Friday, December 30, 2016

Amazon Echo involvement in murder case a reminder of how much our gadgets know about us | The Kansas City Star

Everyone needs to read this article, from that new gadget Amazon Echo to that automatic helper on your phone or computer, they all gather audio from the world around, often just snippets of conversation to very in depth queries that you use to search the internet, or call a friend or voice text a friend. All are recorded and held, sometime for ever. Police have now put this into their game plan, the ability to get warrants when needed for this held information. What is truly interesting is how many people have no idea these voice recording are being stored. Not only stored, but the date time and often location of the data was also stored. Be very careful, but also remember it may be to late, the information is stored and you may have problems. Remember those tax questions you asked your Amazon Echo, or Siri, or Cortana, they may now be available to Investigators if the suspect your are hiding something.
from CTI Consulting http://ift.tt/2il0Eaa
via IFTTT

SimpliSafe DIY Security System Investigation Yields Disturbing Results - Security Sales and Integration

To me this is a hit piece that has been developed to try and push everyone into professional alarm installations. Which if you have the money for, I would also advise wealthy home owner's and businesses to do. It is not certain that a lot of Insurance companies would consider this system not professionally installed as acceptable. But for most home owners and small businesses this alarm system will be more than effective at keeping burglars away. Last year I was asked to review the SimpliSafe system as a stand alone and monitored system. It is not the cheapest stand alone system, and with deals you get for signing longer term contracts, may not be the cheapest of monitored systems. But does it work as an alarm system, yes. Does it work as a quickly installable system by the home owners, yes. Can I beat other alarms systems even professionally installed ones with the same attacks as they are using against this system, yes. SimpliSafe alarms are a great out of the box systems, that a homeowner or even apartment renter can get up and working as a local alarm system very quickly. Yes there are cheaper systems on the market that will works out of the box for local alarms, but for the normal home owner this is one of the easiest. As far as attacks on the system, if high level attackers are targeting you, then most alarms costing 20 times as much will fail as well. Any wireless alarm system can be beaten by the same attacks, as well as most hardwired systems. For EP ( Executive Protection) teams, this is a very usable system that can be set up and taken down as needed in a few min. The final condemnation of the SimpliSafe system was to say it can only work with their monitoring stations, I have used the local output from the simplisafe system to a traditional alarm dialer and it works just fine. Are there limitations to the SimpliSafe system, yes, but most are the same limitations all alarm systems have.
from CTI Consulting http://ift.tt/2hzUa8N
via IFTTT

Thursday, December 29, 2016

Airline passenger details easy prey for hackers, say researchers

TrentonScottH : Expect action when this becomes a problem 4 carriers: Airline passenger details easy prey 4 hackers, say researchers https://t.co/d4Sr3Rzxx6
from CTI Consulting http://ift.tt/2iiljeX
via IFTTT

US v. Shnewer, Mohamad Ibrahim, et al. :: The Investigative Project on Terrorism

This is a statement from the BOP on what was found in the prisoners cell. When Bureau of Prisons ("BOP") officials further examined defendant Abdullahu's cell: they discovered that the metal light switch plate was missing a screw: and that the plate was bent and partially detached from the wall. See Govt. Exhs. C-F. BOP officials found the missing screw on the top bunk of the cell. BOP officials also observed scrape marks on the floor and noticed that the top right comer of the light switch cover had been filed down. and if removed from the wall. could be used as a weapon. See Govt. Exhs. D & E. There also were scrape marks on the floor of the cell that were consistent with the making of a weapon. The BOP officials promptly notified the FBI. Now this is not some manual they had found or a recording of a conversation, this was a switch plate made into a weapon. Now the next time you go through security at the airport or the courthouse just count the number of switch plates along the way, and this is just one thing that can be made into a knife. You sharpen one end and a corner of the plate, leave it in place with one or two screws. Then when the opportunity presents itself, you use the screw or screws still partially in place to allow you to fold over the metal of the plate to make a substantial handle, then pull the plate off the wall and the terrorist is ready to go. Now as you continue to walk down the hall from the screening check point, look for other things that can be used to make a shank or sharp blade. Mirrors are great, break off a corner piece, wrap the one end to make a handle, tape, string, the bottom portion of your shirt ripped off, all can be made into handles for the improvised blade. The point to be made here is that, this is the way the bad guy is thinking, so you need to keep your eyes open as well. In this case a prison guard noticed the wall plate had been tampered with and investigated. You need to keep your eyes open for things out of place as well. Remember just because a person went through screening, it does not mean they do not have a weapon, it means they probably have a smaller weapon, hopefully.
from CTI Consulting http://ift.tt/2iIXjk8
via IFTTT

Wednesday, December 28, 2016

USA v. Cromitie, James, et al. :: The Investigative Project on Terrorism

Just so you can put into perspective what these Islamic Terrorists think of us, this is a transcript of a meeting between Jame Cromitie, who wanted to blow up a Synagogue in New York. He is talking to his friend an FBI informant "CROMITIE: I think, I think eighty five percent of the men in America is cowards. I'm sorry to tell you that, brother. If you got some friends here that's American, your friends is cowards too." Now do you want to take a load of bull from people that think of you this way. We are in charge of our own security, that of ourselves and our family and friends, be in charge. Learn what to look for in how these terrorists live and work, and yes play. Learn how to get them uncomfortable so they will leak their true intentions. Notice when you are noticed for being aware of what is going on around you, remember the only two usually aware of what is going on around them are the good guys and the bad guys. The bad guys will back off any thought of confrontation, like looking back at you for too long. Yet, as soon as they look away within 15 seconds on the outside, they can not help themselves they will have to look at your again. You are the most important person at the moment, if they are on just a surveillance run, then they normally will not be armed, they do not want their big plan stopped by a simple gun charge. But they do not know what you know, pull your phone look at it for a second and then look back at the possible suspect, he has no idea of what you are seeing in the phone, but the paranoia will drive them nuts. Now here is the bad part, the guy or girl acting suspicious could be nothing than a purse snatcher, or a pick pocket, but they will give off the same behaviors for the most part. Now a terrorist cell, he will be looking at his other men, they know not to stand close to each other that would be suspicious, no they will be a bit a part, but keep looking at each other as if to say, do you guys see this, this guy is looking at me, I think he knows something. But then he will have to look back at you to make sure he knows where you are, and then back at his team or cell. You see the same thing when illegal immigrants come into a bus terminal, or train station, they are told to not bunch up, so they are spaced out, but are always keeping an eye on the rest of the guys. So if you detect one, he can not help but tell you the rest of his group. Unfortunately teams of pick pockets have the same give away's. But they are great to practice on. Remember they think we are cowards and will avoid looking at them, that we will all act like sheep, no be aware of what is going on around you and turn the tables on them. That is part of how we win. Good practicing folks and have a great New Year.
from CTI Consulting http://ift.tt/2i9c8zD
via IFTTT

Search :: The Investigative Project on Terrorism

If you are a serious Terrorism researcher for doing your job better, this is the site to use. Mr. Emerson has been on the leading edge of keeping people up to speed on what is going on with Terrorism in the USA and the World. I have had the honor of being on a number of panels and interviews for CNN on Terrorism in the United States. His books are a must read, and his Investigative Project web site is a key way to stay on top of the latest on terrorism. His web site is the investigativeproject.org
from CTI Consulting http://ift.tt/2iqYAwO
via IFTTT

