Safety Violations Continue to Plague Dollar General Stores
Workers say their hours have been cut, creating a mess of merchandise at stores.

Dollar General's troubles have snowballed into cluttered aisles and stores forced to close by fire marshals

A shortage of person power makes it tough to unpack new merchandise and update inventory.

Current and former employees who spoke to Insider say clutter at Dollar General stores has gotten worse over the last few years. They've said staffing issues, including cut hours and poor wages, are at least partially to blame because employees must choose between helping customers and stocking shelves.

At locations from Louisiana to Maine, stacks of unpacked candy, toilet paper, barbeque sauce, and pet food have attracted attention from local fire marshals, who have ordered some stores to close when the clutter blocks exits or access to fire extinguishers, Insider previously reported.

The clutter is one of the reasons that the Department of Labor labeled Dollar General a "severe violator" in March. The chain has racked up more than $15 million in fines from the Occupational Safety and Health Administration and is in early talks with the federal government over a settlement, The New York Times reported in March.

A spokesperson for Dollar General said: "Our goal is to provide stores with the resources they need, including the appropriate labor budgets, to support our expectations of a clean, well-stocked shopping environment as well as excellent customer service."

An employee in Michigan said the hour cuts started about a year ago. Another in the Midwest said their store cut their hours, along with others' at their store and in their district, at the start of 2023.

Some stores have a single employee on duty for several hours at a time, according to three of the employees who spoke to Insider.

The risks of being the only employee on duty extend beyond fire hazards. The stores are frequent targets for robberies, some of which have been deadly, CNN and ProPublica reported in 2020. In January, a Dollar General clerk was charged with manslaughter after police said he shot and killed an armed robber. The clerk said it was the sixth attempted armed robbery at that store since August. businessinsider.com


Retail Hit Hard By the Pandemic in NYC
The industry impacts are still being felt across the city

NYC jobs recovering from pandemic, but uneven growth could deepen inequality
Jobs in NYC have come almost all the way back since the pandemic - but the recovery has been uneven. Industries long-considered the working-class lifeblood of the city - tourism, retail and restaurants - have been hit harder than others, threatening to deepen economic inequalities in the city.

Thousands of jobs still haven't been recovered in restaurants, delis, department stores, Broadway musicals and sports, according to data from the state comptroller's office.

"We need these sectors, which employ hundreds of thousands of workers, to also regain their full pre-pandemic strength to ensure the city's economic recovery is more robust and inclusive of all New Yorkers," DiNapoli said in a statement.

A large portion of the job losses are mostly in the service industry, with low barriers to entry. They employ immigrants and people without college degrees. Job recovery, skewed towards high-paying jobs, potentially keeping lower-income workers down as they struggle to come back from the impact of the pandemic.

Retail, too, took a hit it hasn't yet rebounded from, recovering about 87% of jobs it lost since the pandemic. According to the comptroller's numbers, it's not projected to recover until 2027.

The restaurant sector is faring slightly better, recovering around 95% of pre-pandemic jobs, despite the state recovering 97% of jobs and the nation recovering all of them and adding more. nydailynews.com


The COVID Emergency Is Over - But City Centers Are Forever Changed
Shifting to life post-Covid: How remote work transformed this city in the Midwest

It's been more than three years since the global pandemic sent workers accustomed to five-day, in-person work weeks away from offices.

It's been more than three years since the global pandemic sent workers accustomed to five-day, in-person work weeks away from offices. Many desk workers are still working from home for at least some of the week. That's because remote and hybrid work models originally adopted as a short-term solution have shown staying power, even with the global public health emergency officially declared over.

The trend has, in turn, changed the aesthetic and culture of downtown centers across the country that could once rely on an influx of commuters. In Lansing, that change is seen in different work hours, more housing and new event spaces as community and business leaders try to reimagine what and who the downtown caters to. It's all being done in a bid to attract people to live or visit as reality sets in that Lansing and other cities can no longer thrive on office-centric economies.

