National Retail Investigation Police Unit Focuses on Organized
& Violent Crime

More support against increasing levels of violence and aggression is coming for retailers, with an announcement from New Zealand Police that they will be setting up a National Retail Investigation Support Unit (Retail ISU). This is the first unit of its kind in this part of the world.

Data from Auror's Crime Intelligence Platform shows serious incidents within retail, such as robberies and assaults, have doubled in the last 12 months and aggression and violence has increased by almost 20% in the grocery sector alone.

"We've had knives pulled on our security teams three times in the last month" - grocery retailer

"We've had to adapt our training significantly to cater for more violence." - National Prevention Manager

"She presented the scissors and threatened us that if we try to stop them she will stab us. We backed off and let them go." - security guard

By utilising data from the Auror platform, police have come up with a new approach to focus on the small number of offenders who are responsible for the majority of the loss and aggression.

Auror Co-CEO Phil Thomson notes that "while only 1 in 10 shoplifters are repeat offenders, these repeat offenders account for half of all serious events and are five times more likely to be violent or aggressive towards retail team members and customers".

The Retail ISU was announced by police at the Retail NZ Summit on In-store Violence and Anti-Social Behaviour on 8 November. Police have designed this unit to better collaborate with the retail industry. This will allow police and retailers to work together to focus their efforts on this violent and aggressive behaviour, making the community safer for everyone.

This collaboration and setup of the Retail ISU is supported by police leadership with Commissioner Andrew Coster sharing ... Continue reading the full article here.
 

US: 51M Cases - 819.3K Dead - 40.1M Recovered
Worldwide: 271.2M Cases - 5.3M Dead - 243.8M Recovered

Former Senior Loss Prevention Executive
Know of any fallen LP exec? Let's remember & recognize.

Private Industry Security Guard Deaths: 328   Law Enforcement Officer Deaths: 548
*Red indicates change in total deaths

New COVID Variant Spreading Like Wildfire
Omicron in D.C., 30 U.S. states as variant poised to dominate in Europe
D.C. health officials said Sunday they have confirmed four unrelated cases of the omicron coronavirus variant. Three of the people had traveled within the United States; one had not. All four were fully vaccinated.

Omicron was first identified in the region earlier this month, when three cases were detected in the Baltimore area. The variant has been identified in at least 30 states, according to a Washington Post tally.

In South Africa, among the countries to first identify omicron, it has become the dominant virus variant. Officials in Europe said last week that omicron could become the dominant variant in some countries there as soon as this week.

Omicron has been noted as a variant of concern by the World Health Organization and the U.S. Centers for Disease Control and Prevention. Scientists say preliminary data suggests it may cause milder cases of covid-19 than the delta variant. washingtonpost.com

Kroger Says No Emergency Leave for Unvaccinated Workers
Kroger to End Some Covid-19 Benefits for Unvaccinated Workers

Grocery chain to remove paid emergency leave for unvaccinated employees who contract Covid-19, add $50 monthly health surcharge for some staff

Kroger Co. is eliminating some Covid-19 benefits for unvaccinated employees, a move to encourage inoculations as the Biden administration's vaccine mandate faces legal challenges.

The Cincinnati-based grocery chain told employees last week that it will no longer provide two weeks of paid emergency leave for unvaccinated employees who contract Covid-19, unless local jurisdictions require otherwise. Kroger will also add a $50 monthly surcharge to company health plans for unvaccinated managers and other nonunion employees, according to a memo viewed by The Wall Street Journal. Both policies are effective Jan. 1, the memo said.

Kroger, one of the biggest employers in the U.S. with almost half a million full-time and part-time employees, is tightening pandemic-related policies for workers as U.S. businesses face continued uncertainty over federal vaccination mandates. Rules issued by the Occupational Safety and Health Administration in November require employers with 100 or more workers to ensure employees are vaccinated or take weekly Covid-19 tests by Jan. 4.

