Source: New Zealand Police
District:
At around 8am emergency services received reports of a two-vehicle crash, where there are thought to be serious injuries.
Traffic is being diverted onto State Highway 5.
Motorists are asked to take alternate routes if possible.
ENDS
Source: New Zealand Police
Motorists in Northland are advised to avoid travelling on State Highway One between the North Mangapai Intersection and Mata.
A two vehicle accident on Oakleigh Wharf Road is causing major delays.
Police advise one of the vehicles is a large truck which is blocking the road and may take some time to move.
Traffic is backed-up several kilometres in both directions.
Emergency services are at the scene.
Motorists are advised to use alternative routes and avoid the area.
ENDS
US Senate News:
Source: United States Senator for Delaware Christopher Coons
WASHINGTON – U.S. Senators Chris Coons (D-Del.) and John Cornyn (R-Texas), co-chairs of the bipartisan Senate Law Enforcement Caucus, celebrated the caucus’ new members for the 119th Congress during National Police Week, which started on May 11 and ended May 17.
Senator Coons and Cornyn welcome U.S. Senators Ruben Gallego (D-Ariz.), Jim Justice (R-W.Va.), and Dave McCormick (R-Pa.).
Senator Coons launched the Senate Law Enforcement Caucus over a decade ago with former Senator Roy Blunt (R-Mo.). Since then, the caucus has held briefings on policing issues like recruitment and retention, emerging threats such as generative AI’s impact on children, and best practices shared by law enforcement officials working on the ground.
The caucus is more committed than ever to supporting law enforcement, protecting families, and strengthening communities across the country.
A full member list can be found on the Senate Law Enforcement website and below:
U.S. Senators Chris Coons (D-Del.), John Cornyn (R-Texas), Richard Blumenthal (D-Conn.), John Boozman (R-Ark.), Ted Budd (R-N.C.), Catherine Cortez Masto (D-Nev.), Dick Durbin (D-Ill.), Ruben Gallego (D-Ariz.), Lindsey Graham (R-S.C.), Mazie Hirono (D-Hawaii), John Hoeven (R-N.D.), Cindy Hyde-Smith (R-Miss.), Jim Justice (R-W.Va.), Amy Klobuchar (D-Minn.), Roger Marshall (R-Kan.), Dave McCormick (R-Pa.), Jeff Merkley (D-Ore.), Jerry Moran (R-Kan.), Lisa Murkowski (R-Alaska), Chris Murphy (D-Conn.), Gary Peters (D-Mich.), Mike Rounds (R-S.D.), Chuck Schumer (D-N.Y.), and Thom Tillis (R-N.C.).
Source: Eurojust
During the action day, authorities in both countries seized assets worth at least several millions euros, including apartments and companies, as well as various luxury vehicles. . Large amounts of cash and quantities of cocaine and heroin were also seized. A full and complete evaluation of the seizures will be carried out in the coming days.
No complete estimate of the total profits of the cooperation between the three OCGs is available. However, information obtained through the JIT shows that the criminal networks were involved in payments, often in cash, of close to EUR 5 million and the trafficking of at least 1 800 kilos of cocaine and heroin.
Investigations into the linked criminal organisations were initiated in 2016 by the Public Prosecutor’s Office of Bari and the Special Anti-Corruption and Organised Crime Prosecutor’s Office of Tirana and the Albanian Police. On the Albanian side, one OCG, which operated from Durres, was responsible for the transport and wholesale distribution of large quantities of cocaine, heroin and cannabis trafficked between the Balkans, Northern Europe, South America and Puglia in Italy.
Two Italian-led criminal gangs carried out the cutting and packaging of illicit drugs and supplied cocaine and heroin from Latin America and Turkey to local gangs in organisations in Bari, Brindisi and Lecce.
The arrests in Italy and Albania are the result of a long-term collaboration through the JIT. This involved the use of wiretaps, intensive video surveillance, the monitoring of suspects and the analysis of encrypted chats. These chats were decrypted following intensive cooperation through Eurojust.
Since 2020, Eurojust has supported the authorities in Italy and Albania with the JIT. Furthermore, the Agency provided assistance with the execution of requests for Mutual Legal Assistance during the action day and gave cross-border judicial support. Albania is one of the twelve countries outside the European Union with a Liaison Prosecutor at Eurojust. The investigations were also coordinated and supported by the office of the dedicated security expert at the Italian Embassy in Tirana.
The judicial cooperation between Italy and Albania has already proven effective in recent years. Between 2018 and 2021, the Anti-Mafia Investigation Directorate of Bari issued and executed 118 arrest warrants against alleged drug traffickers operating in both countries. As a result, various defendants were sentenced up to 20 years imprisonment.
This week’s operation was carried out at the request of and by the following authorities:
Source: United States Bureau of Alcohol Tobacco Firearms and Explosives (ATF)
RICHMOND, Va. – A Richmond man was sentenced today to five years in prison for possession of a firearm by a convicted felon.
According to court documents, on March 16, 2023, Richmond Police detectives performed a traffic stop on a vehicle with no front license plate. James Marvin Smith, 43, was driving the vehicle. While speaking with Smith and a passenger, the detectives observed a crumpled lottery ticket near the cupholders and noticed that the passenger had white powder on his nose. The detectives asked Smith and the passenger to get out of the car.
While searching the vehicle for drug evidence, a detective found a firearm and a detached extended magazine. The firearm had one round of ammunition in the chamber and the magazine was loaded with 21 rounds of ammunition.
Prior to his arrest, Smith had been convicted of, among other crimes, possession of heroin, obstruction of justice, resisting arrest with force, possession of cocaine, breaking and entering, using a firearm in the commission of a felony, robbery, unlawful wounding, illegal possession of a firearm, assault and battery, possession of a firearm by a convicted violent felon, and grand larceny. As a previously convicted felon, Smith cannot legally possess a firearm or ammunition.
Erik S. Siebert, U.S. Attorney for the Eastern District of Virginia; Anthony A. Spotswood, Special Agent in Charge of the Bureau of Alcohol, Tobacco, Firearms and Explosives Washington Field Division; Rick Edwards, Chief of Richmond Police; and Colette Wallace McEachin, Commonwealth’s Attorney for the City of Richmond, made the announcement after sentencing by Senior U.S. District Judge John A. Gibney Jr.
Special Assistant U.S. Attorney Katherine E. Groover, an Assistant Commonwealth’s Attorney with the Richmond Commonwealth’s Attorney Office, prosecuted the case.
This case is part of Project Safe Neighborhoods (PSN), a program bringing together all levels of law enforcement and the communities they serve to reduce violent crime and gun violence, and to make our neighborhoods safer for everyone. On May 26, 2021, the Department launched a violent crime reduction strategy strengthening PSN based on these core principles: fostering trust and legitimacy in our communities, supporting community-based organizations that help prevent violence from occurring in the first place, setting focused and strategic enforcement priorities, and measuring the results.
A copy of this press release is located on the website of the U.S. Attorney’s Office for the Eastern District of Virginia. Related court documents and information are located on the website of the District Court for the Eastern District of Virginia or on PACER by searching for Case No. 3:24-cr-23.
Source: United States Bureau of Alcohol Tobacco Firearms and Explosives (ATF)
CHARLOTTE, N.C. – A man who used a privately made and unregistered firearm, commonly known as a “ghost gun,” to carjack a vehicle on a college campus was sentenced yesterday to seven years in prison for a firearms offense, announced Russ Ferguson, U.S. Attorney for the Western District of North Carolina. Mark Jordan Williams, 37, was also ordered to serve three years of supervised release following the completion of his prison term.
Alicia Jones, Special Agent in Charge of the U.S. Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF), Charlotte Field Division, joins U.S. Attorney Ferguson in making today’s announcement.
According to court documents and court proceedings, on March 23, 2023, an individual identified as L.C. was sitting in a Jeep Wrangler, parked on the campus of the University of North Carolina-Charlotte. Court records show that Williams approached the vehicle, pointed a handgun at L.C. and ordered L.C. out of the car. Williams then took L.C.’s phone, got into the Jeep, and drove away. Williams was located and arrested later that evening while inside the Jeep. When Williams was arrested, a .40 caliber Polymer 80 handgun was recovered from inside the vehicle as well. During the investigation, law enforcement determined that Williams has multiple prior criminal convictions and he prohibited from possessing a firearm.
On January 9, 2025, Williams pleaded guilty to possession and brandishing of a firearm in furtherance of a crime of violence. He is in federal custody and will be transferred to the custody of the Federal Bureau of Prisons upon designation of a federal facility.
The ATF investigated the case and the U.S. Attorney’s Office in Charlotte handled the prosecution.
Source: United States Bureau of Alcohol Tobacco Firearms and Explosives (ATF)
Jacksonville, Florida – U.S. District Judge Harvey Schlesinger has sentenced Alton Wayne Cope, III (64, St. Augustine) to four years and three months in federal prison for possessing a firearm as a convicted felon and conspiring to deal firearms without a license. Cope entered a guilty plea in October 2024.
According to court documents, agents began investigating Cope and a co-conspirator when agents learned that Cope may have been illegally selling firearms. During the summer of 2024, agents conducted multiple controlled purchase operations during which they purchased 11 firearms from Cope and a co-conspirator. Throughout the investigation, agents learned that Braden Hobbs was the original purchaser of multiple firearms purchased from Cope and a co-conspirator. Cellphone records later showed that the co-conspirator regularly purchased firearms from Hobbs. Additionally, at least two of the firearms sold by Cope and a co-conspirator had previously been reported stolen. In August 2024, agents executed a federal search warrant at Cope’s residence. During the search, agents found an additional firearm in his bedroom.
Although he engaged in the business of dealing firearms, Cope is not a federally licensed firearms dealer, as required by federal law. Additionally, Cope was previously convicted of multiple felonies, including two counts of possession of cocaine and possession of a firearm by a convicted felon. Therefore, he is prohibited from possessing firearms or ammunition under federal law.
In related court proceedings, co-conspirator Braden Hobbs has been charged by indictment and is scheduled for trial later this year. If convicted, Hobbs faces a minimum sentence of 5 years, up to 95 years, in federal prison. An indictment is merely a formal charge that a defendant has committed one or more violations of federal criminal law, and every defendant is presumed innocent unless, and until, proven guilty.
This case was investigated by the Bureau of Alcohol, Tobacco, Firearms and Explosives, the Internal Revenue Service – Criminal Investigation, the United States Secret Service, the North Florida HIDTA Tri-County Narcotics Task Force with the Florida Department of Law Enforcement, the St. Johns County Sheriff’s Office, and the Jacksonville Sheriff’s Office. It is being prosecuted by Assistant United States Attorney Elisibeth Adams.
This case is part of Project Safe Neighborhoods (PSN), a program bringing together all levels of law enforcement and the communities they serve to reduce violent crime and gun violence, and to make our neighborhoods safer for everyone. On May 26, 2021, the Department launched a violent crime reduction strategy strengthening PSN based on these core principles: fostering trust and legitimacy in our communities, supporting community-based organizations that help prevent violence from occurring in the first place, setting focused and strategic enforcement priorities, and measuring the results.
Source: New Zealand Police
Police have located a 36-year-old man who is alleged to have escaped Police custody at a rural Gisborne property yesterday.
The man was observed returning home shortly after 11pm and was arrested without incident, said Inspector Soni Malaulau, Tairāwhiti Police.
“He was cold but otherwise unharmed.”
Enquiries are continuing and Police are considering charges.
ENDS
Issued by the Police Media Centre
News In Brief – Source: US Computer Emergency Readiness Team
This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (85th GTsSS), military unit 26165—tracked in the cybersecurity community under several names (see “Cybersecurity Industry Tracking”). The actors’ cyber espionage-oriented campaign, targeting technology companies and logistics entities, uses a mix of previously disclosed tactics, techniques, and procedures (TTPs). The authoring agencies expect similar targeting and TTP use to continue.
Executives and network defenders at logistics entities and technology companies should recognize the elevated threat of unit 26165 targeting, increase monitoring and threat hunting for known TTPs and indicators of compromise (IOCs), and posture network defenses with a presumption of targeting.
This cyber espionage-oriented campaign targeting logistics entities and technology companies uses a mix of previously disclosed TTPs and is likely connected to these actors’ wide scale targeting of IP cameras in Ukraine and bordering NATO nations.
The following authors and co-sealers are releasing this CSA:
Download the PDF version of this report:
Russian GRU Targeting Western Logistics Entities and Technology Companies (PDF, 1,081KB)
For a downloadable list of IOCs, visit:
For over two years, the Russian GRU 85th GTsSS, military unit 26165—commonly known in the cybersecurity community as APT28, Fancy Bear, Forest Blizzard, BlueDelta, and a variety of other identifiers—has conducted this campaign using a mix of known tactics, techniques, and procedures (TTPs), including reconstituted password spraying capabilities, spearphishing, and modification of Microsoft Exchange mailbox permissions.
In late February 2022, multiple Russian state-sponsored cyber actors increased the variety of cyber operations for purposes of espionage, destruction, and influence—with unit 26165 predominately involved in espionage. [1] As Russian military forces failed to meet their military objectives and Western countries provided aid to support Ukraine’s territorial defense, unit 26165 expanded its targeting of logistics entities and technology companies involved in the delivery of aid. These actors have also targeted Internet-connected cameras at Ukrainian border crossings to monitor and track aid shipments.
Note: This advisory uses the MITRE ATT&CK® for Enterprise framework, version 17. See Appendix A: MITRE ATT&CK tactics and techniques for a table of the threat actors’ activity mapped to MITRE ATT&CK tactics and techniques. This advisory uses the MITRE D3FEND® framework, version 1.0.
The GRU unit 26165 cyber campaign against Western logistics providers and technology companies has targeted dozens of entities, including government organizations and private/commercial entities across virtually all transportation modes: air, sea, and rail. These actors have targeted entities associated with the following verticals within NATO member states, Ukraine, and at international organizations:
In the course of the targeting lifecycle, unit 26165 actors identified and conducted follow-on targeting of additional entities in the transportation sector that had business ties to the primary target, exploiting trust relationships to attempt to gain additional access [T1199].
The actors also conducted reconnaissance on at least one entity involved in the production of industrial control system (ICS) components for railway management, though a successful compromise was not confirmed [TA0043].
The countries with targeted entities include the following, as illustrated in Figure 1:
To gain initial access to targeted entities, unit 26165 actors used several techniques to gain initial access to targeted entities, including (but not limited to):
The actors abused vulnerabilities associated with a range of brands and models of small office/home office (SOHO) devices to facilitate covert cyber operations, as well as proxy malicious activity via devices with geolocation in proximity to the target [T1665]. [2]
Unit 26165 actors’ credential guessing [T1110.001] operations in this campaign exhibit some similar characteristics to those disclosed in the previous CSA “Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments.” [3] Based on victim network investigations, the current iteration of this TTP employs a similar blend of anonymization infrastructure, including the use of Tor and commercial VPNs [T1090.003]. The actors frequently rotated the IP addresses used to further hamper detection. All observed connections were made via encrypted TLS [T1573].
GRU unit 26165 actors’ spearphishing emails included links [T1566.002] leading to fake login pages impersonating a variety of government entities and Western cloud email providers’ webpages. These webpages were typically hosted on free third-party services or compromised SOHO devices and often used legitimate documents associated with thematically similar entities as lures. The subjects of spearphishing emails were diverse and ranged from professional topics to adult themes. Phishing emails were frequently sent via compromised accounts or free webmail accounts [T1586.002, T1586.003]. The emails were typically written in the target’s native language and sent to a single targeted recipient.
