NewzIntel.com

Category: KB

  • MIL-OSI USA: Sen. Baldwin, Rep. Wied Introduce Bill to Honor Veterans of Operation End Sweep with the Vietnam Service Medal

    US Senate News:

    Source: United States Senator for Wisconsin Tammy Baldwin
    WASHINGTON, D.C. – Today, U.S. Senator Tammy Baldwin (D-WI) and Congressman Tony Wied (R-WI-08) introduced a bipartisan bill to honor veterans who participated in Operation End Sweep with the Vietnam Service Medal. Currently, participants in Operation End Sweep, a mission to clear dangerous mines from Haiphong harbor and surrounding waters in North Vietnam after the war concluded, are ineligible for this service medal because their service took place after the United States had officially withdrawn from Vietnam in January 1973. The Honoring Operation End Sweep Veterans Act is inspired by Retired Navy Commander Michael Cosgrove of Sturgeon Bay, Wisconsin, who served in Operation End Sweep but was not properly honored for his service.
    “The sailors who spent months sweeping for mines in North Vietnam risked their lives to clean up the legacies of the Vietnam War, save lives, and make good on the United States’ commitment to international law,” said Senator Baldwin. “Their service and sacrifice deserve to be honored and recognized alongside the millions of Americans who served their country during the Vietnam War. I’m proud to work with Representative Wied to honor these sailors.”
    “Operation End Sweep marked the end of the Vietnam War and serves as a powerful example of the dedication and bravery of our Vietnam veterans, like Retired Navy Commander Michael Cosgrove of Sturgeon Bay, who risked their lives to clean up naval mines left behind in the war’s aftermath,” said Congressman Wied. “I’m proud to stand with Senator Baldwin in introducing this bipartisan bill to ensure their service is honored equally alongside that of every other Vietnam veteran.”
    “I am a retired commander in the Navy. As a lieutenant, I was Executive Officer of an ocean-going minesweeper. In 1973, we sailed from Hawaii to Haiphong Harbor as part of Operation End Sweep, sweeping the mines we had placed in Haiphong Harbor,” said Retired Navy Commander Michael Cosgrove of Sturgeon Bay, WI. “We spent 5 months in and out of North Vietnamese waters after Congress had declared the war ended. We received virtually no credit for our efforts. Most have no idea the operation even occurred. I would like to see this bill passed so that those of us who participated in End Sweep receive some recognition for our service.”
    The signing of the Paris Peace Accords on January 27, 1973, officially ended direct U.S. involvement in the Vietnam War and the subsequent withdrawal of U.S. forces from Vietnam. Under the Hague Convention of 1907, the U.S. was required to eliminate the mine threat it had created after the end of hostilities.
    For this reason, the U.S. Navy and Marine Corps conducted Operation End Sweep to remove naval mines from Haiphong harbor and other coastal and inland waterways in North Vietnam between February and July 1973. Since Operation End Sweep occurred after the official end of the Vietnam War, servicemembers who participated in the operation are not eligible for the Vietnam Service Medal.
    The Honoring Operation End Sweep Veterans Act would direct the Department of Defense to award veterans who participated in Operation End Sweep with the Vietnam Service Medal to recognize their service and sacrifice.
    Senator Baldwin has long advocated for addressing the legacies of war and honoring those that do this important and dangerous work. She leads bipartisan legislation with Senator Jerry Moran (R-KS) to honor members of the Southeast Asian Diasporas who supported and defended the U.S. during the Vietnam War. The bill also would authorize funding for the removal of landmines and unexploded ordnances and victim support programs for those injured by landmines and other legacies of war in Vietnam.
    A one-pager on this bill is available here. Full bill text is available here.

    MIL OSI USA News

  • MIL-OSI USA: MEDIA ADVISORY: Sanders to Hold Town Hall on Teacher Pay Crisis with Hundreds of Educators from Across the Country

    US Senate News:

    Source: United States Senator for Vermont – Bernie Sanders
    WASHINGTON, July 22 — Sen. Bernie Sanders (I-Vt.), Ranking Member of the Senate Committee on Health, Education, Labor, and Pensions (HELP), will hold a town hall on Thursday with more than 100 teachers and educational leaders at the U.S. Capitol to discuss the teacher pay crisis impacting schools, students and communities.
    Joining Sanders at the town hall will be Sen. Ed Markey (D-Mass.); Randi Weingarten, president of the American Federation of Teachers (AFT); Princess Moss, vice president of the National Education Association (NEA); and educators from across the country.
    “It is simply unacceptable that, in the richest country in the history of the world, 40% of teachers have to work extra jobs just to make ends meet. The situation has become so absurd that four hedge fund managers on Wall Street make more money in a single year than every kindergarten teacher in America combined — nearly 120,000 teachers,” Sanders said. “We need the best education system in the world, and that means we need the best teachers. To get the best teachers, we need to pay them what they deserve.”
    Today in America, nearly one in eight teaching jobs is vacant or filled by a teacher who is not fully certified. Approximately one-third of all public school teachers make less than $60,000 a year — including more than 90% of starting teachers. Hundreds of thousands of teachers have to work two or three jobs during the school year to make ends meet. Meanwhile, the average weekly wage for public school teachers has decreased by 5% over the past 30 years, adjusted for inflation. Today, 44% of public school teachers quit the profession within five years.
    “Wages for public school teachers are so low that in 36 states, the average public school teacher with a family of four qualifies for food stamps, public housing and other government assistance programs. We have got to do better than that,” Sanders continued. “No teacher in America should make less than $60,000 a year. If we are going to have the best public school system in the world, we have got to radically change our attitude toward education and make sure that every teacher in America receives the compensation that they deserve for the enormously important and difficult work that they do.”
    At the town hall, Sanders will hear directly from educators about how low wages, burnout and disinvestment are affecting both teacher morale and the quality of public education.
    Details
    What: Save Public Education: Pay Teachers What They Deserve
    Who:
    Sen. Bernie Sanders
    Sen. Ed Markey
    AFT President Randi Weingarten
    NEA Vice President Princess Moss
    More than 100 teachers from across the U.S.
    When: Thursday, July 24, 12:30 p.m.
    Where: Washington, D.C. Location available upon RSVP. The event will also be livestreamed on Sanders’ social media.

    MIL OSI USA News

  • MIL-OSI USA: July 22nd, 2025 Heinrich, Bennet, Hickenlooper Introduce Legislation to Expand and Improve Access to Clean Water for Tribal Families

    US Senate News:

    Source: United States Senator for New Mexico Martin Heinrich

    Half of households on Native American reservations lack access to reliable water sources, clean drinking water, or adequate sanitation

    WASHINGTON — U.S. Senator Martin Heinrich (D-N.M.), along with U.S. Senators Michael Bennet (D-Colo.) and John Hickenlooper (D-Colo.), introduced the Tribal Access to Clean Water Act to dramatically expand access to clean water for Tribal families by investing in water infrastructure. This bill would increase funding through the Indian Health Service, the U.S. Department of Agriculture (USDA), and the Bureau of Reclamation to support water infrastructure projects in Tribal communities and help provide clean water to Native American households that currently lack access.

    “Nearly half of Native American households lack access to clean and reliable water supplies. That is completely unacceptable,” said Heinrich. “By addressing a significant backlog of infrastructure projects and removing barriers to federal programs that provide technical and financial assistance to Tribes, this legislation is an important step toward delivering clean drinking water to all families in Indian Country.”

    “Too many Tribal communities in Colorado and across the country cannot access clean, safe water,” said Bennet. “This legislation builds on our efforts to improve access for Tribes in the Bipartisan Infrastructure Law. It fulfills the federal government’s promise to provide these communities with the clean water they deserve.”

    “Clean drinking water is a basic necessity. Yet, so many of our Tribal communities have been left without the infrastructure. It’s unacceptable,” said Hickenlooper. “Let’s cut red tape and invest in modern resources to finally deliver safe, accessible water to every Tribe.”

    Lack of access to clean drinking water is a significant barrier for many Native American communities. According to data from the U.S. Department of Health and Human Services (HHS), Native American households are 19 times more likely than white households to lack indoor plumbing.

    The Tribal Access to Clean Water Act will:

    • Authorize the USDA to make grants and loans for technical and financial assistance, as well as for construction;
    • Increase funding authorizations for USDA’s Rural Development Community Facilities Grant and Loan Program by $100 million per year for five years, provide $30 million per year specifically for technical assistance, and ensure that Native communities are treated equitably and appropriately when considered for grants and loans;
    • Increase funding authorizations for existing programs of the Indian Health Service for water and sanitation facilities construction over a five-year period, including for community facilities ($2.5 billion), technical assistance ($150 million), and operation and maintenance assistance ($500 million); and
    • Authorize $90 million over five years for the Bureau of Reclamation’s existing Native American Affairs Technical Assistance Program.

    “Water is a sacred resource given to us to protect. It is of the utmost importance that Tribes have access to clean water not only for personal consumption and economic development but also for cultural purposes. Many tribes in the Southwest rely on access to clean water to carry on our culture and traditions. We thank U.S. Senators Martin Heinrich and Michael Bennet for reintroducing the Tribal Access to Clean Water Act,” said Myron Armijo, Santa Ana Pueblo Governor.

    “It is far past time to ensure that Native people have the same level of basic water service most Americans take for granted,” said Manuel Heart, Chairman of the Ute Mountain Ute Tribe. “This bill’s recognition of the need for technical support and operation and maintenance assistance for Tribal water supply facilities is not only essential to realizing the benefit of investment in water infrastructure, but also a critical step toward increasing Tribal independence and governance capabilities.”

    “Some of the starkest examples of the public health impacts from not having clean, running water in the home are right in our backyards,” said Anne Castle, co-founder of the initiative on Universal Access to Clean Water for Tribal Communities. “Higher incidence of respiratory disease, gastrointestinal infections, diabetes, and cancer are all linked to ‘water poverty’ – the lack of access to secure and healthy household water – which is particularly acute for Native American households. With targeted resources and Federal agency coordination, we have the ability to solve this longstanding inequity in Indian country.”

    “For far too long, many indigenous Americans – American Indians, Alaska Natives, and Native Hawaiians – have gone without access to a clean and safe drinking water supply,” said John Echohawk, Executive Director and Co-Founder of the Native American Rights Fund and member of the Pawnee Nation. “These are not isolated or regional deficiencies, but rather a nationwide disparity in access to a basic ingredient of life. This bill will help to address gaps in current support for Tribal drinking water access and help to fulfill the Federal government’s treaty and trust responsibility to Native American Tribes.”

    “Every American is entitled to access to clean drinking water,” said Ken Norton, Chairman of the National Tribal Water Council. “But this undeniable truth simply does not hold for far too many Tribal households. It is well past time to bring the necessary resources to bear that will allow all Tribal families to enjoy the same basic services most Americans take for granted.”

    “Water is a basic human right and this bill fulfills the government’s trust obligation to Tribes and Indigenous communities to ensure all Native populations have access to clean drinking water,” said Garrit Voggesser, Senior Director of Tribal Partnerships and Policy, National Wildlife Federation. “For far too long more than half of the country’s Indigenous peoples haven’t had access to clean drinking water. Water must be accessible to not only support public health, but also meet historical, cultural, ecological, and rights-based needs.”

    Heinrich initially introduced this legislation with Bennet in 2021. He also successfully fought to include funding to improve Tribal access to clean water in the Infrastructure Law. The law included $3.5 billion for the Indian Health Service Sanitation Facilities Construction program to address needs for tribal sanitation facilities and services, $1 billion for the Bureau of Reclamation to support legacy rural water supply projects, which will benefit Tribes, and increased funding for the Environmental Protection Agency’s Clean Water Act and Safe Drinking Water Act State Revolving Funds.

    In addition to Heinrich, Bennet, and Hickenlooper, this bill is co-sponsored by U.S. Senators Bernie Sanders (I-Vt.), Ron Wyden (D-Ore.), Elizabeth Warren (D-Mass.), and Alex Padilla (D-Calif.).

    The text of the bill is available here.

    A summary of the bill is available here.

    MIL OSI USA News

  • MIL-OSI USA: July 22nd, 2025 Heinrich Announces Committee Passage of Over $205 Million for New Mexico’s Military Installations and Significant Wins for Veterans

    US Senate News:

    Source: United States Senator for New Mexico Martin Heinrich

    Investments Heinrich championed include childcare assistance, improved telehealth & rural health services, & expanded homelessness prevention programs

    WASHINGTON — U.S. Senator Martin Heinrich (D-N.M.) announced the bipartisan Senate Appropriations Committee passage of the Fiscal Year 2026 (FY26) Military Construction, Veterans Affairs, and Related Agencies Appropriations Bill. With Committee passage of this bill, Heinrich secured support for over $205 million for New Mexico’s military installations and significant wins for New Mexico’s veterans, including over $32 million in Congressionally Directed Spending for five local projects.

    “For our nation’s veterans and military families, this bill keeps our promise: that when they come home, they will receive the recognition, education, housing, and health care that they have earned through their service. It also strengthens New Mexico’s role as a leader in national security and bolsters our local economies,” said Heinrich, a member of the Senate Appropriations Committee. “This bill will also ensure that our service members are best equipped with state-of-the-art technology and resources to defend freedom at home and abroad. As a member of the Senate Appropriations Committee, I am committed to doing everything I can to support the heroic Americans who sacrifice so much to keep us safe.”

    Heinrich is a member of the Senate Appropriations Committee and the former Chair of the Appropriations Subcommittee on Military Construction, Veterans Affairs, and Related Agencies.

    New Mexico Military Construction

    Heinrich secured Committee support of investments in seven New Mexico projects.

    Heinrich successfully included funds for the following projects:

    • $90,000,000 for the construction of a 192-bed dormitory for airmen at Cannon Air Force Base.
    • $83,000,000 for the construction of a new Space Rapid Capabilities Office Headquarters on Kirtland Air Force Base.
    • $18,250,000 to construct a new Explosive Operations Building at Kirtland Air Force Base, which is essential for the safe and efficient handling, inspection, and storage of munitions in alignment with Air Force operational requirements.
    • $3,200,000 to construct a Child Development Center (CDC) on Kirtland Air Force Base that supports the growing childcare needs of Kirtland Air Force Base personnel.

