D&D Daily Mobile Edition

The D&D Daily Mobile Edition
LP, AP & Cybersecurity's #1 News Source

1/10/23

D-Ddaily.net

ADT appoints Wayne Thorsen to Chief Business Officer role

ADT today announced the appointment of Wayne Thorsen to the newly created role of Executive Vice President and Chief Business Officer, effective immediately. Thorsen will be responsible for leading ADT’s product, innovation and new business development teams.

“Wayne is a seasoned executive who brings valuable experience in business development, strategic partnerships and product marketing and development,” said Jim DeVries, ADT President and CEO. “Wayne’s expertise will accelerate our strategy to sustainably grow our business and continue to attract strategic partners by showcasing ADT’s market leadership.”

Read more here

Cita Doyle, VP of Sales and Marketing for InstaKey Security Systems, Obtains LPCertified Credential

The Loss Prevention Foundation is pleased to recognize and congratulate the most recent LPF Board Member to obtain their LPCertified credential: Cita Doyle, LPC, LPQ, Vice President of Sales and Marketing for InstaKey Security Systems.

Certification is an investment that we make in ourselves, not simply a commitment to learning more but also to achieving a higher standard. Those that get certified have clearly demonstrated their devotion to their career, to the growth of the LP/AP profession, and to all LPC certified professionals. Congratulations, Cita!

Read more here

See All the Executives 'Moving Up' Here

Submit Your New Corporate Hires/Promotions or New Position

Webinar Coming Tomorrow

RLPSA+TPOP Workplace Violence Preparedness for Food Service Industry: The Importance of Situational Awareness

Jan 11, 2023 1:00 PM ET

This webinar, co-hosted by RLPSA and The Power of Preparedness (TPOP), will be led by William Flynn, TPOP's Co-founder and Chief Content Officer. Mr. Flynn is a former Principal Deputy Assistant Secretary of the Department of Homeland Security where he helped to nationalize the Run, Hide, Fight active shooter response methodology.

Mr. Flynn will provide a mini-workshop on two essential forms of training for employees: recognizing gunfire and situational awareness. A common mistake during active assailant attacks is assuming that gunfire is something else: firecrackers, popping balloons, or car noise. Recognizing gunfire and taking all similar noises seriously can buy time and save lives. Situational awareness is the practice of recognizing anomalous behavior and physical surroundings and knowing what to do in case of emergency.

For more information about The Power of Preparedness online training for verbal de-escalation and active shooter preparedness, and the RLPSA member discount, click here

Register here

Wireless Indoor Gunshot Detection Sensors
U.S. Patent and Trademark Office Issues Seventh Gunshot Detection Patent to Shooter Detection Systems

New patent awarded for cable-free (wireless) indoor gunshot detection sensors

Shooter Detection Systems (SDS), an Alarm.com (NASDAQ: ALRM) company and the world’s leading gunshot detection solutions provider, today announced the issuance by the USPTO of SDS’ seventh patent for its gunshot detection technology, Patent No. US 11,417,183 titled Cable-Free Gunshot Detection.

The patent describes the application of indoor gunshot detection sensors that use a cable-free device powered by a battery. The foundational concepts and designs in this patent are currently offered by SDS as their Guardian Wireless product, a dual mode acoustic and infrared gunshot detection sensor that has been on the market since 2019. This patent builds on earlier SDS patents, specifically US 10,657,800 B1 titled Gunshot Detection Within an Indoor Environment, which focused on techniques for privacy-centric gunshot detection in an indoor environment utilizing two-factor authentication. The Guardian Wireless product has allowed SDS to achieve commercial success by meeting its goal of lowering overall customer costs by as much as 40-60 percent via reductions in overall project infrastructure costs.

Read more here

The U.S. Crime Surge
The Retail Impact

NYC's Shoplifting Crisis is Destroying Businesses - Lawmakers Want Action
Lawmakers express outrage over NYC’s ‘revolving door’ shoplift crisis that’s killing local businesses
Lawmakers expressed outrage Monday over the shoplifting crisis that’s killing local businesses — including by calling for the return of 1990s-style law enforcement in the wake of complaints from nearly 4,000 grocers.

“It’s utterly ridiculous that a small subset of career criminals make up 30% of shoplifting arrests in 2022,” said City Councilman Robert Holden (D-Queens), citing alarming statistics that the NYPD revealed last week that 327 career crooks were busted a total of about 6,600 times.

“We can’t have this revolving door of criminality in our state — it’s time to dust off the successful tactics from the ’90s in New York City, which actually worked to reduce crime.”

Councilwoman Julie Menin (D-Manhattan), who chairs the Small Business Committee, also said she’s planning a joint hearing with the Public Safety Committee because “we urgently need solutions to address this issue.”

On Sunday, The Post exclusively reported that a new coalition of grocers was demanding a rollback of the state’s controversial, 2019 bail reform law to target “repeat theft offenders” and a new law so prosecutors can combine cases to charge a serial shoplifter with felony grand larceny instead of multiple misdemeanors.

The Collective Action to Protect our Stores group also wants retail workers covered by the same law that makes it a felony to assault cops, MTA workers and livery drivers.

State Senate Minority Leader Robert Ortt (R-Lockport) said he was “very confident” that his GOP conference “absolutely would support” the CAPS proposals “and maybe even additional ones.”

But “getting my colleagues across the aisle to enact a new crime -– I might be able to invent a new fusion power cell faster than that,” he said. nypost.com

NYC grocers want to stick a fork in serial supermarket shoplifters

Hochul expected to walk tightrope on bail reform in State of the State speech

Chicago Street Vendors Fighting Off Robbers
After a series of armed robberies of street vendors, Little Village residents organize to protect each other
Though street vendors are vulnerable to robberies because they are working alone and only with cash, most robberies reported over the years were sporadic. It wasn’t until early December when aldermen of Southwest Side neighborhoods, community leaders and the Chicago Police Department alerted the community to a recent string of armed robberies targeting vendors.

