Notices by BrianKrebs (briankrebs@infosec.exchange)

Of course, the White House claims no classified data was shared. What else would they say?

Calling Goldberg's coverage of this monumental and unprecedented OPSEC fail by a US presidential administration "sensationalist" is beyond the pale. Given the volume of sensitive information shared with him unsolicited via Signal, Mr. Goldberg's reporting demonstrated that he exercised remarkable restraint in not publishing a great deal of what he was given.

Whether it's sending Com kids in to monkey with taxpayer databases, setting up Starlink antennas on top of the White House complex for "faster Wi-Fi," or granting TS/SCI clearances to anyone without a thorough background check, this administration’s overall approach to security measures is to go around them, or just pretend they don’t exist for a good reason.

The administration is really hoping they can just sweep this one under the rug. That can't be allowed to happen, because this is not going to be an isolated event.

From the NYT:

"Two of the Trump administration’s top intelligence officials denied that classified information was shared in an encrypted group chat in which details of an attack on Yemen were discussed in the presence of a journalist who had been mistakenly added to the conversation."

"The Senate Intelligence Committee is holding a previously scheduled briefing on global threats with Tulsi Gabbard, the director of national intelligence; John Ratcliffe, the C.I.A. director; and the F.B.I. director, Kash Patel. Pressed repeatedly about the security breach, Ms. Gabbard and Mr. Ratcliffe both denied that classified material had been shared in the chat. Mr. Patel declined to say if the F.B.I. had begun an investigation."

"The White House also sought to downplay the serious nature of the extraordinary security breach, as bipartisan criticism of the incident grew on Tuesday and leading Democrats called for the resignation of the national security adviser, Michael Waltz, who set up the group chat, and the defense secretary, Pete Hegseth, who reportedly shared classified war plans in it."

Here are the latest developments:

Defending Waltz: President Trump defended Mr. Waltz, saying in an interview with NBC News that the national security adviser had “learned a lesson” and suggested a staff member was to blame for including a journalist in the secret group chat.

Bipartisan criticism: The vice chairman of the intelligence committee, Mark Warner, Democrat of Virginia, denounced what he called “sloppy, careless, incompetent behavior” by the country’s top intelligence officials. Representative Don Bacon, Republican of Nebraska and a senior member of the Armed Services Committee, told reporters that the White House should “be honest and own up” to what happened.

"Damage control: The White House press secretary, Karoline Leavitt, said no classified material was sent to the group chat, and she attacked the journalist who revealed it, Jeffrey Goldberg of The Atlantic, as “sensationalist.” Her statement came a day after Mr. Hegseth suggested the leak was a “hoax” even as the White House confirmed that messages he sent to it appeared to be authentic."

https://www.nytimes.com/live/2025/03/25/us/trump-hegseth-war-plans-leak-signal

What nobody is talking about yet is how badly this will damage our already frayed relations with our major allies, who will be rightfully horrified of sharing any sensitive intelligence with a bunch of bumbling nitwits sending thumbs-up emojis.

Let's be honest: Haven't we all at one point drunk texted a reporter an invitation to discuss plans for an upcoming military attack? Something tells me Hegseth will be hitting the sauce pretty hard tonight.

I've noticed something that I think is worth pointing out: pretty much ALL of the pushback I have gotten on LinkedIn over the past few months over stories critical of this administration has come from men in IT. Many of whom no doubt idolize Musk, who in their minds can walk on water.

Conversely, the response almost universally I've seen from female non/male people in IT and security professionals on LinkedIn has been a great deal more appropriate, i.e. horror, disgust and revulsion for the way this administration is treating federal employees, veterans, the courts, judges, lawyers, journalists, and important, long-standing U.S. policy interests.

I guess what I'm saying is nobody should expect the men in IT to lead the resistance. So many of them are like this guy: angry, aggressive, and really excited about the good old US of A going back to the 80s. Like the 1880s.