Insider Threats: A Bigger Risk Than You Think - CIO Journal - WSJ

Here is a report and down loadable poster that give you a good start for the new year, as every sector of the USA and the world develops solutions to secure their little portion of the world, Insider threat are still a vulnerability we all have to deal with. As the Economy heats up in 2017, more and more staff are going to be looking to expand and that often means new jobs, which many Staff believe that they will more attractive to other companies if they can bring some useful data with them. Many feel that they have been overlooked and things they have developed for the company is really theirs and take them with them. What ever the motivation, Insider threats are a vulnerability that is tough to deal with, here are some ideas you may want to put in place at your firm.
from CTI Consulting http://ift.tt/1rbqd06
via IFTTT

Tuesday, December 27, 2016

Exclusive: FBI probes FDIC hack linked to China's military - sources | Reuters

CTI deals with the persistent and very hard work of the Chinese Cyber Warfare teams in our ESI course on counter espionage, as well as our frequent talks to business and University clients around the USA. The use old school attacks up to very sophisticated attacks helped by the compromised hard ware the Chinese sell to both business and homes around the USA. One of the most used is the constant amount of Agents the Chinese have in the USA, some hiding as students, businessmen and women, and a huge amount of Chinese Scientific Researchers based in the USA. As one memo discovered in China to its intel agencies says. Gather anything, we need to understand how the USA works to be able to beat them. So in one prong of the attack Chinese stay at hotels all over the Washington DC area, monitoring the free wifi provided. With a little work and using both off the shelf software like Wire Shark as well as their own proprietary cyber espionage software they gather info on both companies working for the US Government as well as trying to bid for new work (very valuable information in bids and proposals) and US Government workers coming to town to work at Government agencies. As these people log onto the Internet with the free provided service of the Hotel, the bad guys watch to see who is logging on and then monitoring the traffic on the Internet of the most promising, if they need help others from other hotels in the area will be dispatched to help capture data. If they can get the Hotel to buy one of their routers that have already been compromised then they are in, even faster and can take information as quickly as it is typed. They can gather all the passwords used to gain access to their companies data, and often passwords used to gain access to Government agencies. If a hotel is determined to be critical to the Chinese Espionage teams, then another firm will approach the hotel to provide them upgraded IT equipment like routers and even web service to the Hotel chain and its clients. Once they can provide compromised IT equipment then they do not really even have to stay at the hotel from then on, they can just monitor the information from China or another location in the US when ever they want. Price is usually the method of entry, they sell compromised equipment some with American Company names on them for between 50% and 90% discount. So if you are a hotel chain, or a university these deals are really a good way to get new equipment. By the way this pricing plan has worked against the FBI, the DOD, even State and Local Governments. US Businesses have often been taken in by these compromised equipment as well. Remember that new router you got for your home this year at a really great price, well you may have been hit as well. What is so clever about this is, we often access our companies email servers from our homes, so if they can get your home router to leak data, then they can get access to your company data. Or the could just wait till you go to your favorite Starbucks and steal the passwords from there. Here is something to try and then drop very quickly. Go into a Starbucks or other place you use their free wifi, now just open up your phone of tablet wifi search, look at the different free wifi services around, then shut down, go back to your car and rename your tethering service on your phone or tablet to the name of the free wifi, like company name X, now just add a 1 or what ever number is needed to name, open it up, then go back in, and see how many people log on to your system, often automatically, now drop the tethering signal quick, before you end up doing something illegal. Now on my tablet I can screen capture all those people that logged on to my tethered open wifi, so now I know the name (usually) machine code (MAC) of the people in the area. Now one FBI Agent that works cyber crime and teaches, often renames his phone tether as ATT pr some other providers wifi name, and then reads off all the phones, tablets, and computers that have logged on to his system. Rather embarrassing, but quickly solved. Go into the setup of your wifi and say no to automatically logging on to free wifi. As you originally set up your phone, lie those one's you just got for Christmas, the setup explains that if you chose to automatically log on to free wifi, it will reduce your data min on your service plan. It will, but then it also creates a vulnerability to your phone or tablet to be compromised. During the hand shake to gain access to the wifi, it can download malicious code to your device. So say no to free wifi, and check your phone for new apps turning on your wifi to look for free service and keep turning it off. You may have to drop some of those free apps if they keep doing it. By the way check your bluetooth as well, it should be turned off when ever not in use. Here is a trick if you notice your battery is losing charge to quickly, check to see if your phone in using a lot of data, that does not make sense, you may have been hacked.
from CTI Consulting http://ift.tt/2i2Ib4r
via IFTTT

ISIS arrests in Northern Virginia reveal jihadi threat near seat of U.S. government - Washington Times

This is a must read and if you live in the DC area, gives you a glimpse of what is going on around you, and continues. For the rest of us it is a warning that all is not as well as folks think. We have Police, in this case Metro Police the police that cover the huge subway systems in Md, Va, and DC, sort of the perfect insider. One he gets counter terrorism training on a regular basis, he gets sensitive briefings of suspected terrorists and the attacks they are planing. The Police man also gets to carry legally in three districts and two states with a badge. Can you imaging this guy coming up to a security guard in uniform with a badge and gun, he would be able to talk his way past virtually all private security. You have bank managers, security consultants to the Federal, State, and Local Governments. You even have to worry about your Starbucks server. It is going on out there and we all need to pay attention to suspected moves by anyone. Yes, they do live and work among us, most blend in rather well, but all are not that hard to detect, if you know the basics of Counter Terrorism Awareness programs. If you need basic training info, so you can train your staff, or your security guards, drop us a line at CTI, we can either lead you to the proper information, or send you very brief power point courses you can use. If you would like CTI to provide training, once more get in touch with us.
from CTI Consulting http://ift.tt/2hsjLlq
via IFTTT

Sunday, December 25, 2016

Terrorists want to destroy our cities. We can’t let them | World Economic Forum

As we approach another year, please remember Terrorism is a problem, but not something the vast majority of us will ever have to face. Criminal elements are also a problem and once again, it most parts of the US if you stay out of high crime areas, your chances are pretty good to not have to face that problem as well. But if you take some simple awareness training, it will increase your chances of being able to avoid even more any chance of getting evolved in a crime or terrorist situation. Have a happy New Year and please be safe.
from CTI Consulting http://ift.tt/2hf5m7i
via IFTTT

Saturday, December 24, 2016

Europe on Christmas high alert after truck attack in Berlin | Reuters

Europe is restricting heavy truck and Van's in city centers all over, but even a small car can do a lot of damage. If you go back to one of the first vehicle attacks in America, it was in Canada and the attacker used a car to attack soldiers coming off duty and walking along the highway. In running scenarios for one transportation authority with a large engineering company, we found that even a small VW could produce enough kinetic energy to do damage to facilities load bearing structural framing. This translates to having more than enough energy to kill multiple people, it chance of doing as much damage is of course lower, but if that is all that is allowed in the City Centers than it would work. And we all need to remember soft targets, if a City Center is not accessible, then they may change the targeting to smaller less populated events. In many rural areas pilgrimages are made from one holy site to another ending up in parades of people walking along highways and streets, a perfect target for one of these attackers. Remember if you are in of these events, keep your eyes open and a look out for suspect activity, as well as places to run to that could not be accessed by a fast or slow moving vehicles. Remembering the side to side movement of the attacker's vehicles slows it down, so the more off to one side or another of the attack, the safer you will be. Most people that fell victim to these attacks had no idea of the attack till they where hit. Go to the event of your choice, but just keep your eyes and ears open for suspect activity and be ready to move at a moments notice. And have very Merry Christmas and a Happy New Year.
from CTI Consulting http://ift.tt/2hByTsN
via IFTTT