In Little Village, the tamaleros have taken the biggest hit, leaving them in fear and scaring away their clients.

Some of the vendors say they have been assaulted multiple times by the same group of armed and masked men in the weeks before Christmas. The group took their cash, sometimes their phones, and even the tamales, said Elizeth Arguelles, a community leader and organizer of the vendors in the area.

Vendors, their families and local leaders have held several community meetings over the past month, demanding more police officers patrol the 26th Street corridor in the early-morning hours to prevent more attacks. But the “crew is not enough,” said William Betancourt, commander of the 10th District, during one of the meetings.

During the community meeting, Betancourt said there isn’t enough staff to increase police presence in the 10th District during the early-morning hours. So vendors, their families and neighbors have galvanized to protect each other by lining up volunteers to patrol the streets from 4 a.m. until about 9 a.m., when the sun is up and the streets fill with pedestrians, said Kristian Armendariz, a community organizer with the Little Village Community Council. chicagotribune.com

Is Seattle's Crime Crisis Receding?
Seattle’s pandemic crime fever may finally be breaking
One of the most disturbing offshoots of the plague years has been the violent crime that rose up and raged in Seattle and many other cities and towns.

“It was the largest recorded increase in homicides in United States history,” one criminologist said, about how the social dislocation of the pandemic had triggered an abrupt rise in violence back in 2020.

In Seattle, murder shot up 47% in that first year, and then has stayed high, like it’s a new normal. By last summer, overall violent crime here reached a 25-year high. But is this unusual crime fever finally breaking — receding now as mysteriously as it settled in?

Crime peaked, we hope, last August. That month saw a record 11 homicides and the most violent crimes, 554, for one month in city history. Most of these were robberies or felony-level assaults, such as attacks involving a weapon (usually a gun).

Last fall, starting in October, something started to shift. For the fourth quarter of 2022, violent crimes dropped 18% compared to the fourth quarter of 2021. According to Seattle police records, December saw the fewest acts of violence reported in the city going back nearly three years, to March 2020, when the coronavirus first upended everything.

Property crime data isn’t as reliable, because so much of it goes unreported, Diaz said. But that too is falling. Total crime in Seattle, after looking like a chart from hell for two years, has dropped enough in the past few months that it now may be trending back toward pre-pandemic levels.

There’s no way to know right now what’s going on with these shifts, whether they are unique to Seattle, or whether they’ll last, said Jacqueline Helfgott, director of Seattle University’s Crime and Justice Research Center. She had proposed an empirical study with Seattle police to explore the root causes of the city’s crime surge, but they didn’t have the bandwidth for it. seattletimes.com

Robberies Down But Burglaries Up In Detroit
Detroit sees decline in overall violent crime in 2022; 'We're certainly not bragging,’ police chief says

Detroit saw one more murder in 2022 than it did in the prior year, while non-fatal shootings were down, police said

Violent crime decreased in Detroit last year but the city's top cop on Monday issued a warning about taking a victory lap.

Citywide, Detroit saw an 11% reduction in violent crime in 2022 compared to 2021, according to police data. Robberies were down 7%, rapes down 15% and aggravated assaults declined by 11%, according to preliminary police figures.

Non-fatal shootings were also down 10%, officials said. Homicides were slightly up from 308 in 2021 to 309 last year. White also said the city has seen an increase in crime committed by underage offenders.

Despite the good news, carjackings increased by 21%, according to police figures. Property offenses like burglaries and stolen vehicles were also up. White the police department will focus on getting abandoned vehicles off streets, finding unlicensed businesses and identifying dangerous buildings. foxnews.com

Retail Shootings & Violence Becoming More Common?
Survey: Ready for the Next Crisis? We Want to Hear From You

Progressive Grocer surveying the industry on crisis communications and preparedness

The time to prepare for the next crisis is before the next crisis actually happens. In 2023 and beyond, business survival will require pivoting at lightning speed and rapidly adjusting to whatever new crisis comes our way, one that may involve a mass shooting, attacks on energy facilities, or workplace violence.

Before 2017, there was just one mass shooting at a grocery store in the United States, according to The Violence Project, a nonpartisan research center, and CNN.

In the last three years, however, shooters have killed five people at a kosher market in Jersey City, N.J.; two people at a Publix in Palm Beach, Fla.; 23 people at a Walmart in El Paso, Texas; 10 people at a King Soopers in Boulder, Colo.; 10 people at a Tops market in Buffalo; and six people at a Walmart in Virginia.

Over the 2022 holidays, at least five people died in grocery store shootings.

While it would be impossible to predict or stop every disaster, Progressive Grocer wants to help grocers take a longer view when it comes to crisis management, and specifically crisis communications. That's why we are taking the temperature of the industry on crisis management and communications, as we look to create crisis-related content essential to this essential industry.

Click here to take the survey: progressivegrocer.com

New Orleans closes 2022 with sky-high homicide rate not seen in decades

Seattle PD lost 153 police officers in 2022, over 500 since defunding

Preventing Workplace Violence: Early Identification and Intervention Go a Long Way

COVID Update

665M Vaccinations Given

US: 103.1M Cases - 1.1M Dead - 100M Recovered
Worldwide: 668.9M Cases - 6.7M Dead - 640.2M Recovered

Private Industry Security Guard Deaths: 362
Law Enforcement Officer Deaths: 828

COVID Wave Fueled by New Variant?
New variant XBB.1.5 is ‘most transmissible’ yet, could fuel covid wave
Three years after the novel coronavirus emerged, a new variant, XBB.1.5, is quickly becoming the dominant strain in parts of the United States because of a potent mix of mutations that makes it easier to spread broadly, including among those who have been previously infected or vaccinated.

