some items on the list, however, are unclear. For example, the list includes asthma, but the data that asthma is a risk factor for severe COVID-19 is scant.
Also on the list is physical inactivity, which likely applies to a vast swath of Americans and is difficult to define. Studies have found links between regular physical activity and reduced risk of severe COVID-19 infection, but it’s unclear how health care providers will define and measure physical inactivity when assessing a patient’s eligibility for COVID-19 vaccines.
The FDA is moving to risk-based access for COVID-19 vaccines.
The FDA is requiring vaccine manufactures to conduct additional large randomized clinical trials to further evaluate the safety and effectiveness of COVID-19 boosters for healthy adults and children. These trials will primarily test whether the vaccines prevent symptomatic infections, and secondarily whether they prevent hospitalization and death. Such trials are more complex, costly and time-consuming than the more common approach of testing for immunological response.
This requirement will likely delay both the timeliness and the availability of COVID-19 vaccine boosters and slow public health decision-making.
Will low-risk people be able to get a COVID-19 shot?
Not automatically. Under the new FDA framework, healthy adults who wish to receive the fall COVID-19 vaccine will face obstacles. Health care providers can administer vaccines “off-label”, but insurance coverage is widely based on FDA recommendations. The new, narrower FDA approval will likely reduce both access to COVID-19 vaccines for the general public and insurance coverage for COVID-19 vaccines.
The FDA’s focus on individual risks and benefits may overlook broader public health benefits. Communities with higher vaccination rates have fewer opportunities to spread the virus.
What about vaccines for children?
High-risk children age 6 months and older who have conditions that increase the risk of severe COVID-19 are still eligible for the vaccine under the new framework. As of now, healthy children age 6 months and older without underlying medical conditions will not have routine access to COVID-19 vaccines until further clinical trial data is available.
Existing vaccines already on the market will remain available, but it is unclear how long they will stay authorized and how the change will affect childhood vaccination overall.
Libby Richards has received funding from the National Institutes of Health, the American Nurses Foundation, and the Indiana Clinical and Translational Sciences Institute
Company Hosting Investor Webinar on Thursday May 22, 2025, at 10:00 AM EST
Q1 2025 revenue was $10.4 million, up 23% Y/Y excluding recent divestitures
Q1 2025 Income from Operations was $1.5 million, up 1,253% Y/Y excluding recent divestitures
Q1 2025 Adjusted EBITDA was $2.5 million, up 119% Y/Y excluding recent divestitures
TORONTO, May 21, 2025 (GLOBE NEWSWIRE) — NowVertical Group Inc. (TSX-V: NOW) (“NOW” or the “Company”), a leader in AI-driven data solutions, announces financial results for its first fiscal quarter ended March 31, 2025. Unless otherwise specified, all dollar amounts are expressed in U.S. dollars. Management will host an investor webinar at 10:00 AM EST (7:00 AM PST) on Thursday May 22nd, to discuss the Company’s financial and business results.
Selected Financial Highlights for the Three Months Ended March 31, 2025:
Revenue was $10.4 million in the three months ended March 31, 2025 (“Q1 2025”), a 20% decrease from $12.9 million for the three months ending March 31, 2024 (“Q1 2024”). Excluding the disposition of Allegient Defense, Inc. (“Allegient”) on May 24, 2024, Q1 2024 revenue was $8.4 million, translating to a year-over-year growth of 23%.
Gross Profit was $5.1 million in Q1 2025, a 15% decrease from $6.0 million in Q1 2024. Excluding the Allegient business, Q1 2024 gross profit was $4.5 million, translating to a year-over year increase of 15%.
Administrative Expenses were $3.6 million in Q1 2025, a 38% decrease from $5.8 million in Q1 2024. Excluding the Allegient business, Q1 2024 administrative expenses were $4.6 million, translating to a year-over-year decrease of 22%.
Income from Operations was $1.5 million in Q1 2025, a 660% increase from $0.2 million in Q1 2024. Excluding the Allegient business, Q1 2024 had a Loss from Operations of $0.1 million, translating to a year-over-year increase of 1,253%.
Adjusted EBITDA was $2.5 million in Q1 2025, a 69% increase from $1.5 million in Q1 2024. Excluding the Allegient business, Adjusted EBITDA was $1.2 million in Q1 2024, translating to a year-over-year increase of 119%.
Net Loss was $0.7 million in Q1 2025, a 55% decrease from $1.5 million in Q1 2024. Excluding the Allegient business, Net Loss was $1.9 million in Q1 2024, translating to a year-over-year decrease of 63%.
“NOW again delivered a strong quarter and continues to demonstrate its transformation into a business defined by consistency, stability, and sustainable performance. Q1 2025 marks our fifth consecutive quarter of continuous growth and operational improvement, underscoring our momentum across the business,” said Sandeep Mendiratta, CEO of NOW. “We delivered Adjusted EBITDA of $2.5 million, representing an EBITDA margin of 24%, in line with our $10 million annual run-rate target. Our 23% year-over-year revenue growth is a direct result of disciplined execution and a sharpened operational focus. We have successfully renegotiated acquisition-related liabilities, unlocking an estimated $5.4 million in cash savings and improving our payment schedules. These efforts have strengthened our balance sheet and position us for sustained organic revenue growth with strong margins across our core markets.”
Q1 2025 and Subsequent Business Highlights:
May 13, 2025: Announced that the company was named Qlik Latin America Channel Growth Partner of the Year 2024. The award highlights NOW’s ability to scale customer impact and accelerate business value.
May 08, 2025: Announced its UK operations have been recognised as a Google Cloud Premier Partner, the highest designation within the Google Cloud Partner Advantage programme.
April 22, 2025: The company announced that further to its news release on March 10, 2025, it has settled aggregate of CAD$35,220.62 representing the net amount of certain bonus entitlements owing to certain employees through the issuance of an aggregate of 93,917 Class A Subordinate voting shares in the capital of the Company
April 17, 2025: NOW announced the launch of its flagship Data Catalyst Solution on the Microsoft Azure Marketplace, reinforcing the Company’s strategic positioning at the intersection of enterprise AI, data infrastructure modernisation, and Microsoft ecosystem expansion.
April 14, 2025: The company announced that it will be presenting at the Planet MicroCap Showcase: VEGAS 2025 in partnership with MicroCapClub.
April 08, 2025: Announced that it has received the 2025 Google Cloud Data & Analytics Partner of the Year award for Latin America.
April 01, 2025: NOW announced its 2024 record financial results.
Q1 2025 Financial Results Investor Webinar:
The Company invites shareholders, analysts, investors, media representatives, and other stakeholders to attend our upcoming webinar. Management will discuss Q1 2025 results, followed by a question-and-answer session.
Investor Webinar Registration:
Time: Thursday, May 22, 2025, 10:00 AM in Eastern Time (US and Canada)
A recording of the webinar and supporting materials will be made available in the investor’s section of the Company’s website at https://www.nowvertical.com/news-and-media.
Additional Information:
The Company’s first quarter 2025 condensed consolidated interim financial statements, notes to financial statements, and management’s discussion and analysis for the three ended March 31, 2025, are available on the Company’s SEDAR+ profile at www.sedarplus.com. Unless otherwise indicated, all references to “$” in this press release refer to US dollars, and all references to “CAD$” in this press release refer to Canadian dollars.
About NowVertical Group Inc.
The Company is a data analytics and AI solutions company offering comprehensive solutions, software and services. As a global provider, we deliver cutting-edge data, technology, and artificial intelligence (AI) applications to private and public enterprises. Our solutions form the bedrock of modern enterprises, converting data investments into business solutions. NOW is growing organically and through strategic acquisitions. For further details about NOW, please visit www.nowvertical.com.
Neither the TSX Venture Exchange nor its Regulation Services Provider (as that term is defined in the policies of the TSX Venture Exchange) accepts responsibility for the adequacy or accuracy of this release.
Investor Relations: Bristol Capital Ltd. Stefan Eftychiou stefan@bristolir.com +1(905)326-1888 x60
Cautionary Note Regarding Non-IFRS Measures:
This news release refers to certain non-IFRS measures. These measures are not recognized measures under IFRS, do not have a standardized meaning prescribed by IFRS and are therefore unlikely to be comparable to similar measures presented by other companies. Rather, these measures are provided as additional information to complement those IFRS measures by providing further understanding of the Company’s results of operations from management’s perspective. The Company’s definitions of non-IFRS measures used in this news release may not be the same as the definitions for such measures used by other companies in their reporting. Non-IFRS measures have limitations as analytical tools and should not be considered in isolation nor as a substitute for analysis of the Company’s financial information reported under IFRS. The Company uses non IFRS financial measures including “EBITDA”, and “Adjusted EBITDA”. These non-IFRS measures are used to provide investors with supplemental measures of our operating performance and to eliminate items that have less bearing on our operational performance or operating conditions and thus highlight trends in our core business that may not otherwise be apparent when relying solely on IFRS measures. The Company believes that securities analysts, investors and other interested parties frequently use non-IFRS financial measures in the evaluation of issuers. The Company’s management also uses non-IFRS financial measures to facilitate operating performance comparisons from period to period and prepare annual budgets and forecasts.
Non-IFRS Measures:
The non-IFRS financial measures referred to in this news release are defined below. The management discussion and analysis for the three months ended March 31, 2025, available at nowvertical.com and on SEDAR+ at www.sedarplus.com contains supporting calculations for Adjusted Revenue, EBITDA % and Adjusted EBITDA
“Adjusted EBITDA” adjusts net income (loss) before depreciation and amortization expenses, net interest costs, and provision for income taxes for revenue adjustments in “Adjusted Revenue” and items such as acquisition accounting adjustments, transaction expenses related to acquisitions, transactional gains or losses on assets, asset impairment charges, non-recurring expense items, non-cash stock compensation costs, and the full year impact of cost synergies related to restructuring activities, such as a reduction of employees.
“EBITDA %” is defined as Adjusted EBITDA as a percentage of Adjusted Revenue.
“Adjusted Revenue” adjusts revenue to eliminate the effects of acquisition accounting on the Company’s revenues, which predominantly pertain to fair market value adjustments to the opening deferred revenue balances of acquired companies.
This news release may contain forward-looking statements and forward-looking information (within the meaning of applicable securities laws) which reflect the Company’s current expectations regarding future events. All statements in this news release that are not purely historical statements of fact are forward-looking statements and include statements regarding beliefs, plans, expectations, future, strategy, objectives, goals and targets. Although the Company believes that such statements are reasonable and reflect expectations of future developments and other factors which management believes to be reasonable and relevant, the Company can give no assurance that such expectations will prove to be correct. Forward-looking statements can generally be identified by the use of forward-looking words such as “may”, “should”, “will”, “could”, “intend”, “estimate”, “plan”, “anticipate”, “expect”, “believe” or “continue”, or the negative thereof or similar variations. Forward-looking statements involve known and unknown risks, uncertainties and other factors that may cause future results, performance, or achievements to be materially different from the estimated future results, performance or achievements expressed or implied by the forward-looking statements. Forward-looking statements are not guarantees of future performance and undue reliance should not be placed thereon, as unknown or unpredictable factors could have material adverse effects on future results, performance or achievements of the Company. Should one or more of these risks or uncertainties materialize, or should assumptions underlying the forward-looking statements prove incorrect, actual results may vary materially from those described herein as intended, planned, anticipated, believed, estimated or expected.
All of the forward-looking statement contained in this press release are qualified by the foregoing cautionary statements, and there can be no guarantee that the results or developments that we anticipate will be realized or, even if substantially realized, that they will have the expected consequences or effects on our business, financial condition or results of operation. Unless otherwise noted or the context otherwise indicates, the forward -looking statements contained herein are provided as of the date hereof, and the Company does not intend, and does not assume any obligation, to update the forward-looking statements except as otherwise required by applicable law.
Students, staff and the surrounding community are one step closer to more on-campus supports at Simon Fraser University (SFU) – Burnaby as construction starts on a new student residence and will begin later this year on a new child care facility.
“A safe and secure place to live and conveniently located child care can be transformative for students and parents working or studying on campus,” said Bowinn Ma, Minister of Infrastructure. “These new facilities will provide shorter commute times, allow students to focus on their studies and help ease pressure on the local rental market. Projects like this are one way we are investing in infrastructure that supports people in B.C.”
The new eight-storey residence will provide an additional 445 beds for students at the Burnaby campus. It will include a mix of studio and four-bedroom apartments, as well as two- and four-bedroom townhouses. Construction is expected to start in fall 2025 on a stand-alone child care centre, which will add 160 new child care spaces to more than 410 existing spaces in the Burnaby campus and at SFU’s Sapperton location. With these new spaces, more than 570 child care spaces will provide support to the SFU community.
Once complete, the residence will bring the total number of student beds on the SFU Burnaby campus to more than 3,000.
“I have met with many students at post-secondary campuses in B.C., and access to housing and child care are big factors when deciding if they can afford to build a better life for themselves,” said Anne Kang, Minister of Post-Secondary Education and Future Skills. “Since 2018, our government has made historic investments in student housing, making it easier for thousands of students across the province to gain the skills they need to fill the in-demand jobs our economy needs.”
Construction is expected to be completed on the student-housing residence and child care facility in fall 2027. The total capital cost of the project is $196.6 million, shared between the Province and SFU.
This project is Phase 3 of SFU’s ongoing student-housing expansion. Phases 1 and 2 added a combined 856 new beds for students, with funding for Phase 2 provided by the Province.
“Watching the Phase 3 site come to life has reinforced how vital new student housing is for our community,” said Ali Asgar Abdul Udaipurwala, a fourth-year undergraduate student at SFU’s Beedie School of Business, who lives in residence at the Burnaby campus. “As a community adviser and area co-ordinator, I have loved planning late-night events, movie nights and study breaks in our halls. I am excited for Phase 3 to become our next home away from home.”
