D&D Daily Mobile Edition

The D&D Daily Mobile Edition
LP, AP & IT Security's #1 News Source

8/23/22

D-Ddaily.net

Steven V. McCory named Director of Operations and Project Management for Grid Squared Systems

Before being named Director of Operations and Project Management for Grid Squared Systems, Steven spent more than two years with VIRSIG, LLC as Operations Manager and Sr. Project Manager, Operations Manager (Acting). Prior to that, he spent more than two years with S-TRON Security Electronics as Sr. Project & Service Manager. Earlier in his career, he held roles with Services for the UnderServed and Summit Security Services, Inc. Congratulations, Steven!

See All the Executives 'Moving Up' Here

Submit Your New Corporate Hires/Promotions or New Position

TMA Opens Virtual Attendance Option for its 2022 OPSTech

August 22, 2022, McLean, VA – Beginning today, security industry professionals have the option to register to take part virtually in The Monitoring Association’s (TMA) 2022 OPSTech educational sessions that are being delivered in-person Sept. 11-16, 2022 in Charlotte, NC. The full, five-day program features operations, technology, and video tracks. Registrants attending the meeting in-person will also have the opportunity to take part in roundtable discussions and networking events, as well as a private tour of CPI Security’s new, state-of-the-art monitoring center.

Go to https://tma.us/events/2022-ops-tech/ for detailed meeting information, including program agenda, hotel reservations, and registration.

The U.S. Crime Surge
The Retail Impact

Perfect Storm for Retail Theft
Theft prevention in unattended retail

Solutions to help owners and operators stay one step ahead in securing and protecting their assets

Fewer employees on-site and intense financial pressures on consumers are the perfect combination for potential theft. According to the National Retail Federation’s 2021 Retail Security Survey, 57% of businesses cited the pandemic and its aftermath for a rise in organized retail crime, while 50% blamed the virus for an increase in shoplifting.

“We learned from micro market operators that their biggest challenges were theft and lack of labor resources to deal with it effectively,” said Mac Bolak, the founder and chief executive officer of Panoptyc. “If there’s no one there on the premises, people feel more inclined to take things when they think no one is watching. Operators were also dealing with outdated camera systems that couldn’t be reviewed remotely, meaning they had to drive potentially long distances to retrieve footage manually. So, we came up with a solution to help fill the gap."

Utilizing technology to catch thieves in unattended locations is a powerful tool, but for many people, theft prevention often begins and ends with the type of locks installed on the machines.

Many of the headlines these days involve historically high gasoline prices, making service stations a prime target for theft. “Many gas pumps still rely on a generic lock with thousands of duplicate keys in circulation,” Morahan explained.

To address security concerns at unattended or remote locations, Dalton recommends encrypting data before sending it over any wireless connection. “In the event that unauthorized access is gained, OptConnect has data usage triggers that will set off internal protocols within the system to contact customers,” he said. “Our technical teams will then investigate the high data usage.”

With the country in an era of economic uncertainty, one thing is for sure: Criminals are constantly looking for ways to enrich themselves at the expense of others. vendingmarketwatch.com

Retail Locations the #2 Mass Killing Location Type
Mass killings database reveals trends & details in every US event since 2006

High profile public shootings in the US are only a portion of the country's mass killings AP, USA TODAY and Northeastern University analysis shows.

The horror and tragedy of mass shootings in American schools, churches, grocery stores and other public places capture the nation's attention. But these are only part of the larger violence of mass killings - deaths by guns, knives, fires, vehicles and other weapons in public and in private - that plague the U.S., research shows.

The number of mass killings in 2022 is about average compared with previous years despite recent shootings that captured public attention. The number of victims is somewhat higher than average but still below previous highs.

Cases in which someone shoots strangers in a public place usually get the most attention. But fatal public shootings are a small fraction of all mass killings. There has been a spike in these types of killings over the past few years, but the rate of occurrence has remained relatively flat since the mid-2000s.

As the chart below shows, residences make up the vast majority of mass killings. But commercial and retail locations rank second and open spaces rank third. usatoday.com

Violence Project Database of Mass Shootings
NY Times: What Are the Real Warning Signs of a Mass Shooting?
While some mass shootings are committed by people with diagnosed mental illnesses, a life crisis is a better predictor of violence, researchers say.

Blaming mass murder on mental illness is a time-honored impulse, used by law enforcement and politicians alike.

Yet America’s mass killers fit no single profile and certainly no pattern of insanity — many, if not most, had never been diagnosed with a serious psychiatric disorder. But psychologists say there is a wide divide between a clinical diagnosis and the type of emotional disturbance that precedes many mass killings.

The real problem, those experts say, is that mental illness is not a useful means to predict violence. Jillian Peterson, a co-founder of the Violence Project, a research center that has compiled a database of mass shootings from 1966 on and studied perpetrators in depth. “In many cases, it doesn’t really matter. It’s not the main driver.”

Instead, many experts have come to focus on warning signs that occur whether or not actual mental illness is present, including marked changes in behavior, demeanor or appearance, uncharacteristic fights or arguments, and telling others of plans for violence, a phenomenon known as “leakage.”

Perpetrators are driven by a complex array of factors that can include a desire for fame, radicalization on the internet and childhood trauma, and experts say the means of intervention should be just as broad. Four out of five of the perpetrators in the project’s database, Dr. Peterson said, showed signs of crisis — defined as a period when one’s circumstances overwhelm one’s coping mechanisms, shortly before carrying out their crimes. nytimes.com

Federal 'Ghost Gun' Crackdown
What are ‘ghost guns’? A federal crackdown is coming on untraceable firearms, and dealers are rushing to sell them

Online dealer GhostGuns.com saw an uptick in sales for ghost gun kits when the rule was first announced in early April

With new federal regulations set to take effect on so-called ghost guns next week, businesses that sell the untraceable firearms are racing to offload inventory.

The new regulations from the Biden administration are set to take effect Wednesday and will substantially curb the proliferation of ghost guns by requiring those who sell them to abide by the same rules and regulations as traditional gun sellers in the U.S.

