Deadly Kroger Shooting: The Security Impact
Columbus Kroger shooting impacting shoppers and those in private security
Scary moments for customers and workers at a west side Kroger as gunfire rang out in the supermarket. Police are investigating after they said a security officer shot and killed 26-year-old Paris Royal during an altercation Sunday about 6:45 p.m.

Dean Boerger trains security officers through his company Strategic Training Group. Boerger tells us the case will likely have an impact on those in the profession. “Nobody wants to take anybody’s life or be in that kind of situation where they have to make that kind of decision,” said Boerger.

“I think it has a big impact on whether other security officers feel that they may be prepared for that kind of a situation, able to handle that kind of situation appropriately and effectively,” said Boerger.

Boerger said the incident points to the need to increase the 20-hour course required for security officers to carry a firearm. With more gun violence, Boerger said security officers are on heightened awareness.

“So they definitely need to be more aware of how people are acting. Are they acting suspicious? Where do they have their hands? What are they doing when they walk into the store, do they feel they may be a threat?”

Kroger did not address questions from WSYX about whether their security officers in central Ohio are all armed. Kroger issued a statement Monday.

“We are deeply saddened by the shooting incident that occurred at our Soldano Blvd store. As this is an active case we will continue to cooperate with local law enforcement and do not have any additional information to share at this time.” abc6onyourside.com


Solving Philadelphia's Homicide Epidemic
The solution to Philly’s gun violence is ‘1% Rambo and 99% Mr. Rogers’ says one of Pa.’s first Black state troopers

Gun violence roiling Philadelphia resulted in 516 deaths last year

Brooks said we first need to stop reacting: “It isn’t being properly addressed. Gun violence is not a police problem, it’s a community problem,” Brooks said adding, “Police can only do reports after the crime has occurred.

Brooks retired in 1992 and for 30 years he has been running his own consulting firm with an expertise in training on how to respond effectively and empathetically to conflict, especially in diverse environments.

He said reducing the city’s homicide rate will require understanding that youths kill one another because of low self-esteem. He has even created an acronym, LSMFT — Low Self-esteem Means Friction and Trouble.

“Boys killing boys need to discover who they are and what they have to offer,” Brooks said.

And his own vast policing experiences have taught him that responding to Philadelphia’s gun violence will require all stakeholders to come to the table — community, politicians, courts, and the district attorney, as well as the police.

“It’s not about arrests. Arrest was only 1% of what I did. It’s about how to come together as a community. It’s 1% Rambo and 99% Mr. Rogers.”  inquirer.com


Illinois Assault Weapons Ban Gets Pushback from Law Enforcement
Local sheriffs are refusing to enforce the new assault weapons ban in Illinois

Some law enforcement agencies in Illinois said that they wouldn't enforce a new law that bans the sale of assault-style weapons.

Multiple law enforcement agencies in the state of Illinois said that they would not enforce new legislation that bars sale of assault-style weapons, arguing it violates the Second Amendment, according to reports.

Sheriffs in Illinois counties, including DeKalb, LaSalle, DuPage, and McHenry, among others, have publicly made their stance about the Protect Illinois Communities Act, WABC-TV reported on Friday.

The legislation, which also bans the sale and manufacturing of high-capacity magazines, was passed earlier this month as an effort to prevent gun violence.

"We won't sacrifice safety, but at end of the day, we believe we have to do what is right for our own communities," McHenry County Sheriff Robb Tadelman told the outlet. news.yahoo.com


Undoing the Damage of 'Defund the Police'
LAPD Looks to Rehire Retired Officers amid Shrinking Ranks

LAPD officials have plans that call for up to 200 retired police officers to be rehired, as about 600 cops are expected to retire or leave in the next year.

The Los Angeles Police Department is making a simple but unusual pitch to its retired cops: Come back. Please.

Faced with a flood of departures and a trickle of recruits entering its training academy that have led to dwindling staffing levels, LAPD officials have drawn up plans that call for as many as 200 retired police officers to be rehired. On the campaign trail in her recent race for mayor, Karen Bass pledged to rebuild the department's ranks to 9,700 officers as the city confronts violent crime rates that remain above pre-pandemic levels.