Since 2018, the government has committed $2 billion to expand on-campus student housing at public post-secondary institutions throughout B.C. To date, 6,100 beds for students are open, with another 4,600 underway.
Since 2018, ChildCareBC’s space-creation programs have helped fund the creation of more than 40,900 new licensed child care spaces in B.C., with more than 24,900 of those operational. This child care project received $16 million through the ChildCareBC New Spaces Fund, which is jointly supported by provincial investments and federal funding provided under the 2021-22 to 2025-26 Canada-British Columbia Canada-wide Early Learning and Child Care Agreement. British Columbia and the federal government signed an extension to the agreement for 2026-27 to 2030-31.
Quotes:
Joy Johnson, president,Simon Fraser University–
“We are grateful for the Province’s continued investment in student housing and child care across the province. I look forward to continued growth of SFU’s resident student community on Burnaby Mountain and to continued partnership with the provincial government as we move forward. The post-secondary sector is united in our efforts to support British Columbians in tackling shared challenges, from housing to health care and beyond, as we make a difference for students and for communities across B.C.”
Rohini Arora, parliamentary secretary for child care, and MLA for Burnaby East –
“Creating 160 new child care spaces on SFU campus, where hard-working students, families and single parents can easily access the care they need, is one of the ways we are helping Burnaby get ahead. By ensuring parents, especially mothers, can access high-quality child care in Burnaby while attending higher education or working, we are setting both this generation and the next up for success.”
Learn More:
For more information about Simon Fraser University, visit: https://www.sfu.ca/
Source: United States House of Representatives – Congresswoman Sydney Kamlager California (37th District)
WASHINGTON, DC — In anticipation of Secretary of State Marco Rubio’s first appearance before the House Foreign Affairs Committee, Congresswoman Sydney Kamlager-Dove (D-CA) led 55 lawmakers in a bipartisan letter to Secretary Rubio inquiring about the State Department’s plans to ensure quick and secure visa processing for the expected influx of visitors coming to the U.S. for the 2026 FIFA World Cup, 2028 Olympic Games, and other major international sporting competitions. Reps. Young Kim (R-CA), Darin LaHood (R-IL), and Nikema Williams (D-GA) joined as co-leads.
Currently, six countries–Canada, Colombia, Honduras, India, Turkey, and UAE—have at least one U.S. diplomatic post with visa appointment wait times that extend beyond the start of the first FIFA26 game in the United States.
“The Olympics have the potential to bring up to 15 million visitors to the U.S. and produce an estimated $18 billion in economic impact. Over 5 billion viewers are projected to watch the FIFA World Cup, which could bring millions of visitors to the United States across 11 cities and generate an estimated $3.75 billion in economic revenue,” the lawmakers wrote.
They continued, “However, the success of these games hinges on the State Department’s ability to efficiently process the visa applications of spectators, athletes, and media, including providing adequate visa appointment availability and strategically offering visa interview waiver services where appropriate.
“To meet the moment, the State Department must not take a business-as-usual approach. Accommodating the anticipated surge in international visitation will require innovative solutions in the visa adjudication process that will allow us to maintain security safeguards while reducing unnecessary bureaucratic hurdles. It is critical to begin preparations now to demonstrate our nation’s ability to welcome the world,” the lawmakers concluded.
The letter also encouraged the Administration to update its current visa process to address visa processing challenges, including strategies to:
Develop a visa issuance process that maintains necessary security protocols while expediting processing for accredited individuals and entities participating in the games;
Ensure Consular Affairs is sufficiently resourced to support visa processing offices at overseas posts, disseminate information to Consular Affairs officers regarding games-related visa appointments, and handle the increased demand for visas well ahead of the games;
Establish protocols for visa issuance and entry from countries that are sanctioned or do not have U.S. consular offices, ensuring that all eligible athletes and support staff can participate in the games; and
Consider regulatory adjustments or other measures to reduce visa appointment wait times.
The full letter is HERE.
Reps. Sydney Kamlager-Dove, Young Kim, Darin LaHood, and Nikema Williams were joined by Reps. David Valadao, Bonnie Watson Coleman, Jonathan L. Jackson, Gilbert Ray Cisneros Jr., Sheila Cherfilus-McCormick, Aumua Amata Coleman, María Elvira Salazar, Henry C. “Hank” Johnson Jr., Pramila Jayapal, Jasmine Crockett, Kweisi Mfume, Ken Calvert, Josh Gottheimer, Nanette Diaz Barragán, Ted W. Lieu, Raja Krishnamoorthi, LaMonica McIver, Eric Swalwell, Frederica S. Wilson, Stephen F. Lynch, Nydia M. Velázquez, Emanuel Cleaver, Don Bacon, William R. Keating, Luz M. Rivas, Kevin Mullin, Dina Titus, Greg Stanton, Rick Larsen, Brendan F. Boyle, Tom Cole, Julia Brownley, Suzan K. DelBene, Michael T. McCaul, Michael V. Lawler, Robert Garcia, Mikie Sherrill, Emily Randall, Gabe Amo, Zoe Lofgren, Ami Bera, Suhas Subramanyam, Pete Aguilar, Dan Goldman, Sylvia R. Garcia, Julie Johnson, Nellie Pou, Derrick Van Orden, Kevin Kiley, Laura Friedman, and Jay Obernolte.
TORONTO, May 21, 2025 (GLOBE NEWSWIRE) — Clairvest Group Inc. (TSX: CVG) (“CVG”) today announced that it, together with Clairvest Equity Partners VII (“CEP VII”, collectively “Clairvest”), has recapitalized and invested in Beneficial Reuse Management (“BRM” or the “Company”) from Skyline Global Partners and other shareholders. Clairvest has been actively investing in the environmental services sector for over 19 years, and this transaction represents our 10th partnership in the industry.
BRM distributes products to the agriculture, landscape, wallboard, and construction end-markets by reusing or converting certain industrial waste streams into value-add products. BRM was founded in 1999 by Dave Schuurman and is currently led by Trevor Schuurman as its CEO & President. Headquartered in Chicago, Illinois, BRM operates six processing and manufacturing facilities and maintains a distribution network of over 116 locations to store and distribute materials for beneficial reuse programs.
“BRM is a unique company delivering a compelling value proposition for its customer base, including: (i) meeting the growing demand for specialty agricultural nutrients and recycled wallboard, and (ii) providing innovative waste disposal and recycling solutions for industrial waste generators. We are excited to partner with and support Trevor and his management team to execute an aggressive growth plan and become a leading beneficial reuse and industrial recycling company in the U.S.,” said Michael Castellarin, Managing Director of Clairvest.
“Finding innovative and environmentally friendly waste disposal alternatives for our customers has been a key focus for our business over the past two decades. We remain dedicated to partnering with our customers to provide innovative and effective beneficial reuse solutions – all while contributing to a healthier planet. With Clairvest’s deep industry expertise and strong track record supporting the growth of its partners, we are gaining more than just a capital partner – we are gaining a strategic ally to support our continued growth,” said Trevor Schuurman, CEO & President of BRM.
Raymond James served as exclusive financial advisor to BRM.
The BRM investment is Clairvest’s 69th platform investment and the third investment of CEP VII, a US$1.2 billion investment pool, US$300 million of which is from CVG.
About Clairvest Clairvest’s mission is to partner with entrepreneurs to help them build strategically significant businesses. Founded in 1987 by a group of successful Canadian entrepreneurs, Clairvest is a top performing private equity management firm with CAD $4.6 billion of capital under management. Clairvest invests its own capital and that of third parties through the Clairvest Equity Partners limited partnerships in owner-led businesses. Under the current management team, Clairvest has initiated investments in 69 different platform companies and generated top quartile performance over an extended period.
Contact Information Stephanie Lo Director of Investor Relations and Marketing Clairvest Group Inc. Tel: (416) 925-9270 stephaniel@clairvest.com
CALGARY, Alberta, May 21, 2025 (GLOBE NEWSWIRE) — Helium Evolution Incorporated (TSXV:HEVI) (“HEVI” or the “Company“), a Canadian-based helium exploration company focused on developing assets in southern Saskatchewan, is pleased to report that all matters presented for approval at its annual general and special meeting of shareholders held on May 21, 2025 (the “Meeting“) were approved. A total of 47,824,360 common shares representing 42.59% of the Company’s issued and outstanding common shares were voted in person or represented by proxy at the Meeting.
The shareholders voted in favour of all matters set out in the Company’s Management Information Circular dated April 7, 2025 (the “Circular”), including creating a new control person in ENEOS Xplora USA Limited, with greater than 98% of votes in favour. Additionally, the shareholders voted in favour of the election of all seven director nominees of HEVI for the ensuing year or until his or her successor is elected or appointed. Each nominee received greater than 99% of votes in favour.
At the Meeting, shareholders also approved: (1) fixing the number of directors of the Company for the ensuing year at seven; (2) appointing KPMG LLP as the auditors of the Company for the ensuing year and authorizing the directors to fix the remuneration to be paid to the auditors; and (3) approving and confirming the rolling 10% stock option plan of the Company, as more particularly described in the Company’s Circular.
Stay Connected to Helium Evolution
Shareholders and other parties interested in learning more about the Helium Evolution opportunity are encouraged to visit the Company’s website, which includes an updated corporatepresentation, and are invited to follow the Company on LinkedIn and X for ongoing corporate updates and helium industry information. Helium Evolution also provides an extensive, commissioned ‘deep-dive’ research report prepared by a third party whose background includes serving as a research analyst for several bank-owned and independent investment dealers.
About Helium Evolution Incorporated
Helium Evolution is a Canadian-based helium exploration company holding the largest helium land rights position in North America among publicly-traded companies, focused on developing assets in southern Saskatchewan. The Company has over five million acres of land under permit near proven discoveries of economic helium concentrations which will support scaling the exploration and development efforts across its land base. HEVI’s management and board are executing a differentiated strategy to become a leading supplier of sustainably-produced helium for the growing global helium market.
For further information, please contact:
NeithertheTSXVentureExchangenoritsRegulationServicesProvider(asthatterm isdefinedinthepoliciesoftheTSX Venture Exchange) accepts responsibility for the adequacy or accuracy of this release.
You might have heard of people using tape to literally keep their mouths shut while they sleep. Mouth taping has become a popular trend on social media, with many fans claiming it helps improve sleep and overall health.
The purported benefits of mouth taping during sleep are largely anecdotal, and include claims of better airflow, less snoring, improved asthma symptoms, less of a dry mouth, being less likely to have bad breath, and better sleep quality.
The rationale for mouth taping during sleep is to encourage breathing through the nose rather than through the mouth. When a person’s nasal passages are blocked, breathing switches from the nose to the mouth. Mouth breathing has been linked to conditions such as obstructive sleep apnoea.
But is mouth taping an effective way to address these issues, and is it safe? A new review suggests taping your mouth shut while you sleep offers limited benefits – and could pose risks.
What did the review find?
In a new paper, Canadian researchers reviewed the scientific literature on mouth taping, searching for studies that mentioned terms such as “mouth breathing”, “mouth taping” and “sleep”.
They searched specifically for studies looking at people with known mouth breathing and breathing-related sleeping problems such as obstructive sleep apnoea to understand the potential benefits and harms of mouth taping for this group.
Obstructive sleep apnoea is a condition where your airway is partly or completely blocked at times while you’re asleep. This can cause you to stop breathing for short periods, called “apnoeas”. Apnoeas can happen many times a night, resulting in lowered oxygen levels in the blood as well as sleep disruption.
The researchers found ten eligible studies published between 1999 and 2024, with a total of 213 participants. Eight studies looked at mouth taping, and two studies involved using a chin strap to keep the mouth shut.
Only two studies identified any benefits of mouth taping for mild obstructive sleep apnoea. The observed improvements – to measures such as oxygen levels in the blood and number of apnoeas per hour – were modest.
And although they were statistically significant, they were probably not clinically significant. This means these changes likely wouldn’t make much difference to symptoms or treatment decisions.
The remainder of studies found no evidence mouth taping helps to treat mouth breathing or related conditions.
What’s more, four studies warned about potential serious harms. In particular, covering the mouth could pose a risk of asphyxiation (lack of oxygen that can lead to unconsciousness or death) for people whose mouth breathing is caused by significant blockage of the nasal airways. This kind of nasal obstruction could be a result of conditions such as hay fever, deviated septum, or enlarged tonsils.
In other words, mouth taping is definitely not a good idea if you have a blocked nose, as it’s unsafe to have both the nose and the mouth obstructed at the same time during sleep.
What’s the take-home message?
The authors concluded there are very few benefits and some potential serious risks associated with mouth taping in people who are mouth breathers or have obstructive sleep apnoea.
They did however note we need further high-quality evidence to better understand if mouth taping is safe and works.
This review didn’t focus on any research relating to mouth taping for proposed improvements to mood, skin, digestion, sharper jaw lines and other things, so the researchers could not draw conclusions about the efficacy and safety of mouth taping for those purposes.
If you have concerns about your sleep, the best thing to do is to consult trusted scientific sources or a health-care professional who will be able to guide you to address the underlying causes of your sleep challenges.
Trying social media trends such as mouth taping before you seek expert advice could lead to delays in diagnosing serious conditions for which there are evidence-based treatments available.
It’s possible that in some healthy adults, without respiratory conditions, without significant sleep disorders, and who don’t have tape allergies, that mouth taping could pose little harm and produce some modest benefits. But we don’t have enough evidence yet to know one way or the other.
