NewzIntel.com

Category: Justice

  • MIL-OSI Security: Union, Missouri Woman Accused of Embezzling from Her Employer

    Source: Office of United States Attorneys

    ST. LOUIS – A woman from Washington, Missouri has been indicted and accused of embezzling more than $100,000 from her former employer.

    Victoria Isgriggs, formerly known as Victoria Denise Missey, was indicted on February 13 with two counts of bank fraud and four counts of wire fraud. She was arrested Wednesday and is scheduled to appear in U.S. District Court in St. Louis the same day to plead not guilty.

    The indictment says Isgriggs, 44, worked at a Franklin County nursery and florist as an office manager and accountant from approximately Nov. 26, 2023, through April 29, 2024.  The indictment accuses Isgriggs of using a company bank account and company credit cards to pay personal expenses, including credit card debt, cell phone expenses, utility bills, and rent. The indictment also accuses Isgriggs of using company credit cards to make personal purchases that included luxury items and airfare.  

    The indictment seeks the forfeiture of jewelry, Christian Louboutin footwear and Louis Vuitton bags and accessories.

    Charges set forth in an indictment are merely accusations and do not constitute proof of guilt.  Every defendant is presumed to be innocent unless and until proven guilty.

    The U.S. Secret Service and the Washington (Missouri) Police Department investigated the case. Assistant U.S. Attorney Jennifer Roy prosecuted the case.

    MIL Security OSI

  • MIL-OSI Security: Baie Verte — Afternoon impaired driver arrested by Baie Verte RCMP

    Source: Royal Canadian Mounted Police

    Following a report of a suspected impaired driver yesterday, February 19, 2025, a 76-year-old man was arrested for impaired operation by Baie Verte RCMP.

    At approximately 3:00 p.m. on Tuesday, police received a report of a suspected impaired driver in Baie Verte. Police located the described vehicle a short time after the report and conducted a traffic stop. The driver showed signs of alcohol impairment and failed a roadside breath test. At the detachment, the man provided further breath samples that were above the legal limit.

    The driver was released from custody and is set to appear in court at a later date to answer to charges of impaired operation. The man’s licence was suspended and the vehicle was seized and impounded.

    Road safety is everyone’s responsibility. RCMP NL thanks those who continue to report suspected impaired drivers.

    MIL Security OSI

  • MIL-OSI Asia-Pac: Hong Kong Customs and Marine Police detected six large-scale maritime smuggling cases involving cigarettes and drugs during joint anti-smuggling operations (with photo)

    Source: Hong Kong Government special administrative region

    Hong Kong Customs and Marine Police detected six large-scale maritime smuggling cases involving cigarettes and drugs during joint anti-smuggling operations (with photo)
    Hong Kong Customs and Marine Police detected six large-scale maritime smuggling cases involving cigarettes and drugs during joint anti-smuggling operations (with photo)
    ******************************************************************************************

         Hong Kong Customs and the Marine Police conducted joint operations from February 12 to 19 targeting large-scale maritime smuggling activities and six cases involving suspected illicit cigarettes and suspected dangerous drugs were detected. During the joint operations, a total of about 16.93 million sticks of suspected illicit cigarettes and 459 kilograms of suspected cannabis buds were seized.     Customs and police officers conducted anti-smuggling operations in Sai Kung and Lantau Island from February 13 to 16 and detected four suspected illicit cigarettes smuggling cases. A total of 4.1 million sticks of suspected illicit cigarettes, with an estimated market value of about $19 million and a duty potential of about $13.5 million, found in four goods vehicles and the waters nearby. The four goods vehicles involved in the cases were also detained.                 At small hours on February 18, Customs found a suspicious unattended fishing vessel in Shau Kei Wan Typhoon Shelter. Upon inspection, Customs officers seized 12.83 million suspected illicit cigarettes, with an estimated market value of about $57 million and a duty potential of about $42 million, inside the compartments of the vessel.      Later on the same day, Customs intercepted a suspicious fishing vessel in the waters off Lamma Island, during which persons onboard the fishing vessel threw numerous nylon bags into the sea. Customs officers then took immediate action to board the vessel and retrieved the subject nylon bags from the water. Upon inspection, a total of about 459kg suspected cannabis buds, with an estimated market value of about $118 million, were found inside the nylon bags. Three local men, aged between 44 and 60, suspected to be connected with the case were arrested in the operation.     Investigations on the above mentioned six cases are ongoing.     Being a government department primarily responsible for tackling smuggling activities, Customs has long been combating various smuggling activities at the forefront. Customs will keep up its enforcement action and continue to fiercely combat sea smuggling activities through proactive risk management and intelligence-based enforcement strategies. Customs will continue co-operating and exchanging intelligence with the Police, Mainland and international law enforcement agencies, with targeted anti-smuggling operations carried out at suitable times to disrupt these activities.     Smuggling is a serious offence. Under the Import and Export Ordinance, any person found guilty of importing or exporting unmanifested cargo is liable to a maximum fine of $2 million and imprisonment for seven years.      Under the Dangerous Drug Ordinance, trafficking in a dangerous drug is a serious offence. The maximum penalty upon conviction is a fine of $5 million and life imprisonment.     Under the Dutiable Commodities Ordinance, anyone involved in dealing with, possession of, selling or buying illicit cigarettes commits an offence. The maximum penalty upon conviction is a fine of $1 million and imprisonment for two years.     Members of the public may report any suspected drug trafficking or illicit cigarette activities to Customs’ 24-hour report hotline 182 8080 or its dedicated crime reporting email account (crimereport@customs.gov.hk) or online form (eform.cefs.gov.hk/form/ced002/).

     
    Ends/Wednesday, February 19, 2025Issued at HKT 22:27

    NNNN

    MIL OSI Asia Pacific News

  • MIL-OSI Asia-Pac: A conclave on Restructuring of Real Estate Projects organised at IICA

    Source: Government of India (2)

    A conclave on Restructuring of Real Estate Projects organised at IICA

    Discussions held  around the theme “Resolving Insolvencies in Real Estate Projects”

    Development of real estate insolvency and the role of IBC in successful resolution of distressed assets in real estate sector highlighted

    Posted On: 19 FEB 2025 7:19PM by PIB Delhi

    The Post Graduate Insolvency Programme (PGIP), Indian Institute of Corporate Affairs successfully organized a conclave today at Manesar bringing together insolvency professionals, legal experts, experts from ARCs from across the country. The inaugural ceremony was graced by distinguished industry professionals including Mr. Anuj Jain, Mr. Pallav Mohapatra, Mr. Hari Hara Mishra and Dr. K.L. Dhingra, Head of the Centre of Insolvency and Bankruptcy at IICA. Dr. Dhingra highlighted the objective behind the existence of PGIP by IBBI the regulator.

    The conclave featured keynote addresses from prominent figures, including Mr. Anuj Jain and Mr. Pallav Mohapatra, discussions were centered around the theme “Resolving Insolvencies in Real Estate Projects” The keynote address mainly focused on the development of real estate insolvency and the role of IBC in shaping the successful resolution of distressed assets in the real estate sector. Mr. Mohapatra also highlighted the challenges faced by the Insolvency Professionals and the relevant skills required for sector-specific insolvency resolution.

    The panelists included various professionals from Insolvency Professional Entities, Law Firms, ARC and Academicians where leading domain experts expressed their views.

    The PGIP Conclave 2025 served as a vital platform for professionals to exchange knowledge and stay abreast of developments in the insolvency domain.

    ****

    NB/AD

    (Release ID: 2104806) Visitor Counter : 24

    MIL OSI Asia Pacific News

  • MIL-OSI Asia-Pac: World Day of Social Justice – 20th February

    Source: Government of India (2)

    World Day of Social Justice – 20th February

    India’s Commitment to Equity and Inclusion

    Posted On: 19 FEB 2025 6:54PM by PIB Delhi

    Introduction

    World Day of Social Justice, observed annually on February 20th by the United Nations, serves as a global call to action for addressing poverty, exclusion, and unemployment while promoting solidarity, harmony, and equality of opportunity within and between societies.

    Aligned with the ethos of the World Day of Social Justice, India’s Ministry of Social Justice and Empowerment (MoSJE) has intensified efforts to bridge socio-economic gaps through legislative reforms, grassroots empowerment, and global partnerships.

    Background & Global Context

    Established by the United Nations General Assembly (UNGA) during the 62nd session on November 26, 2007, the World Day of Social Justice has been celebrated annually on 20th Feb since the 63rd session in 2009. This observance stems from the recognition that social development and social justice are indispensable for achieving and maintaining peace and security both within and among nations. The day emphasizes that social justice cannot be attained without peace, security, and respect for all human rights and fundamental freedoms.

    In the face of global challenges such as financial crises, insecurity, and inequality, the day serves as a reminder of the ongoing need for social justice initiatives. It emphasizes the importance of creating opportunities through trade, investment, technological advancements, and economic growth while addressing the obstacles that hinder full participation in the global economy, particularly for developing countries and those in transition.

    The International Labour Organization (ILO) also plays a crucial role in promoting social justice through its Declaration on Social Justice for a Fair Globalization, adopted in 2008. This declaration builds upon previous ILO statements and places the Decent Work Agenda at the core of the organization’s policies.

    The day aligns closely with the United Nations’ broader mission to promote development and human dignity. Initiatives like the Social Protection Floor, launched in 2009, demonstrate the UN’s commitment to ensuring basic social guarantees for all.

    The World Day of Social Justice highlights several key principles and objectives:

    Evolution of Social Justice in India

    India has observed the World Day of Social Justice since 2009. The evolution of social justice and empowerment in India has been a gradual but progressive process influenced by historical struggles, constitutional mandates, and policy developments. The vision of social justice and empowerment has been deeply rooted in India’s independence movement and the vision laid down by the Constitution to ensure equality, dignity, and justice for all citizens, especially the marginalized communities.

    The Constitution of India lays a strong foundation for social justice and empowerment through various provisions that aim to eliminate social inequalities and promote the welfare of disadvantaged groups.

    Key Constitutional Provisions on Social Justice and Empowerment

    Preamble

    The Preamble ensures social, economic, and political justice, guarantees equality of status and opportunity, and promotes fraternity to uphold individual dignity and national unity. It establishes the foundation for a just and inclusive society free from discrimination.

    Fundamental Rights (Part III)

    Article 23 prohibits human trafficking and forced labour, making such practices punishable by law. Article 24 bans child labour in hazardous occupations, protecting children’s rights to safety and education. These rights safeguard vulnerable groups from exploitation.

    Directive Principles of State Policy (Part IV)

    Article 37 states that DPSPs, though not legally enforceable, are essential for governance. Article 38 directs the State to reduce social and economic inequalities. Article 39 ensures equal livelihood, fair wages, and protection from exploitation. Article 39A guarantees free legal aid for the disadvantaged. Article 46 mandates special educational and economic promotion for SCs, STs, and weaker sections to prevent discrimination.

    In 1985-86, the Ministry of Welfare was bifurcated into the Department of Women & Child Development and the Department of Welfare, incorporating divisions from the Ministries of Home Affairs and Law. It was later renamed the Ministry of Social Justice & Empowerment in May 1998.

    The Ministry of Social Justice & Empowerment envisions building an inclusive society where marginalized groups can lead productive, safe, and dignified lives with adequate support for their growth and development. It strives to empower these groups through educational, economic, and social development programs, along with rehabilitation initiatives where necessary.

    The Union Budget 2025-26 reflects this commitment, allocating Rs 13,611 crores to the MoSJE, a 6 percent increase from 2024-25, to ensure saturation coverage of welfare schemes.

    The department’s mandate focuses on uplifting socially, educationally, and economically marginalized communities, including Scheduled Castes, Other Backward Classes, Senior Citizens, Victims of Alcoholism and Substance Abuse, Transgender Persons (under the Transgender Persons (Protection of Rights) Act, 2019), individuals engaged in begging, Denotified and Nomadic Tribes (DNTs), Economically Backward Classes (EBCs), and the Economically Weaker Section (EWS). Through targeted policies and interventions, it aims to foster equity and inclusion in society.

    Key Initiatives by the Government of India

    1. Pradhan Mantri Anusuchit Jaati Abhyuday Yojana (PM-AJAY)

    The scheme launched in 2021-22, merges three schemes to uplift SC communities through skill development, income generation, and infrastructure in Schedule Caste dominated villages. It has three components: Adarsh Gram development, Grants-in-Aid for socio-economic projects, and hostel construction in higher education institutions. Since January 1, 2024, 5,051 villages have been declared Adarsh Gram, 1,655 projects benefiting 3,05,842 people have been sanctioned, and ₹26.31 crore allocated for 38 hostels.

    2. Scheme for Residential Education for Students in High Schools in Targeted Areas (SRESHTA)

    The SHRESHTA scheme aims to bridge service gaps in Schedule Caste dominant areas by supporting grant-in-aid institutions and high-quality residential schools. It provides financial assistance to top CBSE/State Board-affiliated private schools for SC students in classes 9 and 11, ensuring education till class 12. Additionally, it funds NGOs/VOs to run residential and non-residential schools and hostels with adequate infrastructure and strong academic standards, fostering socio-economic upliftment of SC communities.

     

    3. Purple Fests

    Purple Fests (Festival of Inclusion) have been organized by the Department of Empowerment of Persons with Disabilities (DEPwD), Ministry of Social Justice & Empowerment, since 2023. In 2024, the event welcomed over 10,000 Divyangjan and their escorts, fostering a sense of solidarity and mutual respect. Purple Fest is a movement towards a more equitable society, championing the values of accessibility, dignity, and equal opportunity for all. The event also saw the launch of significant initiatives, including the India Neurodiversity Platform in collaboration with TATA POWER COMMUNITY DEVELOPMENT TRUST, aimed at early intervention and home care support, a handbook on attitudinal barriers and disability-sensitive language to promote inclusive communication, and a nationwide series of 25 job fairs by the American Indian Foundation and DEPwD.

    Performances from the Purple Fest – 2024

    4. National Action for Mechanised Sanitation Ecosystem (NAMASTE)

    The National Action for Mechanized Sanitation Ecosystem (NAMASTE) is a Central Sector Scheme launched in FY 2023-24 as a joint initiative of the Ministry of Social Justice & Empowerment (MoSJ&E) and the Ministry of Housing and Urban Affairs (MoHUA). It aims to ensure the safety, dignity, and sustainable livelihood of sanitation workers in urban India. The scheme has integrated components of the former Self-Employment Scheme for Rehabilitation of Manual Scavengers (SRMS) and expanded its coverage to include waste pickers as a target group from FY 2024-25.

     

    5. Support for Marginalized Individuals for Livelihood & Enterprise (SMILE)

    The Support for Marginalized Individuals for Livelihood and Enterprise (SMILE) Scheme is a comprehensive initiative aimed at the rehabilitation of transgender individuals and persons engaged in begging. Its primary objective is to create a ‘Bhiksha Vritti Mukt Bharat’ (Begging-free India) by ensuring the reintegration of beggars into mainstream society. The scheme focuses on area-specific surveys, awareness campaigns, mobilization and rescue operations, access to shelter homes and basic services, skills training, alternative livelihood options, and the formation of Self-Help Groups (SHGs). Currently, it is active in 81 cities and towns, including key pilgrimage, historical, and tourist locations, with plans to expand to 50 more cities in the next phase.

