1010.cx

  • Cisco IOS 0-Day RCE Vulnerability Actively Targeted

    ·

    , , ,

    Cisco has disclosed a critical zero-day vulnerability in its IOS and IOS XE software that is being actively exploited by threat actors in real-world attacks. The flaw, tracked as CVE-2025-20352, affects the Simple Network Management Protocol (SNMP) subsystem and allows both denial-of-service attacks and remote code execution depending on the attacker’s privilege level. Critical SNMP Stack […]

    The post Cisco IOS 0-Day RCE Vulnerability Actively Targeted appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Banking Trojans Attacking Android Users Mimic as Government and Legitimate Payment Apps

    ·

    , ,

    A sophisticated cybercriminal campaign has emerged targeting Indonesian and Vietnamese Android users with banking trojans disguised as legitimate government identity applications and payment services.

    The malicious operation, active since approximately August 2024, employs advanced evasion techniques to deliver variants of the BankBot trojan family while maintaining an extensive infrastructure of over 100 domains.

    The threat actors demonstrate significant operational sophistication through their use of fake Google Play Store pages and government service applications such as M-Pajak tax payment services and digital identity verification systems.

    The campaign exploits user trust in official government platforms, creating highly convincing replicas that deceive victims into downloading malicious APK files containing banking trojans capable of stealing sensitive financial information and credentials.

    DomainTools analysts identified the malware distribution pattern through monitoring suspicious site elements associated with spoofed Google Play Store websites.

    The researchers uncovered an elaborate delivery mechanism designed to bypass traditional network security controls and evade automated detection systems commonly employed by cybersecurity frameworks.

    Advanced WebSocket-Based Delivery Mechanism

    The threat actors employ a remarkably sophisticated malware delivery system that leverages WebSocket technology to circumvent conventional security measures.

    Rather than providing direct download links that security scanners can easily detect, the malicious sites utilize the Socket.IO library to establish real-time bidirectional communication channels between victim browsers and command servers.

    Fake verification apps (Source -Domaintools)

    When users click the Android download button, the system initiates a WebSocket connection using the command socket. Emit('startDownload', …).

    The server responds by transmitting the malicious APK file in fragmented chunks rather than as a complete file transfer.

    The browser collects these fragments through event listeners coded as socket. On('chunk', (chunk) => { chunks. Push(chunk); });, while simultaneously receiving progress updates that maintain the illusion of a legitimate download process.

    Upon completion, the system combines all received chunks in memory and assigns the MIME type application/vnd.android.package-archive to create a proper APK file structure.

    The delivery mechanism then generates a temporary local URL and programmatically triggers an invisible download link, prompting the browser’s standard file download interface.

    This elaborate process effectively disguises malware distribution as encrypted WebSocket traffic, allowing malicious payloads to bypass network security systems configured to block direct APK downloads while remaining invisible to static URL-based security scanners that crawl websites for malicious links.

    Follow us on Google NewsLinkedIn, and X to Get More Instant UpdatesSet CSN as a Preferred Source in Google.

    The post Banking Trojans Attacking Android Users Mimic as Government and Legitimate Payment Apps appeared first on Cyber Security News.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Critical DNN Platform Vulnerability Let Attackers Execute Malicious Scripts

    ·

    , ,

    A critical stored cross-site scripting vulnerability has emerged in the popular DotNetNuke (DNN) Platform, threatening websites powered by this widely-used content management system.

    The vulnerability, tracked as CVE-2025-59545 with a severity score of 9.1 out of 10, affects all DNN Platform versions prior to 10.1.0 and allows attackers to execute malicious scripts through the platform’s Prompt module.

    The security flaw stems from the way DNN’s Prompt module processes commands that return raw HTML output.

    While the platform typically sanitizes user-submitted data before displaying it in entry forms, the Prompt module bypasses these standard sanitation mechanisms by treating command output as executable HTML.

    This creates a dangerous pathway for attackers to inject and execute malicious scripts within the application’s trusted environment.