Whether those rules, which were targeted by lawsuits across the country, will take effect is uncertain. Last week, a U.S. court blocked the plan to mandate vaccines for federal contractors. General Electric Co. and others have since suspended vaccine requirements for employees. A federal appeals court in Cincinnati is considering whether to reinstate the administration's rules for employers. wsj.com

Another State Reimposes Mask Mandate
California to reimpose statewide indoor mask mandate as omicron arrives
The state of California will once again require that all residents - regardless of COVID-19 vaccination status - wear masks indoors.

In a news release, California Health and Human Services announced that the mandate will apply to all indoor settings beginning on Wednesday, Dec. 15, and last at least until Jan. 15, citing an increase in COVID-19 cases since Thanksgiving.

Some counties, including San Francisco, San Mateo, Santa Clara, Alameda, Contra Costa, Sonoma and Napa in the Bay Area, as well as Los Angeles County, have been enforcing an indoor mask mandate since the summer. Marin County recently dropped its mask mandate and announced that given its high vaccination rate, would no longer use case rates to set COVID-19 policy, and instead rely on hospitalization data.

"We think it's important at this stage to reorient what we're most concerned about, which is severe illness and death," said Marin County health officer Dr. Matt Willis. "Cases are increasingly mild, so we have shifted towards a more benign form of COVID-19 infection and disease based on vaccination rates." sfgate.com

Philly Enacts Strict Vax Mandate
Philadelphia Implementing COVID-19 Vaccination Requirement For Food, Drink Establishments Beginning Jan. 3, 2022
COVID-19 vaccination proof will be required to dine at Philadelphia bars and restaurants beginning in 2022, Philadelphia Health Commissioner Dr. Cheryl Bettigole announced Monday morning. The vaccination mandate will go into effect beginning Jan. 3, 2022 in order to give establishments that serve food and beverages a chance to get ready.

"New cases and hospitalizations are rising in Philadelphia and nationally, and with winter we must do more to protect our residents," Mayor Jim Kenney said. All establishments that serve food and drinks for customers to sit and enjoy will have to require proof of vaccination for entry.

The mandate applies to indoor restaurants, bars, sports venues, cafes, casinos, movie theaters, and anywhere else that serves food or beverages where customers can sit down to enjoy them.

The mandate will be implemented in phases. From Jan. 3 to 17, restaurants and bars may choose to accept proof of a negative COVID-19 test for entry. After the 17th, negative tests will no longer be accepted and all customers must be fully vaccinated in order to enter. This means they must have either a single dose of the Johnson & Johnson vaccine or two doses of the Pfizer or Moderna vaccine. philadelphia.cbslocal.com

Retail Struggles Across the Pond Amid New COVID Measures
UK Government's Covid Plan B Deals 'Hammer Blow' To London West End Retail
London's embattled West End has been dealt a "hammer blow" in its bid to recoup from a disastrous year as the U.K. government prepares to push through more stringent Covid measures in a so-called "Plan B" initiative.

The government's new measures will require mask to be worn in most indoor locations and on public transport, while it has issued a work from home advisory that saw already depressed commuter numbers fall by a fifth this morning.

The moves come at a time when South African Covid variant omicron shows every sign of sweeping through the U.K. and the CEO of New West End Company - the organization that represents 600 brands, restaurants and businesses in the West End - reacted with dismay to the news.

Jace Tyrrell said: "While our top priority remains the safety and wellbeing of our customers and colleagues, and we fully support mandatory mask wearing in shops, the renewed work from home order during the most important trading period of the year is a hammer blow for our retail and leisure tenants. Many businesses have committed time and money in their Christmas plans in a bid to make up for last year's losses - vital investment that they won't be able to recoup." forbes.com

Have Offices Stopped Shrinking?
February May Be the Month Workers Start Returning
A new Cushman & Wakefield report found high office vacancy rates continues to improve both nationally and locally.

They predict February as the inflection point in the U.S. regarding back to the office returns. They noted, though, that U.S. office rental rates probably will not inch toward normal until late 2022 or 2023.

"Every week in October, and through November, has represented a new post-pandemic high for the proportion of workers frequenting the office," said Cushman & Wakefield in its "Has the Tide Turned Yet?" office report issued Tuesday.