      

    As of November 15, 2024, 7,660 individuals engaged in begging have been identified, out of which 970 have been successfully rehabilitated. The scheme continues to work towards its goal by providing shelter, vocational training, and employment opportunities, helping marginalized individuals regain dignity and self-sufficiency.

    6. PM-DAKSH Yojana

    The PM-DAKSH Yojana launched on 7th August, 2021, aims to enhance the skill levels of marginalized communities, including SCs, OBCs, EBCs, DNTs, and Safai Karamcharis, for economic empowerment through free skill training. The scheme, with a budget of ₹450.25 crore (2021-26), provides short-term and long-term training to facilitate wage and self-employment, ensuring at least 70% placement. Training is conducted through Government and reputed Private Training Institutes, aligned with NSQF and Common Norms of the Ministry of Skill Development & Entrepreneurship (MSDE), targeting individuals aged 18-45 years.

    7. Nasha Mukt Bharat Abhiyan

    Launched on 15th August 2020, the Nasha Mukt Bharat Abhiyaan (NMBA) aims to make India drug-free by targeting 272 high-risk districts, identified through a national survey and NCB inputs. The campaign follows a three-pronged approach: curbing supply (Narcotics Control Bureau), awareness and demand reduction (Ministry of Social Justice & Empowerment), and treatment (Health Department). Since its inception, NMBA has reached 13.57 crore people, including 4.42 crore youth and 2.71 crore women, with participation from 3.85 lakh educational institutions.

    Conclusion

    As the world grapples with economic challenges, the World Day of Social Justice renews commitments to equity and inclusion, reminding us that injustice anywhere affects all of humanity. While progress has been made, much remains to be done. India has embraced this vision through legislative reforms, grassroots programs, and targeted welfare initiatives. The Ministry of Social Justice and Empowerment (MoSJE) plays a key role in uplifting marginalized communities, aligning its efforts with global frameworks like the Decent Work Agenda and Sustainable Development Goals (SDGs) to uphold justice and equality.

    Through initiatives like PM-AJAY, NAMASTE, SMILE, PM-DAKSH Yojana, and Nasha Mukt Bharat Abhiyaan, MoSJE has empowered disadvantaged groups with education, skills, and economic opportunities. Increased budget allocations, inclusive platforms like Purple Fests, and expanded social protection measures highlight the government’s commitment to fostering justice and inclusion. As India observes the World Day of Social Justice, these efforts reaffirm its dedication to bridging socio-economic gaps and ensuring dignity and opportunity for all.

    References

     

    Click here to see PDF:

    Santosh Kumar/Ritu Kataria/ Vatsla Srivastava

    (Release ID: 2104798) Visitor Counter : 73

    MIL OSI Asia Pacific News

  • MIL-OSI Australia: Suspicious behaviour arrest

    Source: South Australia Police

    Police have arrested a man following suspicious behaviour in the eastern and western suburbs.

    Between 12 January 2024 and 18 February 2025, residents reported a man behaving suspiciously and looking through windows of homes in suburbs including Glenelg North, Norwood, Thebarton and Beulah Park.

    Following an investigation, on Wednesday 19 February, police arrested a 56-year-old man from Salisbury and charged him with six counts of being unlawfully on premises.  He was granted police bail to appear in Adelaide Magistrates Court on 22 May.

    Anyone who sees suspicious behaviour is urged to call the Police Assistance Line immediately on 131 444.

    MIL OSI News

  • MIL-OSI Economics: 3 ways to improve access to justice through court modernization

    Source: Microsoft

    Headline: 3 ways to improve access to justice through court modernization

    The legal maxim that “justice delayed is justice denied” has long been a rallying cry to encourage judges and courts to operate more efficiently. If legal redress or fair relief are potentially available to an injured party but aren’t promptly provided or supported, that is effectively no remedy at all. Today, the need for accessible and fair judicial systems is at least as relevant as when William Penn voiced it back in the seventeenth century. Fortunately, technology is playing a key role in helping to realize the vision and improve access to justice.

    Worldwide, courts are contending with growing pressures that threaten to bog down judicial processes and erode trust in the judiciary. Antiquated case management systems, critical data stuck in silos, and public demand for digital means of participating in justice contribute to the urgency to find new solutions that are cost-effective and adequately cyber-secure.

    Innovative courts are already busy modernizing systems and taking early steps with generative AI technologies. At Microsoft for government, we help courts and judicial organizations maintain trust within their communities through solutions that transform operations and help to increase fairness, accountability, and transparency. Let’s have a look at some important benefits of court modernization, including a new way for courts to experiment with AI innovation in a safe and productive fashion.

    Explore public safety and justice capabilities

    Better access to justice in 3 key areas

    The adoption of cloud technologies typically has an almost immediate impact in terms of power, scalability, and flexibility. Modernizing tools and systems can further deliver new capabilities that help improve access to justice. Among these:

    1. Streamline court operations

    Courts function better with a more empowered workforce, and modernization makes it possible to quickly realize significant gains in efficiency. For example, by simply adopting Microsoft 365 copilot, 70% of users surveyed across industries reported being more productive and able to focus more on high-value activities and creative work.1

    Even greater benefits are gained by cloud solutions that bring together vast stores of data. Courts are often supported by aging legacy systems that hold data in disconnected silos, making it difficult, if not impossible, to integrate it all. For example, the Orange County Superior Court (OCSC) managed three disparate case management systems (containing more than 70 million paper files), which created serious inefficiencies. So, they integrated it all into a single data warehouse on Microsoft Azure, and realized new benefits in decision making and improved operational efficiency, as well as setting the stage for greater innovation.

    Case management systems are especially being transformed by modernization. Courts are moving away from expensive, limited legacy systems to modern solutions that speed up case processing, help judges access necessary information faster, and even increase the capacity of caseloads. Cloud-based case management systems can also fundamentally change how people interact with courts. For example, the Alabama Appellate Courts System developed a hybrid cloud solution that allowed 6,000 Alabama licensed lawyers to access information and file motions with no need to physically travel to any of its three courts.

    2. Improve everyday access to justice

    Trust in the court is central to justice, but for many people, the cost and friction involved in legal proceedings is high and the results are not always satisfactory. Modernization can help ease the burden with new services and capabilities that are user friendly and engage the public.

    Remote access to court proceedings is a profound benefit of modernization, making it faster, easier, and less expensive for people to participate. Widely adopted during the pandemic, remote hearings with Microsoft Teams are now being enhanced with generative AI features that can do things like generate unofficial transcripts or session recaps.

    The Teams experience can also be expanded to provide additional services. For example, the Federal Regional Court of the 1st Region (TRF1) in Brazil improved access to the court with a new Virtual Support Desk—an integrated online service platform within Teams that offers easy access to important judicial services for people across Brazil. It also provides a personalized work hub for court service agents, giving them access to real-time engagement analytics, proactive notifications, and service governance indicators.

    Modernization is also helping people to better navigate the legal system. Easy to use digital tools can provide guidance in legal processes, assist with document preparation, and help find important resources. Virtual assistants and chatbots can help people understand legal terms, access case information, and represent themselves in litigation in areas such as family law. Translation and transcription capabilities can also be included to make these services even more accessible.

    3. Enhanced experiences through new services

    Innovation with generative AI and advanced cloud services is still evolving for courts, but the early benefits give us a glimpse of how significantly courts will be transformed in the months and years to come.

    Many of the benefits listed above will accelerate dramatically as more courts invest in modernization. For individuals, AI-enabled online portals and mobile applications will provide easier access to case information, explain options, and answer questions about legal processes—providing support that even court staff cannot always offer due to legal restrictions.

    For judges and court staff, modernization promises faster processing of cases, with solutions that speed up administrative tasks, reduce delays caused by paperwork errors, and improve the filing of legal documents. AI can automate the extraction, categorization, and organization of information from documents such as invoices, contracts, and emails.

    Generative AI is increasingly also being integrated into legal workflows to automate tasks like tagging and classification. This promises to advance a key industry initiative called SALI (Standards Advancement for the Legal Industry, in which Microsoft is a participant), that is creating a standardized way to define and document legal matters. By automating tagging and classification of documents (commonly done by hand), AI can help SALI achieve its mission to benefit legal professionals and their clients by fostering innovation and efficiency in legal workflows.

    A low risk way to explore AI innovation in the court

    Many courts are understandably cautious about involving their critical data and systems in innovation with new technology such as AI. That’s why Microsoft endorses an important new initiative called the AI Sandbox, by the National Center for State Courts (NCSC).

    The AI Sandbox helps leaders in judicial organizations explore generative AI and learn how it can improve productivity, efficiency, and citizen service. Designed to serve the needs of courts across geographies, the AI Sandbox lets judges and court staff experiment with generative AI in a secure private cloud environment built on Azure. It supports the development of use cases such as drafting court orders, creating job descriptions, providing legal information, and much more. Best of all, it’s easy to use via the NSCS portal (no travel required).

    To get started, visit the NCSC AI sandbox website.

    Advancing your modernization journey

    Whether it’s the AI Sandbox or early experimentation with Microsoft 365 Copilot, the path to modernization is unique for every court. There are some fundamental elements that every organization will eventually need in order to realize the complete benefits of AI:

    • A cloud platform like Azure delivers proven scalability, security, and compliance.
    • A data and AI platform like Microsoft Fabric provides a common way to reason over your data.
    • A development platform like Azure AI Foundry lets you build world-class AI-native applications.

    Improving access to justice through technology is a long-term journey, but one that delivers benefits early and often. It’s important to define your goals, take a strategic approach, and choose a technology partner who will be with you every step of the way.

    Learn more

    To see how Microsoft is empowering court systems to be more agile, secure, and accessible for all, watch our video. To learn more about how we can help in your court’s modernization journey, visit our website or get in touch with your Microsoft sales representative or technology partner.

    Explore Microsoft for public safety and justice

    1Microsoft Work Trend Index Special Report.

    David Williams

    Director, Global Public Safety and Justice

    As a leader in Microsoft’s worldwide government team, David Williams is passionate about the application of technology to empower the people and organizations dedicated to Public Safety and Justice. He works closely with partners, field teams, and customers to find solutions that meet each organization’s unique requirements. A retired United States Army major, he has worked for more than 10 years in technology roles focused on intelligence, investigations, and data analytics.

    See more articles from this author

    MIL OSI Economics

  • MIL-OSI New Zealand: Police monitoring Te Puke tangi

    Source: New Zealand Police (National News)

    Attributable to Inspector Clifford Paxton, Western Bay of Plenty Area Commander:

    Police are aware of a gang related tangi for the father of a prominent gang member, due to take place in the Western Bay of Plenty Area on Friday 21 February.

    Bay of Plenty Police will be monitoring the tangi and procession in Waitangi, Te Puke, due to take place around midday.

    Motorists are advised to plan ahead as Police believe there could be some disruptions on the road, while attendees make their way to the tangi from Tauranga and other areas.

    Police advise those attending that we will not tolerate any unlawful activity, and this will be met with enforcement action where it is identified.

    Police will follow up in instances if we are unable to take enforcement action at the time, with information about the offence and offender noted for further action.

    If you see any unlawful activity, please contact Police via 111 if it is happening now or 105 if its after the fact either online or over the phone.

    ENDS

    Issued by Police Media Centre

    MIL OSI New Zealand News

  • MIL-OSI USA: Attorney General James Announces Takedown of Fentanyl and Cocaine Trafficking Ring in the Hudson Valley 

    Source: US State of New York

    NEW YORK – New York Attorney General Letitia James today announced the takedown of a drug trafficking ring in the Hudson Valley that illegally sold cocaine, powder fentanyl, and counterfeit oxycodone pills containing fentanyl across Dutchess, Ulster, and Orange Counties. An investigation led by the Office of the Attorney General’s (OAG) Organized Crime Task Force (OCTF) recovered two and a half kilograms of cocaine worth approximately $45,000, thousands of counterfeit oxycodone pills containing fentanyl worth over $500,000, and three and a half kilograms of powder fentanyl worth over $200,000. Five illegal handguns, including two ghost guns, and four high-capacity magazines were also seized during the operation. A 122-count indictment charging four individuals for their roles in the drug trafficking network was unsealed in Dutchess County Court. The indictment charges Xavier Grant, Antawone West, Michael Jones, and Kenyi Torres with multiple felonies for narcotics and firearms offenses.

    “Drug traffickers who distribute lethal amounts of opioids put communities throughout our state in danger,” said Attorney General James. “Not only did these individuals sell deadly narcotics, they disguised fentanyl in fake prescription pills, putting the lives of their customers at even greater risk. I thank our partners in law enforcement for their collaboration in this effort to take a dangerous criminal organization off our streets as we continue to work to keep New Yorkers safe.”

    The takedown was the result of an eleven-month joint investigation led by OCTF and the New York State Police’s (NYSP) Special Investigations Unit – Hudson Valley (SIU-HV) and Troop K – Violent Gang and Narcotics Enforcement Team (K-VGNET).

    The investigation included hundreds of hours of physical and covert surveillance, analysis of voluminous electronic evidence, including cellphone communications, covert video and audio recordings, and other traditional investigative techniques. During their communications, the defendants frequently utilized coded and cryptic terminology in an attempt to disguise their illicit activities, such as referring to orders of counterfeit oxycodone pills containing fentanyl as “blues,” “blueberries,” or “perks,” a nod to their legitimate, prescription medication counterparts. 

    The investigation revealed that Grant, West, Jones, and Torres obtained cocaine, powder fentanyl, and counterfeit oxycodone pills containing fentanyl for further distribution. Additionally, the investigation revealed that the four defendants worked together to store, supply, and distribute the narcotics in Dutchess, Orange, and Ulster Counties. The narcotics were stored in various stash locations in the residential areas of Poughkeepsie and often sold in parking lots. The investigation also seized five illegal handguns, four of which were loaded, and two of which were ghost guns, in addition to four illegal high-capacity magazines.

    The investigation into this narcotics trafficking network led to the recovery of:

    • Two and a half kilograms of cocaine;
    • Thousands of counterfeit oxycodone pills containing fentanyl weighing over two and a half kilograms;
    • Three and a half kilograms of powder fentanyl;
    • Five illegal handguns, including two ghost guns and four high-capacity magazines;
    • Drug paraphernalia, including scales, ziplock bags, glassine envelopes, and other packaging materials used to package and measure narcotics;
    • Two “kilo” presses; and
    • Approximately $255,000 in cash.

    Some of the alleged narcotics and firearms seized during the investigation, including cocaine, counterfeit oxycodone pills containing fentanyl, powder fentanyl, five handguns, four high-capacity magazines, and “kilo” presses.

