500M Yahoo accounts hacked US just blamed 2 Russian Spies

Moderators: DrVolin, 82_28, Elvis, Jeff

Re: 500M Yahoo accounts hacked US just blamed 2 Russian Spie

Postby Rory » Thu Mar 16, 2017 2:16 pm

seemslikeadream » Thu Mar 16, 2017 10:13 am wrote:we .....Rory?

that would be you and your party of 1?

get over yourself ..post something interesting and not just ranting childish pablum ....don't project your inadequacies of not being able to post an OP that someone would be interested in...no one is paying attention to your ridiculous tantrums ...but thanks for keeping my thread bumped and keeping the interest up with the lurkers here...they find you extremely amusing .that would be the kind way of putting it ...so I have been told ..I mention this now because I woke up this morning to several emails about you Rory....13 years here I have many friends that still read here and I really can't repeat their comments due to the personal attack rule...you know that rule ..oh yea...it seems you don't

I know you are upset with me for publishing all your personal attack posts here over the years last week but I thought a look in the mirror would help you...no one has learn one iota of an interesting fact from you, unless you consider 140 ranting hateful character tweets a skill set


You have internet friends. I guess you win. Go forth and multiply the bandwidth with endless floods of copy pasta.
Rory
 
Posts: 1596
Joined: Tue Jun 10, 2008 2:08 pm
Blog: View Blog (0)

Re: 500M Yahoo accounts hacked US just blamed 2 Russian Spie

Postby Rory » Thu Mar 16, 2017 2:18 pm

seemslikeadream » Thu Mar 16, 2017 10:11 am wrote:I do not ...will not take any suggestions from you ...you are not important to me


Yet, here you are. You don't post original content, except about me, or in your earlier incarnation as chief rabble rouser trying to get American Dream banned, for, wait for it, spaming the boards with gigabites of copy pasta. How the world spins
Rory
 
Posts: 1596
Joined: Tue Jun 10, 2008 2:08 pm
Blog: View Blog (0)

Re: 500M Yahoo accounts hacked US just blamed 2 Russian Spie

Postby seemslikeadream » Thu Mar 16, 2017 2:21 pm

I'd love to play in your sandbox all day but there are more important things going on...bye bye for now...take care of yourself Rory

yes I have friends that come here to read what I post and sometimes they say for the laughter you bring to them

15 years on the net and a lot of friends that's why you really don't bother me although I must admit you are a bit annoying at times but my time in the dungeon of Democratic Underground was a schooling that will last forever ..you are no match for the keepers there :P


Rory » Thu Mar 16, 2017 1:18 pm wrote:
Yet, here you are. You don't post original content, except about me, or in your earlier incarnation as chief rabble rouser trying to get American Dream banned, for, wait for it, spaming the boards with gigabites of copy pasta. How the world spins


I'm sorry what original content do you bring to RI except for you annoying personal insults and those are really original?
:wave:


In total there are 127 users online :: 1 registered, 3 hidden and 123 guests (based on users active over the past 5 minutes)
"This is formal impeachment proceedings," Nader told CNN's Erin Burnett Thursday on "OutFront."
User avatar
seemslikeadream
 
Posts: 30838
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)

Re: 500M Yahoo accounts hacked US just blamed 2 Russian Spie

Postby seemslikeadream » Wed Mar 22, 2017 10:13 am

Alexsey’s TTPs
(.. Tactics, Techniques, and Procedures)

