Source: United States Navy (Logistics Group Western Pacific)
Issued by: on
SINGAPORE—Rear Adm. Todd F. Cimicata, Commander, Logistics Group Western Pacific/ Task Force 73, presents Capt. Robert R. Williams, outgoing commander, Military Sealift Command Far East, with the Legion of Merit medal during a change of command ceremony at the Singapore Naval Installation in Sembawang, April 30, 2025, recognizing his achievements over the past two and a half years as Commodore of MSC Far East. (Photo by MC2 Jordan Jennings)
Source: United States Navy (Logistics Group Western Pacific)
Issued by: on
SINGAPORE (May 8, 2025) Rear Adm. S.M. Waddell, Deputy Commander, Royal Canadian Navy, signs a guest book during a scheduled visit to Sembawang Naval Installation, May 8, 2025. Commander, Logistics Group Western Pacific/Task Force 73 supports deployed maritime forces, along with regional allies and partners, to sustain Western Pacific operations. (U.S. Navy photo by Mass Communication Specialist 2nd Class Jordan Jennings)
ER Report: Here is a summary of significant articles published on EveningReport.nz on May 22, 2025.
Indonesian military operations spark concerns over displaced indigenous Papuans By Caleb Fotheringham, RNZ Pacific journalist A West Papua independence leader says escalating violence is forcing indigenous Papuans to flee their ancestral lands. It comes as the Indonesian military claims 18 members of the West Papua National Liberation Army (TPNPB) were killed in an hour-long operation in Intan Jaya on May 14. In a statement,
Compression tights and tops: do they actually benefit you during (or after) exercise? Source: The Conversation (Au and NZ) – By Ben Singh, Research Fellow, Allied Health & Human Performance, University of South Australia Olena Yakobchuk/Shutterstock You’ve seen them in every gym: tight black leggings, neon sleeves and even knee-length socks. Compression gear is everywhere, worn by weekend joggers, elite athletes and influencers striking poses mid-squat. But do
Australia’s knowledge of Russia is dwindling. We need to start training our future experts now Source: The Conversation (Au and NZ) – By Jon Richardson, Visiting Fellow, Centre for European Studies, Australian National University Shutterstock Russia’s possible interest in basing long-range aircraft at an Indonesian airbase not far from Australian shores shook up a relatively staid election campaign last month. The news, which Jakarta immediately dismissed, caught many by surprise
‘Perfect bodies and perfect lives’: how selfie-editing tools are distorting how young people see themselves Source: The Conversation (Au and NZ) – By Julia Coffey, Associate Professor in Sociology, University of Newcastle Olena Yakobchuk/Shutterstock Like many of her peers, Abigail (21) takes a lot of selfies, tweaks them with purpose-made apps, and posts them on social media. But, she says, the selfie-editing apps do more than they were designed for:
NZ Budget 2025: tax cuts and reduced revenues mean the government is banking on business growth Source: The Conversation (Au and NZ) – By Adrian Sawyer, Professor of Taxation, University of Canterbury Hagen Hopkins/Getty Images Not a lot is known about the government’s plans for taxes in the 2025 budget. Few tax policies have been announced so far, and what has been revealed involves targeted tax cuts for business interests. This
Evidence shows AI systems are already too much like humans. Will that be a problem? Source: The Conversation (Au and NZ) – By Sandra Peter, Director of Sydney Executive Plus, University of Sydney Studiostoks / Shutterstock What if we could design a machine that could read your emotions and intentions, write thoughtful, empathetic, perfectly timed responses — and seemingly know exactly what you need to hear? A machine so seductive,
Playing the crime card: do law and order campaigns win votes in Australia? Source: The Conversation (Au and NZ) – By Chloe Keel, Lecturer in Criminology and Criminal Justice, Griffith University Crime and public safety are usually the domain of state politics. But the Coalition tried to elevate them as key issues for voters in the recent federal election. Claiming crime had been “allowed to fester” under Labor,
Labor now has the political clout to reset Australia’s refugee policy. Here’s where to start Source: The Conversation (Au and NZ) – By Mary Anne Kenny, Associate Professor, School of Law, Murdoch University Australia’s policy towards refugees and asylum seekers stands at a critical juncture. Global displacement is at record highs and many countries are retreating from their responsibilities. At this moment, Australia can lead by example. As Australia’s prime
Please don’t tape your mouth at night, whatever TikTok says. A new study shows why this viral trend can be risky Source: The Conversation (Au and NZ) – By Moira Junge, Adjunct Clincal Associate Professor (Psychologist), Monash University K.IvanS/Shutterstock You might have heard of people using tape to literally keep their mouths shut while they sleep. Mouth taping has become a popular trend on social media, with many fans claiming it helps improve sleep and overall
E-bikes for everyone: 3 NZ trials show people will make the switch – with the right support Source: The Conversation (Au and NZ) – By Caroline Shaw, Associate Professor in Public Health, University of Otago Getty Images Anyone who uses city roads will know e-bikes have become increasingly popular in Aotearoa New Zealand. But we also know rising e-bike sales have been predominantly driven by financially well-off households. The question now is,
Drivers of SUVs and pick-ups should pay more to be on our roads. Here’s how to make the system fairer Source: The Conversation (Au and NZ) – By Milad Haghani, Associate Professor & Principal Fellow in Urban Risk & Resilience, The University of Melbourne In the year 2000, almost 70% of all new cars sold in Australia were small passenger vehicles – mainly sedans and hatchbacks. But over 25 years, their share has dropped dramatically
Australia’s Wong condemns ‘abhorrent, outrageous’ Israeli comments over blocked aid Asia Pacific Report Australia’s Foreign Minister Penny Wong has released a statement saying “the Israeli government cannot allow the suffering to continue” after the UN’s aid chief said thousands of babies were at risk of dying if they did not receive food immediately. “Australia joins international partners in calling on Israel to allow a full
The West v China: Fight for the Pacific – Episode 1: The Battlefield Al Jazeera How global power struggles are impacting in local communities, culture and sovereignty in Kanaky, New Caledonia, the Solomon Islands and Samoa. In episode one, The Battlefield, tensions between the United States and China over the Pacific escalate, affecting the lives of Pacific Islanders. Key figures like former Malaita Premier Daniel Suidani and tour
Windows are the No. 1 human threat to birds – an ecologist shares some simple steps to reduce collisions Source: The Conversation (Au and NZ) – By Jason Hoeksema, Professor of Ecology, University of Mississippi Birds are drawn to the mirror effect of windows. That can turn deadly when they think they see trees. CCahill/iStock/Getty Images Plus When wood thrushes arrive in northern Mississippi on their spring migration and begin to serenade my neighborhood
40 years on – reflecting on Rainbow Warrior’s legacy, fight against nuclear colonialism Report by Dr David Robie – Café Pacific. – A forthcoming new edition of David Robie’s Eyes of Fire honours the ship’s final mission and the resilience of those affected by decades of radioactive fallout. PACIFIC MORNINGS: By Aui’a Vaimaila Leatinu’u The Greenpeace flagship Rainbow Warrior III ship returns to Aotearoa this July, 40 years
Gordon Campbell: NZ’s silence over Gaza genocide, ethnic cleansing COMMENTARY: By Gordon Campbell Since last Thursday, intensified Israeli air strikes on Gaza have killed more than 500 Palestinians, and a prolonged Israeli aid blockade has led to widespread starvation among the territory’s two million residents. Belatedly, Israel is letting in a token amount of food aid that UN Under-Secretary Tom Fletcher has called a
View from The Hill: Coalition split puts Victorian and NSW Nationals Senate seats at high risk Source: The Conversation (Au and NZ) – By Michelle Grattan, Professorial Fellow, University of Canberra The Victorian and NSW Nationals senators due to face the voters at the 2028 election will struggle to hold their seats if the former partners do not re-form the Coalition before then. Under usual Coalition arrangements, Bridget McKenzie, from Victoria,
New Caledonia, French Polynesia at UN decolonisation seminar in Dili By Patrick Decloitre, RNZ Pacific correspondent French Pacific desk New Caledonia and French Polynesia have sent strong delegations this week to the United Nations Pacific regional seminar on the implementation of the Fourth International Decade for the Eradication of Colonialism in Timor-Leste. The seminar opened in Dili today and ends on Friday. As French Pacific
NSW is copping rain and flooding while parts of Australia are in drought. What’s going on? Source: The Conversation (Au and NZ) – By Andrew King, Associate Professor in Climate Science, ARC Centre of Excellence for 21st Century Weather, The University of Melbourne Emergency crews were scrambling to rescue residents trapped by floodwaters on Wednesday as heavy rain pummelled the Mid North Coast of New South Wales. In some areas, more
Source: United States Navy (Logistics Group Western Pacific)
Issued by: on
JINHAE NAVAL BASE, Republic of Korea (April 11, 2025) U.S. Navy Divers assigned to Mobile Diving and Salvage Unit 1, tour a Republic of Korea submarine museum during a joint dive and salvage exercise at Jinhae Naval Base, Republic of Korea, April 11, 2025. Commander, Logistics Group Western Pacific/Task Force 73 sustains the U.S. Navy’s maritime forces and is responsible for all diving and salvage operations in the Western Pacific in support of a free and open Indo-Pacific. (U.S. Navy photo by Mass Communication Specialist 2nd Class Jordan Jennings)
Date Taken:
04.11.2025
Date Posted:
04.18.2025 01:49
Photo ID:
8981205
VIRIN:
250411-N-YV347-1076
Resolution:
7705×5137
Size:
21.12 MB
Location:
JINHAE, KR
Web Views:
14
Downloads:
1
PUBLIC DOMAIN
This work, Mobile Diving and Salvage Unit 1 and the Republic of Korea Navy’s Sea Salvage and Rescue Unit conclude SALVEX Korea 2025 [Image 3 of 3], by PO2 Jordan Jennings, identified by DVIDS, must comply with the restrictions shown on https://www.dvidshub.net/about/copyright.
GALLERY
MORE LIKE THIS
CONTROLLED VOCABULARY KEYWORDS
TAGS
Flag Asset
Mobile Diving and Salvage Unit 1 and the Republic of Korea Navy’s Sea Salvage and Rescue Unit conclude SALVEX Korea 2025
Source: United States Navy (Logistics Group Western Pacific)
Issued by: on
SINGAPORE (May 15, 2025) Participants of Southeast Asia Cooperation and Training (SEACAT) 2025 hold a final planning conference in Singapore, May 15, 2025. SEACAT is a multilateral, multi-platform exercise including ashore and at sea training evolutions that emphasizes real-world engagements to enhance cooperation and maritime security capabilities in the Indo-Pacific. (U.S. Navy photo by Mass Communication Specialist 2nd Class Jordan Jennings)
WASHINGTON – Today on the Senate floor, U.S. Senator Joni Ernst (R-Iowa) reaffirmed that President Trump is showing the world that American leadership is back and echoed his strong message for Vladimir Putin to end Russia’s bloody war.
“Russia’s aggression has already cost too many innocent lives, about 5,000 lives every single week. Too many innocent lives, folks, which is why I support President Trump’s efforts to get a peace deal done now,” said Ernst.
Watch Ernst’s full remarks here.
Ernst’s full remarks:
“Last week, President Trump showed the world that American leadership is back.
“He brought home the last living American hostage – delivering Edan Alexander from Iran-backed Hamas and reuniting him with his family after nearly 600 days.
“He stood with our partners in the Middle East to strengthen the historic Abraham Accords.
“And he delivered a strong message to Vladimir Putin: End the war.
“Today, I stand in support of a sovereign Ukraine and echo the President’s call to Putin to stop this bloodbath that never should have happened.
“This is an issue that not only affects a close partner under siege, but also the strength of the United States of America and the security of the free world.
“Let’s be clear here folks — China is watching. So is Iran and North Korea. And of course, Vladimir Putin is watching, too.
“They call it the ‘new axis of evil’ for a reason.
“Mr. President, I personally witnessed and experienced the growth of the U.S.-Ukrainian relationship when I visited Ukraine in its waning days of Soviet control as part of an agricultural student exchange program.
“This was in 1989, and I had the privilege of living with a Ukrainian family on a very small collective farm.
“Now, as we got together, there were a number of us Iowa students on that exchange, and again, it was an agricultural exchange.
“We came together, each of us with our families, in a group setting, one of the very first nights that we were on that collective.
“And again, with the premise of an agricultural exchange, we were farming tomatoes, working with the cattle and the hogs.
“Very small, small collective.
“We came together, and the Ukrainians wanted to ask us questions.
“So all of us American students, all of us from Iowa, we sat down with our Ukrainian families, and we expected to talk about agriculture.
“Iowa agriculture versus Ukrainian agriculture.
“And much to my surprise, the first question that came from our Ukrainian counterparts, was not about how we raise corn or soybeans in Iowa, it was not about the types of machinery that we used on our farm.
“But the first question the Ukrainians asked us was: What is it like to be free? What is it like to be an American?
“Because in 1989, those Ukrainians were living under Soviet socialist rule.
“They could not travel without having the permission of their government.
“My family did not have a telephone and if they wanted to use the collective manager’s telephone, they would have somebody listening in on the conversation.
“They would have to know the purpose of the telephone call, who they were calling, why they needed to make a telephone call.
“This was 1989, and I learned a lot from that exchange.
“I saw Ukrainian people desperate to break free of socialist economic structures and authoritarian restrictions on freedom of movement, the ability to have your own employment, and on freedom of speech.
“Two years later, Ukraine declared its independence from the Soviet Union and broke free.
“Later, many years later, 2003, the United States was involved in the war in Iraq.
“I was a soldier in 2003, during Iraqi Freedom.
“So I was a transportation company commander permanently stationed in Kuwait.
“My transporters ran convoys from the ports in Kuwait up to Iraq, delivering goods for our war fighters.
“So I was on a little subcamp in Kuwait outside of Camp Arifjan. My soldiers and I lived on that subcamp. The other half of the camp was occupied by other forces.
“Those other forces were Ukrainian soldiers. Ukraine is not part of NATO. They were not required to support the United States of America in Iraq, but Ukraine, of its own volition, sent their soldiers and not just as support elements, they were there as combat forces.
“So again, I was a transporter. We ran convoys in Iraq.
“The other half of that camp that I lived on, they were Ukrainian engineer forces. They did road clearing.
“And I think back, how many American lives did those engineers save from their road clearing efforts, clearing bombs so they wouldn’t be detonated by my drivers?
“Today, Ukraine is fighting its own war.
“And I will remind everyone, the United States does not have forces involved in the Russia-Ukraine war. None. Zero. None.
“Today, Ukraine fights not only for its own survival, but for the very principles the United States was founded on.
“When America leads, the world is safer. When we disengage and when we retreat – like we saw for the last four years under the Biden administration – chaos fills the void.
“Russia’s aggression has already cost too many innocent lives, about 5,000 lives every single week. Too many innocent lives, folks, which is why I support President Trump’s efforts to get a peace deal done now.
“Vladimir Putin cannot keep tapping the United States of America along.
“I vow to keep working with my colleagues to equip the president with all tools necessary to hold Russia accountable – including sanctioning Russia and its supporters – if they continue to drag out peace talks and carry on with the needless bloodshed, so this war that never should have started can come to an end.”
Source: United States Senator Alex Padilla (D-Calif.)