Texan Accused of Smuggling, Kidnapping, Raping Migrants

This case started in Leesburg Va, or in El Salvador and ended near McAllen Tx. with the arrest of a Cartel connected Texas man who as part of an illegal smuggling of people ring would rape women passing thru his hands, and demand more money from the families of the victims, before sending them on up North. People and even Police often tend to think of the Cartels as only drug dealers, they have branched out into many other things like human smuggling. Like any criminal enterprise the people paid to smuggle the victims are paid a certain amount, in this case the stop near McAllen on the USA side of the route was handled by a Texas man who wanted a bigger share for his trouble and had a side line of raping the women he dealt with. Not that this does not happen the majority of the time, most human smugglers make the victims pay and suffer, in many cases they will be held as basically slaves, working as field hands, or cleaners, or prostitutes till the victims have paid their way to the local handler. Then in most cases they will be passed through to the next set of handlers, which could mean the game starts all over again.
from CTI Consulting http://ift.tt/2hDSWd7
via IFTTT

News from The Associated Press

Snowden thought our American Intelligence system was bad, here is what bad looks like.
from CTI Consulting http://ift.tt/2hmo0PA
via IFTTT

Friday, December 23, 2016

Hackers Suspected of Causing Second Power Outage in Ukraine

As we face the new year expect more of this type of cyber attacks. The power stations and to a great extent all of the power grid are partially controlled by various SCADA systems, and has always been an attractive target for cybercrooks, given the success of Stuxnet malware that was developed by the US and Israeli together to sabotage the Iranian nuclear facilities a few years ago, and "Havex" that previously targeted organizations in the energy sector. We know China has built power stations modeled after some of ours, and that they practice attacks on the constantly. They have also built water filtration systems modeled after some of ours to practice on as well. Add to this one insider that can insert malicious code into our power, or water, or hospital systems and you have a great chance of bringing those systems down. In a power grid if the attacker picks the right power stations and or switching systems to attack, then they can bring down huge sections of our power grid. I think the worst so far was a five state grid drop. In the Ukraine with tensions as high as they are between them and Russia, can you imagine the havoc Russia could cause just before or during and invasion of Ukraine. Of course it is not just Russia contemplating how to use Cyber attacks to increase the chances of a military conventional attack. Every major power is heavily invested in these type of attack planning. Yes including the USA, but for all you conspiracy types out there, the USA has had ways to non nuclear destroy our enemy and has not done so,, we are the good guys. But back to the insider or the Snowden type traitor, this is in many cases the tipping point. You get up to the point of almost being ready for an attack, but you need that next step, that is when the insider makes it all work. I am sorry but really the only way to stop the insider is for each of us to recognize the changes in our fellow workers, or just people we see in our daily lives. We always seem to recognize the clues after an attack, we just need to understand what the clues are before the attack.
from CTI Consulting http://ift.tt/2h8Z2Bx
via IFTTT

Thursday, December 22, 2016

Exclusive: ISIS Puts Out Holiday Attack List Of U.S. Churches - Vocativ

CTI is still looking for that list of Churches, but according sources, the list was just pulled off a Web based list of churches, so I would look more for soft target churches that maybe attacked. This is like the list of over 8000 people target earlier in the year. Not a lot of credibility on ISIS actually hitting those people, and in fact both ISIS and AQ have put out the type of people they want, which is people of power and or wealth, and left it up to the home grown terrorists to pick the actual target. More to the point is the terrorist steps to deciding the target, remember soft is better for them, so if we do nothing more than have people, and it could be any citizen or a trained Executive Protection type, or police, to step up a presence so that the terrorists go pick another softer target, this will keep up all safer. Those trained to look for people conducting surveillance, or security testing, or trial runs, can also spend just a little time at a local church to look for these actions, and then report to the police your suspicions. These are the things that will keep us safer, add to that our mental planning of how to evade an attack will allow for everyone to have a happy and safe holiday season. So go about your holiday functions, like churches and parties, but just keep an eye out for the bad guys, and we all will have a Merry Christmas and a Happy New Year.
from CTI Consulting http://ift.tt/2hW6z5g
via IFTTT

Wednesday, December 21, 2016

Are We In a New Era of Espionage? - Defense One

Yes, we are, but it has been coming and developing for over 10 years. Many will say much longer, the first and second Bill Clinton campaigns had email issues and a lot of Chinese money at play. It even had a bit of Chinese government sponsored attempted vote rigging, it is said attempted, mainly because there never was an investigation. In the years of the Reagan Administration, we constantly were under attack from the Russians, some Chinese, but mainly Soviets and then Russians. Even in trips to other countries our main threat would always be the Soviet/Russian teams. They were targeting typewriters, digital information showing on computer screens, some network attacks back even then. A lot of it we knew about because we were attacking them the same way. As are we the Russians and Chinese now, it is only good business, and as most spies will tell you business is good.
from CTI Consulting http://ift.tt/2h56dIh
via IFTTT

Fitness tracker Christmas 2016 could bump up insurance premiums and leak personal data on the dark web

Beware of those Christmas Presents, they can come back to cause you a lot of grief. In the internet of things (IoT) it is possible that the new Christmas Gift will be used to hack into your computer systems, and or any cloud accounts you may have. If you have questions, please comment on this post, CTI will attempt to see if what you have, could be a problem.
from CTI Consulting http://ift.tt/2hLubtd
via IFTTT

Philosophy of Security | Free Listening on SoundCloud

Here are some of the older podcasts
from CTI Consulting http://ift.tt/2iaxGg6
via IFTTT

Berlin attack: Police hunt Tunisian suspect after finding ID papers in truck - CNN.com

There is a lot to learn from the investigation into this attack. One he was already being deported they just could not find him, how many millions do we have in the USA that are on the list for deportation and we can not find them. This attacker was stopped with bad Identity papers on his way to Italy, and a Judge let him go. The truck was hijacked hours before the attack, this would probably beat the ring of steel camera system in London, since it was not reported stolen or even missing when the attack happen. So we have a stolen truck, and driver that was already suspected of having Islamic radical ties, and was to be deported. Can this happen in the USA or, France, or London, yes. The set up in all three countries are vulnerable to this type of attack. Awareness is key to keeping you and your loved ones safe from this type of attack, since we know the Police can cover all events, and the bad guys are looking for soft targets. Here are some quick points on using awareness to help keep you safe in events like this. http://ift.tt/2h2kX9S
from CTI Consulting http://ift.tt/2h8yG2r
via IFTTT

Philosophy of Security

Time permitting, we will start this again in January 2017
from CTI Consulting http://ift.tt/2iaxGg6
via IFTTT

Tuesday, December 20, 2016

News Release: DHS S&T CALLS FOR ANTI-JAMMING TECHNOLOGY SUBMISSIONS | Homeland Security