    The vulnerability poses significant risks to organizations running affected DNN installations, particularly when exploited in super-user contexts.

    Attackers can craft malicious input containing embedded scripts or harmful markup that, when processed through specific Prompt commands, gets rendered directly in browsers without proper security validation.

    Github analysts identified this critical weakness through comprehensive security research, highlighting the importance of continuous platform monitoring for emerging threats.

    Attackers leverage this vulnerability by targeting the network-accessible Prompt module with relatively low complexity attack vectors.

    The exploitation requires minimal privileges and user interaction, making it an attractive target for malicious actors seeking to compromise DNN-powered websites.

    Once successfully exploited, the vulnerability can impact system confidentiality, integrity, and availability across changed security scopes.

    Exploitation Mechanism and Attack Vectors

    The attack mechanism revolves around the fundamental design flaw in how the Prompt module handles command execution and output rendering.

    When an attacker submits crafted input through the module, the system fails to distinguish between legitimate HTML output and malicious script content.

    The vulnerability manifests when specific commands process untrusted data and return it as HTML, effectively bypassing the application’s security boundaries.

    The attack vector follows a stored XSS pattern, categorized under CWE-79 weakness classification.

    Malicious payloads can be persistently stored within the system and executed whenever the compromised content is accessed.

    This persistence factor amplifies the vulnerability’s impact, as it affects not only the initial victim but potentially all subsequent users who interact with the compromised content.

    Organizations using affected DNN Platform versions should immediately upgrade to version 10.1.0, which includes comprehensive patches addressing this critical security flaw.

    Follow us on Google NewsLinkedIn, and X to Get More Instant UpdatesSet CSN as a Preferred Source in Google.

    The post Critical DNN Platform Vulnerability Let Attackers Execute Malicious Scripts appeared first on Cyber Security News.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Defense One Radio, Ep. 194: Highlights from AFA’s Air, Space & Cyber Conference

    ·

    Apple Podcasts

    The vibe, the headlines, the aircraft, the drones, and the other news coming out of the Air Force Association’s big annual conference at National Harbor, Maryland.

    Guests:

    • Tom Novelly, Defense One senior reporter covering air and space warfare;
    • And Lauren C. Williams, Defense One senior editor.
    ]]>

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Inside NATO’s response to Russia’s violation of Estonian air space

    ·

    ÄMARI AIR BASE, Estonia—Just minutes after NATO radars detected three Russian MiG-31 aircraft with transponders turned off heading toward the Estonian border on Friday, alarms sounded at this wooded air base about 40 minutes outside Tallinn. Italian airmen scrambled to their F-35s to intercept the Russian jets, taking over for Finnish aircraft that were already aloft. Twelve minutes later, the Italians escorted the MiGs out of Estonian airspace toward Kaliningrad.

    Col. Gaetano Farina, commander of Italy’s Air 32nd Wing, told reporters Wednesday the incident was more significant than his unit’s similar interception in August. The most recent incursion occurred over land, with the Russians appearing to head toward Tallinn, intentions unknown. The MiGs weren’t carrying bombs—a critical factor in NATO forces’ decision not to fire—but they were armed with air-to-air missiles. 

    Even so, Farina described the scene as orderly. “There is training that we do almost every day,” he said, calling the response “very professional.” The Russian pilots, too, seemed unperturbed and even waved at the Italians from their cockpits, he said.

    The violation raised alarm well beyond the Baltics. Estonia’s foreign minister, speaking at the United Nations in New York on Tuesday, called the move “outrageous.” Top officials from Poland and the Czech Republic, and even U.S. President Donald Trump, said NATO militaries should shoot down Russian aircraft that violate airspace. Estonia’s defense minister has indicated a willingness to do so, depending on the threat.