The NYT is reporting that the National Security Council has confirmed the screw up:

“At this time, the message thread that was reported appears to be authentic, and we are reviewing how an inadvertent number was added to the chain,” Brian Hughes, the National Security Council spokesman, said in an emailed statement. He called the thread “a demonstration of the deep and thoughtful policy coordination between senior officials.”

"Several Defense Department officials said that having the type of conversation that Defense Secretary Pete Hegseth and others had in a Signal chat group could be a violation of the Espionage Act. Revealing operational war plans before planned strikes could also put American troops directly into harm’s way, the officials said."

https://www.nytimes.com/live/2025/03/24/us/trump-news#hegseth-classified-war-plans-group-chat

Drop what you're doing and read this incredible story, which recounts how a reporter for The Atlantic was inadvertently included in a private Signal discussion group that appears to have included Defense Secretary Pete Hegseth, Sec. of State Marco Rubio and other administration officials discussing plans for an upcoming U.S. military assault on Yemen.

The reporter, Jeff Goldberg, said he was convinced it was all an elaborate hoax as they laid out the pros and cons of specific attack options, and discussed targets over the course of a week. That is, until they shared on the Signal chat exactly where and when the targets in Yemen would be hit, and then those targets got hit exactly when they'd said.

"The world found out shortly before 2 p.m. eastern time on March 15 that the United States was bombing Houthi targets across Yemen."

"I, however, knew two hours before the first bombs exploded that the attack might be coming. The reason I knew this is that Pete Hegseth, the secretary of defense, had texted me the war plan at 11:44 a.m. The plan included precise information about weapons packages, targets, and timing.

"According to the lengthy Hegseth text, the first detonations in Yemen would be felt two hours hence, at 1:45 p.m. eastern time. So I waited in my car in a supermarket parking lot. If this Signal chat was real, I reasoned, Houthi targets would soon be bombed. At about 1:55, I checked X and searched Yemen. Explosions were then being heard across Sanaa, the capital city."

"I went back to the Signal channel. At 1:48, “Michael Waltz” had provided the group an update. Again, I won’t quote from this text, except to note that he described the operation as an “amazing job.” A few minutes later, “John Ratcliffe” wrote, “A good start.” Not long after, Waltz responded with three emoji: a fist, an American flag, and fire. Others soon joined in, including “MAR,” who wrote, “Good Job Pete and your team!!,” and “Susie Wiles,” who texted, “Kudos to all – most particularly those in theater and CENTCOM! Really great. God bless.” “Steve Witkoff” responded with five emoji: two hands-praying, a flexed bicep, and two American flags."

"I have never seen a breach quite like this. It is not uncommon for national-security officials to communicate on Signal. But the app is used primarily for meeting planning and other logistical matters—not for detailed and highly confidential discussions of a pending military action. And, of course, I’ve never heard of an instance in which a journalist has been invited to such a discussion."

https://www.theatlantic.com/politics/archive/2025/03/trump-administration-accidentally-texted-me-its-war-plans/682151/?gift=DjgA9DZGvABas7wFCM-ptk0vpPuikYUZT9Ej3cJbK1s&utm_source=copy-link&utm_medium=social&utm_campaign=share

Not a single Republican is going to say anything about POTUS's shameful treatment of veterans? Especially those most in need? All cowards. This is hard to read without wincing, and it's an utter disgrace for the United States to treat its veterans this way.

"Late in February, as the Trump administration ramped up its quest to transform the federal government, a psychiatrist who treats veterans was directed to her new workstation — and was incredulous."

"She was required, under a new return-to-office policy, to conduct virtual psychotherapy with her patients from one of 13 cubicles in a large open office space, the kind of setup used for call centers. Other staff might overhear the sessions, or appear on the patient’s screen as they passed on their way to the bathroom and break room."

"The psychiatrist was stunned. Her patients suffered from disorders like schizophrenia and bipolar disorder. Treating them from her home office, it had taken many months to earn their trust. This new arrangement, she said, violated a core ethical tenet of mental health care: the guarantee of privacy."