As more and more jamming devices come on the market, the DHS is looking for device(s) that are anti jamming, or at least will allow first responders to locate jamming systems quickly so they can be shut down. This should be easy to do and to find, in fact the little RF bug detectors ESI provides to the students of the Counter Espionage Course will find jammers quite easily since they have to be powerful enough to hit the wifi and cell sites, as well as jam radio broadcasts.
from CTI Consulting http://ift.tt/2h9WMvc
via IFTTT

What You Can Do When There Is a Bomb Threat

Bomb threats are happening more and more, here is a bomb threat video that is very well done, that we can all use to make us and those around us safer. https://youtu.be/pg7yVTBciWg
from CTI Consulting https://youtu.be/pg7yVTBciWg
via IFTTT

Berlin carnage witnesses recount horror, lucky escapes

Police and Security the world over are making changes and coming up with plans to counteract this type of attack. But remember the terrorists are being told to find soft targets that allow for the same effect, IE body count. We all need to be aware of what is going on around us, and make our own plans to survive this type of attack. If we see situations that look like they would be targets for this type of attack, look for ways to protect your self if something happens. Big trees can stop or at least alter the attack route of these vehicle attacks, so can other cars and trucks, just remember the vehicle you are hiding behind can move as well if hit, and could cause you grave injury, so keep a distance from the protective barriers. Trucks and even car's (which have been used in these attacks as well) have somewhat limited turning capability so any movement to the left or right of the attack can both slow down the speed of the vehicle as well as get you out of the direct line of attack, remember the driver wants to cause as much death and damage as possible, so if you are a single or very small number of people, the attacker may well determine that looking for greater numbers of peoples (victims) is the better idea. Remember most hit in both this attack and in the Nice France attacks had been people that had no idea of the attack as happening. So just keeping you awareness up may help you the most. Another is to have a plan to get safe quickly is key, your chances of just standing in place like a deer in the headlights are must higher if you do not have at least the thought of a plan in your mind. It is just like the active shooter situation, the most people killed are the ones standing in place or even dropping to the floor and staying in place, have a plan to move to a better safer location in your mind, when you enter the movie theater, or the mall, the bar, the restaurant, your office or even your home. Having just that mental plan gives your mind options that it can act on. So think the same about this vehicle attack, go enjoy yourself this holiday season, but think of how you will act if an event happens, run it though in your mind so it knows it has options. Merry Christmas to all and a Happy New Year.
from CTI Consulting http://ift.tt/2gXxLhZ
via IFTTT

Union: Suspect with a knife charged Pharr police officer, shot dead | KGBT

Knife attacks are some of the most deadly anyone including a Police Officer will face. The FBI has given different numbers over the years, but suffice it to say you are more likely to die from a knife attack than a gun. In Police training officers are taught the 21 foot rule, that an attacker with a knife is almost impossible to stop, if, the Police Officer has not drawn his weapon, the officer can not get something between the attacker and the officer. I have been trained and trained Police and Bodyguards using a magic marker as the knife, it shows you how difficult to be in a knife fight and not get hurt. That 21 foot rule has variations if the attacker is well within the 21 feet before you see the knife and none are good. Trying to even draw a weapon when with in say 9 feet is almost impossible, the attacker will be on you before that happens. Running, getting something between you and the attackers and then going for the weapon is considered the only real way to survive the attack. Others say having a knife yourself is the way to go, but still if the attack in on the way, and only a few feet away, even going for the knife at your belt will probably be to late. Most Police trainers will tell you they can defend against a hand gun or rifle easier than a knife. As long as the barrel of the weapon is not pointed at you, it can not hurt you, not so with a knife. There are a lot of other factors that come into play, the ability of the attacker, most tests I have seen have been with convicts attacking Police Officers, and they in most cases have more than experience in attacking with a knife. Many say the type of knife is critical, but even a one inch blade on a knife can sever critical blood lines running near the surface of your body. People can bleed out in single stabs or slices with a very small knife or handmade knife often called a shank. Female attackers have often used small folding blades to attack men and other women near the groin area, with the victim bleeding out before they really realize they have been cut. Chairs and other objects have been used to prevent or at least delay knife attackers with pretty good success. Many martial arts teach surviving a knife attack, but I certainly would not bet on it working. Even trapping the knife hand often allows the attacker to move their wrist enough to cut tendons and blood flow areas of the defenders arm or hand. You can survive these, but you will usually get cut up doing it. Which is a lot better than dying from the attack, but running or getting something between you and the attacker is a better option. Shooting them is another option, and if the officer or citizen is in an area that the person can hurt them or others, should be considered justified.
from CTI Consulting http://ift.tt/2hPZG5q
via IFTTT

Friday, December 16, 2016

How the Brain Processes Different Types of Content [Infographic]

This is a good info graphic to go thru, as we all get ready for a new year, knowing how different people process different content is valuable to know.
from CTI Consulting http://ift.tt/2gSSqbO
via IFTTT

North Korea conducts mock raid on South Korea

This is not a good thing, and does not portend well for the next year. The North Koreans actually attacked the South Korean Blue House ( their white house) back in 1968 in an attack a lot like this drill.
from CTI Consulting http://ift.tt/2gA0ZrS
via IFTTT

Risk & Insurance

These case studies do have a bit of vendor bias, but are very informative. The one on snow removal contracting is right on time for a lot of the cities around the USA right now. Plus once you log in, you will receive these case studies in your email. I do not use a lot of them, but some of them are very timely and right on point for what I am facing at the time.
from CTI Consulting http://ift.tt/2hslWnJ
via IFTTT

News from The Associated Press

Probably the biggest take away here is that the E-Cig is that flammable, should it even be on airplanes. This should require some more testing.
from CTI Consulting http://ift.tt/2hOsuhE
via IFTTT

How to Hack Apple Mac Encryption Password in Just 30 Seconds

Here is the problem with Mac getting enough of the percentage of computers out there, they are now more of a target.
from CTI Consulting http://ift.tt/2hWwtES
via IFTTT

5 Ways E-Discovery Will Change in 2017

Here is a good article on what to expect in E-Discovery in the coming year. If you are not conversant on E-Discovery you really should read the article and the key points will jump out, but you do need to be at least aware of E-Discovery and how it can come back to bite you, even if you are just a small part of an incident that gets legal attention. It is sort of like a wiretap of your data, after the fact, so watch what you write, even look at in some cases.
from CTI Consulting http://ift.tt/2hrSm1Q
via IFTTT

Blockchain 101 for the Non-Techie Lawyer | Corporate Counsel

I think we are all going to see more of this type of data base, given the security it has and the ease of use, once you have it available. Adaptable,Nor is there a high chance of a cyberattack, he added, given that the technology is protected by “strong cryptography in way that no other [database] has historically been able to be protected.” The bitcoin blockchain, Santori noted, “has been running for almost seven years now, and it’s never been breached, never been hacked.”
from CTI Consulting http://ift.tt/2gSJJN9
via IFTTT

Thursday, December 15, 2016

http://ift.tt/2hBhxgx

As we end this year, many are preparing for the new year with hopefully new job prospects. The Internet of Things or IoT is a wide open career field for anyone in the security field. Here are 11 different fields that are being affected by the IoT and every one needs security people that understand the issues involved. I am old and still I am looking at this field as a place to make money, I think you can as well.
from CTI Consulting http://ift.tt/2hBhxgx
via IFTTT

