NewzIntel.com

Category: Law Enforcement

  • MIL-OSI New Zealand: Police monitoring Te Puke tangi

    Source: New Zealand Police (National News)

    Attributable to Inspector Clifford Paxton, Western Bay of Plenty Area Commander:

    Police are aware of a gang related tangi for the father of a prominent gang member, due to take place in the Western Bay of Plenty Area on Friday 21 February.

    Bay of Plenty Police will be monitoring the tangi and procession in Waitangi, Te Puke, due to take place around midday.

    Motorists are advised to plan ahead as Police believe there could be some disruptions on the road, while attendees make their way to the tangi from Tauranga and other areas.

    Police advise those attending that we will not tolerate any unlawful activity, and this will be met with enforcement action where it is identified.

    Police will follow up in instances if we are unable to take enforcement action at the time, with information about the offence and offender noted for further action.

    If you see any unlawful activity, please contact Police via 111 if it is happening now or 105 if its after the fact either online or over the phone.

    ENDS

    Issued by Police Media Centre

    MIL OSI New Zealand News

  • MIL-OSI USA: Attorney General James Announces Takedown of Fentanyl and Cocaine Trafficking Ring in the Hudson Valley 

    Source: US State of New York

    NEW YORK – New York Attorney General Letitia James today announced the takedown of a drug trafficking ring in the Hudson Valley that illegally sold cocaine, powder fentanyl, and counterfeit oxycodone pills containing fentanyl across Dutchess, Ulster, and Orange Counties. An investigation led by the Office of the Attorney General’s (OAG) Organized Crime Task Force (OCTF) recovered two and a half kilograms of cocaine worth approximately $45,000, thousands of counterfeit oxycodone pills containing fentanyl worth over $500,000, and three and a half kilograms of powder fentanyl worth over $200,000. Five illegal handguns, including two ghost guns, and four high-capacity magazines were also seized during the operation. A 122-count indictment charging four individuals for their roles in the drug trafficking network was unsealed in Dutchess County Court. The indictment charges Xavier Grant, Antawone West, Michael Jones, and Kenyi Torres with multiple felonies for narcotics and firearms offenses.

    “Drug traffickers who distribute lethal amounts of opioids put communities throughout our state in danger,” said Attorney General James. “Not only did these individuals sell deadly narcotics, they disguised fentanyl in fake prescription pills, putting the lives of their customers at even greater risk. I thank our partners in law enforcement for their collaboration in this effort to take a dangerous criminal organization off our streets as we continue to work to keep New Yorkers safe.”

    The takedown was the result of an eleven-month joint investigation led by OCTF and the New York State Police’s (NYSP) Special Investigations Unit – Hudson Valley (SIU-HV) and Troop K – Violent Gang and Narcotics Enforcement Team (K-VGNET).

    The investigation included hundreds of hours of physical and covert surveillance, analysis of voluminous electronic evidence, including cellphone communications, covert video and audio recordings, and other traditional investigative techniques. During their communications, the defendants frequently utilized coded and cryptic terminology in an attempt to disguise their illicit activities, such as referring to orders of counterfeit oxycodone pills containing fentanyl as “blues,” “blueberries,” or “perks,” a nod to their legitimate, prescription medication counterparts. 

    The investigation revealed that Grant, West, Jones, and Torres obtained cocaine, powder fentanyl, and counterfeit oxycodone pills containing fentanyl for further distribution. Additionally, the investigation revealed that the four defendants worked together to store, supply, and distribute the narcotics in Dutchess, Orange, and Ulster Counties. The narcotics were stored in various stash locations in the residential areas of Poughkeepsie and often sold in parking lots. The investigation also seized five illegal handguns, four of which were loaded, and two of which were ghost guns, in addition to four illegal high-capacity magazines.

    The investigation into this narcotics trafficking network led to the recovery of:

    • Two and a half kilograms of cocaine;
    • Thousands of counterfeit oxycodone pills containing fentanyl weighing over two and a half kilograms;
    • Three and a half kilograms of powder fentanyl;
    • Five illegal handguns, including two ghost guns and four high-capacity magazines;
    • Drug paraphernalia, including scales, ziplock bags, glassine envelopes, and other packaging materials used to package and measure narcotics;
    • Two “kilo” presses; and
    • Approximately $255,000 in cash.

    Some of the alleged narcotics and firearms seized during the investigation, including cocaine, counterfeit oxycodone pills containing fentanyl, powder fentanyl, five handguns, four high-capacity magazines, and “kilo” presses.

    The 122-count indictment, unsealed in Dutchess County Court, includes counts for various felony narcotics offenses, including charges against Jones and West for Criminal Sale of a Controlled Substance in the First Degree and Criminal Possession of a Controlled Substance in the First Degree, respectively. Each carries a maximum sentence of 20 years in prison. Additional charges include various counts of Criminal Sale of a Controlled Substance (class B felonies) and Criminal Possession of a Controlled Substance (class A-II and B felonies), as well as Conspiracy to commit those crimes.

    Jones and West are also charged with firearms offenses including Criminal Possession of a Weapon in the Second Degree, a class C violent felony, Criminal Possession of a Weapon in the Third Degree, a class D felony, and Criminal Possession of a Firearm, a class E felony.

    Grant and Torres are each charged with, among other things, multiple counts of Criminal Sale of a Controlled Substance in the Second Degree, a class A-II felony, which carries a maximum sentence of 10 years in prison. They are also charged with Conspiracy to commit those crimes. The charges against the defendants are merely accusations and the defendants are presumed innocent unless and until proven guilty.

    Some of the alleged counterfeit oxycodone pills containing fentanyl seized during this investigation.

    “I want to thank the Attorney General’s Office, and our law enforcement partners for their vigilant hard work that has resulted in the arrests of these dangerous individuals,” said New York State Police Superintendent Steven G. James. “The sale of these highly addictive drugs perpetuates a cycle of substance abuse which poses a significant threat to safety and quality of life within our neighborhoods. This sends a strong message to dealers that we will not tolerate illegal drugs and weapons being brought into or sold in our communities.”

    Those charged in the indictment include:

    • Xavier Grant a/k/a “X,” 22 years old of Poughkeepsie, New York;
    • Antawone West, 25 years old of Poughkeepsie, New York;
    • Michael Jones a/k/a “Slime,” 33 years old of Poughkeepsie, New York; and
    • Kenyi Torres, 45 years old of Middletown, New York.

    This takedown marks the latest major drug bust in OAG’s Suburban and Upstate Response to the Growing Epidemic (SURGE) Initiative, a law enforcement effort that brings together state and local law enforcement to target New York’s heroin, opioid, and narcotics trafficking networks. Since launching in 2017, SURGE has taken 984 alleged traffickers off the streets.

    The investigation was led by OCTF Detectives David Walsh and Steven Cohan, under the supervision of OCTF Detective Supervisor Bradford Miller, OCTF Downstate Assistant Chief Ismael Hernandez, and OCTF Deputy Chief Andrew Boss. The Attorney General’s Investigations Division is led by Chief Oliver Pu-Folkes. 

    Attorney General James would also like to thank Dutchess County District Attorney Anthony Parisi, the Dutchess County Sheriff’s Office, the City of Poughkeepsie Police Department, and the Dutchess County Drug Task Force for their assistance throughout the investigation.

    The case is being prosecuted by OCTF Assistant Deputy Attorney General Joseph Barca under the supervision of Downstate OCTF Deputy Chief Lauren Abinanti, with the assistance of OCTF Legal Support Analysts Madeline Rosen, Alex DiGiacomo, and former Legal Support Analyst Christine Cintron. Nicole Keary is the Deputy Attorney General in Charge of OCTF. The Division for Criminal Justice is led by Chief Deputy Attorney General José Maldonado. Both the Investigations Division and the Division for Criminal Justice are overseen by First Deputy Attorney General Jennifer Levy.

    MIL OSI USA News

  • MIL-OSI Security: Milton — RCMP to hold a press conference following arrests linked to a complex and international cybercrime investigation

    Source: Royal Canadian Mounted Police

    The Officer in Charge of the Integrated Cybercrime Investigations Unit of the Central Region RCMP, Inspector Lina Dabit, will hold a press conference to provide results of a complex and international cybercrime investigation.

    Following a statement of facts, representatives from the RCMP will be available for questions.

    For media wanting to attend in person, please register by sending your name and media credentials to: media.relations.rcmp-Ontario-relations.medias.grc@rcmp-grc.gc.ca

    A live link to the conference will be provided upon registration for media only.

    When: February 20, 2025

    Time: 10:00 AM – Media is invited to start arriving in person at 9:15 AM

    Location: 2755 High Point Drive, Milton RCMP Detachment

    MIL Security OSI

  • MIL-OSI Security: #StopRansomware: Ghost (Cring) Ransomware

    Source: US Department of Homeland Security

    Summary

    Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources.

    The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint advisory to disseminate known Ghost (Cring)—(“Ghost”)—ransomware IOCs and TTPs identified through FBI investigation as recently as January 2025.

    Beginning early 2021, Ghost actors began attacking victims whose internet facing services ran outdated versions of software and firmware. This indiscriminate targeting of networks containing vulnerabilities has led to the compromise of organizations across more than 70 countries, including organizations in China. Ghost actors, located in China, conduct these widespread attacks for financial gain. Affected victims include critical infrastructure, schools and universities, healthcare, government networks, religious institutions, technology and manufacturing companies, and numerous small- and medium-sized businesses.

    Ghost actors rotate their ransomware executable payloads, switch file extensions for encrypted files, modify ransom note text, and use numerous ransom email addresses, which has led to variable attribution of this group over time. Names associated with this group include Ghost, Cring, Crypt3r, Phantom, Strike, Hello, Wickrme, HsHarada, and Rapture. Samples of ransomware files Ghost used during attacks are: Cring.exe, Ghost.exe, ElysiumO.exe, and Locker.exe.

    Ghost actors use publicly available code to exploit Common Vulnerabilities and Exposures (CVEs) and gain access to internet facing servers. Ghost actors exploit well known vulnerabilities and target networks where available patches have not been applied.

    The FBI, CISA, and MS-ISAC encourage organizations to implement the recommendations in the Mitigations section of this advisory to reduce the likelihood and impact of Ghost ransomware incidents.

    Download the PDF version of this report:

    For a downloadable copy of IOCs, see:

    Technical Details

    Note: This advisory uses the MITRE ATT&CK® Matrix for Enterprise framework, version 16.1. See the MITRE ATT&CK Tactics and Techniques section of this advisory for a table of the threat actors’ activity mapped to MITRE ATT&CK tactics and techniques.

    Initial Access

    The FBI has observed Ghost actors obtaining initial access to networks by exploiting public facing applications that are associated with multiple CVEs [T1190]. Their methodology includes leveraging vulnerabilities in Fortinet FortiOS appliances (CVE-2018-13379), servers running Adobe ColdFusion (CVE-2010-2861 and CVE-2009-3960), Microsoft SharePoint (CVE-2019-0604), and Microsoft Exchange (CVE-2021-34473CVE-2021-34523, and CVE-2021-31207— commonly referred to as the ProxyShell attack chain).

    Execution

    Ghost actors have been observed uploading a web shell [T1505.003] to a compromised server and leveraging Windows Command Prompt [T1059.003] and/or PowerShell [T1059.001] to download and execute Cobalt Strike Beacon malware [T1105] that is then implanted on victim systems. Despite Ghost actors’ malicious implementation, Cobalt Strike is a commercially available adversary simulation tool often used for the purposes of testing an organization’s security controls.

    Persistence

    Persistence is not a major focus for Ghost actors, as they typically only spend a few days on victim networks. In multiple instances, they have been observed proceeding from initial compromise to the deployment of ransomware within the same day. However, Ghost actors sporadically create new local [T1136.001] and domain accounts [T1136.002] and change passwords for existing accounts [T1098]. In 2024, Ghost actors were observed deploying web shells [T1505.003] on victim web servers.

    Privilege Escalation

    Ghost actors often rely on built in Cobalt Strike functions to steal process tokens running under the SYSTEM user context to impersonate the SYSTEM user, often for the purpose of running Beacon a second time with elevated privileges [T1134.001].

    Ghost actors have been observed using multiple open-source tools in an attempt at privilege escalation through exploitation [T1068] such as “SharpZeroLogon,” “SharpGPPPass,” “BadPotato,” and “GodPotato.” These privilege escalation tools would not generally be used by individuals with legitimate access and credentials. 

    See Table 1 for a descriptive listing of tools.

    Credential Access

    Ghost actors use the built in Cobalt Strike function “hashdump” or Mimikatz [T1003] to collect passwords and/or password hashes to aid them with unauthorized logins and privilege escalation or to pivot to other victim devices.

    Defense Evasion

    Ghost actors used their access through Cobalt Strike to display a list of running processes [T1057] to determine which antivirus software [T1518.001] is running so that it can be disabled [T1562.001]. Ghost frequently runs a command to disable Windows Defender on network connected devices. Options used in this command are: Set-MpPreference -DisableRealtimeMonitoring 1 -DisableIntrusionPreventionSystem 1 -DisableBehaviorMonitoring 1 -DisableScriptScanning 1 -DisableIOAVProtection 1 -EnableControlledFolderAccess Disabled -MAPSReporting Disabled -SubmitSamplesConsent NeverSend.

    Discovery

    Ghost actors have been observed using other built-in Cobalt Strike commands for domain account discovery [T1087.002], open-source tools such as “SharpShares” for network share discovery [T1135], and “Ladon 911” and “SharpNBTScan” for remote systems discovery [T1018]. Network administrators would be unlikely to use these tools for network share or remote systems discovery.

    Lateral Movement

    Ghost actors used elevated access and Windows Management Instrumentation Command-Line (WMIC) [T1047] to run PowerShell commands on additional systems on the victim network— often for the purpose of initiating additional Cobalt Strike Beacon infections. The associated encoded string is a base 64 PowerShell command that always begins with: powershell -nop -w hidden -encodedcommand JABzAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAE0AZQBtAG8AcgB5AFMAdAByAGUAYQBtACgALABbAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACIA… [T1132.001][T1564.003].