The weapons are assembled from kits and do not carry serial numbers. Authorities say they attract criminals and extremists. Their parts can be bought online or at a store as do-it-yourself kits, and their purchase doesn’t require a background check. They can be assembled into working firearms in as little as 30 minutes.

A spokesperson for the federal Bureau of Alcohol, Tobacco, Firearms and Explosives said the new rule will “play a key role in preventing convicted felons, domestic abusers, and other prohibited persons from acquiring these firearms.” It will also allow the bureau “to trace these guns when used in crimes.”

Under the new regulations, manufacturers and dealers of ghost guns must be federally licensed, parts used to make the weapons will need serial numbers and purchasers must undergo a background check. cnbc.com

'Unintended Shootings' are a Bigger Threat Than Mass Shootings
Editorial: This gun problem is bigger than school shootings — and easier to prevent
Although unintentional shootings make up only about 2% of gun deaths nationally and in South Carolina, that’s still more deaths than those high-profile shootings at schools and in other public spaces. And injuries caused by unintentional shootings far surpass all other types of gun injuries — 61% in South Carolina and 58% nationally, according to Everytown.

Our fixation on school shootings and other mass shootings reflects our general tendency to take deaths and injuries more seriously when they’re concentrated, intentional and spectacular, and it skews our policy debates toward solutions that do little to address the more frequent cause of gun deaths — suicide — or the cause that is easier to address without infringing on anyone’s accurate or even exaggerated sense of their rights: unintentional shootings.

The simplest and most effective prevention method involves gun storage: Guns should always be locked, either in a safe or with a gun lock, especially but not exclusively if children either live in or frequently visit the home. And ammunition should be stored separately. But fewer than half of gun owners report doing either. postandcourier.com

Number of American Mass Murders Relatively Steady Since 2006

COVID Update

607.5M Vaccinations Given

US: 95.4M Cases - 1M Dead - 90.8M Recovered
Worldwide: 601.9M Cases - 6.4M Dead - 576.5M Recovered

Private Industry Security Guard Deaths: 362
Law Enforcement Officer Deaths: 793
*Red indicates change in total deaths

Still 400 COVID Deaths Per Day in the U.S.
‘Most have thrown their hands up’: has the US forgotten about Covid?
Despite signs that indicate the latest Covid-19 surge is slowing down, an average of 400 deaths in the US is still reported on a daily basis. Various mask and social distancing mandates across the country are becoming anything but strictly enforced.

But as Americans and many of their elected officials go about their daily lives, many healthcare professionals still on the frontlines of the pandemic and severely affected Covid-19 patients are left wondering whether the rest of us are moving too quickly from the worst days of the pandemic.

Have we simply forgotten about Covid-19? Data obtained earlier this month by the Centers for Disease Control and Prevention (CDC) reveals that the rate of new infections has been decreasing, with the country reporting an average of 107,000 new cases a day. This marks a 12% decrease compared to infection rates two weeks ago. theguardian.com

Apple Workers Protest Return to Work Push
Return To Office: Here’s Where Tech Giants Stand After Apple Employees Protest Mandate
Apple employees initiated a petition early Monday opposing the company’s forthcoming policy requiring corporate workers to be in the office three days a week, joining several other major technology companies in requiring in-person work, though other large firms maintain more lenient policies.

Apple Together, a group of Apple workers identifying as a “solidarity union,” called the mandate, which requires employees to return to the office three days a week beginning September 5, prohibitive in the petition, arguing the policy is insensitive toward health and safety concerns, family care plans and overall morale.

Apple’s return-to-office mandate, announced last week by CEO Tim Cook in an internal memo, is a departure from the policies of several Silicon Valley titans, including Airbnb and Twitter, both of which said they’ll allow employees to work remotely permanently.

Facebook parent Meta is the most notable work from home proponent, with no in-person requirements at this point and plans to allow most employees to work remotely long-term. Amazon, Microsoft and Google parent Alphabet all have policies similar to Apple’s, mandating employees return to offices two to three days a week earlier this year. forbes.com

Retail Impact of Chinese COVID Lockdowns
Starbucks to Nike Report Steep China Sales Drop on Lockdowns

Major global retailers saw revenue hurt by strict virus curbs

Global consumer giants selling everything from jewelry to t-shirts saw sales in China tumble in their most recent quarter as Covid Zero lockdowns hammered consumer demand in the world’s second-largest economy.

Starbucks Corp. was particularly hard hit, reporting a more than 40% drop in sales in the quarter ended July 3. The company began the period with about a quarter of its Chinese stores shut due to Covid policies, and its 940 locations in Shanghai were locked down for about two-thirds of the financial quarter.

Luxury goods also bore the brunt of Covid chaos. Burberry Group, Richemont, Adidas AG each reported at least a 35% drop in their most recently reported quarterly results. Kering SA, which owns Gucci, saw a more than 30% drop. Yum China Holdings Inc. and Uniqlo fared slightly better, with declines of about 13% each.

Apple Inc. held up the best among major foreign brands, with Greater China sales slipping just 1.1% in its third quarter, though the company did offer a rare sale of some top-tier iPhones and related accessories last month in an acknowledgment of weak local sentiment. bloomberg.com

Remote Workers Paid 20% Less?
You may soon be asked to take a pay cut to keep working from home
Many workers enjoyed a better quality of life plus savings on commuting, office wardrobe and other expenses. Companies boosted productivity and lowered costs.

Now as remote work looks likely to survive in some form for the foreseeable future, a battle is starting to brew over who should pocket those savings, with some employers arguing that working from home is a benefit that should be offset by lower salaries. About 30% of all paid workdays are still being done from home, up from just 5% before the COVID-19 outbreak.

Paying remote workers less is a practice that is already catching on abroad. In Britain, the law firm Stephenson Harwood recently announced that employees could work full time from home on the condition that they take a 20% pay cut.