Padilla, Schiff Urge Justice Department Watchdog to Open Investigation into DOJ’s Role in Unconstitutional Qatar Airplane Scheme
WASHINGTON, D.C. — Today, U.S. Senator Alex Padilla (D-Calif.) joined Senator Adam Schiff (D-Calif.) and other members of the Senate Judiciary Committee in demanding an independent investigation by the U.S. Department of Justice’s (DOJ) Inspector General into the Attorney General and the Department of Justice’s involvement in President Trump’s unconstitutional acquisition of a $400 million luxury plane from the Qatari government.
The request for an inquiry cites new reporting that the U.S. government has accepted the plane from Qatar and that President Trump actively solicited the luxury aircraft from Qatar’s government. At Attorney General Pam Bondi’s confirmation hearing, Senator Padilla and his Democratic Judiciary Committee colleagues raised concerns about Bondi’s previous work as a foreign agent for the government of Qatar and how that might influence her work as Attorney General.
“These reports raise the troubling possibility that the Department, and Attorney General Bondi personally, were integral to this scheme by crafting a legal justification to enable the President to circumvent the Foreign Emoluments Clause of the Constitution, federal bribery and ethics laws, and Congress in order to acquire one of the largest foreign gifts in our history,” wrote the Senators.
“Given today’s announcement and the fact that the Department’s leadership has effectively politicized the Office of Professional Responsibility (OPR), which, under normal circumstances, would investigate professional misconduct by Department attorneys, it is imperative that your office undertake an independent and comprehensive investigation,” continued the Senators.
The request to DOJ Inspector General Michael Horowitz was sent by Padilla, Schiff, Judiciary Committee Ranking Member Dick Durbin (D-Ill.), and U.S. Senators Cory Booker (D-N.J.), Richard Blumenthal (D-Conn.), Mazie Hirono (D-Hawai’i), Peter Welch (D-Vt.), and Sheldon Whitehouse (D-R.I.).
Last week, Senator Padilla joined 26 other Senators in cosponsored a resolution condemning President Trump’s acceptance of a luxury airplane gift, valued at $400 million, from the government of Qatar. According to reports, Trump intends to designate the plane as Air Force One while in office and transfer it to a foundation for personal use following the end of his term.
Full text of the letter is available here and below:
Dear Inspector General Horowitz:
We write to request that you open an inquiry into the facts and circumstances surrounding the Department of Justice’s involvement in facilitating President Trump’s effort to acquire a luxury airplane from Qatar, including the actions of Attorney General Pam Bondi. The Department of Defense confirmed today that it is accepting the plane as a gift from the government of Qatar. Given today’s announcement and the fact that the Department’s leadership has effectively politicized the Office of Professional Responsibility (OPR), which, under normal circumstances, would investigate professional misconduct by Department attorneys, it is imperative that your office undertake an independent and comprehensive investigation.
New revelations suggest that President Trump or senior administration officials actively solicited this foreign gift by initiating outreach to Qatar regarding the Boeing 747-8 plane in its possession, and, contrary to claims by President Trump and his associates, by proposing to Qatar that the transfer be in the form of a gift or donation, as opposed to a government-to-government sale. The reporting also raises questions as to whether the administration disclosed to the Qatari government that the Department of Defense would ultimately relinquish the plane and transfer it to President Trump after leaving office, potentially through his presidential library.
Public reports suggest that Attorney General Bondi played a crucial role in providing cover for such a gift by issuing a legal memorandum to White House Counsel David Warrington that “concluded it would be ‘legally permissible’ for the donation of the aircraft to be conditioned on transferring its ownership to Trump’s presidential library before the end of his term.” Under this scheme, the Department of Defense would serve as a clearinghouse to launder the plane on President Trump’s behalf, while bearing the enormous financial cost to retrofit the aircraft to meet necessary security and counterintelligence standards and requirements for Air Force One.
These reports raise the troubling possibility that the Department, and Attorney General Bondi personally, were integral to this scheme by crafting a legal justification to enable the President to circumvent the Foreign Emoluments Clause of the Constitution, federal bribery and ethics laws, and Congress in order to acquire one of the largest foreign gifts in our history. We are particularly concerned that elements of the Department, such as the Office of Legal Counsel, were enlisted to develop such a justification and produce one or more memoranda to allow the White House to claim that such a transfer is lawful. Among other concerns, these new revelations raise key questions regarding whether Department lawyers had a full understanding of the facts to render a complete and accurate legal opinion, or were directed to assess the legality of such a transfer based on incomplete, selective, or shaded details.
Attorney General Bondi’s personal involvement in this scheme requires particular attention. During her confirmation hearing, Attorney General Bondi committed under oath to “consult with the career ethics officials with the Department [of Justice]” to “make the appropriate decision” with respect to matters pertaining to Qatar, given her previous registration as a lobbyist for Qatar under the Foreign Agents Registration Act. The aforementioned solicitation of a $400 million gift from the Qatari government presents a plain conflict of interest that undermines the public’s trust in Attorney General Bondi’s ability to provide impartial legal advice.
Moreover, your office is uniquely positioned to conduct such an inquiry. During Attorney General Bondi’s tenure, the Department has removed senior career ethics officials and kneecapped offices responsible for overseeing ethics and professional misconduct, including the Office of Professional Responsibility (OPR), which was established 50 years ago in response to ethics abuses and serious professional misconduct by senior Department of Justice officials during the Watergate scandal. We have well-founded concerns that OPR is no longer able to fulfill its mandate since the Department’s political leadership removed OPR’s career lead, Jeffrey Ragsdale, who had served in the role since 2020. OPR’s absence as an oversight check on the Department’s senior leadership further reinforces the need for your office to undertake an independent investigation, including into Attorney General Bondi’s actions and whether she consulted career ethics officials as she pledged to do.
Such an investigation would complement parallel oversight requests by Members of Congress, including a request that the acting Inspector General of the Department of Defense investigate the Department of Defense’s involvement in this scheme, questions to the Secretaries of Defense and the Air Force regarding the cost and operational security of retrofitting such a plane, and letters to Attorney General Bondi regarding her role.
The Department of Justice has a long and storied history of rooting out and combatting corruption without fear or favor that is now at risk. In this moment, the responsibility of the Office of Inspector General to “detect and deter waste, fraud, abuse, and misconduct” in the Department has never been more important. Your office has a solemn obligation to hold the Department to account, especially given the credible concerns that it has been used to justify and enable unconstitutional acts and corruption at the highest levels of government.
Thank you for your prompt attention to this important request.
Source: People’s Republic of China – State Council News
A displaced girl is seen in the seaport area of western Gaza City, on May 21, 2025. [Photo/Xinhua]
Palestinian President Mahmoud Abbas on Wednesday called on the international community to take immediate action in response to the “catastrophic and tragic” situation in the Gaza Strip.
“I appeal to world leaders to take urgent and decisive measures to break the blockade on Gaza, allow the entry of humanitarian and medical aid by land, sea, and air, and immediately and permanently halt this aggression,” Abbas said, according to the Palestinian official news agency WAFA.
Abbas also urged for “the release of all detainees and prisoners, a full Israeli withdrawal from Gaza, and the State of Palestine assuming full responsibility,” — steps he described as essential for reconstruction, ending hostilities, and advancing the two-state solution.
He expressed hope that the upcoming UN high-level conference on the two-state solution in June would serve as a turning point, helping implement international resolutions and securing broader recognition and full UN membership for the State of Palestine.
Meanwhile, Mahmoud Basal, spokesperson for Gaza’s Civil Defense, told Xinhua on Wednesday that Israeli aircraft launched dozens of raids on Gaza since dawn, killing at least 56 Palestinians across the territory.
Israel launched its new military campaign, dubbed Gideon’s Chariots, over the weekend. Officials said the operation aims to dismantle Hamas and secure the release of 58 hostages still held in Gaza. The campaign includes the displacement of most of Gaza’s population to further south of the territory and a push to seize control of vast areas in the enclave.
At least 53,655 people have been killed, with 121,950 injured, since the Israeli offensive began 19 months ago, according to the Gaza health authorities on Wednesday.
Source: United States Senator for Rhode Island Jack Reed
WASHINGTON, DC – Today, after the U.S. Department of Defense announced it has accepted a luxury commercial aircraft donated by Qatar for use as the new Air Force One for President Donald Trump while he is in office and then plans to transfer it to Trump’s presidential library when he leaves office, U.S. Senator Jack Reed (D-RI), the Ranking Member of the Senate Armed Services Committee, slammed the decision, stating:
“This is a national embarrassment that raises serious security and ethics questions.
“President Trump is outsourcing a core symbol of American sovereignty, power, and ingenuity. He is forcing U.S. taxpayers to shell out potentially hundreds of millions of dollars to refurbish this so-called gift which will likely only be in official service for a short time.
“Refurbishing a Qatari-gifted plane with the responsibilities of Air Force One isn’t just costly – it’s a serious national security risk. Potentially exposing the President’s communications and safety to a foreign government is reckless and would create unacceptable vulnerabilities for our nation.
“Today’s announcement is not the end of the story, and I expect my colleagues to join me in exercising oversight over this outrageous move. There must be transparency and accountability about the costs of retrofitting this plane, the counterintelligence risks involved, and how it will be used once President Trump leaves office.”
Source: People’s Republic of China – State Council News
BEIJING, May 21 — China’s visa-exemption policies have boosted inbound travel. Since the start of this year, “China Travel” has kept trending. On Wednesday, the Consular Department of the Ministry of Foreign Affairs of China released a list of frequently asked questions about these policies.
Q: Who does the visa waiver apply to?
A: Nationals of 43 countries including Brunei, France, Germany, Italy, Spain, Holland, Malaysia, Switzerland, Ireland, Hungary, Austria, Belgium, Luxembourg, New Zealand, Australia, Poland, Portugal, Greece, Cyprus, Slovenia, Slovakia, Norway, Finland, Denmark, Iceland, Andorra, Monaco, Liechtenstein, the Republic of Korea, Bulgaria, Romania, Croatia, Montenegro, North Macedonia, Malta, Estonia, Latvia, Japan, Brazil, Argentina, Chile, Peru and Uruguay (Brazil, Argentina, Chile, Peru and Uruguay take effect from June 1, 2025) holding valid ordinary passports can be exempted from visa requirement if entering China for the purpose of business, tourism, family or friend visits, exchange and transit. They can stay in China for no more than 30 days without a visa.
Q: Do foreign nationals eligible for a visa waiver need to make declarations to Chinese embassies and consulates in advance?
A: Foreign nationals eligible for a visa waiver do not need to declare in advance to Chinese embassies and consulates before entering China without a visa.
Q: Will the purpose of the intended stay in China be examined by Chinese border inspection authorities when entering China? How will it be done? Are other documents needed for entering China in addition to a passport?
A: Foreign nationals traveling for purposes of business, tourism, family or friend visits, exchange and transit that meet the visa waiver requirements, can be allowed to enter China without a visa upon examination and approval in accordance with the law by border inspection authorities. Entry into China shall be denied by border inspection authorities in accordance with the law to foreign nationals who travel for purposes that do not meet the visa waiver requirements or who are not allowed to enter China in accordance with laws and regulations. It is recommended to take documents such as invitation letters, air tickets and reservations of accommodation as proof corresponding to the purposes of entry into China. Visa waiver does not apply to those who come to China for work, study, journalistic or similar purposes.
Q: Is there any additional requirement for minors eligible for a visa waiver?
A: Visa waiver requirements for minors are the same as for adults.
Q: Are there any requirements regarding the type and validity of entry documents?
A: For foreign nationals, an ordinary passport valid for at least the duration of the intended stay in China is needed. Holders of travel documents or temporary or emergency documents other than ordinary passports are not allowed to enter China without a visa.
Q: How to calculate the duration of stay of 30 days?
A: The duration of stay without a visa is calculated from the day after entry and lasts continuously for 30 calendar days.
Q: Does the visa waiver apply to foreign nationals who travel from a third country?
A: Eligible foreign nationals can depart for China from any country or region.
Q: Does the visa waiver apply to foreign nationals who travel via modes of transport other than aviation?
A: The visa waiver applies to all travelers coming to China through any sea, road and airport open to foreign nationals — except where laws, regulations or bilateral arrangements specify otherwise. For arrivals in China by way of private transport, certain procedures for entry and exit of means of transport shall be processed in accordance with relevant laws and regulations of China.
Q: Does the visa waiver apply to tour groups?
A: The visa waiver applies to eligible foreign nationals either in tour groups or as individuals.
Q: If the length of intended stay exceeds 30 days, can the visa waiver be extended?
A: Foreign nationals planning to stay in China for over 30 days shall apply for visas corresponding to their purposes of stay in advance at Chinese embassies or consulates. If they have to stay longer than 30 days for appropriate and sufficient reasons after entering China without a visa, they shall apply for stay permits to the exit and entry administrations of public security authorities of China.
Q: Does the visa waiver allow multiple entries? Is there any requirement on the length of intervals between each entry, or any restriction on the number of entries without a visa or total days of stay?
A: Foreign nationals eligible for the visa waiver can enter China without a visa multiple times. Currently, there is no restriction on the number of entries or total days of stay, but those who enjoy visa-free travel to China shall not engage in activities inconsistent with their purpose of entry.
Source: People’s Republic of China – State Council News
Top-seeded Chinese Sun Yingsha defeated France’s Charlotte Lutz in straight sets to reach the women’s singles last 16 at the World Table Tennis Championships on Wednesday.
Sun Yingsha serves during the women’s singles round of 32 match between Sun Yingsha of China and Charlotte Lutz of France at ITTF World Table Tennis Championships Finals Doha 2025 in Doha, Qatar, May 21, 2025. (Xinhua/Xiao Yijiu)
“Go go Shasha!” rooted for by a loud crowd, the 24-year-old superstar clinched an 11-4, 11-6, 11-6, 11-1 victory over the 20-year-old and world No. 92.
“This was our first meeting, and I had studied her match videos,” said Sun after a 29-minute match. “She is young and promising.”
Sun will next play against South Korea’s Shin Yu-bin, who advanced over Italy’s Gaia Monfardini in a score of 11-5, 8-11, 11-9, 14-12, 16-14.
Source: People’s Republic of China – State Council News
FC Barcelona announced on Wednesday that coach Hansi Flick has agreed to extend his contract with the club until the end of June 2027.
“The German coach will sign on Wednesday the extension of his contract until 2027 – for one more season – The act will be held in the offices at the Camp Nou,” confirmed a statement from the club.
Hansi Flick gestures on the touchline during the Group E match between Germany and Japan at the 2022 FIFA World Cup at Khalifa International Stadium in Doha, Qatar, Nov. 23, 2022. (Xinhua/Cao Can)
The extension on Flick’s original deal, which was due to expire in 2026, comes after the former Bayern Munich and German national team boss has led Barca to this season’s La Liga title, the Copa del Rey and the Spanish Supercup in his first season in charge.
Flick’s only disappointment was a narrow defeat after extra time to Inter Milan in the semifinals of the Champions League.
Source: United States Senator Ron Wyden (D-Ore)
May 21, 2025
Washington, D.C. – Oregon’s U.S. Senators Jeff Merkley and Ron Wyden, alongside U.S. Representative Val Hoyle (OR-04), are calling on Samaritan Health Services to maintain rural and coastal Oregonians’ full access to labor and delivery services.
Amidst internal discussions by the Samaritan Health Service’s board, the lawmakers sent a letter to new President and CEO Marty Cahill, expressing concerns over Samaritan’s reported plan to close its labor and delivery unit in Lincoln City and consolidate those services in Newport, as well as close its labor and delivery unit in Lebanon and consolidate those services in Albany.
“We have heard from concerned doctors and nurses that this decision would have devastating effects on the health and safety of expectant mothers, newborns, and families,” cautioned the lawmakers.