    Following an emergency Article 4 consultation on Tuesday, the Italian government agreed to extend the deployment of its SAMP/T anti-aircraft battery to next spring, when the Italians are scheduled to leave the air base. The mobile system’s ground radar can spot enemy aircraft more than 200 nautical miles away, and engage them up to 93 miles away with two mobile missile launchers carrying four Aster 30 missiles apiece.

    [[Related Posts]]

    In addition, the Italians, who have been in the country since August, brought a Conformal Airborne Early Warning jet, or CAEW, an advanced airborne early-warning aircraft that performs a role similar to the Boeing E-3 Sentry Airborne Warning and Control System. Unlike the 153-foot Sentry, with its large protruding radar dish, the CAEW has its ELTA radar embedded (conformed, as it were) within a smaller, more inconspicuous Gulfstream E-550A.

    The jet will stay in Estonia with the Italians, and wherever it goes after that, it will likely continue surveilling NATO’s eastern flank as part of the Enhanced Vigilance Activity mission, which was launched after Russia’s expanded invasion of Crimea in 2022. But those aircraft are just part of the expanded network of sensors and radars that NATO has sent to the region, which enabled the alliance to identify, analyze, and track the Russian jets almost as soon as they took off. 

    Later this week, NATO commanders will meet in Riga, Latvia, where they are expected to discuss additional enhancements to Baltic security under the Eastern Sentry mission, announced earlier in September in response to increased Russian incursions into NATO airspace.

    Farina and other NATO officials at Ämari said they do not know why Russia is escalating violations, risking pilots’ lives and potentially provoking conflict with NATO.

    But Estonian Defense Minister Hanno Pevkur told reporters earlier this week the incidents likely do not signal an imminent invasion. Instead, he urged observers to view them alongside Russia’s other actions, such as cyberattacks and information campaigns across Europe. 

    “My reading is that Russia is deliberately pushing all of us NATO allies to deal with … air incidents, airspace violations, drone incidents, and then we have cyberattacks,” he said.

    In response, Estonia will continue raising its defense budgets, already among the largest in NATO at 5% of GDP. Pevkur said the country has a four-year plan to reach 5.9%, and will also continue to send financial aid to Ukraine.

    “Our response to that is that we keep our heads calm,” he said.

    ]]>

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • ‘We need to be ready to go’: AFSOC preps for potential Caribbean missions

    ·

    NATIONAL HARBOR, Md.—Special operations airmen are ready for missions in support of President Donald Trump’s controversial campaign against narco-terrorism groups in the Caribbean region, the leader of Air Force Special Operations Command said Wednesday.

    While Lt. Gen. Michael Conley declined to specifically disclose if they are supporting operations related to Venezuela, a he told reporters that his airmen have strike, surveillance, and mobility assets that “any combatant commander would love.” 

    “We are prepped to go where the nation needs us,” he said during a media roundtable at the Air & Space Force Association’s Air, Space, and Cyber Conference. “We are doing things that you'd expect out of special operations, just in the sense that we need to be ready to go.”

    Conley’s remarks come amid congressional uproar over the U.S. military’s airstrike on an alleged drug-running boat in the Caribbean Sea and backlash from the Venezuelan government. 

    Conley also said he supports more training exercises in the region as part of the Trump administration’s new defense priorities.

    [[Related Posts]]

    Just days before the first deadly airstrike on an alleged drug boat in the Caribbean Sea, AFSOC held a long-planned exercise on St. Croix in which air commandos conducted a mock takeover of an airport, demonstrating the Air Force’s Agile Combat Employment concept—which was originally designed for use against adversaries such as China or Russia.

    Conley said the training’s timing was coincidental, but added he wants to have his airmen do more exercises in the region—a notable departure from a decades-long focus on the Middle East and Africa.

    “We are very good at the AFRICOM and CENTCOM operations,” Conley said. “When we get into new theaters and training in new places, it's all goodness for us.”

    Since the inaugural boat strike, which the White House said killed 11 people aboard, the military has increased its presence in the Caribbean Sea. Air Force MQ-9 Reaper drones and Marine Corps F-35Bs have been placed in Puerto Rico alongside C-5 and C-17 military transports, open source intelligence accounts report.