How To Get a Job: Secrets of a Hiring Manager — Ask a Manager

As we get near the end of the year, that new job you are looking for, or that career change is out there waiting for you. Here is some help you may want to use, many libraries have copies available, or it is well worth the purchase. In full disclosure this has been written by one of my two wonderful daughter's-inlaw, but it is well written and has been a big help to many folks, I hope it will you as well, so have a merry Christmas and I hope a wonderful New Year, with a job you have been looking for.
from CTI Consulting http://ift.tt/XPtrpz
via IFTTT

There have been over 1000 terrorist attacks in the EU in 2015 and the number just keeps going up, the challenge is not just in the USA as many think. The EU is set to spend over double for security than it did in 2014, and no one know where it is all even going at this point.


via CTI Consulting http://ift.tt/2hzjVqh

CBT has been around for a while, but its use and practice are really being used in the criminal justice arena more and more. I use what I have learned from my CBT training to help with my interview skills, in fact a whole new interview skill set has been developed around CBT principals. Perhaps no other intervention has attracted more attention across the criminal justice system than cognitive behavioral therapy (CBT). First widely used in the latter half of the 20th century, as large numbers of people with mental illness were deinstitutionalized and treated in community settings, CBT has since found its way into nearly every aspect of the justice system, often supplementing or displacing other programs and interventions. Practitioners today use CBT to reduce recidivism among adults and juveniles; help victims deal with the aftermath of crimes; and address substance abuse, depression, violence and other problematic behavior.1


via CTI Consulting http://ift.tt/2hBOVDj

Police arrest Heathrow baggage handlers as £10m cocaine smuggling racket is foiled | Daily Mail Online

Insider threats are the biggest issue we are dealing with these days as many other vulnerabilities are being dealt with or at least some solutions are being developed. These insider threat issues have plagued every DHS critical sector risk analysis since the start of DHS. It really first came to light back in the 80's when 13 attack scenario's had been developed for Nuclear facilities. A number of the scenario's had dealt with insider threat issues. In the end since no real solution could be recommended, they did away with them. Later 13 similar attack scenarios where given to a number of aviation security companies to include the US Navy to test. CTI was one of the firms selected and we ran into the same issues the Nuclear security folks had, Insider threats are tough to stop. The best solution is each of us keeping an eye on our fellow workers to see if they are having changes in life that may affect security.
from CTI Consulting http://ift.tt/2hBtS3E
via IFTTT

DoubleTap Defense - Creators of DoubleTap™

Interesting little hand gun, two shots in the barrel, the two at the bottom of the picture are reloads stored in the handle of the weapon. It has a 9MM version that I would probably use, just because of the recoil with the small gun.
from CTI Consulting http://ift.tt/2hSEA5j
via IFTTT

Trump team surveying border | Local News | themonitor.com

Having dealt with these aerostats in Israel they can be effective in detection and we do have a lot of that now along the border, but in Israel the response is almost immediate, and the places for people crossing the line to hide are not nearby like they are along the USA border. The fence of some other type of delay, like the river itself in some places is needed to make the camera or other sensor system surveillance effective. The delay is needed to allow for a response to be able to get to the problem before they fade into the community.
from CTI Consulting http://ift.tt/2hSyxxD
via IFTTT

Campus Police Officer Involved in Fatal Baltimore Shooting - Campus Safety

This was well handled and shows the positive effects of the Campus Police Officer's and the pulses they bring to the community at large.
from CTI Consulting http://ift.tt/2gFwuvQ
via IFTTT

guys in the pic are Tomas Yarrington former Tamps gov and DEA fugitive and Enrique Pena Nieto the current prez of mex , now if I am a President of Mexico I would not be in a car with a known DEA fugitive, but that's just me :)


via CTI Consulting http://ift.tt/2hB2d33

Simple Bug allows Hackers to Read all your Private Facebook Messenger Chats

Here is a scary one for a lot of that use facebook messenger as a way to converse quickly. I have never put this on my tablet or phone, I had heard the app for Facebook Messenger had been hacked, but this one is your regular browser on you PC.
from CTI Consulting http://ift.tt/2gPiClU
via IFTTT

Yahoo Admits 1 Billion Accounts Compromised in Newly Discovered Data Breach

Be aware, this is just being reported but the hack happen back in 2013 a year before the last big Yahoo hack in 2014. I think if many firms like Yahoo went back and looked they would have some serious breeches as well. Most just want to ignore what may have happen in the past, so are not even looking. There is still the big rumored hack of the Affordable Care Act data base back in the first year of the online startup, that no one wants to talk about.
from CTI Consulting http://ift.tt/2hB06fJ
via IFTTT

Major West Coast Sports Facility Installs Alvarado’s Suite Access Scanners - Alvarado

I have not tried this product, but it could be a great help to EP teams doing special events and such.
from CTI Consulting http://ift.tt/2hAX9eM
via IFTTT

PLAICybersecurity161212.pdf

Here is a white paper on How a Standard Interface Heightens Cybersecurity Here is a well done white paper for perhaps the next level of cyber security: Measures using Location Data A white paper for corporate security system integrators, location data has been a part of older security protocols, but it looks like it is becoming a factor again. Once again not a silver bullet, it can be defeated in a number of way, but if you add it to other security measures as outlined here, it does offer another level, that maybe enough for the bad guys to go somewhere else. It hearkens back to another old USSS proverb that you often can not protect something 100%, but you do want to make it harder to hit you than someone else. I have often used it in risk assessments, we need to make our client the hardest of the folks in the area to hit. Here PSIA is doing the same thing adding location as another security measure.
from CTI Consulting http://ift.tt/2hzPRbC
via IFTTT

CTI Consulting

Ugh!
from CTI Consulting http://ift.tt/2gMyTtF
via IFTTT

IT HAPPENED AGAIN: Yahoo says a billion user accounts were stolen in possibly the biggest hack of all time

TrentonScottH : Stop reusing passwords, delete old accounts, and use 2-factor authentication: One billion Yahoo accounts info stolen https://t.co/c6MigxY0G9
from CTI Consulting http://ift.tt/2gMyTtF
via IFTTT

Wednesday, December 14, 2016

Metro Red Line bomb threat highlights vulnerabilities of rail systems to attack

Sort of the hidden fact is that rail and light rail systems are successfully attacked more that aviation. One reason it stays hidden, is that we do not have a lot of answers for many of the vulnerabilities rail faces. Having worked with Rail security over the years, it has always been the under funded and least understood vulnerabilities of the transportation sector. Targeting can be everything from rail hubs to small platforms out in the country. Add to this the problem of the rails themselves. Back when I first studied explosives, rails was considered a major target. The Military on both sides of both WWI and WWII concentrated on rail lines for both attacks and trying to prevent attacks. One of my first technical assignments was to determine the proper spacing of explosive charges along rail tracks to damage a train. We had to conduct these for different sizes and gauges of track. In the US Secret Service most if not all Specialists had to go to Rail Security schools to understand a lot of the vulnerabilities. Of course we did the same for boats and ships with schools the Coast Guard provided. Bomb threats for rail has some unique problems, while developing bomb threat plans for Rail Companies for the IACP, we had to develop evacuation plans, most had to deal with the issue that you did not want the train to come into the stations for fear of hurting more people, but off loading passengers outside a station is not all that safe as well. The risk analysis could become tricky. But for those working these venues it takes some real professionals to keep us all safe.
from CTI Consulting http://ift.tt/2hgvXSn
via IFTTT

