Dollar General Slapped With $15M+ in OSHA Fines Since 2017
"Dollar General continues to intentionally ignore federal safety standards"

OSHA Proposes $395K in Penalties for Dollar General After Workers Found Exposed to Multiple Hazards at Another Store

The discount retailer, which has been previously cited by OSHA, is facing citations for five repeat violations.

Discount retailer Dollar General is facing $395,717 in new Occupational Safety and Health Administration (OSHA) fines for five repeat workplace safety violations, the agency announced January 23. In an inspection of a West Lafayette, Ohio, location, federal investigators found workers exposed to blocked emergency exits and electrical panels and boxes of merchandise stacked at unsafe heights.

According to the agency, Dollar General and its corporate parent, Dolgencorp LLC, also face 100 open safety investigations nationwide. OSHA has fined Dolgencorp and Dollar General more than $15 million since 2017 for willful, repeat, and serious workplace safety violations.

Dollar General and Dolgencorp, headquartered in Goodlettsville, Tennessee, operate more than 18,000 stores and 17 distribution centers in 47 states, employing about 167,000 full- and part-time workers, according to OSHA.

"Dollar General continues to intentionally ignore federal safety standards while the company's defiance shows they value profits more than the safety and wellbeing of employees," Larry Johnson, OSHA's Columbus, Ohio, area director, said in an agency statement.

"Dollar General's unwillingness to make changes across its organization and, as importantly, at stores where hazards persist should be a serious concern for workers and shoppers alike."

OSHA already placed Dolgencorp and Dollar General in its Severe Violator Enforcement Program (SVEP). Companies in the SVEP are subject to mandatory follow-up inspections, enhanced settlement provisions, and possible enforcement action in federal court. Last year, OSHA expanded its criteria for placing employers in the SVEP.

However, the agency also decided to allow employers to exit the program early by accepting settlement agreements that include safety and health management programs that meet OSHA guidelines. safety.blr.com ohsonline.com


Sparks Fly Ahead of Another Retail Union Election
Trader Joe's Posts 'Anti-Union Propaganda' Ahead Of Election At Kentucky Store

The union Trader Joe's United has organized two stores and hopes to add a third in Louisville this week.

Workers at a Trader Joe's store in Louisville will vote this week to determine whether they become the chain's third store to form a union in less than a year. Trader Joe's has told employees there it welcomes a fair election, but the company doesn't sound thrilled with the prospect of another organized store.

A photo shared with HuffPost shows the Louisville location's break room door filled with what the union supporter called "anti-union propaganda." One flier offered scary-sounding "facts" about collective bargaining, warning that unions promise whatever they need to in order to secure votes.

Another flier warned that workers' flexibility could vanish under a collective bargaining agreement. "Think of every time an exception or adjustment was made for you. Will that be allowed under a contract?" huffpost.com


Facial Recognition Technology's Global Expansion
Facial recognition market to grow by 16.41% Y-O-Y in 2023

Increasing instances of identity threats, along with growing popularity, will drive growth

In 2017, the facial recognition market was valued at USD 3847.18 million. From a regional perspective, North America held the largest market share, valued at USD 1,444.23 million. The facial recognition market size is estimated to grow by USD 7634.09 million from 2022 to 2027 at a CAGR of 18.11% according to Technavio.

Major drivers of this growth include: Increasing instances of identity threats; Rising popularity of facial recognition; and adoption of 3D facial recognition technology. prnewswire.com


NRF: Consumers Plan to Increase Valentine's Day Spending to Nearly $26 Billion
Consumers are expected to spend $25.9 billion on Valentine's Day this year, up from $23.9 billion in 2022 and one of the highest spending years on record, according to the annual survey released today by the National Retail Federation and Prosper Insights & Analytics. More than half (52%) of consumers plan to celebrate and will spend an average of $192.80. This is up from $175.41 in 2022, and the second-highest figure since NRF and Prosper started tracking Valentine's Day spending in 2004. nrf.com

 
Walmart confirms it's closing a number of locations

Struggling Red Lobster Announces More Store Closures

Kohl's Closing In on Naming Permanent C.E.O.

400M Individuals Hit by Data Breaches in 2022
More motivation to pass a federal privacy law?