Bass didn't say how quickly she wanted to reach her goal, but, with about 9,200 officers currently on the force and the department failing to attract enough new recruits to keep up with the pace of attrition, making good on her promise anytime soon will be very difficult. About 600 cops are expected to retire or leave for other reasons in the next year — about 20% higher than the typical departure rate, according to LAPD Chief Michel Moore.

As a stopgap measure, the department hopes a rarely used bureaucratic mechanism will allow it to regain lost ground. Known informally as the "bounce program," it allows the chief of police to bring retired officers back for up to a year. It typically has been used sparingly in the past to recall an individual officer whose specialized skill sets make them hard to replace, such as a homicide detective who retired while working a case that might otherwise fall without their involvement.

"This would allow us to bring back police officers, detectives and sergeants so that they could work for up to one year," Moore said in an interview last week. "It's a short-term, interim strategy. It's not one that I would like to see us become dependent on." officer.com


Softening Penalties for Violent Criminals
DC council softens penalties for violent crimes by overriding mayor's veto of criminal code rewrite
The District of Columbia City Council voted to force through revisions of the district's criminal code that will soften penalties on violent crimes, overriding a previous veto from the mayor's office.

The overhaul of the city’s criminal code includes reduced maximum sentences, the elimination of nearly all mandatory minimum sentences, and expanded rights to jury trials by those accused of misdemeanors.

Opponents have sounded the alarm on provisions that would allow D.C. inmates to ask for early release 20 years into their sentence, even those accused of violent crimes like murder or sexual assault. foxnews.com
 

Yakima Stores Suffering From Retail Theft Police Taking Action

Feds won't seek death penalty in El Paso Walmart mass shooting case

US: 103.5M Cases - 1.1M Dead - 100.4M Recovered
Worldwide: 671.7M Cases - 6.7M Dead - 643.1M Recovered

Private Industry Security Guard Deaths: 362   Law Enforcement Officer Deaths: 828

Workplaces Balancing Privacy with Safety
My Boss Told My Co-workers That I Had Covid. Isn’t That Illegal?

Federal guidelines require employees’ health information to be kept confidential. But employers also have an obligation to protect the workplace.

Supervisors are walking a fine line when it comes to Covid. Federal guidelines require employees’ health information to be kept confidential. But employers also have an obligation to inform workers about their potential exposure to an infectious disease.

“Employers are in a little bit of a difficult spot here,” said Matthew T. Bodie, a professor at the University of Minnesota Law School, who teaches and writes about labor and employment law. “They’re trying to manage the spread of Covid in their workplace, but they’re also trying to protect employee confidentiality.” nytimes.com


Remote Work: More Productive Than In Person?
73% of Managers Agree Flexible Working Boosts Productivity

A new study shows managers rate remote and flexi-time more highly than in 2020 - but are attitudes now starting to regress?

Despite an increasing demand for employees to return to in-office work, most managers are in favor of remote and flexible working arrangements, according to a new study by the University of Birmingham.

The report shows that 73% of managers believe flexible working arrangements have increased productivity, with 60% agreeing the same of employees who choose to work from home.

New data to support remote and flexible working will come as welcome news to many employees, as some employers are reversing remote work policies and demanding staff return to the office, despite downsides including a historic decline in productivity as a result. tech.co


Florida governor pushes to make Covid-19 changes permanent
DeSantis’ proposal would make permanent a handful of policies that were temporarily already in place, including banning mask mandates, Covid-19 vaccine mandates in schools, Covid-19 passports and prohibiting employers from making hiring and firing decisions based on vaccine status.

China's COVID surge prompts CDC to expand hunt for new variants among air travelers

Why has the number of COVID-19 cases exploded in the last couple of weeks?

China says 60,000 people have died of Covid since early December
 

DOJ Incentivizes Self-Disclosure & Effective Compliance Programs
Justice Department Offers New Incentives for Companies to Self-Report Wrongdoing

DOJ Revises FCPA Corporate Enforcement Policy (CEP) - #1 Goal 'Individual Accountability'

Companies that meet standards for cooperation would avoid prosecution* or qualify for lower fines

The Justice Department is expanding its leniency policies to persuade companies to take one of the biggest risks when it comes to dealing with the government: reporting their own misconduct to prosecutors.