XBB.1.5, pegged by the World Health Organization as “the most transmissible” descendant yet of the omicron variant, rose from barely 2 percent of U.S. cases at the start of December to more than 27 percent the first week of January, according to new estimates by the Centers for Disease Control and Prevention.

More than 70 percent of cases in the Northeast are believed to be XBB.1.5. While there is no evidence so far that XBB.1.5 is more virulent than its predecessors, a recent swirl of misinformation linking the rise of new variants to vaccination has cast a spotlight on this latest strain and raised concern among some health experts that it could further limit booster uptake. washingtonpost.com

How the New Variant Threatens the Workforce
‘Kraken’ COVID-19 Variant Threatens U.S. Workforce
With the rapid rise of a new variant of COVID-19, nicknamed "Kraken," employers should take precautionary measures in their workforces to prevent outbreaks—even though many employees are tired of thinking about COVID-19.

Employers should continue to re-evaluate their pandemic plans in light of both COVID-19 and influenza, Levin-Scherz said. "This year has been an especially bad year for the flu," he said, noting that employers can encourage employees to get their annual flu shot and COVID-19 bivalent booster.

"Employers will meet with great resistance if they start requiring employees to wear masks again in the workplace," Robertson said. "It feels that much of America has moved on from feeling that COVID-19 warrants special safety measures."

Companies need to be aware of the general sentiment of their employees, whether that's heightened anxiety around an uptick in cases or a sense of having heard enough about COVID-19, according to Amory McAndrew, an attorney with Hoguet Newman Regal & Kenney in New York City. Being cognizant of workplace mentality is important for successful employer-employee relationships and can guide how to plan throughout the endemic states of COVID-19, she added. shrm.org

Post-COVID Remote Work Has Become a Workplace Staple
Remote work popular 3 years after COVID-19 forced workers online
In 2020, workplaces across the country went online after the onset of the COVID-19 pandemic. Employees were patched together by networks of phone calls, texts, virtual meetings and online messaging. More than two and a half years later, remote work remains a staple of the modern workplace. What began as a necessity has slowly become a popular choice — one that some still favor over in-person work.

According to the Pew Research Center, 61% of U.S. workers work from home because they prefer it, not because their workplace is closed. This data was taken from a sample of nearly 6,000 Americans, and this trend is reflected in Ingham County.

Pew found that 64% of employees who did not work remotely before the pandemic but do now, say it’s easier to balance work and their personal life. news.jrn.msu.edu

90% of people in China province Henan infected with COVID: official
China’s third-most populous province. With 88.5 million people testing positive for COVID.

How do I avoid catching COVID while flying in 2023?

The Hayes Report on Loss Prevention
Quarterly - Winter 2022-2023 - Vol. 38 No. 1

Topics: Store's Shrinkage Control Plan-of-Action - Climate of Honesty - Employee Theft Prevention Tips - Organized Retail Crime - The Bulletin Board

Mark Doyle Talks ---
Here Comes 2023 - Are You Ready?

Can you believe another year has already passed and 2023 is upon us? I think this coming year will present the Loss Prevention/Asset Protection and Safety industries with more than enough challenges. Top Management will look towards their LP/AP and Safety teams to better control losses and increase their companies’ bottom-line profits. Definitely not an easy task, however, with the top-notch professionals heading up the LP/AP and Safety departments in many retailers, I think we are up for the challenge.

Hopefully, you have already decided how you are going to attack shrink in 2023 based on past experiences, and current shrink losses. I highly recommend a targeted approach attacking your highest loss stores, departments, and products and not a shot-gun approach just hoping for better results. Let’s all work together to make 2023 a safe, secure and successful year!

Click here to read the full newsletter

SEC Crackdown - Holding Top Executives Accountable

McD's Former CEO Pays $400K SEC Fine - Gets Barred 5 Yrs. - Returns $105M
SEC Charges Ex-McDonald’s CEO With Misleading Statements Over His Firing
Former McDonald’s Corp. Chief Executive Steve Easterbrook agreed to a five-year bar from serving as an officer or director of a public company, to resolve a regulatory investigation over allegedly misleading statements he made about having sexual relationships with employees.

Mr. Easterbrook also agreed to pay a $400,000 fine without admitting or denying the Securities and Exchange Commission’s fraud claims against him, the agency said Monday. McDonald’s also agreed to settle the SEC’s investigation of its conduct, which stemmed from how it described Mr. Easterbrook’s separation from the company in an annual proxy statement for shareholders.

Mr. Easterbrook led McDonald’s from 2015 until he was fired by the company in 2019, when McDonald’s said that Mr. Easterbrook had violated company policy on personal conduct because of a consensual relationship with an employee.

The SEC said Monday that Mr. Easterbrook told McDonald’s outside counsel in October 2019 that he hadn’t engaged in any physical or nonphysical sexual relationships with other company employees, assertions that the company had said its internal probe later disproved. The agency said that Mr. Easterbrook also withheld potentially relevant information from McDonald’s in the course of its investigation.

In a statement Monday, McDonald’s said, “The SEC’s order reinforces what we have previously said: McDonald’s held Steve Easterbrook accountable for his misconduct. We fired him, and then sued him upon learning that he lied about his behavior.”

The SEC’s action against Mr. Easterbrook highlights the agency’s increased focus on executive pay and related disclosures to shareholders. The agency has ramped up efforts over the past year to recover executive pay in cases of alleged accounting violations, while pushing public companies to claw back executive incentive payments if significant financial errors are found.