The units in Lincoln City and Lebanon serve a wide geographic area, and closures would force patients to travel dangerously long distances—in some cases, more than an hour—to receive both routine and emergency obstetric care. This decision would create a maternity care desert for rural North Lincoln County, while also putting an undue burden on many families that could cause them to bypass necessary medical care.
While the lawmakers deeply understand the numerous economic challenges facing rural labor and delivery units across Oregon—including low volumes of births, workforce shortages, and challenging reimbursement rates—they’ve also seen the negative impacts labor and delivery unit closures have on Oregon’s mothers and families. Together, they are calling for Samaritan Health to pursue innovative approaches and use a thoughtful, community-driven process to preserve access to all maternal health care services.
“Physicians, nurses, and other clinicians who provide obstetric services should be part of the process and help develop recommendations that will keep birthing services open while addressing the tough financial environment for Oregon hospitals. This could include collaborating with nearby hospitals and deploying telehealth models to expand the capacity of the obstetrics workforce,” continued the lawmakers.
As Samaritan Health’s leaders continue to navigate a path forward, Merkley, Wyden, and Hoyle will keep advocating for them to engage in a transparent process with the community they serve before making any changes to the maternal health care services they provide for the community.
“We urge you to pursue all resources available to you to keep the labor and delivery units open in Lincoln City and Lebanon,” the lawmakers closed.
Full text of the letter can be found by clicking HERE.
Miami, Florida, May 21, 2025 (GLOBE NEWSWIRE) — Oyster Enterprises II Acquisition Corp (the “Company”) announced today the upsized pricing of its initial public offering of 22,000,000 units at a price of $10.00 per unit. The units are expected to be listed on the Nasdaq Global Market (“Nasdaq”) and begin trading tomorrow, May 22, 2025, under the ticker symbol “OYSEU.” Each unit consists of one Class A ordinary share and one right (the “Share Right”) to receive one tenth (1/10) of one Class A ordinary share upon the consummation of an initial business combination. There are no warrants issued publicly or privately in connection with this offering. Once the securities constituting the units begin separate trading, the Class A ordinary shares and Share Rights are expected to be listed on Nasdaq under the symbols “OYSE” and “OYSER,” respectively. The offering is expected to close on May 23, 2025, subject to customary closing conditions. The Company has granted the underwriters a 45-day option to purchase up to an additional 3,300,000 units at the initial public offering price to cover over-allotments, if any.
The Company is a blank check company formed for the purpose of effecting a merger, amalgamation, share exchange, asset acquisition, share purchase, reorganization or similar business combination with one or more businesses. The Company may pursue an acquisition opportunity in any business, industry, sector or geographical location, but is focused on industries that align with the background of the Company’s management team and advisor, including technology, media, entertainment, sports, consumer products, financial services, real estate and hospitality. The Company will also focus on AI companies positioned to complement or disrupt those industries, as well as companies within the digital assets and blockchain ecosystem.
The Company’s management team is led by Mario Zarazua, its Chief Executive Officer and Vice Chairman, and Heath Freeman, its Chairman. In addition, the Board includes Divya Narendra, Lief Haniford and Jordan Fliegel. Randall D. Smith is an Advisor to the Company, and Mike Rollins is the Chief Financial Officer.
BTIG, LLC is acting as sole book-running manager for the offering.
The offering is being made only by means of a prospectus. When available, copies of the prospectus may be obtained from BTIG, LLC, Attention: 65 East 55th Street, New York, New York 10022, or by email at ProspectusDelivery@btig.com, or by accessing the SEC’s website, www.sec.gov.
A registration statement relating to the securities has been filed with the U.S. Securities and Exchange Commission (“SEC”) and became effective on May 21, 2025. This press release shall not constitute an offer to sell or the solicitation of an offer to buy, nor shall there be any sale of these securities in any state or jurisdiction in which such an offer, solicitation or sale would be unlawful prior to registration or qualification under the securities laws of any such state or jurisdiction.
Forward-Looking Statements
This press release contains statements that constitute “forward-looking statements,” including with respect to the proposed initial public offering and search for an initial business combination. No assurance can be given that the offering discussed above will be completed on the terms described, or at all, or that the net proceeds will be used as indicated.
Forward-looking statements are subject to numerous conditions, many of which are beyond the control of the Company, including those set forth in the “Risk Factors” section of the Company’s registration statement and preliminary prospectus for the Company’s initial public offering filed with the SEC. Copies of these documents are available on the SEC’s website, www.sec.gov. The Company undertakes no obligation to update these statements for revisions or changes after the date of this release, except as required by law.
EconomyEntrepreneurs / Start-UpTech / DigitalInnovation – Ministers and senior tech stakeholders from the European Union, Germany and the UAE inaugurate the momentous first edition of GITEX EUROPE x Ai Everything.
Berlin, Germany – 21 May 2025: Berlin became the focal point of Europe’s tech momentum and global digital cooperation as GITEX EUROPE x Ai Everything 2025 opened its doors today at Messe Berlin, launching the region’s largest inaugural tech, startup and digital investment event to capacity crowds and the biggest, most international lineup of tech and businesses converging in Europe. The show arrives at an inflection point in Europe’s digital future, sparked by a continent-wide ‘Choose Europe’ movement to anchor the next wave of innovation, research, investment, talent and deep-tech breakthroughs on home ground; alongside a renewed impetus in Germany represented by the formation of a new government and the country’s first digital ministry taking stewardship on digital transformation, AI excellence and data policy.
Born in the UAE with global editions now running in seven countries, GITEX is the world’s largest and best-rated tech and startup event, reflecting the UAE’s wider national commitment to global digital collaboration. With the show’s expansion into Europe, it echoes the UAE’s shared commitment to advance innovation and scientific frontiers, recently strengthened with Abu Dhabi’s MGX investment and Nvidia partnering to develop Europe’s largest AI data center campus (1) alongside the development of a new 5GW AI campus (2), the largest of its kind outside the US to be based in Abu Dhabi.
Welcome addresses led the inauguration ceremony from European and global leaders, including Kai Wegner, Governing Mayor of Berlin; H.E. Alia Al Mazrouei, UAE Minister of State for Entrepreneurship; Clara Chappaz, the Minister of AI and Digital of France; Thomas Jarzombek, Parliamentary State Secretary at the Federal Minister for Digital and State Modernization, Germany; Jan Kavalírek, Deputy Minister of Industry and Trade, Czech Republic; Franziska Giffey, Mayor of Berlin & Senator for Economic Affairs, Energy and Public Enterprises; and Trixie LohMirmand, EVP of Dubai World Trade Centre, the global organiser of GITEX.
With participation from over 100 countries, 1,400 tech companies, startups, and SMEs, more than 600 influential investors, and 500 industry leaders on-stage, the event sparked strategic dialogues on innovation, investment, policy shifts and business transformations, as well as catalysed collaborations at scale – across sectors and geographies. Taking place until 23 May at Messe Berlin, GITEX EUROPE x Ai Everything 2025 is organised in partnership with the Berlin Senate Department for Economics, Energy and Public Enterprises, Germany’s Federal Ministry for Economic Affairs and Climate Action, Berlin Partner for Business and Technology, and the European Innovation Council (EIC).
Kai Wegner, Governing Mayor of Berlin: “The GITEX tech fair – which is taking place in Berlin for the very first time – brings founders from around the world, investors, and established companies together. As Germany’s startup capital, Berlin is the perfect place for GITEX. We want to create the best environment for founders in our city. Networking events and industry fairs like GITEX are part of that effort.”
Her Excellency (H.E.) Alia Al Mazrouei, the UAE Minister of State for Entrepreneurship: “Moving beyond economic diplomacy, the UAE is now championing entrepreneurial diplomacy, guided by our diligent efforts in fostering global partnerships to empower entrepreneurs in the country. GITEX EUROPE’s vision of bringing together SMEs, investors, accelerators, incubators and industry leaders to ignite innovation, foster collaboration, and drive growth aligns with the UAE’s aspirations to strengthen partnerships with Europe in entrepreneurship and digital economy.”
Clara Chappaz, the Minister of AI and Digital of France, commented on the development of AI: “When you were hear about Europe being a continent of regulation, this is the past. Today, Europe is all about innovation. More than ever, we have all the ingredients to succeed as Europeans building these amazing technologies when it comes to AI. The partnerships between France and Germany is extremely determined to accelerate Europe when it comes to innovation, and in particular when it comes to everything we can do on digital innovation.”
Thomas Jarzombek, Parliamentary State Secretary at the Federal Minister for Digital and State Modernization reiterated: “It’s a great opportunity here to connect startups and also for investment opportunities right now here in Berlin. We have to move forward, faster than we did in the past. Easy for you to do business in Germany, easy for every citizen to do everything with an app and to digitalize things you have in our pocket right now.”
Jan Kavalírek, Deputy Minister of Industry and Trade, Czech Republic: “One of our top priorities right now, is to create the best possible environment for AI researchers and to deploy artificial intelligence across all the industrial sector. This is the reason why we invest in AI heavily, both in software and in hardware infrastructure, and this is also the reason why we are glad to part of GITEX EUROPE.”
Franziska Giffey, Mayor of Berlin and Senator for Economic Affairs, Energy and Public Enterprises: “We have more than 5,000 startup enterprises here in Berlin, and of course we want to do more. We want to be the number one innovation place in Europe. Whenever you think about coming to the place of freedom, the place of possibilities, come to Berlin.”
Trixie LohMirmand, global organiser of GITEX: “As the world’s third largest economy, Germany’s market gravity and Europe’s openness create a powerful test-bed where capital, code and talent can cross-pollinate at speed, forging new collaborative forces across geographies and sectors. GITEX EUROPE proves that innovations can scale beyond borders, opening new markets and opportunities for Europe’s most ambitious companies.”
Spanning high impact showcases and talks covering AI, cybersecurity, deep tech, green tech, quantum computing, SMEs, and startup, scaleup and investments, GITEX EUROPE x Ai Everything offers unmatched opportunities to access new markets, breakthrough technologies, industry transformations and business insights.
Across the show floor, global tech enterprises including IBM, AWS, Bosch, Cisco, CrowdStrike, Dell, Fortinet, Lenovo, ManageEngine, NinjaOne, NVIDIA, and SAP, alongside over 750 startups from 60 countries, showcase how infrastructure, intelligence, and investment intersect to propel Europe’s digital future forward. From business leaders to AI architects, quantum researchers to CIOs, green tech innovators to global investors, the opening day’s gathering set the tone for decisive partnerships accelerating the continent’s AI and digital competitiveness.
The opening day conference programme was headlined by Dr. Geoffrey Hinton, Nobel Physics Laureate and ‘Godfather of AI’ with a riveting keynote on ‘AI for Humanity’s Greatest Challenges’. In April 2025, the United Arab Emirates and European Union delivered a joint statement to begin dialogue toward a Comprehensive Economic Partnership Agreement (CEPA) (3) aimed at strengthening bilateral trade and investment ties across key sectors such as AI, advanced manufacturing, healthcare and more.
GITEX EUROPE x Ai Everything leverages a powerful network of established relationships in tech, policy, investment and business spanning four regions and seven countries, with more new international editions in the wings. Currently the GITEX global network of events takes place in Abu Dhabi, Dubai, Germany, Morocco, Nigeria, Singapore, Thailand, and Vietnam.
GITEX EUROPE x Ai Everything 2025, Europe’s most global, collaborative, and cross-industry tech event, taking place from May 21–23, 2025, at Messe Berlin, Germany. Convening over 1,400 exhibiting enterprises, SMEs and startups from 100-plus countries, alongside over 600 investors, and 500 expert speakers across AI, Deep Tech, Quantum, Cybersecurity, Connectivity, Smart Cities, Green Tech, and many more, GITEX EUROPE x Ai Everything is advancing the continent’s digital future in partnership with the world. This inaugural edition features the new SMEDEX, GITEX SCALEX, and GQX, and brings to Germany the world’s largest and best-rated startup and investor event – North Star Europe. GITEX EUROPE x Ai Everything is seamlessly connected with the GITEX network of tech and startup events in Germany, Morocco, Nigeria, Singapore, Thailand, UAE, and Vietnam. For more information, please visit: www.gitex-europe.com
Source: United States Senator for West Virginia Shelley Moore Capito
[embedded content]
To watch Chairman Capito’s opening statement, click here or the image above.
WASHINGTON, D.C. – Today, U.S. Senator Shelley Moore Capito (R-W.Va.), Chairman of the Senate Environment and Public Works (EPW) Committee, led a hearing on the U.S. Environmental Protection Agency’s (EPA) proposed budget for Fiscal Year 2026 with EPA Administrator Lee Zeldin.
In her opening remarks, Chairman Capito applauded Administrator Zeldin for his leadership in returning EPA to its core mission, reversing the federal overreach of the previous administration, and focusing the agency on issues important to West Virginia and the country. Additionally, Chairman Capito highlighted ways EPA’s proposed budget benefits hardworking Americans and areas it can be improved.
Below is the opening statement of Chairman Shelley Moore Capito (R-W.Va.) as delivered.
“Welcome to Administrator Zeldin, it is good to see you again. I understand you’ve had several hearings over the past few days, so I know you’ve been busy. I believe you are doing an excellent job in implementing your vision to return the EPA to its core mission of protecting our country’s air, our land, and water, while eliminating wasteful spending.
“To start, I applaud your aggressive efforts to undo the previous administration’s regulatory overreach. Your leadership will put us on the path to energy dominance with sound environmental procedures.
“Your efforts, like rescinding the Biden Clean Power Plan 2.0 rule…that was part of a comprehensive strategy intended to shut down all fossil-fuel electric generation, will unleash our economy and help onshore American jobs.
“President Trump and his team are also putting West Virginia first, by announcing an agency-wide PFAS strategy and providing West Virginia with the authority to permit wells to sequester carbon dioxide. I appreciate the structural changes that you, Administrator Zeldin, are bringing to the EPA.
“Several weeks ago, the EPA announced that it would move more than 130 experts to assist with reviews of new chemicals and pesticides. In 2016, the Congress told the EPA to accelerate the new chemical approval process, but the Agency has done little to comply with that direction. Reviews currently take months, if not years, stifling innovation and leaving companies reliant on outdated chemicals.
“Addressing the pace of this process is crucial to maintaining our competitiveness in a global market, expanding our key industries, and onshoring critical supply chains. I appreciate that you, Administrator Zeldin, are taking into account my previous calls to provide more resources to address this issue.
“This leads us to why we are here today, the EPA’s budget. I first want to thank the Administrator for acting on his pledge to prioritize being a good steward of tax-payer dollars.
“EPA has restored accountability to grant programs enacted through the partisan Inflation Reduction Act. For example, in February, the EPA canceled a $50 million grant made to the Climate Justice Alliance under the IRA’s environmental justice grant program.
“The Climate Justice Alliance is a non-profit organization that I investigated and found explicitly engaged in pro-Hamas, anti-Israel, anti-Semitic, anti-police, and anti-military activities. Some of these activities occurred while they were under consideration for an EPA grant awarded by the last administration.
“The EPA has taken immediate action to investigate and reclaim the $20 billion dollars awarded under the so-called ‘Green Bank’ program in the IRA. This money was rushed out the door before the end of the last administration under unprecedented, and I would say, suspicious terms.
“The EPA’s proposed Fiscal Year 2026 budget shows deep reductions for the agency. Some of these cuts reflect the best interests of hardworking Americans.