    The 122-count indictment, unsealed in Dutchess County Court, includes counts for various felony narcotics offenses, including charges against Jones and West for Criminal Sale of a Controlled Substance in the First Degree and Criminal Possession of a Controlled Substance in the First Degree, respectively. Each carries a maximum sentence of 20 years in prison. Additional charges include various counts of Criminal Sale of a Controlled Substance (class B felonies) and Criminal Possession of a Controlled Substance (class A-II and B felonies), as well as Conspiracy to commit those crimes.

    Jones and West are also charged with firearms offenses including Criminal Possession of a Weapon in the Second Degree, a class C violent felony, Criminal Possession of a Weapon in the Third Degree, a class D felony, and Criminal Possession of a Firearm, a class E felony.

    Grant and Torres are each charged with, among other things, multiple counts of Criminal Sale of a Controlled Substance in the Second Degree, a class A-II felony, which carries a maximum sentence of 10 years in prison. They are also charged with Conspiracy to commit those crimes. The charges against the defendants are merely accusations and the defendants are presumed innocent unless and until proven guilty.

    Some of the alleged counterfeit oxycodone pills containing fentanyl seized during this investigation.

    “I want to thank the Attorney General’s Office, and our law enforcement partners for their vigilant hard work that has resulted in the arrests of these dangerous individuals,” said New York State Police Superintendent Steven G. James. “The sale of these highly addictive drugs perpetuates a cycle of substance abuse which poses a significant threat to safety and quality of life within our neighborhoods. This sends a strong message to dealers that we will not tolerate illegal drugs and weapons being brought into or sold in our communities.”

    Those charged in the indictment include:

    • Xavier Grant a/k/a “X,” 22 years old of Poughkeepsie, New York;
    • Antawone West, 25 years old of Poughkeepsie, New York;
    • Michael Jones a/k/a “Slime,” 33 years old of Poughkeepsie, New York; and
    • Kenyi Torres, 45 years old of Middletown, New York.

    This takedown marks the latest major drug bust in OAG’s Suburban and Upstate Response to the Growing Epidemic (SURGE) Initiative, a law enforcement effort that brings together state and local law enforcement to target New York’s heroin, opioid, and narcotics trafficking networks. Since launching in 2017, SURGE has taken 984 alleged traffickers off the streets.

    The investigation was led by OCTF Detectives David Walsh and Steven Cohan, under the supervision of OCTF Detective Supervisor Bradford Miller, OCTF Downstate Assistant Chief Ismael Hernandez, and OCTF Deputy Chief Andrew Boss. The Attorney General’s Investigations Division is led by Chief Oliver Pu-Folkes. 

    Attorney General James would also like to thank Dutchess County District Attorney Anthony Parisi, the Dutchess County Sheriff’s Office, the City of Poughkeepsie Police Department, and the Dutchess County Drug Task Force for their assistance throughout the investigation.

    The case is being prosecuted by OCTF Assistant Deputy Attorney General Joseph Barca under the supervision of Downstate OCTF Deputy Chief Lauren Abinanti, with the assistance of OCTF Legal Support Analysts Madeline Rosen, Alex DiGiacomo, and former Legal Support Analyst Christine Cintron. Nicole Keary is the Deputy Attorney General in Charge of OCTF. The Division for Criminal Justice is led by Chief Deputy Attorney General José Maldonado. Both the Investigations Division and the Division for Criminal Justice are overseen by First Deputy Attorney General Jennifer Levy.

    MIL OSI USA News

  • MIL-OSI Security: Milton — RCMP to hold a press conference following arrests linked to a complex and international cybercrime investigation

    Source: Royal Canadian Mounted Police

    The Officer in Charge of the Integrated Cybercrime Investigations Unit of the Central Region RCMP, Inspector Lina Dabit, will hold a press conference to provide results of a complex and international cybercrime investigation.

    Following a statement of facts, representatives from the RCMP will be available for questions.

    For media wanting to attend in person, please register by sending your name and media credentials to: media.relations.rcmp-Ontario-relations.medias.grc@rcmp-grc.gc.ca

    A live link to the conference will be provided upon registration for media only.

    When: February 20, 2025

    Time: 10:00 AM – Media is invited to start arriving in person at 9:15 AM

    Location: 2755 High Point Drive, Milton RCMP Detachment

    MIL Security OSI

  • MIL-OSI Security: #StopRansomware: Ghost (Cring) Ransomware

    Source: US Department of Homeland Security

    Summary

    Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources.

    The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint advisory to disseminate known Ghost (Cring)—(“Ghost”)—ransomware IOCs and TTPs identified through FBI investigation as recently as January 2025.

    Beginning early 2021, Ghost actors began attacking victims whose internet facing services ran outdated versions of software and firmware. This indiscriminate targeting of networks containing vulnerabilities has led to the compromise of organizations across more than 70 countries, including organizations in China. Ghost actors, located in China, conduct these widespread attacks for financial gain. Affected victims include critical infrastructure, schools and universities, healthcare, government networks, religious institutions, technology and manufacturing companies, and numerous small- and medium-sized businesses.

    Ghost actors rotate their ransomware executable payloads, switch file extensions for encrypted files, modify ransom note text, and use numerous ransom email addresses, which has led to variable attribution of this group over time. Names associated with this group include Ghost, Cring, Crypt3r, Phantom, Strike, Hello, Wickrme, HsHarada, and Rapture. Samples of ransomware files Ghost used during attacks are: Cring.exe, Ghost.exe, ElysiumO.exe, and Locker.exe.

    Ghost actors use publicly available code to exploit Common Vulnerabilities and Exposures (CVEs) and gain access to internet facing servers. Ghost actors exploit well known vulnerabilities and target networks where available patches have not been applied.

    The FBI, CISA, and MS-ISAC encourage organizations to implement the recommendations in the Mitigations section of this advisory to reduce the likelihood and impact of Ghost ransomware incidents.

    Download the PDF version of this report:

    For a downloadable copy of IOCs, see:

    Technical Details

    Note: This advisory uses the MITRE ATT&CK® Matrix for Enterprise framework, version 16.1. See the MITRE ATT&CK Tactics and Techniques section of this advisory for a table of the threat actors’ activity mapped to MITRE ATT&CK tactics and techniques.

    Initial Access

    The FBI has observed Ghost actors obtaining initial access to networks by exploiting public facing applications that are associated with multiple CVEs [T1190]. Their methodology includes leveraging vulnerabilities in Fortinet FortiOS appliances (CVE-2018-13379), servers running Adobe ColdFusion (CVE-2010-2861 and CVE-2009-3960), Microsoft SharePoint (CVE-2019-0604), and Microsoft Exchange (CVE-2021-34473CVE-2021-34523, and CVE-2021-31207— commonly referred to as the ProxyShell attack chain).

    Execution

    Ghost actors have been observed uploading a web shell [T1505.003] to a compromised server and leveraging Windows Command Prompt [T1059.003] and/or PowerShell [T1059.001] to download and execute Cobalt Strike Beacon malware [T1105] that is then implanted on victim systems. Despite Ghost actors’ malicious implementation, Cobalt Strike is a commercially available adversary simulation tool often used for the purposes of testing an organization’s security controls.

    Persistence

    Persistence is not a major focus for Ghost actors, as they typically only spend a few days on victim networks. In multiple instances, they have been observed proceeding from initial compromise to the deployment of ransomware within the same day. However, Ghost actors sporadically create new local [T1136.001] and domain accounts [T1136.002] and change passwords for existing accounts [T1098]. In 2024, Ghost actors were observed deploying web shells [T1505.003] on victim web servers.

    Privilege Escalation

    Ghost actors often rely on built in Cobalt Strike functions to steal process tokens running under the SYSTEM user context to impersonate the SYSTEM user, often for the purpose of running Beacon a second time with elevated privileges [T1134.001].

    Ghost actors have been observed using multiple open-source tools in an attempt at privilege escalation through exploitation [T1068] such as “SharpZeroLogon,” “SharpGPPPass,” “BadPotato,” and “GodPotato.” These privilege escalation tools would not generally be used by individuals with legitimate access and credentials. 

    See Table 1 for a descriptive listing of tools.

    Credential Access

    Ghost actors use the built in Cobalt Strike function “hashdump” or Mimikatz [T1003] to collect passwords and/or password hashes to aid them with unauthorized logins and privilege escalation or to pivot to other victim devices.

    Defense Evasion

    Ghost actors used their access through Cobalt Strike to display a list of running processes [T1057] to determine which antivirus software [T1518.001] is running so that it can be disabled [T1562.001]. Ghost frequently runs a command to disable Windows Defender on network connected devices. Options used in this command are: Set-MpPreference -DisableRealtimeMonitoring 1 -DisableIntrusionPreventionSystem 1 -DisableBehaviorMonitoring 1 -DisableScriptScanning 1 -DisableIOAVProtection 1 -EnableControlledFolderAccess Disabled -MAPSReporting Disabled -SubmitSamplesConsent NeverSend.

    Discovery

    Ghost actors have been observed using other built-in Cobalt Strike commands for domain account discovery [T1087.002], open-source tools such as “SharpShares” for network share discovery [T1135], and “Ladon 911” and “SharpNBTScan” for remote systems discovery [T1018]. Network administrators would be unlikely to use these tools for network share or remote systems discovery.

    Lateral Movement

    Ghost actors used elevated access and Windows Management Instrumentation Command-Line (WMIC) [T1047] to run PowerShell commands on additional systems on the victim network— often for the purpose of initiating additional Cobalt Strike Beacon infections. The associated encoded string is a base 64 PowerShell command that always begins with: powershell -nop -w hidden -encodedcommand JABzAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAE0AZQBtAG8AcgB5AFMAdAByAGUAYQBtACgALABbAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACIA… [T1132.001][T1564.003].

    This string decodes to “$s=New-Object IO.MemoryStream(,[Convert]::FromBase64String(“” and is involved with the execution of Cobalt Strike in memory on the target machine.

    In cases where lateral movement attempts are unsuccessful, Ghost actors have been observed abandoning an attack on a victim.

    Exfiltration

    Ghost ransom notes often claim exfiltrated data will be sold if a ransom is not paid. However, Ghost actors do not frequently exfiltrate a significant amount of information or files, such as intellectual property or personally identifiable information (PII), that would cause significant harm to victims if leaked. The FBI has observed limited downloading of data to Cobalt Strike Team Servers [T1041]. Victims and other trusted third parties have reported limited uses of Mega.nz [T1567.002] and installed web shells for similar limited data exfiltration. Note: The typical data exfiltration is less than hundreds of gigabytes of data.

    Command and Control

    Ghost actors rely heavily on Cobalt Strike Beacon malware and Cobalt Strike Team Servers for command and control (C2) operations, which function using hypertext transfer protocol (HTTP) and hypertext transfer protocol secure (HTTPS) [T1071.001]. Ghost rarely registers domains associated with their C2 servers. Instead, connections made to a uniform resource identifier (URI) of a C2 server, for the purpose of downloading and executing Beacon malware, directly reference the C2 server’s IP address. For example, http://xxx.xxx.xxx.xxx:80/Google.com where xxx.xxx.xxx.xxx represents the C2 server’s IP address.

    For email communication with victims, Ghost actors use legitimate email services that include traffic encryption features. [T1573] Some examples of emails services that Ghost actors have been observed using are Tutanota, Skiff, ProtonMail, Onionmail, and Mailfence.

    Note: Table 2 contains a list of Ghost ransom email addresses.

    Impact and Encryption

    Ghost actors use Cring.exe, Ghost.exe, ElysiumO.exe, and Locker.exe, which are all ransomware executables that share similar functionality. Ghost variants can be used to encrypt specific directories or the entire system’s storage [T1486]. The nature of executables’ operability is based on command line arguments used when executing the ransomware file. Various file extensions and system folders are excluded during the encryption process to avoid encrypting files that would render targeted devices inoperable.

    These ransomware payloads clear Windows Event Logs [T1070.001], disable the Volume Shadow Copy Service, and delete shadow copies to inhibit system recovery attempts [T1490]. Data encrypted with Ghost ransomware variants cannot be recovered without the decryption key. Ghost actors hold the encrypted data for ransom and typically demand anywhere from tens to hundreds of thousands of dollars in cryptocurrency in exchange for decryption software [T1486].

    The impact of Ghost ransomware activity varies widely on a victim-to-victim basis. Ghost actors tend to move to other targets when confronted with hardened systems, such as those where proper network segmentation prevents lateral moment to other devices.

    Indicators of Compromise (IOC)

    Table 1 lists several tools and applications Ghost actors have used for their operations. The use of these tools and applications on a network should be investigated further.

    Note: Authors of these tools generally state that they should not be used in illegal activity.

    Table 1: Tools Leveraged by Ghost Actors
    Name Description Source
    Cobalt Strike Cobalt Strike is penetration testing software. Ghost actors  use an unauthorized version of Cobalt Strike. N/A
    IOX Open-source proxy, used to establish a reverse proxy to a Ghost C2 server from an internal victim device. github[.]com/EddieIvan01/iox
    SharpShares.exe SharpShares.exe is used to enumerate accessible network shares in a domain. Ghost actors use this primarily for host discovery. github[.]com/mitchmoser/SharpShares
    SharpZeroLogon.exe SharpZeroLogon.exe attempts to exploit CVE-2020-1472 and is run against a target Domain Controller. github[.]com/leitosama/SharpZeroLogon
    SharpGPPPass.exe SharpGPPPass.exe attempts to exploit CVE-2014-1812 and targets XML files created through Group Policy Preferences that may contain passwords. N/A
    SpnDump.exe SpnDump.exe is used to list service principal name identifiers, which Ghost actors use for service and hostname enumeration. N/A
    NBT.exe A compiled version of SharpNBTScan, a NetBIOS scanner. Ghost actors use this tool for hostname and IP address enumeration. github[.]com/BronzeTicket/SharpNBTScan
    BadPotato.exe BadPotato.exe is an exploitation tool used for privilege escalation. github[.]com/BeichenDream/BadPotato
    God.exe God.exe is a compiled version of GodPotato and is used for privilege escalation. github[.]com/BeichenDream/GodPotato
    HFS (HTTP File Server) A portable web server program that Ghost actors use to host files for remote access and exfiltration. rejitto[.]com/hfs
    Ladon 911 A multifunctional scanning and exploitation tool, often used by Ghost actors with the MS17010 option to scan for SMB vulnerabilities associated with CVE-2017-0143 and CVE-2017-0144. github[.]com/k8gege/Ladon
    Web Shell A backdoor installed on a web server that allows for the execution of commands and facilitates persistent access. Slight variation of github[.]com/BeichenDream/Chunk-Proxy/blob/main/proxy.aspx
    Table 2: MD5 File Hashes Associated with Ghost Ransomware Activity
    File name MD5 File Hash
    Cring.exe c5d712f82d5d37bb284acd4468ab3533
    Ghost.exe

    34b3009590ec2d361f07cac320671410

    d9c019182d88290e5489cdf3b607f982
    ElysiumO.exe

    29e44e8994197bdb0c2be6fc5dfc15c2

    c9e35b5c1dc8856da25965b385a26ec4

    d1c5e7b8e937625891707f8b4b594314
    Locker.exe ef6a213f59f3fbee2894bd6734bbaed2
    iex.txt, pro.txt (IOX) ac58a214ce7deb3a578c10b97f93d9c3
    x86.log (IOX)

    c3b8f6d102393b4542e9f951c9435255

    0a5c4ad3ec240fbfd00bdc1d36bd54eb
    sp.txt (IOX) ff52fdf84448277b1bc121f592f753c5
    main.txt (IOX) a2fd181f57548c215ac6891d000ec6b9
    isx.txt (IOX) 625bd7275e1892eac50a22f8b4a6355d
    sock.txt (IOX) db38ef2e3d4d8cb785df48f458b35090

    Ransom Email Addresses

    Table 3 is a subset of ransom email addresses that have been included in Ghost ransom notes.