Mike Arpaia and I flew out of JFK on the morning of January 22nd, 2012. We were gainfully employed by ████████ and responding to a breach that a client had suffered. Mike and I spent a week pouring over forensic artifacts and soon identified the perp as a Russian-speaking hacker called “M4g”.
M4g would later be revealed by the FBI as Alexsey Belan, indicted four times (including the Yahoo hack), and sanctioned by the Obama administration.
Image
Photos of Alexsey Belan published by the FBI
Belan targeted tech firms on the west coast. Many of the large breaches publicized during 2012 and 2013 are attributed to him, and news of others didn’t make it into the public domain.
This post details the victim estates and provides insight into the modus operandi of a prolific adversary. Please use this material to consider your environment and ensure these weak links do not exist within it.
TL;DR
Belan’s observed offensive traits were as follows:
He identified peripheral web servers via Google and Linkedin searches
Used known WordPress flaws and custom bugs to compromise PHP sites
Linux authentication mechanisms were altered to capture credentials
Nmap was used to identify exposed network services internally
Corporate Wikis revealed administrative workflows and VPN details
Ticketing, bug tracking, and version control systems provided secrets (e.g. cryptographic keys, seeds, hashes, credentials, and source code)
Cookies from weak non-production instances (e.g. staging) were valid in production as cryptographic materials were the same — bypassing 2FA
Client certificates (exposed by email, ticketing, or lifted from filesystems) were combined with known credentials to access corporate VPNs
Engineering credentials were used to commit backdoors to version control which were self-approved and later deployed into production
Email addresses and password hashes were amassed with each compromise. Cracked credentials were used to target further victims via exposed mail services (e.g. Outlook on the Web or G Suite), and the exploratory process was repeated to gain privileged network access via VPN or similar means.
Defensive controls checklist:
Segregate risky Internet-exposed servers (e.g. third-party PHP sites)
Do not leave secrets in your Wiki, ticketing, or bug tracking systems, or send sensitive material over email (e.g. credentials, certificates, or keys)
Don’t re-use cryptographic seeds, keys, or credentials across production and non-production environments (e.g. development or staging)
Compromised servers made odd DNS requests (e.g. resolving m4g.ru). Use a monitoring tool such as DNS Analytics for Splunk to flag anomalies
Software certificates are an insufficient second factor. Use a real 2FA solution such as Duo and consider hardware tokens to protect private keys via FIPS 201–1 and other standards, as supported by the YubiKey 4
Proper segmentation, enforcement of a sensible policy around the safe transmission of secrets, and close monitoring of production systems nullify this threat.
Technical Details
Image
The marketing department of Belan’s first known victim ran a vulnerable WordPress server from a branch office. The server sat on the corporate WAN and could access internal systems: it wasn’t segregated or placed in a DMZ.
Belan found the server through a Google search and exploited it via CVE-2011–4106. Next, he downloaded tools via wget from m4g.ru and elevated privileges via CVE-2010–3856.
The following steps were undertaken over a five day period:
He replaced the PHP authentication mechanism (l10n.php) to capture credentials of corporate users interacting with the WordPress site
Ran Nmap and discovered the internal Wiki
Captured a handful of valid credentials via WordPress
Authenticated with the Wiki using captured user credentials
Came to understand the administrative procedures via the Wiki
Failed to authenticate with the administrative portal (2FA was required)
Identified a staging instance of the administrative portal that didn’t require 2FA. Authenticated, and subsequently identified directory traversal and arbitrary file upload flaws through manual testing
Found that cookies generated in staging were valid in production, and modified a staging cookie to access the production instance of the administrative portal (bypassing 2FA)
Gained privileged access to the administrative portal server via the known web application flaws, and a obtained a MySQL credential that provided access to customer data within the production environment
Ran mysqldump against the production database, creating 1.txt
Compressed and attempted to SCP 1.tgz to a masterhost.ru shell server using directory structures containing mnogo.mobi and m4g.ru domains
The SCP process failed, and so 1.tgz was split into chunks and exfiltrated by placing them onto an NFS share used to serve static content in the production web environment
Use of Linkedin to Target Peripheral Systems
Belan’s second known victim was notified by the FBI of a breach. We identified an engineering account that had accessed the corporate VPN from Russian IP space, and subsequently discovered a compromised web server running on the engineer’s iMac in the kitchen of his home in Santa Clara.
The web server was a Linux VM running within the iMac via Parallels. Belan had found the server via the engineer’s own public Linkedin profile, e.g.
Image
Personal websites listed in a user’s Linkedin profile
The Linux VM hosted a handful of PHP sites. Belan worked to remotely compromise the Linux VM, host system, and finally his target, as follows:
Tested each PHP site by hand to identify potential weaknesses
Successfully identified and exploited a custom arbitrary file upload flaw
Elevated privileges to root via CVE-2010–3856 (as before)
Altered Linux and PHP authentication mechanisms to capture credentials
Obtained and cracked local user password hashes from /etc/shadow
Authenticated with the Linux VM via SSH using a valid credential
Launched a brute-force SSH password grinding attack from the guest Linux VM against the host operating system (running MacOS X)
Used tools to clear utmp and wtmp log entries within the Linux VM
Successfully authenticated with the host operating system via SSH using a permutation of a known user credential
Obtained corporate VPN configuration details from the host operating system, including the gateway details, client certificate, and private key
Combined the VPN settings with known credentials to authenticate with, and access the corporate VPN as the engineer himself
Application, database, and infrastructure logs within the victim environment were rolling (overwriting entries after 10–14 days). As such, our ability to investigate this compromise was limited. The facts however are as follows:
Belan maintained corporate VPN access for four months
The customer database was obtained from the production environment
Lack of 2FA + The Cloud =