“For example, the budget proposes to cut $100 million from environmental justice programs that were added under the Biden Administration and have unnecessarily imposed requirements that are burdensome for small, regulated entities or grant awardees. This is a welcome start and it will reduce regulatory compliance burdens and allow tax dollars to beneficially impact more entities.
“However, there are bipartisan programs that would be impacted if the proposed budget is enacted, programs that have done much to help continuously clean up the air, water, and lands, as well as provide safe drinking water.
“For example, the proposed budget would reduce funding for the Brownfields program and includes an 89% cut to the Clean Water and Drinking Water State Revolving Funds.
“I and many of my colleagues have long been vocal about the importance of federal assistance for water infrastructure through the State Revolving Funds. In 2021, Congress made the largest bipartisan investment in the State Revolving Funds and water infrastructure in our nation’s history, delivering more than $50 billion for drinking water, wastewater, and stormwater programs.
“State revolving funds have helped many West Virginians, and many around the country, get connected with the water access and resources that they need. I hope that we can work together through the Appropriations process, as well as through the committee’s reauthorizations efforts, to make sure that adequate resources remain available to support our water systems.
“I look forward to building to that future with you, Mr. Administrator, over the next several years.”
Source: United States Senator for New Mexico Martin Heinrich
WASHINGTON — U.S. Senator Martin Heinrich (D-N.M.) joined U.S. Senator Peter Welch (D-Vt.) to introduce a resolution calling on the Trump Administration to use all diplomatic tools at its disposal to bring an end to the blockade of food and life-saving humanitarian aid to address the needs of civilians in Gaza. In their resolution, the senators express grave concern about the ongoing humanitarian crisis in Gaza, including the imminent starvation of tens of thousands of children.
On March 2, 2025, the Israeli Government began blocking all food and emergency aid —including food, medicine, infant formula, fuel, and other lifesaving humanitarian supplies — from reaching Palestinian civilians in Gaza. In the same month, all 25 World Food Program (WFP)-supported bakeries in Gaza closed, wheat flour and cooking fuel ran out, and food parcels distributed to families — with two weeks of food rations — were depleted. According to the United Nations, about 10,000 children have been identified as suffering from acute malnutrition since January 2025.
“We must deliver critically needed food and medicine to innocent civilians in Gaza facing extreme hunger, death, disease and widespread destruction. While Israel has the right to defend itself, it must follow U.S. and international humanitarian law. Unfortunately, Israel has been and continues to act in direct violation of the requirements mandated under the Foreign Assistance Act and the Arms Export Control Act,” said Heinrich.
“As we continue to pursue pathways to achieve a two-state solution, which remains crucial both for Palestinians’ sovereignty and self-determination and for Israel’s security in the region, we must work toward a long-term, post-war plan that can achieve lasting peace in the region,” Heinrich continued.
The resolution is led by U.S. Senator Peter Welch (D-Vt.). Alongside Heinrich, the resolution is co-sponsored by U.S. Senators Dick Durbin (D-Ill.), Bernie Sanders (I-Vt.), Michael Bennet (D-Colo.), Cory Booker (D-N.J.), Tammy Duckworth (D-Ill.), Ruben Gallego (D-Ariz.), John Hickenlooper (D-Colo.), Mazie Hirono (D-Hawaii), Tim Kaine (D-Va.), Angus King (I-Maine), Andy Kim (D-N.J.), Amy Klobuchar (D-Minn.), Ed Markey (D-Mass.), Jeff Merkley (D-Ore.), Chris Murphy (D-Conn.), Patty Murray (D-Wash.), Jon Ossoff (D-Ga.), Jack Reed (D-R.I.), Jeanne Shaheen (D-N.H.), Elissa Slotkin (D-Mich.), Brian Schatz (D-Hawaii), Tina Smith (D-Minn.), Chris Van Hollen (D-Md.), Mark Warner (D-Va.), Reverend Raphael Warnock (D-Ga.), Elizabeth Warren (D-Mass.), Sheldon Whitehouse (D-R.I.), and Ron Wyden (D-Ore.).
The senators’ resolution is supported by Anera, the Friends Committee on National Legislation, J Street, and Oxfam America.
The full text of the resolution is here.
Source: United States Senator for South Carolina Lindsey Graham
WASHINGTON – U.S. Senator Lindsey Graham (R-South Carolina) today spoke on the Senate floor about peace through strength and moral clarity during dangerous times.
On moral clarity during dangerous times:
GRAHAM: “Russia is the aggressor. Russia must end this bloodbath. That is my view of [the Russia-Ukraine war]. Let’s look in history and see what happens when you have moral clarity and see what happens when you lose it.” https://youtu.be/7QdErvIuatE?si=V0-X6tkjJE_8De10&t=566
GRAHAM: “Hitler told [the world] what he was going to do, he wrote a book. But [former UK Prime Minister] Chamberlain obviously didn’t read the book and he didn’t have the moral clarity to confront the Nazi regime, and a lot of people died. September 30, 1938 [Chamberlain said] ‘I believe it is peace for our time.’ … Less than a year later, the world was on fire.” https://youtu.be/7QdErvIuatE?si=9GJNnus0en6x_S6R&t=643
GRAHAM: “‘When all are free, then we can look forward to that day when this city will be joined as one and this country and this great continent of Europe in a peaceful and hopeful globe.’ [President John F. Kennedy] was talking about Berlin. Moral clarity to the Soviet Union. He stood up for freedom and stood against the Soviet empire.” https://youtu.be/7QdErvIuatE?si=V0-X6tkjJE_8De10&t=718
GRAHAM: “Ronald Reagan: ‘Mr. Gorbachev, tear down this wall!’ How clear could you be? On the other side of this wall is an evil empire. That moral clarity, over time, brought the Soviet Union down to its knees.” https://youtu.be/7QdErvIuatE?si=V0-X6tkjJE_8De10&t=749
On President Trump’s leadership:
GRAHAM: “When [President Trump] got in office, one of his top priorities was to fix a broken border. Look what’s happened…He’s turned it all off because he was firm and resolved with Mexico and others. His border policies have worked.” https://youtu.be/7QdErvIuatE?si=BaLGLKsqVGj9HRCd&t=363
GRAHAM: “What has [President Trump] said about Iran? ‘You know it’s not a complicated formula. Iran cannot have a nuclear weapon. That’s all there is.’ That’s moral clarity. You can understand that no matter where you’re at on the planet.” https://youtu.be/7QdErvIuatE?si=sOxbu_x3XKBdCBOm&t=436
GRAHAM: “I appreciate President Trump’s earnest effort to bring the parties together to find a solution we can all live with, to keep an independent sovereign Ukraine, and end this war sooner rather than later. It is clear to me that after all these months, the earnest efforts by President Trump are not being equally met. I think Zelensky is ready to make concessions to end this war. Putin seems to be [doing] more talking and less acting.” https://youtu.be/7QdErvIuatE?si=uQ3IQiEdRV2rPWwG&t=948
On the Graham-Blumenthal Russia sanctions bill reaching over 80 cosponsors:
GRAHAM: “It is now time to increase the cost of this war to Putin. The sanctions package we have put together has [over] 80 cosponsors. Do you know how hard it is to get 80 Senators to agree on anything? Eighty of us – and the number is climbing – are ready to impose sanctions on Russia if Putin does not come to the table and earnestly seek peace.” https://youtu.be/7QdErvIuatE?si=kWOZu-UhJqd0ru3M&t=1009
GRAHAM: “These sanctions are geared toward China. There are tariffs in these sanctions on any nation that buys Russian oil and gas from the shadow fleet. Putin’s war machine is propped up by China and India buying Russian oil at a massive discount…” https://youtu.be/7QdErvIuatE?si=QJy_NDKD5DdPFoUY&t=1036
Click here to watch Graham’s entire speech
Source: United States Senator for Wisconsin Ron Johnson
WASHINGTON – Today, U.S. Sen. Ron Johnson (R-Wis.), chairman of the Permanent Subcommittee on Investigations (“PSI” or “Subcommittee”), will hold a hearing entitled, “The Corruption of Science and Federal Health Agencies: How Health Officials Downplayed and Hid Myocarditis and Other Adverse Events Associated with the COVID-19 Vaccines.” In conjunction with the hearing, the chairman released an interim Majority Staff Report, along with more than 2,400 pages of records, detailing the failure of federal health agencies to properly warn the public of the risks of myocarditis and related heart inflammation conditions following mRNA COVID-19 vaccination. The report, which follows Chairman Johnson’s Jan. 28, 2025 subpoena to the Department of Health and Human Services (“HHS”), reveals how federal health officials who were aware of reports of heart inflammation conditions associated with mRNA COVID-19 vaccines delayed notifying the public while downplaying the risks.
Records produced pursuant to the subpoena reveal the following: in the first half of 2021, federal health officials had ample evidence of myocarditis and related heart inflammation conditions occurring in young adults who received mRNA COVID-19 vaccines. Although a number of these records were previously made available to the public through the Freedom of Information Act (“FOIA”), the Biden administration’s heavy redactions prevented a full understanding of what federal health officials knew and what actions they took.
As detailed in the report and records Chairman Johnson released, beginning in February 2021, federal health officials were put on notice by counterparts in Israel of individuals experiencing myocarditis and related heart inflammation conditions after receiving mRNA COVID-19 vaccination. Over the next three months, federal health officials continued to receive information on cases of heart inflammation following mRNA COVID-19 vaccination. By mid-May 2021, Centers for Disease Control and Prevention (“CDC”) officials were drafting a formal notification for health care providers and other officials.
Records indicate that while health officials were drafting the notification, a key vaccine safety monitoring system, VAERS, began showing a safety signal for a heart inflammation condition in young adults who had received an mRNA COVID-19 vaccine. Within days of the safety signal, the top ranking official at the Food and Drug Administration (“FDA”), then-Acting Commissioner Janet Woodcock, pushed back on the CDC’s plan to formally notify healthcare providers, ultimately resulting in the formal notification being rejected in favor of a posting on CDC’s website.
The report builds on the work of many individuals who fought tirelessly to obtain records through the FOIA process under the Biden administration. The chairman credits Brenda Baletti, Ed Berkovich, Brian Hooker, Amy Kelly, Zachary Stieber, Naomi Wolf, and many others who worked persistently to expose the truth about the association of myocarditis with the COVID-19 vaccines.
With the release of the interim report and the corresponding subpoenaed documents produced by the Trump administration, the public will be able to access a more complete record of the Biden administration’s failure to warn the public about the health risks of COVID-19 vaccines without heavy FOIA redactions.
Key findings from the report include:
Despite their awareness of the risks, U.S. health officials downplayed the risks of myocarditis and associated heart inflammation conditions after receiving an mRNA COVID-19 vaccine.
U.S. health officials delayed for months alerting the public, and ultimately rejected a formal notification to health care providers about the risks to young people of myocarditis and associated heart inflammation conditions following receipt of an mRNA COVID-19 vaccine.
U.S. health officials were made aware by at least early 2021 that some of their vaccine safety monitoring systems may not have been capturing all cases of myocarditis and associated heart inflammation following receipt of an mRNA COVID-19 vaccine.
The hearing will be live streamed beginning at 2:00pm EST here.
The interim PSI Majority Staff report can be found here.
The records, which at the request of HHS contain minimal redactions for Personally Identifiable Information, are linked below:
Source: United States House of Representatives – Representative Mark Alford (Missouri 4th District)
Today, Congressman Mark Alford (MO-04) announced the launch of the Long-Range Strike Caucus for the 119th Congress. The Caucus provides an informal, bipartisan opportunity to educate Members of Congress on current and future U.S. bomber capabilities, advocate for this essential instrument of national security, and facilitate engagement between Congress, industry, and the Department of Defense. The Caucus is co-chaired by Rep. Don Davis (NC-01).
“We’re proud to re-launch the Long-Range Strike Caucus for this Congress,”said Congressman Alford.“As the Congressman for Whiteman Air Force Base—the home of the B-2 Spirit, and soon the B-21 Raider—I have witnessed first-hand the strategic necessity of our long-range strike capabilities. Last October, I was in the Middle East when our heroic airmen showed the world what they can do, striking terrorist lairs in Yemen with pinpoint precision.That’s not just power. It’s a promise that America can reach out and touch anyone, anywhere, at any time when freedom is at stake. I look forward to bipartisan collaboration on how we can ensure America maintains its superior long-range strike capabilities well into the future.”
“As our nation confronts emerging global threats to national security, the Long Range Strike Caucus can play a significant role in our defense and in safeguarding the American people,” said Congressman Don Davis. “Modernizing our long-range strike aircraft, particularly our bombers, is essential to ensuring that the U.S. military continues to be the world’s premier fighting force.”
Background:
The Long-Range Strike Caucus advocates for our nation’s bomber force and the many missions that support our bombers in conducting long-range strikes. This includes active duty, guard, and reserve units that provide fighter escort, suppression of enemy air defenses, air refueling, testing, acquisition, and depot maintenance.
The Air Force bomber fleet provides a unique ability for the U.S. to rapidly strike any target in the world, an essential capability for deterring our enemies and reassuring our allies and partners.
Despite its active use and global presence, our bomber fleet is the smallest and oldest it has ever been. With an average age of more than 40 years old, almost half of our current long-range strike aircraft pre-date the Cuban Missile Crisis. The failure to adequately modernize has impacted our ability operate, especially in potentially contested environments. Therefore, efforts to develop and procure a new generation of Air Force bombers, including the B-21 Raider and refitted B-52J, are critical to the conventional and nuclear national security apparatus.
Source: United States House of Representatives – Congresswoman Sydney Kamlager California (37th District)
WASHINGTON, DC — In anticipation of Secretary of State Marco Rubio’s first appearance before the House Foreign Affairs Committee, Congresswoman Sydney Kamlager-Dove (D-CA) led 55 lawmakers in a bipartisan letter to Secretary Rubio inquiring about the State Department’s plans to ensure quick and secure visa processing for the expected influx of visitors coming to the U.S. for the 2026 FIFA World Cup, 2028 Olympic Games, and other major international sporting competitions. Reps. Young Kim (R-CA), Darin LaHood (R-IL), and Nikema Williams (D-GA) joined as co-leads.
Currently, six countries–Canada, Colombia, Honduras, India, Turkey, and UAE—have at least one U.S. diplomatic post with visa appointment wait times that extend beyond the start of the first FIFA26 game in the United States.
“The Olympics have the potential to bring up to 15 million visitors to the U.S. and produce an estimated $18 billion in economic impact. Over 5 billion viewers are projected to watch the FIFA World Cup, which could bring millions of visitors to the United States across 11 cities and generate an estimated $3.75 billion in economic revenue,” the lawmakers wrote.
They continued, “However, the success of these games hinges on the State Department’s ability to efficiently process the visa applications of spectators, athletes, and media, including providing adequate visa appointment availability and strategically offering visa interview waiver services where appropriate.
“To meet the moment, the State Department must not take a business-as-usual approach. Accommodating the anticipated surge in international visitation will require innovative solutions in the visa adjudication process that will allow us to maintain security safeguards while reducing unnecessary bureaucratic hurdles. It is critical to begin preparations now to demonstrate our nation’s ability to welcome the world,” the lawmakers concluded.
The letter also encouraged the Administration to update its current visa process to address visa processing challenges, including strategies to:
Develop a visa issuance process that maintains necessary security protocols while expediting processing for accredited individuals and entities participating in the games;
Ensure Consular Affairs is sufficiently resourced to support visa processing offices at overseas posts, disseminate information to Consular Affairs officers regarding games-related visa appointments, and handle the increased demand for visas well ahead of the games;
Establish protocols for visa issuance and entry from countries that are sanctioned or do not have U.S. consular offices, ensuring that all eligible athletes and support staff can participate in the games; and
Consider regulatory adjustments or other measures to reduce visa appointment wait times.