Companies that disclose wrongdoing to the Justice Department won’t be prosecuted if they fully cooperate with investigators and fix the underlying problems, including any shortcomings in their compliance programs, according to Assistant Attorney General Kenneth Polite Jr., who leads the criminal division.

He outlined the new policies, which include large discounts on potential fines. Deciding to self-report to prosecutors reflects how seriously a corporation takes compliance and ethics.

It formally expands that treatment to other white-collar crimes, such as those involving fraud or money laundering, even when there are aggravating factors that in the past might have weighed against declining prosecution. It also links incentives to the effectiveness of a company’s compliance program.

The risk of a whistleblower disclosure can make it seem wiser for a company to tell the government first, attorneys say.

“When a company has uncovered criminal misconduct in its operations, the clearest path to avoiding a guilty plea or an indictment is voluntary self-disclosure,” Mr. Polite said in his speech. wsj.com

Editor's Note: * I wouldn't agree with this writers interpretation of "full disclosure and cooperation won't be prosecuted." As the revisions clearly state other factors that influence the decision process. One being a strong compliance program and the nature of the crimes. - Gus Downing

For those following the FCPA CEP program we've abbreviated the speech here: Revisions to the Criminal Division’s Corporate Enforcement Policy


Former AP Exec - Now Lowe's CEO - On What Fueled His Success
Marvin Ellison advises aspiring execs to ‘take tough assignments’
Marvin Ellison, CEO at Lowe’s, speaking at the NRF Big Show, said he learned early on that, to get ahead in his career, his best approach was to “just take tough assignments.” True to his focus, every job he’s taken over the last 25 years — including his current role — has involved succeeding someone who was fired or pushed out.

Oftentimes, the opportunities were ones that others felt were too risky for the potential rewards. He said, “But I would raise my hand because it was my way to make a contribution to the company. It’s my way to demonstrate my ability to lead, my ability to build teams.”

Mr. Ellison, who is Black, also noted that “not too many people that look like me” have been able to lead two Fortune 500 companies, also including JCPenney. He also lacked “an elite education from a prestigious education institution” and early access to executive sponsors.

His parents were “incredibly influential” in providing lessons around perseverance that helped guide his career development. Mr. Ellison said, “Put God first, focus on education and work hard — those were the pillars of success that our parents gave us.”

He also admitted he struggled to “fit in” as the “only Black person” in the corporate office, but came to realize “my greatest attribute was to be the best, most authentic version of myself.”

He further encourages his staff to lean into their “unique diverse abilities to solve problems.”

At Lowe’s, one of his goals is “trying to create a company I wish I could have worked for when I was coming up the ranks.” Long curious about the criteria that leads to major promotions, Lowe’s publishes a list of core behaviors looked for in leaders for every associate to view.

Mr. Ellison said, “Deliver consistent results, continue to learn, take care of the customers, take action and be courageous. These are not extraordinary things but there are things you have to do consistently.” retailwire.com


Facial Recognition Takes NRF Big Show by Storm
US retail conference draws biometrics for payments, marketing and age estimation
Biometrics still plays a small role in the United States’ retail industry compared to more conventional technologies, but innovations are working their way in. This week's annual National Retail Federation convention demonstrated at least six new or newly updated biometrics products made around the world.

Customer-loyalty firm Brierly, based in Texas, will be talking up the integration of its LoyaltyonDemand platform with fintech PopID’s facial biometric ID verification algorithm. It is a point-of-sale integration designed to reduce the friction that interferes with loyalty members’ reward redemption.

Switzerland-based Sensormatic, a unit of Johnson Controls, has registered for NRF to demonstrate IQ-branded services including anonymized facial recognition and emotion recognition.

Sensormatic has integrated U.S.-based Vsblty Groupe biometric software into its product line and, in turn, Vsblty has worked with ONYX Display Media on Cooler as a Medium, a system expected to be on display at NRF.

Cooler – as in the large glass doors of refrigerated cases — has facial detection algorithms but also the ability to judge age, gender and emotions via interactive displays. biometricupdate.com


OSHA Urges Employers to Prepare for Extreme Winter Weather
From Snowmageddon To Snowpocalypse: OSHA Highlights Potential Winter Weather Hazards
Employers must remember that weather-based hazards exist not only in the heat and humidity of summer, but also in the dead of winter. OSHA has reminded employers of their duties to plan, equip, and train their workers for jobs impacted by winter weather in an effort to "[p]revent injuries, illnesses, and fatalities during winter storms."