    This string decodes to “$s=New-Object IO.MemoryStream(,[Convert]::FromBase64String(“” and is involved with the execution of Cobalt Strike in memory on the target machine.

    In cases where lateral movement attempts are unsuccessful, Ghost actors have been observed abandoning an attack on a victim.

    Exfiltration

    Ghost ransom notes often claim exfiltrated data will be sold if a ransom is not paid. However, Ghost actors do not frequently exfiltrate a significant amount of information or files, such as intellectual property or personally identifiable information (PII), that would cause significant harm to victims if leaked. The FBI has observed limited downloading of data to Cobalt Strike Team Servers [T1041]. Victims and other trusted third parties have reported limited uses of Mega.nz [T1567.002] and installed web shells for similar limited data exfiltration. Note: The typical data exfiltration is less than hundreds of gigabytes of data.

    Command and Control

    Ghost actors rely heavily on Cobalt Strike Beacon malware and Cobalt Strike Team Servers for command and control (C2) operations, which function using hypertext transfer protocol (HTTP) and hypertext transfer protocol secure (HTTPS) [T1071.001]. Ghost rarely registers domains associated with their C2 servers. Instead, connections made to a uniform resource identifier (URI) of a C2 server, for the purpose of downloading and executing Beacon malware, directly reference the C2 server’s IP address. For example, http://xxx.xxx.xxx.xxx:80/Google.com where xxx.xxx.xxx.xxx represents the C2 server’s IP address.

    For email communication with victims, Ghost actors use legitimate email services that include traffic encryption features. [T1573] Some examples of emails services that Ghost actors have been observed using are Tutanota, Skiff, ProtonMail, Onionmail, and Mailfence.

    Note: Table 2 contains a list of Ghost ransom email addresses.

    Impact and Encryption

    Ghost actors use Cring.exe, Ghost.exe, ElysiumO.exe, and Locker.exe, which are all ransomware executables that share similar functionality. Ghost variants can be used to encrypt specific directories or the entire system’s storage [T1486]. The nature of executables’ operability is based on command line arguments used when executing the ransomware file. Various file extensions and system folders are excluded during the encryption process to avoid encrypting files that would render targeted devices inoperable.

    These ransomware payloads clear Windows Event Logs [T1070.001], disable the Volume Shadow Copy Service, and delete shadow copies to inhibit system recovery attempts [T1490]. Data encrypted with Ghost ransomware variants cannot be recovered without the decryption key. Ghost actors hold the encrypted data for ransom and typically demand anywhere from tens to hundreds of thousands of dollars in cryptocurrency in exchange for decryption software [T1486].

    The impact of Ghost ransomware activity varies widely on a victim-to-victim basis. Ghost actors tend to move to other targets when confronted with hardened systems, such as those where proper network segmentation prevents lateral moment to other devices.

    Indicators of Compromise (IOC)

    Table 1 lists several tools and applications Ghost actors have used for their operations. The use of these tools and applications on a network should be investigated further.

    Note: Authors of these tools generally state that they should not be used in illegal activity.

    Table 1: Tools Leveraged by Ghost Actors
    Name Description Source
    Cobalt Strike Cobalt Strike is penetration testing software. Ghost actors  use an unauthorized version of Cobalt Strike. N/A
    IOX Open-source proxy, used to establish a reverse proxy to a Ghost C2 server from an internal victim device. github[.]com/EddieIvan01/iox
    SharpShares.exe SharpShares.exe is used to enumerate accessible network shares in a domain. Ghost actors use this primarily for host discovery. github[.]com/mitchmoser/SharpShares
    SharpZeroLogon.exe SharpZeroLogon.exe attempts to exploit CVE-2020-1472 and is run against a target Domain Controller. github[.]com/leitosama/SharpZeroLogon
    SharpGPPPass.exe SharpGPPPass.exe attempts to exploit CVE-2014-1812 and targets XML files created through Group Policy Preferences that may contain passwords. N/A
    SpnDump.exe SpnDump.exe is used to list service principal name identifiers, which Ghost actors use for service and hostname enumeration. N/A
    NBT.exe A compiled version of SharpNBTScan, a NetBIOS scanner. Ghost actors use this tool for hostname and IP address enumeration. github[.]com/BronzeTicket/SharpNBTScan
    BadPotato.exe BadPotato.exe is an exploitation tool used for privilege escalation. github[.]com/BeichenDream/BadPotato
    God.exe God.exe is a compiled version of GodPotato and is used for privilege escalation. github[.]com/BeichenDream/GodPotato
    HFS (HTTP File Server) A portable web server program that Ghost actors use to host files for remote access and exfiltration. rejitto[.]com/hfs
    Ladon 911 A multifunctional scanning and exploitation tool, often used by Ghost actors with the MS17010 option to scan for SMB vulnerabilities associated with CVE-2017-0143 and CVE-2017-0144. github[.]com/k8gege/Ladon
    Web Shell A backdoor installed on a web server that allows for the execution of commands and facilitates persistent access. Slight variation of github[.]com/BeichenDream/Chunk-Proxy/blob/main/proxy.aspx
    Table 2: MD5 File Hashes Associated with Ghost Ransomware Activity
    File name MD5 File Hash
    Cring.exe c5d712f82d5d37bb284acd4468ab3533
    Ghost.exe

    34b3009590ec2d361f07cac320671410

    d9c019182d88290e5489cdf3b607f982
    ElysiumO.exe

    29e44e8994197bdb0c2be6fc5dfc15c2

    c9e35b5c1dc8856da25965b385a26ec4

    d1c5e7b8e937625891707f8b4b594314
    Locker.exe ef6a213f59f3fbee2894bd6734bbaed2
    iex.txt, pro.txt (IOX) ac58a214ce7deb3a578c10b97f93d9c3
    x86.log (IOX)

    c3b8f6d102393b4542e9f951c9435255

    0a5c4ad3ec240fbfd00bdc1d36bd54eb
    sp.txt (IOX) ff52fdf84448277b1bc121f592f753c5
    main.txt (IOX) a2fd181f57548c215ac6891d000ec6b9
    isx.txt (IOX) 625bd7275e1892eac50a22f8b4a6355d
    sock.txt (IOX) db38ef2e3d4d8cb785df48f458b35090

    Ransom Email Addresses

    Table 3 is a subset of ransom email addresses that have been included in Ghost ransom notes.

    Table 3: Ransom Email Addresses
    Email Addresses
    asauribe@tutanota.com ghostbackup@skiff.com rainbowforever@tutanota.com
    cringghost@skiff.com ghosts1337@skiff.com retryit1998@mailfence.com
    crptbackup@skiff.com ghosts1337@tuta.io retryit1998@tutamail.com
    d3crypt@onionmail.org ghostsbackup@skiff.com rsacrpthelp@skiff.com
    d3svc@tuta.io hsharada@skiff.com rsahelp@protonmail.com
    eternalnightmare@tutanota.com just4money@tutanota.com sdghost@onionmail.org
    evilcorp@skiff.com kellyreiff@tutanota.com shadowghost@skiff.com
    fileunlock@onionmail.org kev1npt@tuta.io shadowghosts@tutanota.com
    fortihooks@protonmail.com lockhelp1998@skiff.com summerkiller@mailfence.com
    genesis1337@tutanota.com r.heisler@skiff.com summerkiller@tutanota.com
    ghost1998@tutamail.com rainbowforever@skiff.com webroothooks@tutanota.com

    Ransom Notes

    Starting approximately in August 2024, Ghost actors began using TOX IDs in ransom notes as an alternative method for communicating with victims. For example: EFE31926F41889DBF6588F27A2EC3A2D7DEF7D2E9E0A1DEFD39B976A49C11F0E19E03998DBDA and E83CD54EAAB0F31040D855E1ED993E2AC92652FF8E8742D3901580339D135C6EBCD71002885B.

    MITRE ATT&CK Tactics and Techniques

    See Table 4 to Table 13 for all referenced threat actor tactics and techniques in this advisory. For assistance with mapping malicious cyber activity to the MITRE ATT&CK framework, version 16.1, see CISA and MITRE ATT&CK’s Best Practices for MITRE ATT&CK Mapping and CISA’s Decider Tool.

    Table 4: Initial Access
    Technique Title  ID Use
    Exploit Public-Facing Application T1190 Ghost actors exploit multiple vulnerabilities in public-facing systems to gain initial access to servers.
    Table 5: Execution
    Technique Title  ID Use
    Windows Management Instrumentation T1047 Ghost actors abuse WMI to run PowerShell scripts on other devices, resulting in their infection with Cobalt Strike Beacon malware.
    PowerShell T1059.001 Ghost actors use PowerShell for various functions including to deploy Cobalt Strike.
    Windows Command Shell T1059.003 Ghost actors use the Windows Command Shell to download malicious content on to victim servers.
    Table 6: Persistence
    Technique Title  ID Use
    Account Manipulation T1098 Ghost actors change passwords for already established accounts.
    Local Account T1136.001 Ghost actors create new accounts or makes modifications to local accounts.
    Domain Account T1136.002 Ghost actors create new accounts or makes modifications to domain accounts.
    Web Shell T1505.003 Ghost actors upload web shells to victim servers to gain access and for persistence.
    Table 7: Privilege Escalation
    Technique Title  ID Use
    Exploitation for Privilege Escalation T1068 Ghost actors use a suite of open source tools in an attempt to gain elevated privileges through exploitation of vulnerabilities.
    Token Impersonation/Theft T1134.001 Ghost actors use Cobalt Strike to steal process tokens of processes running at a higher privilege.
    Table 8: Defense Evasion
    Technique Title  ID Use
    Application Layer Protocol: Web Protocols T1071.001 Ghost actors use HTTP and HTTPS protocols while conducting C2 operations. 
    Impair Defenses: Disable or Modify Tools T1562.001 Ghost actors disable antivirus products.
    Hidden Window T1564.003 Ghost actors use PowerShell to conceal malicious content within legitimate appearing command windows.
    Table 9: Credential Access
    Technique Title  ID Use
    OS Credential Dumping T1003 Ghost actors use Mimikatz and the Cobalt Strike “hashdump” command to collect passwords and password hashes.
    Table 10: Discovery
    Technique Title  ID Use
    Remote System Discovery T1018 Ghost actors use tools like Ladon 911 and ShapNBTScan for remote systems discovery.
    Process Discovery T1057 Ghost actors run a ps command to list running processes on an infected device.
    Domain Account Discovery T1087.002 Ghost actors run commands such as net group “Domain Admins” /domain to discover a list of domain administrator accounts.
    Network Share Discovery T1135 Ghost actors use various tools for network share discovery for the purpose of host enumeration.
    Software Discovery T1518 Ghost actors use their access to determine which antivirus software is running.
    Security Software Discovery T1518.001 Ghost actors run Cobalt Strike to enumerate running antivirus software.
    Table 11: Exfiltration
    Technique Title  ID Use
    Exfiltration Over C2 Channel T1041 Ghost actors use both web shells and Cobalt Strike to exfiltrate limited data.
    Exfiltration to Cloud Storage T1567.002 Ghost actors sometimes use legitimate cloud storage providers such as Mega.nz for malicious exfiltration operations.
    Table 12: Command and Control
    Technique Title  ID Use
    Web Protocols T1071.001 Ghost actors use Cobalt Strike Beacon malware and Cobalt Strike Team Servers which communicate over HTTP and HTTPS.
    Ingress Tool Transfer T1105 Ghost actors use Cobalt Strike Beacon malware to deliver ransomware payloads to victim servers.
    Standard Encoding T1132.001 Ghost actors use PowerShell commands to encode network traffic which reduces their likelihood of being detected during lateral movement.
    Encrypted Channel T1573 Ghost actors use encrypted email platforms to facilitate communications. 
    Table 13: Impact
    Technique Title  ID Use
    Data Encrypted for Impact T1486 Ghost actors use ransomware variants Cring.exe, Ghost.exe, ElysiumO.exe, and Locker.exe to encrypt victim files for ransom.
    Inhibit System Recovery T1490 Ghost actors delete volume shadow copies.

    Mitigations

    The FBI, CISA, and MS-ISAC recommend organizations reference their #StopRansomware Guide and implement the mitigations below to improve cybersecurity posture on the basis of the Ghost ransomware activity. These mitigations align with the Cross-Sector Cybersecurity Performance Goals (CPGs) developed by CISA and the National Institute of Standards and Technology (NIST). The CPGs provide a minimum set of practices and protections that CISA and NIST recommend all organizations implement. CISA and NIST based the CPGs on existing cybersecurity frameworks and guidance to protect against the most common and impactful threats, tactics, techniques, and procedures. Visit CISA’s CPGs webpage for more information on the CPGs, including additional recommended baseline protections.