The full letter is HERE.
Reps. Sydney Kamlager-Dove, Young Kim, Darin LaHood, and Nikema Williams were joined by Reps. David Valadao, Bonnie Watson Coleman, Jonathan L. Jackson, Gilbert Ray Cisneros Jr., Sheila Cherfilus-McCormick, Aumua Amata Coleman, María Elvira Salazar, Henry C. “Hank” Johnson Jr., Pramila Jayapal, Jasmine Crockett, Kweisi Mfume, Ken Calvert, Josh Gottheimer, Nanette Diaz Barragán, Ted W. Lieu, Raja Krishnamoorthi, LaMonica McIver, Eric Swalwell, Frederica S. Wilson, Stephen F. Lynch, Nydia M. Velázquez, Emanuel Cleaver, Don Bacon, William R. Keating, Luz M. Rivas, Kevin Mullin, Dina Titus, Greg Stanton, Rick Larsen, Brendan F. Boyle, Tom Cole, Julia Brownley, Suzan K. DelBene, Michael T. McCaul, Michael V. Lawler, Robert Garcia, Mikie Sherrill, Emily Randall, Gabe Amo, Zoe Lofgren, Ami Bera, Suhas Subramanyam, Pete Aguilar, Dan Goldman, Sylvia R. Garcia, Julie Johnson, Nellie Pou, Derrick Van Orden, Kevin Kiley, Laura Friedman, and Jay Obernolte.
Source: People’s Republic of China in Russian – People’s Republic of China in Russian –
Source: People’s Republic of China – State Council News
GENEVA, May 21 (Xinhua) — China, along with Malaysia, Nepal, Saudi Arabia and the Seychelles, co-hosted for the first time a side event on traditional medicine on the sidelines of the 78th World Health Assembly in Geneva on May 20.
The event focused on integrating traditional medicine into national health systems, supporting universal health coverage, advancing towards the Sustainable Development Goals and building a community of hygiene and health for all humanity.
The event brought together more than 100 participants, including high-level health officials from many countries, representatives of the World Health Organization (WHO), renowned experts and scientists, and figures from international academia.
The event featured a keynote speech by Yu Yanhong, Director of the National Administration of Traditional Chinese Medicine of the People’s Republic of China. She noted China’s centuries-long commitment to the development of traditional Chinese medicine, emphasizing the country’s unique path in developing traditional medicine with Chinese characteristics and the significant successes achieved along the way.
Yu Yanhong called on countries to develop traditional medicine systems in accordance with their national characteristics and promote the modernization of traditional medical practices. She also reaffirmed China’s commitment to promoting more effective integration of traditional medicine into national health systems around the world.
Seychelles Health Minister Peggy Vido said traditional medicine and herbalism have a long history and deep cultural roots in her country, with their benefits gaining increasing public recognition every day.
She proposed to pay special attention to ensuring the necessary level of education and standard training of practitioners, disseminating evidence-based practices and creating a framework to guarantee the quality, effectiveness and safety of traditional medicine as its role in health systems continues to grow. P. Vido also expressed her country’s interest in further strengthening cooperation with China and other countries in this area.
WHO Regional Director for the Western Pacific, Saiya Mau Piukala, described traditional medicine as a vital pillar of health systems that has made a significant contribution to global health.
He praised China’s achievements in preserving and updating traditional medicine, stressing that these practices should complement modern medicine rather than compete with it.
The WHO regional head called for stronger international cooperation to ensure the safety, quality and accessibility of traditional medicine. S. M. Piukala also noted that the Western Pacific Region is actively working to integrate traditional medicine into universal health coverage systems so that more people can benefit from such treatment. –0–
Source: People’s Republic of China in Russian – People’s Republic of China in Russian –
Source: People’s Republic of China – State Council News
MINSK, May 21 (Xinhua) — The 12th International Exhibition of Arms and Military Equipment MILEX-2025 opened on Wednesday at the Minsk International Exhibition Center “BelExpo”. More than 150 companies from Belarus, Russia, China, Iran, Pakistan, and India are taking part in the event. They are demonstrating samples of weapons and military equipment that reflect the main trends and development prospects of the global arms market.
President of Belarus Alexander Lukashenko sent a greeting to the participants and guests of the international exhibition. “In the year of the 80th anniversary of the Victory of the Soviet people in the Great Patriotic War, we are holding this representative forum in honor of our common heroes. The generation of victors bequeathed to us to preserve peace and freedom in our native land, won at an unprecedentedly high price. In the name of this goal, we, the allied countries, are increasing our defense potential and strengthening cooperation in the field of security,” A. Lukashenko’s press service quotes him as saying.
The President of Belarus expressed confidence that the international exhibition of weapons and military equipment will allow a wide range of specialists and experts to become familiar with the most advanced achievements of both Belarusian manufacturers and foreign partners.
MILEX-2025 presents more than 750 samples of weapons, military and special equipment of Belarusian production. Among them are the anti-aircraft missile system “Buk-MB-2K” with the first Belarusian anti-aircraft guided missile, the grenade launcher system “Sapfir”, the armored personnel carrier V-2. The total area of the exhibition exceeds 11.5 thousand square meters.
The 11th International Scientific Conference on the Development of Weapons, Military and Special Equipment and Dual-Use Technologies will be held as part of the scientific and business program of the event. The conference will address current issues of creating systems to counter high-precision weapons, electronic warfare, radio-technical and radar reconnaissance, troop and weapon control, and radio communications. A separate section will be devoted to the topic of unmanned systems for various purposes.
The organizers of the 12th International Exhibition of Arms and Military Equipment MILEX-2025 are the State Military-Industrial Committee and the Ministry of Defense of Belarus, as well as the National Exhibition Center “BelExpo”. The event will last until May 24. –0–
Source: United Kingdom – Executive Government & Departments
Press release
PM meeting with President Nikos Christodoulides of Cyprus: 21 May 2025
The Prime Minister hosted President Nikos Christodoulides of Cyprus for a short meeting in Downing Street during his visit to London.
The Prime Minister hosted President Nikos Christodoulides of Cyprus for a short meeting in Downing Street during his visit to London.
The leaders began by reflecting on the Prime Minister’s historic visit to Cyprus in December and welcomed the strengthening of the relationship between the two countries.
The Prime Minister updated on the UK-EU Summit earlier in the week, and thanked President Christodoulides for his support in resetting the relationship between the UK and Europe.
The leaders looked forward to speaking again soon.
Source: United States Senator Ted Budd (R-North Carolina)
Washington, D.C. — U.S. Senator Ted Budd (R-N.C.) met with Prime Minister Masrour Barzani of the Iraqi Kurdistan Regional Government today. They discussed recent energy agreements between the Kurdistan Regional Government and United States energy companies, as well as ways to strengthen security cooperation between the United States and the Iraqi Kurdistan Region.
Following the meeting, Senator Budd released the following statement of support:
“I’d like to thank Prime Minister Masrour Barzani for his hospitality when I met with him in Erbil last year. Today, I was glad to host the Prime Minister in my office to discuss United States commercial investments in the Iraqi Kurdistan region and ongoing security cooperation. The gas field development deals announced this week will strengthen shared bonds between the American and Kurdish people, but also result in much needed energy independence for Iraq.
“In the meeting, I also received updates on security cooperation between the Department of Defense and Kurdish Peshmerga forces. Following our discussion, I am increasingly concerned by reported delays in the delivery of U.S. provided defense equipment to the Peshmerga,” said Senator Budd.
During the action day, authorities in both countries seized assets worth at least several millions euros, including apartments and companies, as well as various luxury vehicles. . Large amounts of cash and quantities of cocaine and heroin were also seized. A full and complete evaluation of the seizures will be carried out in the coming days.
No complete estimate of the total profits of the cooperation between the three OCGs is available. However, information obtained through the JIT shows that the criminal networks were involved in payments, often in cash, of close to EUR 5 million and the trafficking of at least 1 800 kilos of cocaine and heroin.
Investigations into the linked criminal organisations were initiated in 2016 by the Public Prosecutor’s Office of Bari and the Special Anti-Corruption and Organised Crime Prosecutor’s Office of Tirana and the Albanian Police. On the Albanian side, one OCG, which operated from Durres, was responsible for the transport and wholesale distribution of large quantities of cocaine, heroin and cannabis trafficked between the Balkans, Northern Europe, South America and Puglia in Italy.
Two Italian-led criminal gangs carried out the cutting and packaging of illicit drugs and supplied cocaine and heroin from Latin America and Turkey to local gangs in organisations in Bari, Brindisi and Lecce.
The arrests in Italy and Albania are the result of a long-term collaboration through the JIT. This involved the use of wiretaps, intensive video surveillance, the monitoring of suspects and the analysis of encrypted chats. These chats were decrypted following intensive cooperation through Eurojust.
Since 2020, Eurojust has supported the authorities in Italy and Albania with the JIT. Furthermore, the Agency provided assistance with the execution of requests for Mutual Legal Assistance during the action day and gave cross-border judicial support. Albania is one of the twelve countries outside the European Union with a Liaison Prosecutor at Eurojust. The investigations were also coordinated and supported by the office of the dedicated security expert at the Italian Embassy in Tirana.
The judicial cooperation between Italy and Albania has already proven effective in recent years. Between 2018 and 2021, the Anti-Mafia Investigation Directorate of Bari issued and executed 118 arrest warrants against alleged drug traffickers operating in both countries. As a result, various defendants were sentenced up to 20 years imprisonment.
This week’s operation was carried out at the request of and by the following authorities:
Italy: Public Prosecutor’s Office Bari – District Anti-Mafia Directorate; Anti-Mafia Investigation Directorate Bari, under the coordination of the National Anti-Mafia and Anti-Terrorism Directorate Rome, with support of the Office of the Security Expert at the Italian Embassy in Tirana
Albania: Special Anti-Corruption and Organised Crime Prosecutor’s Office (SPAK) of Tirana; Albanian Police
A “health financing emergency” must drive country-led, data-driven solutions
Ministers from multiple countries hit by the abrupt cuts in external funding for health agreed on the urgent need for country-owned and implemented strategies – and a laser-sharp focus on health data – at a ministerial dialogue co-hosted by WHO and the Susan Thompson Buffett Foundation at the Seventy-eighth World Health Assembly.
Opening remarks by Professor Senait Fisseha, Vice President of Global Programs at the Susan Thompson Buffett Foundation, and Dr Tedros Adhanom Ghebreyesus, WHO Director-General, set the tone by noting that the crisis presents an opportunity for a turnaround in how health financing policies and health data systems are built and operated.
Specifically, this is a time for countries to reduce their reliance on external health information systems and external financing; build out their domestic data infrastructure, from vital statistics to downstream impact and return-on-investment; and establish resilient systems designed to withstand shocks, so that access to essential services is protected.
Professor Fisseha called on countries “to use this moment to rethink data and financing in a way that best meets your needs and the needs of your people […] For countries to truly lead and for funders and development partners to start to learn how to follow. Data and financing are a natural place to start because that is where ministers are telling us to start.”
Dr Tedros said, “From expanding domestic financing to pioneering real-time data systems, many of you are advancing solutions that are scalable, sustainable and rooted in equity. Data and sustainable financing are not just technical matters. They are political choices. They shape who is reached, how quickly, and with what quality of care. And they determine whether we progress or fall behind.”
Ministers from Barbados, Central African Republic, Egypt, Liberia, Malawi, Rwanda and Sierra Leone, and representatives from the African Union and the World Bank, among others, shared experiences and advice on concrete actions to strengthen data systems, health financing and planning – urging intensified collaboration in the future. They also spoke of the need to leverage the digital transformation and thereby increase transparency and accountability.
Also discussed: strategies to improve domestic financing capacity while maximizing impact include: strengthening tax administration; exploring revenue sources such as taxes on such items as food, alcohol and tobacco; setting up population-wide mandatory health coverage schemes, coupled with subsidies for low-income households and vulnerable population groups; promoting strategic purchasing of health supplies; prioritizing health in public spending; and integrating externally-funded programmes into domestic financing systems and priorities.
Later this week the Assembly will take up the proposed WHA Health Financing Resolution.
Report on the health conditions in the occupied Palestinian territory, including east Jerusalem, and in the occupied Syrian Golan
On 21 May 2025, the Seventy-eighth World Health Assembly noted a report from the Director-General, outlining WHO’s humanitarian and emergency health response in the occupied Palestinian territory, including east Jerusalem, and in the occupied Syrian Golan, from January 2024 to February 2025.
A report on the health conditions in the occupied Syrian Golan couldn’t be provided this year again due to the ongoing situation and the lack of disaggregated health data on the Syrian population. Member States were invited to provide guidance on how to support WHO and partners to restore essential health services across Syria and enable a WHO field-assessment mission to the occupied Syrian Golan.
Member States expressed grave concerns over the deterioration of the health system in Gaza, including forced displacement, overcrowding and deteriorating sanitation, and attacks on health, stressing the need for concerted action to address the dire health needs.
A number of Member States presented draft decisions asking the Director-General to continue reporting on the health conditions in the occupied Palestinian territory, including east Jerusalem, and in the occupied Syrian Golan, and more specifically on food insecurity and malnutrition in the Gaza Strip, and to continue supporting the Palestinian and Syrian health systems. The decision was adopted.
Related documents
A78/16: Health conditions in the occupied Palestinian territory, including east Jerusalem, and in the occupied Syrian Golan
A78/B/CONF./1: Health conditions in the occupied Palestinian territory, including east Jerusalem, and in the occupied Syrian Golan
A78/B/CONF./1 Add.1: Financial and administrative implications for the Secretariat of decisions proposed for adoption by the Health Assembly
Source: United States Bureau of Alcohol Tobacco Firearms and Explosives (ATF)
CHARLOTTE, N.C. – A man who used a privately made and unregistered firearm, commonly known as a “ghost gun,” to carjack a vehicle on a college campus was sentenced yesterday to seven years in prison for a firearms offense, announced Russ Ferguson, U.S. Attorney for the Western District of North Carolina. Mark Jordan Williams, 37, was also ordered to serve three years of supervised release following the completion of his prison term.
Alicia Jones, Special Agent in Charge of the U.S. Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF), Charlotte Field Division, joins U.S. Attorney Ferguson in making today’s announcement.
According to court documents and court proceedings, on March 23, 2023, an individual identified as L.C. was sitting in a Jeep Wrangler, parked on the campus of the University of North Carolina-Charlotte. Court records show that Williams approached the vehicle, pointed a handgun at L.C. and ordered L.C. out of the car. Williams then took L.C.’s phone, got into the Jeep, and drove away. Williams was located and arrested later that evening while inside the Jeep. When Williams was arrested, a .40 caliber Polymer 80 handgun was recovered from inside the vehicle as well. During the investigation, law enforcement determined that Williams has multiple prior criminal convictions and he prohibited from possessing a firearm.
On January 9, 2025, Williams pleaded guilty to possession and brandishing of a firearm in furtherance of a crime of violence. He is in federal custody and will be transferred to the custody of the Federal Bureau of Prisons upon designation of a federal facility.
The ATF investigated the case and the U.S. Attorney’s Office in Charlotte handled the prosecution.
News In Brief – Source: US Computer Emergency Readiness Team
Executive Summary
This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (85th GTsSS), military unit 26165—tracked in the cybersecurity community under several names (see “Cybersecurity Industry Tracking”). The actors’ cyber espionage-oriented campaign, targeting technology companies and logistics entities, uses a mix of previously disclosed tactics, techniques, and procedures (TTPs). The authoring agencies expect similar targeting and TTP use to continue.
