Meadows slams McCarthy and suggests Trump should be elected speaker if Republicans win House
November 19, 2021
Former White House chief of staff Mark Meadows blasted House Minority Leader Kevin McCarthy’s leadership style on Thursday, suggesting that if Republicans win control of the House next year, the party should install former President Donald Trump as its next speaker.
“They’re not skating to where the puck is. And so I would give them a grade of a ‘D,'” Meadows said of the House Republican leadership during an appearance on Florida GOP Rep. Matt Gaetz’s podcast. “I believe that on this tactic and strategy — listen, you need to make Democrats take tough votes. You need to make sure that when you’ve got them on the ropes that you don’t throw in the white towel.”
Meadows, a Republican from North Carolina who was serving in the House before Trump picked him to be his top aide in 2020, said in a separate appearance on a podcast hosted by Trump ally Steve Bannon that he “would love to see the gavel go from (House Speaker) Nancy Pelosi to Donald Trump.”
“You talk about melting down, people would go crazy,” he said.
The speaker of the House does not need to be a member of the House, just elected by the body.
The comments from Meadows underscore the growing tension in the Republican Party, with the Trump loyalist publicly criticizing McCarthy, a California Republican who is also one of Trump’s top allies in Congress, less than a year before the midterm elections.
moar: https://localnews8.com/news/2021/11/19/meadows-slams-mccarthy-and-suggests-trump-should-be-elected-speaker-if-republicans-win-house-2/
FBI warning: This zero-day VPN software flaw was exploited by APT hackers
A flaw in FatPipe WARP, MPVPN, and IPVPN software has been patched - so upgrade now.
November 19, 2021
The FBI has warned that a sophisticated group of attackers have exploited a zero-day flaw in a brand of virtual private networking (VPN) software since May.
The FBI said its forensic analysis showed that the exploitation of the zero-day vulnerability in the FatPipe WARP, MPVPN, and IPVPN software, by an advanced persistent threat (APT) group, went back to at least May 2021. It did not provide any further information about the identity of the group.
The vulnerability allowed the attackers to gain access to an unrestricted file upload function to drop a webshell for exploitation activity with root access, leading to elevated privileges and potential follow-on activity, the FBI said, noting: "Exploitation of this vulnerability then served as a jumping off point into other infrastructure for the APT actors."
The FBI said the vulnerability affects all FatPipe WARP, MPVPN, and IPVPN device software prior to the latest version releases, 10.1.2r60p93 and 10.2.2r44p1.
It warned that detection of exploitation activity might be difficult, as cleanup scripts designed to remove traces of the attackers' activity were discovered in most cases.
"Organizations that identify any activity related to these indicators of compromise within their networks should take action immediately," the FBI said in an alert.
https://www.zdnet.com/article/fbi-warning-this-zero-day-vpn-software-flaw-was-exploited-by-apt-hackers/
Yep, reported
FBI warning: This zero-day VPN software flaw was exploited by APT hackers
A flaw in FatPipe WARP, MPVPN, and IPVPN software has been patched - so upgrade now.
November 19, 2021
The FBI has warned that a sophisticated group of attackers have exploited a zero-day flaw in a brand of virtual private networking (VPN) software since May.
The FBI said its forensic analysis showed that the exploitation of the zero-day vulnerability in the FatPipe WARP, MPVPN, and IPVPN software, by an advanced persistent threat (APT) group, went back to at least May 2021. It did not provide any further information about the identity of the group.
The vulnerability allowed the attackers to gain access to an unrestricted file upload function to drop a webshell for exploitation activity with root access, leading to elevated privileges and potential follow-on activity, the FBI said, noting: "Exploitation of this vulnerability then served as a jumping off point into other infrastructure for the APT actors."
The FBI said the vulnerability affects all FatPipe WARP, MPVPN, and IPVPN device software prior to the latest version releases, 10.1.2r60p93 and 10.2.2r44p1.
It warned that detection of exploitation activity might be difficult, as cleanup scripts designed to remove traces of the attackers' activity were discovered in most cases.
"Organizations that identify any activity related to these indicators of compromise within their networks should take action immediately," the FBI said in an alert.
https://www.zdnet.com/article/fbi-warning-this-zero-day-vpn-software-flaw-was-exploited-by-apt-hackers/
‘A message needs to be sent’: Rand Paul to challenge Biden’s Saudi arms sale
NOVEMBER 19, 2021
Sen. Rand Paul is preparing a motion to oppose President Joe Biden’s sale of weapons to Saudi Arabia, a longtime strategic ally of the U.S. despite a long record of repression and human rights violations.
“A message needs to be sent to Saudi Arabia that we don’t approve of their war in Yemen,” Paul said in a statement to McClatchy.
Earlier this month, the Biden administration approved the sale of 280 missiles worth $650 million to the Middle Eastern kingdom to aid its defense against attacks from Yemen, which has been at war with Saudi Arabia since 2015.
While the administration claims the sale is consistent with its goal of ending the conflict with diplomacy, the anti-interventionist Paul has consistently argued against contributing to the Middle East arms race.
According to the State Department, the Saudi arms package would include advanced medium range air-to-air missiles, missile launchers as well as engineering and technical support.
https://www.kentucky.com/news/politics-government/article255939232.html