"When the doctor asked how she was expected to safeguard patient privacy, a supervisor suggested she purchase privacy screens and a white noise machine. “I’m ready to walk away if it comes to it,” she wrote to her manager, in a text message shared with The New York Times. “I get it,” the manager replied. “Many of us are ready to walk away.”

"Scenes like this have been unfolding in Veterans Affairs facilities across the country in recent weeks, as therapy and other mental health services have been thrown into turmoil amid the dramatic changes ordered by President Trump and pushed by Elon Musk’s Department of Government Efficiency."

"Among the most consequential orders is the requirement that thousands of mental health providers, including many who were hired for fully remote positions, now work full time from federal office space. This is a jarring policy reversal for the V.A., which pioneered the practice of virtual health care two decades ago as a way to reach isolated veterans, long before the pandemic made telehealth the preferred mode of treatment for many Americans."

"As the first wave of providers reports to offices where there is simply not enough room to accommodate them, many found no way to ensure patient privacy, health workers said. Some have filed complaints, warning that the arrangement violates ethics regulations and medical privacy laws. At the same time, layoffs of at least 1,900 probationary employees are thinning out already stressed services that assist veterans who are homeless or suicidal."

"In more than three dozen interviews, current and recently terminated mental health workers at the V.A. described a period of rapid, chaotic behind-the-scenes change. Many agreed to speak on the condition of anonymity because they want to continue to serve veterans, and feared retribution from the Trump administration."

"Clinicians warn that the changes will degrade mental health treatment at the V.A., which already has severe staffing shortages. Some expect to see a mass exodus of sought-after specialists, like psychiatrists and psychologists. They expect wait times to increase, and veterans to eventually seek treatment outside the agency."

https://www.nytimes.com/2025/03/22/us/politics/veterans-affairs-mental-health-doge.html

ICYMI, the POTUS just issued a memorandum instructing the DOJ and DHS to go after lawyers who challenge the administration.

"President Trump broadened his campaign of retaliation against lawyers he dislikes with a new memorandum that threatens to use government power to punish any law firms that, in his view, unfairly challenge his administration."

"The memorandum directs the heads of the Justice and Homeland Security Departments to “seek sanctions against attorneys and law firms who engage in frivolous, unreasonable and vexatious litigation against the United States” or in matters that come before federal agencies."

"Mr. Trump issued the order late Friday night, after a tumultuous week for the American legal community in which one of the country’s premier firms, Paul, Weiss, Rifkind, Wharton & Garrison, struck a deal with the White House to spare the company from a punitive decree issued by Mr. Trump the previous week."

"Vanita Gupta, who as a civil rights lawyer and a former Justice Department official has both sued the government and defended it in court, said Mr. Trump’s memo “attacks the very foundations of our legal system by threatening and intimidating litigants who aim to hold our government accountable to the law and the Constitution.”

https://www.nytimes.com/2025/03/22/us/politics/trump-memo-lawyers.html

I've been checking their work, and it checks out so far. These and several related sites have been up and down for the past few months.

"A CDC clone website is filled with false and misleading vaccine claims against a backdrop of false balance. An NGO led by the current HHS Secretary until December 2024 is hosting content for the CDC clone. The domain realcdc[.]org currently redirects to this CDC clone, which is staged on chdstaging[.]org."

"The site uses CDC logos, real CDC social media links, and authoritative language, raising serious legal concerns under federal impersonation statutes. This deceptive staging site risks misleading parents, undermining public trust, and even violating federal law."