Executives and network defenders at logistics entities and technology companies should recognize the elevated threat of unit 26165 targeting, increase monitoring and threat hunting for known TTPs and indicators of compromise (IOCs), and posture network defenses with a presumption of targeting.
This cyber espionage-oriented campaign targeting logistics entities and technology companies uses a mix of previously disclosed TTPs and is likely connected to these actors’ wide scale targeting of IP cameras in Ukraine and bordering NATO nations.
The following authors and co-sealers are releasing this CSA:
United States National Security Agency (NSA)
United States Federal Bureau of Investigation (FBI)
United Kingdom National Cyber Security Centre (NCSC-UK)
Germany Federal Intelligence Service (BND) Bundesnachrichtendienst
Germany Federal Office for Information Security (BSI) Bundesamt für Sicherheit in der Informationstechnik
Germany Federal Office for the Protection of the Constitution (BfV) Bundesamt für Verfassungsschutz
Czech Republic Military Intelligence (VZ) Vojenské zpravodajství
Czech Republic National Cyber and Information Security Agency (NÚKIB) Národní úřad pro kybernetickou a informační bezpečnost
Czech Republic Security Information Service (BIS) Bezpečnostní informační služba
Poland Internal Security Agency (ABW) Agencja Bezpieczeństwa Wewnętrznego
Poland Military Counterintelligence Service (SKW) Służba Kontrwywiadu Wojskowego
United States Cybersecurity and Infrastructure Security Agency (CISA)
United States Department of Defense Cyber Crime Center (DC3)
United States Cyber Command (USCYBERCOM)
Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC)
Canadian Centre for Cyber Security (CCCS)
Danish Defence Intelligence Service (DDIS) Forsvarets Efterretningstjeneste
Estonian Foreign Intelligence Service (EFIS) Välisluureamet
Estonian National Cyber Security Centre (NCSC-EE) Küberturvalisuse keskus
French Cybersecurity Agency (ANSSI) Agence nationale de la sécurité des systèmes d’information
Netherlands Defence Intelligence and Security Service (MIVD) Militaire Inlichtingen- en Veiligheidsdienst
Download the PDF version of this report:
Russian GRU Targeting Western Logistics Entities and Technology Companies (PDF, 1,081KB)
For a downloadable list of IOCs, visit:
Introduction
For over two years, the Russian GRU 85th GTsSS, military unit 26165—commonly known in the cybersecurity community as APT28, Fancy Bear, Forest Blizzard, BlueDelta, and a variety of other identifiers—has conducted this campaign using a mix of known tactics, techniques, and procedures (TTPs), including reconstituted password spraying capabilities, spearphishing, and modification of Microsoft Exchange mailbox permissions. In late February 2022, multiple Russian state-sponsored cyber actors increased the variety of cyber operations for purposes of espionage, destruction, and influence—with unit 26165 predominately involved in espionage. [1] As Russian military forces failed to meet their military objectives and Western countries provided aid to support Ukraine’s territorial defense, unit 26165 expanded its targeting of logistics entities and technology companies involved in the delivery of aid. These actors have also targeted Internet-connected cameras at Ukrainian border crossings to monitor and track aid shipments. Note: This advisory uses the MITRE ATT&CK® for Enterprise framework, version 17. See Appendix A: MITRE ATT&CK tactics and techniques for a table of the threat actors’ activity mapped to MITRE ATT&CK tactics and techniques. This advisory uses the MITRE D3FEND® framework, version 1.0.
Description of Targets
The GRU unit 26165 cyber campaign against Western logistics providers and technology companies has targeted dozens of entities, including government organizations and private/commercial entities across virtually all transportation modes: air, sea, and rail. These actors have targeted entities associated with the following verticals within NATO member states, Ukraine, and at international organizations:
Defense Industry
Transportation and Transportation Hubs (ports, airports, etc.)
Maritime
Air Traffic Management
IT Services
In the course of the targeting lifecycle, unit 26165 actors identified and conducted follow-on targeting of additional entities in the transportation sector that had business ties to the primary target, exploiting trust relationships to attempt to gain additional access [T1199].
The actors also conducted reconnaissance on at least one entity involved in the production of industrial control system (ICS) components for railway management, though a successful compromise was not confirmed [TA0043].
The countries with targeted entities include the following, as illustrated in Figure 1:
Bulgaria
Czech Republic
France
Germany
Greece
Italy
Moldova
Netherlands
Poland
Romania
Slovakia
Ukraine
United States
Figure 1: Countries with Targeted Entities
Initial Access TTPs
To gain initial access to targeted entities, unit 26165 actors used several techniques to gain initial access to targeted entities, including (but not limited to):
The actors abused vulnerabilities associated with a range of brands and models of small office/home office (SOHO) devices to facilitate covert cyber operations, as well as proxy malicious activity via devices with geolocation in proximity to the target [T1665]. [2]
Credential Guessing/Brute Force
Unit 26165 actors’ credential guessing [T1110.001] operations in this campaign exhibit some similar characteristics to those disclosed in the previous CSA “Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments.” [3] Based on victim network investigations, the current iteration of this TTP employs a similar blend of anonymization infrastructure, including the use of Tor and commercial VPNs [T1090.003]. The actors frequently rotated the IP addresses used to further hamper detection. All observed connections were made via encrypted TLS [T1573].
Spearphishing
GRU unit 26165 actors’ spearphishing emails included links [T1566.002] leading to fake login pages impersonating a variety of government entities and Western cloud email providers’ webpages. These webpages were typically hosted on free third-party services or compromised SOHO devices and often used legitimate documents associated with thematically similar entities as lures. The subjects of spearphishing emails were diverse and ranged from professional topics to adult themes. Phishing emails were frequently sent via compromised accounts or free webmail accounts [T1586.002, T1586.003]. The emails were typically written in the target’s native language and sent to a single targeted recipient.
Some campaigns employed multi-stage redirectors [T1104] verifying IP-geolocation [T1627.001] and browser fingerprints [T1627] to protect credential harvesting infrastructure or provide multifactor authentication (MFA) [T1111] and CAPTCHA relaying capabilities [T1056]. Connecting endpoints failing the location checks were redirected to a benign URL [T1627], such as msn.com. Redirector services used include:
Webhook[.]site
FrgeIO
InfinityFree
Dynu
Mocky
Pipedream
Mockbin[.]org
The actors also used spearphishing to deliver malware (including HEADLACE and MASEPIE) executables [T1204.002] delivered via third-party services and redirectors [T1566.002], scripts in a mix of languages [T1059] (including BAT [T1059.003] and VBScript [T1059.005]) and links to hosted shortcuts [T1204.001].
CVE Usage
Throughout this campaign, GRU unit 26165 weaponized an Outlook NTLM vulnerability (CVE-2023-23397) to collect NTLM hashes and credentials via specially crafted Outlook calendar appointment invitations [T1187]. [4],[5] These actors also used a series of Roundcube CVEs (CVE-2020-12641, CVE-2020-35730, and CVE-2021-44026) to execute arbitrary shell commands [T1059], gain access to victim email accounts, and retrieve sensitive data from email servers [T1114].
Since at least fall 2023, the actors leveraged a WinRAR vulnerability (CVE-2023-38831) allowing for the execution of arbitrary code embedded in an archive as a means of initial access [T1659]. The actors sent emails with malicious attachments [T1566.001] or embedded hyperlinks [T1566.002] that downloaded a malicious archive prepared using this CVE.
Post-Compromise TTPs
After an initial compromise using one of the above techniques, unit 26165 actors conducted contact information reconnaissance to identify additional targets in key positions [T1589.002]. The actors also conducted reconnaissance of the cybersecurity department [T1591], individuals responsible for coordinating transport [T1591.004], and other companies cooperating with the victim entity [T1591.002].
The actors used native commands and open source tools, such as Impacket and PsExec, to move laterally within the environment [TA0008]. Multiple Impacket scripts were used as .exe files, in addition to the python versions, depending on the victim environment. The actors also moved laterally within the network using Remote Desktop Protocol (RDP) [T1021.001] to access additional hosts and attempt to dump Active Directory NTDS.dit domain databases [T1003.003] using native Active Directory Domain Services commands, such as in Figure 2: Example Active Directory Domain Services command:
C:Windowssystem32ntdsutil.exe "activate instance ntds" ifm "create full C:temp[a-z]{3}" quit quit
Figure 2: Example Active Directory Domain Services command
Additionally, GRU unit 26165 actors used the tools Certipy and ADExplorer.exe to exfiltrate information from the Active Directory. The actors installed python [T1059.006] on infected machines to enable the execution of Certipy. Accessed files were archived in .zip files prior to exfiltration [T1560]. The actors attempted to exfiltrate archived data via a previously dropped OpenSSH binary [T1048].
Incident response investigations revealed that the actors would take steps to locate and exfiltrate lists of Office 365 users and set up sustained email collection. The actors used manipulation of mailbox permissions [T1098.002] to establish sustained email collection at compromised logistics entities, as detailed in a Polish Cybercommand blog. [6]
After initial authentication, unit 26165 actors would change accounts’ folder permissions and enroll compromised accounts in MFA mechanisms to increase the trust-level of compromised accounts and enable sustained access [T1556.006]. The actors leveraged python scripts to retrieve plaintext passwords via Group Policy Preferences [T1552.006] using Get-GPPPassword.py and a modified ldap-dump.py to enumerate the Windows environment [T1087.002] and conduct a brute force password spray [T1110.003] via Lightweight Directory Access Protocol (LDAP). The actors would additionally delete event logs through the wevtutil utility [T1070.001].
After gaining initial access to the network, the actors pursued further access to accounts with access to sensitive information on shipments, such as train schedules and shipping manifests. These accounts contained information on aid shipments to Ukraine, including:
sender,
recipient,
train/plane/ship numbers,
point of departure,
destination,
container registration numbers,
travel route, and
cargo contents.
In at least one instance, the actors attempted to use voice phishing [T1566.004] to gain access to privileged accounts by impersonating IT staff.
Malware
Unit 26165’s use of malware in this campaign ranged from gaining initial access to establishing persistence and exfiltrating data. In some cases, the attack chain resulted in multiple pieces of malware being deployed in succession. The actors used dynamic link library (DLL) search order hijacking [T1574.001] to facilitate malware execution. There were a number of known malware variants tied to this campaign against logistics sector victims, including:
HEADLACE [7]
MASEPIE [8]
While other malware variants, such as OCEANMAP and STEELHOOK, [8] were not directly observed targeting logistics or IT entities, their deployment against victims in other sectors in Ukraine and other Western countries suggest that they could be deployed against logistics and IT entities should the need arise.
Persistence
In addition to the abovementioned mailbox permissions abuse, unit 26165 actors also used scheduled tasks [T1053.005], run keys [T1547.001], and placed malicious shortcuts [T1547.009] in the startup folder to establish persistence.
Exfiltration
GRU unit 26165 actors used a variety of methods for data exfiltration that varied based on the victim environment, including both malware and living off the land binaries. PowerShell commands [T1059.001] were often used to prepare data for exfiltration; for example, the actors prepared zip archives [T1560.001] for upload to their own infrastructure.
The actors also used server data exchange protocols and Application Programming Interfaces (APIs) such as Exchange Web Services (EWS) and Internet Message Access Protocol (IMAP) [T1114.002] to exfiltrate data from email servers. In multiple instances, the actors used periodic EWS queries [T1119] to collect new emails sent and received since the last data exfiltration [T1029]. The actors typically used infrastructure in close geographic proximity to the victim. Long gaps between exfiltration, the use of trusted and legitimate protocols, and the use of local infrastructure allowed for long-term collection of sensitive data to go undetected.
Connections to Targeting of IP Cameras
In addition to targeting logistics entities, unit 26165 actors likely used access to private cameras at key locations, such as near border crossings, military installations, and rail stations, to track the movement of materials into Ukraine. The actors also used legitimate municipal services, such as traffic cams.
The actors targeted Real Time Streaming Protocol (RTSP) servers hosting IP cameras primarily located in Ukraine as early as March 2022 in a large-scale campaign, which included attempts to enumerate devices [T1592] and gain access to the cameras’ feeds [T1125]. Actor-controlled servers sent RTSP DESCRIBE requests destined for RTSP servers, primarily hosting IP cameras [T1090.002]. The DESCRIBE requests were crafted to obtain access to IP cameras located on logically distinct networks from that of the routers that received the request. The requests included Base64-encoded credentials for the RTSP server, which included publicly documented default credentials and likely generic attempts to brute force access to the devices [T1110]. An example of an RTSP request is shown in Figure 3.
Successful RTSP 200 OK responses contained a snapshot of the IP camera’s image and IP camera metadata such as video codec, resolution, and other properties depending on the IP camera’s configuration.
From a sample available to the authoring agencies of over 10,000 cameras targeted via this effort, the geographic distribution of victims showed a strong focus on cameras in Ukraine and border countries, as shown in Table 1:
Table 1: Geographic distribution of targeted IP cameras
Country
Percentage of Total Attempts
Ukraine
81.0%
Romania
9.9%
Poland
4.0%
Hungary
2.8%
Slovakia
1.7%
Others
0.6%
Mitigation Actions
General Security Mitigations
Architecture and Configuration
Employ appropriate network segmentation [D3-NI] and restrictions to limit access and utilize additional attributes (such as device information, environment, and access path) when making access decisions [D3-AMED].
Consider Zero Trust principles when designing systems. Base product choices on how those products can solve specific risks identified as part of the end-to-end design. [9]
Ensure that host firewalls and network security appliances (e.g., firewalls) are configured to only allow legitimately needed data flows between devices and servers to prevent lateral movement [D3-ITF]. Alert on attempts to connect laterally between host devices or other unusual data flows.
Use automated tools to audit access logs for security concerns and identify anomalous access requests [D3-RAPA].
For organizations using on-premises authentication and email services, block and alert on NTLM/SMB requests to external infrastructure [D3-OTF].
Utilize endpoint, detection, and response (EDR) and other cybersecurity solutions on all systems, prioritizing high value systems with large amounts of sensitive data such as mail servers and domain controllers [D3-PM] first.
Perform threat and attack modeling to understand how sensitive systems may be compromised within an organization’s specific architecture and security controls. Use this to develop a monitoring strategy to detect compromise attempts and select appropriate products to enact this strategy.
Collect and monitor Windows logs for certain events, especially for events that indicate that a log was cleared unexpectedly [D3-SFA].
Enable optional security features in Windows to harden endpoints and mitigate initial access techniques [D3-AH]:
Enable attack surface reduction rules to prevent executable content from email [D3-ABPI].
Enable attack surface reduction rules to prevent execution of files from globally writeable directories, such as Downloads or %APPDATA% [D3-EAL].
Unless users are involved in the development of scripts, limit the local execution of scripts (such as batch scripts, VBScript, JScript/JavaScript, and PowerShell [10]) to known scripts [D3-EI], and audit execution attempts.
Disable Windows Host Scripting functionality and configure PowerShell to run in Constrained mode [D3-ACH].
Where feasible, implement allowlisting for applications and scripts to limit execution to only those needed for authorized activities, blocking all others by default [D3-EAL].
Consider using open source SIGMA rules as a baseline for detecting and alerting on suspicious file execution or command parameters [D3-PSA].
Use services that provide enhanced browsing services and safe link checking [D3-URA]. Significant reductions in successful spearphishing attempts were noted when email providers began offering link checking and automatic file detonation to block malicious content.