Moira Junge is CEO of The Sleep Health Foundation. She is also affiliated with the Healthylife Health Advisory Board and is a psychologist and clinic director at Yarraville Health Group.
Source: United States Senator Peter Welch (D-Vermont)
WASHINGTON, D.C. — U.S. Senator Peter Welch today joined Senators Kevin Cramer (R-N.D.) and Angus King (I-Maine) in introducing a resolution to recognize the U.S.-Canada partnership and its shared interests in economic, energy and critical minerals, and national security. The United States and Canada share three oceans and the world’s longest border. About 400,000 people and more than $2.5 billion worth of goods and services move across the U.S.-Canada border each day.
Canada is the largest trading partner for 34 U.S. states, including Vermont. In 2024 alone, trade with Canada accounted for 35% of Vermont’s exports, 67% of imports, and 56% of its total trade. One in four businesses in Vermont relies on trade with Canada and sells more goods to Canada than the next six largest foreign markets combined. In 2023, Vermont exported $150 million just in food and agricultural products to Canada.
“Canada is Vermont’s biggest trading partner and one of our most important allies—but first and foremost, they’re our friend. That friendship is based on centuries of trust and mutual respect, and the success of our northern neighbors directly impacts the success of hardworking families, businesses, farms, and manufacturers here in the United States. This administration is challenging that relationship,” said Senator Welch. “Attacks on Canada—whether through rhetoric or reckless trade policy—are eroding the bond between our two countries. Staying rooted in the values that have defined our relationship over time–respect, trust, and friendship–are vital to strengthening our alliance now and in the future.”
“Representing a Northern border state, I recognize the importance of the unique partnership between the United States and Canada,” said Senator Cramer. “Not only are our neighbors to the north crucial economic and national security partners, but they are literally our closest ally. This resolution celebrates our closeness and is a testament to the enduring strength, friendship, and importance of the U.S.-Canada alliance across the country and the globe.”
“The United States and Canada have always been closely tied; we share our economies, cultures, military interests and more. In fact, in Maine, even our next door neighbor lives right across the border,” said Senator King. “I continue to be proud of the work we have achieved under the American-Canadian Economy and Security (ACES) Caucus alongside my Senate Co-Chair Kevin Cramer, but know that the current situation presents many unfortunate challenges. While I am excited to reintroduce this resolution to reaffirm our two nations’ commitment to one another, we must acknowledge the close ties between our countries to resolve and mitigate any potential disruptions to our intertwined interests. As close trade partners and allies, I look forward to strengthening this close alliance to tackle these shared challenges and seize new opportunities.”
Among other provisions, the resolution recognizes the relationship between the United States and Canada is critical to promoting peace, expanding global economic opportunity, and being prepared to respond to unforeseen events. It also reaffirms the bilateral and international alliance between the two countries, which allows both countries to face common threats together and uphold common values, including democracy, human rights, and the rule of law.
Additionally, the resolution emphasizes the shared defense and security commitments between the two nations, including the modernization of the North American Aerospace Defense Command (NORAD), joint border security initiatives, and cooperation in combating transnational threats such as illegal migration and fentanyl trafficking.
In addition to Senators Welch, Cramer, and King, the resolution is supported by Sens. Mike Crapo (R-Idaho), Maggie Hassan (D-N.H.), Marsha Blackburn (R-Tenn.), Amy Klobuchar (D-Minn.), Susan Collins (R-Maine), Lisa Murkowski (R-Ark.), and Mike Rounds (R-S.D.). A similar resolution was introduced in the House by U.S. Representative Mark Amodei (R-NV-02).
Read and download the full text of the resolution.
Bakersfield, CA, May 21, 2025 (GLOBE NEWSWIRE) — Trio Petroleum Corp (NYSE American: TPET) (“Trio” or the “Company”), a California-based oil and gas company, today is pleased to announce that it has closed on the balance of certain petroleum and natural gas properties held by Novacor Exploration Ltd. (“Novacor”). More specifically, TPET closed on the remaining Novacor TWP47 assets, located at the South-West quarter of Section 19, Township 47, Range 26W3M. These assets are in the prolific Lloydminster, Saskatchewan heavy oil region (the “Acquisition”). This acquisition strategically positions the Company to expand its operations into one of North America’s most promising heavy oil basins, with upside potential for long term production and reserve growth. Since the Novacor assets are in the heavy oil area, Trio believes they offer economic development and low operational costs. Trio also believes that the market accessibility combined with a favorable regulatory process makes this area very attractive for continued and future development within these lands.
As reported in the Company’s press release on April 10, 2025, the Novacor assets are located at the South-West quarter of Section 19, Township 47, Range 26W3M and the Northeast Section 3, Township 48, Range 24W3M, both in the Lloydminster, Saskatchewan area. There are currently seven producing wells located on the two properties. Production from the wells in Section 19 is subject to Freehold Royalties of 13.5% and a GORR of 2%, and production from the wells in Section 3 is subject to Freehold Royalties of 15%. The wells produce heavy crude oil from the McLaren/Sparky and Lloydminster formation(s). Novacor is the operator of these cash flow positive wells and has the capability to rapidly double production. The area is home to some of the largest players in the industry such as Cenovus Energy, Canadian Natural Resources, Baytex Energy, Rife Resources and many others who have made Heavy Oil a staple of their operation, and where numerous opportunities to acquire additional highly economic fields exist.
Important in this acquisition is Novacor’s ability to address recent fluctuations in global oil prices and their limited impact on the company’s operations. Novacor will continue as operator of the assets. While market volatility is inherent in the energy sector, the Company believes that Novacor’s strategic focus on operational efficiency and low lift costs provides a significant buffer against downward price pressures.
Novacor’s current lift cost stands at a competitive CDN $10.00 per barrel. Trio believes that this low operational expenditure will help ensure Trio maintains strong profitability even in a lower oil price environment. Trio also believes that its commitment to cost management and efficient production techniques will allow it to navigate market fluctuations with greater resilience compared to companies with higher operating costs, thus providing Trio with a significant advantage in its ability to produce oil economically in the current market.
Novacor has a long history of oil and gas development in the area. Trio’s plan is to aggressively grow its footprint in the area utilizing Novacor as an operator of the assets. The Company will continue to seek opportunities for strategic growth and optimization with Novacor’s operational efficiencies and its plan is to deliver consistent value to shareholders through a disciplined approach to operations and cost management.”
Mr. Ross, Trio’s CEO stated, “Our immediate plan is to initiate our workover program to increase production on these newly acquired assets and we believe our next couple of quarters should reflect the benefit of our work. Our focus remains on acquiring projects that generate immediate cash flow or offer transformative growth potential with strategic investment. We believe that this approach aligns with our long-term vision of creating exponential value while managing risk and resources effectively.”
Terms of the Acquisition
The stated purchase price of the Acquisition was US$650,000 in cash paid in two tranches, and 526,536 in shares of common stock of Trio, which were registered for resale in a registration statement which Trio expects to be declared effective by the United States Securities and Exchange Commission in the near future. The Company paid Novacor a good faith deposit of $65,000, which was applied to the cash portion of the purchase price at the initial closing.
About Trio Petroleum Corp
Trio Petroleum Corp is an oil and gas exploration and development company in California, Utah and Lloydminster, Saskatchewan.
All statements in this press release of Trio Petroleum Corp (“Trio”) and its representatives and partners that are not based on historical fact are “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act of 1995 and the provisions of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended (the “Acts”). In particular, when used in the preceding discussion, the words “estimates,” “believes,” “hopes,” “expects,” “intends,” “on-track”, “plans,” “anticipates,” or “may,” and similar conditional expressions are intended to identify forward-looking statements within the meaning of the Acts and are subject to the safe harbor created by the Acts. Any statements made in this news release other than those of historical fact, about an action, event or development, are forward-looking statements. While management has based any forward-looking statements contained herein on its current expectations, the information on which such expectations were based may change. These forward-looking statements rely on a number of assumptions concerning future events and are subject to a number of risks, uncertainties, and other factors, many of which are outside of the Trio’s control, that could cause actual results to materially and adversely differ from such statements. Such risks, uncertainties, and other factors include, but are not necessarily limited to, those set forth in the Risk Factors sections of the Trio reports filed with the Securities and Exchange Commission (SEC). Copies of such documents are available on the SEC’s website, www.sec.gov. Trio undertakes no obligation to update these statements for revisions or changes after the date of this release, except as required by law.
In a first, researchers from NASA and Virginia Tech used satellite data to measure the height and speed of potentially hazardous flood waves traveling down U.S. rivers. The three waves they tracked were likely caused by extreme rainfall and by a loosened ice jam. While there is currently no database that compiles satellite data on river flood waves, the new study highlights the potential of space-based observations to aid hydrologists and engineers, especially those working in communities along river networks with limited flood control structures such as levees and flood gates. Unlike ocean waves, which are ordinarily driven by wind and tides, and roll to shore at a steady clip, river waves (also called flood or flow waves) are temporary surges stretching tens to hundreds of miles. Typically caused by rainfall or seasonal snowmelt, they are essential to shuttling nutrients and organisms down a river. But they can also pose hazards: Extreme river waves triggered by a prolonged downpour or dam break can produce floods. “Ocean waves are well known from surfing and sailing, but rivers are the arteries of the planet. We want to understand their dynamics,” said Cedric David, a hydrologist at NASA’s Jet Propulsion Laboratory in Southern California and a coauthor of a new study published May 14 in Geophysical Research Letters.
Measuring Speed and Size To search for river waves for her doctoral research, lead author Hana Thurman of Virginia Tech turned to a spacecraft launched in 2022. The SWOT (Surface Water and Ocean Topography) satellite is a collaboration between NASA and the French space agency CNES (Centre National d’Études Spatiales). It is surveying the height of nearly all of Earth’s surface waters, both fresh and salty, using its sensitive Ka-band Radar Interferometer (KaRIn). The instrument maps the elevation and width of water bodies by bouncing microwaves off the surface and timing how long the signal takes to return. “In addition to monitoring total storage of waters in lakes and rivers, we zoom in on dynamics and impacts of water movement and change,” said Nadya Vinogradova Shiffer, SWOT program scientist at NASA Headquarters in Washington. Thurman knew that SWOT has helped scientists track rising sea levels near the coast, spot tsunami slosh, and map the seafloor, but could she identify river height anomalies in the data indicating a wave on the move? She found that the mission had caught three clear examples of river waves, including one that arose abruptly on the Yellowstone River in Montana in April 2023. As the satellite passed overhead, it observed a 9.1-foot-tall (2.8-meter-tall) crest flowing toward the Missouri River in North Dakota. It was divided into a dramatic 6.8-mile-long (11-kilometer-long) peak followed by a more drawn‐out tail. These details are exciting to see from orbit and illustrate the KaRIn instrument’s uniquely high spatial resolution, Thurman said. Sleuthing through optical Sentinel-2 imagery of the area, she determined that the wave likely resulted from an ice jam breaking apart upstream and releasing pent-up water. The other two river waves that Thurman and the team found were triggered by rainfall runoff. One, spotted by SWOT starting on Jan. 25, 2024, on the Colorado River south of Austin, Texas, was associated with the largest flood of the year on that section of river. Measuring over 30 feet (9 meters) tall and 166 miles (267 kilometers) long, it traveled around 3.5 feet (1.07 meters) per second for over 250 miles (400 kilometers) before discharging into Matagorda Bay. The other wave originated on the Ocmulgee River near Macon, Georgia, in March 2024. Measuring over 20 feet (6 meters) tall and extending more than 100 miles (165 kilometers), it traveled about a foot (0.33 meters) per second for more than 124 miles (200 kilometers). “We’re learning more about the shape and speed of flow waves, and how they change along long stretches of river,” Thurman said. “That could help us answer questions like, how fast could a flood get here and is infrastructure at risk?” Complementary Observations Engineers and water managers measuring river waves have long relied on stream gauges, which record water height and estimate discharge at fixed points along a river. In the United States, stream gauge networks are maintained by agencies including the U.S. Geological Survey. They are sparser in other parts of the world. “Satellite data is complementary because it can help fill in the gaps,” said study supervisor George Allen, a hydrologist and remote sensing expert at Virginia Tech. If stream gauges are like toll booths clocking cars as they pass, SWOT is like a traffic helicopter taking snapshots of the highway. The wave speeds that SWOT helped determine were similar to those calculated using gauge data alone, Allen said, showing how the satellite could help monitor waves in river basins without gauges. Knowing where and why river waves develop can help scientists tracking changing flood patterns around the world. Orbiting Earth multiple times each day, SWOT is expected to observe some 55% of large-scale floods at some stage in their life cycle. “If we see something in the data, we can say something,” David said of SWOT’s potential to flag dangerous floods in the making. “For a long time, we’ve stood on the banks of our rivers, but we’ve never seen them like we are now.” More About SWOT The SWOT satellite was jointly developed by NASA and CNES, with contributions from the Canadian Space Agency (CSA) and the UK Space Agency. NASA’s Jet Propulsion Laboratory, managed for the agency by Caltech in Pasadena, California, leads the U.S. component of the project. For the flight system payload, NASA provided the Ka-band radar interferometer (KaRIn) instrument, a GPS science receiver, a laser retroreflector, a two-beam microwave radiometer, and NASA instrument operations. The Doppler Orbitography and Radioposition Integrated by Satellite system, the dual frequency Poseidon altimeter (developed by Thales Alenia Space), the KaRIn radio-frequency subsystem (together with Thales Alenia Space and with support from the UK Space Agency), the satellite platform, and ground operations were provided by CNES. The KaRIn high-power transmitter assembly was provided by CSA. News Media Contacts Jane J. Lee / Andrew WangJet Propulsion Laboratory, Pasadena, Calif.818-354-0307 / 626-379-6874Written by Sally Younger2025-074
News In Brief – Source: US Computer Emergency Readiness Team
Executive Summary
This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (85th GTsSS), military unit 26165—tracked in the cybersecurity community under several names (see “Cybersecurity Industry Tracking”). The actors’ cyber espionage-oriented campaign, targeting technology companies and logistics entities, uses a mix of previously disclosed tactics, techniques, and procedures (TTPs). The authoring agencies expect similar targeting and TTP use to continue.
