NewzIntel.com

Category: Security Intelligence

  • MIL-OSI Security: Otis Elevator Company Agrees to Pay More Than $600,000 to Settle False Claims Act Allegation Related to Invoices for Elevator Maintenance

    Source: Office of United States Attorneys

    KNOXVILLE, Tenn. – Otis Worldwide Corporation, an international elevator services firm headquartered in Farmington, Connecticut, which is branded and doing business as Otis Elevator Company (Otis), has agreed to settle allegations under the False Claims Act (FCA) related to invoices for preventive maintenance services submitted to the Tennessee Valley Authority (TVA) that were not rendered pursuant to the terms of a Contract. Under the settlement, Otis will pay the United States $616,987.02.

    “A contractor, like Otis, has an obligation to submit invoices and seek reimbursement solely for work and services that have been performed as claimed,” said U.S. Attorney Francis M. Hamilton III for the Eastern District of Tennessee. “This settlement with Otis demonstrates that the United States Attorney’s Office and federal partners like TVA’s Office of the Inspector General are using all tools available to address fraud, waste, and abuse and protect public funds.”

    “The TVA Office of the Inspector General is committed to identifying and investigating instances where vendors fail to fulfill contractual obligations as well as false claims and overpayments that negatively impact ratepayers throughout the Tennessee Valley. We would like to thank the United States Attorney’s Office for their dedicated support of such efforts,” said Assistant Inspector General, Investigations D. Eric Beals of the Tennessee Valley Authority Office of Inspector General.

    The United States’ investigation focused on an August 2017 Contract between Otis and TVA. The United States contended that the Contract required Otis to provide turnkey modernization and specified monthly preventative maintenance services related to certain elevators in the TVA Knoxville Office Complex. The United States maintained that it has certain civil claims against Otis arising from its performance of the Contract. Specifically, the United States contended that Otis submitted false claims for payment to TVA for preventive maintenance services that were not rendered.

    The resolution obtained in this matter was the result of a coordinated effort between the United States Attorney’s Office for the Eastern District of Tennessee and the TVA Office of the Inspector General – Office of Investigations (TVA-OIG).

    The investigation and resolution of this matter illustrates the government’s emphasis on combating waste, fraud, and abuse impacting federal agencies. One of the most powerful tools in this effort is the False Claims Act. Tips and complaints from all sources about potential fraud, waste, and mismanagement of TVA resources can be reported to TVA-OIG at 1-855-882-8585 or www.oigempowerline.com

    The matter was handled by Assistant U.S. Attorneys Alan G. McGonigal and Alexa Ortiz Hadley for the Eastern District of Tennessee.

    The claims resolved by the settlement are allegations only and there has been no determination of liability. 

                                                                                                               ###

    MIL Security OSI

  • MIL-OSI Security: San Antonio Man Sentenced to 15 Years in Federal Prison for Sexual Exploitation of a Minor

    Source: Office of United States Attorneys

    SAN ANTONIO – A San Antonio man was sentenced in a federal court to 180 months imprisonment to be followed by 15 years of supervised release for attempted production of visual depictions involving the sexual exploitation of a minor.

    According to court documents, between May of 2022 and June of 2023, George Isaac Del Bosque, 33, made a surreptitious recording of a 15-year-old minor while the child victim was undressing and nude. A search of Del Bosque’s phone revealed 16 sexually explicit images and three sexually explicit videos of the minor. Del Bosque was arrested Sept. 5, 2023. He pleaded guilty to the charge on March 11, 2025, and was sentenced by U.S. District Judge Fred Biery. Prior to his arrest, Del Bosque was a licensed clinical vocational nurse. As a result of the charges, he voluntarily surrendered his license.

    “Protecting children has been and will remain one of the highest priorities of law enforcement,” said U.S. Attorney Justin R. Simmons for the Western District of Texas. “I appreciate the handling of this case by our partners at Homeland Security Investigations and the San Antonio Police Department, and I also want to express how important it is—as demonstrated in this case—for child victims and their families to be vigilant and not hesitate to report sexual exploitation when it occurs.”

    “This sentencing sends a clear message that HSI is committed to holding accountable those who exploit the most vulnerable members of our society,” said ICE Homeland Security Investigations San Antonio Special Agent in Charge Craig Larrabee. “We will continue to use every tool at our disposal to investigate and prosecute individuals involved in internet crimes against children.”

    HSI and the San Antonio Police Department investigated the case.

    Assistant U.S. Attorney Christopher Mangels prosecuted the case.

    This case was brought as part of Project Safe Childhood, a nationwide initiative to combat the epidemic of child sexual exploitation and abuse launched in May 2006 by the Department of Justice. Led by U.S. Attorneys’ Offices and CEOS, Project Safe Childhood marshals federal, state, and local resources to better locate, apprehend, and prosecute individuals who exploit children via the internet, as well as to identify and rescue victims. For more information about Project Safe Childhood, visit www.justice.gov/psc.

    ###

    MIL Security OSI

  • MIL-OSI Security: Five Defendants Charged in Federal Investigation Targeting Fentanyl Sales in Chicago

    Source: United States Bureau of Alcohol Tobacco Firearms and Explosives (ATF)

    CHICAGO — A federal investigation into fentanyl sales in Chicago has resulted in drug or firearm charges against five individuals.

    An indictment unsealed this week in federal court in Chicago accuses four of the defendants of conspiring to distribute fentanyl, methamphetamine, and heroin in the city in 2023 and 2024.  Three defendants are charged with illegally possessing firearms, including handguns equipped with a “switch” device, making them capable of firing multiple rounds with a single pull of the trigger.

    Charged with drug conspiracy and distribution are JARED DANIELS, 33, of Chicago, CRISTINE SERRANO, 34, of Chicago, SHERNELL ANDERSON, 35, of Chicago, and LARRY LEMON, 43, of Brookfield, Ill.  Daniels, Serrano, and JONATHAN COLLINS, 33, of Chicago, are also charged with federal firearm offenses.

    All five defendants are in law enforcement custody. The charges against Daniels, Serrano, Anderson, and Lemon carry a maximum sentence of life in federal prison, as well as mandatory minimums ranging from ten to 15 years.  The charge against Collins is punishable by up to 15 years in prison.

    The indictment was announced by Andrew S. Boutros, United States Attorney for the Northern District of Illinois, Douglas S. DePodesta, Special Agent-in-Charge of the Chicago Field Office of the FBI, and Larry Snelling, Superintendent of the Chicago Police Department.  Valuable assistance was provided by the Brookfield, Ill. Police Department, U.S. Postal Inspection Service in Chicago, FBI Minneapolis, Minn. Field Office, and the Cedar Rapids, Iowa, Satellite Office of the U.S. Bureau of Alcohol, Tobacco, Firearms, and Explosives.

    This case is part of Operation Take Back America, a nationwide initiative that marshals the full resources of the Department of Justice to repel the invasion of illegal immigration, achieve the total elimination of cartels and transnational criminal organizations (TCOs), and protect our communities from the perpetrators of violent crime.

    The public is reminded that an indictment contains only charges and is not evidence of guilt. The defendants are presumed innocent and entitled to a fair trial at which the government has the burden of proving guilt beyond a reasonable doubt.

    MIL Security OSI

  • MIL-OSI Security: Oklahoma Man Sentenced for Attempting to Destroy Satanic Temple in Salem With a Pipe Bomb

    Source: United States Bureau of Alcohol Tobacco Firearms and Explosives (ATF)

    BOSTON – An Oklahoma man was sentenced today in federal court in Boston for throwing a pipe bomb at The Satanic Temple (TST) in Salem, Mass. on April 8, 2024. 

    Sean Patrick Palmer, 49, of Perkins, Okla., was sentenced by U.S. District Court Judge Indira Talwani to five years in prison, to be followed by three years of supervised release. In March 2025, Palmer pleaded guilty to one count of using an explosive device to damage and attempt to damage a building used in interstate or foreign commerce. He was charged by criminal complaint and arrested on April 17, 2024, in Perkins, Okla. 

    TST is a non-theistic religious organization headquartered in Salem, Mass. According to the charging documents, at approximately 4:14 a.m. on April 8, 2024, surveillance cameras captured a man, subsequently identified as Palmer, walking towards TST wearing a black face covering, a tan-colored tactical vest and gloves. As Palmer approached TST, he ignited a pipe bomb – a type of improvised explosive device or “IED” – threw it at TST’s main entrance, and then ran away. The IED did not fully detonate and therefore caused only minor damage to TST’s exterior. 

    The pipe bomb was constructed from a roughly two-foot section of plastic pipe covered with metal nails attached to the pipe with duct tape. The inside of the pipe was filled with smokeless gunpowder. During the investigation, Palmer’s DNA was found on the outside of the IED.

    A six-page handwritten note was found in a flower bed adjacent to TST, near the area where Palmer threw the IED. Among other things, the letter stated: 

    DEAR SATANIST
    ELOHIM SEND ME 7 MONTHS AGO TO GIVE YOU
    PEACEFUL MESSAGE TO HOPE YOU REPENT. YOU SAY
    NO, ELOHIM NOW SEND ME TO SMITE SATAN AND I
    HAPPY TO OBEY. AND ELOHIM WANT ME TO CONTACT
    YOU TO TELL YOU REPENT. TURN FROM SIN. ELOHIM
    NO LIKE THIS PLACE AND PLAN TO DESTROY IT. MAYBE
    SALEM TOO? ELOHIM SEND ME TO FIGHT CRYBABY
    SATAN, BUT WANT ME TO MAKE HARD EFFORT SO NO
    ONE DIES. I OBEY.

    United States Attorney Leah B. Foley; Kimberly Milka, Acting Special Agent in Charge of the Federal Bureau of Investigation, Boston Division; and Lucas J. Miller, Chief of the Salem Police Department made the announcement today. Valuable assistance was provided by the Bureau of Alcohol, Tobacco, Firearms & Explosives, Boston Field Division; Massachusetts State Police; Federal Bureau of Investigation’s Oklahoma City Field Office; Payne County Sherriff’s Office; Oklahoma Highway Patrol; the United States Attorney’s Office for the Western District of Oklahoma; and Stillwater (Okla.) Police Department. Assistant U.S. Attorney Jason A. Casey of the National Security Unit is prosecuting the case.