    • Maintain regular system backups that are known-good and stored offline or are segmented from source systems [CPG 2.R]. Ghost ransomware victims whose backups were unaffected by the ransomware attack were often able to restore operations without needing to contact Ghost actors or pay a ransom.
    • Patch known vulnerabilities by applying timely security updates to operating systems, software, and firmware within a risk-informed timeframe [CPG 1.E].
    • Segment networks to restrict lateral movement from initial infected devices and other devices in the same organization [CPG 2.F].
    • Require Phishing-Resistant MFA for access to all privileged accounts and email services accounts.
    • Train users to recognize phishing attempts.
    • Monitor for unauthorized use of PowerShell. Ghost actors leverage PowerShell for malicious purposes, although it is often a helpful tool that is used by administrators and defenders to manage system resources. For more information, visit NSA and CISA’s joint guidance on PowerShell best practices.
      • Implement the principle of least privilege when granting permissions so that employees who require access to PowerShell are aligned with organizational business requirements.
    • Implement allowlisting for applications, scripts, and network traffic to prevent unauthorized execution and access [CPG 3.A].
    • Identify, alert on, and investigate abnormal network activity. Ransomware activity generates unusual network traffic across all phases of the attack chain. This includes running scans to discover other network connected devices, running commands to list, add, or alter administrator accounts, using PowerShell to download and execute remote programs, and running scripts not usually seen on a network. Organizations that can successfully identify and investigate this activity are better able to interrupt malicious activity before ransomware is executed [CPG 3.A].
      • Ghost actors run a significant number of commands, scripts, and programs that IT administrators would have no legitimate reason for running. Victims who have identified and responded to this unusual behavior have successfully prevented Ghost ransomware attacks.
    • Limit exposure of services by disabling unused ports such as, RDP 3398, FTP 21, and SMB 445, and restricting access to essential services through securely configured VPNs or firewalls.
    • Enhance email security by implementing advanced filtering, blocking malicious attachments, and enabling DMARC, DKIM, and SPF to prevent spoofing [CPG 2.M].

    Validate Security Controls

    In addition to applying mitigations, the FBI, CISA, and MS-ISAC recommend exercising, testing, and validating your organization’s security program against the threat behaviors mapped to the MITRE ATT&CK for Enterprise framework in this advisory.

    To get started:

    1. Select an ATT&CK technique described in this advisory (see Table 3 to Table 13).
    2. Align your security technologies against the technique.
    3. Test your technologies against the technique.
    4. Analyze your detection and prevention technologies’ performance.
    5. Repeat the process for all security technologies to obtain a set of comprehensive performance data.
    6. Tune your security program, including people, processes, and technologies, based on the data generated by this process.

    Reporting

    Your organization has no obligation to respond or provide information back to the FBI in response to this joint advisory. If, after reviewing the information provided, your organization decides to provide information to the FBI, reporting must be consistent with applicable state and federal laws.

    The FBI is interested in any information that can be shared, to include logs showing communication to and from foreign IP addresses, a sample ransom note, communications with threat actors, Bitcoin wallet information, and/or decryptor files.

    Additional details of interest include a targeted company point of contact, status and scope of infection, estimated loss, operational impact, date of infection, date detected, initial attack vector, and host and network-based indicators.

    The FBI, CISA, and MS-ISAC do not encourage paying ransom as payment does not guarantee victim files will be recovered. Furthermore, payment may also embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or fund illicit activities. Regardless of whether you or your organization have decided to pay the ransom, the FBI and CISA urge you to promptly report ransomware incidents to FBI’s Internet Crime Complain Center (IC3), a local FBI Field Office, or CISA via the agency’s Incident Reporting System or its 24/7 Operations Center (report@cisa.gov) or by calling 1-844-Say-CISA (1-844-729-2472).

    Disclaimer

    The information in this report is being provided “as is” for informational purposes only. The FBI, CISA, and MS-ISAC do not endorse any commercial entity, product, company, or service, including any entities, products, or services linked within this document. Any reference to specific commercial entities, products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoring by the FBI, CISA, and the MS-ISAC.

    Version History

    February 19, 2025: Initial version.

    MIL Security OSI

  • MIL-OSI Security: Anchorage Man Sentenced to Over 11 Years for Attempting to Coerce a Minor

    Source: Federal Bureau of Investigation (FBI) State Crime Alerts (b)

    ANCHORAGE, Alaska – An Anchorage man was sentenced today to over 11 years in prison and will serve the rest of his life on supervised release for attempting to coerce and entice a minor in 2023.

    According to court documents, in early July 2023, Benjamin Roundy, aka “Aleks” or “Alekzander Marko,” 43, responded to a public group chat post on an internet-based app by an individual who identified herself as a 13-year-old living in Anchorage. The group chat post was actually made by an undercover agent.

    Court documents explain that Roundy communicated with the undercover agent for nearly a month, first on the app and then via text message, and he initiated sexual conversations. Roundy discussed sexual acts he wanted to perform on the individual, who be believed to be a child, and made repeated requests for explicit photos of her.

    On Aug. 4, 2023, Roundy asked the undercover agent to meet in person at the parking lot of a grocery store in Anchorage. The undercover agent told Roundy she was going to walk home from a friend’s house, and Roundy asked what street the friend lived on. Shortly after learning the fictional address of the friend, the defendant left his home to meet the undercover agent, who he thought was a minor.

    Court documents further explain that Roundy texted the undercover agent instructions on where to meet him. When he received no response to his instructions, Roundy drove to a parking lot where he could see the street of the fictitious friend. Law enforcement arrested Roundy in the parking lot shortly thereafter and discovered a new bottle of personal lubricant and condoms in his vehicle.

    The investigation revealed thousands of images and videos depicting child sexual abuse on Roundy’s electronic devices and data detailing his online presence, which included searches for child sexual abuse materials (CSAM) and related terms.

    On April 25, 2024, Roundy pleaded guilty to one count of attempted coercion and enticement of a minor.

    “Mr. Roundy’s conduct was heinous, as he tried to meet with who he believed was an underage girl in Anchorage to engage in sex, sought explicit images of the child, and obtained graphic images and videos depicting the sexual abuse of other minors for years,” said First Assistant U.S Attorney Kathryn R. Vogel for the District of Alaska. “Our office’s commitment to safeguarding Alaska’s children from those who seek to exploit their innocence is unwavering. We will relentlessly pursue justice by working with law enforcement to identify, investigate and hold accountable anyone who targets children.”

    “The defendant posed a significant threat to children in Alaska and abroad, as demonstrated by his disturbing pattern of conduct involving child exploitation,” said Special Agent in Charge Rebecca Day of the FBI Anchorage Field Office. “Even in the darkest corners of the Internet, the FBI’s Child Exploitation and Human Trafficking Task Force will find a way to seek justice for our most vulnerable.”

    The FBI and Anchorage Police Department investigated this case as part of the FBI’s Child Exploitation and Human Trafficking Task Force.

    Assistant U.S. Attorney Adam Alexander of the District of Alaska and Trial Attorney Rachel L. Rothberg of the Criminal Division’s Child Exploitation and Obscenity Section (CEOS) prosecuted the case.

    This case was brought as part of Project Safe Childhood, a nationwide initiative to combat the growing epidemic of child sexual exploitation and abuse launched in May 2006 by the Department of Justice. Led by U.S. Attorneys’ Offices and CEOS, Project Safe Childhood marshals federal, state, and local resources to better locate, apprehend and prosecute individuals who exploit children via the Internet, as well as to identify and rescue victims. For more information about Project Safe Childhood, please visit https://www.justice.gov/psc.

    ###

    MIL Security OSI

  • MIL-OSI Global: Censorship, abortion and the ‘threat within’: what a free speech expert thinks of J.D. Vance’s remarks to Europe

    Source: The Conversation – UK – By Eric Heinze, Professor of Law, Queen Mary University of London

    Donald Trump is famous for his attacks on journalists and the media. He has banned critical reporters from official events, threatened them with lawsuits, and branded mainstream outlets the “enemy of the people”. Since last year, the US has dropped ten notches on the World Press Freedom Index. Now in 55th place, the country trails far behind many European and other democracies.

    It is ironic, then, that vice president J.D. Vance dashed to the Munich Security Conference last week to scold Europeans for their supposed failings on free speech and democracy.

    Speaking to European leaders, Vance fretted: “The threat that I worry the most about vis-à-vis Europe is not Russia, it’s not China, it’s not any other external actor.” Rather, it is “the threat from within”. This rehashing of tropes about “the enemy within” forms part of a Trumpist vocabulary borrowed from the most sinister 20th century autocracies.

    One of Vance’s key claims for the decline of free speech in Europe left many UK observers dumbfounded. He rebuked the Scottish government for sending out letters in October 2024 cautioning citizens that, in his words, “even private prayer within their own homes may amount to breaking the law”.

    Vance was referring to Scotland’s Safe Access Zones Act, which prohibits protesters from gathering within 200 metres of clinics that perform abortions. Yet his accusation teaches volumes about Trumpism. To call it distorted would be diplomatic: it is a bold-faced lie. The Scottish government has confirmed that letters sent to residents near safe access zones did not instruct people to stop praying in the privacy of their homes.

    However, the letters did advise against conduct such as displaying anti-abortion posters or banners, or protesting on their property in ways that might be seen or heard within proximity of the clinics, or might encourage such activity in those areas.

    The Scottish law echoes similar laws in other democracies, including several US states. Yes, the right to protest is essential to democratic societies, but these societies have always accepted that protesters must not harass or threaten citizens going about their everyday business, let alone when seeking essential services such as medical appointments.

    Admittedly, “buffer zones” around abortion clinics cannot and need not extend so far as to impede protesters’ freedoms of expression, so a debate about the precise reach of the Scottish law can and should take place. However, as observed in England and Wales, zones have not generally been drawn with excessively broad perimeters.

    Clearly, Vance’s eyes were more fixed on his own future presidential bid, playing more to religious fundamentalists back home than to anyone who might seriously care about free expression. His 18-minute speech invoked God three times, and “prayer” nine times, while saying nothing about the main issue for which delegates had gathered: Russia’s unprovoked onslaught on Ukraine.

    Curiously, Vance whispered not a word of criticism about UK government crackdowns on the kinds of protests that, in the US, Trump most fears, such as protests against specific government policies and practices.

    I should not have to point out that anti-abortionists in Scotland remain entirely free to proclaim their opinions, in public and in print, alongside countless other types of political expression. Such expression has long been recognised as protected under UK law, and enshrined in the Human Rights Act.

    The only impact of Scotland’s new law is to prevent residents living within 200 metres of such clinics from displaying placards or holding events that would target women visiting such facilities. Admittedly, someone “only standing and praying” nearby a clinic may present a borderline case – but well within bounds that can be assessed through our democratic processes, the very processes that Trump loyalists increasingly disdain.

    We can debate the rights and wrongs of the Scottish law, but any suggestion that it seriously abridges free speech – when compared to the kinds of incursions Trump himself wages – would be farcical.

    Admittedly, while Scotland rightly protects its medical facilities, some people will ask whether a law can legitimately reach so far as to regulate the opinions that people wish to display in their windows and gardens. In recent years, many UK homes have flown Ukrainian or Palestinian flags from their homes, which some neighbours may find inappropriate. Yet British law protects their rights to do so.

    Clearly then, we can have meaningful debates about how far free expression in the home extends, but nothing in what Trump officials have said or done on their home turf suggests that this is their real concern.

    Free speech in retreat?

    As it happens, Vance was not totally wrong when he mused: “In Britain and across Europe, free speech, I fear, is in retreat.” For years, Hungarians have faced relentless attacks on free speech under Viktor Orbán – the autocrat whom Trump followers, including Vance himself, have so often praised.

    On several occasions in The Conversation and elsewhere, I have advocated free speech and I have every intention to continue doing so. I am also willing to concede that, despite Trump’s compulsive attacks on free speech, his supporters have raised some valid concerns about the stifling of opinion on the left.

    Abortion exemplifies the type of issue that sparks widespread ethical controversies. Any democracy must ensure that speakers on all sides have safe means of expressing their views in the public arena. Everyone in today’s democracies could use a few lessons in free speech – and the Trump team tops the list.

    Eric Heinze has received past funding from the European Union.

    ref. Censorship, abortion and the ‘threat within’: what a free speech expert thinks of J.D. Vance’s remarks to Europe – https://theconversation.com/censorship-abortion-and-the-threat-within-what-a-free-speech-expert-thinks-of-j-d-vances-remarks-to-europe-250188

    MIL OSI – Global Reports

  • MIL-OSI Security: St. John’s — RCMP NL thanks snow plow operators for successful rescue of stranded motorists on TCH during recent winter storm

    Source: Royal Canadian Mounted Police

    Snow plow operators went above and beyond to rescue two motorists who recently found themselves stuck on the Trans-Canada Highway in severe weather on February 17, 2025.

    On Monday morning, the Wreckhouse area, north of Port aux Basques, experienced extremely poor winter driving conditions with snow and high winds with gusts of up to 150 km/h. During this time, Channel-Port aux Basques RCMP received separate reports of two motorists who were stranded on the highway, due to these adverse weather conditions.

    After becoming stuck, one motorist opened the door of the vehicle which blew off with the wind. The vehicle, with three occupants inside, was at risk of blowing over an embankment. Another motorist founds themselves stuck partially off of the highway in white out conditions.

    With severely poor road conditions, police and other first responders were unable to travel on the TCH. Snow plow operators with the provincial department of Transportation and Infrastructure, based out of Doyles and Port aux Basques, located the stranded motorists and brought them to safety.

    RCMP NL thanks the involved snow plow operators for going above and beyond to potentially save the lives of those stranded.

    Those heading out on the highways at this time of year are encouraged to follow RCMP NL’s social media accounts, including Facebook and X, for updates on road closures or condition. Additionally, prior to travel, motorists are encouraged to familiarize themselves with alerts and forecasts issued by various meteorologists or agencies, including Environment Canada. Motorists who choose to drive during poor road conditions may find themselves stuck for a number of hours, as emergency personnel may be unable to respond.

    MIL Security OSI

  • MIL-OSI Security: Twenty Years Later, FBI Continues to Pursue Information on the Disappearance of Danielle Imbo and Richard Petrone, Jr.

    Source: Federal Bureau of Investigation FBI Crime News (b)

    The FBI continues to seek the public’s assistance as we investigate the disappearance of Danielle (Ottobre) Imbo and Richard Petrone, Jr., 20 years ago today.

    Imbo and Petrone were last seen in the late evening hours of Saturday, February 19, 2005, leaving a bar on Philadelphia’s South Street for Petrone’s black 2001 Dodge Dakota pickup truck with the license plate YFH 2319.

    An extensive investigation to date has generated some promising leads; however, neither they nor the vehicle have ever been located.