Target caused concern for downtown when it announced earlier this year it would give up and sublease nearly 1 million square feet of office space in Minneapolis' City Center as it moved employees there to a hybrid work model. City leaders feared other employers would follow and permanently shrink their office needs.

Companies with sizable downtown offices such as Target, Thrivent, Ernst & Young and Fredrikson & Byron say they have embraced a hybrid work method that will allow many office workers to return to the office part time and work remotely from home some days a week even after the pandemic ends.

In some cases, businesses will need their same office footprint, but will focus on offering "enhanced" employee experiences that include first-class amenities, services, wellness classes and first-rate technologies. startribune.com

Future of Work: Requiring workers to return to the office is a 'doomed approach'
Slack's CEO Stewart Butterfield says the future of work is being dictated by workers who want more flexibility and better tech tools.

Pfizer antiviral reduces hospitalization, death among high-risk people by 89%

National Cyber Resilience Centre Group
UK founds cyber resilience center group
Public and private entities in the United Kingdom have connected in support of the National Cyber Resilience Centre Group (NCRCG), a not-for-profit company bringing together all those who have a vital responsibility for embedding cyber resilience throughout the U.K. economy.

NCRCG is funded and supported by the Home Office, law enforcement and Ambassador Partners from the UK's largest businesses and organizations. NCRCG will support the growth of the Cyber Resilience Centre (CRC) network across England and Wales, which already exists to help smaller organizations face the challenges posed by cybercrime. The group will also create a Talent Pipeline of students interested in cybersecurity.

NCRCG will continue and support the work of nine regional cyber resilience centers throughout the U.K. Officials from the government, law enforcement and corporations announced the creation of NCRCG in early December.

U.K. Security Minister The Rt Hon Damian Hinds, MP, highlighted the importance of public-private partnerships in security, saying, "This new center group is a flagship enterprise of public and private sector demonstrating how innovation can support the business community."

Detective Superintendent Nick Bell, CEO of the National Cyber Resilience Centre Group and National Policing Director for the CRCs, said, "Cybercrime costs our national economy; it affects organizations' ability to trade, their ability to recruit and retain and ultimately can have a considerable impact on their bottom line. In NCRCG, we have a platform for leading the charge to strengthen our national cyber resilience and help to develop best practice across the country. By working together as police, government, business, third sector organizations and academia, we have the best potential to minimize the risk posed by cybercriminals and support those who most need cyber protection." securitymagazine.com

Most Impactful Cybersecurity Measures
Top practices to improve enterprise security
Last year's study revealed that five practices had an outsized influence on the overall health of an organization's security program. These include proactively refreshing outdated technology; well-integrated security technologies; timely incident response; prompt disaster recovery; and investing in accurate threat detection capabilities. This year's study analyzed those top five practices more closely to identify success factors.

Updating and integrating architecture

Investing in a proactive technology refresh strategy is more important than ever, as on average 39 percent of security technologies used by organizations are considered outdated. Unsurprisingly, organizations with cloud-based architectures are more than twice as likely to refresh than those with more outdated, on-premises technologies.

Detecting and responding to threats

The value of cloud-based security architectures cannot be understated. Organizations that claim to have mature implementations of zero trust or SASE architectures are 35 percent more likely to report strong security operations than those with nascent implementations.

Staying resilient when disaster strikes

As the threat landscape continues to evolve, testing business continuity and disaster recovery capabilities regularly and in multiple ways is paramount, with proactive organizations 2.5 times more likely to maintain business resiliency. helpnetsecurity.com

Corporate Networks Under Attack
40% of Corporate Networks Targeted by Attackers Seeking to Exploit Log4j

More than 60 variants of the original exploit were introduced over the last day alone.

Early concerns about the Log4j vulnerability posing one of the biggest threats to Internet security in recent memory are quickly being confirmed with exploits and exploit activity targeting the flaw exploding over the weekend and the enormity of the remediation work involved for organizations becoming starkly clearer.