Executives and network defenders at logistics entities and technology companies should recognize the elevated threat of unit 26165 targeting, increase monitoring and threat hunting for known TTPs and indicators of compromise (IOCs), and posture network defenses with a presumption of targeting.
This cyber espionage-oriented campaign targeting logistics entities and technology companies uses a mix of previously disclosed TTPs and is likely connected to these actors’ wide scale targeting of IP cameras in Ukraine and bordering NATO nations.
The following authors and co-sealers are releasing this CSA:
United States National Security Agency (NSA)
United States Federal Bureau of Investigation (FBI)
United Kingdom National Cyber Security Centre (NCSC-UK)
Germany Federal Intelligence Service (BND) Bundesnachrichtendienst
Germany Federal Office for Information Security (BSI) Bundesamt für Sicherheit in der Informationstechnik
Germany Federal Office for the Protection of the Constitution (BfV) Bundesamt für Verfassungsschutz
Czech Republic Military Intelligence (VZ) Vojenské zpravodajství
Czech Republic National Cyber and Information Security Agency (NÚKIB) Národní úřad pro kybernetickou a informační bezpečnost
Czech Republic Security Information Service (BIS) Bezpečnostní informační služba
Poland Internal Security Agency (ABW) Agencja Bezpieczeństwa Wewnętrznego
Poland Military Counterintelligence Service (SKW) Służba Kontrwywiadu Wojskowego
United States Cybersecurity and Infrastructure Security Agency (CISA)
United States Department of Defense Cyber Crime Center (DC3)
United States Cyber Command (USCYBERCOM)
Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC)
Canadian Centre for Cyber Security (CCCS)
Danish Defence Intelligence Service (DDIS) Forsvarets Efterretningstjeneste
Estonian Foreign Intelligence Service (EFIS) Välisluureamet
Estonian National Cyber Security Centre (NCSC-EE) Küberturvalisuse keskus
French Cybersecurity Agency (ANSSI) Agence nationale de la sécurité des systèmes d’information
Netherlands Defence Intelligence and Security Service (MIVD) Militaire Inlichtingen- en Veiligheidsdienst
Download the PDF version of this report:
Russian GRU Targeting Western Logistics Entities and Technology Companies (PDF, 1,081KB)
For a downloadable list of IOCs, visit:
Introduction
For over two years, the Russian GRU 85th GTsSS, military unit 26165—commonly known in the cybersecurity community as APT28, Fancy Bear, Forest Blizzard, BlueDelta, and a variety of other identifiers—has conducted this campaign using a mix of known tactics, techniques, and procedures (TTPs), including reconstituted password spraying capabilities, spearphishing, and modification of Microsoft Exchange mailbox permissions. In late February 2022, multiple Russian state-sponsored cyber actors increased the variety of cyber operations for purposes of espionage, destruction, and influence—with unit 26165 predominately involved in espionage. [1] As Russian military forces failed to meet their military objectives and Western countries provided aid to support Ukraine’s territorial defense, unit 26165 expanded its targeting of logistics entities and technology companies involved in the delivery of aid. These actors have also targeted Internet-connected cameras at Ukrainian border crossings to monitor and track aid shipments. Note: This advisory uses the MITRE ATT&CK® for Enterprise framework, version 17. See Appendix A: MITRE ATT&CK tactics and techniques for a table of the threat actors’ activity mapped to MITRE ATT&CK tactics and techniques. This advisory uses the MITRE D3FEND® framework, version 1.0.
Description of Targets
The GRU unit 26165 cyber campaign against Western logistics providers and technology companies has targeted dozens of entities, including government organizations and private/commercial entities across virtually all transportation modes: air, sea, and rail. These actors have targeted entities associated with the following verticals within NATO member states, Ukraine, and at international organizations:
Defense Industry
Transportation and Transportation Hubs (ports, airports, etc.)
Maritime
Air Traffic Management
IT Services
In the course of the targeting lifecycle, unit 26165 actors identified and conducted follow-on targeting of additional entities in the transportation sector that had business ties to the primary target, exploiting trust relationships to attempt to gain additional access [T1199].
The actors also conducted reconnaissance on at least one entity involved in the production of industrial control system (ICS) components for railway management, though a successful compromise was not confirmed [TA0043].
The countries with targeted entities include the following, as illustrated in Figure 1:
Bulgaria
Czech Republic
France
Germany
Greece
Italy
Moldova
Netherlands
Poland
Romania
Slovakia
Ukraine
United States
Figure 1: Countries with Targeted Entities
Initial Access TTPs
To gain initial access to targeted entities, unit 26165 actors used several techniques to gain initial access to targeted entities, including (but not limited to):
The actors abused vulnerabilities associated with a range of brands and models of small office/home office (SOHO) devices to facilitate covert cyber operations, as well as proxy malicious activity via devices with geolocation in proximity to the target [T1665]. [2]
Credential Guessing/Brute Force
Unit 26165 actors’ credential guessing [T1110.001] operations in this campaign exhibit some similar characteristics to those disclosed in the previous CSA “Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments.” [3] Based on victim network investigations, the current iteration of this TTP employs a similar blend of anonymization infrastructure, including the use of Tor and commercial VPNs [T1090.003]. The actors frequently rotated the IP addresses used to further hamper detection. All observed connections were made via encrypted TLS [T1573].
Spearphishing
GRU unit 26165 actors’ spearphishing emails included links [T1566.002] leading to fake login pages impersonating a variety of government entities and Western cloud email providers’ webpages. These webpages were typically hosted on free third-party services or compromised SOHO devices and often used legitimate documents associated with thematically similar entities as lures. The subjects of spearphishing emails were diverse and ranged from professional topics to adult themes. Phishing emails were frequently sent via compromised accounts or free webmail accounts [T1586.002, T1586.003]. The emails were typically written in the target’s native language and sent to a single targeted recipient.
Some campaigns employed multi-stage redirectors [T1104] verifying IP-geolocation [T1627.001] and browser fingerprints [T1627] to protect credential harvesting infrastructure or provide multifactor authentication (MFA) [T1111] and CAPTCHA relaying capabilities [T1056]. Connecting endpoints failing the location checks were redirected to a benign URL [T1627], such as msn.com. Redirector services used include:
Webhook[.]site
FrgeIO
InfinityFree
Dynu
Mocky
Pipedream
Mockbin[.]org
The actors also used spearphishing to deliver malware (including HEADLACE and MASEPIE) executables [T1204.002] delivered via third-party services and redirectors [T1566.002], scripts in a mix of languages [T1059] (including BAT [T1059.003] and VBScript [T1059.005]) and links to hosted shortcuts [T1204.001].
CVE Usage
Throughout this campaign, GRU unit 26165 weaponized an Outlook NTLM vulnerability (CVE-2023-23397) to collect NTLM hashes and credentials via specially crafted Outlook calendar appointment invitations [T1187]. [4],[5] These actors also used a series of Roundcube CVEs (CVE-2020-12641, CVE-2020-35730, and CVE-2021-44026) to execute arbitrary shell commands [T1059], gain access to victim email accounts, and retrieve sensitive data from email servers [T1114].
Since at least fall 2023, the actors leveraged a WinRAR vulnerability (CVE-2023-38831) allowing for the execution of arbitrary code embedded in an archive as a means of initial access [T1659]. The actors sent emails with malicious attachments [T1566.001] or embedded hyperlinks [T1566.002] that downloaded a malicious archive prepared using this CVE.
Post-Compromise TTPs
After an initial compromise using one of the above techniques, unit 26165 actors conducted contact information reconnaissance to identify additional targets in key positions [T1589.002]. The actors also conducted reconnaissance of the cybersecurity department [T1591], individuals responsible for coordinating transport [T1591.004], and other companies cooperating with the victim entity [T1591.002].
The actors used native commands and open source tools, such as Impacket and PsExec, to move laterally within the environment [TA0008]. Multiple Impacket scripts were used as .exe files, in addition to the python versions, depending on the victim environment. The actors also moved laterally within the network using Remote Desktop Protocol (RDP) [T1021.001] to access additional hosts and attempt to dump Active Directory NTDS.dit domain databases [T1003.003] using native Active Directory Domain Services commands, such as in Figure 2: Example Active Directory Domain Services command:
C:Windowssystem32ntdsutil.exe "activate instance ntds" ifm "create full C:temp[a-z]{3}" quit quit
Figure 2: Example Active Directory Domain Services command
Additionally, GRU unit 26165 actors used the tools Certipy and ADExplorer.exe to exfiltrate information from the Active Directory. The actors installed python [T1059.006] on infected machines to enable the execution of Certipy. Accessed files were archived in .zip files prior to exfiltration [T1560]. The actors attempted to exfiltrate archived data via a previously dropped OpenSSH binary [T1048].
Incident response investigations revealed that the actors would take steps to locate and exfiltrate lists of Office 365 users and set up sustained email collection. The actors used manipulation of mailbox permissions [T1098.002] to establish sustained email collection at compromised logistics entities, as detailed in a Polish Cybercommand blog. [6]
After initial authentication, unit 26165 actors would change accounts’ folder permissions and enroll compromised accounts in MFA mechanisms to increase the trust-level of compromised accounts and enable sustained access [T1556.006]. The actors leveraged python scripts to retrieve plaintext passwords via Group Policy Preferences [T1552.006] using Get-GPPPassword.py and a modified ldap-dump.py to enumerate the Windows environment [T1087.002] and conduct a brute force password spray [T1110.003] via Lightweight Directory Access Protocol (LDAP). The actors would additionally delete event logs through the wevtutil utility [T1070.001].
After gaining initial access to the network, the actors pursued further access to accounts with access to sensitive information on shipments, such as train schedules and shipping manifests. These accounts contained information on aid shipments to Ukraine, including:
sender,
recipient,
train/plane/ship numbers,
point of departure,
destination,
container registration numbers,
travel route, and
cargo contents.
In at least one instance, the actors attempted to use voice phishing [T1566.004] to gain access to privileged accounts by impersonating IT staff.
Malware
Unit 26165’s use of malware in this campaign ranged from gaining initial access to establishing persistence and exfiltrating data. In some cases, the attack chain resulted in multiple pieces of malware being deployed in succession. The actors used dynamic link library (DLL) search order hijacking [T1574.001] to facilitate malware execution. There were a number of known malware variants tied to this campaign against logistics sector victims, including:
HEADLACE [7]
MASEPIE [8]
While other malware variants, such as OCEANMAP and STEELHOOK, [8] were not directly observed targeting logistics or IT entities, their deployment against victims in other sectors in Ukraine and other Western countries suggest that they could be deployed against logistics and IT entities should the need arise.
Persistence
In addition to the abovementioned mailbox permissions abuse, unit 26165 actors also used scheduled tasks [T1053.005], run keys [T1547.001], and placed malicious shortcuts [T1547.009] in the startup folder to establish persistence.
Exfiltration
GRU unit 26165 actors used a variety of methods for data exfiltration that varied based on the victim environment, including both malware and living off the land binaries. PowerShell commands [T1059.001] were often used to prepare data for exfiltration; for example, the actors prepared zip archives [T1560.001] for upload to their own infrastructure.
The actors also used server data exchange protocols and Application Programming Interfaces (APIs) such as Exchange Web Services (EWS) and Internet Message Access Protocol (IMAP) [T1114.002] to exfiltrate data from email servers. In multiple instances, the actors used periodic EWS queries [T1119] to collect new emails sent and received since the last data exfiltration [T1029]. The actors typically used infrastructure in close geographic proximity to the victim. Long gaps between exfiltration, the use of trusted and legitimate protocols, and the use of local infrastructure allowed for long-term collection of sensitive data to go undetected.
Connections to Targeting of IP Cameras
In addition to targeting logistics entities, unit 26165 actors likely used access to private cameras at key locations, such as near border crossings, military installations, and rail stations, to track the movement of materials into Ukraine. The actors also used legitimate municipal services, such as traffic cams.
The actors targeted Real Time Streaming Protocol (RTSP) servers hosting IP cameras primarily located in Ukraine as early as March 2022 in a large-scale campaign, which included attempts to enumerate devices [T1592] and gain access to the cameras’ feeds [T1125]. Actor-controlled servers sent RTSP DESCRIBE requests destined for RTSP servers, primarily hosting IP cameras [T1090.002]. The DESCRIBE requests were crafted to obtain access to IP cameras located on logically distinct networks from that of the routers that received the request. The requests included Base64-encoded credentials for the RTSP server, which included publicly documented default credentials and likely generic attempts to brute force access to the devices [T1110]. An example of an RTSP request is shown in Figure 3.
Successful RTSP 200 OK responses contained a snapshot of the IP camera’s image and IP camera metadata such as video codec, resolution, and other properties depending on the IP camera’s configuration.
From a sample available to the authoring agencies of over 10,000 cameras targeted via this effort, the geographic distribution of victims showed a strong focus on cameras in Ukraine and border countries, as shown in Table 1:
Table 1: Geographic distribution of targeted IP cameras
Country
Percentage of Total Attempts
Ukraine
81.0%
Romania
9.9%
Poland
4.0%
Hungary
2.8%
Slovakia
1.7%
Others
0.6%
Mitigation Actions
General Security Mitigations
Architecture and Configuration
Employ appropriate network segmentation [D3-NI] and restrictions to limit access and utilize additional attributes (such as device information, environment, and access path) when making access decisions [D3-AMED].