Some employees said that they grew uncomfortable with McDonald’s corporate culture under Mr. Easterbrook, as he and other company executives socialized in and outside the company. After Mr. Easterbrook’s ouster, incoming CEO Chris Kempczinski pledged to improve the company’s working environment and renew its values.

In July 2020, an internal investigation by McDonald’s revealed that Mr. Easterbrook had engaged in additional improper relationships with McDonald’s employees and didn’t disclose them to the company, according to the SEC.

In December 2021, Mr. Easterbrook agreed to return compensation to McDonald’s that was valued at more than $105 million at the time to settle the lawsuit. wsj.com businessinsider.com

New Year, New Security Challenges
Top security career challenges for 2023

The year ahead will bring a new set of challenges for security leaders, from the return to office shift to the hardening job market.

The state of the global economy is already affecting many organizations that hire security professionals. Restructuring is underway and will almost certainly impact one or more aspects of your job. Here are some of the top security career challenges you will face in the new year together, along with some ideas of how to manage and conquer them.

RETURN TO THE OFFICE VS. REMOTE WORK.

A large number of security jobs are hands-on, and that makes remote work impractical to begin with. As companies continue to bring more of their teams back into office workspaces, new challenges will exist for security, safety and risk management practitioners. In addition to managing your own return to the office, you will likely find yourself responsible for securing assets and individuals that are substantially more geographically dispersed than in the past.

LESS SECURITY JOBS ARE AVAILABLE.

Companies continue to aggressively compete for certain security specialty areas, such as technical and clearance roles. Others are inundated with candidates and have begun to pull back on hiring incentives such as sign-on bonuses. The number of positions will continue to be in flux as financial and other instabilities affect organizations.

STREAMLINED DEPARTMENTS WITH ADDITIONAL RESPONSIBILITIES PREVIOUSLY NOT UNDER THE SAME UMBRELLA securitymagazine.com

Mass evacuations in Montecito as storm pounds L.A. with intense rain, flooding
A powerful winter storm barreled into Southern California on Monday, forcing the mass evacuation of Montecito and other communities exactly five years after mudslides in the same area left 23 people dead.

Pounding rain wreaked havoc throughout the coastal counties north of Los Angeles, bringing flooding, road closures and tragedy, including the death of a motorist who entered a flooded roadway and the presumed death of a 5-year-old boy who was swept away by floodwaters in San Luis Obispo County.

The storm, which was expected to move through Los Angeles, Orange and other southern counties through Tuesday, dumped more than 16 inches of rain in some mountain areas Monday and prompted pleas for people to stay indoors. latimes.com

Biden declares emergency for California due to winter storms
U.S. President Joe Biden approved an emergency declaration for California after a week of storms killed at least 12 people in the past 10 days and knocked out power for hundreds of thousands of homes and businesses in the state.

Delta combines airport face biometrics, in-flight personalization in integrated platform

Disney CEO Bob Iger orders employees back to office 4 days per week

Bed Bath & Beyond Q3 sales down 33% - closing 150 stores & possible bankruptcy looms

VR Training for Ensured Safety and Knowledge Retention

UK: December sales bounce due to price rises not shopping sprees

Peloton will pay a $19 million penalty for failing to act fast enough over treadmill incidents that included the death of a 6-year-old child

Quarterly Results

Bed Bath & Beyond Q3 comp's down 32%, Digital down 33%, net sales down 33%

All the News - One Place - One Source - One Time

Thanks to our sponsors/partners - Take the time to thank them as well please. If it wasn't for them The Daily wouldn't be here every day for you.

Retail & Hospitality ISAC and National Retail Federation Partner to Enhance Cybersecurity in the Retail Industry

WASHINGTON – The National Retail Federation (NRF) and the Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today announced a new collaboration to strengthen their collective efforts to improve cybersecurity within the retail and related consumer-facing sectors. This partnership will bring together RH-ISAC’s expertise in cybersecurity and threat intelligence with the resources and advocacy of NRF, the world’s largest retail trade association.

Through this partnership, the RH-ISAC and NRF will deepen their collaboration to provide retailers with the tools and resources they need to protect their businesses and customers from cyber threats. This includes sharing intelligence, curating relevant cybersecurity content at the other’s annual conferences and other events, planning virtual cyber threat exercises, and developing educational resources. Additionally, the organizations will collaborate on benchmark and research reports and coordinate their engagement with government agencies and other industry stakeholders in support of the retail sector’s cybersecurity priorities.

As part of this agreement, NRF will end-date its cyber threat-sharing portal, the NRF Cyber Risk Exchange, and its members will be able to migrate to the RH-ISAC’s cyber threat-sharing systems and working groups. At the same time, the RH-ISAC’s members will participate in NRF’s cybersecurity-related policy, regulatory and risk management-focused programs and activities, including those developed for non-technology retail executives.

Read more here

2023 State Privacy Law Tracker Released
Comprehensive Resource for Tracking U.S. Consumer Data Privacy Legislation

Update your bookmark, the 2023 State Privacy Law Tracker has been released.

With state legislatures starting to open for the 2023 session, lawmakers are already introducing CCPA-like consumer privacy bills.

For the third year in a row we will identify the states that are considering legislation and provide helpful links to the bills and our blog posts analyzing them.

Bookmark the page and use it as a resource. As in prior years, we will update it as more bills are filed.

Our interactive map tracks privacy legislation and provides links to resources and information related to active states. Click the states to learn more and if you have questions, contact David Stauss.