Police Expect Trump to Lift Limits on Surplus Military Gear - ABC News

This will be a great help to many cities around the USA, small Police Departments will be the most helped. They just do not have the money flow to even consider buying this gear with out programs like this.
from CTI Consulting http://ift.tt/2hrTHGL
via IFTTT

Indiana town without a police department after every Bunker Hill officer quits | Fox 59

Here is a chance at employment, but be careful what you ask for. They are hiring a whole new Police Force, but I would take a hard look at the employment contract. Still if you just need to get that hole punched in your resume, this maybe the answer. Once it winds through the courts I am pretty sure the old team will get their jobs. back.
from CTI Consulting http://ift.tt/2hswpgG
via IFTTT

Tired of abductions, Mexican townsfolk kidnap drug boss' mom | The Star-Telegram

I would expect to see more of this since it seems to have gotten a response from the Mexican Government. Sort of the Soviet style of negotiations with the Iran kidnappers years ago. Grab the opposition family members and negotiate from there. The problem is if you hurt one of them then the Cartel revenge will be brutal beyond belief.
from CTI Consulting http://ift.tt/2hsTRue
via IFTTT

Army recruiter admits funneling guns to drug cartel - San Antonio Express-News

Good catch, this is just not a small thing, representing the US Army and selling to the Cartel's Yes the number is small in the great scheme of things, but you know the Cartel was telling everyone that would listen that they had an Army guy in their pocket, probably insinuating they had more. This over on the Mexican side and the US side is part of an ongoing propaganda war that the Cartels are winning. When you tell some citizen with perhaps a financial problem, that it is not that big a deal, even the army is providing us with weapons, that goes a long way.
from CTI Consulting http://ift.tt/2hvx94w
via IFTTT

Tuesday, December 13, 2016

From glamour to gunfire: the tourist city of Acapulco torn apart by violence | Cities | The Guardian

Tourists are still flocking to Acapulco, and many other spots in Mexico, but the violence continues.they have Police and Military everywhere, yet an assassin walked into the city hall building and killed a Government official the day before, two people where killed on a beach front bar patio, shortly after the assassin got away from the first shooting. It is actually amazing that people still go there for vacations, but they do.
from CTI Consulting http://ift.tt/2hpWmxj
via IFTTT

Feds: Cars must be able to talk to each other

It is like a lot of things, it sounds like a great forward advance, but leaves these vehicles open to cyber attacks that could be far more devastating than any good that could be done. Bad guys are already finding ways to make cars that have automatic breaking, break anytime they want, and that is just playing games with the sensors, not a cyber attack. If people want to do this, I think it should be there call, not a Government mandate.
from CTI Consulting http://ift.tt/2hpmr2c
via IFTTT

Apple Store robbery in 15 seconds: GIF, VIDEO - Business Insider

Actually the store staff is doing what they have been taught, and is what most stores teach now day, let it happen, do not get yourself or our customers hurt. In most cases even store security it told to do the same thing, most of the items can be turned off remotely, they may sell to street folks that do not know that they are stolen and tracked or turned off or both. But even clothing stores handle thefts and shop lifting in the same way, keep customers as safe as you can, as well as the staff, and let it happen. Cost analysis so far points to this being the cheaper way of handling it. Now a small mom and pop store could go out of business with a theft like this and may well handle it differently, but the bad guys normally know the game and pick bigger named outlets that they maybe arrested later, but will not get hassled during the theft.
from CTI Consulting http://ift.tt/2geP51J
via IFTTT

Monday, December 12, 2016

Aviation Cyber Security, so far in the last two years we have had planes go down, with out rhyme or reason, some experts point to cyber security, GAO has warned us of the vulnerability, and cyber security researcher has actually taken over planes in the past, in fact issuing a climb command, and the aircraft responded. • The U.S. Government Accountability Office warned in a 2015 report that someone could potentially use a laptop to access aircraft avionics systems and take control of an aircraft’s on-board computers.12 At around the same time, a cybersecurity researcher admitted to the FBI that he had hacked into inflight entertainment systems aboard aircraft 15 to 20 times between 2011 and 2014 — at one point, issuing a climb command to the aircraft on which he was traveling.13


via CTI Consulting http://ift.tt/2hwHkJB

Sen. Charles Schumer Calls for All Transit Workers to Be Cross-Checked Against Terror List - WSJ

I think it is a good idea, tho I am not sure what the next step is at this point. All transit workers is a broad term, cleaners, shop owners, are all part of the transit worker cadre, and in an airport environment would normally be checked against the list. But there is also a regulated party involved, the airport, who are the regulated parities at a train station, or bus station. It actually is a thorny problem. The next problem is at an airport even a ship port, once you leave the port your threat to some extent is lowered. On a bus or a train, the threat is probably even greater. Train rails can be damaged, buses can be attacked along the route. The other issue is all the little train stations along the route, or the bus stations along it's route, there are just two many to secure.
from CTI Consulting http://ift.tt/2hC2xO5
via IFTTT

Sandy Hook Ad Shows Role of Community in Preventing Gun Violence - Campus Safety

Interesting, I did actually take another look at it, and I am not sure I would have made the connection, nor felt enough was there to call in the authorities. But any awareness video is good to learn from, so take a look.
from CTI Consulting http://ift.tt/2gyixEC
via IFTTT

DHS plans lockdown of fridges, cameras, cars

Some say it maybe to late, but as the Christmas season is upon us we need to be aware of the vulnerabilities some gifts can cause.
from CTI Consulting http://ift.tt/2fX1FWS
via IFTTT

The protection of our Power Grid is getting more and more difficult. This is just looking at the cyber security side of it. Plans for cyber security of our water and waste water facilities are also being developed. One of the big concerns is that with the Federal Government looking at all these big issues, how are our financial, medical and manufacturing groups doing. Here is the PDF developed so far for just the Power Grid Cyber security. http://ift.tt/2hmKaNI


via CTI Consulting http://ift.tt/2hmbHlf

This is a draft of the Cyber Risk the Medical industry faces. The vulnerabilities of medical devices hooked up to the internet is so problematic, that this draft has been released. Not something the Govt. does very often, but should point to the risk we are facing in the Medical community. file:///C:/Users/Fast/Desktop/Post_market_cybersecurity_draft_guidance.pdf


via CTI Consulting http://ift.tt/2hm3XQs

More and more vehicles are being controlled by small computer type systems. The field of securing these vehicle is expanding virtually every day. Here is a great way to get a real look at the problem in a very in depth way. file:///C:/Users/Fast/Downloads/812333_CybersecurityForModernVehicles%20(1).pdf


via CTI Consulting http://ift.tt/2hm6H04

Cybersecurity Post Market Guidance

Medical devices are part of the ever growing Internet of Things, this is a very comprehensive look at Medical devices, how they can be abused by Hackers, and some ideas on how to stop them. It is a must read for anyone in the Hospital or any Medical field.
from CTI Consulting http://ift.tt/1n17jqT
via IFTTT

Beware of New Celebrity Sex Tape (Scam) Leaked on Facebook!