Consider Zero Trust principles when designing systems. Base product choices on how those products can solve specific risks identified as part of the end-to-end design. [9]
Ensure that host firewalls and network security appliances (e.g., firewalls) are configured to only allow legitimately needed data flows between devices and servers to prevent lateral movement [D3-ITF]. Alert on attempts to connect laterally between host devices or other unusual data flows.
Use automated tools to audit access logs for security concerns and identify anomalous access requests [D3-RAPA].
For organizations using on-premises authentication and email services, block and alert on NTLM/SMB requests to external infrastructure [D3-OTF].
Utilize endpoint, detection, and response (EDR) and other cybersecurity solutions on all systems, prioritizing high value systems with large amounts of sensitive data such as mail servers and domain controllers [D3-PM] first.
Perform threat and attack modeling to understand how sensitive systems may be compromised within an organization’s specific architecture and security controls. Use this to develop a monitoring strategy to detect compromise attempts and select appropriate products to enact this strategy.
Collect and monitor Windows logs for certain events, especially for events that indicate that a log was cleared unexpectedly [D3-SFA].
Enable optional security features in Windows to harden endpoints and mitigate initial access techniques [D3-AH]:
Enable attack surface reduction rules to prevent executable content from email [D3-ABPI].
Enable attack surface reduction rules to prevent execution of files from globally writeable directories, such as Downloads or %APPDATA% [D3-EAL].
Unless users are involved in the development of scripts, limit the local execution of scripts (such as batch scripts, VBScript, JScript/JavaScript, and PowerShell [10]) to known scripts [D3-EI], and audit execution attempts.
Disable Windows Host Scripting functionality and configure PowerShell to run in Constrained mode [D3-ACH].
Where feasible, implement allowlisting for applications and scripts to limit execution to only those needed for authorized activities, blocking all others by default [D3-EAL].
Consider using open source SIGMA rules as a baseline for detecting and alerting on suspicious file execution or command parameters [D3-PSA].
Use services that provide enhanced browsing services and safe link checking [D3-URA]. Significant reductions in successful spearphishing attempts were noted when email providers began offering link checking and automatic file detonation to block malicious content.
Where possible, block logins from public VPNs, including exit nodes in the same country as target systems, or, if they need to be allowed, alert on them for further investigation. Most organizations should not need to allow incoming traffic, especially logins to systems, from VPN services [D3-NAM].
Educate users to only use approved corporate systems for relevant government and military business and avoid the use of personal accounts on cloud email providers to conduct official business. Network administrators should also audit both email and web request logs to detect such activity.
Many organizations may not need to allow outgoing traffic to hosting and API mocking services, which are frequently used by GRU unit 26165. Organizations should consider alerting on or blocking the following services, with exceptions allowlisted for legitimate activity [D3-DNSDL].
*.000[.]pe
*.1cooldns[.]com
*.42web[.]io
*.4cloud[.]click
*.accesscan[.]org
*.bumbleshrimp[.]com
*.camdvr[.]org
*.casacam[.]net
*.ddnsfree[.]com
*.ddnsgeek[.]com
*.ddnsguru[.]com
*.dynuddns[.]com
*.dynuddns[.]net
*.free[.]nf
*.freeddns[.]org
*.frge[.]io
*.glize[.]com
*.great-site[.]net
*.infinityfreeapp[.]com
*.kesug[.]com
*.loseyourip[.]com
*.lovestoblog[.]com
*.mockbin[.]io
*.mockbin[.]org
*.mocky[.]io
*.mybiolink[.]io
*.mysynology[.]net
*.mywire[.]org
*.ngrok[.]io
*.ooguy[.]com
*.pipedream[.]net
*.rf[.]gd
*.urlbae[.]com
*.webhook[.]site
*.webhookapp[.]com
*.webredirect[.]org
*.wuaze[.]com
Heuristic detections for web requests to new subdomains, including of the above providers, may uncover malicious phishing activity [D3-DNRA]. Logging the requests for each sub-domain requested by users on a network, such as in DNS or firewall logs, may enable system administrators to identify new targeting and victims.
Identity and Access Management
Organizations should take measures to ensure strong access controls and mitigate against common credential theft techniques:
Use MFA with strong factors, such as passkeys or PKI smartcards, and require regular re-authentication [D3-MFA]. [11], [12] Strong authentication factors are not guessable using dictionary techniques, so they resist brute force attempts.
Implement other mitigations for privileged accounts: including limiting the number of admin accounts, considering using hardware MFA tokens, and regularly reviewing all privileged user accounts [D3-JFAPA].
Separate privileged accounts by role and alert on misuse of privileged accounts [D3-UAP]. For example, email administrator accounts should be different from domain administrator accounts.
Reduce reliance on passwords; instead, consider using services like single sign-on [D3-TBA].
For organizations using on-premises authentication and email services, plan to disable NTLM entirely and migrate to more robust authentication processes such as PKI certificate authentication.
Do not store passwords in Group Policy Preferences (GPP). Remove all passwords previously included in GPP and change all passwords on the corresponding accounts [D3-CH]. [13]
Use account throttling or account lockout [D3-ANET]:
Throttling is preferred to lockout. Throttling progressively increases time delay between successive login attempts.
Account lockout can leave legitimate users unable to access their accounts and requires access to an account recovery process.
Account lockout can provide a malicious actor with an easy way to launch a Denial of Service (DoS).
If using lockout, then allowing 5 to 10 attempts before lockout is recommended.
Use a service to check for compromised passwords before using them [D3-SPP]. For example, “Have I Been Pwned” can be used to check whether a password has been previously compromised without disclosing the potential password.
Change all default credentials [D3-CRO] and disable protocols that use weak authentication (e.g., clear-text passwords or outdated and vulnerable authentication or encryption protocols) or do not support multi-factor authentication [D3-ACH] [D3-ET]. Always configure access controls carefully to ensure that only well-maintained and well-authenticated accounts have access. [13]
IP Camera Mitigations
The following mitigation techniques for IP cameras can be used to defend against this type of malicious activity:
Ensure IP cameras are currently supported. Replace devices that are out of support.
Apply security patches and firmware updates to all IP cameras [D3-SU].
Disable remote access to the IP camera, if unnecessary [D3-ITF].
Ensure cameras are protected by a security appliance, if possible, such as by using a firewall to prevent communication with the camera from IP addresses not on an allowlist [D3-NAM].
If remote access to IP camera feeds is required, ensure authentication is enabled [D3-AA] and use a VPN to connect remotely [D3-ET]. Use MFA for management accounts if supported [D3-MFA].
Disable Universal Plug and Play (UPnP), Peer-to-Peer (P2P), and Anonymous Visit features on IP cameras and routers [D3-NI].
Turn off other ports/services not in use (e.g., FTP, web interface, etc.) [D3-ACH].
If supported, enable authenticated RTSP access only [D3-AA].
Review all authentication activity for remote access to make sure it is valid and expected [D3-UBA]. Investigate any unexpected or unusual activity.
Audit IP camera user accounts to ensure they are an accurate reflection of your organization and that they are being used as expected [D3-UAP].
Configure, tune, and monitor logging—if available—on the IP camera.
Indicators of Compromise (IOCs)
Note: Specific IoCs may no longer be actor controlled, may themselves be compromised infrastructure or email accounts, or may be shared infrastructure such as public VPN or Tor exit nodes. Care should be taken when basing triaging logs or developing detection rules on these indicators. GRU unit 26165 almost certainly uses extensive further infrastructure and TTPs not specifically listed in this report.
Utilities and scripts
Legitimate utilities
Unauthorized or unusual use of the following legitimate utilities can be an indication of a potential compromise:
ntdsutil – A legitimate Windows executable used by threat actors to export contents of Active Directory
wevtutil – A legitimate Windows executable used by threat actors to delete event logs
vssadmin – A legitimate Windows executable possibly used by threat actors to make a copy of the server’s C: drive
ADexplorer – A legitimate window executable to view, edit, and backup Active Directory Certificate Services
OpenSSH – The Windows version of a legitimate open source SSH client
schtasks – A legitimate Windows executable used to create persistence using scheduled tasks
whoami – A legitimate Windows executable used to retrieve the name of the current user
tasklist – A legitimate Windows executable used to retrieve the list of running processes
hostname – A legitimate Windows executable used to retrieve the device name
arp – A legitimate Windows executable used to retrieve the ARP table for mapping the network environment
systeminfo – A legitimate Windows executable used to retrieve a comprehensive summary of device and operating system information
net – A legitimate Windows executable used to retrieve detailed user information
wmic – A legitimate Windows executable used to interact with Windows Management Instrumentation (WMI), such as to retrieve letters assigned to logical partitions on storage drives
cacls – A legitimate Windows executable used to modify permissions on files
icacls – A legitimate Windows executable used to modify permissions to files and handle integrity levels and ownership
ssh – A legitimate Windows executable used to establish network shell connections
reg – A legitimate Windows executable used to add to or modify the system registry
Note: Additional heuristics are needed for effective hunting for these and other living off the land (LOTL) binaries to avoid being overwhelmed by false positives if these legitimate management tools are used regularly. See the joint guide, Identifying and Mitigating Living Off the Land Techniques, for guidance on developing a multifaceted cybersecurity strategy that enables behavior analytics, anomaly detection, and proactive hunting, which are part of a comprehensive approach to mitigating cyber threats that employ LOTL techniques.
Malicious scripts
Certipy – An open source python tool for enumerating and abusing Active Directory Certificate Services
Get-GPPPassword.py – An open source python script for finding insecure passwords stored in Group Policy Preferences
ldap-dump.py – A script for enumerating user accounts and other information in Active Directory
Hikvision backdoor string: “YWRtaW46MTEK”
Suspicious command lines
While the following utilities are legitimate, and using them with the command lines shown may also be legitimate, these command lines are often used during malicious activities and could be an indication of a compromise:
edge.exe “-headless-new -disable-gpu”
ntdsutil.exe “activate instance ntds” ifm “create full C:temp[a-z]{3}” quit quit
Disclaimer: These IP addresses date June 2024 through August 2024. The authoring agencies recommend organizations investigate or vet these IP addresses prior to taking action, such as blocking.
June 2024
July 2024
August 2024
192[.]162[.]174[.]94
207[.]244[.]71[.]84
31[.]135[.]199[.]145
79[.]184[.]25[.]198
91[.]149[.]253[.]204
103[.]97[.]203[.]29
162[.]210[.]194[.]2
31[.]42[.]4[.]138
79[.]185[.]5[.]142
91[.]149[.]254[.]75
209[.]14[.]71[.]127
46[.]112[.]70[.]252
83[.]10[.]46[.]174
91[.]149[.]255[.]122
109[.]95[.]151[.]207
46[.]248[.]185[.]236
83[.]168[.]66[.]145
91[.]149[.]255[.]19
64[.]176[.]67[.]117
83[.]168[.]78[.]27
91[.]149[.]255[.]195
64[.]176[.]69[.]196
83[.]168[.]78[.]31
91[.]221[.]88[.]76
64[.]176[.]70[.]18
83[.]168[.]78[.]55
93[.]105[.]185[.]139
64[.]176[.]70[.]238
83[.]23[.]130[.]49
95[.]215[.]76[.]209
64[.]176[.]71[.]201
83[.]29[.]138[.]115
138[.]199[.]59[.]43
70[.]34[.]242[.]220
89[.]64[.]70[.]69
147[.]135[.]209[.]245
70[.]34[.]243[.]226
90[.]156[.]4[.]204
178[.]235[.]191[.]182
70[.]34[.]244[.]100
91[.]149[.]202[.]215
178[.]37[.]97[.]243
70[.]34[.]245[.]215
91[.]149[.]203[.]73
185[.]234[.]235[.]69
70[.]34[.]252[.]168
91[.]149[.]219[.]158
192[.]162[.]174[.]67
70[.]34[.]252[.]186
91[.]149[.]219[.]23
194[.]187[.]180[.]20
70[.]34[.]252[.]222
91[.]149[.]223[.]130
212[.]127[.]78[.]170
70[.]34[.]253[.]13
91[.]149[.]253[.]118
213[.]134[.]184[.]167
70[.]34[.]253[.]247
91[.]149[.]253[.]198
70[.]34[.]254[.]245
91[.]149[.]253[.]20
Detections
Customized NTLM listener
rule APT28_NTLM_LISTENER {
meta:
description = "Detects NTLM listeners including APT28's custom one"
( any of ($sysinternals_*) and any of ($psexec_*) )
or
( 2 of ($network_*) and 2 of ($psexec_*))
)
}
The cybersecurity industry provides overlapping cyber threat intelligence, IOCs, and mitigation recommendations related to GRU unit 26165 cyber actors. While not all encompassing, the following are the most notable threat group names related under MITRE ATT&CK G0007 and commonly used within the cybersecurity community:
APT28 [14]
Fancy Bear [14]
Forest Blizzard [14]
Blue Delta [15]
Note: Cybersecurity companies have different methods of tracking and attributing cyber actors, and this may not be a 1:1 correlation to the U.S. government’s understanding for all activity related to these groupings.
Further Reference
To search for the presence of malicious email messages targeting CVE-2023-23397, network defenders may consider using the script published by Microsoft: https://aka.ms/CVE-2023-23397ScriptDoc.