    Danielle was last seen wearing a dark colored jacket, cream colored sweater, and blue jeans and carrying a two-handle black purse at the time of her disappearance. She has worked as a loan mortgage processor.

    Richard was last seen wearing a gray Polo brand sweatshirt and blue jeans. He has a tattoo of the word “Angela” on his left arm and a tattoo of clowns on his right arm.

    “Today marks a somber 20 years since this tragic disappearance and their case exemplifies that the passage of time does not diminish our pursuit of justice,” said Wayne A. Jacobs, Special Agent in Charge of FBI Philadelphia. “Our office remains unwavering in seeking justice for Danielle and Richard, their loved ones, and our city.”

    The FBI is offering a reward of up to $15,000 for information leading to the arrest and conviction of anyone involved in the disappearance of Richard Petrone and Danielle Imbo.

    If you have any information concerning this person, please contact your local FBI office or the nearest American Embassy or Consulate.

    FBI Philadelphia can be reached at (215) 418-4000.

    MIL Security OSI

  • MIL-OSI Global: Bolsonaro’s indictment over alleged coup plot signals shift in Brazil’s approach to political accountability

    Source: The Conversation – UK – By Felipe Tirado, PhD Candidate in Law, King’s College London

    Brazil’s top prosecutor has filed federal charges against Jair Bolsonaro, alleging that the former president attempted a coup in 2023. Focus Pix / Shutterstock

    The Brazilian attorney-general has charged the country’s former president, Jair Bolsonaro, with participating in a plot to cling to power through a coup d’etat in 2022. If Bolsonaro is convicted, he could spend between 38 and 43 years in prison.

    Bolsonaro, who governed Brazil between 2019 and 2022 but lost his attempt at re-election to current president Luiz Inácio “Lula” da Silva, is one of 34 people to be formally charged for offences related to the alleged coup. These include high-ranking serving and retired members of the military, as well as former ministers and politicians.

    The charges levelled against them are involvement in an attempted coup d’etat, violent abolition of the democratic rule of law, and criminal organisation.

    According to the attorney-general’s 272-page indictment, Bolsonaro became increasingly inclined to pursue anti-democratic measures in the months before the election. He allegedly considered taking steps to retain power even before the first round of voting.

    Then, after his defeat by an extremely narrow margin, the indictment claims that Bolsonaro and his alleged accomplices decided to implement the plan before Lula took office in January 2023.

    An investigation by Brazil’s federal police in November found that the insurrection in the country’s capital Brasília on January 8 2023, where rioters invaded the presidential palace, congress and supreme court, was part of this plan. The same investigation suggested the plan also included a plot to assassinate Lula and his vice-president Geraldo Alckmin, as well as supreme court judge Alexandre de Moraes.

    Bolsonaro denies any wrongdoing and – at least in public – is bullish about his fate. Speaking to journalists hours before the charges were filed, he said: “I have no concerns about the accusations, zero.”

    The case will now be considered by the Supreme Court, whose judges will decide whether to initiate criminal proceedings against Bolsonaro and the other defendants. This is expected to happen over the coming weeks. If the judges accept the charges and proceedings are established, the defendants will be called to answer them.

    This is the first time in Brazilian history that high-ranking members of the armed forces have been indicted and charged with crimes associated with a coup d’etat. According to the indictment, the intention was for the armed forces to be called upon to act as a “moderating power”, with the aim of overturning the election result.

    Army generals Augusto Heleno, Walter Braga Netto and Paulo Sérgio Nogueira de Oliveira are among those who have been charged. These men served as ministers in the Bolsonaro government, with Braga Netto also running as the vice-president on Bolsonaro’s ticket in 2022.

    Another high-ranking member of the armed forces charged by the attorney-general is Almir Garnier Santos, the commander of the Brazilian navy. These four men were allegedly part of the inner nuclei that planned and prepared the attempted coup.

    Several other servicemen, including generals, colonels and other officers, were charged with crimes related to the planning and execution of the initial phases of the coup. The sentences for all of these men could amount to up to 30 years in prison.

    Like Bolsonaro, Braga Netto denies any guilt. In a statement released on February 18, his lawyers called the charges a “fantasy”. Lawyers for Garnier Santos and Heleno have chosen not to comment until having fully reviewed the charges.

    Unlike those in the military, some of the political figures charged by the attorney general had criminal antecedents. One of the politicians named in the indictment is Filipe Martins, Bolsonaro’s former international affairs adviser and a “disciple” of the deceased far-right polemicist, Olavo de Carvalho. Martins’ lawyers released a statement on February 18 calling the accusations “unfounded”.

    In December 2024, Martins was convicted of making a gesture alluding to white supremacy during a virtual session of the senate. He initially received a sentence of two years and four months in prison for inciting racial prejudice, which was replaced by 850 hours of community service.

    Far-right commentator Paulo Figueiredo Filho, the grandson of Brazil’s last military dictator, João Figueiredo, was also charged. He appeared on a podcast on February 19 to criticise the charge. Figueiredo lives in the US, where he was arrested in 2019 because of problems with his immigration status.

    Lessons from and to Brazil

    Brazil has already offered some lessons to other countries facing similar authoritarian challenges. Its response to the insurrection in Brasília was swift and robust. Within days, hundreds of rioters had been arrested and the state governor of the federal district was suspended for his sluggish response.

    Then, in 2023, Bolsonaro was banned from running for office for eight years over false claims that the electronic ballots used in the previous year’s election were vulnerable to hacking and fraud. Those involved with the attempted military coup have also been investigated and some subsequently arrested.

    But the coup plot case can also serve as a lesson to the country. Brazil has a history both of successful and unsuccessful military coups. The last successful military coup led to a dictatorship that lasted from 1964 until 1985.

    Brazil also has a history of amnesties, whereby crimes committed during these coups and authoritarian regimes have been pardoned. There have been 48 amnesties in Brazil since 1889, with the most recent one, in 1979, allowing the dictatorship to self-amnesty its crimes.

    For over 45 years, this amnesty hindered criminal accountability for the perpetrators of crimes. This included the murder of politician Rubens Paiva, whose disappearance was the focus of the 2024 Oscar-nominated film, I’m Still Here. The amnesty was declared void by the Inter-American Court of Human Rights in 2011.

    Bolsonaro and other individuals charged, as well as their supporters and aligned politicians, have been demanding a “humanitarian amnesty” for those who allegedly participated in the coup plot.

    Given Bolsonaro’s history, this seems paradoxical. Throughout his decades-long public career, Bolsonaro has consistently celebrated the crimes of the military dictatorship and supported violations of human rights. At the same time, he has also opposed individuals and organisations that advocate for victims of the dictatorship.

    If Bolsonaro and his alleged accomplices are found guilty, it could be an unparalleled lesson for Brazil. Punishing anyone convicted would be an opportunity to step away from the country’s tradition of impunity and move towards addressing systemic injustices.

    Felipe Tirado receives funding from the Centre for Doctoral Studies – King’s College London.

    ref. Bolsonaro’s indictment over alleged coup plot signals shift in Brazil’s approach to political accountability – https://theconversation.com/bolsonaros-indictment-over-alleged-coup-plot-signals-shift-in-brazils-approach-to-political-accountability-250300

    MIL OSI – Global Reports

  • MIL-OSI USA: Subsidiary of Chinese State-Owned Entity to Pay $14.2M to Resolve False Claims Act Allegations Relating to Paycheck Protection Program Loan

    Source: US State of North Dakota

    YAPP USA Automotive Systems Inc., a corporation with its principal place of business in Michigan, has agreed to pay $14,208,496 to resolve allegations that it violated the False Claims Act by submitting false claims to obtain a Paycheck Protection Program (PPP) loan for which it was not eligible.

    Congress created the PPP in March 2020 to provide emergency financial assistance to Americans suffering from the economic effects of the COVID-19 pandemic. Under the PPP, eligible businesses could receive forgivable loans guaranteed by the Small Business Administration (SBA). Regulations provide various eligibility requirements for the PPP, including limitations on the number of employees and exclusions for certain types of businesses, like those that are owned by government entities. In their loan applications, borrowers were required to certify that they were eligible for the PPP and that the information they provided was accurate.

    YAPP USA’s ultimate parent company is State Development and Investment Corp. Ltd, a company owned and controlled by the People’s Republic of China. Through common ownership and management, YAPP USA is affiliated with dozens of other companies worldwide. In applying for a first-draw PPP loan, YAPP USA represented that it was eligible for the PPP, and it received a first-draw PPP loan in the amount of $9,598,462, which the SBA later forgave. The United States alleged that YAPP USA was not eligible under the SBA rules for a PPP loan because YAPP USA, singly and together with its affiliates, employed more individuals than permitted by SBA’s size standard for its industry. The United States also contended that YAPP USA was not eligible because it is owned by a government entity. YAPP USA will pay $14,208,496 to the United States to resolve these allegations.

    YAPP USA cooperated with the United States’ investigation by identifying individuals involved in or responsible for the conduct and disclosing facts and documents gathered during YAPP USA’s own investigation. As a result, YAPP USA received credit under the department’s guidelines for taking disclosure, cooperation and remediation into account in False Claims Act cases.

    “PPP loans were intended to help small businesses in the United States,” said Deputy Assistant Attorney General Michael D. Granston of the Justice Department’s Civil Division. “The Department remains committed to pursuing those who violated the requirements of this taxpayer funded program.”

    “Congress and the SBA designed the PPP to help small businesses and their employees during the pandemic, not large companies owned by foreign governments,” said Acting U.S. Attorney Richard G. Frohling for the Eastern District of Wisconsin. “This settlement demonstrates that our office will continue to hold accountable those businesses and individuals who abused this vital program.”

    “The favorable settlement in this case is the product of enhanced efforts by federal agencies such as the SBA working with the Department of Justice, SBA’s Office of Inspector General, and other Federal law enforcement agencies, as well as private individuals who uncover fraudulent conduct to recover the product of this fraud as well as penalties,” said SBA General Counsel Wendell Davis.

    The civil settlement includes the resolution of claims brought under the qui tam or whistleblower provisions of the False Claims Act, which permit private parties to file an action on behalf of the United States and receive a portion of any recovery. The qui tam lawsuit was filed by GNGH2 Inc; GNGH2 Inc. will receive $1,420,849 in connection with this settlement.

    The resolution obtained in this matter was the result of a coordinated effort between the Justice Department’s Civil Division, Commercial Litigation Branch, Fraud Section, and the U.S. Attorney’s Office for the Eastern District of Wisconsin, with assistance from the SBA’s Office of General Counsel and Office of the Inspector General.

    Trial Attorney Lindsey Roberts of the Justice Department’s Civil Division and Assistant U.S. Attorney Michael Carter for the Eastern District of Wisconsin handled the matter, with assistance from Christopher J. McClintock of the SBA.

    The claims resolved by the settlement are allegations only. There has been no determination of liability.

    MIL OSI USA News

  • MIL-OSI Security: Fifty-Two-Month Prison Sentence for a D.C. Convicted Felon Who Traveled to the Jersey Shore to Rob an Overnight Pharmacy

    Source: Federal Bureau of Investigation (FBI) State Crime News

               WASHINGTON – Ashawntea Henderson, 32, of Washington, D.C., was sentenced today in U.S. District Court in Washington D.C. to 52 months in federal prison for participating in an early morning robbery of a drug store at the Jersey Shore. During the May 2020 robbery, he and his co-conspirators jumped the counter, overpowered the night pharmacist, stole thousands of prescription narcotics, and then – as they attempted to flee to the District – crashed into a responding police cruiser.

               The sentencing was announced U.S. Attorney Edward R. Martin, FBI Special Agent in Charge Sean Ryan of the Washington Field Office Criminal and Cyber Division, and FBI Special Agent in Charge Terence Reilly of the Newark Field Office.

                Henderson pleaded guilty on October 30, 2024, to interference of commerce by robbery (Hobbs Act robbery). In addition to the 52-month prison sentence, Judge Amy Berman Jackson ordered Henderson to serve three years of supervised release.

    According to court documents, Henderson and his co-conspirators researched potential targets including Walgreens and CVS pharmacies which were open all night. On May 9, 2020, Henderson and others drove more than 200 miles from Washington, D.C. to a Walgreens Pharmacy on State Road 33, in Neptune, New Jersey.

    At 3:09 a.m., Henderson and two others dressed in masks and gloves entered the Walgreens. All three jumped over the pharmacy counter and demanded codeine, Adderall, and Percocet. One of the co-conspirators grabbed the night pharmacist, demanded that he open the locked cabinets containing additional pills, and forced the pharmacist to assist them. After grabbing thousands of prescription medicines – including Oxycodone, morphine, amphetamine, and Nucynta – Henderson and the two co-conspirators fled in a black Nissan Altima operated by a fourth co-conspirator. At one point, the Nissan collided with a responding police officer’s patrol car but continued at high speed back to Washington D.C.

    After returning to the District, as they celebrated at a hotel, one of the co-conspirators received a text from a known drug distributor asking the price for a drug of the same type stolen from Neptune, New Jersey. The co-conspirator and the drug distributor continued to exchange texts about the sale of drugs for the following weeks.

               Henderson is currently serving a five-year prison sentence in Maryland in connection with his 2022 possession of a firearm. 

               The case was investigated by the FBI Washington Field Office’s Violent Crimes Task Force and the Neptune Township Police Department. The matter is being prosecuted by AUSAs Justin Song, Sarah Martin and Cameron Tepfer.

    23cr190

    MIL Security OSI

  • MIL-OSI Security: UPDATE: Detectives name man killed in Hackney stabbing

    Source: United Kingdom London Metropolitan Police

    The victim of a fatal stabbing in Hackney has been named as 20-year-old Jason Junior Romeo.

    Police were called to reports of an altercation in Bodney Road, E5 at 17:59hrs on Tuesday, 18 February. Officers and the London Ambulance Service worked to treat Jason at the scene but he sadly died as a result of a stab wound.