To that end, OSHA provides information on hazards – beyond cold stress – associated with operating in winter, including:

• Winter Driving
• Work Zone Traffic Safety
• Stranded in a Vehicle
• Shoveling Snow
• Using Powered Equipment like Snow Blowers
• Clearing Snow from Roofs and Working at Heights
• Preventing Slips on Snow and Ice
• Repairing Downed or Damaged Power Lines
• Working Near Downed or Damaged Power Lines
• Removing Downed Trees

Employers should also consider appropriate winter clothing and personal protective equipment (PPE) to protect employees from cold weather hazards and ensure only appropriate equipment is used in wintry environments. mondaq.com


Retail Sales Dipped at Height of Holidays
U.S. Retail Sales Fell 1.1% in December
U.S. consumers cut back on retail spending at the height of the holiday season as consumers spent less on vehicles, in popular gift categories, and furniture.

Retail sales, a measure of purchases at stores, restaurants and online, declined a seasonally adjusted 1.1% in December from the prior month, the Commerce Department said Wednesday. That was the biggest monthly decline of 2022 and marked the second consecutive month of decline. November’s retail sales were revised lower to a 1% drop.

Sales declined in a number of gift-giving categories in December, including electronics, clothing, at department stores and online. Dining out at bars and restaurants dropped 0.9% on the month. Sales of furniture and vehicles, which are sensitive to higher borrowing costs, both fell sharply. wsj.com


Microsoft to Lay Off 10,000 Workers as It Looks to Trim Costs
The job cuts, which amount to less than 5 percent of the company’s work force, are its largest in roughly eight years.


500 mudslides, flooded communities, broken bridges: CA faces long, costly recovery
The estimated cost is likely to change as teams of local, state and federal officials on Saturday began damage assessment that is expected to continue for several weeks

Party City files for Chapter 11 protection

Washington Supreme Court gives the okay for Albertsons’ to hand out $4B dividend

Macy’s CEO: ‘We are in the final stretch’ of closing stores

Marks & Spencer goes bullish on physical with 20 new stores


Quarterly Results

Wendy's Q4 comp's U.S. up 5.9%, Intern. up 9.9%, total sales up 13.3%

Preventing Data Breaches As Employees Return to Work
Data security enhancements to consider as your employees return to the office
77% of IT decision makers across the United States and Canada believe their companies are likely to face a data breach within the next three years according to survey results released by Adastra.

“The results of this survey should serve as a reminder that companies of all sizes must invest in data security protection, resources and education, particularly as we return to in-office activities,” he said.

10 data security enhancements

Insider threats – employee re-education of systems and protocols - The unauthorized disclosure of data isn’t always the result of malicious actors. Often, data is accidentally overshared or lost by employees. Keep your employees informed with cyber security education. Employees who go through regular phishing tests may be less likely to engage with malicious actors over email or text messaging.

Know your inventory - An inventory of software, hardware and data assets is essential. Having control over the assets with access to your corporate environment starts with an inventory. Inventories can be a part of the overall vulnerability management program to keep all assets up to date, including operating systems and software.

Delete redundant data - Reducing your overall data footprint can be an effective way of reducing risk. Data that resides in multiple locations may not have equal protection in each environment. Understanding what data is required and what can be archived helps to keep control over data assets.

Early detection systems - Detecting anomalies and suspicious activities can resolve issues before they become a breach. Today’s XDR (extended detection and response) and EDR (endpoint detection and response) systems include automated responses to common attacks.

Data back-ups - Having a robust, immutable data backup plan can help an organization quickly recover from an incident. The frequency of the data backup depends on the risk the organization is willing to take. “Can we afford to lose a week’s worth of data or a day’s worth of data?”

Limiting staff access - Employing the least privilege principle reduces overall risk by only allowing access to data and services required to perform specific duties. Establishing processes for provisioning and de-provisioning user access with approvals, audit trails, reports, and regular attestations can limit what an attacker may be able to access in the event of compromised credentials.

Hire a third-party company to conduct a security audit – know your vulnerabilities - An outside assessment of your organization’s security posture, based on established cyber security frameworks such as NIST or CIS, can provide a clearer picture of strengths and weaknesses and a roadmap to address your greatest vulnerabilities.