Some campaigns employed multi-stage redirectors [T1104] verifying IP-geolocation [T1627.001] and browser fingerprints [T1627] to protect credential harvesting infrastructure or provide multifactor authentication (MFA) [T1111] and CAPTCHA relaying capabilities [T1056]. Connecting endpoints failing the location checks were redirected to a benign URL [T1627], such as msn.com. Redirector services used include:
The actors also used spearphishing to deliver malware (including HEADLACE and MASEPIE) executables [T1204.002] delivered via third-party services and redirectors [T1566.002], scripts in a mix of languages [T1059] (including BAT [T1059.003] and VBScript [T1059.005]) and links to hosted shortcuts [T1204.001].
Throughout this campaign, GRU unit 26165 weaponized an Outlook NTLM vulnerability (CVE-2023-23397) to collect NTLM hashes and credentials via specially crafted Outlook calendar appointment invitations [T1187]. [4],[5] These actors also used a series of Roundcube CVEs (CVE-2020-12641, CVE-2020-35730, and CVE-2021-44026) to execute arbitrary shell commands [T1059], gain access to victim email accounts, and retrieve sensitive data from email servers [T1114].
Since at least fall 2023, the actors leveraged a WinRAR vulnerability (CVE-2023-38831) allowing for the execution of arbitrary code embedded in an archive as a means of initial access [T1659]. The actors sent emails with malicious attachments [T1566.001] or embedded hyperlinks [T1566.002] that downloaded a malicious archive prepared using this CVE.
After an initial compromise using one of the above techniques, unit 26165 actors conducted contact information reconnaissance to identify additional targets in key positions [T1589.002]. The actors also conducted reconnaissance of the cybersecurity department [T1591], individuals responsible for coordinating transport [T1591.004], and other companies cooperating with the victim entity [T1591.002].
The actors used native commands and open source tools, such as Impacket and PsExec, to move laterally within the environment [TA0008]. Multiple Impacket scripts were used as .exe files, in addition to the python versions, depending on the victim environment. The actors also moved laterally within the network using Remote Desktop Protocol (RDP) [T1021.001] to access additional hosts and attempt to dump Active Directory NTDS.dit domain databases [T1003.003] using native Active Directory Domain Services commands, such as in Figure 2: Example Active Directory Domain Services command:
C:Windowssystem32ntdsutil.exe "activate instance ntds" ifm "create full C:temp[a-z]{3}" quit quit
Figure 2: Example Active Directory Domain Services command
Additionally, GRU unit 26165 actors used the tools Certipy and ADExplorer.exe to exfiltrate information from the Active Directory. The actors installed python [T1059.006] on infected machines to enable the execution of Certipy. Accessed files were archived in .zip files prior to exfiltration [T1560]. The actors attempted to exfiltrate archived data via a previously dropped OpenSSH binary [T1048].
Incident response investigations revealed that the actors would take steps to locate and exfiltrate lists of Office 365 users and set up sustained email collection. The actors used manipulation of mailbox permissions [T1098.002] to establish sustained email collection at compromised logistics entities, as detailed in a Polish Cybercommand blog. [6]
After initial authentication, unit 26165 actors would change accounts’ folder permissions and enroll compromised accounts in MFA mechanisms to increase the trust-level of compromised accounts and enable sustained access [T1556.006]. The actors leveraged python scripts to retrieve plaintext passwords via Group Policy Preferences [T1552.006] using Get-GPPPassword.py and a modified ldap-dump.py to enumerate the Windows environment [T1087.002] and conduct a brute force password spray [T1110.003] via Lightweight Directory Access Protocol (LDAP). The actors would additionally delete event logs through the wevtutil utility [T1070.001].
After gaining initial access to the network, the actors pursued further access to accounts with access to sensitive information on shipments, such as train schedules and shipping manifests. These accounts contained information on aid shipments to Ukraine, including:
In at least one instance, the actors attempted to use voice phishing [T1566.004] to gain access to privileged accounts by impersonating IT staff.
Unit 26165’s use of malware in this campaign ranged from gaining initial access to establishing persistence and exfiltrating data. In some cases, the attack chain resulted in multiple pieces of malware being deployed in succession. The actors used dynamic link library (DLL) search order hijacking [T1574.001] to facilitate malware execution. There were a number of known malware variants tied to this campaign against logistics sector victims, including:
While other malware variants, such as OCEANMAP and STEELHOOK, [8] were not directly observed targeting logistics or IT entities, their deployment against victims in other sectors in Ukraine and other Western countries suggest that they could be deployed against logistics and IT entities should the need arise.
In addition to the abovementioned mailbox permissions abuse, unit 26165 actors also used scheduled tasks [T1053.005], run keys [T1547.001], and placed malicious shortcuts [T1547.009] in the startup folder to establish persistence.
GRU unit 26165 actors used a variety of methods for data exfiltration that varied based on the victim environment, including both malware and living off the land binaries. PowerShell commands [T1059.001] were often used to prepare data for exfiltration; for example, the actors prepared zip archives [T1560.001] for upload to their own infrastructure.
The actors also used server data exchange protocols and Application Programming Interfaces (APIs) such as Exchange Web Services (EWS) and Internet Message Access Protocol (IMAP) [T1114.002] to exfiltrate data from email servers. In multiple instances, the actors used periodic EWS queries [T1119] to collect new emails sent and received since the last data exfiltration [T1029]. The actors typically used infrastructure in close geographic proximity to the victim. Long gaps between exfiltration, the use of trusted and legitimate protocols, and the use of local infrastructure allowed for long-term collection of sensitive data to go undetected.
In addition to targeting logistics entities, unit 26165 actors likely used access to private cameras at key locations, such as near border crossings, military installations, and rail stations, to track the movement of materials into Ukraine. The actors also used legitimate municipal services, such as traffic cams.
The actors targeted Real Time Streaming Protocol (RTSP) servers hosting IP cameras primarily located in Ukraine as early as March 2022 in a large-scale campaign, which included attempts to enumerate devices [T1592] and gain access to the cameras’ feeds [T1125]. Actor-controlled servers sent RTSP DESCRIBE requests destined for RTSP servers, primarily hosting IP cameras [T1090.002]. The DESCRIBE requests were crafted to obtain access to IP cameras located on logically distinct networks from that of the routers that received the request. The requests included Base64-encoded credentials for the RTSP server, which included publicly documented default credentials and likely generic attempts to brute force access to the devices [T1110]. An example of an RTSP request is shown in Figure 3.
DESCRIBE rtsp://[IP ADDRESS] RTSP/1.0
CSeq: 1
Authorization: Basic
User-Agent: WebClient
Accept: application/sdp
DESCRIBE rtsp://[IP ADDRESS] RTSP/1.0
CSeq: 2
Authorization: Digest username="admin", realm="[a-f0-9]{12}", algorithm="MD5", nonce="[a-f0-9]{32}", uri="", response="[a-f0-9]{32}"
User-Agent: WebClient
Accept: application/sdp
Figure 3: Example RTSP request
Successful RTSP 200 OK responses contained a snapshot of the IP camera’s image and IP camera metadata such as video codec, resolution, and other properties depending on the IP camera’s configuration.
From a sample available to the authoring agencies of over 10,000 cameras targeted via this effort, the geographic distribution of victims showed a strong focus on cameras in Ukraine and border countries, as shown in Table 1:
| Country | Percentage of Total Attempts |
|---|---|
| Ukraine | 81.0% |
| Romania | 9.9% |
| Poland | 4.0% |
| Hungary | 2.8% |
| Slovakia | 1.7% |
| Others | 0.6% |
Architecture and Configuration
Many organizations may not need to allow outgoing traffic to hosting and API mocking services, which are frequently used by GRU unit 26165. Organizations should consider alerting on or blocking the following services, with exceptions allowlisted for legitimate activity [D3-DNSDL].
Heuristic detections for web requests to new subdomains, including of the above providers, may uncover malicious phishing activity [D3-DNRA]. Logging the requests for each sub-domain requested by users on a network, such as in DNS or firewall logs, may enable system administrators to identify new targeting and victims.
Identity and Access Management
Organizations should take measures to ensure strong access controls and mitigate against common credential theft techniques:
The following mitigation techniques for IP cameras can be used to defend against this type of malicious activity:
Note: Specific IoCs may no longer be actor controlled, may themselves be compromised infrastructure or email accounts, or may be shared infrastructure such as public VPN or Tor exit nodes. Care should be taken when basing triaging logs or developing detection rules on these indicators. GRU unit 26165 almost certainly uses extensive further infrastructure and TTPs not specifically listed in this report.
Legitimate utilities
Unauthorized or unusual use of the following legitimate utilities can be an indication of a potential compromise:
Note: Additional heuristics are needed for effective hunting for these and other living off the land (LOTL) binaries to avoid being overwhelmed by false positives if these legitimate management tools are used regularly. See the joint guide, Identifying and Mitigating Living Off the Land Techniques, for guidance on developing a multifaceted cybersecurity strategy that enables behavior analytics, anomaly detection, and proactive hunting, which are part of a comprehensive approach to mitigating cyber threats that employ LOTL techniques.
Malicious scripts
Suspicious command lines
While the following utilities are legitimate, and using them with the command lines shown may also be legitimate, these command lines are often used during malicious activities and could be an indication of a compromise:
Disclaimer: These IP addresses date June 2024 through August 2024. The authoring agencies recommend organizations investigate or vet these IP addresses prior to taking action, such as blocking.
| June 2024 | July 2024 | August 2024 | ||
|---|---|---|---|---|
| 192[.]162[.]174[.]94 | 207[.]244[.]71[.]84 | 31[.]135[.]199[.]145 | 79[.]184[.]25[.]198 | 91[.]149[.]253[.]204 |
| 103[.]97[.]203[.]29 | 162[.]210[.]194[.]2 | 31[.]42[.]4[.]138 | 79[.]185[.]5[.]142 | 91[.]149[.]254[.]75 |
| 209[.]14[.]71[.]127 | 46[.]112[.]70[.]252 | 83[.]10[.]46[.]174 | 91[.]149[.]255[.]122 | |
| 109[.]95[.]151[.]207 | 46[.]248[.]185[.]236 | 83[.]168[.]66[.]145 | 91[.]149[.]255[.]19 | |
| 64[.]176[.]67[.]117 | 83[.]168[.]78[.]27 | 91[.]149[.]255[.]195 | ||
| 64[.]176[.]69[.]196 | 83[.]168[.]78[.]31 | 91[.]221[.]88[.]76 | ||
| 64[.]176[.]70[.]18 | 83[.]168[.]78[.]55 | 93[.]105[.]185[.]139 | ||
| 64[.]176[.]70[.]238 | 83[.]23[.]130[.]49 | 95[.]215[.]76[.]209 | ||
| 64[.]176[.]71[.]201 | 83[.]29[.]138[.]115 | 138[.]199[.]59[.]43 | ||
| 70[.]34[.]242[.]220 | 89[.]64[.]70[.]69 | 147[.]135[.]209[.]245 | ||
| 70[.]34[.]243[.]226 | 90[.]156[.]4[.]204 | 178[.]235[.]191[.]182 | ||
| 70[.]34[.]244[.]100 | 91[.]149[.]202[.]215 | 178[.]37[.]97[.]243 | ||
| 70[.]34[.]245[.]215 | 91[.]149[.]203[.]73 | 185[.]234[.]235[.]69 | ||
| 70[.]34[.]252[.]168 | 91[.]149[.]219[.]158 | 192[.]162[.]174[.]67 | ||
| 70[.]34[.]252[.]186 | 91[.]149[.]219[.]23 | 194[.]187[.]180[.]20 | ||
| 70[.]34[.]252[.]222 | 91[.]149[.]223[.]130 | 212[.]127[.]78[.]170 | ||
| 70[.]34[.]253[.]13 | 91[.]149[.]253[.]118 | 213[.]134[.]184[.]167 | ||
| 70[.]34[.]253[.]247 | 91[.]149[.]253[.]198 | |||
| 70[.]34[.]254[.]245 | 91[.]149[.]253[.]20 | |||
rule APT28_NTLM_LISTENER {
meta:
description = "Detects NTLM listeners including APT28's custom one"
strings:
$command_1 = "start-process powershell.exe -WindowStyle hidden"
$command_2 = "New-Object System.Net.HttpListener"
$command_3 = "Prefixes.Add('http://localhost:8080/')"
$command_4 = "-match 'Authorization'"
$command_5 = "GetValues('Authorization')"
$command_6 = "Request.RemoteEndPoint.Address.IPAddressToString"
$command_7 = "@(0x4e,0x54,0x4c,0x4d, 0x53,0x53,0x50,0x00,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x28,0x00,0x00,0x01,0x82,0x00,0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00)"
$command_8 = ".AllKeys"
$variable_1 = "$NTLMAuthentication" nocase
$variable_2 = "$NTLMType2" nocase
$variable_3 = "$listener" nocase
$variable_4 = "$hostip" nocase
$variable_5 = "$request" nocase
$variable_6 = "$ntlmt2" nocase
$variable_7 = "$NTLMType2Response" nocase
$variable_8 = "$buffer" nocase
condition:
5 of ($command_*)
or
all of ($variable_*)
}
rule APT28_HEADLACE_SHORTCUT {
meta:
description = "Detects the HEADLACE backdoor shortcut dropper. Rule is meant for threat hunting."
strings:
$type = "[InternetShortcut]" ascii nocase
$url = "file://"
$edge = "msedge.exe"
$icon = "IconFile"
condition:
all of them
}
rule APT28_HEADLACE_CREDENTIALDIALOG {
meta:
description = "Detects scripts used by APT28 to lure user into entering credentials"
strings:
$command_1 = "while($true)"
$command_2 = "Get-Credential $(whoami)"
$command_3 = "Add-Content"
$command_4 = ".UserName"
$command_5 = ".GetNetworkCredential().Password"
$command_6 = "GetNetworkCredential().Password.Length -ne 0"
condition:
5 of them
}
rule APT28_HEADLACE_CORE {
meta:
description = "Detects HEADLACE core batch scripts"
strings:
$chcp = "chcp 65001" ascii
$headless = "start "" msedge --headless=new --disable-gpu" ascii
$command_1 = "taskkill /im msedge.exe /f" ascii
$command_2 = "whoami>"%programdata%" ascii
$command_3 = "timeout" ascii
$command_4 = "copy "%programdata%" ascii
$non_generic_del_1 = "del /q /f "%programdata%" ascii
$non_generic_del_3 = "del /q /f "%userprofile%Downloads" ascii
$generic_del = "del /q /f" ascii
condition:
(
$chcp
and
$headless
)
and
(
1 of ($non_generic_del_*)
or
($generic_del)
or
3 of ($command_*)
)
}
rule APT28_MASEPIE {
meta:
description = "Detects MASEPIE python script"
strings:
$masepie_unique_1 = "os.popen('whoami').read()"
$masepie_unique_2 = "elif message == 'check'"
$masepie_unique_3 = "elif message == 'send_file':"
$masepie_unique_4 = "elif message == 'get_file'"
$masepie_unique_5 = "enc_mes('ok'"
$masepie_unique_6 = "Bad command!'.encode('ascii'"
$masepie_unique_7 = "{user}{SEPARATOR}{k}"
$masepie_unique_8 = "raise Exception("Reconnect"
condition:
3 of ($masepie_unique_*)
}
rule APT28_STEELHOOK {
meta:
description = "Detects APT28's STEELHOOK powershell script"
strings:
$s_1 = "$($env:LOCALAPPDATAGoogleChromeUser DataLocal State)"
$s_2 = "$($env:LOCALAPPDATAGoogleChromeUser DataDefaultLogin Data)"
$s_3 = "$($env:LOCALAPPDATAMicrosoftEdgeUser DataLocal State)"
$s_4 = "$($env:LOCALAPPDATAMicrosoftEdgeUser DataDefaultLogin Data)"
$s_5 = "os_crypt.encrypted_key"
$s_6 = "System.Security.Cryptography.DataProtectionScope"
$s_7 = "[system.security.cryptography.protectdata]::Unprotect"
$s_8 = "Invoke-RestMethod"
condition:
all of them
}
rule GENERIC_PSEXEC {
meta:
description = "Detects SysInternals PSEXEC executable"
strings:
$sysinternals_1 = "SYSINTERNALS SOFTWARE LICENCE TERMS"
$sysinternals_2 = "/accepteula"
$sysinternals_3 = "SoftwareSysinternals"
$network_1 = "%sIPC$"
$network_2 = "%sADMIN$%s"
$network_3 = "DeviceLanmanRedirector%sipc$"
$psexec_1 = "PSEXESVC"
$psexec_2 = "PSEXEC-{}-"
$psexec_3 = "Copying %s to %s..."