Right now, such arrangements seem rare in the U.S., probably because of the tight labor market. But that could change in the event of a recession as employers eye how remote working can lower labor costs and boost the bottom line. latimes.com

Updated Boosters Coming This Fall Amid Worries of New Wave
Pfizer asks FDA to authorize Covid booster shots that target omicron BA.5 for people ages 12 and older

The U.S. is planning a fall booster campaign with the new shots amid concerns about another wave of infection.

Pfizer and its German partner BioNTech on Monday asked the Food and Drug Administration to authorize Covid booster shots that target the omicron BA.4 and BA.5 subvariants for people ages 12 and older.

The U.S. is preparing for a fall vaccination campaign using updated vaccines that target the dominant omicron subvariants. Public health officials expect another wave of infection this fall and winter as immunity from the currently authorized shots wears off and people head indoors to escape the colder weather. cnbc.com

These activities are—and aren’t—safe for monkeypox risk, experts say

Fauci to step down in December after decades of public service

Employee Monitoring Doubles During Pandemic
Pre-Pandemic 30% - Now 60% of Large Employers

WSJ: Should Companies Track Workers With Monitoring Technology?
It's all generally legal. But is it OK? The Journal called on three experts to weigh in.

From activity-tracking tools, organizational network analysis, text-analytics techniques, to video analytics on facial expressions and reactions in meetings.

Employers have a legitimate interest in ensuring employees are fulfilling their job responsibilities. The problem comes when employers engage in maximalist surveillance, collecting data that isn’t strictly necessary for legitimate business purposes, using products that are far more invasive than the employer truly needs, and failing to account for the harmful effects on the privacy and morale of employees.

Surveillance systems that rely on automated decision-making to flag particular behaviors by employees—for example, cursor tracking or facial-recognition tools—also run the risk of reinforcing racist, sexist and ableist patterns in the workplace.

I also think activity-monitoring systems have a tendency to focus employers on the appearance of productivity rather than a task-driven, results-driven view of work.

Most folks understand why organizations need to monitor for reasons like legal compliance, antifraud and workplace safety. But it is incumbent on organizations to vet their monitoring technology for efficacy and fairness.

A different question isn’t what is legitimate, but how do you make sure employees feel comfortable with whatever you are collecting? The first thing that you have to do as an employer is be transparent with employees about what you are collecting and what is the business purpose of it. Then you need to share with employees the key information you are getting and the decisions you are making based on that.

Employees are increasingly accepting of being monitored if they know what is happening and why. wsj.com

Congress Nixes Plan to Hike OSHA Fines
Regulatory Update: Big Jump in OSHA Fines Not Coming
It’s not often these days that employers have something to cheer about when it comes to the regulatory front, but that seems to be the case now that Democrats in the Senate apparently have decided not to proceed with a proposal that would have quadrupled financial penalties imposed by the Occupational Safety and Health Administration (OSHA).

At present, the maximum fine OSHA can assess against an employer per alleged repeat, willful or failure-to-abate violations is $145,027. Last year, the House of Representatives passed a bill that would have boosted the maximum penalty for willful or repeat violations of OSHA workplace safety rules from that amount to $700,000 per violation, including imposition of a $50,000 minimum.

Under last year’s House proposal, the serious failure-to-abate fine limit also would have increased from $13,653 to $70,000.

However, the most recent update to the reconciliation spending bill still being debated by the U.S. Senate does not mention or incorporate any provisions for raising the cap on civil money penalties regarding citations issued by OSHA, notes Raymond Perez II, an attorney with the law firm of Jackson Lewis.
“Labor and safety groups along with many Democrats have long advocated for higher OSHA fines which they argue will deter safety violations and encourage better employer compliance by reducing or eliminating workplace hazards that could lead to serious injury or death,” Perez observes.

Despite the stated good intentions, he points out that OSHA regulatory compliance can be extremely complicated and expensive even for large employers to comply with, and increasing penalties to such a high amount will not necessarily result in better outcomes. ehstoday.com

Walmart Racial Profiling, Harassment & Spying
Walmart ordered to pay Oregon man $4.4M for racial profiling
DDA Multnomah County grand jury has ordered Walmart to pay $4.4 million in damages to a man who sued the store, saying he was racially profiled and harassed by a Walmart employee at a Portland, Oregon, area store in 2020.

According to the lawsuit the employee “spied” on Dovey Mangum while shopping, ordered him to leave and called police when he refused, KGW reported.

According to the lawsuit and a news release from his attorneys, Mangum, who was 59 at the time, visited the Walmart in Wood Village on March 26, 2020, to buy a light bulb for his refrigerator. After Mangum arrived, he noticed store employee Joe Williams watching him as he shopped.

Williams told Mangum to leave the store, but Mangum refused, saying he’d done nothing wrong. Mangum’s lawyers said Williams told Mangum he was going to call the police and tell them Mangum had threatened to “smash him in the face.”

According to Mangum’s lawyers, deputies from the Multnomah County Sheriff’s Office responded and “refused to take action against Mangum.” The lawyers said deputies made that decision based on Williams’ “shifting explanations” for the reason he called and because of his “reputation for making false reports to police.”

The store and Walmart corporate officials kept him on the job for several more months and fired him in July 2020 for “mishandling $35 of Walmart property,” the lawsuit said. dailyjournalonline.com

The Great Resignation May Be Slowing
Fewer Americans are switching to new jobs: survey
The number of Americans quitting their jobs for a different one declined in July, according to a Federal Reserve Bank of New York survey published Monday, a sign the so-called Great Resignation is slowing down.

The rate of transitioning to a different employer declined to 4.1% in July, compared with 5.9% the same month one year ago, according to the New York Federal Reserve’s Consumer Expectations Labor Market survey. The decline was most pronounced for women and for respondents with a household income less than $60,000.

Despite that, workers are still searching for new gigs: 24.7% of individuals reported looking for a new job over the past month, which is up from 24% one year ago. The increase was driven by respondents under the age of 45 who hold a college degree.