Data breach notices become more opaque, leaving consumers in the dark

Of the 1,802 breaches the Identity Theft Resource Center tracked in 2022, 66% of notices lacked details about the attack and victims.

Data breach disclosures that included specific details for consumers dropped dramatically in 2022, according to the most recent data from the Identity Theft Resource Center.

Of the 1,802 breaches the group tracked in 2022, 66% did not include victim and attack details such as root cause. It's a dramatic decline from two years ago when 100% of reported breaches tracked by the center included details about attack vectors.

Data breaches in 2022 affected roughly 400 million individuals, according to the ITRC report. The trend toward less descriptive disclosures makes it harder for consumers to protect themselves and for policymakers and cyber defenders to respond, experts say.

"That's hundreds of millions of people who are left in the dark about what's happened to them, and more importantly, what they can actually do about it," Eva Velasquez, president and chief executive order of the Identity Theft Resource Center, said at an event Wednesday co-hosted with Better Identity Coalition.

Companies are currently subject to a patchwork of state data breach laws, many of which don't require victim details. The Federal Trade Commission has gone after companies for covering up or failing to disclose breaches, such as when it ordered CafePress last year to take on new security protocols in light of covering up multiple breaches.

ITRC attributed the slight slowdown in breaches last year to Russia-based cybercriminals being distracted by the war in Ukraine, a theory several cybersecurity experts have also posed.

The ITRC report also notes that cybercriminals are moving away from zero-day exploitations to going after weaknesses in APIs, a problem highlighted a recent breach of T-Mobile that effected up to 37 million consumers. cyberscoop.com


Threat Actors Using Microsoft Office to Install Malicious Code
Microsoft to Block Excel Add-ins to Stop Office Exploits

The company will block the configuration files, which interact with Web applications - since threat actors increasingly use the capability to install malicious code.

Microsoft plans to add a feature to Office Excel that will make it harder for cyberattackers to exploit the spreadsheet application's "add-ins" function to run malicious code on a victim's computer.

And while it's a welcome development, Microsoft's countermeasure is just the latest go-around in the cat-and-mouse game going on between major software makers and cyberattackers, researchers say.

Microsoft Takes Aim at XLLs

Excel add-in files are designated with the XLL file extension. They provide a way to use third-party tools and functions in Microsoft Excel that aren't natively part of the software; they're similar to dynamic link libraries (DLLs) but with specific features for Excel spreadsheets. For cyberattackers, they offer a way to read and write data within spreadsheets, add custom functions, and interact with Excel objects across platforms, Vanja Svajcer, a researcher with Cisco's Talos group, said in a December analysis.

Staying Ahead of the Cyberattackers?

For more than two decades, cybersecurity firms have sought to strip out potential avenues for malicious scripts in common files types - such as Office formats or PDF files - but attackers have always adapted.

"When organizations like Microsoft reduce the attack surface or otherwise increase the effort required to execute an attack on their product offerings, it forces threat actors to explore alternate avenues," he said. "This often leads to exploring previously known, perhaps less ideal, options for threat actors to achieve their objectives." darkreading.com


BEC Attacks Hitting Small & Medium-Sized Businesses
What makes small and medium-sized businesses vulnerable to BEC attacks
According to the FBI's 2021 Internet Crime Report, business email compromise (BEC) accounted for almost a third of the country's $6.9 billion in cyber losses that year - around $2.4 billion. In surprisingly sharp contrast, ransomware attacks accounted for only $50 million of those losses.

Dror Liwer, Co-Founder of Coro, talks about what makes small and medium-sized businesses especially vulnerable to this form of attack and why BEC's contribution to the country's annual cyber losses not only makes sense but is likely underreported.

In stark contrast to highly disruptive ransomware attacks, BEC is subversive and is neither technically complicated nor expensive to deploy. In the case of large organizations, the financial fallout of BEC is almost negligible. That's not the case for small and medium-sized businesses, which often lack the means to absorb similar financial losses.

BEC's simplicity gives more credence for attackers to target smaller organizations, and because of that, it's doubly essential for SMBs to be vigilant. helpnetsecurity.com


Apple delivers belated zero-day patch for iOS v12
Apple has released security updates for macOS, iOS, iPadOS and watchOS, patching a type confusion flaw in the WebKit component (CVE-2022-42856) that could be exploited for remote code execution on older iPhones and iPads running iOS v12.