By mid-2013, Belan had amassed 200 million credentials (including email addresses, passwords, but also answers to security questions). Organizations embracing cloud services but not 2FA were soft targets.
A third victim was breached through the following steps:
Use of a valid credential (user/pass) to authenticate with Google Mail
Access to an Internet-based JIRA instance granted via OpenID
Issues in JIRA revealed a legacy Internet-based Subversion (SVN) server
Already known and valid credentials were used to access the SVN server
Local privileges were elevated and engineering password hashes were obtained from /etc/shadow and other files within version control
Internet-exposed Git production instance accessed via cracked credentials
JSP shell committed into Git, self-approved, and queued for deployment
An unwitting engineer later deployed the code into production
Belan read the production database environment variables from an application server via the JSP shell he had implanted
Ran mysqldump against the production database, creating 1.txt
Compressed, split, and exfiltrated 1.tgz via the application server
Fallout and Closing Remarks
1.2 billion usernames, password hashes, and security questions have been compromised from a handful of known victims (including Yahoo, Evernote, Scribd, and Zappos, according to the New York Times), and likely millions of further records from unknown victims.

Consider the number of organizations that provide services to their users and employees over the public Internet, including:
Web portals for sales and marketing purposes
Mail access via Microsoft Outlook on the Web and Google Mail
Collaboration via Slack, HipChat, SharePoint, and Confluence
DevOps and support via GitHub, JIRA, and CI/CD utilities
Next, consider how many enforce 2FA across their entire attack surface. Large enterprises often expose domain-joined systems to the Internet that can be leveraged to provide privileged network access (via Microsoft IIS, SharePoint, and other services supporting NTLM authentication).
The number of weak networks is high enough for Belan and the FSB to pose a serious threat to organizations around the globe with their Rolodex of secrets. The personal mail and messaging accounts of politicians, lawyers, activists, and journalists can also be easily targeted.
Finally, consider the number of corporate VPNs using unsafe 2FA (requiring only a username, password, and software-based certificate). First-hand experience leads me to believe this number is high. VPN certificates and keys are often found within and lifted from email, ticketing, and chat services.
https://medium.com/@chrismcnab/alexseys ... .gnp4c7jq7
"This is formal impeachment proceedings," Nader told CNN's Erin Burnett Thursday on "OutFront."
User avatar
seemslikeadream
 
Posts: 30838
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)

Re: 500M Yahoo accounts hacked US just blamed 2 Russian Spie

Postby seemslikeadream » Wed Jun 28, 2017 3:54 pm

CYBER RISK | Fri Jun 16, 2017 | 1:08pm EDT
Alleged Canadian hacker may not fight U.S. extradition: lawyer

REUTERS/Dado Ruvic/Illustration
The Canadian accused of helping Russian intelligence agents break into email accounts as part of a massive 2014 breach of Yahoo accounts may waive his right to fight a U.S. extradition request, his lawyer said on Friday.

Karim Baratov's lawyer Amedeo DiCarlo said he is in discussions with the Federal Bureau of Investigation and U.S. prosecutors in Washington about the case and will announce a decision at a hearing due on July 7.

Baratov, a Canadian citizen born in Kazakhstan, was arrested in March on U.S. charges that he was paid to break into at least 80 email accounts by Russian intelligence agents who masterminded the 2014 theft of data from some 500 million Yahoo Inc YHOO.O user accounts.

He is the only one of four people charged in the case currently in custody. Two others are Russian intelligence agents, according to U.S. authorities, and the third is Alexsey Belan, one of the FBI's most wanted cyber criminals.