Where possible, block logins from public VPNs, including exit nodes in the same country as target systems, or, if they need to be allowed, alert on them for further investigation. Most organizations should not need to allow incoming traffic, especially logins to systems, from VPN services [D3-NAM].
Educate users to only use approved corporate systems for relevant government and military business and avoid the use of personal accounts on cloud email providers to conduct official business. Network administrators should also audit both email and web request logs to detect such activity.
Many organizations may not need to allow outgoing traffic to hosting and API mocking services, which are frequently used by GRU unit 26165. Organizations should consider alerting on or blocking the following services, with exceptions allowlisted for legitimate activity [D3-DNSDL].
*.000[.]pe
*.1cooldns[.]com
*.42web[.]io
*.4cloud[.]click
*.accesscan[.]org
*.bumbleshrimp[.]com
*.camdvr[.]org
*.casacam[.]net
*.ddnsfree[.]com
*.ddnsgeek[.]com
*.ddnsguru[.]com
*.dynuddns[.]com
*.dynuddns[.]net
*.free[.]nf
*.freeddns[.]org
*.frge[.]io
*.glize[.]com
*.great-site[.]net
*.infinityfreeapp[.]com
*.kesug[.]com
*.loseyourip[.]com
*.lovestoblog[.]com
*.mockbin[.]io
*.mockbin[.]org
*.mocky[.]io
*.mybiolink[.]io
*.mysynology[.]net
*.mywire[.]org
*.ngrok[.]io
*.ooguy[.]com
*.pipedream[.]net
*.rf[.]gd
*.urlbae[.]com
*.webhook[.]site
*.webhookapp[.]com
*.webredirect[.]org
*.wuaze[.]com
Heuristic detections for web requests to new subdomains, including of the above providers, may uncover malicious phishing activity [D3-DNRA]. Logging the requests for each sub-domain requested by users on a network, such as in DNS or firewall logs, may enable system administrators to identify new targeting and victims.
Identity and Access Management
Organizations should take measures to ensure strong access controls and mitigate against common credential theft techniques:
Use MFA with strong factors, such as passkeys or PKI smartcards, and require regular re-authentication [D3-MFA]. [11], [12] Strong authentication factors are not guessable using dictionary techniques, so they resist brute force attempts.
Implement other mitigations for privileged accounts: including limiting the number of admin accounts, considering using hardware MFA tokens, and regularly reviewing all privileged user accounts [D3-JFAPA].
Separate privileged accounts by role and alert on misuse of privileged accounts [D3-UAP]. For example, email administrator accounts should be different from domain administrator accounts.
Reduce reliance on passwords; instead, consider using services like single sign-on [D3-TBA].
For organizations using on-premises authentication and email services, plan to disable NTLM entirely and migrate to more robust authentication processes such as PKI certificate authentication.
Do not store passwords in Group Policy Preferences (GPP). Remove all passwords previously included in GPP and change all passwords on the corresponding accounts [D3-CH]. [13]
Use account throttling or account lockout [D3-ANET]:
Throttling is preferred to lockout. Throttling progressively increases time delay between successive login attempts.
Account lockout can leave legitimate users unable to access their accounts and requires access to an account recovery process.
Account lockout can provide a malicious actor with an easy way to launch a Denial of Service (DoS).
If using lockout, then allowing 5 to 10 attempts before lockout is recommended.
Use a service to check for compromised passwords before using them [D3-SPP]. For example, “Have I Been Pwned” can be used to check whether a password has been previously compromised without disclosing the potential password.
Change all default credentials [D3-CRO] and disable protocols that use weak authentication (e.g., clear-text passwords or outdated and vulnerable authentication or encryption protocols) or do not support multi-factor authentication [D3-ACH] [D3-ET]. Always configure access controls carefully to ensure that only well-maintained and well-authenticated accounts have access. [13]
IP Camera Mitigations
The following mitigation techniques for IP cameras can be used to defend against this type of malicious activity:
Ensure IP cameras are currently supported. Replace devices that are out of support.
Apply security patches and firmware updates to all IP cameras [D3-SU].
Disable remote access to the IP camera, if unnecessary [D3-ITF].
Ensure cameras are protected by a security appliance, if possible, such as by using a firewall to prevent communication with the camera from IP addresses not on an allowlist [D3-NAM].
If remote access to IP camera feeds is required, ensure authentication is enabled [D3-AA] and use a VPN to connect remotely [D3-ET]. Use MFA for management accounts if supported [D3-MFA].
Disable Universal Plug and Play (UPnP), Peer-to-Peer (P2P), and Anonymous Visit features on IP cameras and routers [D3-NI].
Turn off other ports/services not in use (e.g., FTP, web interface, etc.) [D3-ACH].
If supported, enable authenticated RTSP access only [D3-AA].
Review all authentication activity for remote access to make sure it is valid and expected [D3-UBA]. Investigate any unexpected or unusual activity.
Audit IP camera user accounts to ensure they are an accurate reflection of your organization and that they are being used as expected [D3-UAP].
Configure, tune, and monitor logging—if available—on the IP camera.
Indicators of Compromise (IOCs)
Note: Specific IoCs may no longer be actor controlled, may themselves be compromised infrastructure or email accounts, or may be shared infrastructure such as public VPN or Tor exit nodes. Care should be taken when basing triaging logs or developing detection rules on these indicators. GRU unit 26165 almost certainly uses extensive further infrastructure and TTPs not specifically listed in this report.
Utilities and scripts
Legitimate utilities
Unauthorized or unusual use of the following legitimate utilities can be an indication of a potential compromise:
ntdsutil – A legitimate Windows executable used by threat actors to export contents of Active Directory
wevtutil – A legitimate Windows executable used by threat actors to delete event logs
vssadmin – A legitimate Windows executable possibly used by threat actors to make a copy of the server’s C: drive
ADexplorer – A legitimate window executable to view, edit, and backup Active Directory Certificate Services
OpenSSH – The Windows version of a legitimate open source SSH client
schtasks – A legitimate Windows executable used to create persistence using scheduled tasks
whoami – A legitimate Windows executable used to retrieve the name of the current user
tasklist – A legitimate Windows executable used to retrieve the list of running processes
hostname – A legitimate Windows executable used to retrieve the device name
arp – A legitimate Windows executable used to retrieve the ARP table for mapping the network environment
systeminfo – A legitimate Windows executable used to retrieve a comprehensive summary of device and operating system information
net – A legitimate Windows executable used to retrieve detailed user information
wmic – A legitimate Windows executable used to interact with Windows Management Instrumentation (WMI), such as to retrieve letters assigned to logical partitions on storage drives
cacls – A legitimate Windows executable used to modify permissions on files
icacls – A legitimate Windows executable used to modify permissions to files and handle integrity levels and ownership
ssh – A legitimate Windows executable used to establish network shell connections
reg – A legitimate Windows executable used to add to or modify the system registry
Note: Additional heuristics are needed for effective hunting for these and other living off the land (LOTL) binaries to avoid being overwhelmed by false positives if these legitimate management tools are used regularly. See the joint guide, Identifying and Mitigating Living Off the Land Techniques, for guidance on developing a multifaceted cybersecurity strategy that enables behavior analytics, anomaly detection, and proactive hunting, which are part of a comprehensive approach to mitigating cyber threats that employ LOTL techniques.
Malicious scripts
Certipy – An open source python tool for enumerating and abusing Active Directory Certificate Services
Get-GPPPassword.py – An open source python script for finding insecure passwords stored in Group Policy Preferences
ldap-dump.py – A script for enumerating user accounts and other information in Active Directory
Hikvision backdoor string: “YWRtaW46MTEK”
Suspicious command lines
While the following utilities are legitimate, and using them with the command lines shown may also be legitimate, these command lines are often used during malicious activities and could be an indication of a compromise:
edge.exe “-headless-new -disable-gpu”
ntdsutil.exe “activate instance ntds” ifm “create full C:temp[a-z]{3}” quit quit
Disclaimer: These IP addresses date June 2024 through August 2024. The authoring agencies recommend organizations investigate or vet these IP addresses prior to taking action, such as blocking.
June 2024
July 2024
August 2024
192[.]162[.]174[.]94
207[.]244[.]71[.]84
31[.]135[.]199[.]145
79[.]184[.]25[.]198
91[.]149[.]253[.]204
103[.]97[.]203[.]29
162[.]210[.]194[.]2
31[.]42[.]4[.]138
79[.]185[.]5[.]142
91[.]149[.]254[.]75
209[.]14[.]71[.]127
46[.]112[.]70[.]252
83[.]10[.]46[.]174
91[.]149[.]255[.]122
109[.]95[.]151[.]207
46[.]248[.]185[.]236
83[.]168[.]66[.]145
91[.]149[.]255[.]19
64[.]176[.]67[.]117
83[.]168[.]78[.]27
91[.]149[.]255[.]195
64[.]176[.]69[.]196
83[.]168[.]78[.]31
91[.]221[.]88[.]76
64[.]176[.]70[.]18
83[.]168[.]78[.]55
93[.]105[.]185[.]139
64[.]176[.]70[.]238
83[.]23[.]130[.]49
95[.]215[.]76[.]209
64[.]176[.]71[.]201
83[.]29[.]138[.]115
138[.]199[.]59[.]43
70[.]34[.]242[.]220
89[.]64[.]70[.]69
147[.]135[.]209[.]245
70[.]34[.]243[.]226
90[.]156[.]4[.]204
178[.]235[.]191[.]182
70[.]34[.]244[.]100
91[.]149[.]202[.]215
178[.]37[.]97[.]243
70[.]34[.]245[.]215
91[.]149[.]203[.]73
185[.]234[.]235[.]69
70[.]34[.]252[.]168
91[.]149[.]219[.]158
192[.]162[.]174[.]67
70[.]34[.]252[.]186
91[.]149[.]219[.]23
194[.]187[.]180[.]20
70[.]34[.]252[.]222
91[.]149[.]223[.]130
212[.]127[.]78[.]170
70[.]34[.]253[.]13
91[.]149[.]253[.]118
213[.]134[.]184[.]167
70[.]34[.]253[.]247
91[.]149[.]253[.]198
70[.]34[.]254[.]245
91[.]149[.]253[.]20
Detections
Customized NTLM listener
rule APT28_NTLM_LISTENER {
meta:
description = "Detects NTLM listeners including APT28's custom one"
( any of ($sysinternals_*) and any of ($psexec_*) )
or
( 2 of ($network_*) and 2 of ($psexec_*))
)
}
The cybersecurity industry provides overlapping cyber threat intelligence, IOCs, and mitigation recommendations related to GRU unit 26165 cyber actors. While not all encompassing, the following are the most notable threat group names related under MITRE ATT&CK G0007 and commonly used within the cybersecurity community:
APT28 [14]
Fancy Bear [14]
Forest Blizzard [14]
Blue Delta [15]
Note: Cybersecurity companies have different methods of tracking and attributing cyber actors, and this may not be a 1:1 correlation to the U.S. government’s understanding for all activity related to these groupings.
Further Reference
To search for the presence of malicious email messages targeting CVE-2023-23397, network defenders may consider using the script published by Microsoft: https://aka.ms/CVE-2023-23397ScriptDoc.
For the Impacket TTP, network defenders may consider using the following publicly available Impacket YARA detection rule: https://github.com/Neo23x0/signature-base/blob/master/yara/gen_impacket_tools.yar
Works Cited
[1] Microsoft. Defending Ukraine: Early Lessons from the Cyber War. 2022. https://blogs.microsoft.com/on-the-issues/2022/06/22/defending-ukraine-early-lessons-from-the-cyber-war/ [2] FBI et al. Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations. 2024. https://media.defense.gov/2024/Feb/27/2003400753/-1/-1/0/CSA-Russian-Actors-Use-Routers-Facilitate-Cyber_Operations.PDF [3] NSA et al. Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments. 2021. https://media.defense.gov/2021/Jul/01/2002753896/-1/-1/0/CSA_GRU_GLOBAL_BRUTE_FORCE_CAMPAIGN_UOO158036-21.PDF [4] ANSSI. Campagnes d'attaques du mode opératoire APT28 depuis 2021. 2023. https://cert.ssi.gouv.fr/cti/CERTFR-2023-CTI-009/ [5] ANSSI. Targeting and compromise of french entities using the APT28 intrusion set. 2025. https://cert.ssi.gouv.fr/cti/CERTFR-2025-CTI-007/ [6] Polish Cyber Command. Detecting Malicious Activity Against Microsoft Exchange Servers. 2023. https://www.wojsko-polskie.pl/woc/articles/aktualnosci-w/detecting-malicious-activity-against-microsoft-exchange-servers/ [7] IBM. Israel-Hamas Conflict Lures to Deliver Headlace Malware. 2023. https://securityintelligence.com/x-force/itg05-ops-leverage-israel-hamas-conflict-lures-to-deliver-headlace-malware/ [8] CERT-UA. APT28: From Initial Attack to Creating Domain Controller Threats in an Hour. 2023. https://cert.gov.ua/article/6276894 [9] NSA. Embracing a Zero Trust Security Model. 2021. https://media.defense.gov/2021/Feb/25/2002588479/-1/-1/0/CSI_EMBRACING_ZT_SECURITY_MODEL_UOO115131-21.PDF [10] NSA et al. Keeping PowerShell: Security Measures to Use and Embrace. 2022. https://media.defense.gov/2022/Jun/22/2003021689/-1/-1/0/CSI_KEEPING_POWERSHELL_SECURITY_MEASURES_TO_USE_AND_EMBRACE_20220622.PDF [11] National Institute of Standards and Technology (NIST). Special Publication 800-63B: Digital Identity Guidelines – Authentication and Lifecycle Management. 2020. https://pages.nist.gov/800-63-3/sp800-63b.html [12] NSA. Selecting Secure Multi-factor Authentication Solutions. October 16, 2020. https://media.defense.gov/2024/Jul/31/2003515137/-1/-1/0/MULTIFACTOR_AUTHENTICATION_SOLUTIONS_UOO17091520.PDF [13] NSA and CSA. NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations. 2023. https://media.defense.gov/2023/Oct/05/2003314578/-1/-1/0/JOINT_CSA_TOP_TEN_MISCONFIGURATIONS_TLP-CLEAR.PDF
[14] Department of Justice. Justice Department Conducts Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate of the General Staff (GRU). 2024. https://www.justice.gov/archives/opa/pr/justice-department-conducts-court-authorized-disruption-botnet-controlled-russian [15] Recorded Future. GRU’s BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns. 2024. https://go.recordedfuture.com/hubfs/reports/CTA-RU-2024-0530.pdf
Disclaimer of endorsement
The information and opinions contained in this document are provided "as is" and without any warranties or guarantees. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favoring by the United States Government, and this guidance shall not be used for advertising or product endorsement purposes.
Purpose
This document was developed in furtherance of the authoring agencies’ cybersecurity missions, including their responsibilities to identify and disseminate threats and to develop and issue cybersecurity specifications and mitigations. This information may be shared broadly to reach all appropriate stakeholders.
Contact
United States organizations
National Security Agency (NSA)
Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI)
U.S. organizations are encouraged to reporting suspicious or criminal activity related to information in this advisory to CISA via the agency’s Incident Reporting System, its 24/7 Operations Center (report@cisa.gov or 888-282-0870), or your local FBI field office. When available, please include the following information regarding the incident: date, time, and location of the incident; type of activity; number of people affected; type of equipment user for the activity; the name of the submitting company or organization; and a designated point of contact.