$psexec_4 = "gPSINFSVC"
condition:
(
( uint16( 0x0 ) ==0x5a4d )
and
( uint16( uint32( 0x3c )) == 0x4550 )
)
and
filesize < 1024KB
and
(
( any of ($sysinternals_*) and any of ($psexec_*) )
or
( 2 of ($network_*) and 2 of ($psexec_*))
)
}
The cybersecurity industry provides overlapping cyber threat intelligence, IOCs, and mitigation recommendations related to GRU unit 26165 cyber actors. While not all encompassing, the following are the most notable threat group names related under MITRE ATT&CK G0007 and commonly used within the cybersecurity community:
Note: Cybersecurity companies have different methods of tracking and attributing cyber actors, and this may not be a 1:1 correlation to the U.S. government’s understanding for all activity related to these groupings.
To search for the presence of malicious email messages targeting CVE-2023-23397, network defenders may consider using the script published by Microsoft: https://aka.ms/CVE-2023-23397ScriptDoc.
For the Impacket TTP, network defenders may consider using the following publicly available Impacket YARA detection rule:
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_impacket_tools.yar
[1] Microsoft. Defending Ukraine: Early Lessons from the Cyber War. 2022. https://blogs.microsoft.com/on-the-issues/2022/06/22/defending-ukraine-early-lessons-from-the-cyber-war/
[2] FBI et al. Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations. 2024. https://media.defense.gov/2024/Feb/27/2003400753/-1/-1/0/CSA-Russian-Actors-Use-Routers-Facilitate-Cyber_Operations.PDF
[3] NSA et al. Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments. 2021. https://media.defense.gov/2021/Jul/01/2002753896/-1/-1/0/CSA_GRU_GLOBAL_BRUTE_FORCE_CAMPAIGN_UOO158036-21.PDF
[4] ANSSI. Campagnes d'attaques du mode opératoire APT28 depuis 2021. 2023. https://cert.ssi.gouv.fr/cti/CERTFR-2023-CTI-009/
[5] ANSSI. Targeting and compromise of french entities using the APT28 intrusion set. 2025. https://cert.ssi.gouv.fr/cti/CERTFR-2025-CTI-007/
[6] Polish Cyber Command. Detecting Malicious Activity Against Microsoft Exchange Servers. 2023. https://www.wojsko-polskie.pl/woc/articles/aktualnosci-w/detecting-malicious-activity-against-microsoft-exchange-servers/
[7] IBM. Israel-Hamas Conflict Lures to Deliver Headlace Malware. 2023. https://securityintelligence.com/x-force/itg05-ops-leverage-israel-hamas-conflict-lures-to-deliver-headlace-malware/
[8] CERT-UA. APT28: From Initial Attack to Creating Domain Controller Threats in an Hour. 2023. https://cert.gov.ua/article/6276894
[9] NSA. Embracing a Zero Trust Security Model. 2021. https://media.defense.gov/2021/Feb/25/2002588479/-1/-1/0/CSI_EMBRACING_ZT_SECURITY_MODEL_UOO115131-21.PDF
[10] NSA et al. Keeping PowerShell: Security Measures to Use and Embrace. 2022. https://media.defense.gov/2022/Jun/22/2003021689/-1/-1/0/CSI_KEEPING_POWERSHELL_SECURITY_MEASURES_TO_USE_AND_EMBRACE_20220622.PDF
[11] National Institute of Standards and Technology (NIST). Special Publication 800-63B: Digital Identity Guidelines – Authentication and Lifecycle Management. 2020. https://pages.nist.gov/800-63-3/sp800-63b.html
[12] NSA. Selecting Secure Multi-factor Authentication Solutions. October 16, 2020. https://media.defense.gov/2024/Jul/31/2003515137/-1/-1/0/MULTIFACTOR_AUTHENTICATION_SOLUTIONS_UOO17091520.PDF
[13] NSA and CSA. NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations. 2023. https://media.defense.gov/2023/Oct/05/2003314578/-1/-1/0/JOINT_CSA_TOP_TEN_MISCONFIGURATIONS_TLP-CLEAR.PDF
[14] Department of Justice. Justice Department Conducts Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate of the General Staff (GRU). 2024. https://www.justice.gov/archives/opa/pr/justice-department-conducts-court-authorized-disruption-botnet-controlled-russian
[15] Recorded Future. GRU’s BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns. 2024. https://go.recordedfuture.com/hubfs/reports/CTA-RU-2024-0530.pdf
The information and opinions contained in this document are provided "as is" and without any warranties or guarantees. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favoring by the United States Government, and this guidance shall not be used for advertising or product endorsement purposes.
This document was developed in furtherance of the authoring agencies’ cybersecurity missions, including their responsibilities to identify and disseminate threats and to develop and issue cybersecurity specifications and mitigations. This information may be shared broadly to reach all appropriate stakeholders.
United States organizations
United Kingdom organizations
Germany organizations
Czech Republic organizations
Poland organizations
Australian organizations
Canadian organizations
Estonia organizations
French organizations
See Table 2 through Table 14 for all the threat actor tactics and techniques referenced in this advisory.
| Tactic/Technique Title | ID | Use |
|---|---|---|
| Reconnaissance | TA0043 | Conducted reconnaissance on at least one entity involved in the production of ICS components for railway management. |
| Gather Victim Identity Information: Email Addresses | T1589.002 | Conducted contact information reconnaissance to identify additional targets in key positions. |
| Gather Victim Org Information | T1591 | Conducted reconnaissance of the cybersecurity department. |
| Gather Victim Org Information: Identify Roles | T1591.004 | Conducted reconnaissance of individuals responsible for coordinating transport. |
| Gather Victim Org Information: Business Relationships | T1591.002 | Conducted reconnaissance of other companies cooperating with the victim entity. |
| Gather Victim Host Information | T1592 | Attempted to enumerate Real Time Streaming Protocol (RTSP) servers hosting IP cameras. |
| Tactic/Technique Title | ID | Use |
|---|---|---|
| Compromise Accounts: Email Accounts | T1586.002 | Sent phishing emails using compromised accounts. |
| Compromise Accounts: Cloud Accounts | T1586.003 | Sent phishing emails using compromised accounts. |
| Tactic/Technique Title | ID | Use |
|---|---|---|
| Trusted Relationship | T1199 | Conducted follow-on targeting of additional entities in the transportation sector that had business ties to the primary target, exploiting trust relationships to attempt to gain additional access. |
| Phishing | T1566 | Used spearphishing for credentials and delivering malware to gain initial access to targeted entities. |
| Phishing: Spearphishing Attachment | T1566.001 | Sent emails with malicious attachments. |
| Phishing: Spearphishing Link | T1566.002 | Used spearphishing with included links to fake login pages. Sent emails with embedded hyperlinks that downloaded a malicious archive. |
| Phishing: Spearphishing Voice | T1566.004 | Attempted to use voice phishing to gain access to privileged accounts by impersonating IT staff. |
| External Remote Services | T1133 | Exploited Internet-facing infrastructure, including corporate VPNs, to gain initial access to targeted entities. |
| Exploit Public-Facing Application | T1190 | Exploited public vulnerabilities and SQL injection to gain initial access to targeted entities. |
| Content Injection | T1659 | Leveraged a WinRAR vulnerability allowing for the execution of arbitrary code embedded in an archive. |
| Tactic/Technique Title | ID | Use |
|---|---|---|
| User Execution: Malicious Link | T1204.001 | Used malicious links to hosted shortcuts in spearphishing. |
| User Execution: Malicious File | T1204.002 | Delivered malware executables via spearphishing. |
| Scheduled Task/Job: Scheduled Task | T1053.005 | Used scheduled tasks to establish persistence. |
| Command and Scripting Interpreter | T1059 | Delivered scripts in spearphishing. Executed arbitrary shell commands. |
| Command and Scripting Interpreter: PowerShell | T1059.001 | PowerShell commands were often used to prepare data for exfiltration. |
| Command and Scripting Interpreter: Windows Command Shell | T1059.003 | Used BAT script in spearphishing. |
| Command and Scripting Interpreter: Visual Basic | T1059.005 | Used VBScript in spearphishing. |
| Command and Scripting Interpreter: Python | T1059.006 | Installed python on infected machines to enable the execution of Certipy. |
| Tactic/Technique Title | ID | Use |
|---|---|---|
| Account Manipulation: Additional Email Delegate Permissions |
T1098.002 |
Used manipulation of mailbox permissions to establish sustained email collection. |
| Modify Authentication Process: Multi-Factor Authentication |
T1556.006 |
Enrolled compromised accounts in MFA mechanisms to increase the trust-level of compromised accounts and enable sustained access. |
| Hijack Execution Flow: DLL Search Order Hijacking |
T1574.001 | Used DLL search order hijacking to facilitate malware execution. |
| Boot or Logon Autostart Execution: Registry Run Keys / Startup Folder |
T1547.001 |
Used run keys to establish persistence. |
| Boot or Logon Autostart Execution: Shortcut Modification |
T1547.009 |
Placed malicious shortcuts in the startup folder to establish persistence. |
| Tactic/Technique Title | ID | Use |
|---|---|---|
| Indicator Removal: Clear Windows Event Logs |
T1070.001 | Deleted event logs through the wevtutil utility. |
| Tactic/Technique Title | ID | Use |
|---|---|---|
|
Brute Force |
Sent requests with Base64-encoded credentials for the RTSP server, which included publicly documented default credentials, and likely were generic attempts to brute force access to the devices. |
|
|
Brute Force: Password Guessing |
T1110.001 |
Used credential guessing to gain initial access to targeted entities. |
|
Brute Force: Password Spraying |
T1110.003 |
Used brute force to gain initial access to targeted entities. Conducted a brute force password spray via LDAP. |
|
Multi-Factor Authentication Interception |
Used multi-stage redirectors to provide MFA relaying capabilities in some campaigns. |
|
|
Input Capture |
Used multi-stage redirectors to provide CAPTCHA relaying capabilities in some campaigns. |
|
|
Forced Authentication |
Used an Outlook NTLM vulnerability to collect NTLM hashes and credentials via specially crafted Outlook calendar appointment invitations. |
|
|
OS Credential Dumping: NTDS |
T1003.003 |
Attempted to dump Active Directory NTDS.dit domain databases. |
|
Unsecured Credentials: Group Policy Preferences |
T1552.006 |
Retrieved plaintext passwords via Group Policy Preferences using Get-GPPPassword.py. |
| Tactic/Technique Title | ID | Use |
|---|---|---|
|
Account Discovery: Domain Account |
T1087.002 |
Used a modified ldap-dump.py to enumerate the Windows environment. |
| Tactic/Technique Title | ID | Use |
|---|---|---|
|
Hide Infrastructure |
T1665 |
Abused SOHO devices to facilitate covert cyber operations, as well as proxy malicious activity, via devices with geolocation in proximity to the target. |
|
Proxy: External Proxy |
T1090.002 |
Actor-controlled servers sent RTSP DESCRIBE requests destined for RTSP servers. |
|
Proxy: Multi-hop Proxy |
T1090.003 |
Used Tor and commercial VPNs as part of their anonymization infrastructure |
|
Encrypted Channel |
T1573 |
Connected to victim infrastructure using encrypted TLS. |
|
Multi-Stage Channels |
T1104 |
Used multi-stage redirectors for campaigns. |
| Tactic/Technique Title | ID | Use |
|---|---|---|
|
Execution Guardrails |
Used multi-stage redirectors to verify browser fingerprints in some campaigns. |
|
|
Execution Guardrails: Geofencing |
T1627.001 |
Used multi-stage redirectors to verify IP-geolocation in some campaigns. |
| Tactic/Technique Title | ID | Use |
|---|---|---|
|
Lateral Movement |
Used native commands and open source tools, such as Impacket and PsExec, to move laterally within the environment. |
|
|
Remote Services: Remote Desktop Protocol |
T1021.001 |
Moved laterally within the network using RDP. |
| Tactic/Technique Title | ID | Use |
|---|---|---|
|
Email Collection |
Retrieved sensitive data from email servers. |
|
|
Email Collection: Remote Email Collection |
T1114.002 |
Used server data exchange protocols and APIs such as Exchange Web Services (EWS) and IMAP to exfiltrate data from email servers. |
|
Automated Collection |
Used periodic EWS queries to collect new emails. |
|
|
Video Capture |
Attempted to gain access to the cameras’ feeds. |
|
|
Archive Collected Data |
Accessed files were archived in .zip files prior to exfiltration. |
|
|
Archive Collected Data: Archive via Utility |
T1560.001 |
Prepared zip archives for upload to the actors’ infrastructure. |
| Tactic/Technique Title | ID | Use |
|---|---|---|
|
Exfiltration Over Alternative Protocol |
Attempted to exfiltrate archived data via a previously dropped OpenSSH binary. |
|
|
Scheduled Transfer |
Used periodic EWS queries to collect new emails sent and received since the last data exfiltration. |
| CVE | Vendor/Product | Details |
|---|---|---|
|
CVE-2023-38831 |
RARLAB WinRAR |
Allows execution of arbitrary code when a user attempts to view a benign file within a ZIP archive. |
|
CVE-2023-23397 |
Microsoft Outlook |
External actors could send specially crafted emails that cause a connection from the victim to an untrusted location of the actor’s control, leaking the Net-NTLMv2 hash of the victim that the actor could then relay to another service to authenticate as the victim. |
|
CVE-2021-44026 |
Roundcube Webmail |
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search params. |
|
CVE-2020-35730 |
Roundcube Webmail |
An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16 and 1.4.x before 1.4.10, where a plaintext email message with JavaScript in a link reference element is mishandled by linkref_addindex in rcube_string_replacer.php. |
|
CVE-2020-12641 |
Roundcube Webmail |
Roundcube Webmail before 1.4.4 allows arbitrary code execution via shell metacharacters in a configuration setting for im_convert_path or im_identify_path in rcube_image.php. |
| Countermeasure Title | ID | Details |
|---|---|---|
|
Network Isolation |
Employ appropriate network segmentation. Disable Universal Plug and Play (UPnP), Peer-to-Peer (P2P), and Anonymous Visit features on IP cameras and routers. |
|
|
Access Mediation |
Limit access and utilize additional attributes (such as device information, environment, and access path) when making access decisions. Configure access controls carefully to ensure that only well-maintained and well-authenticated accounts have access. |
|
|
Inbound Traffic Filtering |
Implement host firewall rules to block connections from other devices on the network, other than from authorized management devices and servers, to prevent lateral movement. |
|
|
Resource Access Pattern Analysis |
Use automated tools to audit access logs for security concerns and identify anomalous access requests. |
|
|
Outbound Traffic Filtering |
Block NTLM/SMB requests to external infrastructure. |
|
|
Platform Monitoring |
Install EDR/logging/cybersecurity solutions onto high value systems with large amounts of sensitive data such as mail servers and domain controllers. |
|
|
System File Analysis |
Collect and monitor Windows logs for certain events, especially for events that indicate that a log was cleared unexpectedly. |
|
|
Application Hardening |
Enable optional security features in Windows to harden endpoints and mitigate initial access techniques. |
|
|
Application-based Process Isolation |
Enable attack surface reduction rules to prevent executable content from email. |
|
|
Executable Allowlisting |
Enable attack surface reduction rules to prevent execution of files from globally writeable directories, such as Downloads or %APPDATA%. |
|
|
Execution Isolation |
Unless users are involved in the development of scripts, limit the execution of scripts (such as batch, JavaScript, and PowerShell) to known scripts. |
|
|
Application Configuration Hardening |
Disable Windows Host Scripting functionality and configure PowerShell to run in Constrained mode. Disable protocols that use weak authentication (e.g., clear-text passwords, or outdated and vulnerable authentication or encryption protocols) or do not support multi-factor authentication. Turn off other ports/services not in use (e.g., FTP, web interface, etc.). |
|
|
Process Spawn Analysis |
Use open source SIGMA rules as a baseline for detecting and alerting on suspicious file execution or command parameters. |
|
|
URL Reputation Analysis |
Use services that provide enhanced browsing services and safe link checking. |
|
|
Network Access Mediation |
Do not allow incoming traffic, especially logins to systems, from public VPN services. Where possible, logins from public VPNs, including exit nodes in the same country as target systems, should be blocked or, if allowed, alerted on for further investigation. Ensure cameras and other Internet of Things devices are protected by a security appliance, if possible. |
|
|
DNS Denylisting |
D3-DNSDL |
Do not allow outgoing traffic to hosting and API mocking services frequently used by malicious actors. |
|
Domain Name Reputation Analysis |
Heuristic detections for web requests to new subdomains may uncover malicious phishing activity. Logging the requests for each sub-domain requested by users on a network, such as in DNS or firewall logs, may enable system administrators to identify new targeting and victims. |
|
|
Multi-factor Authentication |
Use MFA with strong factors and require regular re-authentication, especially for management accounts. |
|
|
Job Function Access Pattern Analysis |
D3-JFAPA |
Implement other mitigations for privileged accounts: including limiting the number of admin accounts, considering using hardware MFA tokens, and regularly reviewing all privileged user accounts. |
|
User Account Permissions |
Separate privileged accounts by role and alert on misuse of privileged accounts. Audit user accounts on all devices to ensure they are an accurate reflection of your organization and that they are being used as expected. |
|
|
Token-based Authentication |
Reduce reliance on passwords; instead, consider using services like single sign-on. |
|
|
Credential Hardening |
Do not store passwords in Group Policy Preferences (GPP). Remove all passwords previously included in GPP and change all passwords on the corresponding accounts. |
|
|
Authentication Event Threshholding |
Use account throttling or account lockout. Throttling progressively increases time delay between successive login attempts. If using account lockout, allow between 5 to 10 attempts before lockout. |
|
|
Strong Password Policy |
Use a service to check for compromised passwords before using them. |
|
|
Credential Rotation |
Change all default credentials. |
|
|
Encrypted Tunnels |
Disable protocols that use weak authentication (e.g., clear-text passwords, or outdated and vulnerable authentication or encryption protocols). Use a VPN for remote connections to devices. |
|
|
Software Update |
Apply security patches and firmware updates to all devices. Ensure devices are currently supported. Replace devices that are end-of-life. |
|
|
Agent Authentication |
Ensure authentication is enabled for remote access to devices. If supported on IP cameras, enable authenticated RTSP access only. |
|
|
User Behavior Analysis |
Review all authentication activity for remote access to make sure it is valid and expected. Investigate any unexpected or unusual activity. |
Source: US Department of Homeland Security
WASHINGTON – The Department of Homeland Security today announced that Immigration and Customs Enforcement (ICE) lodged a detainer for a 24-year-old illegal alien from Venezuela who posed as a teenager to attend an Ohio high school.