Cybersecurity hiring remains strong amid tech layoffs

Microsoft Azure-Based Kerberos Attacks Crack Open Cloud Accounts

Philadelphia, PA: 13 people, mostly teens, arrested for Gun store burglaries in suburban Pa.
A total of 13 people have been arrested after a series of gun store burglaries in Bucks and Montgomery counties. Of those, 11 of them are teenagers. A coalition of law enforcement announced the arrests on Wednesday. They say the group, which includes 40-year-old Angel Mason, 22-year-old Dante Purnell and 18-year-old Liv Hall, robbed three gun dealers - and tried to rob a fourth - between September and November of last year. In total, 93 firearms were stolen. Just 33 firearms have been recovered by law enforcement, leaving 60 firearms on the streets and unaccounted for. "These brazen burglars stole 93 guns from three different gun stores and they were trying for another one in Montgomery County and were thwarted by someone calling police. They planned to do two others and we were able to stop them," said Montgomery County District Attorney Kevin Steele. Steele says some of the suspects are associated with a neighborhood street gang in Philadelphia called "54th Street." Hall is one of two juveniles being charged as an adult.  6abc.com


Campbell, CA: 1 shot, multiple suspects at-large after Armed Robbery outside Camera store in Campbell
Campbell police said it happened just before 11 a.m. Outside the family-owned shop, camera cases, equipment, and evidence markers were scattered about. The lot surrounding the camera store became a crime scene for much of the day. Nearby, Kathy Martinek was at work and heard rapid bangs - noise she initially thought may have been firecrackers for Lunar New Year. "Come to find out there were gunshots, right here," she said, as she motioned toward the camera store. "Yards from our building." Martinek recalled hearing up to five gunshots. Campbell PD confirmed one person was shot and taken to a local hospital. Police aren't sharing whether the victim is an employee or a customer, and they're not yet giving details about their condition. Campbell PD said multiple suspects remain at large. Details surrounding the crime are eerily similar to others ABC7 News has covered around the Bay Area. In November, nearly $180,000 in merchandise was stolen from a camera shop in a robbery near San Francisco's Union Square. Surveillance from the area showed four people get out of a gray sedan near Bush and Grant Streets. Then earlier this month, there was another robbery at a high-end camera store in Pleasant Hill. The incident also involved a group of suspects. Campbell PD said it's too early to speculate whether Wednesday's robbery is connected, or whether it's part of a growing crime trend.  msn.com


Cleveland, OH: Police Looking for an Old Navy Robbery Suspect
On Thursday, January 19th, Cleveland Police say a man entered the Old Navy Store at Steel Yard Commons, and grabbed over 20 pairs of jeans, and walked out without paying. If anyone recognizes the male in the attached photos, please contact Detective Murphy at 216-623-5217. wtam.iheart.com


Ocala, FL: Man arrested after making fraudulent returns at Walmart
A 27-year-old Ocala man was arrested after he was caught making fraudulent returns at a local Walmart. On Tuesday, a Marion County Sheriff's Office deputy responded to the Walmart in Ocala in reference to a theft incident. Upon arrival, the deputy made contact with the store's loss prevention manager who advised that a man, identified as Sean Burdelle Burham, had walked into the store without any items in his possession The manager advised that Burham proceeded to walk around the store and placed items inside a shopping cart. According to the manager, Burham then walked directly to the customer service desk and attempted to return the items that he had grabbed. Those items, which totaled $144.96, included clear storage containers, women's underwear, and other miscellaneous items, according to the MCSO report. After viewing the surveillance footage, the deputy made contact with Burham. After being read his Miranda rights, Burham admitted that the receipt he had brought in to return the items was a "past receipt" for items that he had purchased with his spouse. Burham told the deputy that he had seen other individuals on social media who had returned items at stores without getting caught. He advised that he had attempted to get the refund because he was "going through hard times and needed the money for his family," according to the MCSO report.  ocala-news.com


Idaho Falls, ID: Trial set for man accused of stealing over $2k from hardware store

Eau Claire, WI: Woman steals hundreds in merchandise in EC store's fitting room