For the Impacket TTP, network defenders may consider using the following publicly available Impacket YARA detection rule: https://github.com/Neo23x0/signature-base/blob/master/yara/gen_impacket_tools.yar
Works Cited
[1] Microsoft. Defending Ukraine: Early Lessons from the Cyber War. 2022. https://blogs.microsoft.com/on-the-issues/2022/06/22/defending-ukraine-early-lessons-from-the-cyber-war/ [2] FBI et al. Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations. 2024. https://media.defense.gov/2024/Feb/27/2003400753/-1/-1/0/CSA-Russian-Actors-Use-Routers-Facilitate-Cyber_Operations.PDF [3] NSA et al. Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments. 2021. https://media.defense.gov/2021/Jul/01/2002753896/-1/-1/0/CSA_GRU_GLOBAL_BRUTE_FORCE_CAMPAIGN_UOO158036-21.PDF [4] ANSSI. Campagnes d'attaques du mode opératoire APT28 depuis 2021. 2023. https://cert.ssi.gouv.fr/cti/CERTFR-2023-CTI-009/ [5] ANSSI. Targeting and compromise of french entities using the APT28 intrusion set. 2025. https://cert.ssi.gouv.fr/cti/CERTFR-2025-CTI-007/ [6] Polish Cyber Command. Detecting Malicious Activity Against Microsoft Exchange Servers. 2023. https://www.wojsko-polskie.pl/woc/articles/aktualnosci-w/detecting-malicious-activity-against-microsoft-exchange-servers/ [7] IBM. Israel-Hamas Conflict Lures to Deliver Headlace Malware. 2023. https://securityintelligence.com/x-force/itg05-ops-leverage-israel-hamas-conflict-lures-to-deliver-headlace-malware/ [8] CERT-UA. APT28: From Initial Attack to Creating Domain Controller Threats in an Hour. 2023. https://cert.gov.ua/article/6276894 [9] NSA. Embracing a Zero Trust Security Model. 2021. https://media.defense.gov/2021/Feb/25/2002588479/-1/-1/0/CSI_EMBRACING_ZT_SECURITY_MODEL_UOO115131-21.PDF [10] NSA et al. Keeping PowerShell: Security Measures to Use and Embrace. 2022. https://media.defense.gov/2022/Jun/22/2003021689/-1/-1/0/CSI_KEEPING_POWERSHELL_SECURITY_MEASURES_TO_USE_AND_EMBRACE_20220622.PDF [11] National Institute of Standards and Technology (NIST). Special Publication 800-63B: Digital Identity Guidelines – Authentication and Lifecycle Management. 2020. https://pages.nist.gov/800-63-3/sp800-63b.html [12] NSA. Selecting Secure Multi-factor Authentication Solutions. October 16, 2020. https://media.defense.gov/2024/Jul/31/2003515137/-1/-1/0/MULTIFACTOR_AUTHENTICATION_SOLUTIONS_UOO17091520.PDF [13] NSA and CSA. NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations. 2023. https://media.defense.gov/2023/Oct/05/2003314578/-1/-1/0/JOINT_CSA_TOP_TEN_MISCONFIGURATIONS_TLP-CLEAR.PDF
[14] Department of Justice. Justice Department Conducts Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate of the General Staff (GRU). 2024. https://www.justice.gov/archives/opa/pr/justice-department-conducts-court-authorized-disruption-botnet-controlled-russian [15] Recorded Future. GRU’s BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns. 2024. https://go.recordedfuture.com/hubfs/reports/CTA-RU-2024-0530.pdf
Disclaimer of endorsement
The information and opinions contained in this document are provided "as is" and without any warranties or guarantees. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favoring by the United States Government, and this guidance shall not be used for advertising or product endorsement purposes.
Purpose
This document was developed in furtherance of the authoring agencies’ cybersecurity missions, including their responsibilities to identify and disseminate threats and to develop and issue cybersecurity specifications and mitigations. This information may be shared broadly to reach all appropriate stakeholders.
Contact
United States organizations
National Security Agency (NSA)
Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI)
U.S. organizations are encouraged to reporting suspicious or criminal activity related to information in this advisory to CISA via the agency’s Incident Reporting System, its 24/7 Operations Center (report@cisa.gov or 888-282-0870), or your local FBI field office. When available, please include the following information regarding the incident: date, time, and location of the incident; type of activity; number of people affected; type of equipment user for the activity; the name of the submitting company or organization; and a designated point of contact.
Department of Defense Cyber Crime Center (DC3)
United Kingdom organizations
Germany organizations
Czech Republic organizations
Poland organizations
Australian organizations
Visit cyber.gov.au or call 1300 292 371 (1300 CYBER 1) to report cybersecurity incidents and access alerts and advisories.
Canadian organizations
Estonia organizations
French organizations
French organizations are encouraged to report suspicious activity or incident related to information found in this advisory by contacting ANSSI/CERT-FR by email at cert-fr@ssi.gouv.fr or by phone at: 3218 or +33 9 70 83 32 18.
See Table 2 through Table 14 for all the threat actor tactics and techniques referenced in this advisory.
Table 2: Reconnaissance
Tactic/Technique Title
ID
Use
Reconnaissance
TA0043
Conducted reconnaissance on at least one entity involved in the production of ICS components for railway management.
Conducted contact information reconnaissance to identify additional targets in key positions.
Gather Victim Org Information
T1591
Conducted reconnaissance of the cybersecurity department.
Gather Victim Org Information: Identify Roles
T1591.004
Conducted reconnaissance of individuals responsible for coordinating transport.
Gather Victim Org Information: Business Relationships
T1591.002
Conducted reconnaissance of other companies cooperating with the victim entity.
Gather Victim Host Information
T1592
Attempted to enumerate Real Time Streaming Protocol (RTSP) servers hosting IP cameras.
Table 3: Resource development
Tactic/Technique Title
ID
Use
Compromise Accounts: Email Accounts
T1586.002
Sent phishing emails using compromised accounts.
Compromise Accounts: Cloud Accounts
T1586.003
Sent phishing emails using compromised accounts.
Table 4: Initial Access
Tactic/Technique Title
ID
Use
Trusted Relationship
T1199
Conducted follow-on targeting of additional entities in the transportation sector that had business ties to the primary target, exploiting trust relationships to attempt to gain additional access.
Phishing
T1566
Used spearphishing for credentials and delivering malware to gain initial access to targeted entities.
Phishing: Spearphishing Attachment
T1566.001
Sent emails with malicious attachments.
Phishing: Spearphishing Link
T1566.002
Used spearphishing with included links to fake login pages. Sent emails with embedded hyperlinks that downloaded a malicious archive.
Phishing: Spearphishing Voice
T1566.004
Attempted to use voice phishing to gain access to privileged accounts by impersonating IT staff.
External Remote Services
T1133
Exploited Internet-facing infrastructure, including corporate VPNs, to gain initial access to targeted entities.
Exploit Public-Facing Application
T1190
Exploited public vulnerabilities and SQL injection to gain initial access to targeted entities.
Content Injection
T1659
Leveraged a WinRAR vulnerability allowing for the execution of arbitrary code embedded in an archive.
Table 5: Execution
Tactic/Technique Title
ID
Use
User Execution: Malicious Link
T1204.001
Used malicious links to hosted shortcuts in spearphishing.
User Execution: Malicious File
T1204.002
Delivered malware executables via spearphishing.
Scheduled Task/Job: Scheduled Task
T1053.005
Used scheduled tasks to establish persistence.
Command and Scripting Interpreter
T1059
Delivered scripts in spearphishing. Executed arbitrary shell commands.
Command and Scripting Interpreter: PowerShell
T1059.001
PowerShell commands were often used to prepare data for exfiltration.
Command and Scripting Interpreter: Windows Command Shell
T1059.003
Used BAT script in spearphishing.
Command and Scripting Interpreter: Visual Basic
T1059.005
Used VBScript in spearphishing.
Command and Scripting Interpreter: Python
T1059.006
Installed python on infected machines to enable the execution of Certipy.
Enrolled compromised accounts in MFA mechanisms to increase the trust-level of compromised accounts and enable sustained access.
Hijack Execution Flow: DLL Search Order Hijacking
T1574.001
Used DLL search order hijacking to facilitate malware execution.
Boot or Logon Autostart Execution: Registry Run Keys / Startup Folder
T1547.001
Used run keys to establish persistence.
Boot or Logon Autostart Execution: Shortcut Modification
T1547.009
Placed malicious shortcuts in the startup folder to establish persistence.
Table 7: Defense Evasion
Tactic/Technique Title
ID
Use
Indicator Removal: Clear Windows Event Logs
T1070.001
Deleted event logs through the wevtutil utility.
Table 8: Credential access
Tactic/Technique Title
ID
Use
Brute Force
Sent requests with Base64-encoded credentials for the RTSP server, which included publicly documented default credentials, and likely were generic attempts to brute force access to the devices.
Brute Force: Password Guessing
T1110.001
Used credential guessing to gain initial access to targeted entities.
Brute Force: Password Spraying
T1110.003
Used brute force to gain initial access to targeted entities. Conducted a brute force password spray via LDAP.
Multi-Factor Authentication Interception
Used multi-stage redirectors to provide MFA relaying capabilities in some campaigns.
Input Capture
Used multi-stage redirectors to provide CAPTCHA relaying capabilities in some campaigns.
Forced Authentication
Used an Outlook NTLM vulnerability to collect NTLM hashes and credentials via specially crafted Outlook calendar appointment invitations.
OS Credential Dumping: NTDS
T1003.003
Attempted to dump Active Directory NTDS.dit domain databases.
Unsecured Credentials: Group Policy Preferences
T1552.006
Retrieved plaintext passwords via Group Policy Preferences using Get-GPPPassword.py.
Table 9: Discovery
Tactic/Technique Title
ID
Use
Account Discovery: Domain Account
T1087.002
Used a modified ldap-dump.py to enumerate the Windows environment.
Table 10: Command and Control
Tactic/Technique Title
ID
Use
Hide Infrastructure
T1665
Abused SOHO devices to facilitate covert cyber operations, as well as proxy malicious activity, via devices with geolocation in proximity to the target.
Proxy: External Proxy
T1090.002
Actor-controlled servers sent RTSP DESCRIBE requests destined for RTSP servers.
Proxy: Multi-hop Proxy
T1090.003
Used Tor and commercial VPNs as part of their anonymization infrastructure
Encrypted Channel
T1573
Connected to victim infrastructure using encrypted TLS.
Multi-Stage Channels
T1104
Used multi-stage redirectors for campaigns.
Table 11: Defense evasion (mobile framework)
Tactic/Technique Title
ID
Use
Execution Guardrails
Used multi-stage redirectors to verify browser fingerprints in some campaigns.
Execution Guardrails: Geofencing
T1627.001
Used multi-stage redirectors to verify IP-geolocation in some campaigns.
Table 12: Lateral movement
Tactic/Technique Title
ID
Use
Lateral Movement
Used native commands and open source tools, such as Impacket and PsExec, to move laterally within the environment.
Remote Services: Remote Desktop Protocol
T1021.001
Moved laterally within the network using RDP.
Table 13: Collection
Tactic/Technique Title
ID
Use
Email Collection
Retrieved sensitive data from email servers.
Email Collection: Remote Email Collection
T1114.002
Used server data exchange protocols and APIs such as Exchange Web Services (EWS) and IMAP to exfiltrate data from email servers.
Automated Collection
Used periodic EWS queries to collect new emails.
Video Capture
Attempted to gain access to the cameras’ feeds.
Archive Collected Data
Accessed files were archived in .zip files prior to exfiltration.
Archive Collected Data: Archive via Utility
T1560.001
Prepared zip archives for upload to the actors’ infrastructure.
Table 14: Exfiltration
Tactic/Technique Title
ID
Use
Exfiltration Over Alternative Protocol
Attempted to exfiltrate archived data via a previously dropped OpenSSH binary.
Scheduled Transfer
Used periodic EWS queries to collect new emails sent and received since the last data exfiltration.
Appendix B: CVEs exploited
Table 15: Exploited CVE information
CVE
Vendor/Product
Details
CVE-2023-38831
RARLAB WinRAR
Allows execution of arbitrary code when a user attempts to view a benign file within a ZIP archive.
CVE-2023-23397
Microsoft Outlook
External actors could send specially crafted emails that cause a connection from the victim to an untrusted location of the actor’s control, leaking the Net-NTLMv2 hash of the victim that the actor could then relay to another service to authenticate as the victim.
CVE-2021-44026
Roundcube Webmail
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search params.
CVE-2020-35730
Roundcube Webmail
An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16 and 1.4.x before 1.4.10, where a plaintext email message with JavaScript in a link reference element is mishandled by linkref_addindex in rcube_string_replacer.php.
CVE-2020-12641
Roundcube Webmail
Roundcube Webmail before 1.4.4 allows arbitrary code execution via shell metacharacters in a configuration setting for im_convert_path or im_identify_path in rcube_image.php.
Appendix C: MITRE D3FEND Countermeasures
Table 16: MITRE D3FEND countermeasures
Countermeasure Title
ID
Details
Network Isolation
Employ appropriate network segmentation. Disable Universal Plug and Play (UPnP), Peer-to-Peer (P2P), and Anonymous Visit features on IP cameras and routers.
Access Mediation
Limit access and utilize additional attributes (such as device information, environment, and access path) when making access decisions. Configure access controls carefully to ensure that only well-maintained and well-authenticated accounts have access.
Inbound Traffic Filtering
Implement host firewall rules to block connections from other devices on the network, other than from authorized management devices and servers, to prevent lateral movement.
Resource Access Pattern Analysis
Use automated tools to audit access logs for security concerns and identify anomalous access requests.
Outbound Traffic Filtering
Block NTLM/SMB requests to external infrastructure.