    Table 3: Ransom Email Addresses
    Email Addresses
    asauribe@tutanota.com ghostbackup@skiff.com rainbowforever@tutanota.com
    cringghost@skiff.com ghosts1337@skiff.com retryit1998@mailfence.com
    crptbackup@skiff.com ghosts1337@tuta.io retryit1998@tutamail.com
    d3crypt@onionmail.org ghostsbackup@skiff.com rsacrpthelp@skiff.com
    d3svc@tuta.io hsharada@skiff.com rsahelp@protonmail.com
    eternalnightmare@tutanota.com just4money@tutanota.com sdghost@onionmail.org
    evilcorp@skiff.com kellyreiff@tutanota.com shadowghost@skiff.com
    fileunlock@onionmail.org kev1npt@tuta.io shadowghosts@tutanota.com
    fortihooks@protonmail.com lockhelp1998@skiff.com summerkiller@mailfence.com
    genesis1337@tutanota.com r.heisler@skiff.com summerkiller@tutanota.com
    ghost1998@tutamail.com rainbowforever@skiff.com webroothooks@tutanota.com

    Ransom Notes

    Starting approximately in August 2024, Ghost actors began using TOX IDs in ransom notes as an alternative method for communicating with victims. For example: EFE31926F41889DBF6588F27A2EC3A2D7DEF7D2E9E0A1DEFD39B976A49C11F0E19E03998DBDA and E83CD54EAAB0F31040D855E1ED993E2AC92652FF8E8742D3901580339D135C6EBCD71002885B.

    MITRE ATT&CK Tactics and Techniques

    See Table 4 to Table 13 for all referenced threat actor tactics and techniques in this advisory. For assistance with mapping malicious cyber activity to the MITRE ATT&CK framework, version 16.1, see CISA and MITRE ATT&CK’s Best Practices for MITRE ATT&CK Mapping and CISA’s Decider Tool.

    Table 4: Initial Access
    Technique Title  ID Use
    Exploit Public-Facing Application T1190 Ghost actors exploit multiple vulnerabilities in public-facing systems to gain initial access to servers.
    Table 5: Execution
    Technique Title  ID Use
    Windows Management Instrumentation T1047 Ghost actors abuse WMI to run PowerShell scripts on other devices, resulting in their infection with Cobalt Strike Beacon malware.
    PowerShell T1059.001 Ghost actors use PowerShell for various functions including to deploy Cobalt Strike.
    Windows Command Shell T1059.003 Ghost actors use the Windows Command Shell to download malicious content on to victim servers.
    Table 6: Persistence
    Technique Title  ID Use
    Account Manipulation T1098 Ghost actors change passwords for already established accounts.
    Local Account T1136.001 Ghost actors create new accounts or makes modifications to local accounts.
    Domain Account T1136.002 Ghost actors create new accounts or makes modifications to domain accounts.
    Web Shell T1505.003 Ghost actors upload web shells to victim servers to gain access and for persistence.
    Table 7: Privilege Escalation
    Technique Title  ID Use
    Exploitation for Privilege Escalation T1068 Ghost actors use a suite of open source tools in an attempt to gain elevated privileges through exploitation of vulnerabilities.
    Token Impersonation/Theft T1134.001 Ghost actors use Cobalt Strike to steal process tokens of processes running at a higher privilege.
    Table 8: Defense Evasion
    Technique Title  ID Use
    Application Layer Protocol: Web Protocols T1071.001 Ghost actors use HTTP and HTTPS protocols while conducting C2 operations. 
    Impair Defenses: Disable or Modify Tools T1562.001 Ghost actors disable antivirus products.
    Hidden Window T1564.003 Ghost actors use PowerShell to conceal malicious content within legitimate appearing command windows.
    Table 9: Credential Access
    Technique Title  ID Use
    OS Credential Dumping T1003 Ghost actors use Mimikatz and the Cobalt Strike “hashdump” command to collect passwords and password hashes.
    Table 10: Discovery
    Technique Title  ID Use
    Remote System Discovery T1018 Ghost actors use tools like Ladon 911 and ShapNBTScan for remote systems discovery.
    Process Discovery T1057 Ghost actors run a ps command to list running processes on an infected device.
    Domain Account Discovery T1087.002 Ghost actors run commands such as net group “Domain Admins” /domain to discover a list of domain administrator accounts.
    Network Share Discovery T1135 Ghost actors use various tools for network share discovery for the purpose of host enumeration.
    Software Discovery T1518 Ghost actors use their access to determine which antivirus software is running.
    Security Software Discovery T1518.001 Ghost actors run Cobalt Strike to enumerate running antivirus software.
    Table 11: Exfiltration
    Technique Title  ID Use
    Exfiltration Over C2 Channel T1041 Ghost actors use both web shells and Cobalt Strike to exfiltrate limited data.
    Exfiltration to Cloud Storage T1567.002 Ghost actors sometimes use legitimate cloud storage providers such as Mega.nz for malicious exfiltration operations.
    Table 12: Command and Control
    Technique Title  ID Use
    Web Protocols T1071.001 Ghost actors use Cobalt Strike Beacon malware and Cobalt Strike Team Servers which communicate over HTTP and HTTPS.
    Ingress Tool Transfer T1105 Ghost actors use Cobalt Strike Beacon malware to deliver ransomware payloads to victim servers.
    Standard Encoding T1132.001 Ghost actors use PowerShell commands to encode network traffic which reduces their likelihood of being detected during lateral movement.
    Encrypted Channel T1573 Ghost actors use encrypted email platforms to facilitate communications. 
    Table 13: Impact
    Technique Title  ID Use
    Data Encrypted for Impact T1486 Ghost actors use ransomware variants Cring.exe, Ghost.exe, ElysiumO.exe, and Locker.exe to encrypt victim files for ransom.
    Inhibit System Recovery T1490 Ghost actors delete volume shadow copies.

    Mitigations

    The FBI, CISA, and MS-ISAC recommend organizations reference their #StopRansomware Guide and implement the mitigations below to improve cybersecurity posture on the basis of the Ghost ransomware activity. These mitigations align with the Cross-Sector Cybersecurity Performance Goals (CPGs) developed by CISA and the National Institute of Standards and Technology (NIST). The CPGs provide a minimum set of practices and protections that CISA and NIST recommend all organizations implement. CISA and NIST based the CPGs on existing cybersecurity frameworks and guidance to protect against the most common and impactful threats, tactics, techniques, and procedures. Visit CISA’s CPGs webpage for more information on the CPGs, including additional recommended baseline protections.

    • Maintain regular system backups that are known-good and stored offline or are segmented from source systems [CPG 2.R]. Ghost ransomware victims whose backups were unaffected by the ransomware attack were often able to restore operations without needing to contact Ghost actors or pay a ransom.
    • Patch known vulnerabilities by applying timely security updates to operating systems, software, and firmware within a risk-informed timeframe [CPG 1.E].
    • Segment networks to restrict lateral movement from initial infected devices and other devices in the same organization [CPG 2.F].
    • Require Phishing-Resistant MFA for access to all privileged accounts and email services accounts.
    • Train users to recognize phishing attempts.
    • Monitor for unauthorized use of PowerShell. Ghost actors leverage PowerShell for malicious purposes, although it is often a helpful tool that is used by administrators and defenders to manage system resources. For more information, visit NSA and CISA’s joint guidance on PowerShell best practices.
      • Implement the principle of least privilege when granting permissions so that employees who require access to PowerShell are aligned with organizational business requirements.
    • Implement allowlisting for applications, scripts, and network traffic to prevent unauthorized execution and access [CPG 3.A].
    • Identify, alert on, and investigate abnormal network activity. Ransomware activity generates unusual network traffic across all phases of the attack chain. This includes running scans to discover other network connected devices, running commands to list, add, or alter administrator accounts, using PowerShell to download and execute remote programs, and running scripts not usually seen on a network. Organizations that can successfully identify and investigate this activity are better able to interrupt malicious activity before ransomware is executed [CPG 3.A].
      • Ghost actors run a significant number of commands, scripts, and programs that IT administrators would have no legitimate reason for running. Victims who have identified and responded to this unusual behavior have successfully prevented Ghost ransomware attacks.
    • Limit exposure of services by disabling unused ports such as, RDP 3398, FTP 21, and SMB 445, and restricting access to essential services through securely configured VPNs or firewalls.
    • Enhance email security by implementing advanced filtering, blocking malicious attachments, and enabling DMARC, DKIM, and SPF to prevent spoofing [CPG 2.M].

    Validate Security Controls

    In addition to applying mitigations, the FBI, CISA, and MS-ISAC recommend exercising, testing, and validating your organization’s security program against the threat behaviors mapped to the MITRE ATT&CK for Enterprise framework in this advisory.

    To get started:

    1. Select an ATT&CK technique described in this advisory (see Table 3 to Table 13).
    2. Align your security technologies against the technique.
    3. Test your technologies against the technique.
    4. Analyze your detection and prevention technologies’ performance.
    5. Repeat the process for all security technologies to obtain a set of comprehensive performance data.
    6. Tune your security program, including people, processes, and technologies, based on the data generated by this process.

    Reporting

    Your organization has no obligation to respond or provide information back to the FBI in response to this joint advisory. If, after reviewing the information provided, your organization decides to provide information to the FBI, reporting must be consistent with applicable state and federal laws.

    The FBI is interested in any information that can be shared, to include logs showing communication to and from foreign IP addresses, a sample ransom note, communications with threat actors, Bitcoin wallet information, and/or decryptor files.

    Additional details of interest include a targeted company point of contact, status and scope of infection, estimated loss, operational impact, date of infection, date detected, initial attack vector, and host and network-based indicators.

    The FBI, CISA, and MS-ISAC do not encourage paying ransom as payment does not guarantee victim files will be recovered. Furthermore, payment may also embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or fund illicit activities. Regardless of whether you or your organization have decided to pay the ransom, the FBI and CISA urge you to promptly report ransomware incidents to FBI’s Internet Crime Complain Center (IC3), a local FBI Field Office, or CISA via the agency’s Incident Reporting System or its 24/7 Operations Center (report@cisa.gov) or by calling 1-844-Say-CISA (1-844-729-2472).

    Disclaimer

    The information in this report is being provided “as is” for informational purposes only. The FBI, CISA, and MS-ISAC do not endorse any commercial entity, product, company, or service, including any entities, products, or services linked within this document. Any reference to specific commercial entities, products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoring by the FBI, CISA, and the MS-ISAC.

    Version History

    February 19, 2025: Initial version.

    MIL Security OSI

  • MIL-OSI Security: Anchorage Man Sentenced to Over 11 Years for Attempting to Coerce a Minor

    Source: Federal Bureau of Investigation (FBI) State Crime Alerts (b)

    ANCHORAGE, Alaska – An Anchorage man was sentenced today to over 11 years in prison and will serve the rest of his life on supervised release for attempting to coerce and entice a minor in 2023.

    According to court documents, in early July 2023, Benjamin Roundy, aka “Aleks” or “Alekzander Marko,” 43, responded to a public group chat post on an internet-based app by an individual who identified herself as a 13-year-old living in Anchorage. The group chat post was actually made by an undercover agent.

    Court documents explain that Roundy communicated with the undercover agent for nearly a month, first on the app and then via text message, and he initiated sexual conversations. Roundy discussed sexual acts he wanted to perform on the individual, who be believed to be a child, and made repeated requests for explicit photos of her.

    On Aug. 4, 2023, Roundy asked the undercover agent to meet in person at the parking lot of a grocery store in Anchorage. The undercover agent told Roundy she was going to walk home from a friend’s house, and Roundy asked what street the friend lived on. Shortly after learning the fictional address of the friend, the defendant left his home to meet the undercover agent, who he thought was a minor.

    Court documents further explain that Roundy texted the undercover agent instructions on where to meet him. When he received no response to his instructions, Roundy drove to a parking lot where he could see the street of the fictitious friend. Law enforcement arrested Roundy in the parking lot shortly thereafter and discovered a new bottle of personal lubricant and condoms in his vehicle.

    The investigation revealed thousands of images and videos depicting child sexual abuse on Roundy’s electronic devices and data detailing his online presence, which included searches for child sexual abuse materials (CSAM) and related terms.

    On April 25, 2024, Roundy pleaded guilty to one count of attempted coercion and enticement of a minor.

    “Mr. Roundy’s conduct was heinous, as he tried to meet with who he believed was an underage girl in Anchorage to engage in sex, sought explicit images of the child, and obtained graphic images and videos depicting the sexual abuse of other minors for years,” said First Assistant U.S Attorney Kathryn R. Vogel for the District of Alaska. “Our office’s commitment to safeguarding Alaska’s children from those who seek to exploit their innocence is unwavering. We will relentlessly pursue justice by working with law enforcement to identify, investigate and hold accountable anyone who targets children.”

    “The defendant posed a significant threat to children in Alaska and abroad, as demonstrated by his disturbing pattern of conduct involving child exploitation,” said Special Agent in Charge Rebecca Day of the FBI Anchorage Field Office. “Even in the darkest corners of the Internet, the FBI’s Child Exploitation and Human Trafficking Task Force will find a way to seek justice for our most vulnerable.”

    The FBI and Anchorage Police Department investigated this case as part of the FBI’s Child Exploitation and Human Trafficking Task Force.

    Assistant U.S. Attorney Adam Alexander of the District of Alaska and Trial Attorney Rachel L. Rothberg of the Criminal Division’s Child Exploitation and Obscenity Section (CEOS) prosecuted the case.

    This case was brought as part of Project Safe Childhood, a nationwide initiative to combat the growing epidemic of child sexual exploitation and abuse launched in May 2006 by the Department of Justice. Led by U.S. Attorneys’ Offices and CEOS, Project Safe Childhood marshals federal, state, and local resources to better locate, apprehend and prosecute individuals who exploit children via the Internet, as well as to identify and rescue victims. For more information about Project Safe Childhood, please visit https://www.justice.gov/psc.