    Venezuelan president Nicolás Maduro sent a letter, which was later shared on Telegram, to President Donald Trump asking to meet with his special envoy and to stop the increased military build up and presence.

    "The military threat against Venezuela, the Caribbean and South America must cease, and the proclamation of a Zone of Peace must be respected,” the letter read.

    Last week, Venezuela held a military exercise dubbed “Sovereign Caribbean 200” that included a display of warships, aircraft ,and troops. Venezuelan military forces have also been training civilians on how to use weapons.

    White House press secretary Karoline Leavitt told reporters Monday that the administration “viewed the Maduro regime as illegitimate, and the president has clearly shown that he is willing to use any and all means necessary to stop the illegal trafficking of deadly drugs from the Venezuelan regime into the United States.”

    The Pentagon’s new priority is the homeland, and the administration aims to “restore our neglected position in the Western Hemisphere,” according to a memo obtained by Defense One last month. Conley told reporters he plans to follow the administration’s priorities and wants to see future AFSOC training reflect that.

    “I look at where the national defense strategy has us going, the interim one, where the administration is placing that priority, and I want to train in those places,” Conley said. “The first time we go there, if called upon for real, I don't want it to be the first time we've operated in those environments.”

    ]]>

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • ‘We need to be ready to go’: AFSOC preps for potential Venezuela-related missions

    ·

    NATIONAL HARBOR, Md.—Special operations airmen are ready for potential missions focused on Venezuela amid President Donald Trump’s controversial campaign against alleged narco-terrorims groups in the region, the leader of Air Force Special Operations Command said Wednesday.

    While Lt. Gen. Michael Conley declined to specifically disclose if they are supporting operations in Venezuela, he told reporters that his airmen have strike, surveillance, and mobility assets that “any combatant commander would love.” 

    “We are prepped to go where the nation needs us,” he said during a media roundtable at the Air & Space Force Association’s Air, Space, and Cyber Conference. “We are doing things that you'd expect out of special operations, just in the sense that we need to be ready to go.”

    Conley’s remarks come amid congressional uproar over the U.S. military’s airstrike on an alleged drug-running boat in the Caribbean Sea and backlash from the Venezuelan government. 

    Conley also said he supports more training exercises in the region as part of the Trump administration’s new defense priorities.

    [[Related Posts]]

    Just days before the first deadly airstrike on an alleged drug boat in the Caribbean Sea, AFSOC held a long-planned exercise on St. Croix in which air commandos conducted a mock takeover of an airport, demonstrating the Air Force’s Agile Combat Employment concept—which was originally designed for use against adversaries such as China or Russia.

    Conley said the training’s timing was coincidental, but added he wants to have his airmen do more exercises in the region—a notable departure from a decades-long focus on the Middle East and Africa.

    “We are very good at the AFRICOM and CENTCOM operations,” Conley said. “When we get into new theaters and training in new places, it's all goodness for us.”

    Since the inaugural boat strike, which the White House said killed 11 people aboard, the military has increased its presence in the Caribbean Sea. Air Force MQ-9 Reaper drones and Marine Corps F-35Bs have been placed in Puerto Rico alongside C-5 and C-17 military transports, open source intelligence accounts report.

    Venezuelan president Nicolás Maduro sent a letter, which was later shared on Telegram, to President Donald Trump asking to meet with his special envoy and to stop the increased military build up and presence.

    "The military threat against Venezuela, the Caribbean and South America must cease, and the proclamation of a Zone of Peace must be respected,” the letter read.

    Last week, Venezuela held a military exercise dubbed “Sovereign Caribbean 200” that included a display of warships, aircraft ,and troops. Venezuelan military forces have also been training civilians on how to use weapons.