On May 19, the Perrysburg Ohio Police Department arrested and charged Anthony Emmanuel Labrador-Sierra with forgery. On May 20, ICE issued a detainer.
Mug shot from Wood County Jail.
“Anthony Emmanuel Labrador-Sierra is a 24-year-old illegal alien from Venezuela who has been posing as teenager and attending Perrysburg High School in Ohio,” said Assistant Secretary Tricia McLaughlin. “Labrador was arrested and charged with forgery by the Perrysburg Ohio Police Department on May 19 for using fake documents to become enrolled in the high school. ICE lodged a detainer to ensure that this criminal illegal alien is removed from this community and no longer able to prey on the students of Perrysburg High School. It is disturbing that a grown man would impersonate a teenager and infiltrate the lives of underage girls and boys to fool them into doing God knows what.”
Labrador has illegally been in the U.S. since March 24, 2020.
###
Source: European Parliament
The Council has not discussed the possible inclusion of Mexican cartels on the list of persons, groups and entities covered by the measures in Article 2 and 3 of Common Position 2001/931/CFSP (‘CP 931’) .
The Council can, at any time, adopt a decision to add additional persons, groups, or entities to the above-mentioned list, or to remove persons, groups or entities from that list. The listing of a person, group or entity under CP 931 must satisfy the conditions laid down in Article 1(2) to 1(4) of that Common Position, which, inter alia, provides a definition of ‘terrorist act’ and ‘persons, groups and entities involved in terrorist acts’ for this purpose.
As regards the question on coordination with the United States on drug-related matters, EU-US cooperation on combatting transnational organised crime and drug trafficking is a central focus of the longstanding EU-US Dialogue on Justice and Home Affairs held at ministerial and senior official level twice a year. The EU and the United States also regularly hold an EU-US Dialogue on Drugs in order to exchange information, strengthen bilateral cooperation and enhance coordination of actions undertaken globally to address drug-related issues. The discussions in these meetings focus on reducing d rug supply by enhancing security, reducing drug demand through prevention, treatment and care services, and addressing drug-related harm, in line with the EU Drugs Strategy 2021-2025.
Source: European Parliament
The LIBE Committee is pleased to announce two upcoming public hearings addressing critical threats to the European Union’s internal security, taking place on 4th of June.
The first hearing, “Organised Crime and its Impact on Internal Security“, will explore the growing complexity and cross-border nature of criminal networks, aiming to strengthen cooperation, legislative frameworks, and the protection of citizens’ rights. The second hearing will focus on online radicalisation, particularly the recruitment of children into organised crime and terrorism.
Source: European Parliament
On 4 June, the Committee on Civil Liberties, Justice and Home Affairs (LIBE) is organising a Public Hearing on “Organised Crime and its impact on Internal Security”. The hearing will aim to discuss the escalating complexity and transnational nature of criminal activities which are undermining the European Union’s security and the fundamental rights of its citizens.
The hearing will be divided into two panels and will include Commissioner for Internal Affairs and Migration, Magnus Brunner, Europol Executive Director, Ms Catherine De Bolle and State Secretary to Minister for Justice of Sweden, Ms Charlotte Kugelberg. The Italian national anti-mafia prosecutor and a Professor of criminology, with expertise in the area of organised crime, are also invited to attend the Hearing.
Source: European Parliament
Question for written answer E-001879/2025
to the Commission
Rule 144
Maria Zacharia (NI)
The recent seismic sequence in Santorini coincides with the sad 18-year anniversary of inactivity on the wreck of the ‘Sea Diamond’, which is hanging on a steep slope of the seabed at a depth of 120 metres and at risk of sliding and reaching a depth of 280 metres, with dramatic consequences for the island’s exceptionally beautiful natural environment.
The Commission has been aware of the situation since 2007(!) with colleagues’ oral and written questions nos E-2185/07,[1] E-2274/07,[2] H-0509/07,[3] E-5789/07,[4] E-1944/08,[5] H-0748/08,[6] E-5439/08,[7] E-6685/08,[8] E-4818/09,[9] H-0037/10,[10] E-002071/2011,[11] E-005420/2011,[12] E-003198/2012[13] and E-003650/2012.[14] It is also aware of the case law of the Court of Justice, according to which fuel on board a tanker becomes waste from the moment it leaks into the sea and, therefore, there is a breach of Directive 2006/12/EC on waste and in particular of Article 4 of the Directive, according to which Member States must take the necessary measures to prohibit the abandonment, dumping and uncontrolled disposal of waste.
The Commission, however, disputes the spillage of oil or other toxic waste into the sea, ignoring a study by the Department of Environmental Engineering of the Technical University of Crete from 2011, which has been communicated to it, as have the judicial expert opinions from 2019 and 2020.
Could the Commission justify its services’ decision not to take current scientific data into account?
Submitted: 12.5.2025
Source: Amnesty International –
116 leading UK and Irish creatives have urged Keir Starmer to act over Israel’s escalating atrocities in Gaza, criticising UK arms exports, settlement trade, and lack of ICC support – open letter
Riz Ahmed, Dame Harriet Walker, Maxine Peake, Nish Kumar, Paloma Faith and others condemn UK government inaction on Gaza
The Prime Minister must ‘stand up for justice and human rights’ and ‘words are no longer enough; we need to see action’ – Creatives
Artists gather outside Downing Street to hold placards urging the PM to act to stop the genocide and human rights abuses in Gaza
Over 100 leading voices from across the UK and Ireland’s film, television, and creative industries including Riz Ahmed, Dame Harriet Walker, Maxine Peake, Nish Kumar, Paloma Faith, Juliet Stevenson and many more have united to call on Prime Minister Keir Starmer to take urgent action in response to Israel’s escalating atrocities in Gaza and the wider Occupied Palestinian Territory (OPT).
In a public letter, the group condemn “all attacks on civilians” but emphasise that as well as Israel’s decades-long military occupation, expansion of illegal settlements, and system of apartheid, Israel is committing genocide against Palestinians in Gaza, as described by Amnesty International in its report “You feel Like You Are Subhuman”.
“We are deeply troubled by your lack of meaningful action to help deter Israel’s horrifying and calculated violations of Palestinian rights,” the letter states to the Prime Minister.
Since October 2023, more than 20,000 children have reportedly been killed in Gaza. The group point to the use of 2,000lb bombs dropped from F-35 fighter jets – supplied with UK-made components – as part of a devastating campaign that includes siege tactics blocking access to food, water, electricity, and medicine for over two million civilians.
“You know what is happening,” they write to the Prime Minister, and state “your Government is failing to fulfil its obligation to prevent the ongoing genocide in Gaza.”
The letter also highlights a stark double standard in UK policy: banning imports from Russian-occupied Crimea, while allowing trade with Israeli settlements in the illegally Occupied Palestinian Territory. The International Court of Justice has made clear that countries must not support illegal occupations – including through trade.
In addition to arms and trade, the group call on the UK government to fully support the International Criminal Court’s investigation into alleged war crimes and crimes against humanity in the region.
Their demands include:
The group implores the Prime Minister “to stand up for justice and human rights” and that “words are no longer enough; we need to see action”.
Artists gather outside Downing Street to deliver the letter and hold placards urging the PM to act to stop Israel’s genocide and human rights abuses in Gaza.
The artists held placards bearing messages from residents of Gaza that capture the urgency and human toll of the crisis:
These statements are a stark reminder of the daily reality for civilians under Israel’s illegal blockade.
About the Signatories
This statement by Amnesty International has been endorsed by a coalition of UK-based professionals across the creative industries – filmmakers, actors, writers, artists and cultural leaders – who believe in the power of art, law, and collective voice in the face of injustice.
Ahmed Masoud; Aisling Bea; Aiysha Hart; Alan Moore; Alexander McKinnon; Alexei Sayle; Alice Roberts; Alisdair Beckett; King Amrita Acharia; Andrea Arnold Anjli; Mohindra Anneika; Rose Annie Mac; Sir Anish Kapoor CBE; Anoushka Shankar; Dr Ariel Caine; Bernadette O’Brien; Bertie Carvel; President of the Bianca Jagger Human Rights Foundation; Brian Eno; Briony Hannah; Brona C Titley; Charlotte Church; Chipo Chung; David Morrissey; Deborah Frances-White; Declan McKenna; Denise Gough; Emma D’Arcy; Esther Freud; Esther Manito; Fionn O’Loinsigh; Francesca Martinez; Frankie Boyle; Frederico Gaggio; Grace Petrie; Dame Harriet Walter; Himesh Patel; Ian Rickson; Imran Yusuf; Indeyarna Donaldson-Holness; Inua Ellams MBE; Ivor Graeme; Jackie Clune; James Acaster; Jan Pearson; Janie Dee; Jason Fleming; Jay Griffiths; Jen Brister; Jessica Fostekew; Jim Loach; John Higgs; Josie Long; Jolyon Rubinstein; Juliet Stevenson CBE; Kathy Lette; Kerry Godliman; Khalid Abdalla; Ken Loach; Lise Meyer; Lolly Adefope; Louisa Young; Love Ssegga; Mae Martin; Mahtab Hussain; Manjinder Virk; Mariam Haque; Marnie Dickens; Max Porter; Maxine Peake; Dr Michael Hrebeniak; Misan Harriman; Mystery Jets; Nadia Sawalha; Nicola Thorp; Nikesh Patel; Nikesh Shukla; Nikita Gill; Nimmi Harasgama; Nish Kumar; Paapa Essiedu; Paloma Faith; Paul Laverty; Penny Woolcock; Peter Wyer; Rebecca O’Brien; Rida Hamidou; Riz Ahmed; Robin Ince; Robin Morrissey; Roger Hartley; Roisin O’Loughlin; Ruth Lass; Salena Godden; Sam Spruell; Sara Masry; Sarah Agha; Sasha Behar; Selma Dabbagh; Shazia Mirza; Simon Rix; Sonali Bhattacharyya; Stewart Lee; Steve Coogan; Susan Lynch; Suzi Ruffell; Thomas Browne; Thomas Combes; Thusitha Jayasundera; Tobias Menzies; Dame Tracey Emin; Tracey Seaward; Vijay Mistry; Vivian Munn; Young Fathers (all members); Zainab Hassan
Source: United States of America – Federal Government Departments (video statements)
In this episode, Deputy Secretary of Veterans Affairs, the Honorable Paul R. Lawrence, Ph.D., is exploring a question that matters to Veterans and their families: Who’s eligible to be buried in a VA national cemetery and how can you find out in advance?
Apply today to see if you’re eligible for burial in a VA cemetery: https://www.va.gov/burials-memorials/pre-need-eligibility/
Source: United Nations – Geneva
The Committee on the Rights of the Child today concluded its review of the combined sixth and seventh periodic reports of Romania, with Committee Experts commending the State on the deinstitutionalisation process of alternative care centres, while raising questions on the prevalence of corporal punishment and measures taken to combat segregation in education.
A Committee Expert said she was happy to hear about the programme for the deinstitutionalisation of alternative care centres; this was something Romania should be proud of, as well as all the foster arrangements being made, especially for children with disabilities.
Juliana Scerri Ferrante, Committee Expert and Country Taskforce Member, said there seemed to be a lack of parental education programmes around corporal punishment. How could the views of the child be respected if violence was accepted as a disciplinary measure? Could the Romanian Government take clear steps to train staff and promote child education? Philip Jaffe, Committee Vice-Chair and Country Taskforce Member, also noted that corporal punishment appeared to remain quite widespread despite being banned in 2004. What efforts were being made to lower the prevalence and change attitudes among parents and adults?
Mr. Jaffe asked what was being done to combat school segregation based on disability, special education needs, and family economic status? What improvements were being made to increase the improvement of vocational training for older children who may be leaving the school system? Were there any programmes which specifically targeted economically disadvantaged children?