    ###

    MIL Security OSI

  • MIL-OSI Global: Censorship, abortion and the ‘threat within’: what a free speech expert thinks of J.D. Vance’s remarks to Europe

    Source: The Conversation – UK – By Eric Heinze, Professor of Law, Queen Mary University of London

    Donald Trump is famous for his attacks on journalists and the media. He has banned critical reporters from official events, threatened them with lawsuits, and branded mainstream outlets the “enemy of the people”. Since last year, the US has dropped ten notches on the World Press Freedom Index. Now in 55th place, the country trails far behind many European and other democracies.

    It is ironic, then, that vice president J.D. Vance dashed to the Munich Security Conference last week to scold Europeans for their supposed failings on free speech and democracy.

    Speaking to European leaders, Vance fretted: “The threat that I worry the most about vis-à-vis Europe is not Russia, it’s not China, it’s not any other external actor.” Rather, it is “the threat from within”. This rehashing of tropes about “the enemy within” forms part of a Trumpist vocabulary borrowed from the most sinister 20th century autocracies.

    One of Vance’s key claims for the decline of free speech in Europe left many UK observers dumbfounded. He rebuked the Scottish government for sending out letters in October 2024 cautioning citizens that, in his words, “even private prayer within their own homes may amount to breaking the law”.

    Vance was referring to Scotland’s Safe Access Zones Act, which prohibits protesters from gathering within 200 metres of clinics that perform abortions. Yet his accusation teaches volumes about Trumpism. To call it distorted would be diplomatic: it is a bold-faced lie. The Scottish government has confirmed that letters sent to residents near safe access zones did not instruct people to stop praying in the privacy of their homes.

    However, the letters did advise against conduct such as displaying anti-abortion posters or banners, or protesting on their property in ways that might be seen or heard within proximity of the clinics, or might encourage such activity in those areas.

    The Scottish law echoes similar laws in other democracies, including several US states. Yes, the right to protest is essential to democratic societies, but these societies have always accepted that protesters must not harass or threaten citizens going about their everyday business, let alone when seeking essential services such as medical appointments.

    Admittedly, “buffer zones” around abortion clinics cannot and need not extend so far as to impede protesters’ freedoms of expression, so a debate about the precise reach of the Scottish law can and should take place. However, as observed in England and Wales, zones have not generally been drawn with excessively broad perimeters.

    Clearly, Vance’s eyes were more fixed on his own future presidential bid, playing more to religious fundamentalists back home than to anyone who might seriously care about free expression. His 18-minute speech invoked God three times, and “prayer” nine times, while saying nothing about the main issue for which delegates had gathered: Russia’s unprovoked onslaught on Ukraine.

    Curiously, Vance whispered not a word of criticism about UK government crackdowns on the kinds of protests that, in the US, Trump most fears, such as protests against specific government policies and practices.

    I should not have to point out that anti-abortionists in Scotland remain entirely free to proclaim their opinions, in public and in print, alongside countless other types of political expression. Such expression has long been recognised as protected under UK law, and enshrined in the Human Rights Act.

    The only impact of Scotland’s new law is to prevent residents living within 200 metres of such clinics from displaying placards or holding events that would target women visiting such facilities. Admittedly, someone “only standing and praying” nearby a clinic may present a borderline case – but well within bounds that can be assessed through our democratic processes, the very processes that Trump loyalists increasingly disdain.

    We can debate the rights and wrongs of the Scottish law, but any suggestion that it seriously abridges free speech – when compared to the kinds of incursions Trump himself wages – would be farcical.

    Admittedly, while Scotland rightly protects its medical facilities, some people will ask whether a law can legitimately reach so far as to regulate the opinions that people wish to display in their windows and gardens. In recent years, many UK homes have flown Ukrainian or Palestinian flags from their homes, which some neighbours may find inappropriate. Yet British law protects their rights to do so.

    Clearly then, we can have meaningful debates about how far free expression in the home extends, but nothing in what Trump officials have said or done on their home turf suggests that this is their real concern.

    Free speech in retreat?

    As it happens, Vance was not totally wrong when he mused: “In Britain and across Europe, free speech, I fear, is in retreat.” For years, Hungarians have faced relentless attacks on free speech under Viktor Orbán – the autocrat whom Trump followers, including Vance himself, have so often praised.

    On several occasions in The Conversation and elsewhere, I have advocated free speech and I have every intention to continue doing so. I am also willing to concede that, despite Trump’s compulsive attacks on free speech, his supporters have raised some valid concerns about the stifling of opinion on the left.

    Abortion exemplifies the type of issue that sparks widespread ethical controversies. Any democracy must ensure that speakers on all sides have safe means of expressing their views in the public arena. Everyone in today’s democracies could use a few lessons in free speech – and the Trump team tops the list.

    Eric Heinze has received past funding from the European Union.

    ref. Censorship, abortion and the ‘threat within’: what a free speech expert thinks of J.D. Vance’s remarks to Europe – https://theconversation.com/censorship-abortion-and-the-threat-within-what-a-free-speech-expert-thinks-of-j-d-vances-remarks-to-europe-250188

    MIL OSI – Global Reports

  • MIL-OSI Security: St. John’s — RCMP NL thanks snow plow operators for successful rescue of stranded motorists on TCH during recent winter storm

    Source: Royal Canadian Mounted Police

    Snow plow operators went above and beyond to rescue two motorists who recently found themselves stuck on the Trans-Canada Highway in severe weather on February 17, 2025.

    On Monday morning, the Wreckhouse area, north of Port aux Basques, experienced extremely poor winter driving conditions with snow and high winds with gusts of up to 150 km/h. During this time, Channel-Port aux Basques RCMP received separate reports of two motorists who were stranded on the highway, due to these adverse weather conditions.

    After becoming stuck, one motorist opened the door of the vehicle which blew off with the wind. The vehicle, with three occupants inside, was at risk of blowing over an embankment. Another motorist founds themselves stuck partially off of the highway in white out conditions.

    With severely poor road conditions, police and other first responders were unable to travel on the TCH. Snow plow operators with the provincial department of Transportation and Infrastructure, based out of Doyles and Port aux Basques, located the stranded motorists and brought them to safety.

    RCMP NL thanks the involved snow plow operators for going above and beyond to potentially save the lives of those stranded.

    Those heading out on the highways at this time of year are encouraged to follow RCMP NL’s social media accounts, including Facebook and X, for updates on road closures or condition. Additionally, prior to travel, motorists are encouraged to familiarize themselves with alerts and forecasts issued by various meteorologists or agencies, including Environment Canada. Motorists who choose to drive during poor road conditions may find themselves stuck for a number of hours, as emergency personnel may be unable to respond.

    MIL Security OSI

  • MIL-OSI Security: Twenty Years Later, FBI Continues to Pursue Information on the Disappearance of Danielle Imbo and Richard Petrone, Jr.

    Source: Federal Bureau of Investigation FBI Crime News (b)

    The FBI continues to seek the public’s assistance as we investigate the disappearance of Danielle (Ottobre) Imbo and Richard Petrone, Jr., 20 years ago today.

    Imbo and Petrone were last seen in the late evening hours of Saturday, February 19, 2005, leaving a bar on Philadelphia’s South Street for Petrone’s black 2001 Dodge Dakota pickup truck with the license plate YFH 2319.

    An extensive investigation to date has generated some promising leads; however, neither they nor the vehicle have ever been located.

    Danielle was last seen wearing a dark colored jacket, cream colored sweater, and blue jeans and carrying a two-handle black purse at the time of her disappearance. She has worked as a loan mortgage processor.

    Richard was last seen wearing a gray Polo brand sweatshirt and blue jeans. He has a tattoo of the word “Angela” on his left arm and a tattoo of clowns on his right arm.

    “Today marks a somber 20 years since this tragic disappearance and their case exemplifies that the passage of time does not diminish our pursuit of justice,” said Wayne A. Jacobs, Special Agent in Charge of FBI Philadelphia. “Our office remains unwavering in seeking justice for Danielle and Richard, their loved ones, and our city.”

    The FBI is offering a reward of up to $15,000 for information leading to the arrest and conviction of anyone involved in the disappearance of Richard Petrone and Danielle Imbo.

    If you have any information concerning this person, please contact your local FBI office or the nearest American Embassy or Consulate.

    FBI Philadelphia can be reached at (215) 418-4000.

    MIL Security OSI

  • MIL-OSI Global: Bolsonaro’s indictment over alleged coup plot signals shift in Brazil’s approach to political accountability

    Source: The Conversation – UK – By Felipe Tirado, PhD Candidate in Law, King’s College London

    Brazil’s top prosecutor has filed federal charges against Jair Bolsonaro, alleging that the former president attempted a coup in 2023. Focus Pix / Shutterstock

    The Brazilian attorney-general has charged the country’s former president, Jair Bolsonaro, with participating in a plot to cling to power through a coup d’etat in 2022. If Bolsonaro is convicted, he could spend between 38 and 43 years in prison.

    Bolsonaro, who governed Brazil between 2019 and 2022 but lost his attempt at re-election to current president Luiz Inácio “Lula” da Silva, is one of 34 people to be formally charged for offences related to the alleged coup. These include high-ranking serving and retired members of the military, as well as former ministers and politicians.

    The charges levelled against them are involvement in an attempted coup d’etat, violent abolition of the democratic rule of law, and criminal organisation.

    According to the attorney-general’s 272-page indictment, Bolsonaro became increasingly inclined to pursue anti-democratic measures in the months before the election. He allegedly considered taking steps to retain power even before the first round of voting.

    Then, after his defeat by an extremely narrow margin, the indictment claims that Bolsonaro and his alleged accomplices decided to implement the plan before Lula took office in January 2023.

    An investigation by Brazil’s federal police in November found that the insurrection in the country’s capital Brasília on January 8 2023, where rioters invaded the presidential palace, congress and supreme court, was part of this plan. The same investigation suggested the plan also included a plot to assassinate Lula and his vice-president Geraldo Alckmin, as well as supreme court judge Alexandre de Moraes.

    Bolsonaro denies any wrongdoing and – at least in public – is bullish about his fate. Speaking to journalists hours before the charges were filed, he said: “I have no concerns about the accusations, zero.”

    The case will now be considered by the Supreme Court, whose judges will decide whether to initiate criminal proceedings against Bolsonaro and the other defendants. This is expected to happen over the coming weeks. If the judges accept the charges and proceedings are established, the defendants will be called to answer them.

    This is the first time in Brazilian history that high-ranking members of the armed forces have been indicted and charged with crimes associated with a coup d’etat. According to the indictment, the intention was for the armed forces to be called upon to act as a “moderating power”, with the aim of overturning the election result.

    Army generals Augusto Heleno, Walter Braga Netto and Paulo Sérgio Nogueira de Oliveira are among those who have been charged. These men served as ministers in the Bolsonaro government, with Braga Netto also running as the vice-president on Bolsonaro’s ticket in 2022.

    Another high-ranking member of the armed forces charged by the attorney-general is Almir Garnier Santos, the commander of the Brazilian navy. These four men were allegedly part of the inner nuclei that planned and prepared the attempted coup.

    Several other servicemen, including generals, colonels and other officers, were charged with crimes related to the planning and execution of the initial phases of the coup. The sentences for all of these men could amount to up to 30 years in prison.

    Like Bolsonaro, Braga Netto denies any guilt. In a statement released on February 18, his lawyers called the charges a “fantasy”. Lawyers for Garnier Santos and Heleno have chosen not to comment until having fully reviewed the charges.

    Unlike those in the military, some of the political figures charged by the attorney general had criminal antecedents. One of the politicians named in the indictment is Filipe Martins, Bolsonaro’s former international affairs adviser and a “disciple” of the deceased far-right polemicist, Olavo de Carvalho. Martins’ lawyers released a statement on February 18 calling the accusations “unfounded”.

    In December 2024, Martins was convicted of making a gesture alluding to white supremacy during a virtual session of the senate. He initially received a sentence of two years and four months in prison for inciting racial prejudice, which was replaced by 850 hours of community service.

    Far-right commentator Paulo Figueiredo Filho, the grandson of Brazil’s last military dictator, João Figueiredo, was also charged. He appeared on a podcast on February 19 to criticise the charge. Figueiredo lives in the US, where he was arrested in 2019 because of problems with his immigration status.

    Lessons from and to Brazil

    Brazil has already offered some lessons to other countries facing similar authoritarian challenges. Its response to the insurrection in Brasília was swift and robust. Within days, hundreds of rioters had been arrested and the state governor of the federal district was suspended for his sluggish response.

    Then, in 2023, Bolsonaro was banned from running for office for eight years over false claims that the electronic ballots used in the previous year’s election were vulnerable to hacking and fraud. Those involved with the attempted military coup have also been investigated and some subsequently arrested.

    But the coup plot case can also serve as a lesson to the country. Brazil has a history both of successful and unsuccessful military coups. The last successful military coup led to a dictatorship that lasted from 1964 until 1985.

    Brazil also has a history of amnesties, whereby crimes committed during these coups and authoritarian regimes have been pardoned. There have been 48 amnesties in Brazil since 1889, with the most recent one, in 1979, allowing the dictatorship to self-amnesty its crimes.

    For over 45 years, this amnesty hindered criminal accountability for the perpetrators of crimes. This included the murder of politician Rubens Paiva, whose disappearance was the focus of the 2024 Oscar-nominated film, I’m Still Here. The amnesty was declared void by the Inter-American Court of Human Rights in 2011.

    Bolsonaro and other individuals charged, as well as their supporters and aligned politicians, have been demanding a “humanitarian amnesty” for those who allegedly participated in the coup plot.

    Given Bolsonaro’s history, this seems paradoxical. Throughout his decades-long public career, Bolsonaro has consistently celebrated the crimes of the military dictatorship and supported violations of human rights. At the same time, he has also opposed individuals and organisations that advocate for victims of the dictatorship.

    If Bolsonaro and his alleged accomplices are found guilty, it could be an unparalleled lesson for Brazil. Punishing anyone convicted would be an opportunity to step away from the country’s tradition of impunity and move towards addressing systemic injustices.

    Felipe Tirado receives funding from the Centre for Doctoral Studies – King’s College London.

    ref. Bolsonaro’s indictment over alleged coup plot signals shift in Brazil’s approach to political accountability – https://theconversation.com/bolsonaros-indictment-over-alleged-coup-plot-signals-shift-in-brazils-approach-to-political-accountability-250300

    MIL OSI – Global Reports

  • MIL-OSI USA: Subsidiary of Chinese State-Owned Entity to Pay $14.2M to Resolve False Claims Act Allegations Relating to Paycheck Protection Program Loan

    Source: US State of North Dakota

    YAPP USA Automotive Systems Inc., a corporation with its principal place of business in Michigan, has agreed to pay $14,208,496 to resolve allegations that it violated the False Claims Act by submitting false claims to obtain a Paycheck Protection Program (PPP) loan for which it was not eligible.

    Congress created the PPP in March 2020 to provide emergency financial assistance to Americans suffering from the economic effects of the COVID-19 pandemic. Under the PPP, eligible businesses could receive forgivable loans guaranteed by the Small Business Administration (SBA). Regulations provide various eligibility requirements for the PPP, including limitations on the number of employees and exclusions for certain types of businesses, like those that are owned by government entities. In their loan applications, borrowers were required to certify that they were eligible for the PPP and that the information they provided was accurate.