Establish new passwords with two-factor authentication - Physical security: helpnetsecurity.com


Email Programs Pose Growing Cybersecurity Risk
The big risk in the most-popular, and aging, big tech default email programs

Cybersecurity experts say email is such an old technology it relies on operating systems vulnerable to cyber attacks and default settings need to be updated more frequently.

All over the world, organizations of all sizes, including small businesses, scrambled to upload patches and to figure out if they’d been infiltrated. Despite the efforts, some were still ensnared; at least 200 ransomware attacks were attributed to the hack, with some businesses losing millions as they paid the criminals.

The hack helped to highlight the vulnerability of the 32 million small businesses, many of which can’t afford to hire cybersecurity companies and that mostly rely on the built-in security features of software and hardware companies, giants like Google, Microsoft and Apple. Though the companies have made progress and the problem isn’t new, there are still vulnerabilities, especially in email and other software programs, including operating systems, that were designed long before the current rash of cybercrime and cyberespionage.

″(Society) is asking small businesses to go against nations, organized criminal groups and 16-year-olds in their basement,” says Rotem Iram, one of the founders of startup cyber insurance company At-Bay. “The technology stack they pay for continues to fail them, and the stack takes no responsibility.”

Microsoft has particular power in a handful of markets where it has enormous market share, including enterprise email. Email, though an old technology, is still used in many ransomware and phishing attacks that start by someone clicking on a link or downloading software. Microsoft dominates the enterprise email/word processing market, with more than 86% of market share, according to technology research firm Gartner. Google has nearly 13%. cnbc.com


Selling Access to Enterprises On Underground Forums
Initial Access Broker Market Booms, Posing Growing Threat to Enterprises

A rapid increase in the number of operators in the space — the "locksmiths" of the cyber underground — has made it substantially cheaper for cybercriminals to buy access to target networks.

Names such as Novelli, orangecake, Pirat-Networks, SubComandanteVPN, and zirochka are unlikely to mean anything to a vast majority of enterprise security teams. But for ransomware operators and other cybercriminals looking for quick access to enterprise networks, these were the brokers to approach for a major portion of last year.

Between them, the five entities accounted for some 25% of all access offers to enterprise networks that were available for sale on underground forums between the second half of 2021 and the first half of 2022. For an average price of around $2,800, these so-called initial access brokers (IABs) sold stolen VPN and remote desktop protocol (RDP) account details and other credentials that criminals could use to break into the networks of more than 2,300 organizations around the world, without breaking a sweat.

The company's research showed a sharp year-over-year growth in the number of IABs operating in underground forums and markets — from 262 in the immediately preceding 12-month period to 380 in the period between the second half of 2021 and the first half of 2022. Some 327 of the IABs that Group-IB observed operating during that period were new entries in the space. darkreading.com


State legislators aren't waiting for Congress to regulate children's online privacy
After a year of stalled efforts in Congress to pass expanded children’s privacy legislation, states are plowing ahead with their own efforts to address growing concerns about how tech companies collect and use children’s data.

Passkeys, going passwordless, and the future of authentication

Java, .NET Developers Prone to More Frequent Vulnerabilities

Ring Leader of Nationwide $1.5M CC Fraud Pleads Guilty
DOJ: Bronx Man Admits Role in Nationwide Credit Card Fraud Affecting Thousands of Account Holders
NEWARK, N.J. – A manager for a conspiracy that used stolen credit card information to make fraudulent retail purchases around the United States pleaded guilty today, in Federal court. Trevor Osagie, 31, of the Bronx, New York, pleaded guilty one count of conspiracy to commit bank fraud.

From at least 2015 through November 2018, Osagie conspired with a network of individuals based in the New Jersey/New York area who made trips around the United States in order to use stolen credit card information to purchase gift cards, flights, hotels, rental cards, and other goods and services. Other participants in the conspiracy obtained stolen credit card information through the “dark web” and other sources. In addition to recruiting at least one individual to create the fraudulent credit cards, Osagie managed the individuals who traveled around the United States conducting the fraudulent transactions. The conspirators made over $1.5 million in fraudulent purchases using over 4,000 stolen credit card accounts.