    MIL Security OSI

  • MIL-OSI Security: Cryptocurrency Financial Services Firm “Gotbit” and Founder Sentenced for Market Manipulation and Fraud Conspiracy

    Source: Office of United States Attorneys

    BOSTON – Gotbit Consulting LLC (Gotbit), a financial services firm known in the cryptocurrency industry as a “market maker,” was sentenced yesterday in federal court in Boston for criminal charges relating to Gotbit’s fraudulent manipulation of cryptocurrency trading volume on behalf of client cryptocurrency companies.  

    Aleksei Andriunin, 26, of Russia and Portugal, was sentenced by U.S. District Court Judge Angel Kelley to eight months in prison, to be followed by one year of supervised release. In March 2025, Andriunin pleaded guilty to charges of wire fraud and conspiracy to commit market manipulation and wire fraud. Andriunin was arrested in Portugal on Oct. 8, 2024 and extradited to the United States on Feb. 25, 2025.

    As part of its criminal resolution, Gotbit was ordered to forfeit a total of approximately $23 million in seized cryptocurrency. The court also sentenced Gotbit to a term of probation for five years, during which time Gotbit shall cease to exist or operate.

    Gotbit and Andriunin were indicted by a federal grand jury on the same charges in October 2024. The indictment also charges two of Gotbit’s directors, Fedor Kedrov and Qawi Jalili.

    Gotbit was a well-known “market maker” in the cryptocurrency industry. Between 2018 and 2024, Gotbit provided market manipulation services to create artificial trading volume for multiple cryptocurrency companies, including companies located in the United States and companies whose cryptocurrencies traded on platforms available to investors located in the United States. Andriunin was Gotbit’s Founder and Chief Executive Officer. In a 2019 interview, Andriunin described how he developed a code to “wash trade” cryptocurrencies to artificially inflate trading volume for the purpose of getting cryptocurrencies listed on CoinMarketCap (a website that published information about “trending” cryptocurrencies) and trading on larger cryptocurrency exchanges. Andriunin and Gotbit’s employees marketed these wash trading tactics to prospective clients and explained how Gotbit used multiple accounts to avoid detection of the wash trades on the public blockchain. Gotbit made wash trades worth millions of dollars on behalf of clients and received tens of millions of dollars in payments from clients.

    Gotbit admitted that it engaged in manipulative trades to artificially increase the trading price and volume of tokens for clients that included Robo Inu and Saitama. Leaders of those cryptocurrency companies were charged in separate cases unsealed in October 2024.

    Gotbit is the third market maker to resolve criminal charges relating to wash trading in the cryptocurrency industry. In October 2024, the founder of MyTrade pleaded guilty in connection with providing an unlawful wash trading service identified through an undercover law enforcement operation. In April 2025, CLS Global FZC LLC was sentenced in connection with offering illegal “volume support” services uncovered by the same operation.

    The Securities & Exchange Commission brought a related civil enforcement action against Gotbit alleging violations of the securities laws.

    United States Attorney Leah B. Foley and Kimberly Milka, Acting Special Agent in Charge of the Federal Bureau of Investigations, Boston Division made the announcement. Assistant U.S. Attorneys Christopher J. Markham and David M. Holcomb of the Criminal Division prosecuted the case. Assistant U.S. Attorney Carol Head, Chief of the Asset Recovery Unit is handling the forfeiture matter.
     

    MIL Security OSI

  • MIL-OSI Security: Statement on the Situation in Iran

    Source: International Atomic Energy Agency – IAEA

    IAEA Director General Rafael Mariano Grossi. (Photo: D. Calma/IAEA)

    Early this morning, the International Atomic Energy Agency (IAEA) was informed of the military operation launched by Israel which includes attacks on nuclear facilities in the Islamic Republic of Iran.

    We are currently in contact with the Iranian nuclear safety authorities to ascertain the status of relevant nuclear facilities and to assess any wider impacts on nuclear safety and security. At present, the competent Iranian authorities have confirmed that the Natanz enrichment site has been impacted and that there are no elevated radiation levels. They have also reported that at present the Esfahan and Fordow sites have not been impacted.

    This development is deeply concerning. I have repeatedly stated that nuclear facilities must never be attacked, regardless of the context or circumstances, as it could harm both people and the environment.  Such attacks have serious implications for nuclear safety, security and safeguards, as well as regional and international peace and security.

    In this regard, the IAEA recalls the numerous General Conference resolutions on the topic of military attacks against nuclear facilities, in particular, GC(XXIX)/RES/444 and GC(XXXIV)/RES/533, which provide, inter alia, that “any armed attack on and threat against nuclear facilities devoted to peaceful purposes constitutes a violation of the principles of the United Nations Charter, international law and the Statute of the Agency”. 

    Furthermore, the IAEA has consistently underlined that “armed attacks on nuclear facilities could result in radioactive releases with grave consequences within and beyond the boundaries of the State which has been attacked”, as was stated in GC(XXXIV)/RES/533.

    As Director General of the International Atomic Energy Agency, and consistent with the objectives of the IAEA under the IAEA Statute, I call on all parties to exercise maximum restraint to avoid further escalation. I reiterate that any military action that jeopardizes the safety and security of nuclear facilities risks grave consequences for the people of Iran, the region, and beyond.

    Yesterday, the Board of Governors adopted an important resolution on Iran’s safeguards obligations. In addition to this, the Board resolution stressed its support for a diplomatic solution to the problems posed by the Iranian nuclear programme.

    The IAEA continues to monitor the situation closely, stands ready to provide technical assistance, and remains committed to its nuclear safety, security and safeguards mandate in all circumstances. I stand ready to engage with all relevant parties to help ensure the protection of nuclear facilities and the continued peaceful use of nuclear technology in accordance with the Agency mandate, including, deploying Agency nuclear security and safety experts (in addition to our safeguards inspectors in Iran) wherever necessary to ensure that nuclear installations are fully protected and continue to be used exclusively for peaceful purposes.

    I wish to inform the Board that I have indicated to the respective authorities my readiness to travel at the earliest to assess the situation and ensure safety, security and non-proliferation in Iran.

    I have also been in contact with our inspectors in Iran and Israel. The safety of our staff is of paramount importance. All necessary actions are being taken to ensure they are not harmed.

    Despite the current military actions and heightened tensions, it is clear that the only sustainable path forward—for Iran, for Israel, the entire region, and the international community—is one grounded in dialogue and diplomacy to ensure peace, stability, and cooperation. 

    The International Atomic Energy Agency, as the international technical institution entrusted with overseeing the peaceful use of nuclear energy, remains the unique and vital forum for dialogue, especially now. 

    In accordance with its Statute and longstanding mandate, the IAEA provides the framework and natural platform where facts prevail over rhetoric and where engagement can replace escalation. 

    I reaffirm the Agency’s readiness to facilitate technical discussions and support efforts that promote transparency, safety, security and the peaceful resolution of nuclear-related issues in Iran.

    MIL Security OSI

  • MIL-OSI Security: NATO Secretary General in Stockholm, highlights Sweden’s defence industry leadership and support to Ukraine

    Source: NATO

    NATO Secretary General Mark Rutte met Prime Minister of Sweden Ulf Kristersson in Stockholm on Friday (13 June 2025) to discuss preparations for the NATO Summit in The Hague.

    Mr Rutte noted that Sweden – NATO’s newest member – is “already making major contributions across the Alliance” since joining in March 2024, including through contributions to Forward Land Forces in Latvia, and leading NATO’s newly established Forward Land Forces in Finland.

    “Your Gripen fighter jets help patrol the skies over Poland, and your ships contribute to our enhanced military presence in the Baltic Sea through Baltic Sentry,” he said. The Secretary General also highlighted how Sweden’s expertise in the High North strengthens NATO’s regional posture and reinforces the Alliance’s ability to support Baltic Allies. 

    In 2024, Sweden invested 2.66% of GDP on defence, with plans to go further. “This is a clear demonstration of Sweden’s commitment to collective defence,” said the Secretary General.  Mr Rutte also underlined Sweden’s leadership in strengthening NATO’s defence industrial base. “You have a world-class defence sector,” he said. He welcomed Sweden’s role in defence industrial production, research, and resilience.

    Secretary General Rutte also commended Sweden for its staunch support of Ukraine. “Since 2022, you have provided over 7 billion euros in military assistance – including 1.25 billion in the first four months of this year alone. In terms of GDP, this places Sweden among the top contributors to Ukraine.” He also welcomed Sweden’s investment in Ukraine’s defence industry, saying: “You are truly leading by example.”

    Turning to the upcoming NATO Summit in The Hague, the Secretary General highlighted the need for increased investment and stronger defence industrial capacity. “I expect leaders to make bold decisions to further strengthen our deterrence and defence – including agreeing a new defence investment plan that would bring our defence investment to 5% of GDP.”

    In Stockholm, Secretary General Rutte also took part in a panel discussion at the annual Bilderberg meeting, alongside the President of the European Investment Bank Nadia Calviño and US Army General Chris Donahue. The discussion was moderated by Minister of Foreign Affairs of Poland Radoslaw Sikorski.

    MIL Security OSI

  • MIL-OSI Security: Man arrested following fatal shooting in Hammersmith

    Source: United Kingdom London Metropolitan Police

    A man has been arrested on suspicion of murder after a 30-year-old man was fatally shot in Hammersmith.

    Police were called to Claxton Grove, W6 at 23:19hrs on Wednesday, 11 June.

    Upon arrival, the London Ambulance Service were treating two men for gunshot wounds. Both were taken to hospital where, despite the best efforts of emergency workers and medical professionals, the 30-year-old man sadly died on Thursday, 12 June.

    His next-of-kin have been informed and are being supported by specialist officers. A post-mortem examination will take place in due course.

    The second man, also in his 30s, was treated for minor injuries and has since been discharged from hospital.

    A 28-year-old man was arrested on suspicion of attempted murder. He has since been re-arrested on suspicion of murder, and remains in police custody.

    Detective Chief Superintendent Christina Jessah, from the Central West Command Unit, said: “Our deepest sympathy is with the victim’s family who are being supported by specialist officers at this time.

    “This is a shocking crime to occur in any community, and we thank locals for their patience. They will see an increased police presence in the area as we conduct our enquires.”

    If anyone witnessed the incident, or has any information that can help the investigation, please contact the police as a matter of urgency on 101 quoting 8916/11JUN.