    YAPP USA’s ultimate parent company is State Development and Investment Corp. Ltd, a company owned and controlled by the People’s Republic of China. Through common ownership and management, YAPP USA is affiliated with dozens of other companies worldwide. In applying for a first-draw PPP loan, YAPP USA represented that it was eligible for the PPP, and it received a first-draw PPP loan in the amount of $9,598,462, which the SBA later forgave. The United States alleged that YAPP USA was not eligible under the SBA rules for a PPP loan because YAPP USA, singly and together with its affiliates, employed more individuals than permitted by SBA’s size standard for its industry. The United States also contended that YAPP USA was not eligible because it is owned by a government entity. YAPP USA will pay $14,208,496 to the United States to resolve these allegations.

    YAPP USA cooperated with the United States’ investigation by identifying individuals involved in or responsible for the conduct and disclosing facts and documents gathered during YAPP USA’s own investigation. As a result, YAPP USA received credit under the department’s guidelines for taking disclosure, cooperation and remediation into account in False Claims Act cases.

    “PPP loans were intended to help small businesses in the United States,” said Deputy Assistant Attorney General Michael D. Granston of the Justice Department’s Civil Division. “The Department remains committed to pursuing those who violated the requirements of this taxpayer funded program.”

    “Congress and the SBA designed the PPP to help small businesses and their employees during the pandemic, not large companies owned by foreign governments,” said Acting U.S. Attorney Richard G. Frohling for the Eastern District of Wisconsin. “This settlement demonstrates that our office will continue to hold accountable those businesses and individuals who abused this vital program.”

    “The favorable settlement in this case is the product of enhanced efforts by federal agencies such as the SBA working with the Department of Justice, SBA’s Office of Inspector General, and other Federal law enforcement agencies, as well as private individuals who uncover fraudulent conduct to recover the product of this fraud as well as penalties,” said SBA General Counsel Wendell Davis.

    The civil settlement includes the resolution of claims brought under the qui tam or whistleblower provisions of the False Claims Act, which permit private parties to file an action on behalf of the United States and receive a portion of any recovery. The qui tam lawsuit was filed by GNGH2 Inc; GNGH2 Inc. will receive $1,420,849 in connection with this settlement.

    The resolution obtained in this matter was the result of a coordinated effort between the Justice Department’s Civil Division, Commercial Litigation Branch, Fraud Section, and the U.S. Attorney’s Office for the Eastern District of Wisconsin, with assistance from the SBA’s Office of General Counsel and Office of the Inspector General.

    Trial Attorney Lindsey Roberts of the Justice Department’s Civil Division and Assistant U.S. Attorney Michael Carter for the Eastern District of Wisconsin handled the matter, with assistance from Christopher J. McClintock of the SBA.

    The claims resolved by the settlement are allegations only. There has been no determination of liability.

    MIL OSI USA News

  • MIL-OSI Security: Fifty-Two-Month Prison Sentence for a D.C. Convicted Felon Who Traveled to the Jersey Shore to Rob an Overnight Pharmacy

    Source: Federal Bureau of Investigation (FBI) State Crime News

               WASHINGTON – Ashawntea Henderson, 32, of Washington, D.C., was sentenced today in U.S. District Court in Washington D.C. to 52 months in federal prison for participating in an early morning robbery of a drug store at the Jersey Shore. During the May 2020 robbery, he and his co-conspirators jumped the counter, overpowered the night pharmacist, stole thousands of prescription narcotics, and then – as they attempted to flee to the District – crashed into a responding police cruiser.

               The sentencing was announced U.S. Attorney Edward R. Martin, FBI Special Agent in Charge Sean Ryan of the Washington Field Office Criminal and Cyber Division, and FBI Special Agent in Charge Terence Reilly of the Newark Field Office.

                Henderson pleaded guilty on October 30, 2024, to interference of commerce by robbery (Hobbs Act robbery). In addition to the 52-month prison sentence, Judge Amy Berman Jackson ordered Henderson to serve three years of supervised release.

    According to court documents, Henderson and his co-conspirators researched potential targets including Walgreens and CVS pharmacies which were open all night. On May 9, 2020, Henderson and others drove more than 200 miles from Washington, D.C. to a Walgreens Pharmacy on State Road 33, in Neptune, New Jersey.

    At 3:09 a.m., Henderson and two others dressed in masks and gloves entered the Walgreens. All three jumped over the pharmacy counter and demanded codeine, Adderall, and Percocet. One of the co-conspirators grabbed the night pharmacist, demanded that he open the locked cabinets containing additional pills, and forced the pharmacist to assist them. After grabbing thousands of prescription medicines – including Oxycodone, morphine, amphetamine, and Nucynta – Henderson and the two co-conspirators fled in a black Nissan Altima operated by a fourth co-conspirator. At one point, the Nissan collided with a responding police officer’s patrol car but continued at high speed back to Washington D.C.

    After returning to the District, as they celebrated at a hotel, one of the co-conspirators received a text from a known drug distributor asking the price for a drug of the same type stolen from Neptune, New Jersey. The co-conspirator and the drug distributor continued to exchange texts about the sale of drugs for the following weeks.

               Henderson is currently serving a five-year prison sentence in Maryland in connection with his 2022 possession of a firearm. 

               The case was investigated by the FBI Washington Field Office’s Violent Crimes Task Force and the Neptune Township Police Department. The matter is being prosecuted by AUSAs Justin Song, Sarah Martin and Cameron Tepfer.

    23cr190

    MIL Security OSI

  • MIL-OSI Security: UPDATE: Detectives name man killed in Hackney stabbing

    Source: United Kingdom London Metropolitan Police

    The victim of a fatal stabbing in Hackney has been named as 20-year-old Jason Junior Romeo.

    Police were called to reports of an altercation in Bodney Road, E5 at 17:59hrs on Tuesday, 18 February. Officers and the London Ambulance Service worked to treat Jason at the scene but he sadly died as a result of a stab wound.

    Two men in their 20s have been arrested and remain in police custody.

    Detective Superintendent Kelly Allen, leading the investigation in Hackney, said: “Jason had his whole life ahead of him but this senseless attack has taken that from both him and his loved ones. Our continued thoughts go out to his family, who are being supported by specialist officers.

    “If anyone saw this incident, or was nearby, please do share that information with officers. We are especially interested in any footage from the surrounding area.”

    The public can contact the police via 101 or contact Crimestoppers anonymously on 0800 555 111 with any information, reference CAD 5635/18Feb.

    A crime scene will remain in place until the forensic investigation has concluded.

    Detective Chief Superintendent James Conway, who leads policing in Hackney and Tower Hamlets, said: “It is absolutely devastating for Jason’s family and extremely distressing for our communities that another young life has been taken away as a consequence of knife crime. We continue to work closely with our local community partners and Hackney Council to tackle the causes and effects of knife crime.

    “I repeat an appeal I have sadly had to make too frequently. If any young person feels they need to carry a knife please speak to a parent, carer, teacher, youth leader or adult you trust and we can get you the support to step back from that decision safely.

    “I will have additional uniformed and plain clothed officers working in the area as a consequence of this tragic event. While the investigation continues to work to understand the motive for this attack, we will work tirelessly to reduce the risk of any further violence.”

    MIL Security OSI

  • MIL-OSI Security: Subsidiary of Chinese State-Owned Entity to Pay $14.2M to Resolve False Claims Act Allegations Relating to Paycheck Protection Program Loan

    Source: United States Attorneys General

    YAPP USA Automotive Systems Inc., a corporation with its principal place of business in Michigan, has agreed to pay $14,208,496 to resolve allegations that it violated the False Claims Act by submitting false claims to obtain a Paycheck Protection Program (PPP) loan for which it was not eligible.

    Congress created the PPP in March 2020 to provide emergency financial assistance to Americans suffering from the economic effects of the COVID-19 pandemic. Under the PPP, eligible businesses could receive forgivable loans guaranteed by the Small Business Administration (SBA). Regulations provide various eligibility requirements for the PPP, including limitations on the number of employees and exclusions for certain types of businesses, like those that are owned by government entities. In their loan applications, borrowers were required to certify that they were eligible for the PPP and that the information they provided was accurate.

    YAPP USA’s ultimate parent company is State Development and Investment Corp. Ltd, a company owned and controlled by the People’s Republic of China. Through common ownership and management, YAPP USA is affiliated with dozens of other companies worldwide. In applying for a first-draw PPP loan, YAPP USA represented that it was eligible for the PPP, and it received a first-draw PPP loan in the amount of $9,598,462, which the SBA later forgave. The United States alleged that YAPP USA was not eligible under the SBA rules for a PPP loan because YAPP USA, singly and together with its affiliates, employed more individuals than permitted by SBA’s size standard for its industry. The United States also contended that YAPP USA was not eligible because it is owned by a government entity. YAPP USA will pay $14,208,496 to the United States to resolve these allegations.

    YAPP USA cooperated with the United States’ investigation by identifying individuals involved in or responsible for the conduct and disclosing facts and documents gathered during YAPP USA’s own investigation. As a result, YAPP USA received credit under the department’s guidelines for taking disclosure, cooperation and remediation into account in False Claims Act cases.

    “PPP loans were intended to help small businesses in the United States,” said Deputy Assistant Attorney General Michael D. Granston of the Justice Department’s Civil Division. “The Department remains committed to pursuing those who violated the requirements of this taxpayer funded program.”

    “Congress and the SBA designed the PPP to help small businesses and their employees during the pandemic, not large companies owned by foreign governments,” said Acting U.S. Attorney Richard G. Frohling for the Eastern District of Wisconsin. “This settlement demonstrates that our office will continue to hold accountable those businesses and individuals who abused this vital program.”

    “The favorable settlement in this case is the product of enhanced efforts by federal agencies such as the SBA working with the Department of Justice, SBA’s Office of Inspector General, and other Federal law enforcement agencies, as well as private individuals who uncover fraudulent conduct to recover the product of this fraud as well as penalties,” said SBA General Counsel Wendell Davis.

    The civil settlement includes the resolution of claims brought under the qui tam or whistleblower provisions of the False Claims Act, which permit private parties to file an action on behalf of the United States and receive a portion of any recovery. The qui tam lawsuit was filed by GNGH2 Inc; GNGH2 Inc. will receive $1,420,849 in connection with this settlement.

    The resolution obtained in this matter was the result of a coordinated effort between the Justice Department’s Civil Division, Commercial Litigation Branch, Fraud Section, and the U.S. Attorney’s Office for the Eastern District of Wisconsin, with assistance from the SBA’s Office of General Counsel and Office of the Inspector General.

    Trial Attorney Lindsey Roberts of the Justice Department’s Civil Division and Assistant U.S. Attorney Michael Carter for the Eastern District of Wisconsin handled the matter, with assistance from Christopher J. McClintock of the SBA.

    The claims resolved by the settlement are allegations only. There has been no determination of liability.

    MIL Security OSI

  • MIL-OSI USA: Senator Murray Presses VA Deputy Secretary Nominee on Mass Firings of VA Researchers, Holding Oracle Accountable to Get EHR Right for Veterans

    US Senate News:

    Source: United States Senator for Washington State Patty Murray
    ICYMI: Senator Murray: Trump Must Reverse Firing of VA Researchers Across the Country, Threatens to Decimate Lifesaving Work on Veterans’ Medical Care, Prosthetics, and More
    ICYMI: Murray, Colleagues Request Information on Elon Musk’s Access to VA Medical Records
    ***VIDEO of Murray’s Q&A at nomination hearing HERE**
    Washington, D.C. – Today at a Senate Veterans’ Affairs Committee hearing on Dr. Paul Lawrence’s nomination to be Deputy Secretary of the U.S. Department of Veterans Affairs (VA), U.S. Senator Patty Murray (D-WA), a senior member and former Chair of the Senate Veterans’ Affairs Committee, questioned Dr. Lawrence—who will oversee the Electronic Health Record (EHR) system—on what he will do differently to hold Oracle accountable and get the EHR system right for veterans in Washington state. Murray also pressed him on whether he supports the decision by Trump and Musk last week to fire en masse VA researchers in the middle of research on everything from burn pit exposure to mental health, opioid addiction, and preventing veteran suicide, among much else.
    “EHR started in 2018 under President Trump and in 2020, it deployed to two Washington state VA hospitals. Instead of helping to improve our veterans’ health care, the rollout ending up being a complete disaster, and it endangered veteran patients,” Murray said at today’s hearing. “Unfortunately, the system still is not working the way that the VA doctors and nurses need—and veterans are continuing  to suffer. Last month, the VA announced that it would be moving forward with pre-deployment activities at the next four sites for this Electronic Health Record.”
    “You will oversee the EHR program—so if confirmed, I want to know what you are going to do differently to hold Oracle accountable and to make sure we get this system right for our veterans?”
    Dr. Lawrence replied that he would aim to better understand why VA did not listen to employees earlier when they raised issued with the EHR system, and that he would work with the team Secretary Collins plans to convene with “everybody involved” to figure out the best path going forward for EHR. “If confirmed, I want to work on that and figure out what the plan should be in terms of holding everybody accountable for what’s supposed to take place, right, to get the most benefits as quickly as possible to our veterans within the amount of money we have,” Dr. Lawrence said.
    “Well let me make this very clear: we have heard that answer from every VA person that’s come before this committee for a number of years now,” Murray pushed back. “Everybody’s looked at it, everybody’s considered it, everybody’s talked about it, everybody’s convened panels. It is not working. So, I need your commitment that it’s not just—convene people and take a look at, but that you are going to make changes to it and demand changes, and get those fixed. Because we have spent, literally, millions and millions of dollars—and worse, veterans are still in jeopardy in their care, and doctors and nurses and VA facilities are really frustrated.”
    “I asked you a really important question: what are you going to do differently? The answer you gave me—I understand where you’re coming from—but it is the same one I’ve heard over and over,” Murray said.
    Dr. Lawrence responded that the Secretary conveyed a “strong sense of urgency that it should be done much sooner than later,” and that, in his previous tenure at VA as Under Secretary for Benefits, he dealt with technology problems around the GI Bill, appeals modernization, and other issues, and implemented technology: “I’ve actually done this, and so that’s the difference I will bring to this. And I understand the frustration, and I pledge to work as best, as hard as I can to get this done,” said Dr. Lawrence.
    “Well I don’t want to be sitting here again, two years from now, same conversation, new person,” Murray said.
    Murray continued her questioning by pressing Dr. Lawrence on Trump and Elon Musk’s unprecedented firings of VA researchers—last week the administration abruptly refused to honor researchers’ three-year “Not to Exceed” term limits (NTEs) by rolling them over as is standard. Instead, the Trump administration immediately dismissing researchers, including at VA Puget Sound, who were in the middle of research on topics including mental health, alcohol and opioid withdrawal, cancer treatments, burn pit exposure, prosthetics, diabetic ulcers, and so much else.
    “Last week, my office’s phones were ringing off the hook—as I assume a lot of people’s were—with really panicked calls from researchers at the VA. They had been laid off with ZERO justification, ZERO warning,” Murray said.
    “And in fact, up until then, the VA had assured them that they were protected from Trump and Musk’s mass firings. VA research shouldn’t be political. And firing VA researchers who are in the middle of a process to find life-saving treatment for veterans with conditions like PTSD, or opioid addiction, or cancer from toxic exposure is really cruel and wasteful. Some veterans are literally in the middle of receiving breakthrough treatment through these clinical trials. What will happen to them and their care when their lead researcher was just fired?”
    “Were you aware of the Trump Administration’s decision to fire these VA researchers?,” Murray asked.Dr. Lawrence responded that he was “not engaged” in anything at the Department now.
    “Do you support it?,” Murray pressed.Dr. Lawrence replied: “If confirmed, I will look into this to better understand what took place—I don’t have enough information to comment on that.”
    “So you won’t commit to restoring these VA researchers’ positions so they can continue that research on PTSD, and opioid addiction, and cancer that was caused by their exposure to toxic chemicals?” Murray pressed again.
    “If confirmed, I commit to looking in to understand what happened and why,” said Dr. Lawrence. “Well, I hope that’s not like every other answer we get from people that we are hearing from that they’ll look into it and no action is taken—you’ve just promised to look into it; this is critical,” said Senator Murray.
    “I understand,” said Dr. Lawrence.
    Senator Murray was the first woman to join the Senate Veterans’ Affairs Committee and the first woman to chair the Committee—as the daughter of a World War II veteran, supporting veterans and their families has always been an important priority for her. Senator Murray has fought throughout her career for increased benefits for veterans, housing assistance, better access to veterans’ clinics throughout Washington state, and more accountability from the VA.
    Senator Murray has spoken out forcefully against President Trump and Elon Musk’s mass firing of VA employees across the country. Just yesterday, Murray and her colleagues sent a letter to VA Secretary Doug Collins pressing him to protect veterans, their families, and VA staff from unprecedented access to sensitive information by Elon Musk and his “Department of Government Efficiency” (DOGE). Earlier this month, Senator Murray sounded the alarm over reports of DOGE at the VA and voted against Doug Collins’s nomination to be VA Secretary, making clear that the Trump administration’s lawlessness was putting our national security and our veterans at risk. Alongside 25 of her colleagues, Murray sent another letter earlier this month to Secretary Collins, demanding that he deny and sever Musk and DOGE’s access to any VA or other government system with information about veterans, and to delete any veterans’ information in their possession.
    Senator Murray has been conducting oversight on the flawed EHR rollout in Washington state since the Trump Administration first negotiated the contract with Cerner (later acquired by Oracle), and at every point in the process since then. Murray has consistently pushed VA on its failed implementation of EHR—conducting oversight, holding the administration accountable, and calling on VA to halt deployment of EHR until they get it right in Washington state. In March 2023, Murray introduced comprehensive legislation that would require VA to implement a series of EHR reforms to better serve veterans, medical personnel, and taxpayers. In the Fiscal Year 2024 funding bills, Senator Murray negotiated and passed as Chair of the Appropriations Committee stronger language to hold VA and Cerner accountable for the rollout of the EHR system, and in May 2024, she sent a letter urging VA to consider feedback on the system from providers and veterans in Spokane and Walla Walla and reiterating that VA must not move forward on the rollout of EHR until the myriad issues that have plagued the system in the locations where it has been launched are fixed.