Baratov has been denied bail and remains in an Ontario jail, with judges ruling that he is a flight risk.

http://www.reuters.com/article/us-yahoo ... SKBN197247
"This is formal impeachment proceedings," Nader told CNN's Erin Burnett Thursday on "OutFront."
User avatar
seemslikeadream
 
Posts: 30838
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)

Re: 500M Yahoo accounts hacked US just blamed 2 Russian Spie

Postby seemslikeadream » Tue Oct 03, 2017 5:50 pm

Yahoo now thinks all 3B accounts were impacted by 2013 breach, not 1B as thought
Posted 50 minutes ago by Ingrid Lunden (@ingridlunden)


Internet giant Yahoo’s massive 2013 security breach has dealt the company yet another blow. Today Yahoo sent out a notice disclosing that a further investigation of the “cookie forging” breach has produced new evidence. The company now believes that all of its three billion accounts were impacted, not 1 billion as it previously thought. This will include all people who have Yahoo emails, and all people who had registered for any other Yahoo service like Flickr or fantasy sports.

The company, now a part of Oath after it was acquired by Verizon for $4.5 billion and merged with AOL (which also owns TechCrunch), said that it discovered the new evidence while integrating the companies.

It tried to mitigate the blow today by noting that when the 2013 breach was discovered and disclosed — in 2016 — the company “took action to protect all accounts.”

Those measures involved directly notifying impacted users “identified at the time,” requiring password changes and invalidating unencrypted security questions and answers so that they could not be used to access an account. Because Yahoo said it took action to protect all accounts previously, “No additional notifications regarding the cookie forging activity are being sent in connection with this update.”

This is not just a major blow to public confidence in Yahoo, but to Verizon, which had already received a discount of $350 million on its acquisition price for the company because of the initial findings from the breach.

“Verizon is committed to the highest standards of accountability and transparency, and we proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats,” said Chandra McMahon, Chief Information Security Officer, Verizon. “Our investment in Yahoo is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizon’s experience and resources.”

For affected accounts, Yahoo said the stolen user account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers.

“The investigation indicates that the information that was stolen did not include passwords in clear text, payment card data, or bank account information. Payment card data and bank account information are not stored in the system the company believes was affected,” said the company. More details here.

Coupled with the revelation in September of the Equifax breach, today’s developments tell a dark story about how some of the biggest and oldest institutions on the web are some of the most vulnerable to malicious hackers.

Yahoo’s provided a list of guidelines for what to do to secure your account. And whether you are still sticking with the company after all this, or whether you are using other services, they are generally good rules of thumb if you don’t follow them already:

Change your passwords and security questions and answers for any other accounts on which you used the same or similar information used for your Yahoo Account (or whatever account happens to have been breached).
Review your accounts for suspicious activity.
Be cautious of any unsolicited communications that ask for your personal information or refer you to a web page asking for personal information.
Avoid clicking on links or downloading attachments from suspicious emails.
Apps that provide account keys to eliminate you needing to use passwords at all can also be useful.

The full notice from Yahoo is below:

NEW YORK, N.Y., October 3, 2017-Yahoo, now part of Oath, today announced that it is providing notice to additional user accounts affected by an August 2013 data theft previously disclosed by the company on December 14, 2016. At that time, Yahoo disclosed that more than one billion of the approximately three billion accounts existing in 2013 had likely been affected. In 2016, Yahoo took action to protect all accounts, including directly notifying impacted users identified at the time, requiring password changes and invalidating unencrypted security questions and answers so that they could not be used to access an account. Yahoo also notified users via a notice on its website.
Subsequent to Yahoo’s acquisition by Verizon, and during integration, the company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft. While this is not a new security issue, Yahoo is sending email notifications to the additional affected user accounts. The investigation indicates that the user account information that was stolen did not include passwords in clear text, payment card data, or bank account information. The company is continuing to work closely with law enforcement.
“Verizon is committed to the highest standards of accountability and transparency, and we proactively work to ensure the safety and security of our users and networks in an evolving landscape of online threats,” said Chandra McMahon, Chief Information Security Officer, Verizon. “Our investment in Yahoo is allowing that team to continue to take significant steps to enhance their security, as well as benefit from Verizon’s experience and resources.”
https://techcrunch.com/2017/10/03/yahoo ... s-thought/
"This is formal impeachment proceedings," Nader told CNN's Erin Burnett Thursday on "OutFront."
User avatar
seemslikeadream
 
Posts: 30838
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)

Re: 500M Yahoo accounts hacked US just blamed 2 Russian Spie

Postby seemslikeadream » Wed Nov 29, 2017 6:15 pm

Canadian Man Pleads Guilty to Hacking Gmail Accounts for the Kremlin

Karim Baratov didn’t know he was doing work for Russia’s FSB when he cracked eight passwords of government officials for $100 apiece.