On Monday, Check Point said that it had already blocked some 846,000 scans for the flaw on its customer networks since the vulnerability - now being referred to as Log4Shell - was disclosed on Dec. 9. Some 40% of corporate networks globally already have been targeted in activity seeking to exploit the flaw.

The security vendor said that at times it has observed as many as 100 attempts to exploit the vulnerability in a single minute. Known malicious groups were responsible for nearly half - 46% - of the malicious activity that Check Point has observed on customer networks so far.

Ominously for organizations, new variations of the original exploit - first posted on GitHub - are being introduced at a rapid pace. Over the past 24 hours alone, Check Point researchers observed over 60 variations of the exploit becoming available in the wild. Log4Shell now can be exploited in multiple ways - including over HTTP and HTTPS - meaning that one layer of protection alone against the threat is no longer sufficient. darkreading.com

How to thwart SIM swapping attacks?
Mobile Network Operators (MNOs), banks and authorities have already been collaborating to mitigate fraudulent SIM swapping. Banks can use an API provided by the MNOs to check whether a SIM swap has been recently performed. Banking institutions should consistently apply the EU regulations such as the Directive (EU) 2015/2366 (PSD2), and take advantage of the available technical solutions provided by the telecommunications operators.

MNOs should reinforce fraudulent SIM swapping detection and blocking mechanisms, by enhancing the internal processes to provide the customer with a preferably seamless experience. Also, they should provide regular cybersecurity awareness training for both their own and third-party employees to ensure they can recognise and appropriately deal with the SIM-swapping threat.

National authorities should encourage and enhance coordination between the MNOs and the banking sector. Cooperation with national Computer Security Incident Response Teams and law enforcement agencies should also be promoted. helpnetsecurity.com

Kronos Suffers Ransomware Attack, Expects Full Restoration to Take 'Weeks'

Volvo Confirms R&D Data Stolen in Breach
 

Amazon Under Investigation by OSHA
OSHA opens probe into deadly Amazon warehouse collapse in Illinois

OSHA is investigating a collapse at an Amazon warehouse in Edwardsville, Illinois.

The Occupational Safety and Health Administration is investigating a deadly collapse at an Amazon warehouse in Edwardsville, Illinois, an agency spokesperson said Monday. The collapse was caused by a tornado Friday that devastated the area.

Six workers were killed, one was injured and 45 people were rescued safely, Gov. J.B. Pritzker said in a press conference Saturday.

The twister was one of at least 30 tornadoes that left a path of destruction across several states, including Kentucky, where more than 60 people were confirmed dead.

The National Weather Service said a tornado touched down in Edwardsville at approximately 8:35 p.m. local time Friday. Walls on both sides of the warehouse collapsed inward, while the roof collapsed downward, Edwardsville Fire Chief James Whiteford said in a news conference Saturday.

Site leaders at the warehouse, known as DLI4, told employees on duty at the facility to take shelter around 8:16 p.m. local time, Amazon said. The tornado likely formed in the parking lot then rolled through the site, Amazon said.

OSHA has six months to complete its probe, issue citations and propose monetary penalties if violations of workplace safety and/or health regulations are found, OSHA spokesperson Scott Allen told CNBC in a statement. The agency has had compliance officers at the warehouse since Saturday to provide assistance, Allen said. cnbc.com

'Treated Like a Machine'
Amazon worker shares dystopian gameboard which monitors how hard staff are working

TikTok user says Amazon warehouse was 'worst job I've ever had' because of low pay and being 'treated like a machine'

A TikTok user shared what appeared to be a screen turning Amazon warehouse work into a kind of game. The video posted by @chutuo, which has garnered almost two million views, shows what seems to be a screen in an Amazon warehouse listing possible "achievements".

Other items on the list include "punctual" and "picking up speed". The item entitled "make history" urges workers to pick up one million products.

In a separate video posted on Sunday, TikTok user @couryeo wrote that working at Amazon was "the worst job I've ever had". The TikToker said she was "overworked" and "underpaid". She added that she was "treated like a machine" and that there was "no socializing at all".

One of the top comments on the video showing the "achievements" screen was that it was an example of the "gamification of underpaid work". independent.co.uk

Online delivery is unprofitable. Why are discount chains using it now?