    MIL OSI USA News

  • MIL-OSI Europe: AFRICA/SUDAN – Crisis between Sudan and Kenya after the signing in Nairobi of the constitutive act of an alternative Sudanese government

    Source: Agenzia Fides – MIL OSI

    Khartoum (Agenzia Fides) – A violation of “international law, the Charter of the United Nations, the Constitutive Act of the African Union and the Convention on the Prevention and Punishment of the Crime of Genocide.” This is how the Ministry of Foreign Affairs of the Sudanese government, led by General Abdel Fattah al Burhan, defined Kenya’s decision to welcome the “signing of a political agreement between the terrorist militia Janjaweed, responsible for the ongoing acts of genocide in Sudan, and its affiliated individuals and groups”.The document, called the “Political Charter for the Government of Peace and Unity,” promoted by the Rapid Support Forces (RSF) led by Mohamed Hamdan “Hemeti” Dagalo, together with other Sudanese political and military actors, effectively represents the creation of a parallel government to that led by Al Burhan from Port Sudan. The capital Khartoum is still disputed between the two adversaries, although the military of Al Burhan’s Sudanese Armed Forces (SAF) appears to have regained some important strategic points in the region in recent weeks.“Since the stated aim of this agreement is to establish a parallel government in part of Sudanese territory, this step promotes the fragmentation of African states, violates their sovereignty and interferes in their internal affairs,” the Sudanese Foreign Ministry said in a statement. “This is therefore a clear violation of the UN Charter, the founding act of the African Union and the established principles of the modern international order.” Meanwhile, the term “Janjaweed” used in the statement evokes sad memories, especially for people in Darfur, the RSF’s bastion. The Janjaweed were the militias allied with the Khartoum regime that bloodily suppressed the uprisings in this region of western Sudan in the early 2000s. The RSF is its evolution, which in turn has rebelled against the regular army over the years.According to the statement, by hosting the event, Kenya is also complicit in the crimes committed by the RSF (“genocide, ethnically motivated massacres of civilians, attacks on camps for displaced persons and rapes”).The formation of an alternative government is seen as an attempt by the RSF leader, Dagalo, to gain international legitimacy. Both the Sudanese army and the RSF are subject to international sanctions for war crimes and crimes against humanity committed in the conflict. However, Al Burhan’s government enjoys international recognition that Dagalo’s troops do not. Nairobi’s decision to host the event should be seen against the backdrop of the renewed relations of the Sudanese government with Russia and Iran. Russia, through the private military company Wagner, had initially supported the RSF and has now decided to support General Al Burhan, who in return has granted Moscow a military base on the Red Sea. Iran, which until 15 years ago had close military relations with the Al-Bashir regime, which were severed by the latter under pressure from the West and some Gulf countries, now sees a new window opened for the resumption of relations with the meeting of the two foreign ministers on February 17, during which Tehran stressed the importance of Sudan’s territorial integrity and the end of foreign interference in Sudan. (L.M.) (Agenzia Fides, 19/2/2025)
    Share:

    MIL OSI Europe News

  • MIL-OSI Europe: ASIA/MYANMAR – “I only kneel before God”: the last words of Father Martin Ye Naing Win

    Source: Agenzia Fides – MIL OSI

    Wednesday, 19 February 2025

    Archdiocese of Mandalay

    by Paolo AffatatoMandalay (Agenzia Fides) – When on the evening of February 14 a commando of ten armed men arrived at the rectory of the Church of Our Lady of Lourdes in the village of Kangyi Taw (in the Shwe Bo district of the Sagaing region), Father Donald Martin Ye Naing Win, a 44-year-old priest of the Archdiocese of Mandalay, fearlessly confronted the ten militiamen who threatened him. They had first threatened and silenced two women, teachers and parish workers, who were on the church premises and were helping the priest to organize classes for the children of the parish’s about 40 Catholic families. In the Sagaing region, affected by the clashes between the Burmese army and the resistance forces, the state system has collapsed, there are no public services and education is only guaranteed by spontaneous initiatives such as those of the parishes.It is the two women who were present at the events and are now in a protected place for security reasons who tell the details of the incident. Their testimony, which Fides has received, has already reached the Ministry of Justice of the National Unity Government (NUG) in exile, on which the People’s Defense Force (PDF) depends, which controls the territory in the so-called “liberated areas”, i.e. those taken from the control of the military junta by the opposition forces.The men who attacked Father Donald, the women reported, were in an an evident abnormal mental state, either due to alcohol or drugs. They came from the neighboring village. It is not clear why they attacked the priest with such violence, whom the leader ordered to kneel. Father Donald watched them and replied with the gentleness and inner peace that characterize him as a man and priest with an upright conscience: “I only kneel before God”. And then he continued quietly: “What can I do for you? Is there a matter we can discuss?”.One of the men responded to his words by striking him from behind with a dagger that was still in its sheath. However, with this weapon he accidentally hit the leader of the armed group. The leader, who was already in a state of drunkenness and rage, which was also due to Father Donald’s reaction, pulled out a knife and angrily attacked the priest, repeatedly stabbing him brutally in the body and neck. Father Donald did not utter a word or complain. He endured the senseless violence without reacting, like an innocent man, “like a lamb to the slaughter,” as the witnesses report. The other men stood by and watched the murder being carried out. The repeated blows to the throat almost severed the head from the body, which sank in a lake of blood. After the crime, the group of men left the scene.The women raised the alarm and called the villagers, who, in shock and tears, took the lifeless body with them. The soldiers of the People’s Defence Force were then alerted, who tracked down and arrested the attackers. The two women’s testimonies were recorded and sent to the Government of National Unity, which stressed in a statement that it was “deeply saddened by the murder of Father Donald Martin, a priest from Mandalay” and that it would “commit itself to punishing the alleged murderers according to the law”. “The People’s Defence Forces (PDF) of Shwebo district arrested ten suspects on the same day” and began the relevant investigations, the statement continued. “The accused belong to a local defence group,” the text said. “As it is known that they belong to the armed forces, the Government of National Unity and the Ministry of Defence will take legal action”, applying the law provided for the military. “The National Unity Government,” it concludes, “strongly condemns attacks on civilians, including religious leaders, by any organization.”As the Association for the Assistance of Political Prisoners (AAPP) explains, in the areas controlled by the resistance – which constitute a kind of “parallel state” – “there is no definitive legal framework to guide governance, administration and legislation.” In some liberated areas, “there is a judicial system with district judges who establish a procedure and, in some cases, apply their own legal framework.”On the other hand, in the current context, it is difficult to draft and implement completely new laws, so in many liberated areas, national laws are still applied. However, efforts are being made to selectively enforce laws that are “consistent with international human rights standards” enacted and amended by the army for Myanmar in recent years, with a focus on laws enacted by the country’s successive military juntas that “give the authorities excessive power and disproportionate punishments”. The AAPP points to the need for “comprehensive judicial reform” and a “fair and just system” in which no authority (judges, administrative bodies, local police officers and other armed groups), regardless of their status, “is above the law”.It is pointed out that, meanwhile, anyone accused of a crime must have the opportunity to defend themselves. Currently, in the liberated areas, a district judge has the power to impose the death penalty. If the accused is sentenced to death, he has de facto no right of appeal.(Agenzia Fides, 19/2/2025)
    Share:

    MIL OSI Europe News

  • MIL-OSI USA: ICE removes Salvadoran gang member who illegally entered US 3 times

    Source: US Immigration and Customs Enforcement

    HOUSTON — U.S. Immigration and Customs Enforcement, with assistance from the Security Alliance for Fugitive Enforcement Task Force, removed William Alexander Diaz Reyes, a 32-year-old foreign fugitive, from the United States Feb. 14. Diaz is wanted in El Salvador for aggravated terrorist organizations for his status as an active member of the 18th Street transnational gang.

    Diaz was flown from Alexandria, Louisiana, on a charter flight coordinated by ICE’s Air Operations Unit, to the El Salvador International Airport Saint Óscar Arnulfo Romero y Galdámez in San Salvador, El Salvador. He was turned over to Salvadoran authorities upon arrival.

    “For far too long, dangerous foreign fugitives, transnational gang members and other violent criminal aliens have illegally entered this country through our southern border with impunity putting the lives of law-abiding residents in jeopardy,” said ICE Enforcement and Removal Operations Houston Field Office Director Bret Bradford. “Those days are over, as the law enforcement community in South Texas is more united than ever in our collective effort to enforce the laws of this nation and protect our communities from harm.”

    Diaz illegally entered the U.S. at least twice in 2021 and was expelled under Title 42 on May 15, 2021, and June 18, 2021. Diaz illegally entered the U.S. for a third time on an unknown date, and at an unknown location. He was apprehended by ICE April 19, 2024, and placed into immigration proceedings. An immigration judge with the Justice Department’s Executive Office for Immigration Review ordered Diaz removed from the U.S. Sept. 19, 2024. The Board of Immigration Appeals affirmed that decision Jan. 13.

    Members of the public who have information about foreign fugitives are urged to contact ICE by calling the ICE Tip Line at 1 (866) 347-2423 or internationally at 001-1802-872-6199. They can also file a tip online by completing ICE’s online tip form.

    For more news and information on how ICE carries out its immigration enforcement mission in Southeast Texas, follow us on X at @EROHouston.

    MIL OSI USA News

  • MIL-OSI Security: Convicted Drug Trafficker Found Guilty Of Distributing Fentanyl That Resulted In The Deaths Of Two Hillsborough County Men

    Source: Office of United States Attorneys

    Tampa, Florida – Acting United States Attorney Sara C. Sweeney announces that a federal jury has found Marquis Lamar McCullough (39, Tampa) guilty of two counts of distribution of fentanyl and one count of possession with intent to distribute fentanyl. For both counts of distribution of fentanyl, the jury also found that the death of a person resulted from the use of the fentanyl that McCullough had distributed. McCullough, who was previously convicted of trafficking in cocaine, faces mandatory sentences of life imprisonment. 

    According to testimony and evidence presented at trial, on April 22, 2021, deputies from the Hillsborough County Sheriff’s Office (HCSO) responded to the residence of K.K. to conduct a wellness check. They found K.K. dead when they entered his apartment, standing with his feet on the floor and his head and torso on top of the bathroom counter. Deputies found two baggies with small quantities of a substance, suspected to be heroin or fentanyl, in K.K.’s residence. Detectives reviewed K.K.’s cellphone and found communications with a woman who appeared to help K.K. purchase fentanyl the previous evening. The woman—who was a heroin user and not a dealer—was arrested on an unrelated charge and interviewed by detectives. She told them that K.K. could not get heroin from his usual source, so he asked her to buy heroin for him from her source, and she agreed to do it if she got to keep a bag for herself. The woman arranged a meeting with her supplier, “Slim,” and K.K. took her to meet Slim. With money provided by K.K., the woman bought several bags from Slim, provided most of them to K.K., and kept a couple of bags for herself.

    On April 28, 2021, HCSO detectives conducted a controlled purchase during which detectives observed “Slim” deliver fentanyl and identified him as Marquis Lamar McCullough.

    On May 6, 2021, the son of N.M. found his father dead, lying in his bed, and called 911 to report the death. HCSO deputies and detectives responded to the residence, and inside N.M.’s wallet they found a baggie with a small amount of a substance suspected to be heroin or fentanyl. While reviewing calls and texts on N.M.’s phone, a detective who had participated in the surveillance operation eight days earlier recognized that the last three calls placed by N.M. were to McCullough’s phone number, and the call and text history indicated that McCullough was N.M.’s supplier. Later that day, HCSO detectives planned for another purchase of heroin or fentanyl from McCullough, using N.M.’s cellphone to set up the meeting. When McCullough arrived at the meeting location, he tried to call N.M., but when his calls went unanswered, McCullough fled the area. An arrest team pursued his vehicle and took McCullough into custody.