The delegation said Romanian legislation completely prohibited violence against children, regardless of the environment. However, despite the legislation, which was fully aligned with United Nations Conventions, the State needed to fight against mentalities and traditions and to practically change the minds of parents and caregivers, who believed corporal punishment would discipline children better. Awareness-raising campaigns were being conducted for parents, and mechanisms including hotlines had been developed to support children, including the helpline 119. Authorities were obligated to launch investigations immediately concerning any allegations of violence against children.
The delegation said the Ministry of Education had taken steps to assist children with special educational needs, with the creation of frameworks offering them different kinds of support, based on the type of disability. Adaptive measures had been taken for Roma children, including stimulating their participation in early education and in summer kindergartens, supporting education in their current language, and translating schoolbooks in their mother tongue, among others. An increasing number of contracts between schools and the business sector had been recorded, including around 6,000 contracts in the school year 2023/2024.
Introducing the report, Helena Omna-Raicu, President of the National Authority for the Protection of Child Rights and Adoption of Romania and head of the delegation, said Romania’s path in recent years had been shaped by profound changes and emerging pressures, including the war in Ukraine and the arrival of thousands of children and families fleeing conflict. As a neighbouring country, Romania had mobilised rapidly to provide emergency care, protection, psychosocial support, and schooling to children regardless of their nationality.
Ms. Omna-Raicu said Romania had made significant progress in certain areas, including in the deinstitutionalisation process. Of the 167 residential placement centres operating in 2017, 149 had already been closed by the end of March 2025 and over 6,000 children were now benefiting from family-type alternative care. The remaining 18 placement centres would be closed soon.
In closing remarks, Rinchen Chophel, Committee Expert and Country Taskforce Coordinator, reiterated the Committee’s appreciation for the Government of Romania’s support to Ukrainian refugees, particularly children. Significant progress had been made from the last reporting period to the current one, with many looking forward beyond the dialogue.
In her closing remarks, Ms. Omna-Raicu, expressed deep gratitude for the dialogue. The Committee’s concerns regarding urban disparities were noted. Romania would treat the Committee’s recommendations as an opportunity for deeper transformation.
The delegation of Romania was comprised of representatives from the National Authority for the Protection of Child Rights and Adoption; the Ministry of Education and Research; the Ministry of Justice; the Ministry of Health; the Ministry of Labour, Family, Youth and Social Security; the Ministry of Foreign Affairs; the General Inspectorate of the Romanian Police; the General Inspectorate for Immigration; the National Administration of Penitentiaries; the Prosecutor’s Office; the National Health Insurance Authority; and the Permanent Mission of Romania to the United Nations Office at Geneva.
Summaries of the public meetings of the Committee can be found here, while webcasts of the public meetings can be found here. The programme of work of the Committee’s ninety-ninth session and other documents related to the session can be found here.
The Committee will next meet in public at 3 p.m. on Wednesday, 21 May to begin its consideration of the combined fifth and sixth periodic reports of Qatar (CRC/C/QAT/5-6).
Report
The Committee has before it the combined sixth and seventh periodic reports of Romania (CRC/C/ROU/6-7).
Presentation of Report
HELENA OMNA-RAICU, President of the National Authority for the Protection of Child Rights and Adoption of Romania and head of the delegation, said Romania’s path in recent years had been shaped by profound changes and emerging pressures, including the war in Ukraine and the arrival of thousands of children and families fleeing conflict. As a neighbouring country, Romania had mobilised rapidly to provide emergency care, protection, psychosocial support, and schooling to children regardless of their nationality. The State was proud to have established the first Blue Dot in the region at the border crossing with Ukraine and launched the use of the Child Protection Information Management System Primero in only a couple of months after the onset of the refugee crisis, ensuring registration and case management for almost 40,000 refugee children.
Several new national strategies had been developed for 2021-2027 which aimed to address child poverty and wellbeing, including the national strategy for the protection and promotion of children’s rights “protected children, safe Romania” 2023-2027, and the national strategy on social inclusion and poverty reduction 2022-2027, among others. Romania had also adopted and begun the implementation of the child guarantee national action plan 2023-2030, which aimed to reduce the number of children at risk of poverty or social exclusion by at least 500,000 by 2030. Romania had seen a measurable decline in the proportion of children at risk of poverty and social exclusion from 41.5 per cent in 2022 to 33.8 per cent in 2024.
In April 2024, law 100/2024 was approved which included specific amendments to several laws relevant for social assistance. The new emergency ordinance no. 96/2024, approved in June 2024 regarding the provision of humanitarian support and assistance by the Romanian State to foreign citizens or stateless persons in special situations coming from the area of the armed conflict in Ukraine, established the legal framework providing refugees with access to a wide range of key national statutory services. Another significant legislative change was enacted by amending law 272/2004 in December 2024, which now mandated the participation of children in public decision-making processes.
There had also been several significant programmes launched, including modernising the unique national number 119 for reporting cases of abuse, neglect, exploitation and any other form of violence against children; the development of community services for children and families to prevent separation and support the family reintegration of children from the special protection system; and the development of 200 integrated community centres and 150 daycare centres for children, among others. Despite these advances, challenges remained, including disparities between rural and urban areas.
However, Romania had made significant progress in certain areas, including in the deinstitutionalisation process. Of the 167 residential placement centres operating in 2017, 149 had already been closed by the end of March 2025 and over 6,000 children were now benefiting from family-type alternative care. The remaining 18 placement centres would be closed soon. The use of European Union structural funds had also supported the training of over 11,000 foster carers. A new programme had also been introduced, aimed to scale-up integrated community-services in 2,000 marginalised rural communities, combining social assistance, health, education, and other types of social support. Over 800 million euros of European Social Funds were planned for enhancing access to social services for the most vulnerable, including children and their families.
The State had also expanded support for children at risk of early school leaving by using the early warning mechanism in education, of which around 50,000 participants from 6,950 institutions had completed the training programme. Targeted policies had been developed that supported the reintegration of children who dropped out during the pandemic, and more resources were reaching schools in deprived communities. In health, the role of community nurses and Roma health mediators had grown, and work continued to improve access to services for vulnerable groups.
Pilot projects on mental health for children had laid the groundwork for more systemic change, with mental health services for children and adolescents being expanded. However, challenges remained in ensuring equitable access to quality services in rural and marginalised areas, addressing shortages of specialised personnel, and improving early identification and intervention for children with developmental delays or disabilities.
Romania was committed to reducing the number of children affected by poverty and social exclusion by at least 500,000. The State would also pursue the complete closure of old-type residential centres, with every child in alternative care placed in family-based or community settings. Romania was committed to translating the pledges made during the first-ever global ministerial conference on ending violence against children held at the end of 2024 in Bogota, Columbia, into realities for children.
In education, the State aimed to increase the early childhood education enrolment rate by at least 22 per cent for children aged zero to three and at least 95 per cent for children aged four to six. There would be a focus on improving mental health services for children and linking schools, families, and health providers more effectively, aiming to reduce preventable mortality by 20 per cent compared to 2021 levels for children of all ages. Finally, Romania would ensure that children had a role in shaping systems through participatory budgeting, monitoring, and children and youth-led policy platforms. Romania remained committed to fully implementing the Convention and to contributing to the global effort to advance child rights everywhere.
Questions by Committee Experts
RINCHEN CHOPHEL, Committee Expert and Country Taskforce Coordinator, said Romania had achieved a lot since the last report, which the Committee was happy about. Romania’s assistance to the Ukrainian refugees and children should be noted. There had been significant legislative achievements, particularly the amendments to law 272. What measures were in place to ensure effective implementation of the law? The national strategy on social inclusion and poverty reduction 2022-2027, and the child guarantee national action plan 2023-2030 were very welcome developments. How had these impacted on measures to promote and protect children? Had an assessment been undertaken to evaluate the impact of the national strategy.
While welcoming increased allocations to certain sectors, the Coordinator asked what measures were in place to develop a child-friendly budgeting process? What was the current status of the complaints mechanism in the country for reporting all forms of abuse and violence for children? What had been done to inform children of their right to file a complaint? Had professionals working with children been trained on receiving complaints concerning children and the Convention?
The establishment of the child Ombudsman in 2018 was a crucial step in the right direction, and the Government should be congratulated for that. What was the current status of the institution? How did it connect with children? The Committee noted the State party’s awareness raising activities on the Convention with appreciation, including the translation of the Committee’s general comments into Romanian. How did these efforts extend to rural children?
JULIANA SCERRI FERRANTE, Committee Expert and Country Taskforce Member, asked if the national strategy for school de-segregation been adopted? If not, then when would this occur? What measures had been taken to address hate speech? Did the permanent committee set up in every education unit offer a complaints mechanism to children? If not, how could children complain in schools?
What had been done to decrease discrimination against the Roma population? What efforts had been made to promote the inclusion of Roma in mainstream schooling? How was discrimination against children with disabilities tackled in education? There was concern that Romanian law did not define valid reasons on which minor marriages could be authorised and this was left to the discretion of the authorities. What training was provided to apply the best interests of the child? What approaches had been taken to reduce the preventable mortality of children under five years old? What was the position of the Romanian Government on the proposed amendment to law 272 regarding lesbian, gay, bisexual, transgender and intersex children?
There seemed to be a lack of parental education programmes around corporal punishment. How could the views of the child be respected if violence was accepted as a disciplinary measure? Could the Romanian Government take clear steps to train staff and promote child education? How were child labour laws enforced? How would the Romanian Government establish a child participation mechanism? Were refugee and asylum-seeking children involved in decisions which affected them? Were children provided information on their rights?
What measures were being taken to strengthen the capacity of the social welfare services? How were children with disabilities prioritised in reform measures? What was being done to combat the illicit transfer of children abroad? Had bilateral agreements been conducted in this regard? Was the Romanian Government carrying out measures to understand the impact of prison on children? How were they supported when their parents were incarcerated? What support was available for young people leaving institutional care?
SOPHIE KILADZE, Committee Chair and Country Taskforce Member, said the adoption of law 105/22 providing for automatic birth registration should be considered as positive. Could more information be provided about how the law worked in practice? Were there any plans to introduce a statelessness determination procedure? Was data on statelessness which concerned children disaggregated? What measures were in place to protect children from excessive screen use? How did Romania deal with artificial intelligence as a European Union member? Romania had one of the lowest levels of digital skills in the European Union; what measures were being undertaken to promote digital literacy among children, as well as parents?
PHILIP JAFFE, Committee Vice-Chair and Country Taskforce Member, said it was wonderful that strong pledges had been made at the global ministerial conference on ending violence against children in Bogota. How was Romania implementing its mission as a pathfinding global alliance country? It seemed Romanian children were in need of protection against high levels of physical and sexual violence. One of the pledges made in Bogota was to conduct a prevalence study on sexual abuse; had the State moved forward with this study? Were there dedicated teams drawing up the comprehensive framework and strategy which had been promised? One pledge had been to enhance children’s participation regarding issues of violence. What efforts had the Government made to ensure that there was a clear public understanding that all forms of violence against children needed to be reported?
Corporal punishment appeared to remain quite widespread despite being banned in 2004. What efforts were made to lower the prevalence and change attitudes among parents and adults? It was encouraging that Romania had been one of 40 countries to recently join a statement of the Human Rights Council, expressing children’s right to protection from corporal punishment. How was bullying and cyber bullying being addressed at all levels of legislative policy? Could more information about the child helplines be provided?
Was it true that around seven to eight per cent of girls in Romania were married before the age of 18, with that percentage rising to around 20 per cent in the Roma community? What was being done in response to this? Was it true that charges had been dropped against a 17-year-old boy who entered into a non-formal marriage with an 11-year-old girl? What policy was in practice in the health sector regarding surgical interventions and intersex children? What were the guidelines to protect their bodily integrity until these children were capable of providing consent?
Responses by the Delegation
The delegation said the law on child protection now included clear provisions which made it compulsory for public administrative bodies to involve children in consultations regarding issues which concerned them. The national strategy on children’s rights was recently adopted and another national action plan was elaborated; these plans were complimentary. This was a comprehensive package which would help the Government to better implement all necessary measures. An assessment of the national strategy had been undertaken. The State was now piloting a system which would indicate how to establish a model of financing where children would be considered as a different group that would benefit from a different budget.
The national programme for schooling in Romania ensured children received food support at schools to increase the enrolment rate and participation. School supplies were also provided for all school grades. Two hundred euros were provided for the purchase of technology, and remedial lessons were provided to students coming from disadvantaged communities. Recently, the scholarship system had been extended to encompass more disadvantaged groups.
Funds allocated to primary medical care had registered a continuous annual increase. Just last year, the fund allocated to primary care increased by 24 per cent. The national observatory was a big achievement for Romania and aimed to identify the children most at risk of being separated from their families, based on indicators. Training was being conducted on the use of the observatory to ensure the data provided was reliable.
The hearing of minors in justice proceedings took place in special rooms, and a psychologist was always required to be present. The new national strategy for the development of the judicial system provided for another 10 hearing rooms across the country. There were specially designated prosecutors to handle cases involving minors. The child Ombudsman was fully operational and cooperated with all institutions. It had a functioning complaints mechanism. If an incident was notified to the Ombudsman, an investigation started, which concluded with a set of recommendations sent to the institution responsible to correct the situation.
Civil society representatives were part of the consultative groups established at the national level. A methodology had been issued and piloted regarding identifying and banning segregation within the educational sector. The measures focused on ensuring an inclusive education. Any kind of discrimination on criteria such as ethnicity, religion or sex was completely forbidden within the educational system. Specific places in high schools were allocated for Roma students and students with disabilities. To ensure access to high quality education, educational services had been developed starting from early education to prevent early dropout and absenteeism.
A set of programmes had been introduced, including a monthly allowance for children up to the age of 18, as well as parental leave. There was also a minimum income support which supported families with children. Emergency ordinance no.96 was developed specifically for children from Ukraine and their families.
There was a dedicated intergovernmental group which addressed the subject of forced marriage, with the aim of drafting legislative projects in this regard. Concerning infant mortality and the number of deaths under one year of age, a regionalised system of care had been introduced to ensure each neonate was born in a medical unit which could provide the services necessary for their care, thereby reducing infant mortality. An important national programme was in place which contained around 15 interventions, established in partnership with the United Nations Children’s Fund. Another programme provided 900 neonatal incubators around the country.
A significant number of services had been established to help families in vulnerable situations. A special programme was launched last year on the minimum inclusion income, which focused on how to assist parents within the labour market. The State was aware of a lack of social assistance in rural areas, which was where the most vulnerable communities lived. Interventions were directed, including food packages, and local administrative capacities would be developed.
A programme had been developed which aimed to establish hearing rooms for children in courts, and 29 hearing rooms were completed in April 2024. The rooms were used by the Prosecutors and police officers when they had victims who were minors. The rooms were child-friendly and specially designed with toys. The child did not see the other people participating in the hearing. A new strategy adopted in 2025 provided for the need for an additional 10 hearing rooms in the near future.
All social services were functioning based on a set of minimum quality standards, which were verified by the national agency for social inspection. With the United Nations Children’s Fund, Romania was piloting a project which would identify and train foster families to care specifically for children with disabilities. A child entering the special protection system was prioritised to be reintegrated in a family environment. Adoption was considered the best solution in this regard, and this could only be decided by a court. Priority was offered to domestic adoption, but international adoption could be considered after one year.
Amendments had been made to allow special spaces for visits in prison with children. Such spaces were now available in all prison facilities within the Romanian penitentiary system. There were cooperation protocols in place with the United Nations Children’s Fund and Save the Children which supported parents to develop their parental skills and improve their relationship with their children. The State was aware of the need to develop programmes which addressed the needs of children and adults and improved the relationship within the family.