    Two men in their 20s have been arrested and remain in police custody.

    Detective Superintendent Kelly Allen, leading the investigation in Hackney, said: “Jason had his whole life ahead of him but this senseless attack has taken that from both him and his loved ones. Our continued thoughts go out to his family, who are being supported by specialist officers.

    “If anyone saw this incident, or was nearby, please do share that information with officers. We are especially interested in any footage from the surrounding area.”

    The public can contact the police via 101 or contact Crimestoppers anonymously on 0800 555 111 with any information, reference CAD 5635/18Feb.

    A crime scene will remain in place until the forensic investigation has concluded.

    Detective Chief Superintendent James Conway, who leads policing in Hackney and Tower Hamlets, said: “It is absolutely devastating for Jason’s family and extremely distressing for our communities that another young life has been taken away as a consequence of knife crime. We continue to work closely with our local community partners and Hackney Council to tackle the causes and effects of knife crime.

    “I repeat an appeal I have sadly had to make too frequently. If any young person feels they need to carry a knife please speak to a parent, carer, teacher, youth leader or adult you trust and we can get you the support to step back from that decision safely.

    “I will have additional uniformed and plain clothed officers working in the area as a consequence of this tragic event. While the investigation continues to work to understand the motive for this attack, we will work tirelessly to reduce the risk of any further violence.”

    MIL Security OSI

  • MIL-OSI Security: Subsidiary of Chinese State-Owned Entity to Pay $14.2M to Resolve False Claims Act Allegations Relating to Paycheck Protection Program Loan

    Source: United States Attorneys General

    YAPP USA Automotive Systems Inc., a corporation with its principal place of business in Michigan, has agreed to pay $14,208,496 to resolve allegations that it violated the False Claims Act by submitting false claims to obtain a Paycheck Protection Program (PPP) loan for which it was not eligible.

    Congress created the PPP in March 2020 to provide emergency financial assistance to Americans suffering from the economic effects of the COVID-19 pandemic. Under the PPP, eligible businesses could receive forgivable loans guaranteed by the Small Business Administration (SBA). Regulations provide various eligibility requirements for the PPP, including limitations on the number of employees and exclusions for certain types of businesses, like those that are owned by government entities. In their loan applications, borrowers were required to certify that they were eligible for the PPP and that the information they provided was accurate.

    YAPP USA’s ultimate parent company is State Development and Investment Corp. Ltd, a company owned and controlled by the People’s Republic of China. Through common ownership and management, YAPP USA is affiliated with dozens of other companies worldwide. In applying for a first-draw PPP loan, YAPP USA represented that it was eligible for the PPP, and it received a first-draw PPP loan in the amount of $9,598,462, which the SBA later forgave. The United States alleged that YAPP USA was not eligible under the SBA rules for a PPP loan because YAPP USA, singly and together with its affiliates, employed more individuals than permitted by SBA’s size standard for its industry. The United States also contended that YAPP USA was not eligible because it is owned by a government entity. YAPP USA will pay $14,208,496 to the United States to resolve these allegations.

    YAPP USA cooperated with the United States’ investigation by identifying individuals involved in or responsible for the conduct and disclosing facts and documents gathered during YAPP USA’s own investigation. As a result, YAPP USA received credit under the department’s guidelines for taking disclosure, cooperation and remediation into account in False Claims Act cases.

    “PPP loans were intended to help small businesses in the United States,” said Deputy Assistant Attorney General Michael D. Granston of the Justice Department’s Civil Division. “The Department remains committed to pursuing those who violated the requirements of this taxpayer funded program.”

    “Congress and the SBA designed the PPP to help small businesses and their employees during the pandemic, not large companies owned by foreign governments,” said Acting U.S. Attorney Richard G. Frohling for the Eastern District of Wisconsin. “This settlement demonstrates that our office will continue to hold accountable those businesses and individuals who abused this vital program.”

    “The favorable settlement in this case is the product of enhanced efforts by federal agencies such as the SBA working with the Department of Justice, SBA’s Office of Inspector General, and other Federal law enforcement agencies, as well as private individuals who uncover fraudulent conduct to recover the product of this fraud as well as penalties,” said SBA General Counsel Wendell Davis.

    The civil settlement includes the resolution of claims brought under the qui tam or whistleblower provisions of the False Claims Act, which permit private parties to file an action on behalf of the United States and receive a portion of any recovery. The qui tam lawsuit was filed by GNGH2 Inc; GNGH2 Inc. will receive $1,420,849 in connection with this settlement.

    The resolution obtained in this matter was the result of a coordinated effort between the Justice Department’s Civil Division, Commercial Litigation Branch, Fraud Section, and the U.S. Attorney’s Office for the Eastern District of Wisconsin, with assistance from the SBA’s Office of General Counsel and Office of the Inspector General.

    Trial Attorney Lindsey Roberts of the Justice Department’s Civil Division and Assistant U.S. Attorney Michael Carter for the Eastern District of Wisconsin handled the matter, with assistance from Christopher J. McClintock of the SBA.

    The claims resolved by the settlement are allegations only. There has been no determination of liability.

    MIL Security OSI

  • MIL-OSI USA: Senator Murray Presses VA Deputy Secretary Nominee on Mass Firings of VA Researchers, Holding Oracle Accountable to Get EHR Right for Veterans

    US Senate News:

    Source: United States Senator for Washington State Patty Murray
    ICYMI: Senator Murray: Trump Must Reverse Firing of VA Researchers Across the Country, Threatens to Decimate Lifesaving Work on Veterans’ Medical Care, Prosthetics, and More
    ICYMI: Murray, Colleagues Request Information on Elon Musk’s Access to VA Medical Records
    ***VIDEO of Murray’s Q&A at nomination hearing HERE**
    Washington, D.C. – Today at a Senate Veterans’ Affairs Committee hearing on Dr. Paul Lawrence’s nomination to be Deputy Secretary of the U.S. Department of Veterans Affairs (VA), U.S. Senator Patty Murray (D-WA), a senior member and former Chair of the Senate Veterans’ Affairs Committee, questioned Dr. Lawrence—who will oversee the Electronic Health Record (EHR) system—on what he will do differently to hold Oracle accountable and get the EHR system right for veterans in Washington state. Murray also pressed him on whether he supports the decision by Trump and Musk last week to fire en masse VA researchers in the middle of research on everything from burn pit exposure to mental health, opioid addiction, and preventing veteran suicide, among much else.
    “EHR started in 2018 under President Trump and in 2020, it deployed to two Washington state VA hospitals. Instead of helping to improve our veterans’ health care, the rollout ending up being a complete disaster, and it endangered veteran patients,” Murray said at today’s hearing. “Unfortunately, the system still is not working the way that the VA doctors and nurses need—and veterans are continuing  to suffer. Last month, the VA announced that it would be moving forward with pre-deployment activities at the next four sites for this Electronic Health Record.”
    “You will oversee the EHR program—so if confirmed, I want to know what you are going to do differently to hold Oracle accountable and to make sure we get this system right for our veterans?”
    Dr. Lawrence replied that he would aim to better understand why VA did not listen to employees earlier when they raised issued with the EHR system, and that he would work with the team Secretary Collins plans to convene with “everybody involved” to figure out the best path going forward for EHR. “If confirmed, I want to work on that and figure out what the plan should be in terms of holding everybody accountable for what’s supposed to take place, right, to get the most benefits as quickly as possible to our veterans within the amount of money we have,” Dr. Lawrence said.
    “Well let me make this very clear: we have heard that answer from every VA person that’s come before this committee for a number of years now,” Murray pushed back. “Everybody’s looked at it, everybody’s considered it, everybody’s talked about it, everybody’s convened panels. It is not working. So, I need your commitment that it’s not just—convene people and take a look at, but that you are going to make changes to it and demand changes, and get those fixed. Because we have spent, literally, millions and millions of dollars—and worse, veterans are still in jeopardy in their care, and doctors and nurses and VA facilities are really frustrated.”
    “I asked you a really important question: what are you going to do differently? The answer you gave me—I understand where you’re coming from—but it is the same one I’ve heard over and over,” Murray said.
    Dr. Lawrence responded that the Secretary conveyed a “strong sense of urgency that it should be done much sooner than later,” and that, in his previous tenure at VA as Under Secretary for Benefits, he dealt with technology problems around the GI Bill, appeals modernization, and other issues, and implemented technology: “I’ve actually done this, and so that’s the difference I will bring to this. And I understand the frustration, and I pledge to work as best, as hard as I can to get this done,” said Dr. Lawrence.
    “Well I don’t want to be sitting here again, two years from now, same conversation, new person,” Murray said.
    Murray continued her questioning by pressing Dr. Lawrence on Trump and Elon Musk’s unprecedented firings of VA researchers—last week the administration abruptly refused to honor researchers’ three-year “Not to Exceed” term limits (NTEs) by rolling them over as is standard. Instead, the Trump administration immediately dismissing researchers, including at VA Puget Sound, who were in the middle of research on topics including mental health, alcohol and opioid withdrawal, cancer treatments, burn pit exposure, prosthetics, diabetic ulcers, and so much else.
    “Last week, my office’s phones were ringing off the hook—as I assume a lot of people’s were—with really panicked calls from researchers at the VA. They had been laid off with ZERO justification, ZERO warning,” Murray said.
    “And in fact, up until then, the VA had assured them that they were protected from Trump and Musk’s mass firings. VA research shouldn’t be political. And firing VA researchers who are in the middle of a process to find life-saving treatment for veterans with conditions like PTSD, or opioid addiction, or cancer from toxic exposure is really cruel and wasteful. Some veterans are literally in the middle of receiving breakthrough treatment through these clinical trials. What will happen to them and their care when their lead researcher was just fired?”
    “Were you aware of the Trump Administration’s decision to fire these VA researchers?,” Murray asked.Dr. Lawrence responded that he was “not engaged” in anything at the Department now.
    “Do you support it?,” Murray pressed.Dr. Lawrence replied: “If confirmed, I will look into this to better understand what took place—I don’t have enough information to comment on that.”
    “So you won’t commit to restoring these VA researchers’ positions so they can continue that research on PTSD, and opioid addiction, and cancer that was caused by their exposure to toxic chemicals?” Murray pressed again.
    “If confirmed, I commit to looking in to understand what happened and why,” said Dr. Lawrence. “Well, I hope that’s not like every other answer we get from people that we are hearing from that they’ll look into it and no action is taken—you’ve just promised to look into it; this is critical,” said Senator Murray.
    “I understand,” said Dr. Lawrence.
    Senator Murray was the first woman to join the Senate Veterans’ Affairs Committee and the first woman to chair the Committee—as the daughter of a World War II veteran, supporting veterans and their families has always been an important priority for her. Senator Murray has fought throughout her career for increased benefits for veterans, housing assistance, better access to veterans’ clinics throughout Washington state, and more accountability from the VA.
    Senator Murray has spoken out forcefully against President Trump and Elon Musk’s mass firing of VA employees across the country. Just yesterday, Murray and her colleagues sent a letter to VA Secretary Doug Collins pressing him to protect veterans, their families, and VA staff from unprecedented access to sensitive information by Elon Musk and his “Department of Government Efficiency” (DOGE). Earlier this month, Senator Murray sounded the alarm over reports of DOGE at the VA and voted against Doug Collins’s nomination to be VA Secretary, making clear that the Trump administration’s lawlessness was putting our national security and our veterans at risk. Alongside 25 of her colleagues, Murray sent another letter earlier this month to Secretary Collins, demanding that he deny and sever Musk and DOGE’s access to any VA or other government system with information about veterans, and to delete any veterans’ information in their possession.
    Senator Murray has been conducting oversight on the flawed EHR rollout in Washington state since the Trump Administration first negotiated the contract with Cerner (later acquired by Oracle), and at every point in the process since then. Murray has consistently pushed VA on its failed implementation of EHR—conducting oversight, holding the administration accountable, and calling on VA to halt deployment of EHR until they get it right in Washington state. In March 2023, Murray introduced comprehensive legislation that would require VA to implement a series of EHR reforms to better serve veterans, medical personnel, and taxpayers. In the Fiscal Year 2024 funding bills, Senator Murray negotiated and passed as Chair of the Appropriations Committee stronger language to hold VA and Cerner accountable for the rollout of the EHR system, and in May 2024, she sent a letter urging VA to consider feedback on the system from providers and veterans in Spokane and Walla Walla and reiterating that VA must not move forward on the rollout of EHR until the myriad issues that have plagued the system in the locations where it has been launched are fixed.