The incredibly tight labor market is in part fueling record-high inflation, as millions of workers are seeing the largest pay gains in years – the result of companies competing with one another for a limited number of employees. Earnings rose 5.2% in July from the previous year, much higher than the pre-pandemic average of 3%. nypost.com

Businesses & Homes in Dallas Hit with Historic Flooding
Dallas area hit by 1-in-1,000-year flood; cars float in water-filled roads
Heavy rains across the drought-stricken Dallas-Fort Worth area on Monday caused streets to flood, submerging vehicles as officials warned motorists to stay off the roads and water seeped into some homes and businesses.

Peter Tarantino, who owns Tarantino’s Cicchetti Bar and Record Lounge in Dallas, told The Dallas Morning News that about 6 inches of water flowed into the dining room, but had receded by late morning.

He said he may be able to salvage the furniture but he'll need to replace rugs and carpets. “I’m hoping by Thursday we’ll be able to open up the bar with a few snacks,” he told the newspaper. “I don’t give up too easily.” The heavy rain is expected to move out of the Dallas-Fort Worth area later Monday, Huckaby said. washingtonpost.com sfgate.com

Robots: The Future of Retail & Restaurants?
Restaurant run by robots to open in SF; plans nationwide expansion
Mezil, a fully-autonomous robotic restaurant that resembles a large refrigerated container, will open in the Spark Social food park in San Francisco, Sunday, August 28th. The high-tech eatery is described by its founders as the “first of its kind in the world.”

While other automated restaurants have opened in San Francisco and other select locations (and while many fast-food chains continue to automate parts of their operations), Mezil is the first to offer a customizable, hot menu to customers— with no on-site workers, according to its founders. (With one exception: Staffers will load the pre-prepared ingredients into the site once a day.)

Looking ahead, the Mezli team plans to expand their concept to multiple locations nationwide while also widening the culinary options available through its platform. chainstoreage.com

Foot Locker taps Ulta Beauty exec as CEO

Quarterly Results

Macy’s Q2 comp's down 1.5% owned basis, down 1.6% owned-plus-licensed basis, digital down 5%, comp sales down 2.9% owned & down 2.8% owned-plus-licensed

All the News - One Place - One Source - One Time

Thanks to our sponsors/partners - Take the time to thank them as well please. If it wasn't for them The Daily wouldn't be here every day for you.

Prioritize both security and CX
with MTI Smart Locks™

A personalized, convenient customer shopping experience is the key to success in today's retail environment. But rising prices and increased risk of theft has created the need for widespread, smarter merchandise controls. Those controls can lead to bottlenecks in service that erode your brand. How then, can you boost your CX while also limiting loss?

Monitor and control access with ease.

MTI Smart Locks™ provide unparalleled control and visibility for your merchandise. They pair lock and alarm solutions to doors, drawers, and cabinets with your existing systems. Our solution is affordable, scalable, and offers complete oversight of your operations.

Unlock Incredible CX

MTI Locks open using our custom Versa Key™ key-cards. Unlike standard keys, Versa Keys are inexpensive and easy to manage. You can outfit your entire team with the tools they need to provide excellent customer service. Store managers can deactivate, track, and reassign cards quickly and easily. Gone are the days of refitting an entire store because one employee misplaced a key. You can simply deactivate the misplaced card and assign a new one to the employee.

Want more information?

Send us a note and we will be happy to send you information about our locks solutions today.

More Twitter Firestorm - Adding Fuel to Musk's Fire
Former security chief claims Twitter buried ‘egregious deficiencies’
In an explosive whistleblower complaint obtained by The Washington Post, former Twitter security chief Peiter ‘Mudge’ Zatko alleges the company misled regulators about lax security and spam.

Twitter executives deceived federal regulators and the company’s own board of directors about “extreme, egregious deficiencies” in its defenses against hackers, as well as its meager efforts to fight spam, according to an explosive whistleblower complaint from its former security chief.

The complaint from former head of security Peiter Zatko, a widely admired hacker known as “Mudge,” depicts Twitter as a chaotic and rudderless company beset by infighting, unable to properly protect its 238 million daily users including government agencies, heads of state and other influential public figures.

Among the most serious accusations in the complaint, a copy of which was obtained by The Washington Post, is that Twitter violated the terms of an 11-year-old settlement with the Federal Trade Commission by falsely claiming that it had a solid security plan. Zatko’s complaint alleges he had warned colleagues that half the company’s servers were running out-of-date and vulnerable software and that executives withheld dire facts about the number of breaches and lack of protection for user data, instead presenting directors with rosy charts measuring unimportant changes.

The complaint — filed last month with the Securities and Exchange Commission and the Department of Justice, as well as the FTC — says thousands of employees still had wide-ranging and poorly tracked internal access to core company software.

Chief Executive Parag Agrawal was “lying” when he tweeted in May that the company was “strongly incentivized to detect and remove as much spam as we possibly can,” the complaint alleges. washingtonpost.com

Using AWS Domains in Phishing Attacks
Scammers Piggyback on AWS to Phish Victims

AWS Domains Used to Send Phishing Emails and Steal Credentials

Threat actors are using Amazon Web Services to create phishing pages that bypass security scanners and scam victims into handing over credentials.

The scammers send their targets what appears to be a standard password expiration email or other emails meant to create a sense of urgency. The emails come from legitimate AWS domains, but a closer look shows the inclusion of false nicknames, with the sender address and unrelated text in a foreign language, find security researchers at Check Point-run firm Avanan.

When users click on malicious links in the email, they're redirected to a login page that shows the victim's company name and logo, with the email ID prepopulated. "All the user has to do is fill in their password and their credentials are stolen," says Jeremy Fuchs, cybersecurity researcher and analyst at Avanan.

The Avanan researchers call the method of using legitimate services as a piggyback to land in the inbox "the Static Expressway." Usually, email services use static "allow" and "block" lists to determine if an email's content is safe or not. And emails from AWS will be marked as safe, as it is "too big and too prevalent" to block, giving the threat actors an opportunity to bypass email security scanners.