    Heinrich also secured language addressing the ongoing energy infrastructure needs at White Sands Missile Range, ensuring troop readiness and training is prioritized.

    Heinrich and U.S. Senator Ben Ray Luján (D-N.M.) also successfully included funding for the following projects:

    • $8,100,000 to renovate and construct a training facility for Security Forces at Cannon Air Force Base. This will help support the continued growth of this Security Force unit.
    • $2,000,000 to restore and improve antiterrorism technology at the Wyoming Gateat Kirtland Air Force Base.
    • $700,000 to finish the design of a new High Speed Test Track at Holloman Air Force Base.

    Support for Veterans

    Heinrich secured Committee support for key veteran programs.

    Suicide Prevention

    Heinrich successfully secured $18,866,195,000 for mental health treatment, including $697,760,000 for suicide prevention outreach. Heinrich also secured language encouraging the VA to use predictive modeling and analytics for veteran suicide prevention in the Recovery Engagement and Coordination for Health-Veterans Enhanced Treatment (REACH VET) program. This innovative solution would identify veterans with evidence-based risk factors for suicidal ideation in order to get help to veterans before a potential mental health crisis.

    In 2020, Heinrich voted in favor of the Commander John Scott Hannon Veterans Mental Health Care Improvement Act of 2019 (P.L. 116-171), which supported and authorized the REACH VET program.

    Rural Health

    Heinrich successfully secured $342,455,000 for the VA’s Office of Rural Health and its Rural Health Initiative to continue supporting veterans with services like transportation to appointments for highly rural veterans, utilization of innovative transportation service technologies, and outreach to highly rural veterans.

    An estimated 2.7 million rural and highly rural veterans are enrolled in the Veterans Health Administration (VHA). Many rural veterans enrolled in the VA health care system are at an advanced age, with approximately 54 percent aged 65 or older. With the aging veteran population growing increasingly medically complex and more likely to be diagnosed with chronic conditions like diabetes, obesity, high blood pressure, and heart disease, each requiring more frequent, ongoing, and costly care, these funds would help close the gap and get highly rural veterans the care they need.

    Telehealth Services

    Heinrich successfully secured $6,356,035,000 to sustain and increase telehealth capacity and expand the reach of VA medical providers to veterans in highly rural areas through the use of in-home telehealth and remote patient monitoring services. The bill also supports the Veterans Health Administration’s (VHA) rulemaking to eliminate copays for all virtual medical appointments of any type and especially for primary and preventative care appointments.

    Preventing Veteran Homelessness

    Heinrich successfully secured $3,459,121,000 to prevent veteran homelessness, including $702,821,000 to bolster the Supportive Services for Veteran Families Program, which would meet the needs of veterans including help with the rising costs of household goods; $670,900,000 for case management and administration of Housing and Urban Development – Veterans Affairs Supportive Housing vouchers; $323,100,000 for the Grant and Per Diem Program, which would support transitional housing and assist veterans in achieving housing stability; and, $139,843,000 for Veterans Justice Outreach and Legal Services for Veterans grants to award community-based organizations with funds to assist veterans with legal issues like accessing benefits, navigating family law, and securing safe and stable housing.

    Veterans Affairs Service Purchasing (VASP) Program

    Heinrich successfully secured report language directing the VA to explain why it abruptly ended the Veterans Affairs Service Purchasing program, a critical program that would keep veterans who were unable to pay their mortgage in their homes. At least 130 New Mexico veterans could be impacted by this administration’s shortsighted decision to end the Veterans Affairs Service Purchasing program without loss mitigation policies.

    Access to Medications for Substance Use Disorder

    Heinrich successfully secured $709,573,000 for the Opioid Prevention and Treatment programs at the VA, including $454,086,000 for treatment programs and $254,487,000 to continue implementation of the Jason Simcakoski Memorial and Promise Act. Heinrich voted in favor of this bill’s authorizing legislation, the Comprehensive Addiction and Recovery Act, in 2016 (P.L. 114-198).

    Veteran Family Resource Program

    Heinrich successfully secured language to require a status report on the Veteran Family Resource Program rollout, including authorities and funding needed to ensure a successful, continued rollout that reduces rates of child abuse and neglect among families with veterans. Services would include interventions like case management assistance to address evidence-based risk factors like housing and food insecurity in veteran families.

    Childcare Assistance

    Heinrich successfully secured an additional $3,000,000 in the VA’s overall budget to support the expansion of childcare centers at VA medical facilities through a pilot program. Heinrich originally voted in favor of the Caregivers and Veterans Omnibus Health Services Act of 2010 (P.L. 111-163) while Congressman for New Mexico’s 1stCongressional district. This bill led to the VA’s initial childcare pilot program to assess feasibility and advisability of providing childcare services to veterans receiving mental health and intensive health care services.

    As a result, in 2016, the VA launched a childcare pilot program to implement three (3) free, drop-in childcare service centers across three locations in the states of New York and Washington. Survey data indicate nearly a third of veterans are interested in childcare services and approximately 10 percent have had to cancel or reschedule medical appointments due to lack of childcare.

    Grants for Construction of State Extended Care Facilities

    Heinrich successfully secured $171,000,000 in construction funds for state extended care facilities. In New Mexico, there is only one VA long-term care facility, despite demand for additional capacity and facilities. These facilities are particularly important to ensure aging and disabled veterans receive the appropriate level of care.

    Medical and Prosthetics Research

    Heinrich successfully secured $943,000,000 to fund medical, rehabilitative, and health services research and support basic and clinical studies that advance knowledge leading to improvements in the prevention, diagnosis, and treatment of diseases and disabilities. Medical and prosthetic research at the Department of Veterans Affairs includes the fields of prosthetics, orthotics, adaptive equipment for vehicles, sensory aids, and related areas.

    VA Court of Appeals

    Heinrich successful secured language requiring the VA to improve transparency surrounding the large back log of cases at the VA Court of Appeals. According to last year’s Annual Report, there is a backlog of 200,805 cases.

    MIL OSI USA News

  • MIL-OSI USA: Schatz, Banks Introduce Bipartisan Bill To Build More Affordable Housing, Address America’s Growing Housing Crisis

    US Senate News:

    Source: United States Senator for Hawaii Brian Schatz

    WASHINGTON – U.S. Senators Brian Schatz (D-Hawai‘i) and Jim Banks (R-Ind.) today introduced the Build More Housing Near Transit Act. The bipartisan legislation continues Senator Schatz’s efforts to address America’s housing shortage by offering federal benefits and encouraging local governments to build more housing near transit-oriented urban and suburban spaces, where options are especially lacking.

    “The clearest way out of our national housing shortage is by building more housing,” said Senator Schatz. “Our bipartisan bill incentivizes cities and towns to build housing when they expand or redevelop their public transit systems. This will help put more families in homes, grow local economies, and cut carbon pollution. It’s a win for everyone.”

    “This bill makes it easier for communities to build homes for working families by cutting red tape and giving them the freedom to create strong, family-friendly neighborhoods near public transit,” said Senator Banks.

    Specifically, the legislation directs the Secretary of Transportation to provide a scoring boost to the competitive grant applications of public transit projects that include regulatory reforms that legalize new housing near stations, including removing expensive parking mandates, streamlining approval for new housing, allowing houses on smaller lots, raising height limits, and other pro-housing policies.

    Currently, 47 percent of renter households are cost-burdened, and lack of housing options in transit-friendly areas is a major contributor to this. In addition, transportation costs are often a household’s second-largest expenditure behind housing, meaning more housing in transit areas would have a two-fold benefit.

    By offering easier access to transit centers, the Build More Housing Near Transit Act will connect more employees with jobs and boost economic output, as well as reduce greenhouse gas emissions through increased public transit ridership. It will also make federal transportation projects more efficient and ensure federal dollars are used most effectively.

    “America is experiencing a severe housing shortage that affects every aspect of American lives and the economy,” said Mike Kingsella, CEO of Up for Growth Action. “The Build More Housing Near Transit Act addresses the critical link between transportation and housing and would create greater access to affordable commutes and abundant housing. We applaud the lead sponsors for introducing this bill, serving as an example of how the federal government can use its leverage to ensure the right types of housing are available in the places people want to live.”

    “For decades, the federal government has funded mass transit projects in cities whose growth control laws do not allow people to live near and ride on transit. The Build More Housing Near Transit Act finally corrects this. It protects transit riders and the federal taxpayer from spending scarce transit capital on projects doomed by rigid zoning regulations to low housing growth and low future ridership, while uplifting projects in localities that welcome housing & transit ridership growth. This bill is the essential first step in restoring bipartisan confidence in America’s mass transit investments for taxpayers and transit riders alike,” said Alex Armlovich, Senior Housing Policy Analyst for the Niskanen Center.

    The full text of the bill is available here.

    MIL OSI USA News

  • MIL-OSI Russia: World Fencing Championships Start in Tbilisi

    Translation. Region: Russian Federal

    Source: People’s Republic of China in Russian – People’s Republic of China in Russian –

    An important disclaimer is at the bottom of this article.

    Source: People’s Republic of China – State Council News

    TBILISI, July 22 (Xinhua) — The World Fencing Championships kicked off in Georgia’s capital Tbilisi on Tuesday. The country is hosting a competition of this scale for the first time and has fielded a team of 25 strongest athletes, the Georgian Fencing Federation said.

    The competition will last until July 30. According to the organizers, about 1,200 athletes from 135 countries and regions of the world are taking part in the tournament. 12 sets of awards will be contested in fencing with epees, foils and sabres in individual and team disciplines among men and women.

    President of the Georgian Fencing Federation Merab Bazadze expressed confidence that holding the championship will be an important step in the development of fencing in the country. “A lot of people will come, and I am glad that this elite sport will become a priority in Georgia,” he told reporters.

    At the previous World Championship, held in 2023 in Milan /Italy/, the Georgian team won one award – a silver medal, which was won by sabre fencer Sandro Bazadze. –0–

    Please note: This information is raw content obtained directly from the source of the information. It is an accurate report of what the source claims and does not necessarily reflect the position of MIL-OSI or its clients.

    .

    MIL OSI Russia News

  • MIL-OSI Russia: Air India plane’s auxiliary power unit catches fire after landing

    Translation. Region: Russian Federal

    Source: People’s Republic of China in Russian – People’s Republic of China in Russian –

    An important disclaimer is at the bottom of this article.

    Source: People’s Republic of China – State Council News

    NEW DELHI, July 22 (Xinhua) — An Air India passenger plane, flight AI-315, operating from Hong Kong to Delhi, caught fire in its auxiliary power unit shortly after landing at Indira Gandhi International Airport in New Delhi, the Indian capital, on Tuesday, officials said.

    The fire was discovered as passengers were preparing to exit the plane.

    Air India said no passengers or crew were injured, but the fire caused some damage to the aircraft itself.

    Another Air India flight from Cochin to Mumbai skidded off the runway while landing on Monday, causing damage to both the plane and the road surface, according to media reports. Last month, an Air India flight to London crashed shortly after takeoff in the city of Ahmedabad, killing all 241 people on board. –0–

    Please note: This information is raw content obtained directly from the source of the information. It is an accurate report of what the source claims and does not necessarily reflect the position of MIL-OSI or its clients.

    .

    MIL OSI Russia News

  • MIL-OSI United Nations: Amid ‘Horror Show in Gaza’, Humanitarian System Denied Space to Deliver, Multilateral Problem-Solving Needed More than Ever, Secretary-General Tells Security Council

    Source: United Nations General Assembly and Security Council

    Following are UN Secretary-General António Guterres’ remarks to the Security Council on multilateralism and peaceful settlement of disputes, in New York today:

    I want to thank Deputy Prime Minister and Foreign Minister Ishaq Dar and Pakistan for convening today’s open debate.  The topic of today’s debate shines a light on the clear connection between international peace and multilateralism.

    Eighty years ago, the United Nations was founded with a primary purpose — to safeguard humanity from the scourge of war.  The architects of the United Nations Charter recognized that the peaceful resolution of disputes is the lifeline when geopolitical tensions escalate, when unresolved disputes fuel the flames of conflict and when States lose trust in each other.

    The Charter lays out a number of important tools to forge peace.  Article 2.3 of the UN Charter is clear:  “All Members shall settle their international disputes by peaceful means in such a manner that international peace and security, and justice, are not endangered.”

    Chapter VI of the Charter is equally clear on the specific responsibilities of this Council to help ensure the pacific settlement of disputes “by negotiation, enquiry, mediation, conciliation, arbitration, judicial settlement, resort to regional agencies or arrangements, or other peaceful means of their own choice”.  Action 16 of the Pact of the Future calls on Member States to recommit to all the mechanisms of preventive diplomacy and the peaceful settlement of disputes.

    I commend Pakistan for utilizing its presidency to put forward a resolution urging all Member States to make full use of these tools in our collective pursuit of global peace.  This is needed now more than ever.

    Around the world, we see an utter disregard for — if not outright violations of — international law — including international human rights law, international refugee law, international humanitarian law and the UN Charter itself, without any accountability.

    These failures to uphold international obligations are coming at a time of widening geopolitical divides and conflicts.  And the cost is staggering — measured in human lives, shattered communities, and lost futures.

    We need look no further than the horror show in Gaza — with a level of death and destruction without parallel in recent times.  Malnourishment is soaring.  Starvation is knocking on every door.

    And now we are seeing the last gasp of a humanitarian system built on humanitarian principles.  That system is being denied the conditions to function.  Denied the space to deliver.  Denied the safety to save lives.  With Israeli military operations intensifying and new displacement orders issued in Deir al-Balah, devastation is being layered upon devastation.

    I am appalled that UN premises have been struck — among them facilities of the UN Office for Project Services and the World Health Organization (WHO), including WHO’s main warehouse.  This is despite all parties having been informed of the locations of these UN facilities.  These premises are inviolable and must be protected under international humanitarian law — without exception.

    From Gaza to Ukraine, from the Sahel to Sudan, Haiti and Myanmar, and many other parts of the world, conflict is raging, international law is being trampled, and hunger and displacement are at record levels.  And terrorism, violent extremism and transnational crime remain persistent scourges pushing security further out of reach.