If you would like to receive updates on these bills and other privacy news, please subscribe to our privacy blog here. To review prior years' state privacy legislation, visit our 2021 State Privacy Law Tracker and our 2022 State Privacy Law Tracker. huschblackwell.com bytebacklaw.com

New Nation-State Adversary Legalizes Piracy - IP Theft & Importing Stolen Goods
Just What We Need - Another Safe Haven for Hackers & Organized Crime

Russia Ally Belarus Legalizes Pirating Media From 'Unfriendly' Nations

Pirating software, music, and movies from the West is now legal in Belarus following sanctions over its support of the Ukraine invasion.

The government of Belarus, which has remained an ally of Russia throughout the invasion of Ukraine, has temporarily legalized the piracy of media and intellectual property from "unfriendly" nations.

The law, which is dated January 3 on pravo.by—Belarus' national portal for legal decisions—was passed by the government in late December and will remain in force until the end of 2024. It effectively legalizes the internet piracy of digital goods including computer software, movies, and music, if the rights holder resides in "foreign states that commit unfriendly actions against Belarusian legal entities and (or) individuals."

Specifically, the law authorizes the use of foreign media and IP products within Belarus from countries that have sanctioned it without the permission of rights holders. The law states that the government will still collect royalties for the use of that material, but the royalties will be held by the patent authority. If the rights holders don't collect the royalties within three years—unlikely for companies barred by law from doing business in Belarus—the funds will be absorbed by the government budget.

The law also covers physical goods, and authorizes the import of certain goods without the consent of rights holders in order to avoid "a critical shortage in the domestic market of food and other products." vice.com

Is Your Incident Response Plan Ready for This Year?
How to improve your incident response plan for 2023
What are the attack vectors most popular with threat actors today? The 2022 Unit 42 Incident Response Report found that business email compromise (BEC) and ransomware attacks are widespread, collectively making up 70% of cases handled by the Unit 42 Incident Response team. Specifically, the top three access vectors for threat actors are phishing, software vulnerability exploitation, and brute-force credential attacks.

Promote awareness of your IR plan and playbook

Many organizations are confident in the existence of their incident response plan (IRP), but they are often not entirely sure what to do with it. A threat-specific IR playbook can offer easily accessible guidance during the chaos of incident response and is a vital element of an IR plan.

Evolve your IR plan as you adopt new technology

Technology is quickly advancing and changing, there are shifts in business operations and changes involving personnel and roles. As these shifts happen, your IR plan must be fine-tuned. For instance, you open your organization to new threats when you move data or workloads to the cloud. As a result, you’ll need to adapt your IR plan to address cloud-specific threats.

Test your plan proactively, before you need it

Testing your IR plan can help you find out about flaws before a threat actor helps the team to test it. By practicing, members of the team will be more liable to know exactly what to do and where to turn in the event of a real incident. helpnetsecurity.com

Mitigation Alone Isn't a Solution
Rackspace Ransomware Incident Highlights Risks of Relying on Mitigation Alone

Organizations often defer patching because of business disruption fears — but that didn't work out very well for Rackspace's Hosted Exchange service.

The recent ransomware incident at Rackspace that took down the company's hosted Microsoft Exchange server environment has focused attention on the often-risky gamble that security teams take when choosing to mitigate a vulnerability — rather than apply a patch for it.

Last week, Rackspace disclosed that a Dec. 2 intrusion into the hosting company's Exchange server service environment resulted from its decision to hold off on applying a patch for a server-side request forgery (SSRF) vulnerability in Exchange Server (CVE-2022-41080) that Microsoft had patched in November. The vulnerability, when chained with another previously disclosed remote code execution (RCE) flaw in Exchange Server — tracked as CVE-2022-41082 — gives attackers a way to take complete control of affected servers.

According to Rackspace's chief security officer, Karen O'Reilly-Smith, the company held off on applying the patch for the SSRF flaw over concerns that it would cause disruptive authentication errors. Instead, Rackspace decided to apply a mitigation measure that Microsoft had issued for the vulnerability thinking it would be an effective measure. O'Reilly-Smith said that Microsoft's notes on CVE-2022-41080 merely described it as a privilege escalation vulnerability and made no mention of the fact that it was part of an RCE chain. darkreading.com

Attackers Are Already Exploiting ChatGPT to Write Malicious Code
The AI-based chatbot is allowing bad actors with no coding experience to develop malware.

Why FIDO and passwordless authentication is the future

'Copyright Infringement' Lure Used for Facebook Credential Harvesting

Report Phishing and Spam Emails

You can make a difference! Reporting a phishing or spam email does more than just remove it from your inbox - it helps your email provider be better at recognizing what is and isn't spam in the future. So, make sure to report all of those pesky emails in the future. The more you do it, the better your email provider will get.

Fallout Continues from Latest Amazon Fatality
‘Lack of respect’: outcry over Amazon employee’s death on warehouse floor

Work carried on as usual in the facility as workers were not informed of colleague’s death even as the body lay on the floor

On the morning of 27 December 2022 at the Amazon DEN4 warehouse in Colorado Springs, Colorado, 61-year-old Rick Jacobs died on the job after experiencing a cardiac event, right before a shift change. What happened next has angered his former colleagues.

Witnesses say a makeshift barrier around the deceased worker using large cardboard bins was used to block off the area on the outbound shipping dock where the incident occurred, and workers criticized the response and lack of transparency about the incident. Amazon denied boxes were used to cordon off the area, but said managers stood around to make sure no one came near for privacy and security.

As workers arrived for their day shift, they say they were not notified about what was going on and continued working as usual while a deceased colleague remained in the facility and emergency responders awaited the arrival of a coroner.

“Finding out what had happened after walking through there had made me feel very uncomfortable, as there is a blatant disregard of human emotions at this facility. Management could have released those employees affected by offering [voluntary time off], so that they did not need to use their own time, but nope, that did not happen,” said an Amazon employee at the warehouse who works the day shift. They requested to remain anonymous for fear of retaliation.