"With an easy way into the inbox, plus a low lift from end users, this type of attack can be quite successful for hackers," the Avanan researchers say. Avanan says it notified AWS of these findings.

The team also found instances of scammers deploying similar tactics with Google, QuickBooks and PayPal services. In January, hackers exploited a vulnerability in the comments feature of Google Docs to deliver malicious phishing websites to end users. It hit more than 500 inboxes across 30 tenants, and hackers used more than 100 different Gmail accounts, Avanan researchers said at the time (see: Hackers Exploiting Flaws in Google Docs' Comments Feature). govinfosecurity.com

Another New Ransomware Variant Surging
New 'BianLian' Ransomware Variant on the Rise

Novel ransomware was created with the Go open source programming language, demonstrating how malware authors increasingly are opting to employ the flexible coding language.

Cybercriminals are swarming to deploy an emerging ransomware variant called BianLian that was written in Go, the Google-created open source programming language.

BianLian has been rising popularity since it was first outed in mid-July, according to researchers at Cyble Research Labs, which published details on their study of the ransomware in a blog post last week. Threat actors so far have cast a wide net with the novel BianLian malware, which counts organizations in media and entertainment; manufacturing; education; healthcare; and banking, financial services, and insurance (BFSI) among its victims so far.

Specifically, the media and entertainment sector has taken the brunt of BianLian attacks, with 25% of victims in this industry so far, and 12.5% each in the professional services, manufacturing, healthcare, energy and utilities, and education sectors, according to Cyble.

Attackers using BianLian typically demand unusually high ransoms, and they utilize a unique encryption style that divides the file content into chunks of 10 bytes to evade detection by antivirus products, the researchers said. "First, it reads 10 bytes from the original file, then encrypts the bytes and writes the encrypted data into the target file," the Cybel researchers wrote in the post.

BianLian's operators also use double-extortion methods, threatening to leak key stolen data — such as financial, client, business, technical, and personal files — online if ransom demands aren't met within 10 days. They maintain an onion leak site for this purpose. darkreading.com

Cyberattack attribution biggest issue organizations will face
Lloyd’s of London to exclude state-backed attacks from cyber insurance policies
From March 2023, Lloyd’s of London will require all its insurer groups to exclude liability for losses arising from state-backed cyberattacks.

It is becoming increasingly tricky for some organizations to get cyber coverage with things such as premium prices and stricter limitations on the rise, Armstrong continues. “For organizations, it’s a reminder that insurance isn’t the fix to everything. It also reinforces the need for organizations to shore up their own defenses.” csoonline.com

CSO: 7 critical steps for successful security onboarding

Fake DDoS protection pages are delivering malware

Patch Now: 2 Apple Zero-Days Exploited in Wild

Windows+D

We are always productive at work, right? Well for those very rare times that we are not, here is a tip for you. If you press Windows+D, it will hide all of the windows and bring you straight to your desktop. Helpful for when the boss is walking by...

Amazon's War on Counterfeiters
Amazon is partnering with GE and GE Appliances to stop counterfeiters

Amazon, GE, and GE Appliances file a joint lawsuit to protect customers and the authenticity of GE-branded water filters.

Amazon strives to be Earth’s most customer-centric company. As part of that effort, Amazon’s Counterfeit Crimes Unit partnered with General Electric (GE) and GE Appliances, a Haier Company, to jointly file a lawsuit against 16 defendants who deceived customers by falsely advertising and attempting to sell counterfeit GE-branded water filters in Amazon’s store.

Amazon’s brand protection efforts are focused on three pillars: proactive controls, powerful tools for brands and rights owners, and holding counterfeiters accountable. All three of those brand protection pillars delivered in this case to protect customers and the GE brand from the defendants, who worked with each other as part of an organized counterfeiting scheme.

Through the rigor of Amazon’s Project Zero and Brand Registry brand protection tools, Amazon and GE Appliances were able to detect and quarantine counterfeit products, sending samples to GE Appliances for review. Once Amazon and GE Appliances verified the fakes, Amazon blocked the respective selling accounts and proactively issued full refunds to customers who purchased the counterfeit items. Customers are always protected with Amazon’s A-to-z Guarantee if they receive a product that is not in the condition expected, whether the product is sold by Amazon or a third party.

Counterfeiters make it tough to distinguish a genuine water filter from a fake, but Amazon, GE, and GE Appliances are taking action to protect customers. Genuine GE-branded water filters are tested by GE Appliances to ensure the highest quality of filtration for safe and clean drinking water—removing impurities that you often can’t see, taste, or smell.

“It’s important that consumers are aware of the risks associated with counterfeit refrigerator water filters. Fake filters do not adhere to the same quality and performance standards, and fail to provide filtration performance. Non-genuine filters can also impact your refrigerator’s functionality and cause leaks. At GE Appliances, we stand behind genuine products with third-party testing you can trust,” said James Downey, senior director of water filtration at GE Appliances. aboutamazon.com

Impulse Spending Pushing 'Ecommerce into Hyperdrive'
Despite recession fears and fueled by ‘revenge spending,’ Americans spend $314 a month on impulse purchases
As the cost of living surges and more Americans say they are stretched too thin amid concerns about a possible recession, they’re dipping into their cash reserves and nearly half are falling deeper in debt.

Still, 73% of adults said most of their purchases tend to be spontaneous, according to a survey by SlickDeals.net — a significant jump from 59% who said the same just one year ago. Shoppers now spend $314, on average, a month on impulse buys, up from $276 in 2021 and $183 in 2020, Slickdeals found.

“Consumers abandoned ingrained shopping habits, hurtling ecommerce into hyperdrive,” according to an analysis by McKinsey & Company. cnbc.com

Online discounts boost struggling UK retailers in July

SMBs Can Manage Great Resignation and e-Commerce Growth With Tech Tools

Nationwide Credit Card Crew Busted Hitting Home Depot Stores
California Man Pleads Guilty in Scheme Involving Over $300,000 In Fraudulent Purchases from The Home Depot
NEW ORLEANS, LA – JONATHAN ORPILLA SINLAO, age 37, a resident of San Jose, California, pled guilty on August 18, 2022 to Count One of his indictment, charging him with Conspiracy to Commit Access Device Fraud. In exchange, the government has agreed to dismiss seven (7) counts of Access Device Fraud.