    Diplomacy may not have always succeeded in preventing conflicts, violence and instability.  But it still holds the power to stop them.  Peace is a choice.  And the world expects the UN Security Council to help countries make this choice.  This Council is at the centre of the global architecture for peace and security.  Its creation reflected a central truth.

    Competition between States is a geopolitical reality.  But cooperation — anchored in shared interests and the greater good — is the sustainable pathway to peace.  Too often, we see divisions, entrenched positions and escalatory discourse blocking solutions and the effectiveness of the Council.

    But we have also seen some inspiring examples of finding common ground and forging solutions to global problems.

    For example, today marks three years since the signing of the Black Sea Initiative and the Memorandum of Understanding with the Russian Federation — efforts that show what we can achieve through mediation and the good offices of the United Nations, even during the most challenging moments.

    And we’ve seen many other recent examples.

    From the Sevilla Conference on Financing for Development, to the Oceans Conference in Nice, to the Agreement on Marine Biological Diversity of Areas Beyond National Jurisdiction and the Cybercrime Treaty, to the Pact for the Future adopted last year.

    The Pact, in particular, demonstrates a clear re-commitment by the world to strengthen the United Nations collective security system.  Drawing from the New Agenda for Peace, it prioritizes preventive diplomacy and mediation — all areas where this Council can play a vital role.

    As we look to the theme of today’s debate, I see three areas where we can live up to the Pact’s call to renew our commitment to — and the world’s faith in — the multilateral problem-solving architecture.

    First — this Council’s members, in particular its permanent members, must continue working to overcome divisions.  The majority of situations on the Security Council’s agenda are complex and resist quick fixes.

    But even in the darkest days of the cold war, the collective dialogue and decision-making in this Council underpinned a common and effective system of global security.  One that successfully deployed a range of peacekeeping missions.  One that opened the door for vital humanitarian aid to flow to people in need.  And one that helped prevent a third World War.

    I urge you to summon this same spirit by keeping channels open, continuing to listen in good faith, and working to overcome differences and building consensus.

    We must also work to ensure that this Council reflects the world of today, not the world of 80 years ago.  This Council should be made more representative of today’s geopolitical realities.  And we must continue improving the working methods of this Council to make it more inclusive, transparent, efficient and accountable.  I urge you to continue building consensus to move the intergovernmental negotiations forward.

    Second — this Council must continue strengthening cooperation with regional and subregional partners.  The landmark adoption of Security Council resolution 2719 supporting African Union-led peace support operations through assessed contributions is a good example of how we can join efforts with regional organizations to support more effective responses.

    I also commend this Council’s steps to strengthen and rebuild regional security frameworks to encourage dialogue and advance the peaceful settlement of disputes.

    And third — Member States must honour their obligations under international law, including the UN Charter, international human rights law and international humanitarian law.

    The Pact for the Future calls on all Member States to live up to their commitments in the UN Charter, and the principles of respect for sovereignty, territorial integrity and the political independence of States.

    All grounded in international law, and a commitment to prioritizing prevention of conflict and the peaceful settlement of disputes through dialogue and diplomacy.  The Pact also recognized the critical contribution of the International Court of Justice, which celebrates its eightieth anniversary next year.

    As we mark the eightieth anniversary of our Organization and the Charter that gave it life and shape, we need to renew our commitment to the multilateral spirit of peace through diplomacy.  I look forward to working with you in this important effort, to achieve the international peace and security the people of the world need and deserve.

    MIL OSI United Nations News

  • MIL-OSI USA: Engineer pleads guilty to stealing trade secret technology designed for missile launch detection

    Source: US Immigration and Customs Enforcement

    LOS ANGELES — A Santa Clara County man and former engineer at a Southern California company pleaded guilty July 21 to stealing trade secret technologies developed for use by the United States government to detect nuclear missile launches, track ballistic and hypersonic missiles, and to allow U.S. fighter planes to detect and evade heat-seeking missiles.

    Chenguang Gong, 59, of San Jose, pleaded guilty to one count of theft of trade secrets. He remains free on $1.75 million bond.

    According to his plea agreement, Gong — a dual citizen of the United States and China — transferred more than 3,600 files from a Los Angeles-area research and development company where he worked — identified in court documents as the victim company — to personal storage devices during his brief tenure with the company last year.

    The files Gong transferred include blueprints for sophisticated infrared sensors designed for use in space-based systems to detect nuclear missile launches and track ballistic and hypersonic missiles, as well as blueprints for sensors designed to enable U.S. military aircraft to detect incoming heat-seeking missiles and take countermeasures, including by jamming the missiles’ infrared tracking ability. Some of these files were later found on storage devices seized from Gong’s temporary residence in Thousand Oaks.

    In January 2023, the victim company hired Gong as an application-specific integrated circuit design manager responsible for the design, development and verification of its infrared sensors. Beginning on approximately March 30, 2023, and continuing until his termination on April 26, 2023, Gong transferred thousands of files from his work laptop to three personal storage devices, including more than 1,800 files after he had accepted a job at one of the victim company’s main competitors.

    Many of the files Gong transferred contained proprietary and trade secret information related to the development and design of a readout integrated circuit that allows space-based systems to detect missile launches and track ballistic and hypersonic missiles and a readout integrated circuit that allows aircraft to track incoming threats in low visibility environments.

    Gong also transferred files containing trade secrets relating to the development of “next generation” sensors capable of detecting low observable targets while demonstrating increased survivability in space, as well as the blueprints for the mechanical assemblies used to house and cryogenically cool the victim company’s sensors. This information was among the victim company’s most important trade secrets that are worth hundreds of millions of dollars. Many of the files had been marked “[VICTIM COMPANY] PROPRIETARY,” “FOR OFFICIAL USE ONLY,” “PROPRIETARY INFORMATION,” and “EXPORT CONTROLLED.”

    Law enforcement also discovered that, between approximately 2014 and 2022, while employed at several major technology companies in the United States, Gong submitted numerous applications to ‘Talent Programs’ administered by the People’s Republic of China government. The PRC government has established these talent programs as a means to identify individuals who have expert skills, abilities, and knowledge of advanced sciences and technologies in order to access and utilize those skills and knowledge in transforming the PRC’s economy, including its military capabilities.

    In 2014, while employed at a U.S. information technology company headquartered in Dallas, Gong sent a business proposal to a contact at a high-tech research institute in China focused on both military and civilian products. In his proposal, translated from Chinese, Gong described a plan to produce high-performance analog-to-digital converters like those produced by his employer.

    In another Talent Program application from September 2020, Gong proposed to develop “low light/night vision” image sensors for use in military night vision goggles and civilian applications. Gong’s proposal included a video presentation that contained the model number of a sensor developed by an international defense, aerospace, and security company where Gong worked from 2015 to 2019.

    Gong travelled to China several times to seek Talent Program funding in order to develop sophisticated analog-to-digital converters. In his Talent Program applications, Gong underscored that the high-performance analog-to-digital converters he proposed to develop in China had military applications, explaining that they “directly determine the accuracy and range of radar systems” and that “[m]issile navigation systems also often use radar front-end systems.” In a 2019 email, translated from Chinese, Gong remarked that he “took a risk” by traveling to China to participate in the Talent Programs “because [he] worked for…an American military industry company” and thought he could “do something” to contribute to China’s “high-end military integrated circuits.”

    According to his plea agreement, the intended economic loss from Gong’s criminal conduct exceeds $3.5 million.

    United States District Judge John F. Walter scheduled a September 29 sentencing hearing, at which time Gong will face a statutory maximum sentence of 10 years in federal prison.

    The FBI’s Los Angeles Field Office through the Counterintelligence Task Force in partnership with the State Department’s Diplomatic Security Service and U.S. Immigration and Customs Enforcement Homeland Security Investigations is investigating this matter. The FBI’s San Francisco Field Office and the U.S. Attorney’s Office for the Northern District of California also provided substantial assistance.

    Assistant United States Attorneys David C. Lachman of the Terrorism and Export Crimes Section and Nisha Chandran of the Major Frauds Section are prosecuting this case, with valuable assistance from Department of Justice Trial Attorney Brendan P. Geary of the National Security Division’s Counterintelligence and Export Control Section.

    As a member of the FBI Counterintelligence Task Force, HSI contributes to the whole-of-government efforts to defeat hostile intelligence activities targeting the U.S., to include countering the proliferation of sensitive technology to potential adversaries. This case highlights the partnership between HSI, the FBI and DSS, each leveraging their unique capabilities and authorities, to disrupt insider threats at U.S. technology companies and to safeguard sensitive U.S. technology.

    MIL OSI USA News

  • MIL-OSI USA: Curiosity Blog, Sols 4604-4606: Taking a Deep Breath of Martian Air

    Source: NASA

    Written by Lauren Edgar, Planetary Geologist at USGS Astrogeology Science Center
    Earth planning date: Friday, July 18, 2025
    Curiosity has started to investigate the main exposure of the boxwork structures! What was once a distant target is now on our doorstep, and Curiosity is beginning to explore the ridges and hollows that make up this terrain, to better understand their chemistry, morphology, and sedimentary structures.
    I was on shift as Long Term Planner during this three-sol weekend plan, and the team put together a very full set of activities to thoroughly investigate this site — from the sky to the sand. The plan starts with Navcam and Mastcam observations to assess the amount of dust in the atmosphere, followed by a large Mastcam mosaic to characterize the resistant ridge on which the rover is parked. ChemCam will also acquire a LIBS observation on a target named “Vicuna” to assess the chemistry of a well-exposed vein. The team chose this parking location to characterize the chemistry and textures of this topographic ridge (to compare with topographic lows), so the next part of the plan involves contact science using APXS and MAHLI to look at different parts of the nodular bedrock in our workspace, at targets named “Totoral” and “Sillar.” There’s also a MAHLI observation of the same vein that ChemCam targeted.
    The second sol involves more Mastcam imaging to look at different parts of this prominent ridge, along with a ChemCam LIBS observation on top of the ridge, and a ChemCam RMI mosaic to document the sedimentary structures in a distant boxwork feature. Navcam will also be used to look for dust devils. Then Curiosity will take a short drive of about 5 meters (about 16 feet) to explore the adjacent hollow (seen as the low point in the foreground of the above Navcam image). After the drive we’ll take more images for context, and to prepare for targeting in Monday’s plan.
    After all of this work it’s time to pause and take a deep breath… of Martian atmosphere. The weekend plan involves an exciting campaign to look for variations in atmospheric chemistry between night and day. So Curiosity will take an overnight APXS atmospheric observation at the same time that two instruments within SAM assess its chemical and isotopic abundance.
    On the third sol Curiosity will acquire a ChemCam passive sky observation, leading to a great set of atmospheric data. These measurements will be compared to even more atmospheric activities in Monday’s plan to get the full picture. As you can imagine, this plan requires a lot of power, but it’s worth it for all of the exciting science that we can accomplish here.
    The road ahead has many highs and lows (literally), but I can’t wait to see what Curiosity will accomplish. The distant buttes remind us that there’s so much more to explore, and I look forward to continuing to see where Curiosity will take us.

    MIL OSI USA News

  • MIL-OSI USA: NASA Invites Media to Senegal Artemis Accords Signing Ceremony

    Source: NASA

    Senegal will sign the Artemis Accords during a ceremony at 2 p.m. EDT on Thursday, July 24, at NASA Headquarters in Washington.
    Brian Hughes, NASA chief of staff, will host Maram Kairé, director general of the Senegalese space agency (ASES), and Abdoul Wahab Haidara, ambassador of Senegal to the United States, along with other officials from Senegal and the U.S. Department of State.
    This event is in-person only. Media interested in attending must RSVP no later than 10 a.m. on Thursday, July 24, to: hq-media@mail.nasa.gov. NASA’s media accreditation policy is online.
    The signing ceremony will take place at the James E. Webb Memorial Auditorium at NASA Headquarters in the Mary W. Jackson building, 300 E. Street SW in Washington.
    In 2020, during the first Trump Administration, the United States, led by NASA and the State Department, joined with seven other founding nations to establish the Artemis Accords, responding to the growing interest in lunar activities by both governments and private companies. The accords introduced the first set of practical principles aimed at enhancing the safety, transparency, and coordination of civil space exploration on the Moon, Mars, and beyond. Senegal is the 56th country to sign the Artemis Accords since their inception.
    The Artemis Accords are grounded in international law and represent the best practices and norms of responsible behavior that NASA and its partners have supported, including the public release of scientific data.
    Learn more about the Artemis Accords at:
    https://www.nasa.gov/artemis-accords
    -end-
    Bethany Stevens / Elizabeth ShawHeadquarters, Washington202-358-1600bethany.c.stevens@nasa.gov / elizabeth.a.shaw@nasa.gov

    MIL OSI USA News

  • MIL-OSI USA: CISA Releases Nine Industrial Control Systems Advisories

    News In Brief – Source: US Computer Emergency Readiness Team

    CISA released nine Industrial Control Systems (ICS) advisories on July 22, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

    CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

    MIL OSI USA News

  • MIL-OSI USA: NASA’s X-59 Makes a Move

    Source: NASA

    NASA’s X-59 quiet supersonic research aircraft completed its first low-speed taxi test at U.S. Air Force Plant 42 in Palmdale, California, on July 10, 2025. This marked the first time the one-of-a-kind experimental aircraft has ever moved under its own power. 
    During the test, engineers and flight crews monitored the X-59 as it moved across the runway, working to validate critical systems like steering and braking. The taxiing represents the start of the X-59’s final series of ground tests before first flight. 
    The X-59 is the centerpiece of NASA’s Quesst mission, which aims to demonstrate quiet supersonic flight by reducing the loud sonic boom to a quieter “thump.”
    Image Credit: NASA/Carla Thomas

    MIL OSI USA News

  • MIL-OSI USA: Last Day to Apply for Federal Assistance for April Storms

    Source: US Federal Emergency Management Agency 2

    strong>LITTLE ROCK, Ark. – Homeowners and business owners who had damage from the destructive storms, tornadoes and flooding in Arkansas in April have until 11:59 p.m. Tuesday, July 22, to apply for federal disaster assistance.
    Residents including homeowners, renters and business owners may apply for assistance if your home or business is in Clark, Clay, Craighead, Crittenden, Desha, Fulton, Greene, Hot Spring, Jackson, Miller, Ouachita, Pulaski, Randolph, St. Francis, Saline, Sharp or White County.
    In planning your recovery from the April 2-22 storms, give yourself the widest possible set of options. If you applied for damage or losses after the storms in March, you may apply again for FEMA assistance for uninsured property losses from the April storms. Previous FEMA aid does not affect eligibility for assistance. 
    Loans from the U.S. Small Business Administration also hold many benefits for survivors. SBA loans are not just for businesses. They are the largest source of federal disaster recovery funds for survivors. In a presidentially declared disaster, these long-term, low-interest loans are available to homeowners, renters, businesses of all sizes and nonprofit organizations including houses of worship.
    FEMA has many types of assistance available. FEMA may be able to help with basic home repair costs, personal property loss, and temporary housing while you are unable to live in your home. Repair or replacement assistance may be available for a primary vehicle, a computer damaged in the disaster, or books and other items required for school. 
    To apply for FEMA assistance, go to DisasterAssistance.gov, use the FEMA App for mobile devices or call the FEMA Helpline at 800-621-3362. Lines are open daily from 6 a.m. to 10 p.m. CT and specialists speak many languages. If you use a relay service, captioned telephone or other service, you can give FEMA your number for that service. To view an accessible video on how to apply, visit Three Ways to Apply for FEMA Disaster Assistance – YouTube.
    To apply or to download an SBA application, go to SBA.gov/disaster. You may also call SBA’s Customer Service Center at 800-659-2955 or email DisasterCustomerService@sba.gov.
    Survivors can also submit documents and speak to someone about their FEMA or SBA applications at several sites. To find locations and hours, visit fema.gov/disaster/4873, scroll to the bottom of the page and click the link under “In-person Survivor Assistance.”
    For the latest information about Arkansas’ recovery, visit fema.gov/disaster/4873. Follow FEMA Region 6 on social media at x.com/FEMARegion6 and at facebook.com/FEMARegion6

    MIL OSI USA News

  • MIL-OSI USA: #StopRansomware: Interlock

    News In Brief – Source: US Computer Emergency Readiness Team

    Summary

    Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources.