    MIL OSI USA News

  • MIL-OSI Europe: AFRICA/SUDAN – Crisis between Sudan and Kenya after the signing in Nairobi of the constitutive act of an alternative Sudanese government

    Source: Agenzia Fides – MIL OSI

    Khartoum (Agenzia Fides) – A violation of “international law, the Charter of the United Nations, the Constitutive Act of the African Union and the Convention on the Prevention and Punishment of the Crime of Genocide.” This is how the Ministry of Foreign Affairs of the Sudanese government, led by General Abdel Fattah al Burhan, defined Kenya’s decision to welcome the “signing of a political agreement between the terrorist militia Janjaweed, responsible for the ongoing acts of genocide in Sudan, and its affiliated individuals and groups”.The document, called the “Political Charter for the Government of Peace and Unity,” promoted by the Rapid Support Forces (RSF) led by Mohamed Hamdan “Hemeti” Dagalo, together with other Sudanese political and military actors, effectively represents the creation of a parallel government to that led by Al Burhan from Port Sudan. The capital Khartoum is still disputed between the two adversaries, although the military of Al Burhan’s Sudanese Armed Forces (SAF) appears to have regained some important strategic points in the region in recent weeks.“Since the stated aim of this agreement is to establish a parallel government in part of Sudanese territory, this step promotes the fragmentation of African states, violates their sovereignty and interferes in their internal affairs,” the Sudanese Foreign Ministry said in a statement. “This is therefore a clear violation of the UN Charter, the founding act of the African Union and the established principles of the modern international order.” Meanwhile, the term “Janjaweed” used in the statement evokes sad memories, especially for people in Darfur, the RSF’s bastion. The Janjaweed were the militias allied with the Khartoum regime that bloodily suppressed the uprisings in this region of western Sudan in the early 2000s. The RSF is its evolution, which in turn has rebelled against the regular army over the years.According to the statement, by hosting the event, Kenya is also complicit in the crimes committed by the RSF (“genocide, ethnically motivated massacres of civilians, attacks on camps for displaced persons and rapes”).The formation of an alternative government is seen as an attempt by the RSF leader, Dagalo, to gain international legitimacy. Both the Sudanese army and the RSF are subject to international sanctions for war crimes and crimes against humanity committed in the conflict. However, Al Burhan’s government enjoys international recognition that Dagalo’s troops do not. Nairobi’s decision to host the event should be seen against the backdrop of the renewed relations of the Sudanese government with Russia and Iran. Russia, through the private military company Wagner, had initially supported the RSF and has now decided to support General Al Burhan, who in return has granted Moscow a military base on the Red Sea. Iran, which until 15 years ago had close military relations with the Al-Bashir regime, which were severed by the latter under pressure from the West and some Gulf countries, now sees a new window opened for the resumption of relations with the meeting of the two foreign ministers on February 17, during which Tehran stressed the importance of Sudan’s territorial integrity and the end of foreign interference in Sudan. (L.M.) (Agenzia Fides, 19/2/2025)
    Share:

    MIL OSI Europe News

  • MIL-OSI Europe: ASIA/MYANMAR – “I only kneel before God”: the last words of Father Martin Ye Naing Win

    Source: Agenzia Fides – MIL OSI

    Wednesday, 19 February 2025

    Archdiocese of Mandalay

    by Paolo AffatatoMandalay (Agenzia Fides) – When on the evening of February 14 a commando of ten armed men arrived at the rectory of the Church of Our Lady of Lourdes in the village of Kangyi Taw (in the Shwe Bo district of the Sagaing region), Father Donald Martin Ye Naing Win, a 44-year-old priest of the Archdiocese of Mandalay, fearlessly confronted the ten militiamen who threatened him. They had first threatened and silenced two women, teachers and parish workers, who were on the church premises and were helping the priest to organize classes for the children of the parish’s about 40 Catholic families. In the Sagaing region, affected by the clashes between the Burmese army and the resistance forces, the state system has collapsed, there are no public services and education is only guaranteed by spontaneous initiatives such as those of the parishes.It is the two women who were present at the events and are now in a protected place for security reasons who tell the details of the incident. Their testimony, which Fides has received, has already reached the Ministry of Justice of the National Unity Government (NUG) in exile, on which the People’s Defense Force (PDF) depends, which controls the territory in the so-called “liberated areas”, i.e. those taken from the control of the military junta by the opposition forces.The men who attacked Father Donald, the women reported, were in an an evident abnormal mental state, either due to alcohol or drugs. They came from the neighboring village. It is not clear why they attacked the priest with such violence, whom the leader ordered to kneel. Father Donald watched them and replied with the gentleness and inner peace that characterize him as a man and priest with an upright conscience: “I only kneel before God”. And then he continued quietly: “What can I do for you? Is there a matter we can discuss?”.One of the men responded to his words by striking him from behind with a dagger that was still in its sheath. However, with this weapon he accidentally hit the leader of the armed group. The leader, who was already in a state of drunkenness and rage, which was also due to Father Donald’s reaction, pulled out a knife and angrily attacked the priest, repeatedly stabbing him brutally in the body and neck. Father Donald did not utter a word or complain. He endured the senseless violence without reacting, like an innocent man, “like a lamb to the slaughter,” as the witnesses report. The other men stood by and watched the murder being carried out. The repeated blows to the throat almost severed the head from the body, which sank in a lake of blood. After the crime, the group of men left the scene.The women raised the alarm and called the villagers, who, in shock and tears, took the lifeless body with them. The soldiers of the People’s Defence Force were then alerted, who tracked down and arrested the attackers. The two women’s testimonies were recorded and sent to the Government of National Unity, which stressed in a statement that it was “deeply saddened by the murder of Father Donald Martin, a priest from Mandalay” and that it would “commit itself to punishing the alleged murderers according to the law”. “The People’s Defence Forces (PDF) of Shwebo district arrested ten suspects on the same day” and began the relevant investigations, the statement continued. “The accused belong to a local defence group,” the text said. “As it is known that they belong to the armed forces, the Government of National Unity and the Ministry of Defence will take legal action”, applying the law provided for the military. “The National Unity Government,” it concludes, “strongly condemns attacks on civilians, including religious leaders, by any organization.”As the Association for the Assistance of Political Prisoners (AAPP) explains, in the areas controlled by the resistance – which constitute a kind of “parallel state” – “there is no definitive legal framework to guide governance, administration and legislation.” In some liberated areas, “there is a judicial system with district judges who establish a procedure and, in some cases, apply their own legal framework.”On the other hand, in the current context, it is difficult to draft and implement completely new laws, so in many liberated areas, national laws are still applied. However, efforts are being made to selectively enforce laws that are “consistent with international human rights standards” enacted and amended by the army for Myanmar in recent years, with a focus on laws enacted by the country’s successive military juntas that “give the authorities excessive power and disproportionate punishments”. The AAPP points to the need for “comprehensive judicial reform” and a “fair and just system” in which no authority (judges, administrative bodies, local police officers and other armed groups), regardless of their status, “is above the law”.It is pointed out that, meanwhile, anyone accused of a crime must have the opportunity to defend themselves. Currently, in the liberated areas, a district judge has the power to impose the death penalty. If the accused is sentenced to death, he has de facto no right of appeal.(Agenzia Fides, 19/2/2025)
    Share:

    MIL OSI Europe News

  • MIL-OSI USA: ICE removes Salvadoran gang member who illegally entered US 3 times

    Source: US Immigration and Customs Enforcement

    HOUSTON — U.S. Immigration and Customs Enforcement, with assistance from the Security Alliance for Fugitive Enforcement Task Force, removed William Alexander Diaz Reyes, a 32-year-old foreign fugitive, from the United States Feb. 14. Diaz is wanted in El Salvador for aggravated terrorist organizations for his status as an active member of the 18th Street transnational gang.

    Diaz was flown from Alexandria, Louisiana, on a charter flight coordinated by ICE’s Air Operations Unit, to the El Salvador International Airport Saint Óscar Arnulfo Romero y Galdámez in San Salvador, El Salvador. He was turned over to Salvadoran authorities upon arrival.

    “For far too long, dangerous foreign fugitives, transnational gang members and other violent criminal aliens have illegally entered this country through our southern border with impunity putting the lives of law-abiding residents in jeopardy,” said ICE Enforcement and Removal Operations Houston Field Office Director Bret Bradford. “Those days are over, as the law enforcement community in South Texas is more united than ever in our collective effort to enforce the laws of this nation and protect our communities from harm.”

    Diaz illegally entered the U.S. at least twice in 2021 and was expelled under Title 42 on May 15, 2021, and June 18, 2021. Diaz illegally entered the U.S. for a third time on an unknown date, and at an unknown location. He was apprehended by ICE April 19, 2024, and placed into immigration proceedings. An immigration judge with the Justice Department’s Executive Office for Immigration Review ordered Diaz removed from the U.S. Sept. 19, 2024. The Board of Immigration Appeals affirmed that decision Jan. 13.

    Members of the public who have information about foreign fugitives are urged to contact ICE by calling the ICE Tip Line at 1 (866) 347-2423 or internationally at 001-1802-872-6199. They can also file a tip online by completing ICE’s online tip form.

    For more news and information on how ICE carries out its immigration enforcement mission in Southeast Texas, follow us on X at @EROHouston.

    MIL OSI USA News

  • MIL-OSI Security: Convicted Drug Trafficker Found Guilty Of Distributing Fentanyl That Resulted In The Deaths Of Two Hillsborough County Men

    Source: Office of United States Attorneys

    Tampa, Florida – Acting United States Attorney Sara C. Sweeney announces that a federal jury has found Marquis Lamar McCullough (39, Tampa) guilty of two counts of distribution of fentanyl and one count of possession with intent to distribute fentanyl. For both counts of distribution of fentanyl, the jury also found that the death of a person resulted from the use of the fentanyl that McCullough had distributed. McCullough, who was previously convicted of trafficking in cocaine, faces mandatory sentences of life imprisonment. 

    According to testimony and evidence presented at trial, on April 22, 2021, deputies from the Hillsborough County Sheriff’s Office (HCSO) responded to the residence of K.K. to conduct a wellness check. They found K.K. dead when they entered his apartment, standing with his feet on the floor and his head and torso on top of the bathroom counter. Deputies found two baggies with small quantities of a substance, suspected to be heroin or fentanyl, in K.K.’s residence. Detectives reviewed K.K.’s cellphone and found communications with a woman who appeared to help K.K. purchase fentanyl the previous evening. The woman—who was a heroin user and not a dealer—was arrested on an unrelated charge and interviewed by detectives. She told them that K.K. could not get heroin from his usual source, so he asked her to buy heroin for him from her source, and she agreed to do it if she got to keep a bag for herself. The woman arranged a meeting with her supplier, “Slim,” and K.K. took her to meet Slim. With money provided by K.K., the woman bought several bags from Slim, provided most of them to K.K., and kept a couple of bags for herself.

    On April 28, 2021, HCSO detectives conducted a controlled purchase during which detectives observed “Slim” deliver fentanyl and identified him as Marquis Lamar McCullough.

    On May 6, 2021, the son of N.M. found his father dead, lying in his bed, and called 911 to report the death. HCSO deputies and detectives responded to the residence, and inside N.M.’s wallet they found a baggie with a small amount of a substance suspected to be heroin or fentanyl. While reviewing calls and texts on N.M.’s phone, a detective who had participated in the surveillance operation eight days earlier recognized that the last three calls placed by N.M. were to McCullough’s phone number, and the call and text history indicated that McCullough was N.M.’s supplier. Later that day, HCSO detectives planned for another purchase of heroin or fentanyl from McCullough, using N.M.’s cellphone to set up the meeting. When McCullough arrived at the meeting location, he tried to call N.M., but when his calls went unanswered, McCullough fled the area. An arrest team pursued his vehicle and took McCullough into custody.

    The Drug Enforcement Administration laboratory determined that the substances found at the residences of K.K. and N.M., and the substances purchased from McCullough on April 28, 2021, all contained fentanyl. The Hillsborough County Medical Examiner’s Office investigated both deaths and determined that the use of fentanyl caused the deaths of K.K. and N.M. 

    This case was investigated by the Federal Bureau of Investigation, the Drug Enforcement Administration, the Hillsborough County Sheriff’s Office, and the Hillsborough County Medical Examiner’s Office. It is being prosecuted by Assistant United States Attorneys Michael Sinacore and Ross Roberts.

    This case was part of an Organized Crime Drug Enforcement Task Force (OCDETF) investigation. OCDETF identifies, disrupts, and dismantles the highest-level criminal organizations that threaten the United States using a prosecutor-led, intelligence-driven, multi-agency approach. Additional information about the OCDETF Program can be found at www.justice.gov/OCDETF.

    MIL Security OSI

  • MIL-OSI Security: Evansville Fentanyl Dealers Sentenced to a Combined Decade in Federal Prison for Manufacturing Counterfeit Drugs Using a Pill Press

    Source: Office of United States Attorneys

    EVANSVILLE— Ethan Parker, 31 and Joshua Harvey 33, of Evansville, have been sentenced for their parts in a fentanyl trafficking scheme. Parker was sentenced to four years in federal prison, followed by one year of supervised release after pleading guilty to possession and distribution of a tableting machine. Harvey was sentenced to 92 months in federal prison followed by five years of supervised release after pleading guilty to conspiracy to distribute fentanyl.

    According to court documents, between January 1, 2022, and April 4, 2022, Parker and Harvey conspired together to manufacture and distribute more than 40 grams of fentanyl laced pills to individuals in and around the city of Evansville.

    In the furtherance of the conspiracy, on multiple occasions in February and March of 2022, Harvey sold fentanyl-laced counterfeit pills in Evansville, Indiana, and Henderson, Kentucky. On March 23, 2022, Parker, communicating through an encrypted messaging application, agreed to sell Harvey 100 fentanyl-laced counterfeit pills for $350. On April 4, 2022, Harvey possessed approximately 31.9 grams of fentanyl-laced counterfeit pills with the intent to distribute them to dealers.

    On August 25, 2021, Parker sold a blue pill press, along with an Alprazolam imprinting die, for $1,400, knowing that the pill press would be used to manufacture a controlled substance. The die could be used to manufacture counterfeit Alprazolam (Xanax). On April 4, 2022, Parker was found in possession of another pill press and pill imprinting dies of various shapes and imprints for use in the manufacture of fentanyl-laced counterfeit pills.

    “Fentanyl dealers value their profits far more than the lives of our families and neighbors,” said John E. Childress, Acting United States Attorney for the Southern District of Indiana. “We must fight to save lives by investigating and prosecuting criminals who exploit the epidemic of substance use disorder to satisfy their own greed. Our office, the DEA, and the Evansville Police Department are committed to holding fentanyl traffickers accountable for pushing deadly poison on our streets.”

    “The charges against Mr. Parker and Mr. Harvey were necessary and justified. This case exemplified high level investigative work conducted by the Evansville-Vanderburgh County Drug Task Force in collaboration with the DEA Evansville HIDTA Task Force,” said DEA Assistant Special Agent in Charge Michael Gannon. “Mr. Parker and Mr. Harvey were responsible for distributing significant quantities of fake pills containing fentanyl. In addition, the investigation led to the seizure of two pill presses capable of manufacturing fake Xanax pills and fentanyl pills.  Taking two pill presses off the streets is a major win for our community. The DEA remains committed to working hand-in-hand with our partners to hold reckless drug dealers, who peddle poison to our communities, accountable for their actions and make our community safer.” 