SINLAO conspired with others to conduct approximately $340,164.49 in unauthorized purchases of gift cards and products at The Home Depot stores using customers’ Citibank credit card numbers. These transactions occurred between February of 2019 and July of 2019 at Home Depot stores in Louisiana, Florida, Texas, Arizona, California, New York, and Oklahoma. Sentencing in this matter for November 10, 2022.

The defendant faces a maximum penalty of seven-and-a-half (7.5) years imprisonment, a term of supervised release of up to three (3) years, a fine of up to $250,000.00, and a mandatory special assessment fee of $100.00. justice.gov

Judge Says 'that in his twenty years as a Judge, he has never seen an identity theft scheme more complex or that had as many victims.'
DOJ: Alabama Fraudster Gets 17½ Years Federal Prison For $1M Schemes
Albert McCall, age 59, of Montgomery, Alabama went on a multi-state crime spree during 2016 and 2017 in which he engaged in at least five different fraud schemes.

The defendant is a long-time con artist who traveled around the country engaging in various fraud schemes, primarily involving identity theft. By his own admission, made on a recorded telephone call with a co-conspirator, McCall has been committing fraud for seventeen years. His frauds include the following:

1. Manufacturing Counterfeit Ohio Driver’s Licenses
2. Instant Credit Schemes
3. Casino Fraud
4. Counterfeit Credit Cards – McCall and his conspirators used counterfeit credit cards, often in conjunction with the counterfeit Ohio driver’s licenses, to rent cars, obtain hotel rooms, and to make purchases of merchandise.
5. Car Loan Fraud

The investigation of McCall included conduct in Pennsylvania, Ohio, Tennessee, Alabama, Michigan and other states, and the total losses exceeded $1 million. The Court enhanced the defendant’s advisory Sentencing Guideline range based on the sophisticated nature of the defendant’s schemes, which included use of the dark web and amassing a network of operatives who helped him execute his scheme across multiple states. The Court also enhanced his sentence based on the leadership role he played amongst these operatives and because he obstructed justice. justice.gov

Dallas- Ft Worth, TX: Thieves Robbed Traveling Jewel Sellers in DFW
Now, Their Money Launders Are Going to Prison. One day in June 2016, a group of thieves sat outside a jewelry store in Richardson, scoping out the place. They planned to rob a traveling jewelry salesman who frequented the store. They had done it plenty of times. The thieves would often drive around Dallas-Fort Worth, casing spots for their next heist. Law enforcement calls them a South American theft and robbery group. These groups target traveling jewelry salesmen nationwide. But they always need some someone to take the stolen goods off their hands. Five men from Texas, Florida, New York and Colombia did just that until the feds caught up with them. They’ve since been sentenced to a combined 190 months in federal prison and ordered to pay $7 million in restitution for allegedly purchasing the stolen jewelry. The five men, Romelio Riveron, Elkin Acosta Lopez, Rubenhav Pinkhasov, Harrison Corridor and Yuri Alishaev, also laundered money for the jewel thieves, including several who robbed a traveling salesman at gunpoint in Irving. Then, the thieves beat the man to death. dallasobserver.com

Lorain, OH: Smokerz Paradise in Lorain loses $10,000 in smash and grab
After being the victim of break-ins at Smokerz Paradise multiple times, Sam Haq is frustrated and said he has “had enough.” “Enough is enough,” said the operator of the store located on 2515 Colorado Ave. in Lorain, on the city’s eastern side. The store is owned by Haq’s brother, Ibrahim Haq. Lorain police arrived to investigate the break-in on Aug. 14, and noted in a report that the front glass door was shattered. “It was obvious that someone made entry into the business and stole an unknown amount of merchandise,” the report stated. The suspects made off with an undisclosed amount of cash as well as countless boxes of merchandise, the report stated. morningjournal.com

Mount Kisco, NY: Woman Accused Of Stealing $2,500 From Staples
A Northern Westchester woman was allegedly caught stealing more than $2,500 from a business through fraudulent refunds. Octavia Johnson, age 37, of Mount Kisco, was arrested at the Staples on North Bedford Road on Tuesday, Aug. 9, and charged with grand larceny. According to the Westchester County Police, Johnson was caught after loss prevention staff provided documentation alleging she stole more than $2,500 through fraudulent refund transactions. She is due in Mount Kisco Court on Thursday, Aug. 25. dailyvoice.com

Olmsted County, MN: Minnesota law enforcement agencies now investigating a string of smash-and-grab burglaries targeting Verizon Wireless stores
The Olmsted County Sheriff’s Office is one of several southern Minnesota law enforcement agencies now investigating a string of smash-and-grab burglaries targeting Verizon Wireless stores. Sheriff’s Captain James Schueller says deputies were called to the Verizon store in Stewartville shortly after 7 a.m. Friday after a passerby reported the window on the building’s front door had been smashed out. Responding deputies found a rock inside the store on the floor. A store employee reported the suspects took a blue iPhone 13 and a blue iPhone 13 Max. Schueller said the phones were displayed in the store and that the suspects took the displays with them. Surveillance video shows the suspects smashing their way in around 4 a.m. Friday. Schueller said a Verizon store in North Mankato and a Verizon store in Belle Plane were also hit in similar fashion on Thursday. The subjects also stole items from those locations. Investigators suspect the same subjects in all three burglaries and are waiting to confirm the subjects by using store video that captured the three burglaries. krocnews.com