    The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), Department of Health and Human Services (HHS), and Multi-State Information Sharing and Analysis Center (MS-ISAC)—hereafter referred to as “the authoring organizations”—are releasing this joint advisory to disseminate known Interlock ransomware IOCs and TTPs identified through FBI investigations (as recently as June 2025) and trusted third-party reporting.

    The Interlock ransomware variant was first observed in late September 2024, targeting various business, critical infrastructure, and other organizations in North America and Europe. FBI maintains these actors target their victims based on opportunity, and their activity is financially motivated. FBI is aware of Interlock ransomware encryptors designed for both Windows and Linux operating systems; these encryptors have been observed encrypting virtual machines (VMs) across both operating systems. FBI observed actors obtaining initial access via drive-by download from compromised legitimate websites, which is an uncommon method among ransomware groups. Actors were also observed using the ClickFix social engineering technique for initial access, in which victims are tricked into executing a malicious payload under the guise of fixing an issue on the victim’s system. Actors then use various methods for discovery, credential access, and lateral movement to spread to other systems on the network.

    Interlock actors employ a double extortion model in which actors encrypt systems after exfiltrating data, which increases pressure on victims to pay the ransom to both get their data decrypted and prevent it from being leaked. 

    FBI, CISA, HHS, and MS-ISAC encourage organizations to implement the recommendations in the Mitigations section of this advisory to reduce the likelihood and impact of Interlock ransomware incidents.

    Download the PDF version of this report:

    For a downloadable copy of IOCs, see:

    Note: This advisory uses the MITRE ATT&CK® Matrix for Enterprise framework, version 17. See the MITRE ATT&CK Tactics and Techniques section of this advisory for tables mapped to the threat actors’ activity.

    Overview

    Since September 2024, Interlock ransomware actors have impacted a wide range of businesses and critical infrastructure sectors in North America and Europe. These actors are opportunistic and financially motivated in nature and employ tactics to infiltrate and disrupt the victim’s ability to provide their essential services. 

    Interlock actors leverage a double extortion model, in which they both encrypt and exfiltrate victim data. Ransom notes do not include an initial ransom demand or payment instructions; instead, victims are provided with a unique code and are instructed to contact the ransomware group via a .onion URL through the Tor browser. To date, Interlock actors have been observed encrypting VMs, leaving hosts, workstations, and physical servers unaffected; however, this does not mean they will not expand to these systems in the future. To counter Interlock actors’ threat to VMs, enterprise defenders should implement robust endpoint detection and response (EDR) tooling and capabilities.

    The authoring agencies are aware of emerging open-source reporting detailing similarities between the Rhysida and Interlock ransomware variants.1 For additional information on Rhysida ransomware, see the joint advisory, #StopRansomware: Rhysida Ransomware.

    Initial Access

    FBI has observed Interlock actors obtaining initial access [TA0001] via drive-by download [T1189] from compromised legitimate websites, an atypical method for ransomware actors. Interlock ransomware methods for initial access have previously disguised malicious payloads as fake Google Chrome or Microsoft Edge browser updates, though a cybersecurity company recently reported a shift to payload filenames masquerading as updates for common security software (see Table 5 for a list of filenames).2

    In some instances, FBI has observed Interlock actors using the ClickFix social engineering technique, in which unsuspecting users are prompted to execute a malicious payload by clicking a fake Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) [T1189]. The CAPTCHA contains instructions for users to open the Windows Run window, paste the clipboard contents, and then execute a malicious Base64-encoded PowerShell process [T1204.004].3

    Note: This ClickFix technique has been used in several other malware campaigns, including Lumma Stealer and DarkGate.4

    Execution and Persistence

    Based on FBI investigations, the fake Google Chrome browser executable functions as a remote access trojan (RAT) [T1105] designed to execute a PowerShell script [T1059.001] that drops a file into the Windows Startup folder. From there, the file is designed to run the RAT every time the victim logs in [T1547.001], establishing persistence [TA0003]. 

    FBI also observed instances in which Interlock actors executed a PowerShell command designed to establish persistence via a Windows Registry key modification [T1547.001]. To do so, Interlock actors used a PowerShell command [T1059.001] designed to add a run key value named “Chrome Updater” [T1036.005] that uses a specific log file as an argument upon user login.

    Reconnaissance

    To facilitate reconnaissance, a PowerShell script executes a series of commands [T1059.001] designed to gather information on victim machines (see Table 1).

    Table 1. PowerShell Commands for Reconnaissance
    PowerShell Command Description
    WindowsIdentity.GetCurrent() Returns a WindowsIdentity object that represents the current Windows user [T1033].
    systeminfo Displays detailed configuration information [T1082] about a computer and its operating system, including operating system configuration, security information, product ID, and hardware properties.
    tasklist/svc Lists unabridged service information [T1007] for each process currently running on the local computer.
    Get-Service Gets objects that represent the services [T1007] on a computer, including running and stopped services.
    Get-PSDrive

    Gets the drives [T1082] in the current session, such as:

    • Windows logical drives on the computer, including drives mapped to network shares.
    • Drives exposed by PowerShell providers.
    • Session-specified temporary drives and persistent mapped network drives.
       
    arp -a Displays and modifies entries in the Address Resolution Protocol (ARP) cache table [T1016], which contains entries on the IPv4 and IPv6 addresses on host endpoints.

    Command and Control

    FBI observed Interlock actors using command and control (C2) [TA0011] applications like Cobalt Strike and SystemBC. Interlock actors also used Interlock RAT5 and NodeSnake RAT (as of March 2025)6 for C2 and executing commands.

    Credential Access, Lateral Movement, and Privilege Escalation

    FBI observed that once Interlock actors establish remote control of a compromised system, they use a series of PowerShell commands to download a credential stealer (cht.exe) [TA0006] and keylogger binary (klg.dll) [T1056.001],[T1105]. According to open source reporting, the credential stealer collects login information and associated URLs for victims’ online accounts [T1555.003], while the keylogger dynamic link library (DLL) logs users’ keystrokes in a file named conhost.txt [T1036.005].7 As of February 2025, private cybersecurity analysts also observed Interlock ransomware infections executing different versions of information stealers [TA0006], including Lumma Stealer8 and Berserk Stealer, to harvest credentials for lateral movement and privilege escalation [T1078].9

    Interlock actors leverage compromised credentials and Remote Desktop Protocol (RDP)10 [T1021.001] to move between systems. They also use tools like AnyDesk to enable remote connectivity and PuTTY to assist with lateral movement [T1219].11 In addition to stealing users’ online credentials, Interlock actors have compromised domain administrator accounts (possibly by using a Kerberoasting attack [T1558.003])12 to gain additional privileges [T1078.002]. 

    Collection and Exfiltration

    Interlock actors leverage Azure Storage Explorer (StorageExplorer.exe) to navigate victims’ Microsoft Azure Storage accounts [T1530] prior to exfiltrating data. According to open source reporting, Interlock actors execute AzCopy to exfiltrate data by uploading it to the Azure storage blob [T1567.002].13 Interlock actors also exfiltrate data over file transfer tools, including WinSCP [T1048].

    Impact

    Following data exfiltration, Interlock actors deploy the encryption binary as a 64-bit executable named conhost.exe [T1486],[T1036.005]. FBI has observed Interlock ransomware encryptors for both Windows and Linux operating systems. Encryptors are designed to encrypt files using a combined Advanced Encryption Standard (AES) and Rivest-Shamir-Adleman (RSA) algorithm. In addition, cybersecurity researchers have identified Interlock ransomware samples using a FreeBSD ELF encryptor [T1486], a departure from usual Linux encryptors designed for VMware ESXi servers and VMs.14

    A cybersecurity company identified a DLL binary named tmp41.wasd—executed after encryption using rundll32.exe [T1218.011]—which uses the remove() function to delete the encryption binary [T1070.004];15 on Linux machines, the encryptor uses a similar technique to execute the removeme function. 

    Encrypted files are appended with either a .interlock or .1nt3rlock file extension, alongside a ransom note titled !__README__!.txt delivered via group policy object (GPO). Interlock actors use a double-extortion model [T1657], encrypting systems after exfiltrating data. The ransom note provides each victim with a unique code and instructions to contact the ransomware actors via a .onion URL. 

    Interlock actors do not leave an initial ransom demand or payment instructions on compromised networks, and do not relay this information until contacted by the victim. The actors instruct victims to make ransom payments in Bitcoin to cryptocurrency wallet addresses provided by the actors. The actors threaten to publish the victim’s exfiltrated data to their leak site on the Tor network unless the victim pays the ransom demand; the actors have previously followed through on this threat.16

    See Table 2 for publicly available tools and applications used by Interlock ransomware actors. This includes legitimate tools repurposed for their operations.

    Disclaimer: Use of these tools and applications should not be attributed as malicious without analytical evidence to support threat actor use and/or control.

    Table 2. Tools Used by Interlock Ransomware Actors
    Tool Name Description
    AnyDesk A common legitimate remote monitoring and management (RMM) tool maliciously used by Interlock actors to obtain remote access and maintain persistence. AnyDesk also supports remote file transfer.
    Cobalt Strike A penetration testing tool used by security professionals to test the security of networks and systems.
    PowerShell A cross-platform task automation solution made up of a command-line shell, a scripting language, and a configuration management framework, which runs on Windows, Linux, and macOS.
    PSExec A tool designed to run programs and execute commands on remote systems.
    PuTTY.exe An open source file transfer application commonly used to remotely connect to systems via Secure Shell (SSH). PuTTY also supports file transfer protocols like Secure File Transfer Protocol (SFTP) and Secure Copy Protocol (SCP).
    ScreenConnect A remote support, access, and meeting software that allows users to control devices remotely over the internet. CISA observed Interlock actors using a cracked version of this software in at least one incident. These versions may be standalone versions not connecting to ScreenConnect’s official cloud domains (domains available upon request from ConnectWise).
    SystemBC Enables Interlock actors to compromise systems, run commands, download malicious payloads, and act as a proxy tool to the actors’ C2 servers.
    Windows Console Host Windows Console Host (conhost.exe) manages the user interface for command-line applications in Windows, including Command Prompt and PowerShell. 
    WinSCP A free and open source SSH File Transfer Protocol (FTP), WebDAV, Amazon S3, and secure copy protocol client.

    See Table 3 and Table 4 for files used by Interlock ransomware actors. These were obtained from FBI investigations as recently as June 2025.

    Disclaimer: Some of the hashes are for legitimate tools and applications and should not be attributed as malicious without analytical evidence to support threat actor use and/or control. The authoring agencies recommend organizations investigate or vet these hashes prior to taking action, such as blocking.