The conspiracy to commit bank fraud charge carries a maximum sentence of 30 years in prison and a maximum fine of $1 million. Sentencing is scheduled for May 25, 2023. justice.gov


Long Island, NY: NJ woman sentenced to 2 to 6 years in prison after $90K Balenciaga bag theft in Hamptons
A woman who was part of a group of shoplifters who stole over $90K in purses from a Balenciaga store in the Hamptons was sentenced to prison on Tuesday. Suffolk County District Attorney Ray Tierney announced that Baseemah Davis will serve 2 to 6 years in prison for her part in the March 2022 incident. According to authorities, Davis was part of a five-person crew of thieves from Newark, New Jersey, who walked into the luxury fashion store in East Hampton at around 1:30 p.m., grabbed nearly $94,000 worth of handbags, and ran out, fleeing in a Dodge Durango. Police began chasing the Durango until it got a flat tire near exit 69 on the Long Island Expressway. The alleged thieves got out and three ran toward a wooded area near the highway, while two others stayed near the vehicle. A following search of the area led to the arrest of Davis and three other suspects, along with the recovery of 34 stolen handbags. The fifth suspect has still not been found.  fox5ny.com


Collier County, FL: Woman arrested for stealing more than $15,000 in merchandise from Ulta
A woman from Collier County has been arrested in connection to a theft spree targeting Ulta Beauty stores. A total of $15,000 in cosmetics and fragrances were stolen from Ulta Beauty stores by a young woman by the name of Dava’Ja Diamond Ford. Ford was arrested after a shoplifting incident on January 10th when deputies responded to a call by one of the stores when she was seen stealing more fragrances. Detectives are looking into more shoplifting incidents that Ford may be connected to.  850wftl.com


Bucks County, PA: Female trio wanted for stealing over $1K in beauty products from Ulta
Police have released surveillance photos in the hopes of catching three suspects in connection to an Ulta theft in Bucks County this weekend. Three women are accused of stealing more than $1,000 in beauty products from an Ulta in Middletown Township Saturday evening. Three suspects were pictured, one with a hot pink jacket, one with a high-visibility vest and another with blue braids and a face mask. Police asked the public for help identifying the female trio in a Facebook post, stating, "So we are two for two… let’s keep up the streak!" The theft comes nearly two weeks after police say a different group of women stole thousands in fragrances from three separate Ultas in Pennsylvania. fox29.com


Auburn, CA: Man arrested for strong-arm robbery at Auburn Home Depot
A Roseville man was arrested Jan. 11 in relation to a robbery at The Home Depot in Auburn. A Placer County Sheriff’s deputy responded to the store for a report of robbery just before 3 p.m. According to the Sheriff’s Office, the loss prevention officer provided the deputy with a description of the suspect’s vehicle. A short time later, two deputies on Interstate 80 and Sierra College Boulevard located the vehicle and conducted a traffic stop. The Sheriff’s Office confirmed the driver, identified as Aaron Keith Krischer, 50, matched the suspect seen on the store’s surveillance video. According to the Sheriff’s Office, Krischer’s vehicle contained numerous items believed to be stolen. The investigation revealed Krischer walked into The Home Depot at 2:25 p.m. with an empty shopping cart and was seen leaving the store 20 minutes later with a cart full of items valued at more than $1,000, the Sheriff’s Office reported. When confronted by the loss prevention officer in the parking lot, Krischer was seen pushing the officer away before fleeing the scene. Krischer was charged with strong-arm robbery and grand theft. goldcountrymedia.com


Leesburg, VA: 3 Teens Suspects Identified in Smash-and-Grab Burglaries
The Leesburg Police Department today announced that three juveniles have been identified as suspects in two burglaries in which the thieves broke the glass storefronts and stole items. Two months after six juveniles were charged with the Nov. 27 burglary of Restocked Sneakers, the department announced Jan. 17 that two of those suspects also have been identified as being involved with a similar break-in at the same business that occurred Nov. 17. In the incidents, perpetrators broke the front glass of the Madison Trade Plaza store and took merchandise valued at $40,000. After the Nov. 17 break-in, discarded merchandise was located nearby in Raflo Park near the W&OD Trail.  loudounnow.com


Roseburg, WA: Man Arrested for Multiple thefts in a week at Grocery store