TA17-293A: Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors

Original release date: October 20, 2017 | Last revised: October 21, 2017

Systems Affected

  • Domain Controllers
  • File Servers
  • Email Servers

Overview

This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides information on advanced persistent threat (APT) actions targeting government entities and organizations in the energy, nuclear, water, aviation, and critical manufacturing sectors. Working with U.S. and international partners, DHS and FBI identified victims in these sectors. This report contains indicators of compromise (IOCs) and technical details on the tactics, techniques, and procedures (TTPs) used by APT actors on compromised victims’ networks. [....] Read More

FBI Seeks Information on Missing Washington, D.C. Juvenile

The FBI Washington Field Office and the Metropolitan Police Department (MPD) are asking for the public’s assistance in locating Dajana Houston, 11, of Washington, D.C.

Dajana Houston was last seen on Saturday, October 14, 2017. Dajana is a black female and has brown hair and brown eyes. She is 5’4” tall and weighs 110 pounds. She was last known to be wearing a purple shirt, black pants, and black shoes.

Anyone with information regarding this individual is asked to contact the FBI Washington Field Office at 202-278-2000 or tips.fbi.gov, or call MPD’s tip line at 202-727-9099. Additionally, anonymous information may be submitted to the police department’s TEXT TIP LINE by text messaging 50411. [....] Read More

Gaming Center Owner Sentenced for Obstructing Justice in ISIS Case

ALEXANDRIA, Va. – An owner of a Fairfax gaming center was sentenced to prison today for obstructing justice and making false statements involving international terrorism.

Michael Queen, 28, of Woodbridge, was sentenced to 2 years in prison. According to court documents, Queen and Soufian Amri, 32, of Falls Church, lied to FBI agents to prevent them from learning about and investigating their friend Haris Qamar’s attempt to travel to join the Islamic State of Iraq and al-Sham (ISIS). Queen and Amri knew that Qamar had attempted to travel overseas to join ISIS in 2014, yet they lied to and misled the FBI by saying that the only person they knew who might travel to join ISIS was a “tall, thin, Indian” individual. Queen later told Qamar that Queen and Amri gave the FBI the name of a Hindu individual as someone who might support ISIS. Queen told Qamar, “I’m never going to throw a Muslim underneath the bus to try to do the right thing.” [....] Read More

Man Indicted for Threatening to Murder U.S. Officials

ALEXANDRIA, Va. – A federal grand jury returned an indictment today charging a Herndon man with threatening to murder officials, officers, and employees of the Central Intelligence Agency and the U.S. State Department, as well as Virginia law enforcement officers.

William Lewis Weaver II, 36, is charged with two counts of threatening to assault and murder federal officials, officers, and employees and three counts of transmitting in interstate commerce a communication containing threats to injure the person of another. The indictment alleges that between August 23 and September 16, Weaver used a Twitter account to post tweets that threatened to murder a number of government officials, including specific threats involving bombs and a shotgun. [....] Read More

Five MS-13 Gang Members Charged with Murder

ALEXANDRIA, Va. – A federal grand jury returned an indictment today charging five members and associates of MS-13 with the murder of Christian Alexander Sosa Rivas, 21, on January 1 at a park in Dumfries.

 

According to allegations in the indictment, Edgar Oswaldo Blanco Torres, Jose Martir Larios Espenal, Samuel Enrique Villalobos Sanchez, Dimas Misael Canales Santos, and Keyri Sujey Portillo Gonzalez conspired together and with others to kidnap and murder Sosa Rivas because they believed he was a member of a rival gang who was falsely representing himself as a member of MS-13. The indictment further alleges that the defendants kidnapped and murdered Sosa Rivas for the purpose of gaining entrance to and maintaining and increasing position in MS-13, which is an enterprise engaged in racketeering activity. [....] Read More

Former Congressional Staffer Pleads Guilty to Extensive Fraud and Money Laundering Scheme

A former congressional staffer pleaded guilty today for his role in  orchestrating a scheme to steal hundreds of thousands of dollars from charitable foundations and the individuals who ran those foundations to pay for personal expenses and to illegally finance a former congressman’s campaigns for public office, announced Acting Assistant Attorney General Kenneth A. Blanco of the Justice Department’s Criminal Division and Acting U.S. Attorney Abe Martinez of the Southern District of Texas.

            [....] Read More

Former D.C. Schools Employee and Business Owner Accused of Carrying Out Bid-Rigging Scheme

            WASHINGTON – A former employee of the District of Columbia Public Schools and a business owner, her longtime friend, have been indicted on charges stemming from an alleged bid-rigging scheme involving contracts for administrative assistants valued at nearly $300,000.

            The indictments were announced today by U.S. Attorney Jessie K. Liu, Andrew Vale, Assistant Director in Charge of the FBI’s Washington Field Office, and Daniel W. Lucas, Inspector General for the District of Columbia. [....] Read More

Eight Alleged MS-13 Members Charged in Violent Racketeering Conspiracy

FOR IMMEDIATE RELEASE                                          Contact ELIZABETH MORSE

www.justice.gov/usao/md                                                     at (410) 209-4885

Greenbelt, Maryland – A federal grand jury returned a second superseding indictment on September 27, 2017 and it was unsealed today. The second superseding indictment charges the following defendants in connection with a conspiracy to participate in a racketeering enterprise known as the La Mara Salvatrucha, or MS-13: [....] Read More

Congressional Staffer Charged with Filing False Security Clearance Form

             WASHINGTON – A congressional staffer was charged today with filing a false security clearance form, announced Acting Deputy Assistant Attorney General Stuart M. Goldberg of the Justice Department’s Tax Division, U.S. Attorney Jessie K. Liu for the District of Columbia, and Assistant Director in Charge Andrew Vale of the FBI’s Washington Field Office.

 

            According to the indictment, Issac Lanier Avant, a resident of Arlington, Va., was a staff member employed by the House of Representatives since approximately 2000.  Since 2002, Avant has been the Chief of Staff for a member of Congress.  In approximately December 2006, he began an additional position for the House Committee on Homeland Security, including Deputy Staff Director and Staff Director.  The indictment charges that from 2008 through 2012, Avant earned wages of approximately $170,000 and failed to file an individual income tax return with the Internal Revenue Service (IRS) during those years.  Avant allegedly had no federal income withheld during those years because in May 2005, he caused a form to be filed with his employer that falsely claimed he was exempt from federal income taxes.  According to the indictment, Avant did not have any federal tax withheld from his paycheck until the IRS mandated that his employer begin withholding in January 2013.  [....] Read More

Bad IP list

These are IP’s that hit some of my sites with spam or massive login attempts.

192.185.78.193
207.46.13.137
185.100.87.207
46.161.9.4
23.236.171.143
94.242.252.13
192.210.169.248
94.242.252.13
94.242.206.203
204.11.58.194
 
IP Sections I block.
Note : A lot of these IP address blocks allocated are added because of a single IP.
If I receive a ton of spam or a ton of admin logins I will Block the entre [IP address blocks allocated] if it from a country I don’t care if they see my website or not.
Most of my websites are USA oriented so if you need Chinese or Russian hits or other countries I would not block these [IP address blocks] [....] Read More