Be on the look out for a number of scams during the Holiday season. When at an FBI training venue they had me sit at a computer, sent me an emails with the picture of Santa sitting on top of a house. As you clicked on the Santa he dropped down the chimney, in that little animation they had taken over the computer I was sitting at, to the point of sending emails from me, as well as turning on my web cam to watch what I was doing, all with out any outward sign they had done anything to me. Beware this season the scam's are getting better every day.
from CTI Consulting http://ift.tt/2hpY0PQ
via IFTTT

7 killed in Tanker Train Explosion | Industrial Equipment News

I always worry when I see tanker or gasoline explosions, can happen, not really an explosion but a real fast spreading fire, but to many it looks and feels like an explosion. In this case another factor has been added, Liquefied Natural Gas or LNG as most of us know it by. This expands so rapidly that it can mix with air enough on it's own that it even takes on more of the look and feel of an explosion. In fact as it releases into nearby structures, it takes on the effect of a Mechanical Explosion. LNG is dangerous stuff and can be devastating when it releases and then ignites, still it is an expanding gas and much slower than explosives like TNT that detonate, it has more of a pushing effect than a cutting effect. Have a happy new year. and Merry Christmas to all.
from CTI Consulting http://ift.tt/2gRJ5wF
via IFTTT

How to Protect All Your Internet-Connected Home Devices From Hackers

I have not tested this device yet, but I would imagine many more like it will be offered soon. IoT devices are hitting the market place in droves every day, I would imagine that during the Christmas gift giving season many homes will receive many more. Bit defender comes to the table as an established security firm, and I would like to test this one, but the recommendations at the end of the post are great ways to get your Interned of Things under some control at least. Offices are not immune to these attacks, and need to be analysed constantly for vulnerabilities. The makers of these devices can be suspect, but more importantly is that the makers of these devices for cost tend to use chip sets in them that are made my very suspect companies. I would suggest that in many cases you do not let the device link to your router that has internet access. Link them to old routers that you only use internally to your home or office, it restricts a lot of the services the IoT device can preform, but it also takes away the biggest vulnerabilities of them.
from CTI Consulting http://ift.tt/2hlY4Qh
via IFTTT

Saturday, December 10, 2016

Exclusive: DHS Says Georgia Hack May Have Been Rogue Employee | LifeZette

TSA and Homeland Security consider insider threats to be the biggest vulnerability that we face, it looks like they may want to look at home a little closer. Earlier this year they had a rogue employee bring a weapon to work and threatened other employees with it. We all need to stay aware of the insider, they know most of our security and the ways past it.
from CTI Consulting http://ift.tt/2hiQsP5
via IFTTT

Washington, D.C. Cybersecurity Tech Companies Are on the Rise | DC Inno

For those looking at the new year and what it could bring for them, pay attention to this career path. From everything the experts are saying cyber security is only in it's second generation, with a third an even more profitable one coming up. When I started in cyber security PC's did not exist, but soon came on the market, from market moves the next generation of computing is on the skyline, and with it will come even more new cyber security issues. Anyone looking for a fast paced and interesting field, this will probably hit all the marks. You have different areas in the field to look at, the cyber software is one, firmware could be another or mixed field, but there is still the physical security of the systems and offices that house them that are often neglected, and is a growing field as well.
from CTI Consulting http://ift.tt/1QinnRU
via IFTTT

Armoring Small Vehicles - International Security Driver Association

Great Article on the pluses and cons of armoring small cars, a must read if you are contemplating armoring a small car or buying one already armored. The word on the street is than the majority of armored vehicles made in Mexico are not well, and can actually be dangerous to drive. Armoring cars is not just something you do with a few pieces of armor and a welding torch. In many cases EP teams are faced with armored cars owned by clients, so they have to make the best of what they have. There are some low speed driving drills that can get new drivers an idea how the car works and can handle. There is a past post in the Philosophy of Security Blog. www.ctic.co that references another ISDACENTER.ORG article and develops some testing drills.
from CTI Consulting http://ift.tt/2gxu31w
via IFTTT

Distributed Guessing Attack to hack VISA cards in just six secondsSecurity Affairs

Here is something to make your Holiday season a little scarier, it luckily is not as easy as it sounds, but Merry Christmas, another holiday season of scams and thefts awaits us.
from CTI Consulting http://ift.tt/2g4XKXt
via IFTTT

7 Special Event Security Practices for the Executive Protection Program Manager - AT-RISK International

Very good post for everyone in the field, well worth the read.
from CTI Consulting http://ift.tt/2hgZXRf
via IFTTT

EP professionals, become an expert in your city | James Cameron, CPP | Pulse | LinkedIn

Great points here and good use of that time between those assignments. One of the things that can make you advantageous to teams coming into your town is local knowledge. Read this post and make the most of it. Good points here from an EP Pro that is letting us know some of his, Thanks Mr. Cameron.
from CTI Consulting http://ift.tt/2gpxp8c
via IFTTT

Friday, December 9, 2016

Kevin's Security Scrapbook: TSCM Team Finds "Plug Bug" Eavesdropping Device

Kevin has a report on a new find we should all be on the look out for. It appears to be a variation on a parasitic bug that uses some version of a cell phone.device. I have seen one that used IP phone connections, but a cell is a new twist. It appears to be sold as a security device, which in some ways it is, so legal in some areas. I would think it would be hot to the touch even when not active but plugged in. A heat seeking instrument or Flir camera should be able to find it easily, as should an RF detector that works well with cell phones.
from CTI Consulting http://ift.tt/2h6Wbt6
via IFTTT

Man charged in connection with murder in Donna along Expressway | Local News | themonitor.com

The Shooter was in the USA illegally and the fear from Police was that if he knew they had him in their sights, he would cross over the border, as others have in the past. The hope here in the Valley is that since this has been labeled a drug related incident, it will be put on the back burner. The victim crashed his car in the end, think if he had hit people waiting for a bus, or walking along the street, or hit your car forcing you off the road. To many people have this view that as long as they do not participate in the drug culture, they are safe, and the Police often take the same view. It is a view in the end that tends to glamorize Cartel hit men, and down plays the danger these people put the citizens of the USA, Texas, and the RGV in, daily danger as they live their lives.
from CTI Consulting http://ift.tt/2h6ftPp
via IFTTT

Thursday, December 8, 2016

How Crisis Intervention Training Helps Police Deal With the Mentally Ill | Wellness | US News

Police Departments the world over are taking training to help them deal with the Mentally Ill, in the Rio Grande Valley of Texas, a number of Police Departments have taken these courses and try to have someone on duty at all times that can be called on to help during an incident. They have even helped nearby Police Departments with incidents. The officers first job is to keep themselves and others safe, then to try and deal with the person in trouble, it is not a silver bullet for the situations, and Police may still have to use deadly force to protect them selves and other nearby Citizens, but they have much better tools to understand what is going on, and have a much better chance at defusing the situation with the training they receive.
from CTI Consulting http://ift.tt/2h7RAV2
via IFTTT