    To remain anonymous, call the independent charity Crimestoppers anonymously on 0800 555 111 or visit crimestoppers-uk.org

    Claxton Grove will remain closed while a crime scene is in place.

    MIL Security OSI

  • MIL-OSI Security: NATO’s Digital Ocean Vision concludes three-day wargame

    Source: NATO

    From 10 to 13 June (2025), as part of its pioneering initiative Digital Ocean Vision, NATO offered participants the opportunity to test and compare next-generation systems alongside traditional naval platforms, in a digital wargame.

    During the event, participants from across the NATO structures, as well as wargaming experts from the United Kingdom, Sweden, and the Netherlands, were able to test next-generation systems against traditional naval platforms such as frigates, corvettes, maritime patrol aircraft and submarines. The wargame was designed to measure and compare how emerging disruptive technologies perform, with findings directly supporting NATO’s Task Force X and enhancing the Alliance’s overall defensive posture.

    NATO’s Digital Ocean Vision initiative aims to enhance NATO’s maritime situational awareness from seabed to space, by strengthening coordination between national and Allied capabilities employed for maritime surveillance. It includes a broad range of assets from satellites to autonomous systems below, on, and above the sea.

    MIL Security OSI

  • MIL-OSI Security: NATO Secretary General calls for “quantum leap” in collective defence on visit to the United Kingdom

    Source: NATO

    On Monday 9 June [2025], NATO Secretary General Mark Rutte travelled to the United Kingdom for a bilateral meeting with the British Prime Minister, Keir Starmer, ahead of the NATO Summit in The Hague later this month. During his trip, Mr Rutte also joined British Minister of Defence, John Healey, on a tour of the historic steel production site at Sheffield Forgemasters and delivered a keynote speech at Chatham House.

    The Secretary General’s visit came one week after the unveiling of the United Kingdom’s Strategic Defence Review, marking a shift toward warfighting readiness and a ‘NATO first’ defence policy spurred by innovation.

    The factory in Sheffield is a key catalyst for British plans to make their defence industry a driver for growth. There, the Secretary General met members of staff, including apprentices, whose specialist skills are contributing to the manufacture of nuclear-grade steel components for Royal Navy submarines.

    Later, in London, Mr Rutte met Prime Minister Keir Starmer at 10 Downing Street to discuss increasing defence investment and production as well as continued support for Ukraine. Speaking at Chatham House shortly afterwards, Mr Rutte thanked the UK for “more than seven decades of continuous commitment to NATO” and outlined his priorities for the upcoming NATO Summit.

    “This Summit will transform our Alliance,” Mr Rutte stated. “We will build a better NATO, one that is stronger, fairer and more lethal. So that we can continue to keep our people safe and our adversaries at bay.”

    He continued with a call to action. “The fact is, we need a quantum leap in our collective defence. The fact is, we must have more forces and capabilities to implement our defence plans in full. The fact is, danger will not disappear even when the war in Ukraine ends.”

    The Secretary General stressed that major new investment was needed Alliance-wide and urged a 400% increase in air and missile defence alongside the doubling of NATO’s enabling capabilities including logistics, supply, transportation, and medical support. “We all benefit from the protection our transatlantic Alliance provides and it is vital that every member of NATO pulls their weight” he added.

    MIL Security OSI

  • MIL-OSI Security: Tenderloin Fentanyl Dealer Sentenced To More Than 11 Years In Federal Prison For Drug Trafficking Offenses

    Source: Office of United States Attorneys

    SAN FRANCISCO – Maria Valle-Rodriguez, 47, a Honduran national, was sentenced yesterday to 135 months (11 years and three months) in federal prison for drug trafficking offenses in the Bay Area.  Her co-defendants, Emilson Valle-Zuniga, 33, and Jonsan Valle-Rodriguez, 31, both Honduran nationals, were previously sentenced on May 21, 2025, to federal prison terms of 42 months and 24 months, respectively.  U.S. District Judge Jacqueline Scott Corley handed down all three sentences.

    A federal grand jury indicted all three defendants in December 2023, and all three pleaded guilty on Aug. 21, 2024.  Maria Valle-Rodriguez pleaded guilty to distribution of 40 grams or more of a mixture and substance containing fentanyl, possession with intent to distribute methamphetamine, possession with intent to distribute fentanyl, and possession with intent to distribute methamphetamine.  Valle-Zuniga pleaded guilty to possession with intent to distribute fentanyl and possession with intent to distribute methamphetamine.  Jonsan Valle-Rodriguez pleaded guilty to possession with intent to distribute fentanyl.

    According to their plea agreements, between August and December 2023, Maria Valle-Rodriguez, Valle-Zuniga, and Jonson Valle-Rodriguez engaged in a drug trafficking conspiracy with each other and unindicted co-conspirators to sell fentanyl, methamphetamine, and other controlled substance in the Tenderloin District of San Francisco and in Oakland.  Maria Valle-Rodriguez admitted to engaging in multiple sales of fentanyl and/or methamphetamine.  For part of this time, Maria Valle-Rodriguez had multiple vehicles registered to her name that she and her codefendants used to drive from Oakland into the Tenderloin District during the nighttime hours to deal drugs.  

    The defendants, who are related, lived together with several minor children in an apartment in Oakland that was used for drug trafficking.  Maria Valle-Rodriguez admitted knowing that there was fentanyl in the apartment where she resided with several minor children.  

    On Dec. 12, 2023, law enforcement executed search warrants on the defendants’ residence and vehicles connected to and being driven by them.  In total, law enforcement recovered approximately eight pounds of fentanyl and fentanyl analogue, two gross pounds of methamphetamine, as well as over $127,000 in cash at the premises and in the vehicles connected to the drug trafficking conspiracy.  

    United States Attorney Craig H. Missakian and DEA Special Agent in Charge Bob P. Beris made the announcement.

    Maria Valle-Rodriguez had been out of custody pending sentencing so she could receive medical care.  While out on bond, she was arrested on April 29, 2025, by San Francisco Police Department officers at an apartment where officers were executing a search warrant related to a drug trafficking operation.  Large quantities of drugs were found at the apartment where Maria Valle-Rodriguez was residing.  A minor child was also living at the residence.  

    In addition to the prison term, Judge Corley also sentenced Maria Valle-Rodriguez to a four-year period of supervised release.  Valle-Zuniga and Jonsan Valle-Rodriguez were each sentenced to a three-year term of supervised release.  

    Assistant U.S. Attorney Ivana Djak is prosecuting the case with the assistance of Lance Libatique and Gabriel Flesher.  The prosecution is the result of an investigation by the DEA.   
     

    MIL Security OSI

  • MIL-OSI Security: Former State Correctional Officer Pleads Guilty To Planting Prison Contraband That He Then Pretended To Discover

    Source: Office of United States Attorneys

    SAN FRANCISCO – Avelino Ramirez, a former K-9 sergeant at California state correctional facilities, pleaded guilty in federal court today to one count of wire fraud in connection with a scheme to plant contraband that he would then discover.

    Ramirez, 52, of Vallejo, Calif., was indicted by a federal grand jury on Oct. 31, 2024.  According to his plea agreement, from approximately 2013 to September 2022, Ramirez worked as an Investigative Services Unit K-9 Officer with the California Department of Corrections and

    Rehabilitation at San Quentin State Prison.  In September 2022, he was promoted to K-9 sergeant and began working at the California Medical Facility in Vacaville, Calif., around November 2022.

    From October 2021 to February 2024, Ramirez engaged in a scheme to smuggle and then plant contraband in common areas of San Quentin State Prison and the California Medical Facility, which he would then pretend to discover.  Ramirez did so in order to hold himself out as a successful K-9 officer with the hope that it would help him obtain a promotion to K-9 sergeant.  The contraband items Ramirez planted included drugs, such as methamphetamine, marijuana, and cocaine; drug paraphernalia; tobacco; cell phones; and weapons.  At times, Ramirez mixed the narcotics he planted in the prisons with salt and/or sugar and mixed the marijuana he planted in the prisons with lawn trimmings.

    Ramirez also sought to inflate his salary by claiming overtime related to searches where contraband was recovered pursuant to his fraudulent scheme and writing reports of these false discoveries.  In total, Ramirez fraudulently obtained approximately $8,200 in overtime pay.

    United States Attorney Craig H. Missakian and FBI Special Agent in Charge Sanjay Virmani made the announcement.

    Ramirez is currently released on bond.  Ramirez’s sentencing hearing is scheduled for Sept. 18, 2025, at 1:30 p.m. before U.S. District Judge William H. Orrick.  Defendant faces a maximum statutory penalty of 20 years in prison and a $250,000 fine for the violation of 18 U.S.C. § 1343.  Any sentence will be imposed by the court after consideration of the U.S. Sentencing Guidelines and the federal statute governing the imposition of a sentence, 18 U.S.C. § 3553.

    Assistant U.S. Attorney Benjamin K. Kleinman is prosecuting the case with the assistance of Amala James and Lance Libatique.  The prosecution is the result of an investigation by the FBI.
     

    MIL Security OSI

  • MIL-OSI Security: US and ROK Soldiers celebrate 75 years of friendship and camaraderie

    Source: United States INDO PACIFIC COMMAND

    CAMP CASEY, South Korea — U.S. Army bases in the Korean Theater of Operations hosted their annual Korean Augmentation To the U.S. Army (KATUSA) Friendship Week celebration, June 9-12. KATUSA Friendship Week recognizes and honors the enduring bonds of friendship and camaraderie U.S. and South Korean Soldiers have shared through their joint military service since 1950.

    MIL Security OSI

  • MIL-OSI Security: Space Force Supports III MEF with Tactical Space Integration

    Source: United States INDO PACIFIC COMMAND

    OKINAWA, Japan — U.S. Space Force Maj. Ben Pearce and Capt. Hannah Garcia-Park, both with Mission Delta-11 (Space Ranges, Aggressors, Tactics and Exercises), conducted tactical level space operations for the first time in history June 9, 2025, at III Marine Expeditionary Force (III MEF), Okinawa, Japan.

    MIL Security OSI

  • MIL-OSI Security: Methamphetamine And Gun Trafficker Is Sentenced To 15 Years In Prison

    Source: United States Bureau of Alcohol Tobacco Firearms and Explosives (ATF)

    ASHEVILLE, N.C. – Jamal Marqui McDaniel, 46, was sentenced today to 180 months in prison followed by five years of supervised release for trafficking methamphetamine and firearms offenses, announced Russ Ferguson, U.S. Attorney for the Western District of North Carolina.