    The Drug Enforcement Administration and the Evansville Police Department investigated this case. The sentences were imposed by U.S. District Judge Richard L. Young. This prosecution is part of the Indiana High Intensity Drug Trafficking Areas (HIDTA) program.

    Acting U.S. Attorney Childress thanked Assistant U.S. Attorney Todd S. Shellenbarger, who prosecuted this case.

    According to the Drug Enforcement Administration, as little as two milligrams of fentanyl can be fatal, depending on a person’s body size, tolerance, and past usage—a tiny amount that can fit on the tip of a pencil. Seven out of ten illegal fentanyl tablets seized from U.S. streets and analyzed by the DEA have been found to contain a potentially lethal dose of the drug.

    One Pill Can Kill: Avoid pills bought on the street because One Pill Can Kill. Fentanyl has now become the leading cause of death for adults in the United States. Fentanyl is a highly potent opioid that drug dealers dilute with cutting agents to make counterfeit prescription pills that appear to be Oxycodone, Percocet, Xanax, and other drugs. Fake prescription pills laced with fentanyl are usually shaped and colored to look like pills sold at pharmacies. For example, fake prescription pills known as “M30s” imitate Oxycodone obtained from a pharmacy, but when sold on the street the pills routinely contain fentanyl. These pills are usually round tablets and often light blue in color, though they may be in different shapes and a rainbow of colors. They often have “M” and “30” imprinted on opposite sides of the pill. Do not take these or any other pills bought on the street – they are routinely fake and poisonous, and you won’t know until it’s too late.

    ###

    MIL Security OSI

  • MIL-OSI Security: Leader of Large-Scale Drug Trafficking Organization Pleads Guilty in Federal Court

    Source: Office of United States Attorneys

    CONCORD – A Boston man pleaded guilty yesterday in federal court in Concord to conspiring to distribute fentanyl and cocaine in New Hampshire, Acting U.S. Attorney Jay McCormack announces.

    Juan Ramon Soto Baez, 55, pleaded guilty to one count of conspiracy to distribute controlled substances, namely, cocaine and fentanyl.  U.S. District Court Judge Samantha Elliott scheduled sentencing for May 29, 2025.  On April 26, 2023, the defendant was charged along with 20 other defendants. To date, 10 defendants involved in the conspiracy have been convicted.

    According to the plea agreement and statements made in court, the defendant was the leader of a Massachusetts-based drug trafficking organization that distributed large quantities of fentanyl and cocaine in New Hampshire, particularly Manchester, between September of 2019 and April of 2023.  The organization was run like a business, operating “dispatch” telephone lines where customers could call in to order narcotics. The defendant or a trusted member of the conspiracy working for him would take customer orders on the phone, and then he would either deliver the order himself or send a runner to conduct the drug sale at an arranged meeting location.

    During the timeframe of the conspiracy, law enforcement agents observed and recorded the defendant and his co-conspirators selling fentanyl and cocaine on nineteen occasions. On the day of the defendant’s arrest, a search of a residence associated with the conspiracy yielded $15,000 and drug ledgers.  A search of a vehicle used by the drug trafficking organization yielded roughly 94 grams of fentanyl and 196 grams of cocaine packaged in small baggies for distribution.

    The charging statute provides a sentence of no greater than 20 years in prison, at least three (3) years of supervised release, and a maximum fine of $1,000,000. Sentences are imposed by a federal district court judge based upon the U.S. Sentencing Guidelines and statutes which govern the determination of a sentence in a criminal case.

    The Federal Bureau of Investigation and the Drug Enforcement Administration led the investigation. Valuable assistance was provided by the Manchester Police Department. Assistant U.S. Attorney Aaron Gingrande is prosecuting the case. 

    This effort is part of an Organized Crime Drug Enforcement Task Forces (OCDETF) operation. OCDETF identifies, disrupts, and dismantles the highest-level criminal organizations that threaten the United States using a prosecutor-led, intelligence-driven, multi-agency approach. Additional information about the OCDETF Program can be found at https://www.justice.gov/OCDETF.

    ###

     

    MIL Security OSI

  • MIL-OSI Security: Jury Convicts Valrico Man Of Drug Trafficking

    Source: Office of United States Attorneys

    Tampa, Florida – Acting United States Attorney Sara C. Sweeney announces that a federal jury has found Tryon Metteria Byrd IV (45, Valrico) guilty of conspiring to distribute, and distributing, methamphetamine and cocaine. Byrd faces a minimum penalty 5 five years, up to 40 years, in federal prison. His sentencing hearing is scheduled for May 14, 2025.

    According to testimony and evidence presented at trial, Byrd and his co-conspirators distributed methamphetamine and cocaine out of three residences in St. Petersburg. Byrd sold directly to undercover detectives from the St. Petersburg Police Department from a residence owned by his family.

    Byrd’s co-conspirators, Eric L. Lemon, Eric Lekent Lemon Jr., and Dominic Giannantonio pleaded guilty and have been sentenced for their roles in the drug conspiracy. Lemon was sentenced to 21 years and 6 months in federal prison, Lemon Jr. was sentenced to 4 years and 3 months’ imprisonment, and Giannantonio was sentenced to 11 years and 3 months in prison.

    This case was investigated by the St. Petersburg Police Department and the Bureau of Alcohol, Tobacco, Firearms and Explosives. It was prosecuted by Assistant United States Attorney David P. Sullivan.

    This case was part of an Organized Crime Drug Enforcement Task Force (OCDETF) investigation. OCDETF identifies, disrupts, and dismantles the highest-level criminal organizations that threaten the United States using a prosecutor-led, intelligence-driven, multi-agency approach. Additional information about the OCDETF Program can be found at www.justice.gov/OCDETF.

    MIL Security OSI

  • MIL-OSI Security: Oregon Man Pleads Guilty in Swatting and Bomb Threats Scheme That Targeted Jewish Hospitals in New York City and Long Island

    Source: Office of United States Attorneys

    One Hospital Entered Lockdown and Partially Evacuated After Defendant’s Bomb Hoax

    Earlier today in federal court in Brooklyn, Domagoj Patkovic pleaded guilty to conspiring to make threats concerning explosives and conveying false information concerning explosives.  The proceeding was held before United States District Judge Ramon E. Reyes.  When sentenced, Patkovic faces up to 15 years in prison.  Patkovic was charged in August 2024. 

    John J. Durham, United States Attorney for the Eastern District of New York and James E. Dennehy, Assistant Director in Charge, Federal Bureau of Investigation, New York Field Office (FBI), announced the guilty plea.

    “As he admitted today, the defendant intentionally targeted Jewish hospitals and care centers in our District with bomb threats.  In doing so, he needlessly endangered patients and staff and diverted critical law enforcement resources from their core mission of keeping our community safe,” stated United States Attorney Durham.  “We will prosecute dangerous bomb threats and swatting schemes to the fullest extent of the law.”

    Mr. Durham expressed his appreciation to the Federal Bureau of Investigation, New York Field Office, the New York City Police Department, Nassau County Police Department and the U.S. Attorney’s Office for the District of Oregon for their assistance on the case.

    As set forth in the indictment and in court filings, beginning at least as early as May 2021, the defendant and others made anonymous phone calls in which they made violent threats, including threats to detonate explosive devices, to Jewish hospitals and care centers within the Eastern District of New York, among other targets throughout the United States.

    The defendant himself made threats in at least six separate calls to hospitals and on a call with local law enforcement who had responded to a 911 notification from one of the hospitals.  The defendant livestreamed the calls to others on an online social media and electronic communications service.  On several occasions, local police responded to the scene and conducted bomb sweeps. On at least one occasion in September 2021, the hoax bomb threat resulted in a partial evacuation and lockdown of an entire hospital on Long Island.  No explosive devices were ultimately found in any of the locations.

    The government’s case is being handled by the Office’s National Security & Cybercrime Section.  Assistant United States  Attorneys Alexander A. Solomon, Laura Zuckerwise and Andrew D. Reich are in charge of the prosecution, with assistance from Trial Attorney James Donnelly of the National Security Division’s Counterterrorism Section and Paralegal Specialist Wayne Colon. 

    The Defendant:

    DOMAGOJ PATKOVIC 
    Age: 31
    Portland, Oregon

    E.D.N.Y. Docket No. 24-CR-317 (RER)

    MIL Security OSI

  • MIL-OSI USA: Boozman, Colleagues Mark 80th Anniversary of Iwo Jima

    US Senate News:

    Source: United States Senator for Arkansas – John Boozman

    WASHINGTON—U.S. Senator John Boozman (R-AR) joined Senators Todd Young (R-IN) and Mark Warner (D-VA) to introduce a bipartisan resolution recognizing the 80th anniversary of the Battle of Iwo Jima. The major clash between U.S. and Japanese forces in World War II’s Pacific theater began on February 19, 1945, and lasted until March 26, 1945.

    “The 80th anniversary of the Battle of Iwo Jima is a solemn yet important reminder of the sacrifice of the Greatest Generation,” said Boozman. “The resilience and courage of our U.S. Marines was famously characterized as a display of uncommon valor. Decades later, we continue to remember and honor our servicemembers’ heroism. I am proud to join my colleagues in recognizing them, this milestone and the vital partnership between our nation and Japan today.”                            

    “For myself, every Marine, and many Americans, Iwo Jima is a symbol of duty and sacrifice,” said Young. “I’m proud to lead this resolution that recognizes the heroic servicemembers who gave their lives at Iwo Jima, honors those who fought in the battle, and reaffirms our reconciled friendship with Japan.” 

    “I’m proud to introduce this resolution to pay tribute to the service and the sacrifice of all the heroes who fought for our country at Iwo Jima, which included my late father, Marine Corporal Robert Warner. The 80th anniversary of this pivotal battle offers us an opportunity to reflect on the bravery and perseverance of the Greatest Generation, and is an enduring reminder about the power of courage and unity in the face of adversity,” said Warner

    More specifically, the resolution:

    • Honors the Marines, Sailors, Soldiers, Army Air Crew and Coast Guardsmen who fought bravely on Iwo Jima;
    • Remembers the brave servicemembers who lost their lives in the battle;
    • Commemorates the iconic and historic raising of the United States flag on Mount Suribachi that occurred on February 23, 1945;
    • Encourages Americans to honor the veterans of Iwo Jima; and
    • Reaffirms the bonds of friendship and shared values that have developed between the United States and Japan over the last 80 years.

    The resolution is also cosponsored by Senators Richard Blumenthal (D-CT), Dan Sullivan (R-AK), Chris Coons (D-CT), Catherine Cortez Masto (D-NV), Kevin Cramer (R-ND), Ruben Gallego (D-AZ), Ted Cruz (R-TX), Tim Kaine (D-VA), Joni Ernst (R-IA), Angus King (I-ME), Rick Scott (R-FL), Amy Klobuchar (D-MN), Thom Tillis (R-NC), Jacky Rosen (D-NV), Jack Reed (D-RI), Chris Van Hollen (D-MD), Elizabeth Warren (D-MA), Deb Fischer (R-NE), Tom Cotton (R-AR), Tammy Duckworth (D-IL), Jim Justice (R-WV), Mike Rounds (R-SD) and Adam Schiff (D-CA).

    Click here for full text of the resolution.

    MIL OSI USA News

  • MIL-OSI United Kingdom: Everyone deserves access to healthcare without harassment

    Source: Scottish Greens

    19 Feb 2025 Health Buffer Zones

    Abortion rights are human rights.

    More in Health

    Scottish Green MSP Gillian Mackay has condemned anti-choice protests taking place today outside the Queen Elizabeth Hospital in Glasgow, with the first arrest reported under the Safe Access Zones legislation.

    Ms Mackay introduced the bill that secured 200 metre wide safe access zones, or buffer zones, around abortion service providers to stop the intimidating anti-choice protests that have taken place across Scotland. 

    The Daily Record has also reported that US anti-choice campaign group 40 Days for Life have listed protests in Glasgow starting next month.

    Ms Mckay said:

    “The protests that have taken place outside Queen Elizabeth have been utterly shameful and I am grateful to Police Scotland for acting so quickly.

    “This kind of intimidation has no place in a modern or progressive Scotland. Everybody deserves to have access to healthcare without harassment. That is why I introduced my Act, and why these disgraceful protests are now illegal.

    “We know the awful impact that these protests have had. Some of the testimonies from women who have had to endure them have been heartbreaking.

    “I urge 40 Days For Life and anyone else who is planning to protest in a safe access zone to think again, as they will be stopped and there will be consequences.”

    Ms Mackay added:

    “It’s no coincidence that this has happened so soon after JD Vance and his supporters have spread toxic misinformation about Scotland, it is vital that we stand up for reproductive rights and against those who are working to undermine them.”

    MIL OSI United Kingdom

  • MIL-OSI Security: Spring Hill Man Sentenced for Dog Fighting

    Source: Office of United States Attorneys

    Tampa, FL — Jose Miguel Carrillo, of Spring Hill, Florida, was sentenced yesterday to 84 months in prison after pleading guilty to conspiring to violate the dog fighting prohibitions of the federal Animal Welfare Act and being a felon in possession of a firearm.

    According to court filings, Carrillo conspired with others to purchase, acquire, and breed dogs for use in dog fights. Carillo also staged dog fights at his home and traveled to dog fights in Massachusetts, Florida, and Connecticut.

    A June 2023 search warrant was executed at Carrillo’s home and led to the seizure of 10 pit bull-type dogs, most of which were later adopted by new owners, as well as a firearm and ammunition. Carrillo also possessed dog fighting paraphernalia including a bloodstained dog fighting box, a skin stapler, syringes, and injectable veterinary medications.