Los Angeles, CA: Man, woman accused of robbing Sunglass Hut store in Lakewood lead authorities on wild chase
A man and a woman accused of robbing a Sunglass Hut store in Lakewood were arrested Monday afternoon after they led authorities on a wild high-speed chase that spanned several Los Angeles neighborhoods, authorities say. Officials tell Eyewitness News deputies were following the two suspects before they took off and pursuit ensued. AIR7 HD was over the chase around 5 p.m. as the man was driving on the 105 Freeway in the Compton area. During the chase, the suspect drove at speeds ranging from 95 to 100 mph, and there were several instances in which he sideswiped several vehicles. While in the Compton area, the suspect sped through surface streets, running multiple red lights. The suspect's car ended up sustaining damage to front end after more than 30 minutes on the road. Finally, after nearly an hour of erratic driving, the robbery suspect came to a stop beneath a freeway overpass in the Downey-Norwalk area. That's when he and the woman jumped out into nearby neighborhoods. AIR7 HD captured the suspect hiding behind a shed as authorities approached him. Both suspects have since been placed into custody on robbery charges. abc7.com

View ORC Archives

Case Goes Public?
Share it with the industry

Submit your ORC Association News

Visit ORC
Resource Center

Shootings & Deaths

Eden Prairie, MN: Eden Prairie Center mall lockdown lifted after ‘shooting led cops to BODY’ inside Minnesota shopping center
A MAN has been found dead inside a mall after police responded to reports of an active shooter inside the shopping center. Police rushed to Eden Prairie Center mall after shoppers reported hearing gunfire in the Scheels sporting goods store. The mall in Minnesota went on lockdown as an "active shooter" was reported at around 7.25pm on Monday. Cops surrounded the shopping center with dozens of police vehicles and fire trucks blocking parts of the parking lot. When cops got inside, they found a man dead inside Scheels from a self-inflicted gunshot wound, police said. The mall lockdown was lifted at around 9.20pm but Scheels was expected to remain closed so that police can gather evidence. Police said that the shooting was "an isolated incident" and that "there is no danger to the public." According to cops, the area has been secured after they did a follow-up search of the mall. the-sun.com

Manchester, CT: Update: Man Charged With Shooting Loss Prevention Officer to Face Judge
A man accused of shooting a Connecticut mall security guard after shoplifting at a department store is set to appear before a judge Monday on attempted murder and other charges. Police say Richard LaPlante turned himself in Saturday night in connection with the shooting outside the Macy's store at The Shoppes at Buckland Hills in Manchester on Friday, police said. A loss prevention officer at Macy's was shot in the abdomen in the parking lot and remains hospitalized. LaPlante, 30, of Windsor, was detained on $1 million bail and is scheduled to be arraigned in Manchester Superior Court on Monday. He also is charged with assault, robbery and carrying a pistol without a permit. It was not immediately clear if LaPlante has a lawyer who could respond to the allegations. westernmassnews.com

Rancho Cucamonga, CA: Update: Robbery-spree suspect arrested after PetSmart hold up, shootout and pursuit
A Phoenix man suspected of a three-week armed robbery spree is in custody after a robbery of a Rancho Cucamonga PetSmart, a shootout with federal agents and a pursuit that ended with him surviving a self-inflicted gunshot wound to the head, authorities said Monday, Aug. 22. On Saturday, Aug. 20, 26-year-old Samuel Smith entered the PetSmart at 10940 Foothill Blvd., west of Milliken Avenue, and demanded money from the cashier at gunpoint, the San Bernardino County Sheriff’s Department said in a news release. It wasn’t immediately clear if Smith took any money from that store.

Shortly after, Smith was confronted by members of the U.S. Bureau of Alcohol, Tobacco, Firearms and Explosives in the store parking lot, the U.S. Justice Department said in a statement. As Smith opened the door of his car, he fired gunshots at an unmarked vehicle with a Bureau task force, prompting an officer in another car to return fire, according to the DOJ. Uninjured by the gunfire, Smith then fled in his car on surrounding surface streets before pursuing sheriff’s deputies encountered Smith in Pomona, sheriff’s officials said. A pursuit intervention technique, also known as a PIT maneuver, stopped Smith’s car, the Sheriff’s Department said. dailybulletin.com

Robberies, Incidents & Thefts

Hartford, CT: Rise in shoplifting cases places security guards, loss prevention officers at an increased risk
Shoplifting cases are on the rise across the nation, which puts prevention loss officers and security guards at an increased risk of violence. On Friday a shoplifter in the Buckland Hills mall shot a prevention loss employee at Macy’s in Manchester. Earlier this year, a shoplifter walked into the front of a store and stole thousands of dollars worth of perfume at Macy’s in West Hartford. On his way out the door full of items, he implied he had a gun to the loss prevention officer. Former Police Lieutenant Steven Estes said this situation happens more than one would think. “My heart goes out to that poor loss prevention guy he didn’t expect to be in the hospital…He went to work that day thinking he was going to come home as healthy as when he got there, and he didn’t, and he is just trying to do his job, support his family,” said Estes.

The largest problem loss prevention officers face is not knowing the mindset of a person stealing the merchandise, which becomes incredibly more dangerous if the shoplifter is weapon. Estes said the second a loss prevention officer identifies a potential suspect, that is when they have to be on high alert. As one does not know how many shoplifters might be in the store or how desperate they are. “It is a super hard job to do, and that is where you kind of have to take the same attitude that we do, everybody you deal with has a gun until proven otherwise, and if you find one you’ve got another one, there’s always a plus one rule so it is the same kind of thing,” said Estes Police say the loss prevention officer who was shot at the Buckland Hills Mall in Manchester is recovering in the hospital. wthr.com

Stockbridge, GA: Police release description of two GameStop Armed Robbery suspects

Oakland, CA: Thieves ram door of Oakland dispensary, second time in 6 months

Phoenix, AZ: Man charged with robbing 10 stores in California, Arizona

Peter Horsley named Regional Loss Prevention Manager - Eastern Canada for Indigo

Submit Your New Hires/Promotions
or New Position
See all the Industry Movement

Feature Your Job Here For 30 Days -
70% Aren't On The Boards
Post your job listing

Featured Job Spotlights

An Industry Obligation - Staffing
'Best in Class' Teams

Every one has a role to play in building an industry.
Filled your job? Any good candidates left over?
Help your colleagues – your industry - Build ‘Best in Class’ teams.