"It also raises an inevitable critical question: Is the HHS Secretary aware of the site, and if so, how will he address this conflict of interest and take action on an apparent effort to impersonate a federal agency?"

https://infoepi.substack.com/p/cdc-clone-site-rife-with-false-vaccine

Also, this document indicates that these domains indeed share a Cloudflare host:

https://gist.github.com/xNV3mHwjPU/7469c3be1d16b551f0c56ac0f2589678

Examples of the anti-vaccine content:

https://web.archive.org/web/20250322013659/https://cdc.chdstaging.org/

You can still see some of this crap at

https://covidindex1025.chdstaging[.]org

Someone riddle me this: Why would Trump's Jan. 29 Executive Order on "Additional Measures to Combat Anti-Semitism" be given the executive order number it has, which is 14188? Surely, even with the flood of EOs this POTUS has issued already, we're not up to that number.

So where did it come from? Check out the Wikipedia entry for "fourteen words," also abbreviated 14 or 1488), which says it is a reference to "two slogans originated by the American domestic terrorist David Eden Lane, one of nine founding members of the defunct white supremacist terrorist organization The Order, and are accompanied by Lane's "88 Precepts". The slogans have served as a rallying cry for militant white nationalists internationally."

"Lane used the 14-88 numerical coding extensively throughout his spiritual, political, religious, esoteric, and philosophical tracts and notably in his "88 Precepts" manifesto. According to the Southern Poverty Law Center, inspiration for the Fourteen Words "are derived from a passage in Adolf Hitler's autobiographical book Mein Kampf."

"The Fourteen Words have been prominently used by neo-Nazis, white power skinheads and certain white nationalists and the alt-right. "88" is used by some as a shorthand for "Heil Hitler", 'H' being the 8th letter of the alphabet,[16] though Lane viewed Nazism along with America as being part of the "Zionist conspiracy."

[edit: several readers have rightly pointed out that this is likely just a coincidence, and that the EOs are cumulatively numbered already into the 14,000s. still, it's unfortunate]

https://en.m.wikipedia.org/wiki/Fourteen_Words

@cR0w Okay, but civil disobedience of the harmless variety is what I'm talking about. Like, why isn't Musk doing his Nazi salute being projected on government buildings throughout DC, or other major cities? Or things to get under POTUS's skin? This stuff isn't hard to do, and I guess I would have expected to see more of it. Like Turk182 type shit.

Wow. The US Treasury Dept. today announced it is lifting sanctions on Tornado Cash, a cryptocurrency mixing service that state-sponsored hackers from North Korea have been massively using to launder their stolen billions.

"Based on the Administration’s review of the novel legal and policy issues raised by use of financial sanctions against financial and commercial activity occurring within evolving technology and legal environments, we have exercised our discretion to remove the economic sanctions against Tornado Cash as reflected in Treasury’s Monday filing in Van Loon v. Department of the Treasury."

https://home.treasury.gov/news/press-releases/sb0057

h/t to @ncweaver for the heads up. Weaver said: "The US government has just said "money laundering is legal as long as the process is automated."

"Every wei that flows through Tornado Cash, even if 'legitimate,' is helping the North Korean nuclear regime by hiding illegitimate flows," Weaver told me.

Here's Treasury sanctioning Tornado Cash in 2022: https://home.treasury.gov/news/press-releases/jy0916

If you were trying to run this country straight into the ground, would you do *anything* differently than what this administration has done so far?

SAN FRANCISCO (KGO) -- The Trump administration has sent an earthquake through the medical research community. The National Institutes of Health is going to be cutting funding by $4 billion affecting local researchers who are working on everything from cancer to HIV.

"This is going to be a disaster," said Monica Gandhi M.D., Director of the UCSF Center for AIDS Research on Friday. "We will not be able to function because we need the infrastructure and we need the staff."

The NIH is cutting what's called "indirect cost payments" down to 15%. The payments are made to universities in conjunction with the grants the NIH doles out for research. The money covers everything from administrative staff to facilities, such as labs . . . and top research universities can see rates well above 50%.

"To go down drastically to 15% was shocking today," said Dr. Gandhi. "We will go down to a rate that is so drastically cut that we won't be able to do a lot of our work."

https://abc7news.com/post/national-institutes-health-president-trump-cutting-4-billion-critical-medical-research-funding-bay-area-impact/15880230/

A federal judge told the POTUS that his executive order targeting the law firm Perkins Coie for representing clients that Trump doesn't like was likely unconstitutional, and issued a restraining order halting it.