Platform Monitoring
Install EDR/logging/cybersecurity solutions onto high value systems with large amounts of sensitive data such as mail servers and domain controllers.
System File Analysis
Collect and monitor Windows logs for certain events, especially for events that indicate that a log was cleared unexpectedly.
Application Hardening
Enable optional security features in Windows to harden endpoints and mitigate initial access techniques.
Application-based Process Isolation
Enable attack surface reduction rules to prevent executable content from email.
Executable Allowlisting
Enable attack surface reduction rules to prevent execution of files from globally writeable directories, such as Downloads or %APPDATA%.
Execution Isolation
Unless users are involved in the development of scripts, limit the execution of scripts (such as batch, JavaScript, and PowerShell) to known scripts.
Application Configuration Hardening
Disable Windows Host Scripting functionality and configure PowerShell to run in Constrained mode. Disable protocols that use weak authentication (e.g., clear-text passwords, or outdated and vulnerable authentication or encryption protocols) or do not support multi-factor authentication. Turn off other ports/services not in use (e.g., FTP, web interface, etc.).
Process Spawn Analysis
Use open source SIGMA rules as a baseline for detecting and alerting on suspicious file execution or command parameters.
URL Reputation Analysis
Use services that provide enhanced browsing services and safe link checking.
Network Access Mediation
Do not allow incoming traffic, especially logins to systems, from public VPN services. Where possible, logins from public VPNs, including exit nodes in the same country as target systems, should be blocked or, if allowed, alerted on for further investigation. Ensure cameras and other Internet of Things devices are protected by a security appliance, if possible.
DNS Denylisting
D3-DNSDL
Do not allow outgoing traffic to hosting and API mocking services frequently used by malicious actors.
Domain Name Reputation Analysis
Heuristic detections for web requests to new subdomains may uncover malicious phishing activity. Logging the requests for each sub-domain requested by users on a network, such as in DNS or firewall logs, may enable system administrators to identify new targeting and victims.
Multi-factor Authentication
Use MFA with strong factors and require regular re-authentication, especially for management accounts.
Job Function Access Pattern Analysis
D3-JFAPA
Implement other mitigations for privileged accounts: including limiting the number of admin accounts, considering using hardware MFA tokens, and regularly reviewing all privileged user accounts.
User Account Permissions
Separate privileged accounts by role and alert on misuse of privileged accounts. Audit user accounts on all devices to ensure they are an accurate reflection of your organization and that they are being used as expected.
Token-based Authentication
Reduce reliance on passwords; instead, consider using services like single sign-on.
Credential Hardening
Do not store passwords in Group Policy Preferences (GPP). Remove all passwords previously included in GPP and change all passwords on the corresponding accounts.
Authentication Event Threshholding
Use account throttling or account lockout. Throttling progressively increases time delay between successive login attempts. If using account lockout, allow between 5 to 10 attempts before lockout.
Strong Password Policy
Use a service to check for compromised passwords before using them.
Credential Rotation
Change all default credentials.
Encrypted Tunnels
Disable protocols that use weak authentication (e.g., clear-text passwords, or outdated and vulnerable authentication or encryption protocols). Use a VPN for remote connections to devices.
Software Update
Apply security patches and firmware updates to all devices. Ensure devices are currently supported. Replace devices that are end-of-life.
Agent Authentication
Ensure authentication is enabled for remote access to devices. If supported on IP cameras, enable authenticated RTSP access only.
User Behavior Analysis
Review all authentication activity for remote access to make sure it is valid and expected. Investigate any unexpected or unusual activity.
Local governments, First Nations and not-for-profit organizations throughout British Columbia are receiving funding to promote economic diversification, clean-economy opportunities and infrastructure development.
“We’re partnering with rural community leaders to invest in the future of their local economies,” said Diana Gibson, Minister of Jobs, Economic Development and Innovation. “By helping fund impactful projects throughout the province, we’re supporting people and helping their communities to flourish.”
The Government of B.C is investing as much as $43 million from the third intake of the Rural Economic Diversification and Infrastructure Program (REDIP) toward more than 130 projects that will strengthen local economies, create an estimated 2,200 jobs and make a positive impact for people and communities across rural areas of the province.
One example is the Sea to Sky Outdoor Adventure Recreation Enterprise’s (SOARE) Basecamp Innovation Centre expansion project, which will further develop the outdoor recreation sector within the Sea-to-Sky region. Funding will support a facility upgrade, specialized manufacturing equipment and a repair hub, a six-month business accelerator program and high-impact events for industry networking and cross-sector collaboration. These expanded services will empower local businesses, support sustainable growth and establish the Sea-to-Sky region as a leader in outdoor recreation innovation and economic diversification.
“SOARE is incredibly grateful to have been a successful recipient of REDIP. This funding has been pivotal to our non-profit’s growth, to our physical innovation centre and the programming we are able to offer. SOARE is able to provide assistance to our outdoor business members, creating highly impactful workshops and keeping our physical space equipped with machinery and tools,” said Anirban (JoJo) Das, executive director of SOARE.
In northern B.C., the Indigenous Economic Resilience in the Rural/Remote North project supports clean job growth, economic resilience and community wellness. This is through the continued development of an Indigenous-led, culturally safe skills-training and employment centre in northern B.C. This project will support vital employment and training infrastructure to boost jobs and circular economic growth that is much needed in rural, remote regions with high Indigenous populations.
“The Indigenous Food Sovereignty Association (IFSA) is excited to receive this support from the REDIP program. It will build economic resilience, revitalize food systems, and support job skills development in rural, northern Indigenous communities,” said Jacob Beaton, executive director of the IFSA.
Another project aims to increase understanding of rural, remote coastal and Indigenous community economies. The Communities Talking project will ensure communities are discussing economic solutions internally and with each other. The goal is to work with select communities to collect their unique economic information and weave Indigenous conversations with western data-collection approaches.
“Successfully addressing the economic challenges of B.C.’s coastal rural, remote and Indigenous communities requires current, evidence-based data. Thanks to REDIP 2024-25 funding, we can integrate Indigenous relational approaches with western economic data to support co-ordinated local decision-making, job creation and investment attraction,” said Francine Carlin, chair of the Rural Islands Economic Partnership.
In its first three years, REDIP will see as much as $142 million invested in more than 450 projects across B.C. that will create an estimated 7,000 jobs in rural areas. The ministry anticipates that additional funding opportunities for rural economic-development projects will be available this year.
Quotes:
Steve Morissette, parliamentary secretary for rural development –
“Investing in local priorities is making communities stronger, more resilient and better prepared for the future. REDIP is ensuring people in every corner of the province have the tools needed for success.”
Stephanie Higginson, MLA for Ladysmith-Oceanside –
“Through REDIP, we’re empowering rural communities throughout B.C. to thrive and grow. Together, we’re building a sustainable future in every corner of our province.”
Quick Facts:
The Rural Economic Diversification and Infrastructure Program completed three application intake periods from fiscal year 2022-23 to fiscal year 2024-25.
A total of approximately $142 million has been allocated to 453 projects in rural communities throughout the province.
The Forest Impact Transition stream has provided approximately $32.6 million in targeted funding to support economic recovery and diversification in affected forestry-dependent communities.
The next intake of REDIP is expected to open in July 2025.
Learn More:
To learn more about the Rural Economic Diversification and Infrastructure Program and see the lists of approved projects, visit: https://gov.bc.ca/redip
As climate change continues to impact the way we interact with our planet, it’s critical to consider ways we can encourage youth to participate in climate action initiatives.
Young people across Canada are feeling frightened about the future of the planet. A Canadian study published in 2023 surveyed 1,000 young participants on their feelings about climate change. Sixty-six per cent of respondents said they felt anxiousness or hopelessness about climate change, while 78 per cent said it impacts their overall mental health.
There are a number of ways to approach this overwhelming emotion, considering it could result not only in poor quality of life for youth but also continued inaction for the planet.
My research in outdoor physical education leads me to consider more positive behaviour for youth in association to climate change that could likely benefit youth and the planet. The challenge is finding opportunities to develop pro-environmental behaviours and environmental stewardship with Canadian youth.
When looking to develop pro-environmental behaviours, one way could be to simply encourage more time outdoors. But research from Germany suggests that just interacting with nature is not enough; rather, young people need to find ways to engage with nature and use the natural landscape to develop an emotional connection with the environment.
According to the German study, certain sports can lead to more environmentally sustainable attitudes and behaviours from participants. Some sports in particular — like cross-country skiing, mountain biking or triathlon — increase those positive behaviours more than others. This isn’t simply because participants are alone within a natural setting; it’s because the focus of the sport is on the natural landscape.
To explain a bit further, soccer, for example, is typically played outside but often on a manicured, sometimes artificial, field that is in many ways devoid of any natural influence.
Alternatively, mountain biking requires participants to ride on trails that take them directly through forested areas or spaces that are selected based on their unique natural landscape. As athletes participate in sports more frequently and spend more time within nature, they then develop a stronger emotional connection to the space they’re in. This leads to pro-environmental behaviours and attitudes, which can then generate environmental stewardship.
Within rock climbing groups and organizations, there is evidence suggesting members frequently participate in beneficial environmental stewardship projects. Outdoor rock-climbing groups typically manage spaces — sometimes privately owned, but frequently under government jurisdiction in provincial or national parks — to ensure safe and responsible climbing practices. Climbers rely on ropes, equipment and bolts to ensure safety as they’re climbing.
But another obvious factor is the rock face they climb. The connection to rock and the climbing routes over those rock faces help foster a sense of environmental stewardship within climbers. Similar to mountain biking, the process starts with an introduction to the sport, but slowly develops into more care and attention paid to the natural spaces where climbers practise their activity.
The research finds that for climbers, the challenge is to maintain natural spaces and keep the rock as pristine as possible. This also extends to conservation efforts to ensure that space maintains its use for climbing as opposed to turning it into a more urban or commercialized area.
The joy that participants received from the sport of climbing initiated this environmental stewardship and maintained progressive action in local environmental initiatives.
Element of physical risk
One thing to note is that climbing and mountain biking do involve an element of physical risk.
Doing some research on these sports can help youth assess risks alongside what can be gained from participating. But it’s also important to acknowledge that encouraging young people to foster deeper connections to nature as opposed to having simple interactions with outdoor spaces doesn’t mean they have to cycle down a mountain or climb a massive rock wall.
Instead of a high-risk sport, educators and outdoor leaders can influence participants with simpler actions. I am aware of outings involving outdoor hikes, or taking time at night to gaze at the stars and listen to the sounds of nature, that have sparked in young people an interest in outdoor spaces — and caring for them.
Such experiences can then lead young people to continue to explore outdoor adventure and sport, that can , significantly, foster an appreciation of natural settings through direct interaction as well as a positive sense of community. This can be a starting point to help alleviate feelings of hopelessness to climate change.
Despite the benefits of participating in outdoor sports, there is a need to acknowledge that participation can have some negative impact on the environment.
This being said, it’s critical to consider what we can gain from supporting youth to participate in outdoor sport and education when such activities are planned with attentiveness and care.
Brett Tomlinson does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.
Source: The Conversation – Canada – By Genevieve LeBaron, Distinguished SFU Professor of Global Supply Chain Governance, Simon Fraser University
Gender-based violence and harassment is a widespread issue in supply chains. Women workers in garment manufacturing, food production and hospitality are routinely subjected to unwanted touching and sexual advances and inappropriate comments, while promotion and advancement are often conditional on sex. In the most severe cases, this abuse escalates to sexual assault and rape.
A 2024 report from Statistics Canada, for instance, has found that 47 per cent of women have experienced some form of harassment or sexual assault in the workplace.
Rates of gender-based violence and harassment are thought to be even higher in some countries and industries. In Bangladesh, a 2018 study found at least 60 per cent of garment workers had experienced it in the previous year. Another found 85 per cent of garment workers in Indonesia were concerned about sexual harassment at work.
In the face of such a persistent global issue, women working in garment supply chains have pioneered a highly effective solution for tackling gender-based violence and harassment.
Worker-led binding agreements
Supported by labour unions and organizations like the Asia Floor Wage Alliance, Worker Rights Consortium and Global Labor justice, women workers have led the development of legally binding agreements with brands and suppliers to eliminate gender-based violence and harassment.
The latest of these is called the Central Java Agreement for Gender Justice. Signed in July 2024, it covers 6,250 workers producing clothing for brands like Nike and Fanatics, Inc. under licenses with universities affiliated with the Worker Rights Consortium.
This agreement creates a union-led program to address the problem at two Indonesian factories; if factory management does not comply, it risks losing business with Nike and Fanatics.
Building on success from India to Indonesia
The 2024 Central Java Agreement builds on and incorporates key features of previous worker-led agreements to address the issue.
The Dindigul agreement was led by an independent, majority-Dalit trade union run by women. It established a set of legally binding agreements with major garment companies including H&M Group, Gap Inc., PVH and Eastman Exports Global Clothing Ltd.
The Lesotho agreements involved brands such as Levi Strauss & Co., Nien Hsing Textile Co., unions, women’s rights advocates and labour organizations.
While each agreement is unique, they all adhere to the principles of worker-driven social responsibility.
Under this governance model, “worker organizations and unions, suppliers, and brand companies enter into enforceable and legally binding agreements” and “transnational corporations use their leverage and supply chain relationships to effect change amongst supplier worksites.”
A new model of accountability
These agreements include worker-led detection and remediation systems to address gender-based violence and harassment. For example, under the Lesotho agreement, workers can access a 24-hour hotline operated by a local women’s organization to lodge complaints or bring them directly to the unions involved in the agreement.