    Table 3. Files Used by Interlock Ransomware Actors (SHA-256)
    File Name Hash
    1.ps1 fba4883bf4f73aa48a957d894051d78e0085ecc3170b1ff50e61ccec6aeee2cd 
    advanced_port_scanner.exe 4b036cc9930bb42454172f888b8fde1087797fc0c9d31ab546748bd2496bd3e5
    Aisa.exe 18a507bf1c533aad8e6f2a2b023fbbcac02a477e8f05b095ee29b52b90d47421
    AnyDesk.exe 1a70f4eef11fbecb721b9bab1c9ff43a8c4cd7b2cafef08c033c77070c6fe069
    autoservice.dll a4069aa29628e64ea63b4fb3e29d16dcc368c5add304358a47097eedafbbb565
    Autostart.exe d535bdc9970a3c6f7ebf0b229c695082a73eaeaf35a63cd8a0e7e6e3ceb22795
    cht FAFCD5404A992850FFCFFEE46221F9B2FF716006AECB637B80E5CD5AA112D79C
    cht.exe C20BABA26EBB596DE14B403B9F78DDC3C13CE9870EEA332476AC2C1DD582AA07
    cleanup.dll (SystemBC) 1845a910dcde8c6e45ad2e0c48439e5ab8bbbeb731f2af11a1b7bbab3bfe0127
    conhost 44887125aa2df864226421ee694d51e5535d8c6f70e327e9bcb366e43fd892c1
    conhost.dll a70af759e38219ca3a7f7645f3e103b13c9fb1db6d13b68f3d468b7987540ddf
    conhost.dll 96babe53d6569ee3b4d8fc09c2a6557e49ebc2ed1b965abda0f7f51378557eb1
    difxepi.dll (SystemBC) 1845a910dcde8c6e45ad2e0c48439e5ab8bbbeb731f2af11a1b7bbab3bfe0127
    iexplore.exe d0c1662ce239e4d288048c0e3324ec52962f6ddda77da0cb7af9c1d9c2f1e2eb
    klg.dll A4F0B68052E8DA9A80B70407A92400C6A5DEF19717E0240AC608612476E1137E
    !!!OPEN_ME!!!.txt 68A49D5A097E3850F3BB572BAF2B75A8E158DADB70BADDC205C2628A9B660E7A
    processhacker-2.39-bin.zip 88f26f3721076f74996f8518469d98bf9be0eaee5b9eccc72867ebfc25ea4e83
    PsExec.exe 078163d5c16f64caa5a14784323fd51451b8c831c73396b967b4e35e6879937b
    putty.exe 7a43789216ce242524e321d2222fa50820a532e29175e0a2e685459a19e09069
    puttyportable.exe 97931d2e2e449ac3691eb526f6f60e2f828de89074bdac07bd7dbdfd51af9fa0
    PuTTYPortable.zip ff7ad2376ae01e4b3f1e1d7ae630f87b8262b5c11bc5d953e1ac34ffe81401b5
    qrpce91.exe.asd 64a0ab00d90682b1807c5d7da1a4ae67cde4c5757fc7d995d8f126f0ec8ae983
    ScreenConnect.ClientService.exe 2814b33ce81d2d2e528bb1ed4290d665569f112c9be54e65abca50c41314d462
    SophosendpointAgent.exe f51b3d054995803d04a754ea3ff7d31823fab654393e8054b227092580be43db
    SophosScaner.exe dfb5ba578b81f05593c047f2c822eeb03785aecffb1504dcb7f8357e898b5024
    Starship.exe 94bf0aba5f9f32b9c35e8dfc70afd8a35621ed6ef084453dc1b10719ae72f8e2
    start 28c3c50d115d2b8ffc7ba0a8de9572fbe307907aaae3a486aabd8c0266e9426f
    start.exe 70bb799557da5ac4f18093decc60c96c13359e30f246683815a512d7f9824c8f
    StorageExplorer.exe 73a9a1e38ff40908bcc15df2954246883dadfb991f3c74f6c514b4cffdabde66
    Sysmon.sys 1d04e33009bcd017898b9e1387e40b5c04279c02ebc110f12e4a724ccdb9e4fb
    upd_2327991.exe 7b9e12e3561285181634ab32015eb653ab5e5cfa157dd16cdd327104b258c332
    webujgd.lnk 70EE22D394E107FBB807D86D187C216AD66B8537EDC67931559A8AEF18F6B5B3
    WinSCP-6.3.5-Setup.exe 8eb7e3e8f3ee31d382359a8a232c984bdaa130584cad11683749026e5df1fdc3
    Proxy Tool e4d6fe517cdf3790dfa51c62457f5acd8cb961ab1f083de37b15fd2fddeb9b8f
    Encryptor e86bb8361c436be94b0901e5b39db9b6666134f23cce1e5581421c2981405cb1
    Encryptor c733d85f445004c9d6918f7c09a1e0d38a8f3b37ad825cd544b865dba36a1ba6
    Encryptor 28c3c50d115d2b8ffc7ba0a8de9572fbe307907aaae3a486aabd8c0266e9426f
    Table 4. Files Used by Interlock Ransomware Actors (SHA-1)
    File Name Hash
    autorun.log 514946a8fc248de1ccf0dbeee2108a3b4d75b5f6
    jar.jar b625cc9e4024d09084e80a4a42ab7ccaa6afb61d
    pack.jar 3703374c9622f74edc9c8e3a47a5d53007f7721e

    See Table 5 through Table 16 for all referenced threat actor tactics and techniques in this advisory. For assistance with mapping malicious cyber activity to the MITRE ATT&CK framework, see CISA and MITRE ATT&CK’s Best Practices for MITRE ATT&CK Mapping and CISA’s Decider Tool.

    Table 5. Initial Access
    Technique Title ID Use
    Drive-By Compromise T1189

    Interlock actors obtain initial access by compromising a legitimate website that network users visit, or by disguising malicious payloads as fake browser updates or common security software, including the following:17

    • FortiClient.exe
    • Ivanti-Secure-Access-Client.exe
    • GlobalProtect.exe
    • Webex.exe
    • AnyConnectVPN.exe
    • Cisco-Secure-Client.exe
    • zyzoom_antimalware.exe

    Interlock actors also gain access via the ClickFix social engineering technique, in which users are tricked into executing a malicious payload by clicking on a fake CAPTCHA that prompts users to execute a malicious PowerShell script. 
     
    Table 6. Execution
    Technique Title ID Use
    Command and Scripting Interpreter: PowerShell T1059.001 

    Interlock actors implement PowerShell scripts to drop a malicious file into the Windows Startup folder.

    Interlock actors execute a PowerShell command for registry key modification.

    Interlock actors use a PowerShell script to execute a series of commands to facilitate reconnaissance.
    User Execution: Malicious Copy and Paste T1204.004 Via the ClickFix social engineering technique, users are tricked into clicking a fake CAPTCHA and prompted into executing a malicious Base64-encoded PowerShell process by following instructions to open a Windows Run window (Windows Button + R), pasting clipboard contents (“CTRL + V”), and then executing the malicious script (“Enter”).
    Table 7. Persistence
    Technique Title ID Use
    Boot or Logon Autostart Execution: Registry Run Keys/Startup Folder T1547.001

    Interlock actors establish persistence by adding a file into a Windows StartUp folder that executes a RAT every time a user logs in.

    Interlock actors also implement registry key modification by using a PowerShell command to add a run key value (named “Chrome Updater”) that uses a log file as an argument every time a user logs in.
     
    Table 8. Privilege Escalation
    Technique Title ID Use
    Valid Accounts: Domain Accounts T1078.002 Interlock actors compromise domain administrator accounts to gain additional privileges. 
    Table 9. Defense Escalation
    Technique Title ID Use
    Defense Evasion TA0005 Interlock actors execute the removeme function on Linux systems to delete the encryption binary for defense evasion. 
    Masquerading: Match Legitimate Resource Name or Location T1036.005

    Interlock actors disguise a malicious run key value by naming it “Chrome Updater”; the run key value uses a specific log file as an argument upon user login.

    Interlock actors disguise files of keystrokes logged by one of their credential stealers with a legitimate Windows filename: conhost.txt.

    Interlock actors disguise an encryption binary, a 64-bit executable, by giving it the same name as the legitimate Console Windows Host executable: conhost.exe
    System Binary Proxy Execution: Rundll32 T1218.011 Interlock actors use rundll32.exe to proxy execution of a malicious DLL binary tmp41.wasd
    Indicator Removal: File Deletion T1070.004 Interlock actors execute a DLL binary tmp41.wasd that uses the remove() function to delete their encryption binary for defense evasion. 
    Table 10. Credential Access
    Technique Title ID Use
    Credential Access TA0006 Interlock actors download credential stealer cht.exe and execute other versions information stealers (including Lumma Stealer and Berserk Stealer) to harvest credentials.
    Credentials from Password Stores: Credentials from Web Browsers T1555.003 Interlock actors download a credential stealer that collects login information and associated URLs for victims’ online accounts.
    Input Capture T1056 Interlock actors execute Lumma Stealer and Berserk Stealer information stealers on victim systems.
    Input Capture: Keylogging T1056.001 Interlock actors download klg.dll, a keylogger binary, onto compromised systems, where it logs users’ keystrokes in a file named conhost.txt
    Steal or Forge Kerberos Tickets: Kerberoasting T1558.003 Interlock actors possibly use a Kerberoasting attack to compromise domain administrator accounts. 
    Table 11. Discovery
    Technique Title ID Use
    System Owner/User Discovery T1033 Interlock actors execute a PowerShell command WindowsIdentity.GetCurrent() on victim systems to retrieve a WindowsIdentity object that represents the current Windows user.
    System Information Discovery T1082

    Interlock actors execute a PowerShell command systeminfo on victim systems to access detailed configuration information about the system, including OS configuration, security information, product ID, and hardware properties.

    Interlock actors execute a PowerShell command Get-PSDrive on victim systems to discover the drives in the current session, such as: 

    • Windows logical drives on the computer, including drives mapped to network shares.
    • Drives exposed by PowerShell providers.
    • Session-specified temporary drives and persistent mapped network drives.
    System Service Discovery T1007

    Interlock actors execute a PowerShell command tasklist /svc on victim systems that lists service information for each process currently running on the system. 

    Actors also execute a PowerShell command Get-Service on victim systems that retrieves objects that represent the services (including running and stopped services) on the system.
    System Network Configuration Discovery T1016 Interlock actors execute a PowerShell command arp -a on victim systems that displays and modifies entries in the Address Resolution Protocol (ARP) cache table (which contains entries on the IPv4 and IPv6 addresses on host endpoints).
    Table 12. Lateral Movement
    Technique Title ID Use
    Valid Accounts T1078 Interlock actors harvest and abuse valid credentials for lateral movement and privilege escalation.
    Remote Services: Remote Desktop Protocol T1021.001 Interlock actors use RDP and valid credentials to move laterally between systems.
    Table 13. Collection
    Technique Title ID Use
    Data from Cloud Storage T1530 Interlock actors use StorageExplorer.exe, the cloud storage solution Azure Storage Explorer, to explore Microsoft Azure Storage accounts. 
    Table 14. Command and Control
    Technique Title ID Use
    Command and Control TA0011 Interlock actors use applications Cobalt Strike and SystemBC for C2. 
    Ingress Tool Transfer T1105

    Interlock actors use a fake Google Chrome or Microsoft Edge browser update to cause users to execute a RAT on the victimized system.

    Interlock actors download credential stealers (cht.exe) and keylogger binaries (klg.dll) once actors establish remote control of a compromised system. 
    Remote Access Tools T1219 Interlock actors use legitimate remote access tools such as AnyDesk to enable remote connectivity and PuTTY to assist with lateral movement.
    Table 15. Exfiltration
    Technique Title  ID Use
    Exfiltration Over Web Service: Exfiltration to Cloud Storage T1567.002 Interlock actors exfiltrate data to cloud storage by executing AzCopy to upload data to the Azure storage blob.
    Exfiltration Over Alternative Protocol T1048 Interlock actors use file transfer tools like WinSCP to exfiltrate data.
    Table 16. Impact
    Technique Title  ID Use
    Data Encrypted for Impact T1486

    Interlock actors encrypt victim data using a combined AES and RSA algorithm on compromised systems to interrupt availability to system and network resources. Actors code encryptors using C/C++. Interlock actors use encryptors for both Windows and Linux operating systems. 

    Interlock actors also use a FreeBSD ELF encryptor to encrypt victim data. 
    Financial Theft   T1657 Interlock actors deliver a ransom note titled !__README__!.txt via a GPO which provides victims with instructions to use a .onion URL to contact the actors over the Tor network. Actors use a double-extortion model, both encrypting victim data and threatening release of victim data on their Tor network leak site if the ransom is not paid.

    The authoring agencies recommend organizations implement the mitigations below to improve your organization’s cybersecurity posture on the basis of the Interlock ransomware actors’ activity. These mitigations align with the Cross-Sector Cybersecurity Performance Goals (CPGs) developed by CISA and the National Institute of Standards and Technology (NIST). The CPGs provide a minimum set of practices and protections that CISA and NIST recommend all organizations implement. CISA and NIST based the CPGs on existing cybersecurity frameworks and guidance to protect against the most common and impactful threats and TTPs. Visit CISA’s CPGs webpage for more information on the CPGs, including additional recommended baseline protections.

    In addition to the below mitigations, Healthcare and Public Health (HPH) organizations should use HPH Sector CPGs to implement cybersecurity protections to address the most common threats and TTPs used against this sector.

    At-risk organizations should implement the following mitigations:

    • Prevent Interlock ransomware actors from obtaining initial access:
      • Implement domain name system (DNS) filtering to block users from accessing malicious sites and applications.
      • Implement web access firewalls to mitigate and prevent unknown commands or process injection from malicious domains or websites.
      • Train users [CPG 2.I] to identify, avoid, and report social engineering attempts.
    • Implement a recovery plan [CPG 5.A] to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, and secure location (e.g., hard drive, storage device, the cloud) [CPG 2.R].
    • Require all accounts with password logins (e.g., service accounts, admin accounts, and domain admin accounts) to comply with NIST password standards.
      • Require employees to use long passwords [CPG 2.B] and consider not requiring recurring password changes, as these can weaken security.
    • Require MFA [CPG 2.H] for all services to the extent possible, particularly for webmail, virtual private networks (VPNs), and accounts that access critical systems.
      • Implement ICAM policies across the organization as a precursor to MFA.
    • Keep all operating systems, software, and firmware up to date; prioritize patching known exploited vulnerabilities in internet-facing systems [CPG 1.E].
      • Timely patching is efficient and cost effective for minimizing an organization’s exposure to cybersecurity threats.
    • Implement robust EDR capabilities on VMs, systems, and networks.
    • Segment networks [CPG 2.F] to prevent the spread of ransomware.
      • Network segmentation can help prevent the spread of ransomware by controlling traffic flows between—and access to—various subnetworks and by restricting adversary lateral movement.
    • Identify, detect, and investigate abnormal activity and potential traversal of the indicated ransomware [CPG 3.A] with a networking monitoring tool [CPG 2.T].
      • To aid in detecting ransomware, implement a tool that logs and reports all network traffic, including lateral movement activity on a network.
      • Implement EDR tools; these are useful for detecting lateral connections as they provide insight into common and uncommon network connections for each host.
    • Filter network traffic by preventing unknown or untrusted origins from accessing remote services on internal systems.
      • This prevents threat actors from directly connecting to remote access services that they have established for persistence.
    • Install, regularly update, and enable real time detection for antivirus software on all hosts.
    • Review domain controllers, servers, workstations, and active directories for new and/or unrecognized accounts.
    • Audit user accounts with administrative privileges and configure access controls according to the principle of least privilege [CPG 2.E].
    • Disable unused ports.
    • Consider adding an email banner to emails received from outside of your organization [CPG 2.M].
    • Disable hyperlinks in received emails.
    • Implement time-based access for accounts set at the admin level and higher; for example, the just-in-time (JIT) access method provisions privileged access when needed and can support enforcement of the principle of least privilege (as well as the Zero Trust model):
      • This is a process where a network-wide policy is set in place to automatically disable admin accounts at the Active Directory level when the account is not in direct need.
      • Individual users may submit their requests through an automated process that grants them access to a specified system for a set timeframe when they need to support the completion of a certain task.
    • Disable command line and scripting activities and permissions [CPG 2.N].
      • Disabling software utilities that run from the command line makes it more difficult for threat actors to escalate privileges and move laterally.
    • Maintain offline backups of data and regularly maintain backups and restorations [CPG 2.R]; this avoids severe service interruption and irretrievable data in the event of a compromise.
    • Ensure all backup data is encrypted, immutable (i.e., cannot be altered or deleted), and covers the entire organization’s data infrastructure [CPG 2.R].