The Ministry of Education aimed to develop digital competencies among students and parents. During the pandemic, all students were provided with laptops and digital devices to keep up with the educational process. In a new initiative launched in partnership with Microsoft, the Ministry of Education had announced the development of a project concerning artificial intelligence for increasing the school performance of students. A project was also being implemented aimed at improving the digital skills of civil servants.
Romania had a dedicated national child help line. It was toll-free and operational 24/7. Those operating the calls were specialised counsellors who could refer the cases to the relevant authorities. Another helpline just referred cases to social services. The 119 helpline was a recent development, operational from any place in Romania and accessible to children and adults. After the first year, it had been well received and was being regularly used to inform on any situation concerning a child.
Rape of a minor and sexual assault against a minor had been introduced as acts within the Criminal Code. Rape committed by an adult against a minor under the age of 18 was punished by a prison sentence of between seven to 12 years.
Questions by Committee Experts
PHILIP JAFFE, Committee Vice-Chair and Country Taskforce Member, said one in 20 people in Romania held a disability certificate, with around 80,000 being children. What were the difficulties faced by certain groups of children to receive this certificate, including rural children? Were there any awareness-raising campaigns for rural minorities and poor families regarding their entitlement to services? Could more information be provided about Romania’s strategy for persons with disabilities? How were the number and expertise of professionals being scaled up? To what degree had the State embraced a human-rights approach to disability, as opposed to a medical model of disability? How many children were still left in institutions? When would such institutions all be closed?
There were two recent laws on pre-university education and higher education; could more information be provided about the implementation of these laws? What was the level of gross domestic product dedicated to education in Romania? Was there a direct pipeline to hear about the concerns of children within the education system and were these concerns taken seriously? What was being done to combat school segregation based on disability, special education needs, and family economic status? Figures suggested that 40 per cent of children with disabilities had limited access to education. What steps were being made to improve education for children under the age of three? What improvements were being made to increase the improvement of vocational training for older children who may be leaving the school system? Were there any programmes which specifically targeted economically disadvantaged children? What was the mission of the Ministry of Youth?
SOPHIE KILADZE, Committee Chair and Country Taskforce Member, asked if sufficient resources were dedicated to the capacity building of medical personnel? Did all children have access to health care, including health insurance? How were vaccinations promoted in the country? How was breast feeding promoted? Child obesity was an issue of concern; how was this combatted? Was there a hot meals programme?
Mental health was a very important issue. Was data on mental health being disaggregated, including on suicide? Was there a comprehensive strategy and action plan regarding the issue of mental health? Were quality mental health services available in rural and remote areas? According to alarming information, the country had the highest number of adolescent mothers across the European Union. What steps would the State undertake to prevent adolescent pregnancies and subsequent abortions? Would Romania make reproductive education part of the curriculum?
What measures were in place to address drugs or substance abuse? Were there treatments available for children? Romania had made substantial efforts for Ukrainian children and other groups of refugees. How would the State integrate these children long-term? Were there delays in the enrolment of refugee children and their families into the social services system? Would amendments be considered in the asylum law to end the detention of families at the legislative level? Did unaccompanied migrant children have access to services, including psychosocial support and disability services? Were there any barriers which could hinder access to education?
What measures were being undertaken to end child labour, including begging? What was being done to assist children in street situations? How were perpetrators investigated and brought to justice? Were there quality services for child victims of trafficking in place? Was the system of child justice established across the country? Were adequate financial resources allocated to it? Was free legal aid available to children in conflict with the law? Was the detention of children used only as a last resort? If yes, did it comply with international standards?
RINCHEN CHOPHEL, Committee Expert and Country Taskforce Coordinator, said one in five children were affected by severe material and social deprivation, which was concerning. What was the reality on the ground? The minimum social assistance package had been introduced; could more information be provided on it? Romania was increasingly vulnerable to droughts, heatwaves, floods and landslides, and it was also grappling with water pollution. How had the national strategies pertaining to climate change helped to address the challenges of the environment and climate change in the country? What measures were being adopted to take into account children’s needs and views in the development of specific policies, including disaster-preparedness plans? Were child rights impact assessments carried out when dealing with the business sector?
A Committee Expert asked what the national coverage of vaccinations was in the country? Romania had an epidemic of measles; how did the population react to vaccinations? How was confidence being built in vaccines? Were people familiar with the law on rape? What happened once the 30-day limit for registering births had elapsed?
Responses by the Delegation
Romanian legislation completely prohibited violence against children, regardless of the environment. However, despite the legislation, which was fully aligned with United Nations Conventions, the State needed to fight against mentalities and traditions and to practically change the minds of parents and caregivers, who believed corporal punishment would discipline children better. Awareness-raising campaigns were being conducted for parents, and mechanisms including hotlines had been developed to support children, including the helpline 119.
Authorities were obligated to launch investigations immediately concerning any allegations of violence against children. Romania was committed to continuing these efforts and to changing social norms and mentalities. The numbers of cases of violence against children was increasing, which meant people were becoming more aware of the issue and reporting it.
Since 2016, the methodology applied in Romania clearly distinguished between the concept of disability and special education needs. In Romania, the deinstitutionalisation process was one of the most important commitments of the Government, and the process was now concluding. Currently, out of the 167 residential centres operating in 2017, 149 had already been closed, and more than 6,000 children were benefiting from alternative care. The legal framework stated that no placement centre could operate without the approved closure plan. The deinstitutionalisation process also involved finding better alternative and family-based care for children. Only 18 placement centres remained in the process of being closed, and by 2026 no such centre would be operating in Romania. The State was still aiming to find family-style solutions for children with disabilities, and a project was being developed with the United Nations Children’s Fund to this end.
If a birth was declared after the 30-day deadline but less than one year after the birth, the birth certificate could be issued based on approval from the mayor. If the birth declaration was made more than one year after the birth, the certificate needed to be approved by the mayor and other administrative bodies.
More than 2.8 million students were enrolled in the 2023/2024 school year in Romania. For high school, there had been a significant decrease in dropouts from 2.5 per cent in 2017 to 0.8 per cent in 2024. Around 4.5 per cent of the budget was allocated to education. The Ministry of Education had taken steps to assist children with special educational needs, with the creation of frameworks offering them different kinds of support, based on the type of disability. For students with temporary special needs, the law of education presented special measures, including the implementation of schooling hospitals, or schooling at home for those who were required to be in hospital or at home for medical reasons.
Adaptive measures had been taken for Roma children, including stimulating their participation in early education and in summer kindergartens, supporting education in their current language, and translating schoolbooks in their mother tongue, among others. More than 66,000 teachers had been trained in digital and multimedia use. An increasing number of contracts between schools and the business sector had been recorded, around 6,000 contracts in the school year 2023/2024. Most teachers had been trained to create open educational resources. Significant funds had been allocated to modernising rest room facilities in schools.
Any student could submit complaints of discrimination via an established framework. Students benefitted from representation in the school system through several platforms. The national strategy for sustainable development issued the methodology of the “green week programme”, which contributed to preschoolers and students’ competence in understanding basic concepts of climate change, to initiate individual and protective action to protect the environment. Teachers were obliged to obtain 90 transferrable professional credits every five years, through attending courses offered by Romanian training houses.
In recent years, infant mortality had remained relatively stable in Romania. From 2023 to 2024, the number of doctors treating children increased by five per cent. Regarding children’s access to medical services, all children were insured in Romania and benefitted from basic medical services across all sectors of health care. The national health insurance fund also reimbursed certain services. The Ministry of Health had launched a vaccination campaign in partnership with the Red Cross, to raise awareness of parents; this had been accompanied by a “catch-up” vaccination schedule, resulting in 1,500 children being vaccinated. A protocol had been signed with the Orthodox Church to establish an active partnership to create a framework for anyone facing a possible cancer diagnosis, offering support.
World Breastfeeding Week was celebrated in August each year, as breastfeeding remained one of the most effective ways to provide children with the best start in life. Breast feeding recommendations had been developed with partners, including the World Health Organization, and were relayed to medical practitioners at the local level. Around 200 integrated community centres would be restructured, elevated and equipped. A television broadcast had been created to promote the importance of breastfeeding in the first six months of a child’s life.
Information and education campaigns had been carried out for children, parents and teachers about the benefits of a healthy diet and the consequences of unhealthy eating. Around 1,000 people had benefited from the campaign. Substance abuse could be detected by family doctors and psychological services could be recommended. The national health insurance house implemented the national mental health programme, providing treatment for persons with substance abuses, and ensuring specific treatment for patients with depressive disorders.
Questions by Committee Experts
RINCHEN CHOPHEL, Committee Expert and Country Taskforce Coordinator, said the Government had approved a social assistance programme in 2011 which targeted all communes, but was underfinanced; could more information be provided? The Environment Week presented was an excellent initiative; how was it being utilised?
JULIANA SCERRI FERRANTE, Committee Expert and Country Taskforce Member, asked if there were any supervision orders, where children remained with their family but were supervised? Were there age assessment procedures during the asylum procedure? What rights did children applying for asylum have? Could they appeal any decisions?
PHILIP JAFFE, Committee Vice-Chair and Country Taskforce Member, said according to research by the United Nations Children’s Fund, Romanian girls felt much lonelier than Romanian boys. Was there a reason for this gap?
SOPHIE KILADZE, Committee Chair and Country Taskforce Member, asked for clarification on case management coordination?
A Committee Expert noted the prevalence of women among the large delegation and asked if women generally had an important and high-profile position in Romania, or if this only occurred when discussing children? Had there been any programmes to prevent violence? Had the concept of gender been fully institutionalised? Were teachers trained in detecting signs of violence? What was the prevalence of child marriage in the country? What about figures for marriages which were not officially recorded? Had there been any programmes to prevent the phenomenon or sanctions?
Was there any mapping of the at-risk populations in the country of female genital mutilation? Was female genital mutilation prohibited in law? What was the most updated action on sexual exploitation? Was there any cross-border cooperation between Romania and neighbouring countries? Did Ukrainian children born in Romania have access to Romanian citizenship? Did rape victims have access to emergency contraception?
Another Expert asked about vaccinations from children aged zero to 12; was there distrust in the population when it came to vaccines? It seemed that tuberculosis was a public health issue. What was being done in the field of treatment? Were there children whose births had not been declared, particularly among refugees, Roma and migrants?
A Committee Expert asked about the new concept introduced by the Parliament on parental alienation. How had this concept been consulted on, particularly with children? How would the best interests of the child be ensured? What specific measures were being taken to reduce school dropout and improve access to quality education for Roma children? What mechanisms were in place to monitor and support Roma children who were at risk of dropping out?
Another Committee Expert said she was happy to hear about the programme for the deinstitutionalisation of alternative care centres; this was something Romania should be proud of, as well as all the foster arrangements being made, especially for children with disabilities. What was the State doing to support the families of children with disabilities, particularly those with severe disabilities?
Responses by the Delegation
The delegation said emergency contraception was available to those who had experienced sexual assault and could be obtained without a prescription. Adolescent pregnancies were a major concern for the Romanian public health system. Contraceptives and medical devices were provided free of charge through family centres and through gynaecological departments, where abortions were performed upon request. Romania was one of the first European countries to offer non-discriminatory HIV/AIDS treatment.
Refugees were granted a monthly allowance, one-month’s accommodation, and access to education for minors. Legislation in the field of asylum provided for beneficiaries to apply for family reunification when family members were not in Romania. Identity documents needed to be provided to prove family links. Family reunification of unaccompanied minors was carried out with the best interest of the child in mind. Minors from immigrant backgrounds benefitted from the same rights as minors who were Romanian citizens. Romanian language courses provided teaching support, textbooks and workbooks developed on linguistic levels according to the European Union framework. Priority for asylum applications was given to unaccompanied minors.
Medical forensic expertise was used when an asylum applicant could not prove their age and there were serious doubts about their ethnicity. The declared age of the asylum applicant was accepted if their refusal to undergo the medical expertise was based on compelling reasons. The assessment was performed with full respect for the minor’s dignity and in as least invasive way as possible.
Investigations in child and human trafficking were undertaken by specialists with supervision from specialised prosecutors. Through law 229/2024, the Romanian Parliament aimed to discourage sex tourism and the pimping of minors. More than 1,200 criminal cases had been identified regarding child trafficking. The General Inspectorate of Romanian Police organised regular sessions for border police and
non-governmental organizations, with the purpose of identifying victims. More than 125 trainings had been carried out to over 4,000 workers who may encounter trafficking victims through their work. The National Agency against Trafficking in Persons and the Directorate for Investigating Organised Crime had implemented a national action plan in the fight against human trafficking to improve the awareness of at-risk groups.
In 2024, prosecutors from the Directorate for Investigating Organised Crime took part in 35 seminars regarding identifying child victims, compensation for victims, international cooperation, and online sexual exploitation of children, among other topics. A public awareness campaign had been launched relating to sexual acts between adults and minors. The message stated that a sexual act committed against a minor of 16 years or under constituted rape, if the age gap was more than five years, and punishments applied.
According to Romanian legislation, minors benefited from free legal aid, whether they committed a crime, or if they were victims of a crime. The Romanian penal system limited sanctions in regard to minors, and measures for deprivation of liberty were only given as a last resort and could only be ordered by a court.
The integrated social services project aimed to develop the academic knowledge of professionals working in the social assistance field, and to develop concrete measures for vulnerable groups of people.
During “green week”, schools organised activities around several topics relating to the environment. These were uploaded on a specialised platform dedicated to education on climate change and varied from one educational cycle to another. The Ministry of Education had developed a programme, the mechanism of early-living alert, which focused on early education for Roma children.
In Romania, social services were obligated to identify children in a risk situation. Children could remain within families and be monitored by social services until the risks were removed. The parental alienation provision was introduced in all cases relating to violence and neglect. It was recommended that this provision be removed, as these measures should only be applied by the courts. There were many trainings offered to judges on methods relating to children’s rights. Social workers were also trained to provide necessary assistance to visiting parents. Social services could only assist; they could not intervene and solve disputes between parents.
Closing Remarks
RINCHEN CHOPHEL, Committee Expert and Country Taskforce Coordinator, reiterated the Committee’s appreciation for the Government of Romania’s support to Ukrainian refugees, particularly children. The State was encouraged to continue to undertake these activities which were important for solidarity for children. Significant progress had been made from the last reporting period to the current one, with many looking forward beyond the dialogue. This was an indication of the Government’s commitment towards children. As the country moved forward, it was important to put emphasis on implementation and ensure vulnerable children did not miss out.
HELENA OMNA-RAICU, President of the National Authority for the Protection of Child Rights and Adoption of Romania and head of the delegation, expressed deep gratitude for the dialogue. The delegation welcomed the Committee’s emphasis on equality, accountability and sustainability, and would underpin the next stage of the State’s deinstitutionalisation journey. The Committee’s concerns regarding urban disparities were noted. It was recognised that rights delayed were rights denied, and the State was committed to accelerating affirmative action. Romania would treat the Committee’s recommendations as an opportunity for deeper transformation.
SOPHIE KILADZE, Committee Chair, thanked the delegation for the fruitful dialogue and commended its members for their clear and comprehensive answers. Ms. Kiladze extended her best regards to the children of Romania.
___________
Produced by the United Nations Information Service in Geneva for use of the media;
not an official record. English and French versions of our releases are different as they are the product of two separate coverage teams that work independently.
CRC25.013E
Source: US Justice – Antitrust Division
Headline: Missouri Man Sentenced to Over Nine Years in Prison for Church Arson
A Missouri man was sentenced yesterday to 111 months in prison by U.S. District Judge Matthew T. Schelp for the Eastern District of Missouri for burning down a Cape Girardeau, Missouri house of worship in 2021. He was also ordered to pay $6,968,223.36 in restitution for damages incurred by the church.