“No one should have been told to work alongside a dead body, particularly after witnessing it. Day shift comes in at 7am or 7.30am, and we were never informed until we arrived to where it had occurred. No warnings before walking into the building. No on-site counselor. Simply a flyer put out days later informing us of how to receive mental health counseling.”

In a phone call, an Amazon spokesperson said Health Insurance Portability and Accountability Act (HIPAA) laws and privacy concerns for the family of the deceased meant the company was not able to disclose details about the individual or the incident. They disputed claims that anyone was working near the body or that boxes were used to cordon off the area. theguardian.com

Walmart Directly Competing with Amazon with Drone Program
Walmart flew over 6,000 successful drone deliveries in 2022

Walmart is achieving some positive results with its drone delivery program.

According to the discount giant, it completed more than 6,000 deliveries via drone during 2022, within 30 minutes or less after the customer placed their order. Thirty-six Walmart stores located across the states of Arizona, Arkansas, Florida, South Carolina, Texas, Utah and Virginia, have drone delivery hubs operated by drone providers DroneUp (Walmart made an unspecified investment in DroneUp in June 2021), Flytrex, and Zipline.

Walmart says that 85% of the items sold in one of its Neighborhood Market stores meet the weight and volume requirements for drone delivery. Top-selling items for drone delivery orders include cookies, ice cream, bags of lemons, rotisserie-cooked chickens, and paper towels.

Looking ahead, Walmart plans to use its U.S. base of 4,700 stores located within 90% of the country’s population to offer drone delivery services at scale. In a recent survey from route optimization software provider Circuit, Walmart was named the most trusted company for automated and drone-based food deliveries, as well as second-most trusted overall provider of automated and drone-based deliveries, behind Amazon. chainstoreage.com

How the BNPL risk landscape impacts e-commerce growth

Morphe closes US stores to focus on wholesale, e-commerce

Stamford, CT: New York woman charged in alleged retail theft ring targeting Victoria's Secret stores
A New York woman was arrested last week on charges connected to an alleged retail theft ring that struck Victoria’s Secret stores across the state for nearly $29,000 worth of goods, according to an arrest warrant. Ezzria Figeroux, 21, of Brooklyn, was charged with second-degree larceny and conspiracy to commit second-degree larceny following a reported theft of nearly $13,000 worth of merchandise from a Stamford Victoria’s Secret last spring. Stamford police officer William Moore writes in an arrest warrant that police responded to the Victoria’s Secret at the Stamford Town Center, 100 Grey Rock Place, on May 9 on reports of a shoplifting incident involving five individuals. According to the warrant, five people, each carrying a duffel bag, entered the retail store around 2:15 p.m. that day and began filling the bags with clothing. stamfordadvocate.com

Putnam County, NY: ‘Felony Lane’ ID Theft Ring Targeted Putnam County
Putnam County was one of the targets of a national gang of criminals who traveled across the country breaking into cars, often choosing those parked by women at locations such as health and fitness centers, daycares, outdoor recreational parks, and dog parks, according to federal prosecutors and 14 New York law enforcement agencies including the Putnam County Sheriff's Office. Between 2015 and 2020, members of the conspiracy stole debit cards, credit cards, checkbooks, and photo identifications in these “smash-and-grab” vehicle thefts, and they used these stolen items to commit bank fraud by recruiting women to impersonate the smash-and-grab victims in drive-through bank lanes and cash checks. The recruited check-cashers almost always suffered from an addiction to controlled substances and were provided payment at least partially in narcotics, prosecutors said. Two leaders of the "Felony Lane Gang" — Joshua Mallory, 37, and Gary Grier, 36, of Fort Lauderdale, Florida — pleaded guilty the first week in January in federal court in Syracuse to conspiracy to commit bank fraud and aggravated identity theft. patch.com

Pueblo, CO: Armed 4x Felon shoplifts at Kohl’s, cited for theft and released
The Pueblo Police Department (PPD) said a man who was seen shoplifting at a Pueblo Kohl’s while carrying a gun was cited and released for theft, despite being a 4-time convicted felon. PPD said due to new laws regarding Possession of a Weapon by a Previous Offender (POWPO) and theft, the suspect could not be charged with POWPO and instead was only cited for theft and released. According to PPD, just before 4 p.m. on Saturday, Jan. 7, officers were on patrol in the area of the North Elizabeth Street Kohl’s store when they were informed of a man actively shoplifting. When officers arrived at the store, the loss prevention employees told them there was a Hispanic man carrying a holster on his right hip. Loss prevention also said the man was in the fitting rooms hiding stolen items in a bag. Officers then witnessed the man walk out of the store with the bag full of items, without paying. The man, identified as William Padilla, was taken into custody without incident. Padilla admitted to officers that he was a convicted felon, and through further investigation, Padilla was found to have been convicted of four past felonies. He is prohibited from being in possession of a gun due to those convictions. However, due to new laws regarding POWPO arrests, Padilla was cited for theft and released. He was not booked into the Pueblo County Jail on any charges. fox21news.com

Evans, GA: Perfume pilferer strikes again at Ulta store
A woman who’s stolen thousands of dollars in perfume from Ulta Beauty has added to her loot, Columbia County deputies believe. Her latest visit took place Thursday at the store in the Mullins Crossing shopping center. An employee recognized her as a suspect in previous shoplifting incidents and watched her on the store security system, deputies said. The employee said the woman stashed six bottles of perfume totaling $733 in her purse. Deputies believe she’s the same woman who earlier got away with more than $1,000 worth of perfume from the store at 4217 Washington Road. On Nov. 23, she took six bottles of assorted perfumes, according to deputies. Then she came back Nov. 30 and took 10 bottles. On Dec. 16, she took six more bottles, deputies said. wrdw.com