Department of Defense Cyber Crime Center (DC3)
United Kingdom organizations
Germany organizations
Czech Republic organizations
Poland organizations
Australian organizations
Visit cyber.gov.au or call 1300 292 371 (1300 CYBER 1) to report cybersecurity incidents and access alerts and advisories.
Canadian organizations
Estonia organizations
French organizations
French organizations are encouraged to report suspicious activity or incident related to information found in this advisory by contacting ANSSI/CERT-FR by email at cert-fr@ssi.gouv.fr or by phone at: 3218 or +33 9 70 83 32 18.
See Table 2 through Table 14 for all the threat actor tactics and techniques referenced in this advisory.
Table 2: Reconnaissance
Tactic/Technique Title
ID
Use
Reconnaissance
TA0043
Conducted reconnaissance on at least one entity involved in the production of ICS components for railway management.
Conducted contact information reconnaissance to identify additional targets in key positions.
Gather Victim Org Information
T1591
Conducted reconnaissance of the cybersecurity department.
Gather Victim Org Information: Identify Roles
T1591.004
Conducted reconnaissance of individuals responsible for coordinating transport.
Gather Victim Org Information: Business Relationships
T1591.002
Conducted reconnaissance of other companies cooperating with the victim entity.
Gather Victim Host Information
T1592
Attempted to enumerate Real Time Streaming Protocol (RTSP) servers hosting IP cameras.
Table 3: Resource development
Tactic/Technique Title
ID
Use
Compromise Accounts: Email Accounts
T1586.002
Sent phishing emails using compromised accounts.
Compromise Accounts: Cloud Accounts
T1586.003
Sent phishing emails using compromised accounts.
Table 4: Initial Access
Tactic/Technique Title
ID
Use
Trusted Relationship
T1199
Conducted follow-on targeting of additional entities in the transportation sector that had business ties to the primary target, exploiting trust relationships to attempt to gain additional access.
Phishing
T1566
Used spearphishing for credentials and delivering malware to gain initial access to targeted entities.
Phishing: Spearphishing Attachment
T1566.001
Sent emails with malicious attachments.
Phishing: Spearphishing Link
T1566.002
Used spearphishing with included links to fake login pages. Sent emails with embedded hyperlinks that downloaded a malicious archive.
Phishing: Spearphishing Voice
T1566.004
Attempted to use voice phishing to gain access to privileged accounts by impersonating IT staff.
External Remote Services
T1133
Exploited Internet-facing infrastructure, including corporate VPNs, to gain initial access to targeted entities.
Exploit Public-Facing Application
T1190
Exploited public vulnerabilities and SQL injection to gain initial access to targeted entities.
Content Injection
T1659
Leveraged a WinRAR vulnerability allowing for the execution of arbitrary code embedded in an archive.
Table 5: Execution
Tactic/Technique Title
ID
Use
User Execution: Malicious Link
T1204.001
Used malicious links to hosted shortcuts in spearphishing.
User Execution: Malicious File
T1204.002
Delivered malware executables via spearphishing.
Scheduled Task/Job: Scheduled Task
T1053.005
Used scheduled tasks to establish persistence.
Command and Scripting Interpreter
T1059
Delivered scripts in spearphishing. Executed arbitrary shell commands.
Command and Scripting Interpreter: PowerShell
T1059.001
PowerShell commands were often used to prepare data for exfiltration.
Command and Scripting Interpreter: Windows Command Shell
T1059.003
Used BAT script in spearphishing.
Command and Scripting Interpreter: Visual Basic
T1059.005
Used VBScript in spearphishing.
Command and Scripting Interpreter: Python
T1059.006
Installed python on infected machines to enable the execution of Certipy.
Enrolled compromised accounts in MFA mechanisms to increase the trust-level of compromised accounts and enable sustained access.
Hijack Execution Flow: DLL Search Order Hijacking
T1574.001
Used DLL search order hijacking to facilitate malware execution.
Boot or Logon Autostart Execution: Registry Run Keys / Startup Folder
T1547.001
Used run keys to establish persistence.
Boot or Logon Autostart Execution: Shortcut Modification
T1547.009
Placed malicious shortcuts in the startup folder to establish persistence.
Table 7: Defense Evasion
Tactic/Technique Title
ID
Use
Indicator Removal: Clear Windows Event Logs
T1070.001
Deleted event logs through the wevtutil utility.
Table 8: Credential access
Tactic/Technique Title
ID
Use
Brute Force
Sent requests with Base64-encoded credentials for the RTSP server, which included publicly documented default credentials, and likely were generic attempts to brute force access to the devices.
Brute Force: Password Guessing
T1110.001
Used credential guessing to gain initial access to targeted entities.
Brute Force: Password Spraying
T1110.003
Used brute force to gain initial access to targeted entities. Conducted a brute force password spray via LDAP.
Multi-Factor Authentication Interception
Used multi-stage redirectors to provide MFA relaying capabilities in some campaigns.
Input Capture
Used multi-stage redirectors to provide CAPTCHA relaying capabilities in some campaigns.
Forced Authentication
Used an Outlook NTLM vulnerability to collect NTLM hashes and credentials via specially crafted Outlook calendar appointment invitations.
OS Credential Dumping: NTDS
T1003.003
Attempted to dump Active Directory NTDS.dit domain databases.
Unsecured Credentials: Group Policy Preferences
T1552.006
Retrieved plaintext passwords via Group Policy Preferences using Get-GPPPassword.py.
Table 9: Discovery
Tactic/Technique Title
ID
Use
Account Discovery: Domain Account
T1087.002
Used a modified ldap-dump.py to enumerate the Windows environment.
Table 10: Command and Control
Tactic/Technique Title
ID
Use
Hide Infrastructure
T1665
Abused SOHO devices to facilitate covert cyber operations, as well as proxy malicious activity, via devices with geolocation in proximity to the target.
Proxy: External Proxy
T1090.002
Actor-controlled servers sent RTSP DESCRIBE requests destined for RTSP servers.
Proxy: Multi-hop Proxy
T1090.003
Used Tor and commercial VPNs as part of their anonymization infrastructure
Encrypted Channel
T1573
Connected to victim infrastructure using encrypted TLS.
Multi-Stage Channels
T1104
Used multi-stage redirectors for campaigns.
Table 11: Defense evasion (mobile framework)
Tactic/Technique Title
ID
Use
Execution Guardrails
Used multi-stage redirectors to verify browser fingerprints in some campaigns.
Execution Guardrails: Geofencing
T1627.001
Used multi-stage redirectors to verify IP-geolocation in some campaigns.
Table 12: Lateral movement
Tactic/Technique Title
ID
Use
Lateral Movement
Used native commands and open source tools, such as Impacket and PsExec, to move laterally within the environment.
Remote Services: Remote Desktop Protocol
T1021.001
Moved laterally within the network using RDP.
Table 13: Collection
Tactic/Technique Title
ID
Use
Email Collection
Retrieved sensitive data from email servers.
Email Collection: Remote Email Collection
T1114.002
Used server data exchange protocols and APIs such as Exchange Web Services (EWS) and IMAP to exfiltrate data from email servers.
Automated Collection
Used periodic EWS queries to collect new emails.
Video Capture
Attempted to gain access to the cameras’ feeds.
Archive Collected Data
Accessed files were archived in .zip files prior to exfiltration.
Archive Collected Data: Archive via Utility
T1560.001
Prepared zip archives for upload to the actors’ infrastructure.
Table 14: Exfiltration
Tactic/Technique Title
ID
Use
Exfiltration Over Alternative Protocol
Attempted to exfiltrate archived data via a previously dropped OpenSSH binary.
Scheduled Transfer
Used periodic EWS queries to collect new emails sent and received since the last data exfiltration.
Appendix B: CVEs exploited
Table 15: Exploited CVE information
CVE
Vendor/Product
Details
CVE-2023-38831
RARLAB WinRAR
Allows execution of arbitrary code when a user attempts to view a benign file within a ZIP archive.
CVE-2023-23397
Microsoft Outlook
External actors could send specially crafted emails that cause a connection from the victim to an untrusted location of the actor’s control, leaking the Net-NTLMv2 hash of the victim that the actor could then relay to another service to authenticate as the victim.
CVE-2021-44026
Roundcube Webmail
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search params.
CVE-2020-35730
Roundcube Webmail
An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16 and 1.4.x before 1.4.10, where a plaintext email message with JavaScript in a link reference element is mishandled by linkref_addindex in rcube_string_replacer.php.
CVE-2020-12641
Roundcube Webmail
Roundcube Webmail before 1.4.4 allows arbitrary code execution via shell metacharacters in a configuration setting for im_convert_path or im_identify_path in rcube_image.php.
Appendix C: MITRE D3FEND Countermeasures
Table 16: MITRE D3FEND countermeasures
Countermeasure Title
ID
Details
Network Isolation
Employ appropriate network segmentation. Disable Universal Plug and Play (UPnP), Peer-to-Peer (P2P), and Anonymous Visit features on IP cameras and routers.
Access Mediation
Limit access and utilize additional attributes (such as device information, environment, and access path) when making access decisions. Configure access controls carefully to ensure that only well-maintained and well-authenticated accounts have access.
Inbound Traffic Filtering
Implement host firewall rules to block connections from other devices on the network, other than from authorized management devices and servers, to prevent lateral movement.
Resource Access Pattern Analysis
Use automated tools to audit access logs for security concerns and identify anomalous access requests.
Outbound Traffic Filtering
Block NTLM/SMB requests to external infrastructure.
Platform Monitoring
Install EDR/logging/cybersecurity solutions onto high value systems with large amounts of sensitive data such as mail servers and domain controllers.
System File Analysis
Collect and monitor Windows logs for certain events, especially for events that indicate that a log was cleared unexpectedly.
Application Hardening
Enable optional security features in Windows to harden endpoints and mitigate initial access techniques.
Application-based Process Isolation
Enable attack surface reduction rules to prevent executable content from email.
Executable Allowlisting
Enable attack surface reduction rules to prevent execution of files from globally writeable directories, such as Downloads or %APPDATA%.
Execution Isolation
Unless users are involved in the development of scripts, limit the execution of scripts (such as batch, JavaScript, and PowerShell) to known scripts.
Application Configuration Hardening
Disable Windows Host Scripting functionality and configure PowerShell to run in Constrained mode. Disable protocols that use weak authentication (e.g., clear-text passwords, or outdated and vulnerable authentication or encryption protocols) or do not support multi-factor authentication. Turn off other ports/services not in use (e.g., FTP, web interface, etc.).
Process Spawn Analysis
Use open source SIGMA rules as a baseline for detecting and alerting on suspicious file execution or command parameters.
URL Reputation Analysis
Use services that provide enhanced browsing services and safe link checking.
Network Access Mediation
Do not allow incoming traffic, especially logins to systems, from public VPN services. Where possible, logins from public VPNs, including exit nodes in the same country as target systems, should be blocked or, if allowed, alerted on for further investigation. Ensure cameras and other Internet of Things devices are protected by a security appliance, if possible.
DNS Denylisting
D3-DNSDL
Do not allow outgoing traffic to hosting and API mocking services frequently used by malicious actors.
Domain Name Reputation Analysis
Heuristic detections for web requests to new subdomains may uncover malicious phishing activity. Logging the requests for each sub-domain requested by users on a network, such as in DNS or firewall logs, may enable system administrators to identify new targeting and victims.
Multi-factor Authentication
Use MFA with strong factors and require regular re-authentication, especially for management accounts.
Job Function Access Pattern Analysis
D3-JFAPA
Implement other mitigations for privileged accounts: including limiting the number of admin accounts, considering using hardware MFA tokens, and regularly reviewing all privileged user accounts.
User Account Permissions
Separate privileged accounts by role and alert on misuse of privileged accounts. Audit user accounts on all devices to ensure they are an accurate reflection of your organization and that they are being used as expected.
Token-based Authentication
Reduce reliance on passwords; instead, consider using services like single sign-on.
Credential Hardening
Do not store passwords in Group Policy Preferences (GPP). Remove all passwords previously included in GPP and change all passwords on the corresponding accounts.
Authentication Event Threshholding
Use account throttling or account lockout. Throttling progressively increases time delay between successive login attempts. If using account lockout, allow between 5 to 10 attempts before lockout.
Strong Password Policy
Use a service to check for compromised passwords before using them.
Credential Rotation
Change all default credentials.
Encrypted Tunnels
Disable protocols that use weak authentication (e.g., clear-text passwords, or outdated and vulnerable authentication or encryption protocols). Use a VPN for remote connections to devices.
Software Update
Apply security patches and firmware updates to all devices. Ensure devices are currently supported. Replace devices that are end-of-life.
Agent Authentication
Ensure authentication is enabled for remote access to devices. If supported on IP cameras, enable authenticated RTSP access only.
User Behavior Analysis
Review all authentication activity for remote access to make sure it is valid and expected. Investigate any unexpected or unusual activity.
Lt. Gov. Luke – VNR – Hawaiʻi Schools Win ‘Super Sleuth’ Award in Internet Speeds Mapping Effort
Posted on May 20, 2025 in Latest Department News, Newsroom
STATE OF HAWAIʻI KA MOKU ʻĀINA O HAWAIʻI
SYLVIA LUKE LIEUTENANT GOVERNOR KE KEʻENA O KA HOPE KIAʻĀINA
FOR IMMEDIATE RELEASE
May 20, 2025
Hawaiʻi Schools Win ‘Super Sleuth’ Award in Internet Speeds Mapping Effort
Connect Kākou’s Digital Detectives Initiative included 6,000 participants statewide
Lt. Gov. Luke with Robert Louis Stevenson Middle School (left) and Kona Pacific Charter School (right).
(Videos/Photos Courtesy: Connect Kākou)
HONOLULU – Lieutenant Governor Sylvia Luke announced today that more than 6,000 Hawaiʻi residents, many of them students, participated in the Digital Detectives campaign to map internet speeds across the state. Part of the Connect Kākou initiative, Digital Detectives aimed to close the digital divide by identifying areas in need of urgent broadband infrastructure improvements.
By taking a simple 30-second internet speed test last October, residents provided valuable data to help ensure federal funding is directed where it is most needed. Classes from Robert Louis Stevenson Middle School and Kona Pacific Charter School received the top Digital Detectives Super Sleuth Awards for student participation and classroom reporting. The classes received a visit from Lieutenant Governor Luke and a gift card for classroom supplies.
“Thanks to the thousands of students and their teachers who participated in Digital Detectives, we now have a clearer picture of Hawaiʻi’s internet speeds and where improvements are most needed,” said Lieutenant Governor Luke. “Reliable internet is crucial for education, future careers, and so much more. We were thrilled to see so many students taking part in shaping a more connected future for our state.
“Digital Detectives encouraged our students to become active participants in expanding internet access for their communities,” said Ken Hiraki, executive director of the Public Schools Foundation. “By turning a simple classroom activity into meaningful data for our state, students had a front row seat to civic engagement and real-world impact.”
Results from the internet speed tests have been aggregated to provide a more comprehensive view of connectivity across the state. Construction of fiber-optic internet lines in underserved areas is expected to begin as early as this year.
Connect Kākou is a State of Hawai‘i initiative led by Lieutenant Governor Luke, in collaboration with the Hawai‘i Broadband and Digital Equity Office (HBDEO), the University of Hawai‘i, the Department of Hawaiian Home Lands (DHHL), and multiple state and county agencies. Connect Kākou is working to ensure people from all walks of life have reliable access to high-speed internet and the tools and knowledge to safely and confidently use the internet. Visit www.connectkakou.org to learn more.