Source: The Conversation – Canada – By Genevieve LeBaron, Distinguished SFU Professor of Global Supply Chain Governance, Simon Fraser University
Gender-based violence and harassment is a widespread issue in supply chains. Women workers in garment manufacturing, food production and hospitality are routinely subjected to unwanted touching and sexual advances and inappropriate comments, while promotion and advancement are often conditional on sex. In the most severe cases, this abuse escalates to sexual assault and rape.
Despite decades of awareness and an International Labour Organization convention passed in 2019 and ratified by 49 countries, research indicates little progress has been made.
A 2024 report from Statistics Canada, for instance, has found that 47 per cent of women have experienced some form of harassment or sexual assault in the workplace.
Rates of gender-based violence and harassment are thought to be even higher in some countries and industries. In Bangladesh, a 2018 study found at least 60 per cent of garment workers had experienced it in the previous year. Another found 85 per cent of garment workers in Indonesia were concerned about sexual harassment at work.
In the face of such a persistent global issue, women working in garment supply chains have pioneered a highly effective solution for tackling gender-based violence and harassment.
Supported by labour unions and organizations like the Asia Floor Wage Alliance, Worker Rights Consortium and Global Labor justice, women workers have led the development of legally binding agreements with brands and suppliers to eliminate gender-based violence and harassment.
The latest of these is called the Central Java Agreement for Gender Justice. Signed in July 2024, it covers 6,250 workers producing clothing for brands like Nike and Fanatics, Inc. under licenses with universities affiliated with the Worker Rights Consortium.
Worker Rights Consortium persuaded Fanatics, which is also licensed to produce apparel bearing the Nike logo, to enter into the agreement in response to complaints of gender-based violence and harassment at two garment factories in central Java, Indonesia, owned by the Korean-based firm Ontide.
This agreement creates a union-led program to address the problem at two Indonesian factories; if factory management does not comply, it risks losing business with Nike and Fanatics.
The 2024 Central Java Agreement builds on and incorporates key features of previous worker-led agreements to address the issue.
In particular, it builds on the 2022 Dindigul Agreement to Eliminate Gender-Based Violence and Harassment in India and the 2019 Agreements to Eliminate Gender-Based Violence and Harassment in Lesotho.
The Dindigul agreement was led by an independent, majority-Dalit trade union run by women. It established a set of legally binding agreements with major garment companies including H&M Group, Gap Inc., PVH and Eastman Exports Global Clothing Ltd.
The Lesotho agreements involved brands such as Levi Strauss & Co., Nien Hsing Textile Co., unions, women’s rights advocates and labour organizations.
While each agreement is unique, they all adhere to the principles of worker-driven social responsibility.
Under this governance model, “worker organizations and unions, suppliers, and brand companies enter into enforceable and legally binding agreements” and “transnational corporations use their leverage and supply chain relationships to effect change amongst supplier worksites.”
These agreements include worker-led detection and remediation systems to address gender-based violence and harassment. For example, under the Lesotho agreement, workers can access a 24-hour hotline operated by a local women’s organization to lodge complaints or bring them directly to the unions involved in the agreement.
The Dindigul agreement also provides multiple channels for workers to raise complaints of gender-based violence and harassment, including shop floor monitors selected by the local union (one for every 25 workers). It also offers multiple avenues for raising complaints, including to the union or to sexual harassment committees required under Indian law.
Under the Central Java Agreement, workers can bring complaints to committees aimed at eliminating the problem, to shop floor monitors or their unions. Not only do each of the agreements permit workers to request independent investigations, they all provide a wide array of remedies in the case of any incidents and violations of freedom of association.
What sets these agreements apart from most other initiatives to combat gender-based violence and harassment in supply chains is that they actually work. One study of the two-year impact of the Dindigul Agreement by Cornell University’s Global Labor Institute found that 76 per cent of grievances were resolved in two weeks.
The report said the program “constituted a powerful monitoring mechanism, ensuring effective remediation and deterring violations” of both gender-based violence and harassment and freedom of association — briefly put, the right to voluntarily join or leave groups (like unions), and for those groups to pursue collective action.
Now, a key question is whether and to what extent these successful programs will continue to thrive and grow under the current “America First” agenda of the U.S. government.
Despite their success, these worker-led initiatives face mounting challenges.
Labour organizations that support these agreements are under strain, with some potentially at high risk of collapsing. The U.S. Bureau of International Labor Affairs is cutting US$500 million in funding that supports labour enforcement efforts across 40 countries.
At the same time, company rollbacks of diversity, equity and inclusion programs are constraining, if not eliminating, the political space in which labour groups negotiate such agreements.
Tariffs and upheaval in global trade — especially efforts to redraw supply chains to evade costly tariffs — gives brands cover to withdraw commitments to worker-led initiatives and change sourcing patterns to circumvent them.
Within the United States, cuts and funding freezes — including to sexual assault prevention groups — are a worrying sign that support for preventing gender-based violence and harassment and helping its survivors are being undercut and failing.
If labour stakeholders lose the resources to support such initiatives, the impacts on women and workplaces within supply chains across the world will be devastating. These programs show that when workers lead, real change is possible, but they need continued investment and political support to survive.
Genevieve LeBaron receives funding from the Social Sciences and Humanities Research Council of Canada, Humanity United Foundation, and Ford Foundation.
Judy Fudge does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.
– ref. Worker-led programs are tackling gender-based violence in supply chains, but they’re at risk – https://theconversation.com/worker-led-programs-are-tackling-gender-based-violence-in-supply-chains-but-theyre-at-risk-255756
Source: European Parliament
The EU aims to become the first climate-neutral continent in the world by 2050. Since the announcement of the European Green Deal and following the adoption of the European Climate Law in 2021, the EU’s climate agenda has been built even more around the principle of carbon pricing. The EU emissions trading system (ETS) is, today, the cornerstone of the EU’s strategy to achieve this vision, complemented by a mix of industrial, energy and climate policies. Currently, the EU ETS covers stationary (power and industrial) installations, domestic aviation and maritime transport. Following the revision of the EU ETS Directive, greenhouse gas (GHG) emissions from buildings, road transport and additional sectors not covered by the existing EU ETS will be covered under a new ETS2. Carbon pricing is expected to regulate around 75 % of EU GHG emissions from 2027. Following the adoption of the revised ETS Directive in 2023, Member States had to transpose the ETS2 into national law. The ETS2 will target GHG emissions from fuel for the sectors covered. Fuel suppliers have to buy and surrender emissions allowances and are likely to pass on the cost of this new instrument to final consumers. Consumers are likely to face higher energy bills if they do not switch to low-carbon technologies, which is why the ETS2, while aiming to achieve climate objectives, has become a social concern. A new Social Climate Fund will support the switch to low-carbon technologies in the building and transport sectors, including but not only through direct payments for vulnerable households impacted by the new ETS2. However, some stakeholders have claimed that the Social Climate Fund will not be enough and are asking for the ETS2 to be delayed or modified. This briefing looks at the recent issues and concerns that have been raised regarding the ETS2.
Source: European Parliament
National human rights institutions, ombudspersons, equality bodies and other independent authorities have an important role in national checks and balances. The Commission monitors developments related to the functioning and independence of these authorities in the context of its Annual Rule of Law Cycle[1]. As regards Greece, the 2024 Rule of Law Report[2] took note of investigations by the ombudsperson into alleged misconduct involving law enforcement officers. As further noted in the report, the Commission considers that effective and timely investigations of such incidents are an important demonstration of the ability of competent authorities to deliver an adequate response. The Commission will continue to monitor developments in this area and will provide an up-to-date assessment in its 2025 Rule of Law Report.
Source: European Parliament
Page Group Ltd is a United Kingdom based private security company (PSC) providing security services to the European Union Mission for the Support of Palestinian Police and Rule of Law[1] ( EUPOL COPPS). The company delivers security services such as 24/7 on-site guarding of the premises and monitors all moves of the Mission and the security situation in the area of operations.
The strike of the PSC personnel started on 8 January 2025 and ended on 22 January 2025. Page Group Ltd informed EUPOL COPPS that the interruption of the service was due to internal issues between Page Group Ltd and its local employees falling outside the remits of EUPOL COPPS. The Mission immediately requested the management of Page Group Ltd to resolve the issue as soon as possible.
In parallel, a business continuity plan was implemented by EUPOL COPPS for the duration of the strike, focusing on a seamless continuation of the provision of the security services such as Warden and Duty Security Officer duties using Mission staff.
Source: GlobeNewswire (MIL-OSI)
MONTREAL, May 21, 2025 (GLOBE NEWSWIRE) — Boralex Inc. (“Boralex” or the “Company”) (TSX: BLX) is pleased to announce it has entered into a Renewable Energy Standard Agreement with the New York State Energy Research and Development Authority (NYSERDA) to procure Tier-1 RECs from each of its Fort Covington Solar Project and Two Rivers Solar Project, totaling 450 MW. The signing of these contracts marks a significant milestone in Boralex’s contribution to renewable energy in New York and in the Company’s development in this promising market.
These contracts were awarded as part of NYSERDA’s 2024 Renewable Energy Standard Competitive Solicitation for the purchase of New York Tier-1 Eligible Renewable Energy Certificates (RECs). Each REC represents the environmental attributes of one megawatt-hour of electricity generated from an eligible renewable source such as solar energy.
The two solar facilities will be located in Franklin and St. Lawrence Counties in upstate New York, with permit applications currently under review by the state Office of Renewable Energy Siting and Electric Transmission:
“New York is committed to building a clean energy economy, and Boralex is honored to meaningfully contribute toward achieving the State’s renewable energy targets,” said Patrick Decostre, President and Chief Executive Officer of Boralex. “We appreciate NYSERDA’s confidence in our projects. New York State is a strategic growth market for Boralex, and we are proud to support the State’s renewed commitment to advancing clean energy infrastructure.”
“Our execution of these contracts for the Fort Covington and Two Rivers projects reflects Boralex’s strategic focus on growing our U.S. renewable energy platform,” added Hugues Girardin, Executive Vice President, General Manager North America, Boralex. “We are extremely proud of our teams, whose expertise and dedication continue to drive Boralex’s successful expansion across North America in response to the consistently strong demand for green electricity.”
“Renewable energy projects like Fort Covington and Two Rivers, are crucial to New York’s clean energy transition,” said NYSERDA President and CEO Doreen M. Harris. “Additionally, public-private partnerships like this will bring meaningful benefits to Franklin and St. Lawrence counties by spurring economic investments and delivering affordable and locally-sourced energy to residents of these communities.”
“This is very exciting news for our town and the state as it looks to achieve its climate goals,” said Mark Peets, Supervisor of the Town of Brasher. “Throughout the development of this project, Boralex has done an excellent job communicating the benefits to our community. They’ve listened to our concerns and, more importantly, made meaningful project changes that have helped build trust and support. We look forward to the hundreds of construction jobs, and tens of millions of dollars in economic development these projects will provide.”
“These developments are great news for our community and the surrounding area,” said Susan Bellor, Supervisor, Town of Massena. “I very much look forward to continuing to strengthen the relationship between Boralex and our town, and I’m excited about the long-term positive economic impact the project will have – not only for the participating landowners, but the broader community.”
“Small towns like ours don’t often get opportunities like this,” said Pat Manchester, Supervisor of the Town of Fort Covington. “The Fort Covington Solar Project represents a major investment in our community and our future. We’re excited about the jobs, increased tax revenues, and the momentum it brings for sustainable economic growth. Boralex has been a transparent, responsive partner throughout this process, and we’re proud to host a project of this scale and significance.”
Construction of both projects is expected to begin in 2026, and are expected to be commissioned in 2028. They will bring substantial economic, social, and environmental benefits to New York State and to local communities. Once constructed, the projects will together provide enough energy to power approximately 105,000 homes, support approximately 300 to 400 construction jobs, and create long-term operational roles, further strengthening the local economy and advancing the State’s transition to clean energy.
Caution Regarding Forward-Looking Statements
Some of the statements contained in this press release, including those regarding the start of construction of the projects and their commissioning, are forward-looking statements based on current expectations, within the meaning of securities legislation. Boralex would like to point out that, by their very nature, forward-looking statements involve risks and uncertainties such that its results or the measure it adopts could differ materially from those indicated by or underlying these statements, or could have an impact on the degree of realization of a particular forward-looking statement. Unless otherwise specified by the Company, the forward-looking statements do not take into account the possible impact on its activities, transactions, non-recurring items or other exceptional items announced or occurring after the statements are made. There can be no assurance as to the materialization of the results, performance, or achievements as expressed or implied by forward-looking statements. The reader is cautioned not to place undue reliance on such forward-looking statements. Unless required to do so under applicable securities legislation, Boralex management does not assume any obligation to update or revise forward-looking statements to reflect new information, future events or other changes.
About Boralex
At Boralex, we have been providing affordable renewable energy accessible to everyone for over 30 years. As a leader in the Canadian market and France’s largest independent producer of onshore wind power, we also have facilities in the United States and development projects in the United Kingdom. Over the past five years, our installed capacity has increased by more than 50% to over 3.2 GW. We are developing a portfolio of projects in development and construction of more than 8 GW in wind, solar and storage projects, guided by our values and our corporate social responsibility (CSR) approach. Through profitable and sustainable growth, Boralex is actively participating in the fight against global warming. Thanks to our fearlessness, our discipline, our expertise and our diversity, we continue to be an industry leader. Boralex’s shares are listed on the Toronto Stock Exchange under the ticker symbol BLX.
For more information, visit boralex.com or sedarplus.com. Follow us on Facebook, LinkedIn and Instagram.
For more information
| MEDIA | INVESTOR RELATIONS |
| Camille Laventure Senior Advisor, Public Affairs and External Communications Boralex Inc. 438 883-8580 |
Stéphane Milot Vice President, Investor Relations and Financial Planning and Analysis Boralex Inc. 514 213-1045 |
| MEDIA – NORTH AMERICA | |
| Zachary Hutchins Manager, Public Affairs and Communications Boralex Inc. 518 727-6155 |
Source: Boralex inc.
Source: Traditional Unionist Voice – Northern Ireland
Statement by TUV deputy leader Court Councillor Ron McDowell:
“I welcome the decision by the Metropolitan Police to charge a member of the rap group Kneecap with displaying a flag in support of Hezbollah, a proscribed terrorist organisation.
“For too long, the powers that be have turned a blind eye to this group’s open glorification of terrorism. This charge is long overdue.
“Last year, TUV lodged a formal complaint with the BBC over its uncritical and irresponsible promotion of Kneecap. It is worth revisiting what we said at that time:
“This morning on BBC Radio Ulster, both the news bulletins and the BBC Northern Ireland website provided entirely uncritical coverage of the ‘Kneecap’ film.
“They even platformed a character calling himself DJ Provai — of all things — to tell us that Irish is not just a language for one side of the community.
“There are many people in Northern Ireland who still carry the scars of being literally kneecapped by paramilitaries. Many more can testify to how ‘cross community’ the Provos truly were.
“That innocent victims should now have to watch a rap group build a career off the back of the IRA campaign is bad enough. But for a public service broadcaster to present them as inclusive cultural advocates — and report on them without so much as a whisper of criticism — is utterly intolerable.
“We wrote to the Director of BBC Northern Ireland to raise these concerns and requested a meeting where innocent victims of the Provos could express their outrage in person.”
“The truth is simple: we cannot and must not permit the glorification of terror — whether the terrorism is rooted in Northern Ireland or the Middle East.
“Kneecap crossed that line long ago.
“Those who have enabled or excused this — including figures in the media — must seriously reflect on their actions. Some have even tried to gaslight Unionists and victims by presenting these glorifiers of terrorism as cross-community ambassadors for the Irish language.