Gilroy, CA: 3 suspects wanted for stealing $2k of merchandise from Tommy Hilfiger
The Gilroy Police Department is searching for three people accused of stealing $2,000 worth of merchandise from a Tommy Hilfiger outlet, it announced on Facebook. One suspect is also accused of striking a store employee. Firefighter from Alameda County arrested on Ramey warrant for possessing child pornography Police said the suspects entered the store at about 5:30 p.m. on Saturday. According to GPD, they loaded up bags with store merchandise and left without paying. Store employees took pictures of the suspects while they were leaving before, and police said one employee was struck and knocked to the ground. msn.com

Brantford, Ontario, Canada: $80,000 Of Graded Comics Stolen From Canadian Comic Store
CaptCan Comics of Brantford, Ontario, in Canada, posted the sad news on social media earlier today that they had been the victims of a smash and grab. They posted the news as well as what had been taken from their graded comics, in case anyone tries to sell you something like the following job lot. "Alrighty, at about 12:45am this morning, someone took a saw to our front door and busted in, stealing $74,350 in Graded Comic Books inside of a 45 second shopping spree. No one was here, and we are all physically okay – we just need a new door! bleedingcool.com

Hopkinsville, KY: Police Investigate $3,000 Theft From Ulta
Several health and beauty items were reportedly stolen from Ulta on Fort Campbell Boulevard Saturday afternoon. Hopkinsville Police say cologne, perfumes, and makeup valued at $3,041 were taken from the business. No arrest has been made but the report lists the charge as theft by unlawful taking. wkdzradio.com

Oak Ridge, TN: Oak Ridge Police investigating theft of $3,000 in ‘Magic’ cards
Someone broke out the glass door of Turn 1 Gaming in Oak Ridge to gain entry to the business and then smashed a glass display case. The thief or thieves stole approximately $3000 worth of “Magic: The Gathering” cards. wyshradio.com

Clifton Park, NY: Man accused of stealing from multiple Target store locations
State Police say they have arrested a Brunswick man, accused of stealing from multiple Target stores. Investigators say back on November 30th, Troopers responded to a Target in Clifton Park for reports of thefts from that location on November 25th and 27th. 46-year-old Pasquale Zucaro was arrested, charged with grand larceny and petit larceny. cbs6albany.com

Cleveland, OH: Walmart Customer Caught Trying To Steal Suitcase Full of Meat; his 70th Arrest

Salina, KS: HEYDUDE! Shoe store reports theft of 175 pairs of shoes, valued at over $5000

View ORC Archives

Case Goes Public?
Share it with the industry

Submit your ORC Association News

Visit ORC
Resource Center

Shootings & Deaths

Houston, TX: 1 dead, innocent bystander injured in shooting at liquor store
An investigation is underway after a man was killed and another man was injured during a shooting at a liquor store in Houston’s Third Ward Monday, officers with the Houston Police Department said. Police received reports about a shooting at a liquor store located at 3341 Winbern around 7:15 p.m. When officers arrived at the scene, they found two men that had been shot. Both men were transported to the hospital, where one of them died. According to HPD, two men got into an altercation outside of the store, which then moved inside. During the fight, police said the suspect pulled out a weapon and began firing at a man, striking him and an innocent bystander who was trying to break up the fight in the store. Police said both men were transported to the hospital. The man that the suspect was arguing with later died from his injuries, officers said. click2houston.com

Santa Ana, CA: Update: Accomplice sentenced to 7 years in prison for deadly 7-Eleven crime spree across SoCal
A 44-year-old Los Angeles man pleaded guilty Monday and was sentenced to seven years in prison for his role in a series of robberies at 7-Elevens stores in Southern California last summer. Jason Payne pleaded guilty to three felony counts of robbery and one felony count of attempted robbery, according to the Orange County District Attorney's Office. Prosecutors say Payne never actually entered the stores, but was an accomplice to Malik Patt, 20. Patt, who is yet to stand trial, is accused of murdering three people in the course of the robberies. The crime spree allegedly began July 9, 2022, with the killing of a homeless man in the 16100 block of Parthenia Street, near Woodley Avenue, in North Hills. That killing happened about 200 yards from a 7-Eleven store that was robbed later that day. abc7.com

UK: Scotland: Two women charged with culpable homicide after Scots Security Guard ‘dies of heart attack’
Two women have appeared in court charged with culpable homicide after a security guard died at a Scots department store. Emergency services were called to the scene at Rejects on St Clair Street in Kirkcaldy, Fife, at around 12.20pm on Friday following reports that an employee had ‘fallen unwell’. A 62-year-old man was pronounced dead a short time later with his death being treated as ‘unexplained’ by investigators. It is understood that he suffered a heart attack after an alleged ‘altercation’. dailyrecord.co.uk

Edina, MN: Mall Shooting: At least one person has been wounded in shooting at Southdale Center
The shooting inside Southdale Center in Edina occurred just after noon Monday, the Minneapolis Star Tribune reported. Edina city spokesperson Lauren Siebenaler said officers located blood inside the mall but haven’t found whoever was hit. She said the discharge appears to have been accidental. Police Chief Todd Milburn said someone fired a shot in the mall floor, was wounded and ran to a waiting car. Officers are searching for two people in connection with the incident, he said. At least one person has been wounded in another shooting at a Minnesota mall. The shooting inside Southdale Center in Edina occurred just after noon Monday, the Minneapolis Star Tribune reported. Edina city spokesperson Lauren Siebenaler said officers located blood inside the mall but haven’t found whoever was hit. She said the discharge appears to have been accidental. Police Chief Todd Milburn said someone fired a shot in the mall floor, was wounded and ran to a waiting car. Officers are searching for two people in connection with the incident. tulsaworld.com