    “To its core, dog fighting is a cruel and criminal exploitation of animals for entertainment,” said Principal Deputy Assistant Attorney General Adam Gustafson of the Justice Department’s Environment and Natural Resources Division. “Today’s sentence sends a strong deterrent message that the Justice Department will vigorously prosecute these cases.”

    “Exploiting and endangering the welfare of animals for personal gain is cruel and abhorrent,” said Acting U.S. Attorney Sara C. Sweeney for the Middle District of Florida. “Because of the hard work of our law enforcement partners, justice was served.”

    “The Office of Inspector General is committed to working with all of our law enforcement and prosecutorial partners in pursuing individuals who choose to participate in animal fighting activities and engage in violations involving animal welfare, while also committing other serious offenses in our communities,” said Special Agent in Charge Charmeka Parker of the U.S. Department of Agriculture’s Office of Inspector General (USDA-OIG).

    Photo of dogs at Carrillo’s home, from court documents in United State v. Jose Carrillo, number 8:23-CR-00222, in U.S. District Court for the Middle District of Florida.

    Photo of a bloodstained dog fighting pit at Carrillo’s home, from court documents in United State v. Jose Carrillo, number 8:23-CR-00222, in U.S. District Court for the Middle District of Florida.

    To report animal fighting crimes, please contact your local law enforcement or the USDA-OIG’s complaint hotline at: usdaoig.oversight.gov/hotline or 1-800-424-9121.

    The USDA-OIG; Bureau of Alcohol, Tobacco, Firearms, and Explosives; Pasco (Florida) Sheriff’s Office and the Fitchburg (Massachusetts) Police Department investigated the case. Assistance was provided by the U.S. Marshals Service, Massachusetts State Police, New Hampshire State Police, Animal Rescue League of Boston’s Law Enforcement Division, U.S. Coast Guard Investigative Service, Homeland Security Investigations and U.S. Customs and Border Protection.

    Senior Trial Attorney Matthew T. Morris of the Environment and Natural Resources Division’s Environmental Crimes Section and Assistant U.S. Attorneys Erin Favorit and Tiffany Fields for the Middle District of Florida prosecuted the case. Trial Attorney Caitlyn Cook of the Environment and Natural Resources Division’s Wildlife and Marine Resources Section assisted with the transfer of the seized dogs to new owners.

    MIL Security OSI

  • MIL-OSI Security: McKees Rocks Resident Pleads Guilty to Possession of Child Sexual Abuse Materials

    Source: Office of United States Attorneys

    PITTSBURGH, Pa. – A resident of McKees Rocks, Pennsylvania, pleaded guilty in federal court on February 18, 2025, to a charge of child exploitation, Acting United States Attorney Troy Rivetti announced today.

    Brandon Jennings, 38, pleaded guilty before Senior United States District Judge Joy Flowers Conti to one count of possession of material depicting the sexual exploitation of a minor.

    In connection with the guilty plea, the Court was advised that, in and around March 2021 and July 2021, Jennings possessed 926 images and 803 videos depicting the sexual exploitation of minors, some of whom were prepubescent.

    Judge Flowers Conti scheduled sentencing for June 25, 2025. The law provides for a maximum total sentence of up to 20 years in prison, a fine of up to $250,000, or both. Under the federal Sentencing Guidelines, the actual sentence imposed would be based upon the seriousness of the offense and the prior criminal history, if any, of the defendant.

    Assistant United States Attorney V. Joseph Sonson is prosecuting this case on behalf of the government.

    The Federal Bureau of Investigation and Allegheny County Police Department conducted the investigation that led to the prosecution of Jennings.

    This case was brought as part of Project Safe Childhood, a nationwide initiative launched in May 2006 by the Department of Justice to combat the growing epidemic of child sexual exploitation and abuse. Led by the United States Attorneys’ Offices and the Criminal Division’s Child Exploitation and Obscenity Section, Project Safe Childhood marshals federal, state, and local resources to locate, apprehend, and prosecute individuals who sexually exploit children, and to identify and rescue victims. For more information about Project Safe Childhood, please visit www.justice.gov/psc.
     

    MIL Security OSI

  • MIL-OSI Security: Previously Convicted Felon from McKeesport Indicted for Possession of Firearm and Ammunition

    Source: Office of United States Attorneys

    PITTSBURGH, Pa. – A resident of McKeesport, Pennsylvania, has been indicted by a federal grand jury in Pittsburgh on a charge of violating a federal firearms law, Acting United States Attorney Troy Rivetti announced today.

    The one-count Indictment named Thomas Thornton, 48, as the sole defendant.

    According to the Indictment, on or about December 19, 2024, Thornton possessed a firearm and ammunition after having been convicted of multiple prior felonies, including on federal drug trafficking and firearms charges. Federal law prohibits possession of a firearm or ammunition by a convicted felon.

    The law provides for a maximum total sentence of up to 15 years in prison, a fine of up to $250,000, or both. Under the federal Sentencing Guidelines, the actual sentence imposed would be based upon the seriousness of the offense and the prior criminal history of the defendant.

    Assistant United States Attorney V. Joseph Sonson is prosecuting this case on behalf of the government.

    The Pittsburgh Bureau of Police and Bureau of Alcohol, Tobacco, Firearms and Explosives conducted the investigation leading to the Indictment.

    This case is part of Project Safe Neighborhoods (PSN), a program bringing together all levels of law enforcement and the communities they serve to reduce violent crime and gun violence and to make our neighborhoods safer for everyone. On May 26, 2021, the Department launched a violent crime reduction strategy strengthening PSN based on these core principles: fostering trust and legitimacy in our communities, supporting community-based organizations that help prevent violence from occurring in the first place, setting focused and strategic enforcement priorities, and measuring the results.

    An indictment is an accusation. A defendant is presumed innocent unless and until proven guilty.

    MIL Security OSI

  • MIL-OSI Security: Former Reno Police Officer Indicted for Civil Rights Violations

    Source: Federal Bureau of Investigation (FBI) State Crime Alerts (c)

    RENO – A former Reno Police Department officer made his initial court appearance today for allegedly depriving two individuals of their civil rights under color of law by violating their right to be free from unreasonable search and seizure.

    A federal grand jury returned an indictment charging Tyler Michael Baehr, 30, of Reno, with two counts of depravation of rights under color of law. Baehr appeared before United States Magistrate Judge Craig S. Denney who scheduled a jury trial to begin April 8, 2025, before United States District Judge Miranda M. Du.

    According to allegations contained in the indictment and statements made in court, on December 31, 2023, Baehr willfully deprived an individual of the right to be free from unreasonable search and seizure by taking her cellular phone during a routine traffic stop and unlawfully seizing sexually explicit photos of her from her phone. On August 12, 2024, Baehr willfully deprived another individual of the right to be free from unreasonable search and seizure by taking her cellular phone during a routine traffic stop and unlawfully searching through her private photos and messages.

    If convicted, Baehr faces the maximum statutory penalty of 2 years in prison. A federal district court judge will determine any sentence based on the U.S. Sentencing Guidelines and other statutory factors.

    Acting United States Attorney Sue Fahami and Acting Special Agent in Charge Jeremy N. Schwartz for the FBI made the announcement.

    This case was investigated by the FBI and Sparks Police Department. Assistant United States Attorney Andolyn Johnson is prosecuting the case.

    An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

    ###

     

    MIL Security OSI

  • MIL-OSI Canada: Government of Canada and Saskatchewan Announce Continued Commitment Through the 2025 Crop Insurance Program

    Source: Government of Canada regional news

    Released on February 19, 2025

    Today, Canada’s Minister of Agriculture and Agri-Food Lawrence MacAulay and Saskatchewan Agriculture Minister Daryl Harrison announced continued funding and commitment through the 2025 Crop Insurance Program, administered by the Saskatchewan Crop Insurance Corporation (SCIC). 

    “Our business risk management programs are a producer’s first line of defense when it comes to protecting their operation,” MacAulay said. “Our government is pleased to partner with Saskatchewan to make sure producers have access to the support they need, when they need it.”

    “SCIC’s Business Risk Management programs remain strong and are here for Saskatchewan producers when they have challenging times,” Harrison said. “The Crop Insurance Program offers producers the security they need, no matter what 2025 may have in store. I encourage all Saskatchewan producers to take a proactive approach to their coverage: select options, fine-tune and adjust coverage and costs within the program to further mitigate their risks.” 

    SCIC’s existing suite of Business Risk Management programs continues to demonstrate support for Saskatchewan producers. Over the last four years, the Crop Insurance Program paid approximately $7 billion in claims, in addition to other program benefits. Crop Insurance continues to be a sound program, with premiums set to ensure the long-term sustainability of the program. A combination of Crop Insurance premium and government funds, along with private reinsurance, is in place to ensure the program remains stable. Funds are managed to build premium reserves in good production years, in order for money to flow back to producers during challenging ones. Premiums are cost-shared 60 per cent by federal and provincial governments and 40 per cent by producers.

    Administration costs are fully funded by federal and provincial governments. 

    Trusted and relevant partnerships ensure the Crop Insurance Program remains innovative and responsive for Saskatchewan producers. SCIC collaborates regularly with industry groups to support farmers and ranchers, assisting with overall direction of policy and program offerings. Work continues developing future opportunities to enhance support for the livestock sector. SCIC is evaluating new remote sensing technologies to measure soil moisture and plant growth, to evaluate potential improvements to forage and pasture insurance. This focus will ensure forage insurance is relevant and accessible for Saskatchewan livestock producers.

    “We appreciate the continued focus and work on forage insurance,” Saskatchewan Cattle Association (SCA) Chair Chad Ross said. “We are directly involved with the National Forage Working Group. Throughout the 2025 season, we will continue to consult on these projects, as producer feedback and understanding is critical in program design and acceptance.” 

    “This continued work on forage insurance has potential to improve the program for livestock producers,” Saskatchewan Stock Grower’s Association (SSGA) President Jeff Yorga said. “We look forward to our ongoing involvement at the national level, to ensure Saskatchewan producers have access to a variety of insurance options. We are hopeful, continued work throughout 2025, will bring it all together as another viable positive outcome for risk management programming.”

    March 31, 2025, is the deadline for Saskatchewan producers to apply, reinstate or cancel their Crop Insurance contract. Producers must select their insured crops and coverage levels or make additional changes by this date. Producers can speak with their local SCIC office to make changes or options will remain the same as the previous year. 

    Every growing season is unpredictable. Producers are encouraged to plan and update their coverage yearly, based on the needs of their operation. A suite of Business Risk Management Programs offers options to help producers navigate uncertainties, mitigate risk and secure the future of their operation. In addition to Crop Insurance, producers can consider AgriStability, Livestock Price Insurance and the Wildlife Damage Compensation and Prevention programs. For more information, contact a local SCIC office, call 1-888-935-0000 or visit: scic.ca.

    Crop Insurance is a federal-provincial-producer cost-shared program that helps producers manage production and quality losses. Support for the program is provided by the governments of Canada and Saskatchewan under the Sustainable Canadian Agricultural Partnership (Sustainable CAP).

    -30-

    For more information, contact:

    MIL OSI Canada News

  • MIL-OSI USA: Florida Man Sentenced for Dog Fighting

    Source: US State Government of Utah

    Jose Miguel Carrillo, of Spring Hill, Florida, was sentenced yesterday to 84 months in prison after pleading guilty to conspiring to violate the dog fighting prohibitions of the federal Animal Welfare Act and being a felon in possession of a firearm.

    According to court filings, Carrillo conspired with others to purchase, acquire, and breed dogs for use in dog fights. Carillo also staged dog fights at his home and traveled to dog fights in Massachusetts, Florida, and Connecticut.

    A June 2023 search warrant was executed at Carrillo’s home and led to the seizure of 10 pit bull-type dogs, most of which were later adopted by new owners, as well as a firearm and ammunition. Carrillo also possessed dog fighting paraphernalia including a bloodstained dog fighting box, a skin stapler, syringes, and injectable veterinary medications.

    “To its core, dog fighting is a cruel and criminal exploitation of animals for entertainment,” said Principal Deputy Assistant Attorney General Adam Gustafson of the Justice Department’s Environment and Natural Resources Division. “Today’s sentence sends a strong deterrent message that the Justice Department will vigorously prosecute these cases.”

    “Exploiting and endangering the welfare of animals for personal gain is cruel and abhorrent,” said Acting U.S. Attorney Sara C. Sweeney for the Middle District of Florida. “Because of the hard work of our law enforcement partners, justice was served.”

    “The Office of Inspector General is committed to working with all of our law enforcement and prosecutorial partners in pursuing individuals who choose to participate in animal fighting activities and engage in violations involving animal welfare, while also committing other serious offenses in our communities,” said Special Agent in Charge Charmeka Parker of the U.S. Department of Agriculture’s Office of Inspector General (USDA-OIG).

    To report animal fighting crimes, please contact your local law enforcement or the USDA-OIG’s complaint hotline at: usdaoig.oversight.gov/hotline or 1-800-424-9121.

    The USDA-OIG; Bureau of Alcohol, Tobacco, Firearms, and Explosives; Pasco County (Florida) Sheriff’s Office and the Fitchburg (Massachusetts) Police Department investigated the case. Assistance was provided by the U.S. Marshals Service, Massachusetts State Police, New Hampshire State Police, Animal Rescue League of Boston’s Law Enforcement Division, U.S. Coast Guard Investigative Service, Homeland Security Investigations and U.S. Customs and Border Protection.

    Senior Trial Attorney Matthew T. Morris of the Environment and Natural Resources Division’s Environmental Crimes Section and Assistant U.S. Attorneys Erin Favorit and Tiffany Fields for the Middle District of Florida prosecuted the case. Trial Attorney Caitlyn Cook of the Environment and Natural Resources Division’s Wildlife and Marine Resources Section assisted with the transfer of the seized dogs to new owners. 

    MIL OSI USA News