    In addition to applying mitigations, the authoring agencies recommend exercising, testing, and validating your organization’s security program against the threat behaviors mapped to the MITRE ATT&CK for Enterprise framework in this advisory. The authoring agencies recommend testing your existing security controls inventory to assess how they perform against the ATT&CK techniques described in this advisory.

    To get started:

    1. Select an ATT&CK technique described in this advisory (see Table 5 through Table 16).
    2. Align your security technologies against the technique.
    3. Test your technologies against the technique.
    4. Analyze your detection and prevention technologies’ performance.
    5. Repeat the process for all security technologies to obtain a set of comprehensive performance data.
    6. Tune your security program, including people, processes, and technologies, based on the data generated by this process.

    The authoring agencies recommend continually testing your security program, at scale, in a production environment to ensure optimal performance against the MITRE ATT&CK techniques identified in this advisory.

    Your organization has no obligation to respond or provide information back to FBI in response to this joint advisory. If, after reviewing the information provided, your organization decides to provide information to FBI, reporting must be consistent with applicable state and federal laws.

    FBI is interested in any information that can be shared, to include boundary logs showing communication to and from foreign IP addresses, a sample ransom note, communications with threat actors, Bitcoin wallet information, decryptor files, and/or a benign sample of an encrypted file.

    Additional details of interest include a targeted company point of contact, status and scope of infection, estimated loss, operational impact, transaction IDs, date of infection, date detected, initial attack vector, and host- and network-based indicators.

    The authoring agencies do not encourage paying ransom as payment does not guarantee victim files will be recovered. Furthermore, payment may also embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or fund illicit activities. Regardless of whether you or your organization have decided to pay the ransom, FBI and CISA urge you to promptly report ransomware incidents to FBI’s Internet Crime Complain Center (IC3), a local FBI Field Office, or CISA via the agency’s Incident Reporting System or its 24/7 Operations Center (contact@mail.cisa.dhs.gov) or by calling 1-844-Say-CISA (1-844-729-2472).

    State, local, tribal, and territorial governments should report incidents to the MS-ISAC (SOC@cisecurity.org or 866-787-4722).

    HPH Sector organizations should report incidents to FBI or CISA but also can reach out to HHS at HHScyber@hhs.gov for cyber incident support focused on mitigating adverse patient impacts.

    The information in this report is being provided “as is” for informational purposes only. The authoring agencies do not endorse any commercial entity, product, company, or service, including any entities, products, or services linked within this document. Any reference to specific commercial entities, products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favor by the authoring agencies. 

    Cisco Talos contributed to this advisory.

    July 22, 2025: Initial version.

    1 Elio Biasiotto, et. al., “Unwrapping the Emerging Interlock Ransomware Attack,” Talos Intelligence (blog), Cisco Talos, last modified November 7, 2024, https://blog.talosintelligence.com/emerging-interlock-ransomware/.

    2 Sekoia Threat Detection and Research team, “Interlock Ransomware Evolving Under the Radar,” Sekoia (blog), Sekoia, last modified April 16, 2025, https://blog.sekoia.io/interlock-ransomware-evolving-under-the-radar/.

    3 Yashvi Shah and Vignesh Dhatchanamoorthy, “ClickFix Deception: A Social Engineering Tactic to Deploy Malware,” McAfee Labs (blog), McAfee,last modified June 11, 2024, https://www.mcafee.com/blogs/other-blogs/mcafee-labs/clickfix-deception-a-social-engineering-tactic-to-deploy-malware/ and “HC3 Sector Alert: ClickFix Attacks,” Health Sector Cybersecurity Coordination Center, Department of Health and Human Services, last modified October 29, 2024, https://www.hhs.gov/sites/default/files/clickfix-attacks-sector-alert-tlpclear.pdf.

    4 Shah, “ClickFix Deception: A Social Engineering Tactic to Deploy Malware.”

    5 Sekoia Threat Detection and Research team, “Interlock Ransomware Evolving Under the Radar.”

    6 Bill Toulas, “Interlock Ransomware Gang Deploys New NodeSnake RAT on Universities,“ Bleeping Computer, May 28, 2025, https://www.bleepingcomputer.com/news/security/interlock-ransomware-gang-deploys-new-nodesnake-rat-on-universities/.

    7 Biasiotto, “Unwrapping the Emerging Interlock Ransomware Attack.”

    8 International law-enforcement and Microsoft took down the Lumma Stealer malware in May 2025 by seizing internet domains the actors used to distribute the malware to actors and taking down domains that hosted the malware’s infrastructure. For more information, see Tara Seals, “Lumma Stealer Takedown Reveals Sprawling Operation,” Dark Reading, May 21, 2025, https://www.darkreading.com/cybersecurity-operations/lumma-stealer-takedown-sprawling-operation, and Steven Masada, “Disrupting Lumma Stealer: Microsoft Leads Global Action Against Favored Cybercrime Tool,” Microsoft On the Issues (blog), Microsoft, last modified May 21, 2025, https://blogs.microsoft.com/on-the-issues/2025/05/21/microsoft-leads-global-action-against-favored-cybercrime-tool/.

    9 Sekoia Threat Detection and Research team, “Interlock Ransomware Evolving Under the Radar.”

    10 Biasiotto, “Unwrapping the Emerging Interlock Ransomware Attack.”

    11 Biasiotto, “Unwrapping the Emerging Interlock Ransomware Attack.”

    12 Biasiotto, “Unwrapping the Emerging Interlock Ransomware Attack.”

    13 Biasiotto, “Unwrapping the Emerging Interlock Ransomware Attack.”

    14 Lawrence Abrams, “Meet Interlock — The New Ransomware Targeting FreeBSD Servers,” Bleeping Computer, November 3, 2024, https://www.bleepingcomputer.com/news/security/meet-interlock-the-new-ransomware-targeting-freebsd-servers/.

    15 Biasiotto, “Unwrapping the Emerging Interlock Ransomware Attack.”

    16 Graham Cluley, “Interlock Ransomware: What You Need to Know,” Fortra (blog), Fortra, last modified May 30, 2025, https://www.tripwire.com/state-of-security/interlock-ransomware-what-you-need-know.

    17 Sekoia Threat Detection and Research team, “Interlock Ransomware Evolving Under the Radar.”

    MIL OSI USA News

  • MIL-OSI USA: CISA Adds One Known Exploited Vulnerability, CVE-2025-53770 “ToolShell,” to Catalog

    News In Brief – Source: US Computer Emergency Readiness Team

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. See CISA’s Alert Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770) for more information and to apply the recommended mitigations. 

    • CVE-2025-53770: Microsoft SharePoint Server Remote Code Execution Vulnerability

    These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

    Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

    Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

    MIL OSI USA News

  • MIL-OSI USA: NASA Tests New Heat Source Fuel for Deep Space Exploration

    Source: NASA

    To explore the unknown in deep space, millions of miles away from Earth, it’s crucial for spacecraft to have ample power. NASA’s radioisotope power systems (RPS) are a viable option for these missions and have been used for over 60 years, including for the agency’s Voyager spacecraft and Perseverance Mars rover. These nuclear batteries provide long-term electrical power for spacecraft and science instruments using heat produced by the natural radioactive decay of radioisotopes. Now, NASA is testing a new type of RPS heat source fuel that could become an additional option for future long-duration journeys to extreme environments.
    Historically, the radioisotope plutonium-238 (plutonium oxide) has been NASA’s RPS heat source fuel of choice, but americium-241 has been a source of interest for the past two decades in Europe. In January, the Thermal Energy Conversion Branch at NASA’s Glenn Research Center in Cleveland and the University of Leicester, based in the United Kingdom, partnered through an agreement to put this new option to the test.
    One method to generate electricity from radioisotope heat sources is the free-piston Stirling convertor. This is a heat engine that converts thermal energy into electrical energy. However, instead of a crankshaft to extract power, pistons float freely within the engine. It could operate for decades continuously without wear, as it does not have piston rings or rotating bearings that will eventually wear out. Thus, a Stirling convertor could generate more energy, allowing more time for exploration in deep space. Researchers from the University of Leicester — who have been leaders in the development of americium RPS and heater units for more than 15 years — and NASA worked to test the capabilities of a Stirling generator testbed powered by two electrically heated americium-241 heat source simulators.
    “The concept started as just a design, and we took it all the way to the prototype level: something close to a flight version of the generator,” said Salvatore Oriti, mechanical engineer at Glenn. “The more impressive part is how quickly and inexpensively we got it done, only made possible by a great synergy between the NASA and University of Leicester teams. We were on the same wavelength and shared the same mindset.”

    The university provided the heat source simulators and generator housing. The heat source simulator is the exact size and shape of their real americium-241 heat source, but it uses embedded electric heaters to create an equivalent amount of heat to simulate the decay of americium fuel and therefore drive generator operation. The Stirling Research Lab at Glenn provided the test station, Stirling convertor hardware, and support equipment.
    “A particular highlight of this (testbed) design is that it is capable of withstanding a failed Stirling convertor without a loss of electrical power,” said Hannah Sargeant, research fellow at the University of Leicester. “This feature was demonstrated successfully in the test campaign and highlights the robustness and reliability of an Americium-Radioisotope Stirling Generator for potential future spaceflight missions, including long-duration missions that could operate for many decades.”
    The test proved the viability of an americium-fueled Stirling RPS, and performance and efficiency targets were successfully met. As for what’s next, the Glenn team is pursuing the next version of the testbed that will be lower mass, higher fidelity, and undergo further environmental testing.
    “I was very pleased with how smoothly everything went,” Oriti said of the test results. “Usually in my experience, you don’t accomplish everything you set out to, but we did that and more. We plan to continue that level of success in the future.”
    For more information on NASA’s RPS programs, visit:https://science.nasa.gov/rps

    MIL OSI USA News

  • MIL-OSI USA: NASA Tests New Heat Source Fuel for Deep Space Exploration

    Source: NASA

    To explore the unknown in deep space, millions of miles away from Earth, it’s crucial for spacecraft to have ample power. NASA’s radioisotope power systems (RPS) are a viable option for these missions and have been used for over 60 years, including for the agency’s Voyager spacecraft and Perseverance Mars rover. These nuclear batteries provide long-term electrical power for spacecraft and science instruments using heat produced by the natural radioactive decay of radioisotopes. Now, NASA is testing a new type of RPS heat source fuel that could become an additional option for future long-duration journeys to extreme environments.
    Historically, the radioisotope plutonium-238 (plutonium oxide) has been NASA’s RPS heat source fuel of choice, but americium-241 has been a source of interest for the past two decades in Europe. In January, the Thermal Energy Conversion Branch at NASA’s Glenn Research Center in Cleveland and the University of Leicester, based in the United Kingdom, partnered through an agreement to put this new option to the test.
    One method to generate electricity from radioisotope heat sources is the free-piston Stirling convertor. This is a heat engine that converts thermal energy into electrical energy. However, instead of a crankshaft to extract power, pistons float freely within the engine. It could operate for decades continuously without wear, as it does not have piston rings or rotating bearings that will eventually wear out. Thus, a Stirling convertor could generate more energy, allowing more time for exploration in deep space. Researchers from the University of Leicester — who have been leaders in the development of americium RPS and heater units for more than 15 years — and NASA worked to test the capabilities of a Stirling generator testbed powered by two electrically heated americium-241 heat source simulators.
    “The concept started as just a design, and we took it all the way to the prototype level: something close to a flight version of the generator,” said Salvatore Oriti, mechanical engineer at Glenn. “The more impressive part is how quickly and inexpensively we got it done, only made possible by a great synergy between the NASA and University of Leicester teams. We were on the same wavelength and shared the same mindset.”

    The university provided the heat source simulators and generator housing. The heat source simulator is the exact size and shape of their real americium-241 heat source, but it uses embedded electric heaters to create an equivalent amount of heat to simulate the decay of americium fuel and therefore drive generator operation. The Stirling Research Lab at Glenn provided the test station, Stirling convertor hardware, and support equipment.
    “A particular highlight of this (testbed) design is that it is capable of withstanding a failed Stirling convertor without a loss of electrical power,” said Hannah Sargeant, research fellow at the University of Leicester. “This feature was demonstrated successfully in the test campaign and highlights the robustness and reliability of an Americium-Radioisotope Stirling Generator for potential future spaceflight missions, including long-duration missions that could operate for many decades.”
    The test proved the viability of an americium-fueled Stirling RPS, and performance and efficiency targets were successfully met. As for what’s next, the Glenn team is pursuing the next version of the testbed that will be lower mass, higher fidelity, and undergo further environmental testing.
    “I was very pleased with how smoothly everything went,” Oriti said of the test results. “Usually in my experience, you don’t accomplish everything you set out to, but we did that and more. We plan to continue that level of success in the future.”
    For more information on NASA’s RPS programs, visit:https://science.nasa.gov/rps

    MIL OSI USA News

  • MIL-OSI USA: News Release: Jud Virden, Ph.D., Appointed Laboratory Director at NREL

    Source: US National Renewable Energy Laboratory

    Jud Virden, Ph.D.