Atlanta, GA: Increased security measures at Perimeter Mall after dispute leads to shooting

Robberies, Incidents & Thefts

Anchorage, AK: 5th Avenue Mall employee stabbed while trying to stop shoplifter
A mall employee was stabbed on Saturday evening while trying to prevent a thief from leaving the 5th Avenue Mall. According to the Anchorage Police Department, police were informed just before 6 p.m. of the stabbing, in which a man headed for the exit of the Sunglass Hut store in the mall without providing payment for merchandise. “An adult male employee intercepted the shoplifter, and the two got into a physical altercation wherein the suspect stabbed the employee in the upper body,” police wrote in an email on Monday morning. “Afterwards the suspect immediately ran out of the store.” Police say Anchorage Fire Department medics responded to the scene to treat the victim, who was later treated at the hospital for non-life-threatening injuries. Police say no arrests have been made and that the investigation is ongoing. alaskasnewssource.com

Portersville, CA: Shoplifting Arrest of suspect leads to 2 officers being exposed to fentanyl
Porterville Police stated the response to a report of shoplifting led to a suspect being arrested for possession of a controlled substance and two officers being exposed to fentanyl. Wesley Dale Long, 41, of Bakersfield was arrested. On Saturday at approximately 2:30 p.m., Porterville Police Officers responded to a business located in the 1300 block of West Henderson Avenue regarding a shoplifter. Upon arrival, loss prevention agents identified Long as the suspect. He was detained by the responding officers without incident. He was found to be in possession of stolen items from the business. He was also found to be in possession of several identifications cards and credit cards that didn't belong to him. While searching his belongings, officers located three small bindles, which were believed to contain a controlled substance. Shortly after recovering the substance, two officers began to feel ill and had symptoms consistent with fentanyl exposure. Both officers were transported to a local hospital for treatment. They were both stabilized and later released. recorderonline.com

Huber Heights, OH: Police, USPS investigate following robbery of another mail carrier

None to report.

Submit Your New Hires/Promotions
or New Position
See all the Industry Movement

Feature Your Job Here For 30 Days -
70% Aren't On The Boards
Post your job listing

Featured Job Spotlights

An Industry Obligation - Staffing
'Best in Class' Teams

Every one has a role to play in building an industry.
Filled your job? Any good candidates left over?
Help your colleagues - your industry - Build 'Best in Class' teams.

Refer the Best & Build the Best
Quality - Diversity - Industry Obligation

Regional Asset Protection and Safety Manager (UK)
London, UK - posted January 3

Responsible for ensuring application of Environmental, Health & Safety (EHS), occupational safety, and loss prevention programs and policies at the store, region, and cross-regional levels. Works with the Team Leaders and Team Members to ensure education, communication, and understanding of safety and loss prevention policies, including how safety and asset protection contributes to profitability and business success...

Manager of Asset Protection & Safety Operations
Woodcliff Lake, NJ - posted December 9

The Manager of Asset Protection & Safety Operations is responsible for the physical security, safety compliance and reduction of shrinkage for Party City Holdings, by successfully managing Asset Protection (AP) Safety programs for all PCHI locations...

Loss Prevention Auditor and Fraud Detection Analyst
Boston – Framingham, MA - posted December 2

As a Loss Prevention Auditor and Fraud Detection Analyst for Staples, you will conduct LP operational field audits remote, virtual and in person, within a base of 60 retail stores to ensure compliance to operational standards to drive operational excellence and preserve profitability...

District Asset Protection Manager
Phoenix, AZ - posted November 17

As the District Asset Protection Manager you will lead administration of Asset Protection programs and training for an assigned district in order to drive sales, profits, and a customer service culture. Oversees Asset Protection Programs by providing leadership and guidance to Asset Protection teams and General Managers on methods to successfully execute programs in stores...

Asset Protection Associate
Riverhead, NY - posted November 4

The Asset Protection Associate (APA) is responsible for the detection, apprehension, or deterrence of customer and associate activity that could result in a loss to Ralph Lauren. APAs are also responsible for ensuring a safe environment for all customers, associates, and vendors. APAs promote and monitor compliance to Polo Ralph Lauren policies and procedures related to theft prevention, safety, and inventory control...

Featured Jobs

View Featured Jobs | Post Your Job

Finding the right network into a company is critical if one expects to truly be able to compete in this job market. Going beyond the HR executives and finding the hiring managers and other decision makers and being able to communicate with them or have your network of colleagues communicate with them is important. Managing those communications is no easy task and ensuring that the information is handled correctly and expediently can be delicate.

Just a Thought,
Gus

Post Your Tip or Advice!
(content subject to approval)

NRF Big Show 2023
January 15-17, 2023

RFID in Retail/Apparel 2023
February 7, 2023

FMI AP & Grocery Resilience Conference
March 19-23, 2023

Retail Secure Conference
March 21, 2023

RLPSA Conference
April 2-5, 2023

2023 ISCPO Conference
April 11-13, 2023

RILA AP Conference
April 30-May 3

NRF PROTECT 2023
June 5-7

GSX 2023
September 11-13

APEX Conference
September 13-15

LPRC IMPACT
October 2-4, 2023

See More Events

Recruiting?
Get your job e-mailed to everyone... everyday
Post on our Featured Jobs Board!

Not getting the Daily?
Is it ending up in your spam folder?
Please make sure to add d-ddaily@downing-downing.com to your contact list, address book, trusted sender list, and/or company whitelist to ensure you receive our newsletter.
Want to know how? Read Here

SUBSCRIBE

FEEDBACK

www.downing-downing.com

Advertise With The D&D Daily