Workers across the country have pushed to keep remote privileges even as executives at giant companies such as Disney to Tesla try to get their employees back into the office at least part time. cnbc.com


The Downtown & Mall Exodus
Retailers Moving to the Burbs
Department stores, apparel brands, restaurants and other specialty retailers want to be closer to supermarkets and other essential tenants that generate regular visits from work-from-home consumers. Thus, many are closing low-traffic locations in malls and downtown areas in favor of suburban neighborhood centers. icsi.com


Foot Locker closing 400 underperforming mall stores by 2026 & open approx. 300 in streetfronts & open-air centers

Carter's has 50 store openings scheduled for 2023, plans to add 1,000+ by 2027

Jenny Craig shutting the doors of most of its 500 North American weight loss centers

Scotch & Soda closes several US stores


Quarterly Results

Prada Q1 retail sales up 23%, Miu Miu sales up 42%, Prada Brand sales up 21%, Group sales up 22%

Richemont FY Group retail up 22%, online up 12%, wholesale up 14%, total sales up 19%


Last week's #1 article --

Mall Shooter Was Reportedly a Security Guard
Allen outlet shooting suspect identified as 33-year-old Mauricio Garcia
The gunman who carried out the deadly shooting at the Allen Premium Outlets Saturday afternoon has been identified as Mauricio Garcia, multiple sources told CBS News Texas.

Garcia, 33, had been living at a motel and did not have any felonies, J.D. Miles reported. He was reportedly working as a security guard.

Miles added that Garcia's younger brother, Christian-who has a lengthy criminal record-has been inaccurately accused of being the gunman. President Biden has since responded to the shooting, even stating that Garcia used an AR-15 style assault weapon to carry out the massacre.

According to the Mass Shooting Tracker, Allen marked the 242nd mass shooting in the United States this year. cbsnews.com

Uber's CISO Case Precedent - Employment Agreements Need to Protect CISOs
A CISO Employment Contract May Mean the Difference Between Success and Jail
On May 4, 2023, U.S. District Judge William Orrick sentenced former Uber CISO and former DOJ cybercrime prosecutor Joe Sullivan to three years of probation and 200 hours of community service for his role in concealing a massive data breach at Uber from the public and from the FTC.

While the court rejected the government's request for 15 months of jail for the former prosecutor, the court also did not accept Sullivan's assertions that his activities were simply "normal" activities for a CISO in response to a data breach.

The prosecution noted that the many letters of support he received from members of the cybersecurity community did not understand the nature and facts of the Uber case and that fears expressed by CISOs that they could face criminal prosecution for simply doing their jobs reflected the fact that these CISOs "don't have a clear picture of what happened" in the Sullivan case.

The judge also emphasized the fact that Uber, in general, and Sullivan, in particular, failed in their obligations to protect the public from the breach and obstructed the FTC investigation and response to a previous data breach.

While Sullivan was able to avoid a prison sentence, the case raises serious questions about how CISOs can ensure that they have a successful tenure with an organization, that they can ensure that their voice is heard and responded to and how they can ensure that they do not end up left hanging by their employer. Of course, there is no substitute for competence and hard work, but any CISO can expect data breaches, incidents and crises. That is the nature of the profession. There are a few things a CISO can do to protect themselves and their role within an organization from the outset.

Clear Understanding of Roles, Responsibilities and Reporting - Clear visibility to the CEO, president and the board of directors

Written Plans - The CISO, the President and the Board - Protecting the CISO - Exit Strategy - Invent and Create - Outside Work/Research/Board Memberships - Training and Education - Metrics and Measurements

Conclusion

The role of the CISO has become increasingly important in today's digital landscape. However, as the case of Joe Sullivan has shown, the responsibilities of this role can also come with significant risks. CISOs should ensure that their employment contracts and agreements with their employers include provisions that protect them from legal and financial liabilities to help them do their job effectively and with greater peace of mind. securityboulevard.com


U.S. Leads in Breach Concealment - 70.7% Told to Keep Quiet
70% of US IT Leaders Told Not to Disclose Data Breaches
Not all cybersecurity breaches get reported. A new report from Bitdefender found that although IT leaders have an obligation to report attacks, over 42% of them have been told to keep quiet when a breach should have been reported. Shockingly, in the U.S., this number rises to 70.7%.

IT leaders may have reasons to keep attacks confidential, but the high rate of silence is alarming since it could further enable attackers and limit knowledge sharing about public vulnerabilities. Retaining confidentiality of data breaches may also go against new data breach laws in the U.S. and EU. But this is only one of many concerns around cybersecurity in 2023. IT professionals report grappling with rising threats, economic headwinds, and a shrinking staff lacking the proper security skills.

The Bitdefender 2023 Cybersecurity Assessment analyzed some of the top cybersecurity challenges organizations face in 2023. Below, we'll examine the findings from the report and consider why a culture of silence exists around data breaches. We'll look at the pressing cybersecurity threats across organizations and consider what solutions organizations need to evolve.

New Data on Concealing Breaches

Companies are likely worried about financial and reputational damage due to a data breach. Yet, if new regulations that require increased cybersecurity reporting are unmet, it could result in high legal repercussions and fines. As a result, 54.3% said they were worried about their company facing legal action due to a security breach being mismanaged. Again, in the U.S., where breach concealment is highest, 78.7% worried about facing legal action due to mishandling data breaches.