The Dindigul agreement also provides multiple channels for workers to raise complaints of gender-based violence and harassment, including shop floor monitors selected by the local union (one for every 25 workers). It also offers multiple avenues for raising complaints, including to the union or to sexual harassment committees required under Indian law.
Under the Central Java Agreement, workers can bring complaints to committees aimed at eliminating the problem, to shop floor monitors or their unions. Not only do each of the agreements permit workers to request independent investigations, they all provide a wide array of remedies in the case of any incidents and violations of freedom of association.
What sets these agreements apart from most other initiatives to combat gender-based violence and harassment in supply chains is that they actually work. One study of the two-year impact of the Dindigul Agreement by Cornell University’s Global Labor Institute found that 76 per cent of grievances were resolved in two weeks.
The report said the program “constituted a powerful monitoring mechanism, ensuring effective remediation and deterring violations” of both gender-based violence and harassment and freedom of association — briefly put, the right to voluntarily join or leave groups (like unions), and for those groups to pursue collective action.
Now, a key question is whether and to what extent these successful programs will continue to thrive and grow under the current “America First” agenda of the U.S. government.
Progress under threat
Despite their success, these worker-led initiatives face mounting challenges.
At the same time, company rollbacks of diversity, equity and inclusion programs are constraining, if not eliminating, the political space in which labour groups negotiate such agreements.
Tariffs and upheaval in global trade — especially efforts to redraw supply chains to evade costly tariffs — gives brands cover to withdraw commitments to worker-led initiatives and change sourcing patterns to circumvent them.
Within the United States, cuts and funding freezes — including to sexual assault prevention groups — are a worrying sign that support for preventing gender-based violence and harassment and helping its survivors are being undercut and failing.
If labour stakeholders lose the resources to support such initiatives, the impacts on women and workplaces within supply chains across the world will be devastating. These programs show that when workers lead, real change is possible, but they need continued investment and political support to survive.
Genevieve LeBaron receives funding from the Social Sciences and Humanities Research Council of Canada, Humanity United Foundation, and Ford Foundation.
Judy Fudge does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.
Home ownership is often seen as a symbol of success and is linked to various life opportunities, like starting a family or growing your wealth. It’s also often seen as the ultimate housing goal, while renting is seen as transitional. Eventually, everyone is expected to climb up the housing ladder from renting to owning.
However, deteriorating affordability in recent years has placed home ownership out of reach for many and called into question the ideal of home ownership.
In a recent study, colleagues and I examined access to home ownership for different groups using census data from 1986 to 2021 in five metropolitan areas: Montréal, Toronto, Calgary, Edmonton and Vancouver.
Our findings suggest that, for many, owning a home has become a distant dream.
Stagnant homeownership growth
Based on statistical models that accounted for individual and household characteristics, we found that the probability of an average Canadian household owning a home (with or without a mortgage) improved steadily from 1991 to 2011, then dropped in 2016 and 2021, while the likelihood of owning with a mortgage substantially increased. This means growth in home ownership was primarily driven by mortgage debt.
The federal government stopped funding social housing programs, commercialized the Canada Mortgage and Housing Corporation (CMHC) and expanded its mortgage securitization programs.
In other words, mortgage liberation successfully promoted home ownership for some time until 2011.
All five metropolitan areas saw a decline in the number of renter households until 2011 (2016 for Montréal), when the number began increasing. In addition, outright ownership has become less prevalent over time.
These findings defy the expected sustained growth of home ownership that commodification and financialization were supposed to bring.
The percentage of homes owned outright, with a mortgage or being rented in different Canadian cities. (Author provided)
Filtering mechanism and access to credit
Another tenet of the home ownership narrative is that a free market provides equal opportunities for owning a home through two processes: the filtering process and mortgage liberalization.
The filtering model suggests that homes built for higher-income families slowly deteriorate and depreciate, and can become affordable for lower-income people. This process, coupled with the increased access to mortgages, is expected to eventually grant home ownership opportunities to all.
However, this mechanism is less likely to work for home ownership than for rentals. Owner-occupied homes often take a long time, sometimes decades, to depreciate. By the time they become available and affordable, the unit may require major and costly renovations.
In practice, many owner-occupied units often “filter up” rather than downward, through gentrification or acquisition by financial investors.
The increased access to mortgages does not benefit everyone either. Many low-income people or those without stable jobs do not qualify for mortgages, and racialized people are more likely to be denied access to credit due to discrimination.
Growing inequalities
Substantiating these counter-arguments are growing inter-generational and income inequalities in home ownership. All age cohorts saw improved access to home ownership up until 2021. However, the three age groups under 45 — 15-24, 25-34 and 35-44 — saw steady declines in home ownership rates.
These were mostly millennials and Gen Zers who face disproportionate affordability pressure compared to older generations.
Homeowners over 55 are also reckoning with affordability. We found the share of older homeowners holding a mortgage rose between 1986 and 2021 from 24 to 40 per cent for those 55 to 64, and from 10 to 26 per cent for the 65-74 age group.
In other words, more people are having to rely on larger loans and longer amortization periods to buy and maintain their homes, making it harder to pay back their mortgage before retirement.
The disparities in home ownership opportunities among different incomes have also increased. While the top 20th percentile income group witnessed increased probability of owning a home between 2011 and 2016, other income groups experienced stagnant or decreased chances.
Among owner households, Canadians across all incomes saw increased mortgaged ownership from 1996 to 2016. The lowest income group saw the fastest growth in mortgaged home ownership but were still the least likely to own with a mortgage due to low income or discrimination. Rising house prices coupled with loosening mortgage lending regulations may have pushed them into mortgaged ownership.
Higher social status?
A final compelling narrative is that home ownership affords better well-being and financial security due to higher perceived social status and a stronger sense of autonomy and stability.
The financial security associated with home ownership is supported by the idea of “housing asset-based welfare.” This model conceptualizes home ownership as a means for young people to build assets for financial security in times of need and old age.
However, this approach encourages early-life debt, and may only work if mortgage loans remain affordable until they are paid off. Paradoxically, this asset-building mindset drives speculative investment and house prices, making outright home ownership more difficult and mortgaged ownership less affordable.
The well-being associated with home ownership is debatable as well. My colleagues and I have shown elsewhere that perceived benefits to a person’s well-being are not intrinsic to home ownership. Rather, they are created and normalized by a system that makes home ownership more secure and appealing than alternatives like renting.
In reality, the financial security associated with home ownership has been undermined by rising housing costs, especially for low- and moderate-income homeowners with mortgages.
Mortgaged homeowners with below-median incomes have seen their housing costs increase 25 per cent faster than their income over the study period, compared to five per cent for higher income families at the top 60th percentile.
To say the least, the broken promises of home ownership point to the failures of our current housing system that creates a hierarchy of tenures and two tiers of social class — homeowners and renters.
Policies aimed at creating a fairer housing market are essential. These include improving home ownership affordability by providing more diverse types of housing for ownership and discouraging speculative investment.
Such policies should also include enhancing housing security and asset-building opportunities for renters, and supporting the role of non-profits and social enterprises in meeting the needs of a broad range of income groups.
This research project was funded by the Social Sciences and Humanities Council of Canada (SSHRC) through its Insight Development Grant and Partnership Grant. The project was part of the Community Housing Canada project, co-funded by Canada Mortgage and Housing Corporation (CMHC) and SSHRC.
The Honourable Mélanie Joly, Minister of Industry and Minister responsible for Canada Economic Development for Quebec Regions, will visit a leading automotive testing and research facility and meet with representatives of the automotive sector to discuss a path forward for the industry.
Date: Thursday, May 22, 2025
Time: 9:30 am (ET) – Tour of facility 4:00 pm (ET) – Meeting with members of the industry
Location: Oshawa, Ontario
Minister Joly will not answer questions from the media during the tour, but members of the media are invited to take footage.
Minister Joly will participate in a scrum and take questions from media prior to the meeting with members of the industry.
Members of the media are asked to contact ISED Media Relations at media@ised-isde.gc.ca to receive event location details and confirm their attendance.
New York City, NY, May 21, 2025 (GLOBE NEWSWIRE) —
Following never-before-seen crypto rises, KGN Cloud, the innovative digital mining venture of KGN Investing Limited, has rolled out an AI-integrated, ready framework for legislation and an environment-friendly cloud mining platform. Major nations are speeding up their regulatory frameworks for digital assets ,when Bitcoin is already above $80,000, and KGN Cloud, now made available to individuals and businesses, facilitates the mining of top cryptocurrencies without owning physical rigs or dealing with complicated setups.
New users get an automatic bonus of $100after registration, which they can use to start mining in minutes.
“The alignment of AI, energy sustainability, and global regulatory convergence has created a perfect milieu for intelligent mining,” said Rachel M. Jones, Chief Product Officer, KGN Cloud. “This is a platform we created to bring everyone—from the freshers in crypto to hedge funds—a trusted entry point into blockchain mining.”
Crypto’s Historic 2025 Rally: The Numbers Behind the Boom
Bitcoin hit $80,000 on May 10th, 2025, according to CoinMetrics and Messari, as a result of a combination of spot ETF approvals in the US, Hong Kong, and the UAE, as well as increasing interest for Ethereum Layer 2 solutions and institutional DeFi.
Key market trends fueling demand for mining:
Spot Bitcoin ETF inflows exceeded $14B in April 2025 alone
Ethereum (ETH) surged 30% in Q2 as staking rewards hit record highs
Solana (SOL) and Avalanche (AVAX) are seeing adoption across real-world asset (RWA) tokenization
Global mining hash rate hit a new high of 660 EH/s post-halving, pushing smaller miners toward cloud-based options
As a result, cloud mining is seeing an unprecedented surge in demand.
Enter KGN Cloud: Mining Powered by AI, Sustainability, and Simplicity
Traditionally, mining is beset with the barriers of hardware costs, inefficient use of energy, and absence of technical expertise; KGN Cloud deals with all these issues. There will be no capital costs because the platform will allow on-demand, Web-based access to the mining of Bitcoin, Ethereum, and other proof-of-work coins, using AI-enabled optimization—all this from anywhere with an Internet connection.
Platform Highlights:
AI Predictive Allocation: Algorithmic intelligence predicts block difficulty shifts and reallocates hash power accordingly
Green Mining Infrastructure: Partnerships with hydro and solar-powered data centers in Canada, Norway, and Iceland
Zero Maintenance: KGN handles all technical configurations, upgrades, and storage
Daily Payouts in BTC/ETH/USDT: Users can withdraw earnings anytime
Real-Time Plan Examples (as of May 2025):
Starter AI Plan – $300, 3-day contract, return: ~$330
Optimized Yield Plan – $1,200, 5-day contract, return: ~$1,350
AI Green Plan – $5,000, 10-day contract, return: ~$6,050
Institutional Pro Plan – $10,000, 14-day contract, return: ~$12,800
All plans include automated reinvestment options and 100% uptime guarantees.
Crypto Goes Green: Cloud Mining’s Carbon Pivot
The recently released G20 Digital Finance Taskforce aims to ensure that by 2026, 80% of all crypto mining operations will be tasked to meet net-zero emissions goals in key jurisdictions such as the EU, UAE, and Canada.
In anticipation of said regulatory shift, KGN Cloud was built with low-emission data centers using renewable energy integrations. It is one of the few platforms already poised for full ESG compliance.
“Regulatory alignment isn’t a threat—it’s the future…Our eco-first mining platform helps investors stay ahead of compliance curves without compromising on profitability,” stated Jones.
AI + Crypto: From Trend to Necessity
AI is no longer a buzzword—it’s defining the mining landscape in 2025. KGN Cloud’s proprietary AI engine analyzes:
Real-time token volatility
Network congestion
Global mining pool saturation
Gas fees and reward difficulty across BTC, ETH, LTC, etc.
With the above input arriving every couple of hours, KGN Cloud reestablishes its mining focus, thereby maximizing yields for its users even when the market conditions are hostile.
Referral Ecosystem: Earn More by Sharing
In an effort to encourage community growth, KGN Cloud is running a Referral Earnings Program whereby users earn a commission of 5%-7% on each mining contract purchased through their link.
Top affiliates are given access to exclusive “Pro Contracts,” which include advanced features like auto-compounding strategies and enhanced daily rewards.
New Markets, New Users: Global Access & Regulation-Ready
Currently functional in over 160 nations, KGN Cloud also runs its exclusive infrastructure through regulation-friendly hubs including Switzerland, Singapore, and Estonia.
The said platform conforms to the FATF travel rule standard; UK financial oversight requirements; and the data protections of GDPR.
“This is what KGN Cloud is for-the globe,” Jones said. “If you’re in Tokyo, you’re in Dubai, you’re in São Paulo-you’re mining securely, legally, and profitably.”
What’s Ahead for KGN Cloud in 2025?
KGN Cloud has announced several upcoming product expansions:
L2 Mining Pools: Coming Q3, users will be able to mine tokens on Ethereum Layer 2 solutions like Base and Arbitrum
Mobile App Launch: A native iOS and Android app is slated for June 2025
KGN Tokenized Contracts: Smart contract-based mining with yield-trading will launch via Polygon later this year
Enterprise Mining APIs: For hedge funds, DeFi projects, and NFT games needing scalable backend compute power
Join the Future of AI-Powered Crypto Mining
Defunct incorporates the aspect of being an old treasure; however, KGN Cloud is mocking the defunct aspect with accessible means of engagement that are compliant and sharp in terms of crypto. With a bulk of retail and institutional investors seeking reasonably easy reach to yield, KGN Cloud indeed opens the gates to the trust formerly established to secure the future of digital finance.
Register now to receive your $100 bonus and start mining instantly. Start Mining Smarter
Join thousands earning from digital assets without the complexity. Sign up at:https://www.kgncloud.com
.jpg){kind=link}