“It’s offensive. It’s dangerous. And it’s wrong.
“And while it may be too much to expect the BBC, given their track record, to apologise — they owe one to the innocent victims whose pain has been trivialised and ignored for far too long.”
Source: US Immigration and Customs Enforcement
NEW YORK — On May 19, U.S. Immigration and Customs Enforcement New York City arrested Marlon Josuel Cruz Fernandez, an illegal alien from the Dominican Republic wanted in his home country for homicide.
ICE officers and special agents assigned to ICE’s Newburgh office, along with special agents from the Federal Bureau of Investigations, the Drug Enforcement Administration and Homeland Security Investigations arrested Cruz without incident in New Rochelle pursuant to a warrant of arrest.
“This foreign fugitive mistakenly thought he could exploit our immigration laws to evade arrest in his home country,” said ICE Enforcement and Removal Operations New York City acting Field Office Director Judith Almodovar. “Let his futile attempt highlight to other criminal aliens we will always collaborate with our domestic and international law enforcement partners to ensure these fugitives are returned to their home countries to face justice.”
The U.S. Border Patrol encountered and arrested Cruz Dec. 11, 2015, in the Rio Grande Valley in Texas after he illegally entered the U.S. Border Patrol officials served him with a notice to appear for violation of the Immigration and Nationality Act and turned him over to ICE for detention placement. ICE Harlingen granted Cruz bond Feb. 1, 2016, which he posted three days later. Cruz failed to appear for his immigration proceedings Jan. 5, 2017, so the immigration judge ordered him removed in absentia from the U.S. to the Dominican Republic.
On Feb. 2, 2018, authorities in Santo Domingo, Dominican Republic, issued a warrant for Cruz’s arrest for the offense of homicide, which went international six weeks later. ICE New York City received notification March 16 this year.
The New Rochelle Police Department arrested Cruz for having improper plates and impounded his vehicle May 17. The New Rochelle Police Department released Cruz on his own recognizance prior to realizing that he was an international fugitive wanted for homicide. Upon receiving this information, the police department immediately notified ICE New York City, which — along with federal partners — arrested Cruz.
Cruz is currently detained in ICE custody pending removal to the Dominican Republic.
Learn more about ERO New York City’s mission to increase public safety in our New York City communities on X at @ERONewYork.
Source: Royal Canadian Mounted Police
RCMP Halifax Regional Detachment has arrested two people for assaulting fishers in Eastern Passage.
On May 4, at approximately 7 p.m., RCMP officers responded to a report of an assault in progress near Cow Bay Rd. in Eastern Passage. On arrival, officers found two people with serious injuries and arrested two other people – one youth and one man. Police also seized several items used as weapons in this assault, including fishing hooks and a metal pipe. The incident occurred while the victims were fishing for gaspereau.
The victims were transported to hospital by EHS, one with life-threatening injuries.
The youth had a first court appearance and remains in custody, facing four charges including aggravated assault.
The 39-year-old man, from Cow Bay, was later released on conditions. He will appear in Dartmouth Provincial Court on June 10, 2025, to face a charge of assault.
This incident is still under investigation. Police are aware of allegations that this was a hate-motivated crime or hate-motivated incident based on information provided by witnesses. The RCMP takes incidents of hate with utmost seriousness and condemns all hate-motivated incidents, and may follow up with further charges as is necessary based on the ongoing investigation.
Anyone with information about this incident and who has not yet spoken to police is asked to contact RCMP Halifax Regional Detachment at 902-490-5020. To remain anonymous, call Nova Scotia Crime Stoppers, toll-free, at 1-800-222-TIPS (8477), submit a secure web tip at www.crimestoppers.ns.ca, or use the P3 Tips app.
File #: 25-62315
Source: United States Attorneys General 1
A Missouri man was sentenced yesterday to 111 months in prison by U.S. District Judge Matthew T. Schelp for the Eastern District of Missouri for burning down a Cape Girardeau, Missouri house of worship in 2021. He was also ordered to pay $6,968,223.36 in restitution for damages incurred by the church.
Christopher Scott Pritchard, 49, pleaded guilty in U.S. District Court for the Eastern District of Missouri in Cape Girardeau, on Dec. 19, 2024, to one count of arson and one count of violating the Church Arson Prevention Act. Pritchard admitted setting fire to the house of worship owned and used by the Church of Jesus Christ of Latter-Day Saints (LDS) in Cape Girardeau, Missouri, during the evening of April 28, 2021. Pritchard was spotted watching the fire and was arrested about 1.5 miles away by the Cape Girardeau County Sheriff’s Office. Pritchard smelled like smoke and had a backpack containing a laptop computer, a projector, speakers and 21 apples that he’d stolen from the church. Pritchard told deputies that he’d gotten into a verbal altercation with the Bishop of the church a few days before the fire and had threatened to assault the Bishop and burn the church down.
The fire destroyed the building and prevented the congregants in the free exercise of their religious beliefs. No one was injured.
“There is no place in America for criminal acts against houses of worship,” said Assistant Attorney General Harmeet K. Dhillon of the Justice Department’s Civil Rights Division. “The Civil Rights Division thanks its law enforcement partners for prosecuting this matter.”
Assistant Attorney General Harmeet K. Dhillon and U.S. Attorney Sayler A. Fleming for the Eastern District of Missouri made the announcement.
The FBI St. Louis Field Office, the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF), the Cape Girardeau County Sheriff’s Office and the Missouri State Fire Marshal’s Office investigated the case. Assistant U.S. Attorney Paul Hahn for the Eastern District of Missouri prosecuted the case, with assistance from the Civil Rights Division’s Criminal Section.
Source: US State of New York
overnor Kathy Hochul today announced that contracts have been executed for 26 large-scale land-based renewable energy projects that, upon completion, will provide more than 2.5 gigawatts of clean energy, enough to power more than 670,000 homes throughout New York State. These projects are expected to create more than 1,900 near-term, family-supporting jobs and generate more than $6 billion in private investment while reinforcing the State’s commitment to the development of locally-produced clean energy, grid resiliency and economic development.
“New York is creating competitive opportunities for the clean energy industry, and we could not do this without the shared commitment of our private partners,” Governor Hochul said. “The advancement of renewable energy is part of the foundation of New York’s plan to transform to a zero-emission electricity system and continue our green economy’s momentum forward.”
These contracted awards are the result of the New York State Energy Research and Development Authority’s (NYSERDA) 2024 Tier 1 Renewable Energy Standard solicitation. Once constructed, the projects will produce approximately 5,000 gigawatt-hours annually–which is enough to power more than 670,000 homes–provide public health benefits resulting from reduced exposure to harmful air pollutants; and provide more than $300 million in commitments to disadvantaged communities, as defined by the Climate Justice Working Group, from long-term payments to community benefit funds.
New York State Energy Research and Development Authority President and CEO Doreen M. Harris said, “As New York transitions to a clean energy economy, we celebrate these 26 projects and the significant energy they will provide. New York remains an innovator in accelerating clean energy projects, advancing clean energy jobs, and spurring economic development opportunities for businesses and our local communities all across our state.”
Contracted projects include:
Capital Region
Central New York
Finger Lakes
Mohawk Valley
North Country
Southern Tier
Western New York
The payments under the contracted projects will only begin once projects are constructed and begin delivering renewable energy to New York after obtaining all required permits and approvals. Several projects have already commenced construction activities. All projects are expected to be operational by 2029.
Additionally, the State will continue to emphasize engagements with the projects’ host communities. NYSERDA offers resources and no-cost technical assistance to help local governments understand how to manage responsible clean energy development in their communities, including step-by-step instructions and tools to guide the coordination of new clean energy projects, permitting processes, property taxes, siting, zoning, and more.
New York State Department of Public Service CEO Rory M. Christian said, “We applaud Governor Hochul’s commitment to move New York State toward a clean energy economy. The projects being announced today will spur the creation of clean energy jobs as well as encouraging economic development opportunities in New York State.”
New York State Department of Environmental Conservation Acting Commissioner Amanda Lefton said, “These large-scale renewable energy projects demonstrate how clean energy and job creation go hand-in-hand to build healthier communities and stronger economies. More than two dozen projects under contracts through NYSERDA will generate renewable power and private investment that helps continue the significant progress underway to reduce polluting power sources.”
New York State Department of Labor Commissioner Roberta Reardon said, “I thank Governor Hochul for maintaining our state’s leadership in the clean energy sector and for continuing to create great career opportunities for New Yorkers statewide. These investments will continue to build a more energy efficient and environmentally friendly future for New York State.”
State Senator Kevin Parker said, “As Chair of the Senate Energy and Telecommunications Committee, I am proud to work alongside NYSERDA, a critical partner in advancing New York’s clean energy future. Their continued leadership in delivering funding awards and innovative programs is essential to meeting the goals of the Climate Leadership and Community Protection Act. Together, we are not only strengthening the state’s electric grid with renewable energy, but also ensuring that disadvantaged communities share in the economic and environmental benefits of this transition.”
New York State AFL-CIO President Mario Cilento said, “Congratulations to Governor Hochul and NYSERDA on another major milestone toward achieving New York’s renewable energy goals while adhering to robust labor standards and protections and Buy American policies. This will create good union jobs while building up the State’s clean energy program.”
New York State Building Trades President Gary LaBarbera said, “Renewable energy projects continue to represent major opportunities for New York to not only achieve the goals set out by CLCPA but also create thousands of family-sustaining union careers and economic stimulus that will reinvigorate our communities and the middle class. The execution of these contracts represents a significant milestone for reaping the benefits of these clean energy initiatives. We thank Governor Hochul and NYSERDA for their continued commitment to pushing forward the development of green infrastructure in New York.”
Alliance for Clean Energy New York Executive Director Marguerite Wells said, “The benefits of locally-produced renewable energy are immense and wide-ranging. We thank Governor Hochul for continuing to guide the state through our clean energy transition, which will not only benefit the New Yorkers of today but also those of generations to come. Today’s announcement shows there is continued enthusiasm from private developers to invest in New York, and New York remains ready to greet them.”
New York League of Conservation Voters President Julie Tighe said, “Climate change is happening now and the impacts will only get worse if we don’t transition off of fossil fuels and deliver on our clean energy future. Today’s announcement of new land-based renewable energy projects will mean fewer greenhouse gas emissions, better air quality, and good union jobs for New Yorkers. We thank Governor Hochul for her environmental leadership and congratulate NYSERDA on this progress toward meeting our clean energy goals.”
Natural Resources Defense Council Power Sector Managing Director Kit Kennedy said, “New York State’s leadership on clean energy is more important now than ever, given the federal government’s efforts to turn back progress. The clean energy projects announced today by Governor Hochul mean more jobs, more economic development for communities, less health-harming air pollution, and lower electricity system costs. This is what leadership means. Let’s keep it coming!”
Citizens Campaign for the Environment Executive Director Adrienne Esposito said, “We are thrilled that NY is taking another significant step forward in our state’s ongoing transition to a clean energy future. As national momentum around renewable energy and climate action stumbles, it’s more important than ever for states like New York to lead. Leadership matters and we need NY to continue on a course of establishing a 21st century energy infrastructure plan we can be proud of! These projects will deliver reliable, locally-produced clean energy to millions of New Yorkers helping to meet the state’s ambitious renewable energy goals while combating climate change, creating jobs, strengthening our economy, and enhancing long-term energy security. CCE commends Governor Hochul and NYSERDA for their commitment to advancing critical renewable energy projects that benefit both our environment and our communities.”
Advanced Energy United New York Policy Lead Kristina Persaud said, “This is an exciting milestone for New York’s clean energy future. These large-scale renewable energy projects will bring real economic benefits to communities across the state. These projects will not only provide clean power, but also quality jobs for New Yorkers. At the same time, they strengthen New York’s leadership in the rapidly growing clean energy sector, positioning the state to compete in a global market and reap the long-term economic benefits of a modern energy economy.”
These projects will add to New York’s robust portfolio of large-scale renewable energy projects, now comprised of nearly 100 solar, land-based wind, hydroelectric and offshore wind projects currently operating or under development that are expected to deliver approximately 10 gigawatts of clean power to the grid — enough to power more than 3.3 million New York homes. Of these nearly 100 projects, more than one gigawatt of capacity is under construction, which once completed will add to the 31 operational projects currently delivering 1.4 gigawatts of clean energy to the grid – now supplying power to nearly half a million New York homes.
New York State’s Climate Agenda
New York State’s climate agenda calls for an affordable and just transition to a clean energy economy that creates family-sustaining jobs, promotes economic growth through green investments, and directs a minimum of 35 percent of the benefits to disadvantaged communities. New York is advancing a suite of efforts to achieve an emissions-free economy by 2050, including in the energy, buildings, transportation, and waste sectors.
Source: US State of North Dakota
Today, the Department of Justice’s Civil Rights Division is beginning the process of dismissing lawsuits against the Louisville, Kentucky and Minneapolis, Minnesota police departments.
These lawsuits, which were filed at the last minute by the Biden administration after President Donald Trump’s reelection, accused Louisville and Minneapolis of widespread patterns of unconstitutional policing practices by wrongly equating statistical disparities with intentional discrimination and heavily relying on flawed methodologies and incomplete data. They also sought to subject the Louisville and Minneapolis police departments to sweeping consent decrees that went far beyond the Biden administration’s accusations of unconstitutional conduct; the decrees would have governed many aspects of those police departments, including their management, supervision, training, performance evaluations, discipline, staffing, recruitment, and hiring. In short, these sweeping consent decrees would have imposed years of micromanagement of local police departments by federal courts and expensive independent monitors, and potentially hundreds of millions of dollars of compliance costs, without a legally or factually adequate basis for doing so.
“Overbroad police consent decrees divest local control of policing from communities where it belongs, turning that power over to unelected and unaccountable bureaucrats, often with an anti-police agenda,” added Assistant Attorney General Harmeet K. Dhillon of the Justice Department’s Civil Rights Division. “Today, we are ending the Biden Civil Rights Division’s failed experiment of handcuffing local leaders and police departments with factually unjustified consent decrees.”
The Civil Rights Division will be taking all necessary steps to dismiss the Louisville and Minneapolis lawsuits with prejudice, to close the underlying investigations into the Louisville and Minneapolis police departments, and to retract the Biden administration’s findings of constitutional violations.
The Civil Rights Division will also be closing its investigations into, and retracting the Biden administration’s findings of constitutional violations on the part of, the following additional local police departments:
The Department of Justice will continue to offer its full support to police departments across the country, including through grants and technical assistance. The Department is confident that the vast majority of police officers across the Nation will continue to vigorously enforce the law and protect the public in full compliance with the Constitution and all applicable federal laws. When bad actors in uniform fail to do so, the Department stands ready to take all necessary action to address any resulting constitutional or civil-rights violations, including via criminal prosecution.
Source: US State of North Dakota
A Virginia attorney pleaded guilty yesterday to filing a false tax return that concealed a significant portion of his income.
The following is according to court documents and statements made in court: Asim Ghafoor, of Ashburn, was an attorney who operated a law practice in Virginia. His law practice had clients in various states, including Michigan. Ghafoor reported income from his practice on individual income tax returns that he personally prepared and signed. For 2012 through 2016, Ghafoor prepared and filed false tax returns that underreported the income he earned from his business.
In total, Ghafoor caused a tax loss to the IRS of $354,634.
Ghafoor is scheduled to be sentenced on Sept. 23. He faces a maximum penalty of three years in prison for filing a false tax return. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.
Acting Deputy Assistant Attorney General Karen E. Kelly of the Justice Department’s Tax Division made the announcement.
IRS Criminal Investigation is investigating the case.
Trial Attorneys Richard J. Kelley and Jeffrey A. McLellan of the Tax Division are prosecuting the case.