Orange County, CA: Ekaterina Zharkova Accused of Stealing Over $300,000 in Merchandise From California Stores
California woman has been charged with grand theft after allegedly stealing a hefty amount of store merchandise. Ekaterina Zharkova, 38, of Costa Mesa, California, was arrested in November after allegedly stealing over $300,000 from stores around Orange County. According to reports, the alleged thefts occurred from October 7 to November 23, the day of her arrest. Zharkova was stealing items from designers such as Gucci, Prada and Jimmy Choo, she would steal accessories from retail stores, including TJ Maxx and Nordstrom in Costa Mesa, Fountain Valley, and Tustin, California. Zharkova was arrested after a member of the California Highway Patrol's Organized Retail Theft task force allegedly saw Zharkova shoplifting from a Nordstrom Rack. According to a report from KTLA, Zharkova had allegedly covered items with a coat and used a device that allegedly removed the security sensors on the products before walking out of the store. She was subsequently arrested but is currently out on $20,000 bond. dailymail.co.uk

Lakewood, WA: Workwear Employee Hailed For Stopping Theft In Progress, Gutsy move
A Lakewood retailer is celebrating one of its employees after she busted a thief has he tried to make off with hundreds of dollars of merchandise. Iconic Workware in Lakewood says it has suffered a string of recent thefts, totaling about $1,250 in lost merchandise and jackets. However, they could have lost a lot more, if not for the heroic actions of employee Gaby Gonzalez. In a shocking video shared by the store, Gaby recognizes that something fishy is going on. Owners say you can see as Gaby waits to strike, stopping the would-be thief in his tracks and securing the stolen goods. Unfortunately, the thief and his associate hit another iconic Workware store not much later, managing to make off with $900 more in stolen gear.
Unfortunately, the thief and his associate hit another iconic Workware store not much later, managing to make off with $900 more in stolen gear.  patch.com

Tamarac, FL: Cameras capture 3 women robbing Tamarac beauty supply store
A beauty supply store burglary was caught on camera in Tamarac. The crime happened on Sunday night at The Beauty Plug supply shop located at 6949 West Commercial Boulevard. Three women walked in the store, stole several items and pepper sprayed an employee. Cameras inside the store show one of the crooks was holding a child, and another appeared to be pregnant. The shop's owner told Local 10 News the three women walked inside, pepper sprayed her daughter, and then stole several wigs. Monday afternoon, a Broward Sheriff's Office detective came out to speak with the owner, and they are now looking into this case. local10.com

Yolo County, CA: Antioch men charged in organized retail theft spree at CVS, Walgreens stores
Yolo County prosecutors on Monday filed felony organized retail theft charges against two Antioch teens accused of stealing over $1,200 in merchandise from Walgreens and CVS stores in Woodland and Davis on the same day last week. Prosecutors in the complaint alleged Adams and Thompson drove to each store together on Dec. 9, placing merchandise in bags they brought with them and leaving without paying for the items. The defendants are accused of stealing $430 worth of merchandise from CVS in Woodland, $450 in merchandise from Walgreens in Woodland and $366 at CVS in Davis, according to the complaint. sacbee.com

Providence Man Pleads Guilty in Schemes That Defrauded Home Improvement Stores for $140k
A Providence man today admitted in federal court that he participated in a scheme that defrauded home improvement stores in Rhode Island and Massachusetts of more than $140,000, repeatedly purchasing construction tools and supplies using stolen credit and credit card information, announced United Sates Attorney Zachary A. Cunha.

Jose Brens, 40, pleaded guilty to an indictment charging him with conspiracy to commit access device fraud and seven counts of access device fraud.

Brens admitted to the court that he and others unlawfully obtained credit card information that was used to purchase tools and building products from at least six Home Depot and Lowes stores in Rhode Island and Massachusetts. Breen admitted that he defrauded Home Depot stores of $140,578. justice.gov

Columbus, OH: Police looking for 2 women accused of stealing $1,500 worth of Adidas clothing from Kohl's