But the NYT reports that two days later, Mr. Trump signed a nearly identical executive order against the law firm Paul, Weiss, Rifkind, Wharton & Garrison LLP.. Mr. Trump said he was taking the action to punish the firm for its ties to a lawyer who had pushed for him to be indicted and another who had brought a lawsuit against Jan. 6 rioters. The order barred the firm’s lawyers from dealing with the federal government and raised the possibility that its clients would lose their government contracts.

Now, Paul, Weiss has agreed to contribute $40 million in legal services to causes Mr. Trump has championed.

https://www.nytimes.com/2025/03/20/us/politics/paul-weiss-deal-trump-executive-order-withdrawn.html

From reading this Politico story, it's not clear the legal industry has any will to fight back, which is really discouraging.

"Lawyers at some of the nation’s largest law firms are afraid of President Donald Trump. Not just afraid of what his policies might mean for their clients, but now for their own livelihoods, as his attacks on individual firms have left a shocked industry struggling to respond."

"When Trump first took office in 2017, attorneys at Big Law firms lent thousands of pro-bono hours to legal efforts to stymie the administration’s most controversial policies, including the travel ban that restricted entry to the U.S. from certain Muslim-majority countries."

"After his efforts to overturn the results of the 2020 election and the Capitol riot on Jan. 6, 2021, Trump became even more anathema to major firms; several of his criminal defense lawyers had to leave their firms in order to take him on as a client."

"Now, as he returns triumphant from the political wilderness, Trump finds a Washington legal community facing a dilemma — keep their heads down and avoid cases that may pit them against the administration, or continue representing clients that might anger a president increasingly willing to use his power to seek vengeance."

https://www.politico.com/news/2025/03/19/trump-major-law-firm-sanctions-questions-00236446

ABC NEWS: Judge blasts Social Security fraud 'fishing expedition' by Elon Musk's DOGE

"The Department of Government Efficiency approach's to identifying fraud at the Social Security Administration "is tantamount to hitting a fly with a sledgehammer," a federal judge said Thursday, blocking DOGE's unlimited access to sensitive agency data."

"In a 137-page ruling, U.S. District Judge Ellen Lipton Hollander wrote the Trump administration never justified the need to access the data -- which they argued was vital to identifying alleged fraud -- and likely violated multiple federal laws in doing so."

"The DOGE Team is essentially engaged in a fishing expedition at SSA, in search of a fraud epidemic, based on little more than suspicion. It has launched a search for the proverbial needle in the haystack, without any concrete knowledge that the needle is actually in the haystack," she wrote.

https://abcnews.go.com/Politics/hitting-fly-sledgehammer-judge-blocks-doge-accessing-sensitive/story?id=120002248

Book stealing, AI-pimping mazafakas. Where do I sign up for the lawsuit?

https://www.theatlantic.com/technology/archive/2025/03/search-libgen-data-set/682094/

Can someone please remind me when the hacker uprising is happening? Asking for a friend.

o_0

I'm dying over here. This guy says he's created the world's first AI-based call center for actively disrupting and screwing with scammers. Their AI bots are taking live phonecalls at scale and keeping the scammers on the line for hours, and sometimes taunting the scammers. They're tying up entire scam call centers. So entertaining.

https://www.youtube.com/watch?v=ZDpo_o7dR8c

Another thing nobody is really talking about but which would have been a scandal in the last administration is the degree to which almost all of the people in Trump cabinet or DOGE are still working at their private sector jobs. There is zero expectation by this White House that people should not compromise the integrity of the office by creating a conflict of interest. Somehow this has already become normalized.

Even if we ignore all the illegal and unconstitutional actions by the president so far, this cabinet and administration is by far and away the most corrupt and compromised because of it.