    White House press secretary Karoline Leavitt told reporters Monday that the administration “viewed the Maduro regime as illegitimate, and the president has clearly shown that he is willing to use any and all means necessary to stop the illegal trafficking of deadly drugs from the Venezuelan regime into the United States.”

    The Pentagon’s new priority is the homeland, and the administration aims to “restore our neglected position in the Western Hemisphere,” according to a memo obtained by Defense One last month. Conley told reporters he plans to follow the administration’s priorities and wants to see future AFSOC training reflect that.

    “I look at where the national defense strategy has us going, the interim one, where the administration is placing that priority, and I want to train in those places,” Conley said. “The first time we go there, if called upon for real, I don't want it to be the first time we've operated in those environments.”

    ]]>

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Malicious SVGs in Phishing Campaigns: How to Detect Hidden Redirects and Payloads

    ·

    , ,

    Phishing campaigns are getting harder to spot, sometimes hiding in files you’d never suspect. ANY.RUN’s cybersecurity analysts recently uncovered one such case: a malicious SVG disguised as a PDF, hosted on a legitimate domain and packed with hidden redirects. By mid-September, it scaled into a full spam wave with Microsoft-themed lures.

    Let’s look at how it worked, and how analysts can gather the full chain of intel in a safe sandbox environment.

    Inside the Recent SVG Attack

    Here’s a sandbox session that shows the full behavior. Check the real case to watch the redirects and payload extraction live:

    View the sandbox session (SVG attack)

    ANY.RUN’s sandbox session revealing malicious SVGs in phishing attack

    Delivery & disguise: The file arrives looking like a PDF attachment but is an SVG (XML) file. Because SVG supports scripts, attackers embed active content instead of static pixels.

    Malicious SVG file sent using Sharesync

    Uncover hidden threats, cut investigation time from hours to minutes, and stay ahead of evolving attack techniques.Try ANY.RUN now

    Fake prompt shown: Opening the file in a browser displays a “protected document” message to social-engineer the user into clicking or waiting.

    Social engineering employed by attackers

    Script execution (XOR decoder): The embedded JavaScript runs an XOR decode routine that reconstructs the true redirect code and then executes it (via eval). 

    You can see this directly in ANY.RUN’s static/HEX view: the decoder variables, the hex/escaped bytes (for example ‘\x65′,’\x76’,…) and the reconstructed script are all exposed in the session. That view lets analysts dump the decoded payload and review the exact commands the SVG runs.

    ANY.RUN’s static view showing script execution

    Layered redirects: The decoded code pushes the browser through multiple intermediary domains, obfuscating the trail. Examples observed in this chain include:

    1. loginmicrosft365[.]powerappsportals[.]com
    2. loginmicr0sft0nlineofy[.]52632651246148569845521065[.]cc

    Final phishing page: The user lands on a Microsoft-branded credential page that even uses a Cloudflare Turnstile widget to look legitimate and bypass cursory checks. With ANY.RUN’s automated interactivity, these verifications are handled automatically, so analysts don’t waste time clicking through manually.

    Cloudflare Turnstile widget used by attackers, exposed inside ANY.RUN sandbox

    Credential collection & persistence: Entered credentials are captured and forwarded to attacker-controlled infrastructure built for scale (PhaaS-like), enabling mass harvesting.

    Fake Microsoft page for credentials collection

    What the sandbox reveals: The interactive session shows every redirect and HTTP transaction, exposes the decoded JavaScript in HEX/Text, and captures runtime artifacts.

    Exportable IOCs and reports can be directly integrated with SIEM, EDR, and threat-intel platforms, so analysts get the data inside the tools they already use, saving time and cutting extra steps.

    Well-structured report generated by ANY.RUN sandbox

    The Sandbox Advantage: Fast Detection of New Attacks

    As you can see, interactive sandboxes are especially valuable for spotting new and evasive attacks. Instead of waiting on static signatures or delayed alerts, they run the file in a live environment and surface malicious behaviors in real time.