SAN FRANCISCO—A 22-year-old man who ran a successful hacker-for-hire business from his home in Toronto pleaded guilty to federal conspiracy and identity theft charges Tuesday, admitting in open court that he cracked account passwords at Gmail on behalf of a customer who turned out to be an officer with Russia’s Federal Security Service, or FSB.

Karim Baratov’s guilty plea is a minor milestone in U.S. efforts against the Kremlin’s hacking operations in the wake of last year’s election interference campaign. Under the terms of his plea agreement, he likely faces between 7 to 8 years in prison when he’s sentenced in February.

Baratov, a Canadian citizen born in Kazakhstan, became involved with Russia through a black market hacking service he offered that would obtain other people’s Gmail passwords for an advertised rate of $60 per account. An FSB officer, using a pseudonym, offered him a premium rate of $100-a-head to hit a total of 80 targets over time, including people in other Russian agencies, and government officials in neighboring Eastern European nations.

Only eight of the hack attempts were successful, according to Baratov’s defense lawyers, who say Baratov never knew he was working for the Kremlin. “He had no idea until the indictment was unsealed,” said attorney Robert Fantone.

Baratov’s hacking career was abruptly derailed last March when he was arrested in Canada on a U.S. warrant, and he’s been locked up in a county jail outside San Francisco since waiving an extradition battle last August. He’s likely the sole defendant that will ever appear in court on a sweeping 47-count indictment unsealed earlier this year that accused him and three Russian nationals of conspiring to commit a massive 2014 data breach at Yahoo that compromised account information on 500 million users.

He’s not accused of participating directly in the Yahoo hack, or even knowing about it. Instead, the FSB used him to fill the gap when they encountered a target that used Gmail, or another provider, instead of Yahoo, where the FSB already had the ability to access any account. Baratov primarily used phishing attacks that tricked users into entering their passwords into a fake password reset page, and he maintained a fleet of look-alike web addresses for Gmail, Russia’s Mail.Ru, and other webmail providers.

One current and one former FSB officer are also charged in the case, as is a long-notorious Russian hacker named Alexsey Belan who was already wanted in two states for conventional cybercrime. Belan, who allegedly carried out the Yahoo hack, is living beyond the U.S. government’s reach in Russia, as is Igor Sushchin, the FSB officer that allegedly oversaw the email hacking.

The fourth defendant, Dmitry Dokuchaev, was allegedly responsible for contracting Baratov’s services, but has more pressing legal issues at home. A former officer at the FSB’s computer crime branch, Dokuchaev was arrested by his own agency in December 2016 and charged with treason, under circumstances that remain shrouded in mystery.

Baratov never expected to become embroiled in a geopolitical chess match, says defense attorney Andrew Mancilla.

“He’s been transparent and forthright with the government since he got here,” Mancilla said.

The FSB apparently accounted for only a tiny portion of Baratov’s hacking enterprise. In all, the hacker breached 11,000 webmail accounts for various customers over the years. Federal prosecutors Jeffrey Shih and Scott McCulloch, the latter from the Justice Department’s National Security Division in Washington, said in court they planned on setting up a dedicated website to notify all the victims of his hacking.
https://www.thedailybeast.com/canadian- ... he-kremlin


seemslikeadream » Thu Apr 06, 2017 7:22 am wrote:
SitRep: Trump Advisor Bannon Predicts Wars With China, Middle East; Pentagon Officials Say Gloves Off in Yemen

Foreign Policy Magazine
Paul McLeary and Adam Rawnsley
Foreign Policy MagazineFebruary 1, 2017


Bannon’s world. For someone who ran a media company — and hosted a radio show — before become President Trump’s top advisor, there’s been an air of mystery surrounding Steve Bannon. The USA Today went back and listened to dozens of recordings of the show he hosted for the conspiracy-minded, ultra-right wing Breitbart media company, and found that much of what he said in 2015 and early 2016 has since been parroted by POTUS.

Earlier this week, Trump made Bannon a member of his National Security Council, taking the highly unusual step of installing a political adviser in the middle of his national security team.