    The Alliance for Sustainable Energy (Alliance) today announced the appointment of Jud Virden, Ph.D., as director of NREL and president of the Alliance, which manages the laboratory for the Department of Energy (DOE). Dr. Virden will officially join NREL in this role on Oct. 1, 2025. Virden was selected following a competitive national search.

    Virden joins NREL from Pacific Northwest National Laboratory (PNNL), where he has served as associate laboratory director for the Energy and Environment Directorate since 2011. In that role, he led approximately 1,700 scientists, engineers, and staff advancing DOE’s applied energy priorities—ranging from power grid modernization and energy technologies to nuclear and environmental management.

    “Jud’s leadership in driving transformative energy solutions makes him an outstanding fit for NREL,” said Alliance Board co-chairs Ian Colrain, president and CEO of MRIGlobal, and Juan Alvarez, executive vice president of laboratory operations at Battelle. “He brings a rare combination of scientific rigor, strategic vision, and a collaborative spirit—paired with a deep understanding of DOE priorities and the national lab system. His ability to translate innovation into impact makes him ideally suited to lead NREL into its next chapter.”

    “It’s a privilege to step into this role at such a pivotal time,” Dr. Virden said. “I am eager to build on NREL’s reputation for scientific excellence and drive meaningful, lasting transformation. I look forward to growing collaborations within DOE, industry, academia, and the national labs—working together to accelerate energy innovation and impact.”

    Dr. Virden earned both his Bachelor of Science and doctorate in chemical engineering from the University of Washington and has been with PNNL since 1991. His career is marked by a strong record in forging public-private partnerships and advancing grid resilience and energy technologies.

    Dr. Virden will succeed Dr. Martin Keller, who has served as NREL’s laboratory director since 2015. Under Dr. Keller’s leadership, NREL has experienced record growth in funding, talent, and impact—cementing its role as a global leader in energy research and innovation. He will continue at the laboratory as a strategic advisor through early November to ensure a smooth transition. Dr. Keller will then leave the laboratory for his new role as president of the Helmholtz Association in Berlin, Germany. 

    “Martin led with vision, thoughtfulness, and unwavering integrity,” Colrain and Alvarez said. “His leadership left an enduring mark on NREL’s legacy and future. We thank him for his extraordinary service and look forward to seeing the continued impact of his work in the global research community.”

    NREL—the National Renewable Energy Laboratory—is the U.S. Department of Energy’s primary national laboratory for energy systems research, development, and integration. NREL is managed and operated for the U.S. Department of Energy by a partnership led by MRIGlobal and Battelle.

    MIL OSI USA News

  • MIL-OSI USA: MBA’s Michael Bozzi Named Honorary Commander of Air National Guard Unit

    Source: US State of Connecticut

    Michael Bozzi, an adjunct faculty member in the MBA program and the Director of the MBA Office of Student Services, has been selected as the Honorary Commander for the Connecticut Air National Guard’s 103rd Maintenance Group.

    He is the first civilian to receive the appointment. During his three-year tenure, he will share his leadership knowledge and expertise with the 250-member maintenance group, attend many of their social functions, and go on a training flight to learn more about their work.

    “This is truly the honor of a lifetime,’’ Bozzi said. “We have so many UConn alumni and students who are in the Guard. I’m happy to share my knowledge with them on topics that will be helpful.’’

    “In exchange, I will certainly develop a broader view of leadership, a deeper understanding of how the military works, and I will be better equipped to engage our students who are veterans or currently serving in the military,’’ he said.

    Bozzi Nominated by Air National Guard Colonel

    Above, Bozzi sits in the pilot’s seat of a military aircraft for the first time, as he develops a sense of what the Air Force service members experience. (Contributed Photo)

    Bozzi was nominated for the honorary commander position by Col. Paul Fiasconaro, who took the professor’s Managing Organizations (MENT5138) course in the spring. Fiasconaro, who commands the 103rd Maintenance Group, dubbed the Flying Yankees, found the coursework extremely beneficial.

    “His teaching style and discussions resonated with me. They were interesting and engaging. He makes you want to learn more,’’ said Fiasconaro, who has two master’s degrees from other institutions and is completing a project management certificate at UConn. He described Bozzi as among the best educators he’s met.

    Bozzi was sworn in on June 8 in front of 700 people at the unit’s Family Day, which gave him a chance to meet the servicemembers and their families. The civilian-military partnership is designed to build stronger community connections and give leaders the opportunity to engage more deeply with the service men and women.

    Bozzi recently delivered a presentation on leadership to the servicemembers, whose backgrounds range from corporate executives to recent high school graduates.

    He spoke about the five basic principles of leadership and how it is relevant to all of them.

    “In the Guard, everyone is a leader,’’ Bozzi said. “Certainly there is a chain of command, but every person must be progressive and forward thinking.’’

    The presentation offered something for service members at all levels, Fiasconaro said, and centered around the need to always keep in mind the problem that you’re trying to solve. Many service members stayed to talk with Bozzi and mentioned how much they enjoyed the program.

    Some members of the unit are preparing to deploy to Africa, and Bozzi will teach them about anxiety and stress mitigation prior to their departure.

    ‘Who We Are and What We Do’

    Fiasconaro said the Guard is eager to increase knowledge of “who we are and what we do,’’ among the civilian community. “This type of connection brings in a second look from the outside and a partnership that is mutually beneficial,’’ he said.

    Fiasconaro, who will soon be retiring from the military and returning to civilian work, said there are many parallels between the two entities.

    “The similarities between the military and business are significant,’’ he said. “Both operate within structured hierarchies, rely heavily on strong leadership, and demand strategic thinking to achieve their objectives.’’

    MIL OSI USA News

  • MIL-OSI Europe: Written question – Need for clear exemptions for military personnel under the Working Time Directive – E-002871/2025

    Source: European Parliament

    Question for written answer  E-002871/2025
    to the Commission
    Rule 144
    Alice Teodorescu Måwe (PPE), Rasa Juknevičienė (PPE), Wouter Beke (PPE), Petras Auštrevičius (Renew), Matej Tonin (PPE)

    Directive 2003/88/EC[1] (Working Time Directive) sets minimum standards for rest and working hours across the EU. While Article 17 allows derogations for specific sectors, including the armed forces, the scope and application of these exemptions remain legally unclear. This ambiguity has led to inconsistent national practices and legal uncertainty for Member States.

    Some countries (e.g. Sweden, Germany and Ireland) have introduced structured systems to balance soldiers’ right to rest with operational demands. The Commission has expressed support for Ireland’s recent reforms, while other models – such as Sweden’s use of collective agreements – have faced criticism. This variation highlights the need for a clearer and more harmonised legal basis for flexibility under the directive.

    In the light of evolving security threats and the Commission’s emphasis on ensuring interoperability and readiness of national armed forces within a common EU framework, we ask:

    is the Commission willing to consider or propose amendments to the Working Time Directive to establish a more explicit, harmonised exemption framework for military personnel – particularly concerning activities such as deployment, emergency response and training?

    Submitted: 14.7.2025

    • [1] Directive 2003/88/EC of the European Parliament and of the Council of 4 November 2003 concerning certain aspects of the organisation of working time, OJ L 299, 18.11.2003, p. 9, ELI: http://data.europa.eu/eli/dir/2003/88/oj.
    Last updated: 22 July 2025

    MIL OSI Europe News

  • MIL-OSI Europe: Karl Nehammer appointed new Vice-President of the European Investment Bank

    Source: European Investment Bank

    Nidetzky

    • Former Chancellor of Austria will join the EIB Management Committee.
    • Vice-President Nehammer will start on 1 September, succeeding Swedish Vice-President Thomas Ostros.

    The European Investment Bank (EIB) is pleased to announce the appointment of Karl Nehammer as a new Vice-President and Member of its Management Committee, following a decision by the 27 EU Finance Ministers, representing the EIB’s shareholders, the EU Member States.

    Mr. Nehammer, an Austrian national, has been nominated by Austria and is set to take up his duties on 1 September 2025, succeeding current Vice-President Thomas Östros.

    Karl Nehammer joins the EIB with a wealth of experience from his distinguished career in Austrian politics. He served as the Federal Chancellor of Austria from 2021 to 2025. Prior to this, he was Minister of the Interior from 2020 to 2021, and he was a member of the National Council from 2017 to 2020 as well as Secretary-General of the People’s Party.

    EIB Group President Nadia Calviño welcomed the appointment, stating, “I am pleased to welcome Karl Nehammer to the EIB Management Committee. His profound experience in European politics will be an important asset for our Group and for delivering on key EU policy goals.”

    Upon his appointment, Karl Nehammer remarked, “I am thrilled to join the European Investment Bank, an institution vital to the economic well-being and strategic autonomy of the European Union. The EIB plays a key role in backing priority investment across Europe and worldwide, and I look forward to working with President Calviño, my fellow Management Committee members, EIB Group staff and stakeholders to advance the Bank’s critical mission”.

    The EIB Group has operated in Austria since 1973 and since then the EIB  has provided more than EUR 34 billion for public and private investment across the country. The last Austrian Vice-President of the EIB was Wilhelm Molterer who served from 2011 to 2015.

    Background information  

    The EIB’s Management Committee is the Bank’s permanent collegiate executive body, composed of a President and eight Vice-Presidents. Its members are appointed by the EIB’s Board of Governors, which consists of the economy and finance ministers of the 28 EU Member States.

    The Committee collectively oversees the day-to-day running of the EIB and is responsible for preparing and ensuring the implementation of the Board of Directors’ decisions, particularly concerning borrowing and lending operations.

    The European Investment Bank (ElB) is the long-term lending institution of the European Union, owned by its Member States. Built around eight core priorities, we finance investments that contribute to EU policy objectives by bolstering climate action and the environment, digitalisation and technological innovation, security and defence, cohesion, agriculture and bioeconomy, social infrastructure, the capital markets union, and a stronger Europe in a more peaceful and prosperous world. 

    The EIB Group, which also includes the European Investment Fund (EIF), signed nearly €89 billion in new financing for over 900 high-impact projects in 2024, boosting Europe’s competitiveness and security.   

    All projects financed by the EIB Group are in line with the Paris Climate Agreement, as pledged in our Climate Bank Roadmap. Almost 60% of the EIB Group’s annual financing supports projects directly contributing to climate change mitigation, adaptation, and a healthier environment.   

    Fostering market integration and mobilising investment, the Group supported a record of over €100 billion in new investment for Europe’s energy security in 2024 and mobilised €110 billion in growth capital for startups, scale-ups and European pioneers.Approximately half of the EIB’s financing within the European Union is directed towards cohesion regions, where per capita income is lower than the EU average. 

    High-quality, up-to-date photos of our headquarters for media use are available here.

    MIL OSI Europe News

  • MIL-OSI Europe: Written question – Abolition of paper package leaflets for medicinal products – P-002901/2025

    Source: European Parliament

    Priority question for written answer  P-002901/2025
    to the Commission
    Rule 144
    Jaroslava Pokorná Jermanová (PfE), Jaroslav Bžoch (PfE), Nikola Bartůšek (PfE), Virginie Joron (PfE), Tomáš Kubín (PfE), Ondřej Knotek (PfE), Kateřina Konečná (NI), Klara Dostalova (PfE), Geadis Geadi (ECR), Julien Leonardelli (PfE), Margarita de la Pisa Carrión (PfE)

    Our urgent written question concerns the proposal currently under discussion on the abolition of paper package leaflets for medicinal products within the territory of the European Union. This step, which is part of a broader digitalisation strategy in the field of healthcare and pharmaceuticals, raises numerous questions and concerns among both medical professionals and the public.

    • 1.How does the Commission intend to ensure that information about medicines remains easily accessible to all population groups including senior citizens, people without internet access or those who are not digitally literate?
    • 2.Has the Commission considered the consequences of this measure in terms of patient safety, especially regarding the risk of incorrect use of medicines in the absence of easily accessible instructions?
    • 3.Has the Commission considered the potential risk of disruption to the availability of medicines that could result from abolishing the requirement to repackage medicines in national languages – potentially encouraging increased exports to higher-priced countries – and thereby threatening access to medicines in Member States with lower prices?

    Supporters[1]

    Submitted: 15.7.2025

    • [1] This question is supported by Members other than the authors: Filip Turek (PfE), Pál Szekeres (PfE), Viktória Ferenc (PfE), Ruth Firmenich (NI), Tomasz Froelich (ESN), Ondřej Krutílek (ECR)
    Last updated: 22 July 2025

    MIL OSI Europe News

  • MIL-OSI Europe: Written question – Use of NRRP funds for integrated home care services and healthcare professional shortages in Italy – E-002870/2025

    Source: European Parliament

    Question for written answer  E-002870/2025
    to the Commission
    Rule 144
    Valentina Palmisano (The Left)

    Italy will, under mission 6 of its national recovery and resilience plan (NRRP), invest EUR 2 billion of Next Generation EU funds to increase the share of the population over 65 in integrated home care to 10 %.

    Italy is now claiming that it has achieved this objective, even though the country continues to be beset by systemic shortages of nursing staff and physiotherapists. In addition, there is no evidence that Italy’s policies have increased the number of available healthcare professionals in the country between 2023 and 2025.

    Given its role in monitoring the implementation of NRRPs, can the Commission answer the following questions:

    • 1.Is it aware of any discrepancies between the actual number of new patients admitted to integrated home care services and Italy’s reporting criteria?
    • 2.Has Italy documented whether the aforementioned increase is the result of new staff being recruited or of the reorganisation of existing resources and non-accredited entities?
    • 3.Does the Commission believe that the measures taken by Italy to overcome its shortage of healthcare professionals are sufficient to ensure the medium-to-long-term sustainability of the EU’s investment

    Submitted: 14.7.2025

    Last updated: 22 July 2025

    MIL OSI Europe News

  • MIL-OSI Europe: Written question – Suspension of the EU-El Salvador Agreement in the light of massive human rights violations – E-002650/2025

    Source: European Parliament

    Question for written answer  E-002650/2025/rev.1
    to the Vice-President of the Commission / High Representative of the Union for Foreign Affairs and Security Policy
    Rule 144
    Per Clausen (The Left), Hanna Gedin (The Left)

    Human rights and the rule of law are being breached almost constantly in El Salvador, and the government barely tolerates any criticism or opposition[1]. There is also President Bukele’s reprehensible cooperation with Donald Trump in imprisoning people who have been deported from the US in El Salvador’s notorious CECOT mega-prison.