    According to court documents and evidence presented during court proceedings, the Drug Enforcement Administration (DEA), the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF), and the Asheville Police Department (APD) launched a joint investigation after receiving information that McDaniel was engaged in the illegal sale of narcotics and firearms in the Asheville area. Over the course of the investigation, McDaniel sold methamphetamine, firearms, and ammunition on multiple occasions to individuals who were cooperating with law enforcement. Court records show that, in total, McDaniel is accountable for distributing nearly half a kilogram of methamphetamine, and illegally selling eight firearms.

    McDaniel pleaded guilty February 21, 2025, to distribution of methamphetamine, possession of a firearm in furtherance of a drug trafficking crime, and possession of a firearm by a felon. He remains in the custody of the U.S. Marshals Service pending placement by the federal Bureau of Prisons.

    In making today’s announcement, U.S. Attorney Ferguson thanked the ATF, the DEA, the APD, and the Buncombe Country Sheriff’s Office for their investigation of the case.

    Assistant U.S. Attorney Christopher S. Hess of the U.S. Attorney’s Office in Asheville handled the prosecution.

    This case is part of Operation Take Back America a nationwide initiative that marshals the full resources of the Department of Justice to repel the invasion of illegal immigration, achieve the total elimination of cartels and transnational criminal organizations (TCOs), and protect our communities from the perpetrators of violent crime. Operation Take Back America streamlines efforts and resources from the Department’s Organized Crime Drug Enforcement Task Forces (OCDETFs) and Project Safe Neighborhood (PSN).

     

    MIL Security OSI

  • MIL-OSI Security: Man Arrested for Murder of Woman Whose Body was Found in Trash Dumpster

    Source: Office of United States Attorneys

                WASHINGTON – Richard Dyson, 58, of the District of Columbia, was arrested yesterday on charges of second-degree murder while armed, for the murder of 62-year-old Donnella Bryan on or about April 15, 2025. The arrest was announced by U.S. Attorney Jeanine Ferris Pirro and Chief Pamela Smith of the Metropolitan Police Department (MPD).

                Dyson was arraigned today before Superior Court Magistrate Judge Robert J. Hildum, where he entered a plea of not guilty. Judge Hildum found probable cause for second degree murder and ordered Dyson held without bond until his preliminary hearing on June 18, 2025 before Judge Michael Ryan. 

                On April 19, 2025, at approximately 8:00 a.m., Fifth District officers responded to the 1600 block of Maryland Avenue, Northeast, for the report of an unconscious person. Upon arrival, officers located a female victim inside a dumpster. The victim was identified as Donella Bryan of the District of Columbia. DC Fire and EMS responded to the scene and after finding no signs consistent with life, the victim was pronounced deceased.

                This case is being investigated by the Metropolitan Police Department. It is being prosecuted by Assistant United States Attorney Anthony Cocuzza.

                Charges are merely allegations and all defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.

    MIL Security OSI

  • MIL-OSI Security: Mexican national sentenced to federal prison for trafficking illegal immigrants

    Source: Office of United States Attorneys

    SHERMAN, Texas –A Mexican national living in Plano has been sentenced for immigration violations in the Eastern District of Texas, announced Acting U.S. Attorney Jay R. Combs.

    Ana Maria Villa-Flores, 42, pleaded guilty to conspiracy to transport aliens into the United States and conspiracy to conceal or harbor aliens.  Villa-Flores was sentenced to the maximum term of 120 months in federal prison by U.S. District Judge Amos L. Mazzant, III, on June 12, 2025.

    According to information presented in court, in January of 2022, twenty-four illegal aliens were located at one of Villa-Flores’ homes. During the investigation, it was determined that Villa-Flores was responsible for recruiting drivers as well as coordinating the smuggling of the undocumented individuals from Mexico to the United States, bringing them to Plano to stay until they could be transported along other routes throughout the United States.  The male individuals were instructed to remove their pants to keep them from escaping.  Federal agents determined that Villa-Flores was responsible for smuggling approximately 254 illegal aliens.

    In 2023, Villa-Flores was prosecuted in the Western District of Texas in connection with her alien smuggling activities.  She was sentenced to four years in federal prison for smuggling approximately 124 illegal aliens.   

    This case is part of Operation Take Back America, a nationwide initiative that marshals the full resources of the Department of Justice to repel the invasion of illegal immigration, achieve the total elimination of cartels and transnational criminal organizations (TCOs), and protect our communities from the perpetrators of violent crime. Operation Take Back America streamlines efforts and resources from the Department’s Organized Crime Drug Enforcement Task Forces (OCDETFs) and Project Safe Neighborhood (PSN).

    This case was investigated by the Dallas and El Paso Homeland Security Investigations and the Plano Police Department.  This case was prosecuted by Assistant U.S. Attorney Tracey Batson.

    ###

    MIL Security OSI

  • MIL-OSI Security: East Granby Woman Admits $1.1 Million Pandemic Relief Program Scheme

    Source: United States Department of Justice (National Center for Disaster Fraud)

    David X. Sullivan, United States Attorney for the District of Connecticut, and Harry Chavis, Special Agent in Charge of IRS Criminal Investigation in New England, announced that KAREN GASTON, 44, of East Granby, waived her right to be indicted and pleaded guilty today before U.S. District Judge Sarah F. Russell in New Haven to offenses stemming from a scheme to defraud COVID-19 pandemic relief programs of more than $1.1 million.

    In March 2020, the Coronavirus Aid, Relief, and Economic Security (“CARES”) Act provided emergency financial assistance to Americans suffering the economic effects caused by the COVID-19 pandemic.  One source of relief provided by the CARES Act was the authorization of forgivable loans to small businesses for job retention and certain other expenses through the Paycheck Protection Program (“PPP”).  The PPP was overseen by the U.S. Small Business Administration (“SBA”), and individual PPP loans were issued by private lenders, which received and processed PPP applications and supporting documentation, and then made loans using the lenders’ own funds, which were guaranteed by the SBA.  The CARES Act also authorized SBA to distribute Economic Injury Disaster Loans (“EIDLs”), which provided working capital to eligible small businesses, including sole proprietors, to meet operating expenses.

    According to court documents and statements made in court, in 2020, Gaston controlled certain entities including LNK, Elegant Clinical, Ruby Red LLC, and Diamond Shine LLC.  LNK and Diamond Shine LLC were operational, but shared resources and employees.  Ruby Red LLC had only one client and Gaston was its sole employee.   Elegant Clinical was no longer operational.  Beginning in approximately April 2020, Gaston submitted loan applications to the PPP and EIDL programs that falsely represented the status of the operations, resources, and employees of these entities.  She also filed loan applications at separate financial institutions in order to disguise the true nature of her criminal activity.

    Specifically, Gaston’s loan applications falsely represented that her businesses were all active and operating concerns; falsely represented the number of employees and the amount of wages purportedly paid by the businesses; included copies of fraudulent tax returns and tax related documents; and falsely represented that a family member, used as an applicant on an application, was a part owner of one of her entities.

    Gaston received $1,163,910 in PPP and EIDL loan funds through this scheme.  Instead of using the funds for payroll or other operating expenses, she spent the money on personal expenditures, including travel, food, luxury home goods, expensive jewelry, cars, and paying off her home mortgage.

    Gaston pleaded guilty to wire fraud, which carries a maximum term of imprisonment of 20 years, and making illegal monetary transactions, which carries a maximum term of imprisonment of 10 years.

    Gaston has agreed to make full restitution.  She also has agreed to the forfeiture of a ring she purchased in July 2020 from the jeweler Harry Winston for $39,521.63.

    Gaston is released on a $100,000 bond pending sentencing, which is not scheduled.

    This investigation has been conducted by the Internal Revenue Service, Criminal Investigation Division.  The case is being prosecuted by Assistant U.S. Attorney Michael S. McGarry.

    Individuals with information about allegations of fraud involving COVID-19 are encouraged to report it by calling the Department of Justice’s National Center for Disaster Fraud Hotline at 866-720-5721, or via the NCDF Web Complaint Form at: https://www.justice.gov/disaster-fraud/ncdf-disaster-complaint-form.

    MIL Security OSI

  • MIL-OSI Security: Louisiana Men Receive Lengthy Federal Prison Sentences for Trafficking Controlled Substances

    Source: United States Bureau of Alcohol Tobacco Firearms and Explosives (ATF)

    SHREVEPORT, La. – Acting United States Attorney Alexander C. Van Hook announced that several men have been sentenced in related Organized Crime Drug Enforcement Task Force (“OCDETF”) cases involving the trafficking of controlled substances. James Cordell Zeno, 37, of Jennings, Blaze Duhon, 27, of Kinder, Jamarcus Jamall Epps, 31, of Many, and James Spikes, 28, of Zwolle, have all been sentenced by United States District Judge S. Maurice Hicks, Jr.  Another defendant, Desmond Antoine Jackson, 40, of Zwolle, has pleaded guilty and is currently awaiting sentencing. 

    Zeno was sentenced to 282 months (23 years, 6 months) in prison, and Duhon was sentenced to 120 months (10 years) in prison for conspiracy to distribute methamphetamine. According to information presented in court, in July 2022, the United States Postal Inspector intercepted a suspicious package that was destined for Duhon’s residence. Agents obtained a search warrant for the package and found it contained suspected methamphetamine.  The Sabine Parish Sheriff’s Office then obtained a search warrant for the residence, and Duhon was located inside.  Days after the search warrant, the United States Postal Inspector intercepted a second suspicious package destined for Duhon’s residence.  Agents obtained a search warrant for this package and found it also contained suspected methamphetamine.  A search of Duhon’s phone revealed text messages between him and Zeno.  Two text messages sent by Zeno to Duhon contained photos of United States Postal Service receipts containing tracking information for two packages.  The tracking information matched both packages of methamphetamine that were intercepted by the United States Postal Inspector.   

    The suspected methamphetamine from both packages was seized and sent to the crime laboratory for testing and the results were positive for methamphetamine with a total weight of 280 grams.  Zeno and Duhon were indicted, and both pleaded guilty. 