Refer the Best & Build the Best
Quality – Diversity – Industry Obligation

VP, Asset Protection & Retail Operations
Washington, D.C.

The candidate will oversee the development of innovative strategies, programs and solution which help retailers mitigate loss and reduce total retail risk; Direct oversight of the NRF Loss Prevention Council and Retail Operations Council...

Director, Service Delivery Test and Turn-up
Remote Opportunity

The Director of Test and Turn-up (TTU) Operations is responsible for leading a team of security and network support personnel that provide end/end support for field engineers and contractors installing and servicing Interface Managed Systems. This position is responsible for managing & leading a team that owns all aspects of the installation service delivery processes required for the customers...

Business Continuity Planning Manager
Jacksonville, FL - posted August 5

Responsible for developing, implementing and managing the company’s Business Continuity (BCP) and Life Safety Programs to include but not limited to emergency response, disaster recovery and site preparedness plans for critical business functions across the organization. In addition, the position will develop and lead testing requirements to ensure these programs are effective and can be executed in the event of a disaster/crisis....

Asset Protection Manager
Beloit, WI - posted July 19

We are looking for individuals with an Asset Protection background and who understand physical security processes, access control, CCTV systems, emergency and critical response procedures, and safety and awareness programs. You will play a critical role in the execution of all Asset Protection and Safety procedures...

Region AP Manager (Florida - Treasure Coast Market)
Jacksonville, FL - posted June 17

Responsible for managing asset protection programs designed to minimize shrink, associate and customer liability accidents, bad check and cash loss, and safety incidents for stores within assigned region. This position will develop the framework for the groups’ response to critical incidents, investigative needs, safety concerns and regulatory agency visits...

Regional Safety Manager – South Florida Region
Jacksonville, FL - posted June 17

This position will manage the safety program for an assigned group of stores that is designed to minimize associate and customer accidents. This includes reviewing and recommending loss control strategies, ensuring program conformance to applicable laws and regulations, preparing required reports, and monitoring and evaluating the program activities in stores...

Corporate Risk Manager
Seattle, WA / Tacoma, WA / Portland, OR - posted June 14

Summary of Role and Responsibilities: A proactive approach to preventing losses/injuries, whether to our employees, third parties, or customer's valuables. They include but are not limited to cash in transit, auto losses, or injuries....

Corporate Risk Manager
San Diego, CA / Los Angeles, CA / Ontario, CA
- posted June 10

Corporate Risk Manager
Atlanta, GA / Birmingham, AL - posted June 10

Physical Security Operations Center Leader
Columbia, MD - posted June 8

The primary purpose of this role is to partner, lead and manage a Central Station/Physical Security Operations Center driving operational execution and enhancements to ensure effectiveness and a positive customer experience. This individual is also responsible for leading a team of operators providing professional and accurate responses...

Region Asset Protection Manager–Southwest Florida
Fort Myers, FL - posted May 12

Loss Prevention Specialists (Store Detective)
Albany, NY; Hyannis, MA; Burlington, VT; Hartford, CT
- posted May 6

Detect and respond to external theft and fraud by working undercover within the store(s) you are assigned to. Working as a team with store management and associates in combating loss in the store(s). Developing and analyzing external theft trends, utilizing information in company reports and information gathered from store management and associates...

Retail Asset Protection Associate
Medford, MA; Brockton, MA; East Springfield, MA
- posted May 6

The Asset Protection Greeter role is responsible for greeting all customers as they enter the store, ensuring that customers see the Company's commitment to provide a safe and secure shopping environment, as well as deterring theft, shoplifting, or other dishonest activities...

Loss Prevention Supply Chain Manager
Fresno, CA - posted April 25

The Loss Prevention Manager, Supply Chain (LPMSC) drives shrink improvement and profit protection activities for an assigned distribution center (DC), its in-bound and outbound shipping networks and its third party pooling centers...

Asset Protection Lead (Regional), Atlanta/Carolinas
Atlanta/Charlotte - posted April 22

Responsible for the protection of company assets and mitigation of risk. Effectively communicates, trains, implements, and monitors all aspects of Asset Protection programs in assigned markets. These programs include Tier Shrink Reduction Strategy, training and awareness, store audits, investigative initiatives, profit protection, health and safety and budgetary compliance...

Regional Loss Prevention Auditor
Multiple Locations - posted April 20

The Regional Loss Prevention Auditor (RLPA) is responsible for conducting operational audits and facilitating training meetings in our clients’ locations. The audit examines operational controls, loss prevention best practices, and customer service-related opportunities...

Business Manager
Dallas/Fort Worth Area, TX - posted April 6

Sapphire Risk Advisory Group is seeking a Business Manager to work in the company’s Dallas-area office in a W2 position and will closely partner with other members of the team to manage projects and communicate with contractors, vendors, and clients...

Featured Jobs

View Featured Jobs | Post Your Job

Networking has always been a key to career development and finding that next job. However, if you're not careful it can also limit you, eliminate you and even work against you. If your network is comprised of executives doing exactly what you do, then you may have competition and may even find some working against you. You've got to broaden and expand your network outside your immediate group and establish relationships outside your company and your professional circle. Remembering that quantity is no substitute for quality and, as in any mutually beneficial relationship, what you bring to the table for them is as important as what they bring to the table for you.

Just a Thought,
Gus

Post Your Tip or Advice!
(content subject to approval)

GSX 2022
September 12-14

LPRC IMPACT
October 3-5

Cal-ORCA Conference 2022
October 4-5

CLEAR Conference 2022
November 7-10

See More Events

Recruiting?
Get your job e-mailed to everyone... everyday
Post on our Featured Jobs Board!

Not getting the Daily?
Is it ending up in your spam folder?
Please make sure to add d-ddaily@downing-downing.com to your contact list, address book, trusted sender list, and/or company whitelist to ensure you receive our newsletter.
Want to know how? Read Here

SUBSCRIBE

FEEDBACK

www.downing-downing.com

Advertise With The D&D Daily