Conducted by Censuswide, the Bitdefender 2023 Cybersecurity Assessment surveyed 400 IT professionals working in organizations with over 1,000 employees in the U.S., Italy, UK, Germany, France and Spain. For further insights, you can pick up a copy of the report behind an email gate here. securityboulevard.com


Attackers Continue to Adapt
Cybercriminals have adapted since Microsoft's decision to block macros

Microsoft's decision to disable macros by default last year has forced hacking crews to find new, and sometimes old, ways to get a foothold.

Microsoft's decision to disable macros by default has resulted in "vastly different ... attack chains" from cybercriminals and a "new normal of threat activity," researchers with the cybersecurity firm Proofpoint said Friday.

Macros - which enable certain automation in particular file types - were long a favorite way for hackers to lace documents with malicious scripts to download malware onto targeted systems during email phishing campaigns, the researchers said in a new report. But after Microsoft's February 2022 decision, which the company fully implemented by July, attacks enabled through macros have dropped off precipitously, the researchers said in a report published Friday ahead of a talk at the Sluethcon cybercrime conference in Arlington, Virginia.

The analysis based off data gathered and analyzed between January 2021 through March 2023 notes that phishing campaigns relying on macros dropped nearly 66%, "and so far in 2023, macros have barely made an appearance in campaign data."

A class of cybercriminal known as initial access brokers for their role in gaining access to victim assets and then selling it to others have nevertheless adapted. Proofpoint said its telemetry allows for analyzing billions of messages per day, revealing "widespread threat actor experimentation in malware payload delivery, using old filetypes, unexpected attack chains, and a variety of techniques that result in malware infections, including ransomware." cyberscoop.com


Microsoft 365 Phishing
New Phishing-as-a-Service Platform Lets Cybercriminals Generate Convincing Phishing Pages
A new phishing-as-a-service (PhaaS or PaaS) platform named Greatness has been leveraged by cybercriminals to target business users of the Microsoft 365 cloud service since at least mid-2022, effectively lowering the bar to entry for phishing attacks.

"Greatness, for now, is only focused on Microsoft 365 phishing pages, providing its affiliates with an attachment and link builder that creates highly convincing decoy and login pages," Cisco Talos researcher Tiago Pereira said.

"It contains features such as having the victim's email address pre-filled and displaying their appropriate company logo and background image, extracted from the target organization's real Microsoft 365 login page." thehackernews.com


Fed takedowns continue to frustrate cybercriminals
Botnet takedowns take the fight to the enemy and use the hacker's own tools against them

WordPress Plugin Used in 1M+ Websites Patched to Close Critical Bug

Top 3 trends shaping the future of cybersecurity and IAM

Walmart thieves are charged after sneaky self-checkout 'skimmer' trick sees them pocket thousands from 11 customers
FOUR suspects have been charged after allegedly stealing thousands of dollars from 11 unsuspecting Walmart customers. Police said three men placed credit card skimmers on self-checkout machines. The suspects have been identified as Alin Velcu, Ion Velcu, Catalin Velcu, and Madalina Iordache Ciuciu. Police said 11 victims' card details were used in Maryland, Florida, Arizona, Texas, and Virginia.  the-sun.com


Southaven, MS: Smash-and-grab thieves load up on guns and jewelry; 5 Suspects wanted
There's an urgent search to get stolen guns off the streets. Thieves broke into a Mississippi gun shop, getting their hands on loads of firearms. It was all done in less than 3-minutes early Wednesday morning on May 10. When FOX13 crews went inside the store several glass casings remained empty, a few shards of glass still on the floor as owners contemplated what to do next Surveillance video shows five burglary assailants crow-bar their way into Guns and Fine Jewelry located on Goodman Road. They took off with dozens of guns and an unknown amount of jewelry.  fox13memphis.com


Simi Valley, CA: 2 men suspected in beauty store heist in Simi Valley caught
Two men were caught and arrested Saturday after allegedly stealing $2,000 worth of fragrances from a beauty supply store in Simi Valley. The suspects fled in a sedan with covered license plates after the theft reported around 9 p.m. from the Ulta store at 1555 Simi Valley Town Center Way, according to the Simi Valley Police Department. The agency said an officer spotted the suspects' vehicle traveling east on Highway 118 and followed it to North Hollywood, where the men were taken into custody and booked into the main jail in Ventura.  vcstar.com


Cumberland County, PA: Suspect steals $2,000 gaming system from Sam's Club

Arnold, MO: Police seek Imperial man for allegedly stealing nearly $1,800 in items