    Jamarcus Jamall Epps and Desmond Antoine Jackson were also charged as the result of an investigation into drug trafficking activities in the Sabine Parish area.  In December 2021, the Sabine Parish Sheriff’s Office Tactical Narcotics Team conducted a controlled purchase of a Taurus PT738 .380 caliber pistol from Epps. An audio/video recording of the transaction was captured by law enforcement. An examination of the firearm by agents with the Bureau of Alcohol, Tobacco, Firearms and Explosives (“ATF”) determined that the firearm sold by Epps was a working firearm. At the time of the sale of this firearm, Epps was a convicted felon, with a prior conviction of aggravated second degree battery in 2019 and he was prohibited from possessing any firearm or ammunition. Epps pleaded guilty and was sentenced to 77 months (6 years, 5 months) in prison for possession of a firearm by a convicted felon.

    Approximately one month later, law enforcement agents conducted a controlled purchase of methamphetamine from Jackson and that transaction was also recorded. The suspected controlled substance was sent to the crime laboratory for analysis and determined to be pure methamphetamine weighing at least 50 grams.  Jackson was charged and pleaded guilty to distribution of methamphetamine in February 2025 and is awaiting sentencing. 

    James Spikes was also involved in the trafficking of methamphetamine in the Sabine Parish area. In August 2022, an audio/video recording was made of a controlled purchase from Spikes in connection with this investigation. The suspected controlled substance purchased from Spikes was sent to the crime laboratory for testing and confirmed to be approximately 62 grams of pure methamphetamine. He pleaded guilty to conspiracy to distribute methamphetamine and was sentenced to 120 months (10 years) in prison.

    These cases were investigated by the Federal Bureau of Investigation, U.S. Postal Inspection Service, ATF, and Sabine Parish Sheriff’s Office and prosecuted by Assistant United States Attorney Jessica D. Cassidy. These cases were part of an Organized Crime Drug Enforcement Task Force (OCDETF) investigation. OCDETF identifies, disrupts, and dismantles the highest-level drug traffickers, money launderers, gangs, and transnational criminal organizations that threaten the United States by using a prosecutor-led, intelligence-driven, multi-agency approach that leverages the strengths of federal, state, and local law enforcement agencies against criminal networks.

    # # #

    MIL Security OSI

  • MIL-OSI Security: USAID Official and Three Corporate Executives Plead Guilty to Decade-Long Bribery Scheme Involving Over $550 Million in Contracts; Two Companies Admit Criminal Liability for Bribery Scheme and Securities Fraud

    Source: United States Attorneys General 1

    Four men, including a government contracting officer for the United States Agency for International Development (USAID) and three owners and presidents of companies, have pleaded guilty for their roles in a decade-long bribery scheme involving at least 14 prime contracts worth over $550 million in U.S. taxpayer dollars.

    • Roderick Watson, 57, of Woodstock, Maryland, who worked as a USAID contracting officer, pleaded guilty to bribery of a public official;
    • Walter Barnes, 46, of Potomac, Maryland, the owner and president of PM Consulting Group LLC doing business as Vistant (Vistant), a certified small business under the U.S. Small Business Administration (SBA) 8(a) contracting program, pleaded guilty to conspiracy to commit bribery of a public official and securities fraud;
    • Darryl Britt, 64, of Myakka City, Florida, the owner and president of Apprio, Inc. (Apprio), a certified small business under the SBA 8(a) contracting program, pleaded guilty to conspiracy to commit bribery of a public official; and
    • Paul Young, 62, of Columbia, Maryland, the president of a subcontractor to Vistant and Apprio, pleaded guilty to conspiracy to commit bribery of a public official.

    In addition, Apprio and Vistant, both of which contracted with USAID, have agreed to admit criminal liability and enter into three-year deferred prosecution agreements (DPAs) in connection with criminal informations filed today in the District of Maryland. As part of these resolutions, both Apprio and Vistant admitted to engaging in a conspiracy to commit bribery of a public official and securities fraud. The DPAs entered into with Apprio and Vistant require each company to, among other obligations, provide ongoing cooperation with and disclosures to the Justice Department, implement a compliance and ethics program, and report to Justice Department regarding remediation and implementation of these compliance measures.

    “The defendants sought to enrich themselves at the expense of American taxpayers through bribery and fraud,” said Matthew R. Galeotti, Head of the Justice Department’s Criminal Division. “Their scheme violated the public trust by corrupting the federal government’s procurement process. Anybody who cares about good and effective government should be concerned about the waste, fraud, and abuse in government agencies, including USAID. Those who engage in bribery schemes to exploit the U.S. Small Business Administration’s vital economic programs for small businesses — whether individuals or corporations acting through them — will be held to account.” 

    “Watson was entrusted to serve the interests of the American people — not his own — and his criminal actions for his own personal gain undermine the integrity of our public institutions,” said U.S. Attorney Kelly O. Hayes for the District of Maryland. “Public trust is a hallmark of our nation’s values, so corruption within a federal government agency is intolerable. This office, along with our law enforcement partners, will continue to pursue and prosecute corruption at every level to ensure accountability and protect public trust.”

    “The guilty pleas reflect the FBI’s unwavering commitment to holding accountable all those who abuse the authority and responsibility of public service,” said FBI Criminal Investigative Division Acting Assistant Director Darren Cox. “The actions of the defendants in this scheme serve to erode public trust. The FBI is focused on rebuilding this trust and protecting American taxpayers from corruption through investigations such as these.”

    “Corruption in government programs will not be tolerated. Watson abused his position of trust for personal gain while federal contractors engaged in a pay-to-play scheme,” said Acting Assistant Inspector General for Investigations Sean Bottary of the USAID Office of Inspector General (USAID-OIG). “USAID-OIG is firmly committed to rooting out fraud and corruption within U.S. foreign assistance programs. Today’s announcement underscores our unwavering focus on exposing criminal activity, including bribery schemes by those entrusted to faithfully award government contracts. We appreciate our longstanding partnership with the Department of Justice in holding accountable those who defraud American taxpayers.”    

    “Watson exploited his position at USAID to line his pockets with bribes in exchange for more than $550 million in contracts. While he helped three company owners and presidents bypass the fair bidding process, he was showered with cash and lavish gifts,” said Chief Guy Ficco of IRS Criminal Investigation (IRS-CI). “Through its financial crime investigations, IRS-CI works to protect taxpayer dollars and ensure government funds are awarded based on merit — not corruption. In close coordination with our law enforcement partners, IRS-CI helped put an end to their greed and criminal conduct. Now, Watson and his co-conspirators will face justice.”

    Overview of Bribery Scheme

    According to court documents, beginning in 2013, Watson, while a USAID contracting officer, agreed with Britt to receive bribes in exchange for using Watson’s influence to award contracts to Apprio. As a certified small business under the SBA 8(a) contracting program, which helps socially and economically disadvantaged businesses, Apprio could access lucrative federal contracting opportunities through set-asides and sole-source contracts exclusively available to eligible contractors without a competitive bid process.

    Vistant was a subcontractor to Apprio on one of the contracts awarded through Watson’s influence. After Apprio graduated from the SBA 8(a) program and it was no longer eligible to be a prime contractor for new contracts with USAID under this program, the scheme shifted so that Vistant became the prime contractor and Apprio became the subcontractor on USAID contracts awarded through Watson’s influence between 2018 and 2022.

    During the scheme, Britt and Barnes paid bribes to Watson that were often concealed by passing them through Young, who was the president of another subcontractor to Apprio and Vistant. Britt and Barnes also regularly funneled bribes to Watson, including cash, laptops, thousands of dollars in tickets to a suite at an NBA game, a country club wedding, downpayments on two residential mortgages, cellular phones, and jobs for relatives. The bribes were also often concealed through electronic bank transfers falsely listing Watson on payroll, incorporated shell companies, and false invoices. Watson is alleged to have received bribes valued at more than approximately $1 million as part of the scheme.

    In exchange for the bribe payments, Watson influenced the award of contracts to Apprio and Vistant by manipulating the procurement process at USAID through various means, including recommending their companies to other USAID decisionmakers for non-competitive contract awards, disclosing sensitive procurement information during the competitive bidding process, providing positive performance evaluations to a government agency, and approving decisions on the contracts, such as increased funding and a security clearance.

    Apprio and Vistant also agreed to resolve concurrently with the Justice Department in its separate Civil False Claims Act investigations relating to the bribery scheme.

    Overview of Vistant Securities Fraud Scheme

    According to court documents, in 2022, Barnes and Watson defrauded a licensed small business investment company (SBIC), in furtherance of the bribery scheme, by inducing it into executing a credit agreement with Vistant. Through the credit agreement, Barnes caused Vistant to issue stock warrants that, if exercised, would result in the SBIC having a 40% equity stake in Vistant. The credit agreement also provided for a $14 million loan to Vistant from which Barnes could pay himself a $10 million dividend. Prior to executing the credit agreement, Watson agreed at Barnes’s request to speak with the SBIC about Vistant’s performance as a government contractor on USAID contracts. When speaking with the SBIC, Watson omitted that Barnes had bribed Watson to obtain USAID contracts for years. Watson’s endorsement of Vistant thereafter induced the SBIC to enter into the credit agreement with Barnes.

    Overview of Apprio Securities Fraud Scheme

    According to court documents, in 2023, Apprio, acting through Britt, engaged in a scheme in which Apprio fraudulently induced a private equity firm, which had an investment pool that was licensed as a SBIC, to purchase from Apprio’s parent company a 20% equity stake in the company for $4 million and simultaneously extend it a $4 million loan secured by shares of Apprio stock. In addition to making false material representations in the stock purchase and loan agreements, Britt intentionally omitted during his negotiations the material fact that he had bribed Watson for years, which was intended to deceive and induce the private equity company into executing the agreements.

    Deferred Prosecution Agreements with Apprio and Vistant

    The Justice Department reached its resolution with Apprio based on several factors, including Apprio’s credit for clearly accepting responsibility for its criminal conduct, fully cooperating in the investigation and engaging in timely remedial measures. Based on these factors, the criminal penalty calculated under the U.S. Sentencing Guidelines reflects a 10% reduction off the bottom of the applicable Guidelines fine range pursuant to the Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy (CEP). According to court documents, Apprio agreed that the appropriate criminal penalty based on the law and facts in its case is $51,673,185; however, Apprio also met its burden of establishing an inability to pay the criminal penalty sought. Based on the Justice Department’s independent analysis, it determined that paying a criminal penalty and civil settlement greater than $500,000 would substantially threaten the continued viability of Apprio. Accordingly, the Justice Department determined that the appropriate resolution of this case is a DPA and a payment of $500,000 in a civil settlement.