    With ANY.RUN, analysts can:

    • Get malicious verdicts in under 60 seconds: 88% of threats are detected this quickly.
    • Reveal the full attack chain instantly: every redirect, script, and payload mapped out without guesswork.
    • Accelerate triage and response: teams report up to 94% faster triage and 3× higher SOC performance.
    • Turn findings into action: export IOCs and TTPs directly into SIEM, EDR, or TI platforms to update detections and launch hunts immediately.

    By transforming hours of manual work into minutes of automated visibility, sandboxes give analysts the speed, clarity, and context needed to stay ahead of new attack techniques.

    Request your 14-day trial and see how fast you can catch new attacks with ANY.RUN’s sandbox.

    The post Malicious SVGs in Phishing Campaigns: How to Detect Hidden Redirects and Payloads appeared first on Cyber Security News.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Cisco IOS 0-Day RCE Vulnerability Actively Exploited in the Wild

    ·

    , ,

    Cisco has disclosed a zero-day vulnerability, CVE-2025-20352, in its widely used IOS and IOS XE software, confirming it is being actively exploited in the wild.

    The flaw exists in the Simple Network Management Protocol (SNMP) subsystem and can allow a remote attacker to achieve remote code execution (RCE) or cause a denial-of-service (DoS) condition on vulnerable devices.

    The vulnerability was first identified during the investigation of a Cisco Technical Assistance Center (TAC) support case.

    The vulnerability is rooted in a stack overflow condition (CWE-121) within the SNMP subsystem of both Cisco IOS and IOS XE software. An attacker can trigger this flaw by sending a crafted SNMP packet over an IPv4 or IPv6 network to an affected device.

    The advisory, published on September 24, 2025, confirms that all versions of SNMP (v1, v2c, and v3) are susceptible.

    The severity of the exploit depends on the attacker’s privilege level:

    • A low-privileged but authenticated remote attacker can cause the affected device to reload, leading to a DoS condition. This requires access to an SNMPv2c read-only community string or valid SNMPv3 user credentials.
    • A high-privileged attacker with administrative or privilege 15 credentials can execute arbitrary code as the root user on devices running IOS XE, effectively gaining full control of the system.

    Active Exploitation and Affected Devices

    Cisco’s Product Security Incident Response Team (PSIRT) has confirmed successful exploitation of this vulnerability in the wild.

    According to the advisory, the attackers leveraged the flaw after first compromising local administrator credentials, demonstrating a chained attack methodology.

    This highlights the critical need for strong credential management alongside patching.

    The vulnerability impacts a broad range of Cisco devices running vulnerable releases of IOS and IOS XE software where SNMP is enabled. Specific products mentioned include the Meraki MS390 and Cisco Catalyst 9300 Series Switches.

    ProductAffected VersionsFixed Release
    Cisco IOS & IOS XE SoftwareAll releases with SNMP enabled prior to the first fixed software release are considered vulnerable.Customers should use the Cisco Software Checker to determine the appropriate patched release for their specific software train.
    Meraki MS390 SwitchesMeraki CS 17 and earlier.The vulnerability is addressed in Cisco IOS XE Software Release 17.15.4a.
    Cisco Catalyst 9300 Series SwitchesMeraki CS 17 and earlier.The vulnerability is addressed in Cisco IOS XE Software Release 17.15.4a.

    Any device with SNMP enabled is considered vulnerable unless specific configurations are in place to block the malicious traffic. Administrators can use show running-config commands to determine if SNMP is active on their systems.

    Cisco has released software updates to fix this vulnerability and strongly recommends that all customers upgrade to a patched software release to fully remediate the issue. The advisory, identified as cisco-sa-snmp-x4LPhte, clarifies that there are no workarounds available.

    For organizations that cannot immediately apply the updates, Cisco has provided a mitigation technique. Administrators can configure an SNMP view to exclude the affected object IDs (OIDs), preventing the vulnerable code path from being triggered.