    This appears to be a clear breach of the Agreement establishing an Association between the European Union and its Member States, on the one hand, and Central America on the other[2] (‘the Agreement’), Article 1 of which clearly states that ‘respect for human rights […] and […] the rule of law […] underpins the internal and international policies of both Parties and constitutes an essential element of this Agreement’. The EU therefore absolutely must take action.

    With the above in mind, would the High Representative of the Union for Foreign Affairs and Security Policy please answer the following questions:

    • 1.What did El Salvador do the last time the EU formally raised the human rights situation with the country’s authorities?
    • 2.Do the many violations of human rights and the rule of law being committed in El Salvador constitute a breach of the relevant parts of the Agreement, including Articles 1 and 2?
    • 3.When will a recommendation be made that the Member States should assess whether essential parts of the Agreement have been breached to such an extent that action should be taken under Article 355 of the Agreement, including whether it should be suspended?

    Submitted: 1.7.2025

    • [1] https://www.amnesty.org/en/latest/news/2025/05/el-salvador-gobierno-profundiza-patron-autoritario-frente-al-descontento-social/
    • [2] https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:22012A1215(01)
    Last updated: 22 July 2025

    MIL OSI Europe News

  • MIL-OSI Security: Across-the-Board Convictions in Final Highs RICO Trial of 2025

    Source: Office of United States Attorneys

    MINNEAPOLIS – Following an eight-day jury trial, a federal jury convicted two defendants of all charged counts for their involvement in the Highs street gang, announced Acting U.S. Attorney Joseph H. Thompson.

    Defendants Cortez Davon Blakemore, 35, and Robert Lesure, 23, were convicted by a jury of federal RICO conspiracy and conspiracy to distribute controlled substances. A sentencing hearing will be set at a later date. According to court documents and evidence presented at trial, Blakemore and Lesure were long-standing and prolific drug traffickers for the Highs criminal street gang.  They sold fentanyl at the intersection of Broadway and Lyndale in North Minneapolis, which the Highs had taken control of and turned into an open-air drug market. As the jury heard at trial, the Highs is a violent criminal street gang that has long wreaked havoc on North Minneapolis, selling fentanyl and other deadly drugs and enforcing its terorrity through violence, kidnapping, and murder, including the murders of innocent civlians caught in the crossfire. Forty members of the Highs gang were charged in this large RICO indictment. Blakemore and Lesure are the 37th and 38th defendants to be convicted in this case. A final RICO defendant is set to be tried in 2026.

    “These convictions bring justice not just to the victims of the Highs gang, but to an entire community that has endured years of violence, fear, and loss,” said Acting U.S. Attorney Joseph H. Thompson. “For too long, this gang terrorized Minneapolis, maintaining control through chaos. Today, the people of this city get something they’ve long been denied: peace. This case is the result of a relentless federal coalition—the U.S. Attorney’s Office side-by-side with our federal, state, and local law enforcement partners.  Our message is clear: if you endanger our communities, we are coming for you.  And we won’t stop until every neighborhood in this city is free from fear.”

    “This isn’t just another trial; it’s a continuation of our full-court press to dismantle the Highs street gang and hold every last member accountable,” said Travis Riddle, ATF Special Agent in Charge of the St. Paul Field Division. “We’re proud to stand alongside our prosecution and investigative partners who’ve shown unmatched determination, trial after trial, to bring justice to the communities harmed by this violence.”

    “As the summer progresses, Minneapolis is continuing to see a drop in violent crime, especially gun violence throughout the city,” said Minneapolis Police Chief Brian O’Hara.  “The outstanding work of MPD officers and our partnership with the U.S. Attorney’s Office have been instrumental in targeting the small number of individuals committing a disproportionate amount of violence in the city. This conviction is the latest result of efforts that can not only be seen in the reduction of crime, but also felt by the community as we work to rebuild trust.”

    “Our focus isn’t just on the money—it’s on the damage that money fuels,” said Jason Bushey, IRS Acting Special Agent in Charge of the Chicago Field Office. “When violent gangs push drugs and fear into our communities, our agents work relentlessly to expose the money behind the violence. This conviction is the result of that effort and a clear reminder that those who profit from chaos and pain will be held accountable.”

    “In the wake of the guilty verdicts in the Highs gang RICO trial, it becomes abundantly clear that the efficacy of our justice system hinges not merely on the application of law, but on the transformative power of collaborative law enforcement partnerships,” stated FBI Minneapolis Special Agent in Charge Alvin M. Winston, Sr. “These alliances are essential, for they weave a fabric of shared intelligence and resources that fortify our collective resolve against violent crime, ensuring that justice is not merely an ideal, but a tangible reality for our communities.”

    This case is the result of an investigation conducted by the ATF, FBI, Minneapolis Police Department, IRS Criminal Investigation, U.S. Postal Inspection Service, Hennepin County Sheriff’s Office, Minnesota Bureau of Criminal Apprehension, and Minnesota Department of Corrections with the assistance of the U.S. Marshals Service, DEA, Homeland Security Investigation, and the Hennepin County Attorney’s Office. The Ramsey County Sheriff’s Office, Dakota County Sheriff’s Office, St. Paul Police Department, and numerous other law enforcement agencies contributed to the investigation.

    The U.S. Attorney’s Office also is deeply grateful to the Justice Department’s Violent Crime & Racketeering Section (VCRS) for their continued partnership and expertise on this and other ongoing RICO cases. This partnership has been critical to the success of these gang prosecutions.

    Assistant U.S. Attorneys Thomas Calhoun-Lopez, Albania Concepcion, and Carla Baumel tried this case.  They are prosecuting the case along with Attorney Brian Lynch of the Justice Department’s Violent Crime & Racketeering Section. 

    MIL Security OSI

  • MIL-OSI Security: Repeat Domestic Violence Offender from Ganado Sentenced to 96 Months in Prison

    Source: Office of United States Attorneys

    PHOENIX, Ariz. – Brian Jason Gishie, 46, of Ganado, Arizona, was sentenced on July 16, by Senior United States District Judge David G. Campbell to 96 months in prison, followed by three years of supervised release. Gishie, an enrolled member of the Navajo Nation, previously pleaded guilty to assault with a dangerous weapon and assault of an intimate partner by strangling.

    On or about June 20, 2024, Gishie brutally assaulted an intimate partner at his home in Greasewood, Arizona, within the Navajo Nation community. Using a baseball bat, Gishie hit the victim several times on her head and body. He then strangled her with both hands for several seconds. The victim was medically treated for injuries related to the assault. Gishie had previously been convicted of multiple domestic violence related offenses, including Aggravated Domestic Violence in Maricopa County in 2004, and Assault by Strangling in the District of Arizona in 2019.

    The FBI Phoenix Division’s Flagstaff office and the Navajo Nation Police Department conducted the investigation in this case. The United States Attorney’s Office, District of Arizona, Phoenix, handled the prosecution.

    CASE NUMBER:           CR-24-08120-PCT-DGC
    RELEASE NUMBER:    2025-123_Gishie

    # # #

    For more information on the U.S. Attorney’s Office, District of Arizona, visit http://www.justice.gov/usao/az/
    Follow the U.S. Attorney’s Office, District of Arizona, on Twitter @USAO_AZ for the latest news.

    MIL Security OSI

  • MIL-OSI Security: U.S. commences civil action to forfeit $7.1 million in cryptocurrency tied to oil and gas storage fraud scheme

    Source: Office of United States Attorneys

    Seattle – The U.S. Attorney’s Office, Western District of Washington today filed a civil action seeking the forfeiture of cryptocurrency valued at approximately $7.1 million seized in the investigation of an oil and gas related investment fraud scheme, announced Acting U.S. Attorney Teal Luthy Miller. The funds, part of some $97 million taken in by the coconspirators between June 2022 and July 2024, was seized by Homeland Security Investigations in December 2024.

    “The co-schemers in this fraud moved their ill-gotten gain through various cryptocurrency accounts to try to launder the money stolen from victims,” said Acting U.S. Attorney Miller. “Federal investigators and prosecutors in our office moved as quickly as possible to trace and seize the cryptocurrency so that some of the losses can be returned to victims.”

    According to the forfeiture filing and other records in the case, from at least August 2022 through August 2024, the co-schemers convinced victims to send money to what was represented as escrow accounts to purchase oil tank storage in either Rotterdam, Netherlands, or Houston. The schemers indicated that the investors could make significant profits by renting the oil tank storage they obtained to others. The victims sent money to accounts linked to these entities: Sea Forest International LLC; Apex Oil and Gas Trading LLC; Navigator Energy Logistics LLC; Terminal Energy International Escrow Service LLC; Energo Horizons Logistics (EA) LLC; Legacy Energy Logistics Transport Group LLC; Green Tree Gateway LLC. However once victims sent their money, they were not sent any further information on their investment and co-schemers simply stopped responding.

    Newcastle, Washington resident Geoffrey K. Auyeung, 47, was indicted in August 2024 as the coconspirator in the U.S. who is charged with receiving much of the fraud proceeds generated by the fraud scheme. The money was quickly moved to one or more of at least 81 different accounts at financial institutions, moved offshore, or moved to one or more of at least 19 different cryptocurrency accounts, where it was used for the purchase of cryptocurrencies, including Bitcoin, Tether, USD Coin, and Ethereum. Much of the cryptocurrency was further transferred to accounts at the cryptocurrency exchange Binance.

    According to the forfeiture filing, the cryptocurrency accounts that were seized were linked to individuals in Russia and Nigeria. Some of the cryptocurrency purchased with victims’ funds was also sent to cryptocurrency exchanges in Russia and Nigeria, at least one of which is alleged to have facilitated money laundering for transnational criminal organizations – including terrorist organizations and organizations that violate international trade sanctions.

    At the time of Auyeung’s arrest and indictment, some $2.3 million was seized from his bank accounts. The $7.1 million in cryptocurrency the government is seeking to forfeit is in addition to the $2.3 million.

    Should the court approve the forfeiture the money will be distributed to victims in the case. Currently. Investigators have identified dozens of victims who were defrauded out of approximately $17.9 million. Investigators believe those numbers will continue to grow as more victims are identified and verified.

    The case is being investigated by HSI.

    The case is being prosecuted by Assistant United States Attorneys Jehiel Baer and Yunah Chung.

    MIL Security OSI

  • MIL-OSI Security: Amherst Businessman Sentenced for COVID Fraud

    Source: US FBI

    BUFFALO, N.Y. – U.S. Attorney Michael DiGiacomo announced today Hormoz Mansouri, 71, of Amherst, NY, who was convicted of conspiracy to commit wire fraud and bank fraud, and bank fraud, was sentenced to time served and five years’ supervised release, to include one year of home detention. He was also ordered to pay restitution totaling $3,197,562 and to forfeit $1,888,603.

    Assistant U.S. Attorney Paul E. Bonanno, who handled the case, stated that Mansouri filed fraudulent loan applications under both the Paycheck Protection Program (PPP) and Economic Injury Disaster Loan (EIDL) program.  The loans available for these programs were designed to provide emergency financial assistance pursuant to the Coronavirus Aid, Relief, and Economic Security (CARES Act). Mansouri controlled the following business entities which applied for loans:

    • HLM Holding LLC,
    • El Team Inc.,
    • NPTS Inc.,
    • 2060 Sheridan Drive LLC,
    • 212 Holden Avenue LLC,
    • 350 Old Niagara Falls Boulevard LLC,
    • 47 East Amherst LLC, and
    • 3600 Harlem Road LLC.

    The PPP loans that the Mansouri-controlled entities obtained, either inflated or completely fabricated the average monthly payroll and six of the eight entities had no actual employees or payroll expenses at all. The total amount of money received from the fraudulent PPP loans totaled approximately $3,000,000. The Mansouri controlled entities also received approximately $450,600 in Economic Injury Disaster Loans (EIDL). These loan applications falsely represented revenues and cost of goods sold. On May 28, 2021, the United States Attorney’s Office seized approximately $1,923,603 of the fraudulently obtained money.

    Mansouri also moved the fraudulent PPP and EIDL funds between various bank accounts; commingling the proceeds with legitimate business revenues; and funding certain accounts, including a campaign account (in the name of “Mansouri for County Comptroller”). 

    The sentencing is the result of an investigation by the Federal Bureau of Investigation, under the direction of Acting Special Agent-in-Charge Mark Grimm, and the Internal Revenue Service, Criminal Investigation Division, under the direction of Special Agent-in-Charge Harry Chavis.

    # # # #

     

     

    MIL Security OSI

  • MIL-OSI Security: Federal Grand Jury Indicts Louisville Woman for Defrauding Pool Business Customers

    Source: US FBI

    Louisville, KY – A federal grand jury in Louisville returned an indictment on July 16, 2025, charging a Louisville woman with engaging in a scheme to defraud customers of her pool installation business, Davenport Extreme Pools and Spas Inc.

    U.S. Attorney Kyle G. Bumgarner of the Western District of Kentucky, Acting Special Agent in Charge Olivia Olson of the FBI Louisville Field Office, and Special Agent in Charge Karen Wingerd of the Internal Revenue Service Criminal Investigations, Cincinnati Field Office, made the announcement.

    According to the indictment, Tracy Davenport, 50, was charged with 13 counts of wire fraud, 5 counts of money laundering, and 1 count of bankruptcy fraud. The indictment alleges Tracy Davenport, and others working at her direction, engaged in a scheme to induce customers into signing a contract for a pool installation and paying a large down payment up front. Tracy Davenport then used those funds for purposes other than what was agreed upon.

    The defendant will make her initial court appearance before a U.S. Magistrate Judge of the U.S. District Court for the Western District of Kentucky at a later date. 

    There is no parole in the federal system.

    This case is being investigated by the FBI and IRS-CI, with assistance from the Louisville Metro Police Department, the Jefferson County Commonwealth Attorney’s Office, and the United States Trustee’s Office for the Western District of Kentucky.

    Assistant U.S. Attorney Nicole Elver is prosecuting the case.

    An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

    ###

    MIL Security OSI