    Similarly, the Justice Department reached its resolution with Vistant based on a number of factors, including Vistant’s credit for clearly accepting responsibility for its criminal conduct and cooperating with the investigation. Although Vistant’s cooperation was initially delayed and limited, Vistant began to fully cooperate thereafter. Vistant also received credit for engaging in timely remedial measures. Based on these factors, the penalty calculated under the Guidelines reflects a 5% reduction off the bottom of the applicable Guidelines fine range pursuant to the CEP. Vistant agreed that the appropriate criminal penalty based on the law and facts in its case is $86,407,740; however, Vistant also met its burden of establishing an inability to pay the criminal penalty sought. Based on the Justice Department’s independent analysis, it determined that paying a criminal penalty and civil settlement greater than $100,000 would substantially threaten the continued viability of Vistant. Accordingly, the Justice Department determined that the appropriate resolution of this case is a DPA and a payment of $100,000 in a civil settlement.

    Watson is scheduled to be sentenced on Oct. 6, and faces a maximum penalty of 15 years in prison. Young is scheduled to be sentenced on Sept. 3 and faces a maximum penalty of five years in prison. Britt is scheduled to be sentenced on July 28 and faces a maximum penalty of five years in prison. Barnes is scheduled to be sentenced on Oct. 14 and faces a maximum penalty of five years in prison.

    The FBI, USAID-OIG, and IRS-CI are investigating the cases.

    Trial Attorneys Matt Kahn and Brandon Burkart of the Criminal Division’s Fraud Section and Assistant U.S. Attorney Patrick D. Kibbe for the District of Maryland are prosecuting the cases. 

    MIL Security OSI

  • MIL-OSI Security: Honduran man sentenced on illegal reentry charges

    Source: Office of United States Attorneys

    GREAT FALLS – A Honduran man who entered the U.S. illegally after two prior removals and corresponding convictions was sentenced today to 99 days in prison to be followed by one year of supervised release, U.S. Attorney Kurt Alme said.

    Carlos Alexis Ponce-Lopez, 33, pleaded guilty in April 2025 to one of illegal reentry.

    Chief U.S. District Judge Brian M. Morris presided.

    The government alleged in court documents that Ponce-Lopez was originally ordered removed by an Immigration Judge on November 11, 2011, in San Antonio, Texas and was removed on December 23, 2011. Ponce-Lopez illegally entered again on March 31, 2014. Ponce-Lopez’s original order of removal was reinstated and he was removed on August 18, 2014. On each of those occasions, Ponce-Lopez was also convicted in federal court for illegal entry prior to being removed.

    On February 21, 2025, the Montana Highway Patrol conducted a traffic stop on I-90 near Billings, Montana. Ponce-Lopez was a passenger in the vehicle. The driver was cited and all three subjects were released, including Ponce-Lopez.

    On March 4, 2025, U.S. Border Patrol agents found Ponce-Lopez at a house in Shelby, Montana. As they walked towards the home, Ponce-Lopez walked outside. One of the agents called out to Ponce-Lopez, “Carlos Ponce?” Ponce-Lopez responded in Spanish, “Si, es mi (Yes, that’s me).” The agents then conducted an immigration inspection. Ponce-Lopez said he was removed before and reentered illegally. He admitted he had no documents to enter, live, or stay in the United States legally and was not pending any immigration hearings. He was arrested and transported to the Sweetgrass Border Patrol Station for further processing.

    There are no records within the Department of Homeland Security that Ponce-Lopez ever applied for readmission into the United States.

    The U.S. Attorney’s Office prosecuted the case. The investigation was conducted by the U.S. Border Patrol, Montana Highway Patrol, and Toole County Sheriff’s Office.

    This case is part of Operation Take Back America a nationwide initiative that marshals the full resources of the Department of Justice to repel the invasion of illegal immigration, achieve the total elimination of cartels and transnational criminal organizations (TCOs), and protect our communities from the perpetrators of violent crime. Operation Take Back America streamlines efforts and resources from the Department’s Organized Crime Drug Enforcement Task Forces (OCDETFs) and Project Safe Neighborhood (PSN).

    MIL Security OSI

  • MIL-OSI Security: Indictment Charges Waterbury Man with Drug and Gun Offenses

    Source: Office of United States Attorneys

    David X. Sullivan, United States Attorney for the District of Connecticut, and James Ferguson, Special Agent in Charge, ATF Boston Field Division, today announced that a federal grand jury in Bridgeport has returned an indictment charging TIMEEK HEATH, 41, of Waterbury, with drug and firearm offenses.

    The indictment was returned on June 4, 2025.  Heath appeared today in Hartford federal court, pleaded not guilty to the charges, and was ordered detained pending a detention hearing that is scheduled for June 17.

    As alleged in the indictment, on two occasions in August and September 2024, Heath distributed fentanyl.  Also, on September 5, 2024, Heath sold a Glock, Model 23, .40 caliber pistol to an individual he knew was a convicted felon.

    It is further alleged that Heath’s criminal history includes felony convictions for manslaughter and larceny offenses.  It is a violation of federal law for a person previously convicted of a felony offense to possess a firearm or ammunition that has moved in interstate or foreign commerce.

    The indictment charges Heath with two counts of possession with intent to distribute and distribution of fentanyl, which carries a maximum term of imprisonment of 20 years on each count; one count of unlawful possession of a firearm by a felon, which carries a maximum term of imprisonment of 15 years; one count of sale of a firearm by a prohibited person, which carries a maximum term of imprisonment of 15 years; and one count of firearms trafficking, which carries a maximum term of imprisonment of 15 years.

    U.S. Attorney Sullivan stressed that an indictment is not evidence of guilt.  Charges are only allegations, and a defendant is presumed innocent unless and until proven guilty beyond a reasonable doubt.

    This matter is being investigated by the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF).  The case is being prosecuted by Assistant U.S. Attorney Nathaniel J. Gentile.

    This case is part of Operation Take Back America, a nationwide initiative that marshals the full resources of the Department of Justice to repel the invasion of illegal immigration, achieve the total elimination of cartels and transnational criminal organizations (TCOs), and protect our communities from the perpetrators of violent crime.  Operation Take Back America streamlines efforts and resources from the Department’s Organized Crime Drug Enforcement Task Forces (OCDETF) and Project Safe Neighborhood (PSN).

    MIL Security OSI

  • MIL-OSI Security: Essex County Convicted Felon Sentenced to 73 Months in Prison for Drug Trafficking and Possession of Firearms, including Two Assault Rifles

    Source: United States Bureau of Alcohol Tobacco Firearms and Explosives (ATF)

    NEWARK, N.J. – An Essex County, New Jersey, man was sentenced on June 10, 2025, for his role in distributing cocaine, possessing with intent to distribute cocaine and heroin, and possessing three firearms, including two assault rifles with high-capacity magazines, U.S. Attorney Alina Habba announced.

    Azmar Carter, a/k/a “Bizzy,” 32, of East Orange, previously pleaded guilty before U.S. District Judge Madeline Cox Arleo to a superseding information charging him with two counts of distribution and possession with intent to distribute cocaine, possession of firearms and ammunition by a convicted felon, and possession with intent to distribute heroin and cocaine.

    According to documents filed in this case and statements made in court:

    In 2021, law enforcement began investigating a drug trafficking organization that operates primarily in and around Orange, New Jersey and distributes narcotics throughout Essex County. During the investigation, Carter distributed cocaine to law enforcement in May 2021 and in July 2021. Subsequently, on August 18, 2021, law enforcement searched Carter’s residence and car in East Orange, New Jersey and recovered the following items: one Draco AK 47 rifle; one Smith and Wesson AR rifle; one .40 caliber pistol; ninety-four rounds of associated ammunition; a distribution quantity of heroin and cocaine; and approximately $7,177.00.

    In addition to the prison term, Judge Arleo sentenced Carter to three years of supervised release.

    U.S. Attorney Habba credited special agents and members of the Bureau of Alcohol, Tobacco, Firearms and Explosives, Newark Division, under the direction of Special Agent in Charge L.C. Cheeks, Jr.; members of the Orange Police Department, under the direction of Police Director Todd Warren, Chief Vincent Vitiello and Captain Brian Mooney; members of the Elizabeth Police Department, under the direction of Chief of Police Giacomo Sacca and Police Director Earl J. Graves; members of the East Orange Police Department, under the direction of Chief Phyllis Bindi; member of the Newark Police Department, under the direction of Public Safety Director Emanuel Miranda and Chief of Police Sharonda Morris; and the Belleville Police Department, under the direction of Chief Mark Minichini, with the investigation leading to the charges and arrests.

    This case is part of Operation Orange, which is a part of the Newark Violent Crime Initiative (VCI), which was formed in August 2017 by the U.S. Attorney’s Office for the District of New Jersey, the Essex County Prosecutor’s Office, and the City of Newark’s Department of Public Safety for the purpose of combatting violent crime in and around Newark. As part of this partnership, federal, state, county, and city agencies collaborate and pool resources to prosecute violent offenders who endanger the safety of the community. The VCI is composed of the U.S. Attorney’s Office, the FBI, the ATF, the DEA, the U.S. Marshals, the Newark Department of Public Safety, the Essex County Prosecutor’s Office, the Essex County Sheriff’s Office, N.J. State Parole, Union County Jail, N.J. State Police Regional Operations and Intelligence Center/Real Time Crime Center, N.J. Department of Corrections, the East Orange Police Department, the Orange Police Department and the Irvington Police Department.

    The government is represented by Assistant U.S. Attorney Benjamin Levin, Chief of the OCDETF/Narcotics Unit in Newark.

                                                                                                             ###

    Defense counsel: Christopher D. Adams, Esq.