In one episode, Bannon said, “you have an expansionist Islam and you have an expansionist China. Right? They are motivated. They’re arrogant. They’re on the march. And they think the Judeo-Christian West is on the retreat” He went on to predict a war between the U.S. and China within the next decade.

He also predicted “a major shooting war in the Middle East” in the coming years. “To be brutally frank, I mean Christianity is dying in Europe, and Islam is on the rise,” he said in January 2016. “Some of these situations may get a little unpleasant,” Bannon said. “But you know what, we’re in a war.”

Keep an eye on Yemen. Some Pentagon officials are looking at Yemen as a place where the Trump administration might allow the military more room for action than the Obama administration, according to the Washington Post’s Thomas Gibbons-Neff and Missy Ryan.

After the weekend’s Navy SEAL raid on an al Qaeda camp that killed over a dozen fighters — along with the 8 year-old daughter of deceased American cleric Anwar ­al-Awlaki, who was killed in 2011 in a U.S. drone strike – along with Chief Petty Officer William “Ryan” Owens, defense officials see more action coming. “We expect an easier approval cycle [for operations] under this administration,” one defense official told the Post. Another former officials with experience in Yemen said that more U.S. troops on the ground in Yemen was “overdue.”

Military clears itself of wrongdoing. Remember back to late 2015, when a group of civilian intelligence analysts at the U.S. Central Command charged that their bosses were tweaking their work to make it look like the war against ISIS in Iraq was going better than facts on the ground warranted? This might surprise you, but a Pentagon investigation due out Wednesday finds little evidence to support those charges. Buzzfeed’s Nancy Youssef first reported the results of the investigation, saying one of the analysts called the report a “whitewash.”

Asking too much of Mattis? Expectations for new Defense Secretary James Mattis are high — with allies and domestic observers expecting him to act as a bulwark against an inexperienced White House’s desire to move fast.

“Mattis is the canary in the coal mine,” signaling the mood of the Trump administration, one foreign official told the Wall Street Journal’s Gordon Lubold and Julian Barnes. That’s a lot to ask of any cabinet member, and let’s not forget that Mattis has bosses: national security advisor Michael Flynn and President Trump, to whom he’s accountable, and whose policies he’s tasked with carrying out.

But the SecDef is wheels up for Asia on Wednesday, stopping off in Japan and South Korea on the first overseas trip of any member of the Trump administration. While there, Mattis will address the North Korean threat, China’s moves in the South China Sea, and calm jittery allies unsure over Trump’s campaign pledges to pull U.S. troops out of overseas bases in the region. Later this month, Mattis will head to an international summit in Germany, where he’ll again be asked to be the leading face for the future of U.S. foreign policy.

Tell us how you really feel. A senior career diplomat “delivered a soaring and thinly-veiled critique of President Donald Trump’s foreign policy in a farewell address Tuesday that pleaded with colleagues to stay in their positions and uphold America’s longstanding policies of openness and liberty,: FP’s John Hudson reports from Foggy Bottom.

“We still owe something to America,” said Tom Countryman, the outgoing under secretary of state for arms control, at a private goodbye party at the State Department. “A policy without professionals is by definition an amateur policy. You have to help make the choices that bring this country forward.”

You down with FSB? A top cybersecurity specialist and his deputy in Russia’s intelligence service, the FSB, are reportedly being accused by the Kremlin of “breaking their oath” by working with America’s Central Intelligence Agency, FP’s Emily Tamkin tells us. “Sergei Mikhailov, allegedly detained at a board meeting last December, and his deputy, Dmitry Dokuchaev, were arrested by the Kremlin on Jan. 27 for treason and illegal hacking. Then, on Tuesday, Russian news agency Interfax, after hearing from unidentified sources, reported that they, along with Ruslan Stoyanov, the head of cybercrime investigations at Kaspersky Labs, and a fourth, as yet unnamed person, are suspected of passing along secret information to the CIA — or of passing it to someone who passed it to the CIA.”

"This is formal impeachment proceedings," Nader told CNN's Erin Burnett Thursday on "OutFront."
User avatar
seemslikeadream
 
Posts: 30838
Joined: Wed Apr 27, 2005 11:28 pm
Location: into the black
Blog: View Blog (83)

Previous

Return to General Discussion

Who is online

Users browsing this forum: No registered users and 24 guests