    However, Cisco cautions that this mitigation may disrupt network management functionalities, such as device discovery and hardware inventory monitoring. As a general security measure, Cisco also advises restricting SNMP access to only trusted users.

    Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

    The post Cisco IOS 0-Day RCE Vulnerability Actively Exploited in the Wild appeared first on Cyber Security News.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Foreign ties are crucial to US space dominance, officials say

    ·

    NATIONAL HARBOR, Md.—Expanding and strengthening U.S. military ties with space-capable nations will be key to staying ahead in the global competition for space dominance, officials said Tuesday. 

    “Space warfare is a complex and difficult type of warfare in general, and not a type of warfare that one country can do by themselves. And so we know that we need partners to be able to help us to do the things that we need to do, to be able to cover all the space terrain and the challenges that we have,” Col. Frank Brooks, the Air Force’s deputy director for space international affairs, said Tuesday during a panel at the Air and Space Forces Association’s Air, Space, Cyber conference. 

    One example is the trilateral Deep-Space Advanced Radar Capability, or DARC, which tracks activity including space debris and adversarial behavior, shared between the U.S., Australia, and the United Kingdom. 

    Reliance on space for everything from tracking illegal fishing, to GPS, and coordinating weapons has increased even as threats proliferate, underscoring the need to forge new relationships globally—particularly in Africa, where China is already laying groundwork

    “Technology is great. But the biggest capability you have is teaming with our partners and allies. And especially in Africa and in different areas. I think that is the foundational challenge that we're facing,” Brig. Gen. Jacob Middleton, commanding general for U.S. Space Forces in Europe and Africa, told reporters Tuesday. “What I hope to do, specific to EUCOM and AFRICOM, is create a situation during peace time that through partnerships and allies and working together, that teamwork provides a deterrence.”

    Middleton said the U.S. wants to partner with anyone who is willing.

    “Some folks are surprised that there are some African spacefaring nations—which there are. I'd say the most important competition we're in is for hearts and minds,” Middleton said during a panel. “At the end of the day, what we're really competing for is a certain international border, and that really means partnership, allies and people on our team…who's gonna be our side versus who's gonna be on our competitors’ side.”

    So far, Middleton has visited the Egypt-based African Space Agency and Morocco, and hopes to kindle talks with Nigeria, Angola, and Kenya

    “This is a competition, so just because China has visited doesn't mean I won't,” he told reporters.

    And building strong alliances—which can be fraught due to conflicting policies and roles—can go a long way. 

    “Focus on the alliance, and if that is strong regionally, you're going to be strong, and then you don't have to worry about your national sovereignty. And so that is a discussion that we need to have, that I continue to have,” Middleton said. “But that starts with understanding [a country’s] national security objectives, giving them reasonable advice on how to get after those objectives. Then training them, educating them on what's in the inventory and what's in the realm of the possible. Then, once you pull that plan together, exercising it so we work as one team. And so there's a capability increase that we're working on to get after that, that we're pulling in our partners and allies on.”

    In an interview at the AMOS conference in Maui last week, Canadian Brig. Gen. Ryan Deming, the deputy commander for operations, plans, training and force development for Space Operations Command, compared the need for partners to a hockey game. 

    “So when you've watched a hockey game, for the opposing teams, they're actually made up of different players. … You can't have a hockey team that's just one person. They could be the best player in the world; they can't do it all themselves because of the dynamic, fast pace of the game, right? So look at U.S. Space Forces in that same sort of analogy. You need those international partners and that collaboration, that strategy and that engagement, and that, you know, sharing of how the plays are going to work,” he said. 

    “Because it's so fast-paced, you don't take a timeout, right? You only get one timeout in hockey—we don't have that in space, to be able to take a timeout. So the more that we understand how each other operates, what I can bring to the table, what another ally can bring to the table, I think it actually allows us to figure out, how do we best employ this to ensure that we can try and maintain that space superiority, and that we can make sure that we're outpacing our adversary.”

    ]]>

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