    The Drug Enforcement Administration laboratory determined that the substances found at the residences of K.K. and N.M., and the substances purchased from McCullough on April 28, 2021, all contained fentanyl. The Hillsborough County Medical Examiner’s Office investigated both deaths and determined that the use of fentanyl caused the deaths of K.K. and N.M. 

    This case was investigated by the Federal Bureau of Investigation, the Drug Enforcement Administration, the Hillsborough County Sheriff’s Office, and the Hillsborough County Medical Examiner’s Office. It is being prosecuted by Assistant United States Attorneys Michael Sinacore and Ross Roberts.

    This case was part of an Organized Crime Drug Enforcement Task Force (OCDETF) investigation. OCDETF identifies, disrupts, and dismantles the highest-level criminal organizations that threaten the United States using a prosecutor-led, intelligence-driven, multi-agency approach. Additional information about the OCDETF Program can be found at www.justice.gov/OCDETF.

    MIL Security OSI

  • MIL-OSI Security: Evansville Fentanyl Dealers Sentenced to a Combined Decade in Federal Prison for Manufacturing Counterfeit Drugs Using a Pill Press

    Source: Office of United States Attorneys

    EVANSVILLE— Ethan Parker, 31 and Joshua Harvey 33, of Evansville, have been sentenced for their parts in a fentanyl trafficking scheme. Parker was sentenced to four years in federal prison, followed by one year of supervised release after pleading guilty to possession and distribution of a tableting machine. Harvey was sentenced to 92 months in federal prison followed by five years of supervised release after pleading guilty to conspiracy to distribute fentanyl.

    According to court documents, between January 1, 2022, and April 4, 2022, Parker and Harvey conspired together to manufacture and distribute more than 40 grams of fentanyl laced pills to individuals in and around the city of Evansville.

    In the furtherance of the conspiracy, on multiple occasions in February and March of 2022, Harvey sold fentanyl-laced counterfeit pills in Evansville, Indiana, and Henderson, Kentucky. On March 23, 2022, Parker, communicating through an encrypted messaging application, agreed to sell Harvey 100 fentanyl-laced counterfeit pills for $350. On April 4, 2022, Harvey possessed approximately 31.9 grams of fentanyl-laced counterfeit pills with the intent to distribute them to dealers.

    On August 25, 2021, Parker sold a blue pill press, along with an Alprazolam imprinting die, for $1,400, knowing that the pill press would be used to manufacture a controlled substance. The die could be used to manufacture counterfeit Alprazolam (Xanax). On April 4, 2022, Parker was found in possession of another pill press and pill imprinting dies of various shapes and imprints for use in the manufacture of fentanyl-laced counterfeit pills.

    “Fentanyl dealers value their profits far more than the lives of our families and neighbors,” said John E. Childress, Acting United States Attorney for the Southern District of Indiana. “We must fight to save lives by investigating and prosecuting criminals who exploit the epidemic of substance use disorder to satisfy their own greed. Our office, the DEA, and the Evansville Police Department are committed to holding fentanyl traffickers accountable for pushing deadly poison on our streets.”

    “The charges against Mr. Parker and Mr. Harvey were necessary and justified. This case exemplified high level investigative work conducted by the Evansville-Vanderburgh County Drug Task Force in collaboration with the DEA Evansville HIDTA Task Force,” said DEA Assistant Special Agent in Charge Michael Gannon. “Mr. Parker and Mr. Harvey were responsible for distributing significant quantities of fake pills containing fentanyl. In addition, the investigation led to the seizure of two pill presses capable of manufacturing fake Xanax pills and fentanyl pills.  Taking two pill presses off the streets is a major win for our community. The DEA remains committed to working hand-in-hand with our partners to hold reckless drug dealers, who peddle poison to our communities, accountable for their actions and make our community safer.” 

    The Drug Enforcement Administration and the Evansville Police Department investigated this case. The sentences were imposed by U.S. District Judge Richard L. Young. This prosecution is part of the Indiana High Intensity Drug Trafficking Areas (HIDTA) program.

    Acting U.S. Attorney Childress thanked Assistant U.S. Attorney Todd S. Shellenbarger, who prosecuted this case.

    According to the Drug Enforcement Administration, as little as two milligrams of fentanyl can be fatal, depending on a person’s body size, tolerance, and past usage—a tiny amount that can fit on the tip of a pencil. Seven out of ten illegal fentanyl tablets seized from U.S. streets and analyzed by the DEA have been found to contain a potentially lethal dose of the drug.

    One Pill Can Kill: Avoid pills bought on the street because One Pill Can Kill. Fentanyl has now become the leading cause of death for adults in the United States. Fentanyl is a highly potent opioid that drug dealers dilute with cutting agents to make counterfeit prescription pills that appear to be Oxycodone, Percocet, Xanax, and other drugs. Fake prescription pills laced with fentanyl are usually shaped and colored to look like pills sold at pharmacies. For example, fake prescription pills known as “M30s” imitate Oxycodone obtained from a pharmacy, but when sold on the street the pills routinely contain fentanyl. These pills are usually round tablets and often light blue in color, though they may be in different shapes and a rainbow of colors. They often have “M” and “30” imprinted on opposite sides of the pill. Do not take these or any other pills bought on the street – they are routinely fake and poisonous, and you won’t know until it’s too late.

    ###

    MIL Security OSI

  • MIL-OSI Security: Leader of Large-Scale Drug Trafficking Organization Pleads Guilty in Federal Court

    Source: Office of United States Attorneys

    CONCORD – A Boston man pleaded guilty yesterday in federal court in Concord to conspiring to distribute fentanyl and cocaine in New Hampshire, Acting U.S. Attorney Jay McCormack announces.

    Juan Ramon Soto Baez, 55, pleaded guilty to one count of conspiracy to distribute controlled substances, namely, cocaine and fentanyl.  U.S. District Court Judge Samantha Elliott scheduled sentencing for May 29, 2025.  On April 26, 2023, the defendant was charged along with 20 other defendants. To date, 10 defendants involved in the conspiracy have been convicted.

    According to the plea agreement and statements made in court, the defendant was the leader of a Massachusetts-based drug trafficking organization that distributed large quantities of fentanyl and cocaine in New Hampshire, particularly Manchester, between September of 2019 and April of 2023.  The organization was run like a business, operating “dispatch” telephone lines where customers could call in to order narcotics. The defendant or a trusted member of the conspiracy working for him would take customer orders on the phone, and then he would either deliver the order himself or send a runner to conduct the drug sale at an arranged meeting location.

    During the timeframe of the conspiracy, law enforcement agents observed and recorded the defendant and his co-conspirators selling fentanyl and cocaine on nineteen occasions. On the day of the defendant’s arrest, a search of a residence associated with the conspiracy yielded $15,000 and drug ledgers.  A search of a vehicle used by the drug trafficking organization yielded roughly 94 grams of fentanyl and 196 grams of cocaine packaged in small baggies for distribution.

    The charging statute provides a sentence of no greater than 20 years in prison, at least three (3) years of supervised release, and a maximum fine of $1,000,000. Sentences are imposed by a federal district court judge based upon the U.S. Sentencing Guidelines and statutes which govern the determination of a sentence in a criminal case.

    The Federal Bureau of Investigation and the Drug Enforcement Administration led the investigation. Valuable assistance was provided by the Manchester Police Department. Assistant U.S. Attorney Aaron Gingrande is prosecuting the case. 

    This effort is part of an Organized Crime Drug Enforcement Task Forces (OCDETF) operation. OCDETF identifies, disrupts, and dismantles the highest-level criminal organizations that threaten the United States using a prosecutor-led, intelligence-driven, multi-agency approach. Additional information about the OCDETF Program can be found at https://www.justice.gov/OCDETF.

    ###

     

    MIL Security OSI

  • MIL-OSI Security: Jury Convicts Valrico Man Of Drug Trafficking

    Source: Office of United States Attorneys

    Tampa, Florida – Acting United States Attorney Sara C. Sweeney announces that a federal jury has found Tryon Metteria Byrd IV (45, Valrico) guilty of conspiring to distribute, and distributing, methamphetamine and cocaine. Byrd faces a minimum penalty 5 five years, up to 40 years, in federal prison. His sentencing hearing is scheduled for May 14, 2025.

    According to testimony and evidence presented at trial, Byrd and his co-conspirators distributed methamphetamine and cocaine out of three residences in St. Petersburg. Byrd sold directly to undercover detectives from the St. Petersburg Police Department from a residence owned by his family.

    Byrd’s co-conspirators, Eric L. Lemon, Eric Lekent Lemon Jr., and Dominic Giannantonio pleaded guilty and have been sentenced for their roles in the drug conspiracy. Lemon was sentenced to 21 years and 6 months in federal prison, Lemon Jr. was sentenced to 4 years and 3 months’ imprisonment, and Giannantonio was sentenced to 11 years and 3 months in prison.

    This case was investigated by the St. Petersburg Police Department and the Bureau of Alcohol, Tobacco, Firearms and Explosives. It was prosecuted by Assistant United States Attorney David P. Sullivan.

    This case was part of an Organized Crime Drug Enforcement Task Force (OCDETF) investigation. OCDETF identifies, disrupts, and dismantles the highest-level criminal organizations that threaten the United States using a prosecutor-led, intelligence-driven, multi-agency approach. Additional information about the OCDETF Program can be found at www.justice.gov/OCDETF.

    MIL Security OSI

  • MIL-OSI Security: Oregon Man Pleads Guilty in Swatting and Bomb Threats Scheme That Targeted Jewish Hospitals in New York City and Long Island

    Source: Office of United States Attorneys

    One Hospital Entered Lockdown and Partially Evacuated After Defendant’s Bomb Hoax

    Earlier today in federal court in Brooklyn, Domagoj Patkovic pleaded guilty to conspiring to make threats concerning explosives and conveying false information concerning explosives.  The proceeding was held before United States District Judge Ramon E. Reyes.  When sentenced, Patkovic faces up to 15 years in prison.  Patkovic was charged in August 2024. 

    John J. Durham, United States Attorney for the Eastern District of New York and James E. Dennehy, Assistant Director in Charge, Federal Bureau of Investigation, New York Field Office (FBI), announced the guilty plea.

    “As he admitted today, the defendant intentionally targeted Jewish hospitals and care centers in our District with bomb threats.  In doing so, he needlessly endangered patients and staff and diverted critical law enforcement resources from their core mission of keeping our community safe,” stated United States Attorney Durham.  “We will prosecute dangerous bomb threats and swatting schemes to the fullest extent of the law.”

    Mr. Durham expressed his appreciation to the Federal Bureau of Investigation, New York Field Office, the New York City Police Department, Nassau County Police Department and the U.S. Attorney’s Office for the District of Oregon for their assistance on the case.

    As set forth in the indictment and in court filings, beginning at least as early as May 2021, the defendant and others made anonymous phone calls in which they made violent threats, including threats to detonate explosive devices, to Jewish hospitals and care centers within the Eastern District of New York, among other targets throughout the United States.

    The defendant himself made threats in at least six separate calls to hospitals and on a call with local law enforcement who had responded to a 911 notification from one of the hospitals.  The defendant livestreamed the calls to others on an online social media and electronic communications service.  On several occasions, local police responded to the scene and conducted bomb sweeps. On at least one occasion in September 2021, the hoax bomb threat resulted in a partial evacuation and lockdown of an entire hospital on Long Island.  No explosive devices were ultimately found in any of the locations.

    The government’s case is being handled by the Office’s National Security & Cybercrime Section.  Assistant United States  Attorneys Alexander A. Solomon, Laura Zuckerwise and Andrew D. Reich are in charge of the prosecution, with assistance from Trial Attorney James Donnelly of the National Security Division’s Counterterrorism Section and Paralegal Specialist Wayne Colon. 

    The Defendant:

    DOMAGOJ PATKOVIC 
    Age: 31
    Portland, Oregon

    E.D.N.Y. Docket No. 24-CR-317 (RER)

    MIL Security OSI

  • MIL-OSI USA: Boozman, Colleagues Mark 80th Anniversary of Iwo Jima

    US Senate News:

    Source: United States Senator for Arkansas – John Boozman

    WASHINGTON—U.S. Senator John Boozman (R-AR) joined Senators Todd Young (R-IN) and Mark Warner (D-VA) to introduce a bipartisan resolution recognizing the 80th anniversary of the Battle of Iwo Jima. The major clash between U.S. and Japanese forces in World War II’s Pacific theater began on February 19, 1945, and lasted until March 26, 1945.

    “The 80th anniversary of the Battle of Iwo Jima is a solemn yet important reminder of the sacrifice of the Greatest Generation,” said Boozman. “The resilience and courage of our U.S. Marines was famously characterized as a display of uncommon valor. Decades later, we continue to remember and honor our servicemembers’ heroism. I am proud to join my colleagues in recognizing them, this milestone and the vital partnership between our nation and Japan today.”                            

    “For myself, every Marine, and many Americans, Iwo Jima is a symbol of duty and sacrifice,” said Young. “I’m proud to lead this resolution that recognizes the heroic servicemembers who gave their lives at Iwo Jima, honors those who fought in the battle, and reaffirms our reconciled friendship with Japan.” 

    “I’m proud to introduce this resolution to pay tribute to the service and the sacrifice of all the heroes who fought for our country at Iwo Jima, which included my late father, Marine Corporal Robert Warner. The 80th anniversary of this pivotal battle offers us an opportunity to reflect on the bravery and perseverance of the Greatest Generation, and is an enduring reminder about the power of courage and unity in the face of adversity,” said Warner

    More specifically, the resolution:

    • Honors the Marines, Sailors, Soldiers, Army Air Crew and Coast Guardsmen who fought bravely on Iwo Jima;
    • Remembers the brave servicemembers who lost their lives in the battle;
    • Commemorates the iconic and historic raising of the United States flag on Mount Suribachi that occurred on February 23, 1945;
    • Encourages Americans to honor the veterans of Iwo Jima; and
    • Reaffirms the bonds of friendship and shared values that have developed between the United States and Japan over the last 80 years.

    The resolution is also cosponsored by Senators Richard Blumenthal (D-CT), Dan Sullivan (R-AK), Chris Coons (D-CT), Catherine Cortez Masto (D-NV), Kevin Cramer (R-ND), Ruben Gallego (D-AZ), Ted Cruz (R-TX), Tim Kaine (D-VA), Joni Ernst (R-IA), Angus King (I-ME), Rick Scott (R-FL), Amy Klobuchar (D-MN), Thom Tillis (R-NC), Jacky Rosen (D-NV), Jack Reed (D-RI), Chris Van Hollen (D-MD), Elizabeth Warren (D-MA), Deb Fischer (R-NE), Tom Cotton (R-AR), Tammy Duckworth (D-IL), Jim Justice (R-WV), Mike Rounds (R-SD) and Adam Schiff (D-CA).

    Click here for full text of the resolution.

    MIL OSI USA News