    MIL Security OSI

  • MIL-OSI Security: Illegal Alien from Dominican Republic Sentenced for Impersonating U.S. Citizen to Vote in Federal Election

    Source: United States Bureau of Alcohol Tobacco Firearms and Explosives (ATF)

    MIAMI – Carlos Abreu, 36, has been sentenced to 65 months in prison followed by three years supervised release, after pleading guilty in two consolidated federal cases (24cr60155 and 25cr60015) to the following charges: (1) falsely claiming United States citizenship to register to vote; (2) using a United States citizen’s name to vote; (3) possessing firearms as an alien without lawful status; (4) making false statements in support of a passport application; and (5) aggravated identity theft. As a condition of his supervised release, he was also ordered to turn himself into immigration authorities for removal proceedings.

    According to the two factual proffers, Abreu entered the United States without inspection and, in 2007, assumed the identity of the victim, “C.R.V.” Between 2007 and his August 2024 arrest, Abreu held himself out as “C.R.V.” to Federal, state, and local government agencies. The victim, “C.R.V.,” is a United States citizen living in Puerto Rico who did not know Abreu.

    Abreu obtained a Florida driver’s license in 2007.  He registered to vote under the name “C.R.V.” in 2016, and renewed his registration in 2020. He admitted to voting in federal elections in 2016 and 2022. Abreu also admitted to obtaining a Florida concealed carry permit in “C.R.V.’s” name and purchasing four firearms. Abreu also conceded that, in 2021, he had attempted to obtain U.S. passports for his two minor daughters as well as himself, using “C.R.V.’s” name and personal identifying information, all without lawful authorization.

    United States Attorney Hayden P. O’Byrne for the Southern District of Florida, and Acting Special Agent in Charge Michael Conklin of the U.S. Department of State Diplomatic Security Service (DSS) Miami Field Office made the announcement.

    DSS’ Miami Field Office investigated the case.  The DSS San Juan Resident Office in Puerto Rico and ATF Miami provided invaluable assistance.  Assistant U.S. Attorneys Brianna Coakley and Daniel Rosenfeld are prosecuting the case. Assistant U.S. Attorney Nadya Z. Cheatham is handling asset forfeiture.

    You may find a copy of this press release (and any updates) on the website of the United States Attorney’s Office for the Southern District of Florida at www.justice.gov/usao-sdfl.

    Related court documents and information may be found on the website of the District Court for the Southern District of Florida at www.flsd.uscourts.gov or at http://pacer.flsd.uscourts.gov, under case numbers 24-cr-60155 and 25-cr-60015.

    ###

    MIL Security OSI

  • MIL-OSI Security: New Orleans Woman Guilty of Fentanyl and Heroin Distribution

    Source: Office of United States Attorneys

    NEW ORLEANS, LA – Acting U.S. Attorney Michael M. Simpson announced that, LOREALL GORDEN (“GORDEN”), age 38, of New Orleans, pled guilty before U.S. District Judge Sarah M. Vance on May 28, 2025, to two counts of distribution of fentanyl and heroin. Judge Vance scheduled sentencing for September 24, 2025.  At sentencing, on both counts, GORDENfaces up to 20 years imprisonment, a fine of up to $1,000,000, and at least three years of supervised release following any term of imprisonment, as well as a $100 mandatory special assessment fee.

    According to court documents, on two occasions in August of 2023, a Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) investigation revealed GORDEN worked with other individuals to distribute fentanyl and heroin from a residence in New Orleans.  As a result of the investigation, 6.93 grams of fentanyl and a mixture of heroin and fentanyl weighing approximately 27.84 grams were recovered by ATF agents .

    This case was investigated by the Bureau of Alcohol, Tobacco, Firearms and Explosives and is being prosecuted by Assistant United States Attorney Stuart Theriot of the Narcotics Unit.

    MIL Security OSI

  • MIL-OSI Security: Florida Men Convicted after Cleaning Crew Locates More Than $30K of Cocaine in Hotel Room

    Source: Office of United States Attorneys

    MYRTLE BEACH, S.C. — A federal jury convicted Vincent Ellis Wilson, 54, and Ervin Lee Smith, 50, both of Fort Pierce, Florida, of conspiring to distribute more than 500 grams of cocaine and a quantity of crack cocaine after a two-day trial in Florence.

    Evidence introduced at trial showed that during the evening hours of Feb. 25, 2021, Wilson and Smith checked in to an oceanfront hotel in Myrtle Beach.  Wilson and Smith are both from Florida and they would later tell police that they were simply “passing through” Myrtle Beach when they had car trouble that required them to put their truck in a shop in Myrtle Beach.  That night, however, they met with a local individual who agreed to serve as a middleman to help Wilson and Smith sell more than a half kilogram of cocaine and a small quantity of crack cocaine they had brought with them to South Carolina.  The next morning, before the drug deal could be done, Wilson and Smith left their room to go to breakfast at a nearby restaurant.  While they were gone, hotel staff, believing the room had been vacated, went in to clean the room and stumbled upon a grocery bag containing more than $30,000 worth of drugs in a dresser drawer.  The hotel contacted Myrtle Beach Police who responded and collected the illicit substances.  Later that morning, Wilson and Smith returned to the hotel to attempt to collect their belongs, including the drugs.  Police interviewed them and they were released pending further investigation.

    Through an ongoing partnership between the Myrtle Beach Police Department and the Drug Enforcement Administration, authorities were later able to connect this drug seizure to a much larger drug trafficking organization that was already under federal investigation.  Once that connection was made, Wilson and Smith were charged by a federal grand jury with being suppliers to the drug trafficking organization.  All the other defendants in the federal case pled guilty. Wilson and Smith denied their involvement, but were convicted after the jury heard the evidence of their involvement. 

    Court records show that Wilson has a prior state conviction for possession with intent to distribute narcotics in Maryland from 2003, and Smith has a prior federal conviction for possession with intent to distribute cocaine from 2004.  U.S. District Judge Sherri A. Lydon presided over their trial and will sentence the two after reviewing a presentence report from the U.S. Probation Office.  They each face a mandatory minimum sentence of five years in prison and may be sentenced up to the 40-year maximum. 

    “These defendants brought a significant quantity of cocaine and crack cocaine into South Carolina, intending to profit from its distribution,” said U.S. Attorney Bryan Stirling for the District of South Carolina. “Thanks to the diligent work of the Myrtle Beach Police Department and the Drug Enforcement Administration, what started as a hotel cleaning led to the dismantling of a larger drug trafficking operation. This conviction underscores our unwavering commitment to prosecuting individuals who bring dangerous narcotics into our communities.”

    “This case represents the continued commitment of the DEA to identify and hold accountable those who engage in the distribution of dangerous drugs,” said Jae W. Chung, the Acting Special Agent in Charge of the DEA Atlanta Division. “Keeping our communities safe is our highest priority.”

    “The Myrtle Beach Police Department is fortunate to work with partners and community members to assist us holding those accountable who bring poison into our community,” said Myrtle Beach Police Chief Amy Prock. “Our mission has not and will not change, the safety of our community will always be our priority.”

    This prosecution is part of an Organized Crime Drug Enforcement Task Forces (OCDETF) investigation. OCDETF identifies, disrupts, and dismantles the highest-level drug traffickers, money launderers, gangs, and transnational criminal organizations that threaten the United States by using a prosecutor-led, intelligence-driven, multi-agency approach that leverages the strengths of federal, state, and local law enforcement agencies against criminal networks. Additional information about the OCDETF Program can be found at https://www.justice.gov/OCDETF.

    The case was investigated by the Drug Enforcement Administration and the Myrtle Beach Police Department.  Assistant U.S. Attorney Everett McMillian and Department of Justice Trial Attorney Jasmin Salehi Fashami prosecuted the case in close coordination with the 15th Circuit Solicitor’s Office.     

    ###

    MIL Security OSI

  • MIL-OSI Security: Lynn Woman Sentenced to More Than One Year in Prison for Coercing and Enticing Two Victims to Engage In Prostitution

    Source: Office of United States Attorneys

    BOSTON – A Lynn woman was sentenced yesterday in federal court in Boston for sex trafficking.

    Latasha Anderson, 39, was sentenced by U.S. District Court Judge Denise J. Casper to 20 months in prison, to be followed by five years of supervised release. In March 2025, Latasha Anderson pleaded guilty to one count of coercion and enticement. Latasha Anderson was indicted by a federal grand jury in August 2023, along with her co-defendants Jermall Anderson and Jennifer Fortier.

    From 2012 through 2016, Latasha Anderson, along with her co-conspirators and at the direction of Jermall Anderson, used threats and the giving and withholding of heroin and cocaine to force two different victims to prostitute on their behalf. Jermall Anderson’s wide-ranging sex trafficking operation targeted vulnerable victims, specifically those struggling with drug addiction, homelessness and lack of economic resources and coerced them into providing commercial sex for the defendants’ benefit. Latasha Anderson coerced and enticed these victims to engage in prostitution throughout New England, New York and New Jersey.  

    In March 2025, Jermall Anderson was sentenced to 15 years in prison, to be followed by five years of supervised release. In March 2025, Fortier was sentenced to 58 months in prison, to be followed by three years of supervised release.

    Members of the public who have questions, concerns or information regarding this case should call 617-748-3274 or contact USAMA.VictimAssistance@usdoj.gov.

    United States Attorney Leah B. Foley and Michael J. Krol, Special Agent in Charge of Homeland Security Investigations in New England made the announcement today. Valuable assistance was provided by the HSI Office in New Haven, Conn., the Lynn and Tewksbury Police Departments (Mass.) and the Hampden (Conn.) Police Department. Assistant U.S. Attorney Stephen W. Hassink of the Narcotics & Money Laundering Unit prosecuted the case.
     

    MIL Security OSI

  • MIL-OSI Security: USNS Comfort Arrives in Grenada for Continuing Promise 2025

    Source: United States SOUTHERN COMMAND

    The Mercy-class hospital ship USNS Comfort (T-AH 20) arrived in St.George’s, Grenada, to provide a variety of medical treatments to include: dental, family medicine, internal medicine, optometry, nursing, pharmacy, biomedical repair, lab, radiology, X-ray and veterinary medicine as a part of Continuing Promise 2025 (CP25), June 9.

    MIL Security OSI

  • MIL-OSI Security: Fugitive Physician Sentenced to Prison in Medicare Fraud Scheme

    Source: United States Attorneys General

    A California physician was sentenced today in Los Angeles to 54 months in prison for health care fraud arising from her false home health certifications and related fraudulent billings to Medicare. She is a fugitive and was sentenced in absentia.

    According to court documents, Lilit Gagikovna Baltaian, 61, of Porter Ranch, was a physician licensed to practice in California and an enrolled Medicare provider. From approximately January 2012 to July 2018, she falsely certified patients to receive home health care from at least four Los Angeles area home health agencies. These certifications were used by the home health agencies to fraudulently bill Medicare. In some instances, Baltaian pre-signed blank, undated physician certification forms knowing that the home health agencies would falsify the forms to make appear that she had seen the Medicare beneficiaries and made clinical findings to support the need for home health care, when she had done neither. Baltaian received cash payments related to these referrals and also separately billed Medicare for signing the fraudulent certifications.

    Between January 2012 and July 2018, four home health agencies used Baltaian’s false certifications to submit fraudulent claims to Medicare, resulting in loss to the government estimated at $1,497,159.64.

    Baltaian pleaded guilty to one count of health care fraud on Nov. 21, 2024. At sentencing, she was also ordered to pay $1,497,159.64 in restitution.

    Matthew R. Galeotti, Head of the Justice Department’s Criminal Division, U.S. Attorney Bilal A. Essayli for the Central District of California, Assistant Director in Charge Akil Davis of the FBI Los Angeles Field Office and Acting Special Agent in Charge Omar Perez of the Department of Health and Human Services Office of Inspector General (HHS-OIG) Los Angeles Regional Office made the announcement.

    The FBI and HHS-OIG are investigating the case.

    Trial Attorney Matthew Belz of the Criminal Division’s Fraud Section is prosecuting the case.

    The Fraud Section leads the Criminal Division’s efforts to combat health care fraud through the Health Care Fraud Strike Force Program. Since March 2007, this program, currently comprised of nine strike forces operating in 27 federal districts, has charged more than 5,800 defendants who collectively have billed federal health care programs and private insurers more than $30 billion. In addition, the Centers for Medicare & Medicaid Services, working in conjunction with HHS-OIG, are taking steps to hold providers accountable for their involvement in health care fraud schemes. More information can be found at www.justice.gov/criminal-fraud/health-care-fraud-unit.

    MIL Security OSI

  • MIL-OSI Security: Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider

    Source: US Department of Homeland Security

    Summary

    The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this advisory in response to ransomware actors leveraging unpatched instances of a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) to compromise customers of a utility billing software provider. This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp RMM since January 2025.

    SimpleHelp versions 5.5.7 and earlier contain several vulnerabilities, including CVE-2024-57727—a path traversal vulnerability.1 Ransomware actors likely leveraged CVE-2024-57727 to access downstream customers’ unpatched SimpleHelp RMM for disruption of services in double extortion compromises.1 

    CISA added CVE-2024-57727 to its Known Exploited Vulnerabilities (KEV) Catalog on Feb. 13, 2025.

    CISA urges software vendors, downstream customers, and end users to immediately implement the Mitigations listed in this advisory based on confirmed compromise or risk of compromise.

    Download the PDF version of this report:

    Mitigations

    CISA recommends organizations implement the mitigations below to respond to emerging ransomware activity exploiting SimpleHelp software. These mitigations align with the Cross-Sector Cybersecurity Performance Goals (CPGs) developed by CISA and the National Institute of Standards and Technology (NIST). The CPGs provide a minimum set of practices and protections that CISA and NIST recommend all organizations implement. CISA and NIST based the CPGs on existing cybersecurity frameworks and guidance to protect against the most common and impactful threats, tactics, techniques, and procedures. Visit CISA’s CPGs webpage for more information on the CPGs, including additional recommended baseline protections. These mitigations apply to all critical infrastructure organizations.

    Vulnerable Third-Party Vendors

    If SimpleHelp is embedded or bundled in vendor-owned software or if a third-party service provider leverages SimpleHelp on a downstream customer’s network, then identify the SimpleHelp server version at the top of the file /SimpleHelp/configuration/serverconfig.xml. If version 5.5.7 or prior is found or has been used since January 2025, third-party vendors should:

    1. Isolate the SimpleHelp server instance from the internet or stop the server process.
    2. Upgrade immediately to the latest SimpleHelp version in accordance with SimpleHelp’s security vulnerability advisory.2
    3. Contact your downstream customers to direct them to take actions to secure their endpoints and undertake threat hunting actions on their network.

    Vulnerable Downstream Customers and End Users

    Determine if the system is running an unpatched version of SimpleHelp RMM either directly or embedded in third-party software.

    SimpleHelp Endpoints

    Determine if an endpoint is running the remote access (RAS) service by checking the following paths depending on the specific environment:

    • Windows: %APPDATA%JWrapper-Remote Access
    • Linux: /opt/JWrapper-Remote Access
    • MacOs: /Library/Application Support/JWrapper-Remote Access

    If RAS installation is present and running, open the serviceconfig.xml file in /JWrapper-Remote Access/JWAppsSharedConfig/ to determine if the registered service is vulnerable. The lines starting with indicate the server addresses where the service is registered.

    SimpleHelp Server

    Determine the version of any SimpleHelp server by performing an HTTP query against it. Add /allversions (e.g., https://simple-help.com/allversions) to query the URL for the version page. This page will list the running version.

    If an unpatched SimpleHelp version 5.5.7 or earlier is confirmed on a system, organizations should conduct threat hunting actions for evidence of compromise and continuously monitor for unusual inbound and outbound traffic from the SimpleHelp server. Note: This is not an exhaustive list of indicators of compromise.

    1.  Refer to SimpleHelp’s guidance to determine compromise and next steps.3
    2. Isolate the SimpleHelp server instance from the internet or stop the server process.
    3. Search for any suspicious or anomalous executables with three alphabetic letter filenames (e.g., aaa.exe, bbb.exe, etc.) with a creation time after January 2025. Additionally, perform host and network vulnerability security scans via reputable scanning services to verify malware is not on the system.
    4. Even if there is no evidence of compromise, users should immediately upgrade to the latest SimpleHelp version in accordance with SimpleHelp’s security vulnerabilities advisory.4

    If your organization is unable to immediately identify and patch vulnerable versions of SimpleHelp, apply appropriate workarounds. In this circumstance, CISA recommends using other vendor-provided mitigations when available. These non-patching workarounds should not be considered permanent fixes and organizations should apply the appropriate patch as soon as it is made available.

    Encrypted Downstream Customers and End Users

    If a system has been encrypted by ransomware:

    1. Disconnect the affected system from the internet.
    2. Use clean installation media (e.g., a bootable USD drive or DVD) to reinstall the operating system. Ensure the installation media is free from malware.
    3. Wipe the system and only restore data from a clean backup. Ensure data files are obtained from a protected environment to avoid reintroducing ransomware to the system.

    CISA urges you to promptly report ransomware incidents to a local FBI Field Office, FBI’s Internet Crime Compliant Center (IC3), and CISA via CISA’s 24/7 Operations Center (report@cisa.gov or 888-282-0870).

    Proactive Mitigations to Reduce Risk

    To reduce opportunities for intrusion and to strengthen response to ransomware activity, CISA recommends customers of vendors and managed service providers (MSPs) implement the following best practices:

    • Maintain a robust asset inventory and hardware list [CPG 1.A].
    • Maintain a clean, offline backup of the system to ensure encryption will not occur once reverted. Conduct a daily system backup on a separate, offline device, such as a flash drive or external hard drive. Remove the device from the computer after backup is complete [CPG 2.R].
    • Do not expose remote services such as Remote Desktop Protocol (RDP) on the web. If these services must be exposed, apply appropriate compensating controls to prevent common forms of abuse and exploitation. Disable unnecessary OS applications and network protocols on internet-facing assets [CPG 2.W].
    • Conduct a risk analysis for RMM software on the network. If RMM is required, ask third-party vendors what security controls are in place.
    • Establish and maintain open communication channels with third-party vendors to stay informed about their patch management process.
    • For software vendors, consider integrating a Software Bill of Materials (SBOM) into products to reduce the amount of time for vulnerability remediation.
      • An SBOM is a formal record of components used to build software. SBOMs enhance supply chain risk management by quickly identifying and avoiding known vulnerabilities, identifying security requirements, and managing mitigations for vulnerabilities. For more information, see CISA’s SBOM page.

    Resources

    Reporting

    Your organization has no obligation to respond or provide information back to FBI in response to this advisory. If, after reviewing the information provided, your organization decides to provide information to FBI, reporting must be consistent with applicable state and federal laws.

    FBI is interested in any information that can be shared, to include boundary logs showing communication to and from foreign IP addresses, a sample ransom note, communications with threat actors, Bitcoin wallet information, decryptor files, and/or a benign sample of an encrypted file.

    Additional details of interest include a targeted company point of contact, status and scope of infection, estimated loss, operational impact, transaction IDs, date of infection, date detected, initial attack vector, and host- and network-based indicators.

    CISA and FBI do not encourage paying ransom as payment does not guarantee victim files will be recovered. Furthermore, payment may also embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or fund illicit activities. Regardless of whether you or your organization have decided to pay the ransom, FBI and CISA urge you to promptly report ransomware incidents to FBI’s Internet Crime Complain Center (IC3), a local FBI Field Office, or CISA via the agency’s Incident Reporting System or its 24/7 Operations Center (report@cisa.gov) or by calling 1-844-Say-CISA (1-844-729-2472).

    SimpleHelp users or vendors can contact support@simple-help.com for assistance with queries or concerns.

    Disclaimer

    The information in this report is being provided “as is” for informational purposes only. CISA does not endorse any commercial entity, product, company, or service, including any entities, products, or services linked within this document. Any reference to specific commercial entities, products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favor by CISA.

    Version History

    June 12, 2025: Initial version.

    Notes

    1. Anthony Bradshaw, et. al., “DragonForce Actors Target SimpleHelp Vulnerabilities to Attack MSP, Customers,” Sophos News, May 27, 2025, https://news.sophos.com/en-us/2025/05/27/dragonforce-actors-target-simplehelp-vulnerabilities-to-attack-msp-customers/.
    2. For instructions for upgrading to the latest version of SimpleHelp, see SimpleHelp’s security vulnerability advisory.
    3. To determine possibility of compromise and next steps, see SimpleHelp’s guidance.
    4. For instructions for upgrading to the latest version of SimpleHelp, see SimpleHelp’s security vulnerability advisory.

    MIL Security OSI