Wednesday, December 7, 2016

Terrorism officers arrest man at Heathrow Airport - BBC News

At some point I hope we learn more about both these arrests. In the one it would appear he was on a watch list of some type and picked up coming thru customs, on the other it would appear he triggered some one's radar. It is the triggering of that radar, that we need to under stand and teach others. As I teach Police and Bodyguards as well as other security folks it is evident that we have a growing level of expertise in detecting these folks. A lot of what we have to work on is getting that expertise to the next generation of security and just regular folks, that is how we win this, or at least start to win this battle with terrorists and other bad guys, both home grown and officially trained. If you have any words of wisdom please let us know, we can give you access to our blog or other social media points.
from CTI Consulting http://ift.tt/2hjYiGV
via IFTTT

Hikvision Cloud Security Vulnerability Uncovered

This vulnerability is going to be seen in most of the cloud CCTV storage systems out there. It is just not possible to have that many passwords and access to the cloud storage to not have someone gaining access, once in putting ways to get deeper into the system is always going to be possible. HIK has it's flaws and many are probably done by the Manufacturer, but cloud storage vulnerability has always been there, and if you want to access and be accessed to your phone each time an event happens on your CCTV account, just know others will soon have access as well. Now if you CCTV only show areas that are public, I am not sure of the damage, but remember if they are in, they can delete, change access and set up info as well. Be warned.
from CTI Consulting http://ift.tt/2gHtVgC
via IFTTT

14 gunmen killed in shootout with police in Veracruz - Linkis.com

A statement like "weapon capable of piercing armored vehicles" needs to be qualified a bit, but the threat is true. To many folks think that driving around in an armored car is all it takes to stay safe. Not so, learning how to drive, how to stay out of ambush points, and have a response team around is needed as well. Learning to drive an armored vehicle is not all that easy, they do not handle the way a normal car does, and in fact each model and version of an armored vehicle have their own issues. Driving in Mexico can be tricky in a tank, ask the Cartels, they have a number of trucks, that are pretty much tanks, and they get hit quite a bit. If you are in the Reynosa area near the US Border, just surviving the first 300 yards from the Hidalgo downtown crossing into Mexico has huge issues, road that can be blocked very easy, quite a few ambush points, just to start. If you go North to the International Bridge crossing, your chances go up immensely, still you need to keep your head up and alert, as well as the speed up, not to high, but high enough to make it harder to hit you.
from CTI Consulting http://ift.tt/2gb811g
via IFTTT

Tuesday, December 6, 2016

U.S.: Washington, 39 Countries Dismantle Massive Online Criminal Network | Stratfor

This is a massive hit to cyber crime, I wonder if we will even notice it?
from CTI Consulting http://ift.tt/2g8kjY6
via IFTTT

Aviation | Homeland Security News Wire

It is really getting tough to buy things not effected by Chinese Espionage attacks, to include that Scanner being used on you at the airport. But it goes even worse than that. Many of the chips used ,in the, and on the, electronics inside American Products are made in China, and have the security cyber vulnerabilities built into their design. We in the USA have allowed a great deal of our chips to be made outside the USA, using our technologies and design, then other countries changing them to add vulnerabilities. One expert has admitting failing to determine the false chips vs the real chips. Both by the way made by Chinese manufactures, we have a real problem with overseas manufacturing, and it is not just the electronics, it is also the software being used in the electronics.
from CTI Consulting http://ift.tt/2g7Rf2O
via IFTTT

Monday, December 5, 2016

ISIS declare Bloody Friday war on Trump inauguration day | World | News | Daily Express

Once again for fear of calling wolf way to often, we promulgate another ISIS threat, this time on the Inauguration day for President Trump, but as always we need to take the threat for real, and in a way it is, if we let them they will attack. Probably not the main inauguration events, but some softer target, we have not secured. Some off line republican event at a bar in South Texas, of supporters that no one would think is a target. But I also think this is going to be a way of life. It is for many of us in the security profession, but in the future will be a way of life for anyone that expects to survive. For those that have been trained or come by security awareness naturally, often called street smarts, you are ahead of the game. Others, find someone to train you, your co workers your family and your friends. Always try and be in a group of folks that are aware, it helps, we all miss things at times. I just got over a fairly sever cold, flu, what ever, and was on medication that along with my symptoms, made me far less aware than normal. If you drink a few glasses of wine, or a few beers, you also will be off your game a bit, as when you have allergies, and take over the counter medicines, or heaver stuff. One of the first things we need to be aware of is our own status at the moment, I often use Sudoku to gauge what level I am working and thinking at. But anything you can do like this will help, most of us can just feel to some extent where we are at, but if you are impaired a bit, you can get false signals. In any case, after you have figured out where you are at, then you want to be aware of what is going on around you. If it is a new area, quickly get a base line, then from there build the normal and un normal things going on around you, your base line will adapt as you learn. But I digress, we need to be aware of what ISIS may do next, with out worrying if we have covered all the bases, but just that we are aware of what is normal and what is not normal. Grasshopper :)
from CTI Consulting http://ift.tt/2h5GzXF
via IFTTT

Friday, December 2, 2016

AirDroid Vulnerabilities Open It Up to Huge Security Risks, Disable It Now

TrentonScottH : AirDroid Vulnerabilities Open It Up to Huge Security Risks, Disable It Now (via LifeHacker) https://t.co/61xKmP7HP7
from CTI Consulting http://ift.tt/2gOQwIm
via IFTTT

IS group to step up attacks on Europe - Europol - BBC News

Any Christmas or New Year trips by family members need to understand the elevated threat level in Europe, remembering that the State Department has a rather elevated risk advisory in place for the holiday season as well for Europe. Make sure you take advantage of the State Departments travel tacking on their web site. You can as an American Citizen put in where you will be, IE hotel country and the rest with phone numbers email addresses, it is tied to your passport number. Local State Department Security have access to this data, and if specific warnings come up, or an event happens can use the information to try and get you help or directions of what to do next. Plus you are listed in country and they have a better handle on who all may need help.
from CTI Consulting http://ift.tt/2gTRiQX
via IFTTT

Thursday, December 1, 2016

Unlock Ransomed Files With Avast's Four Free Ransomware Decryption Tools

TrentonScottH : Backups and safe use are preferred, but worst case you can try and fix your files with Avast's Ransomware Tools https://t.co/8uneEgC6rN
from CTI Consulting http://ift.tt/2fMjDwo
via IFTTT

Wednesday, November 30, 2016

Pentagon Links Chinese Cyber Security Firm to Beijing Spy Service

This is a pretty well written expose of the Chinese Cyber Security program, but it dances around the worst of what China has done, mainly because of classified cases, but also because of the financial issues involved, the major suppliers of products to our homes and offices have bought compromised products, not knowingly, but have them for sale. Cheap phones, computers, routers, cctv cameras and controllers, even toys for our children that have IP capabilities, are all capable of being turned against us. This Christmas is going to be a good one for retailers by all sources, but it is also going to be a big day for Chinese espionage as well, by all experts in the business. One interesting reveal was that the Russian espionage work with Kaspersky Labs was outed.
from CTI Consulting http://ift.tt/2gAK197
via IFTTT

Arrested German spy was a onetime gay porn actor — and a secret Islamist - The Washington Post

There is a little bit in this story for everyone, but the biggest point to me is this is one of the biggest insider threat cases ever seen, and the guy is not some 35 year old idealist, but a 51 year old, with quite a past. Just watching his online activity, they found he gave away a lot of very helpful information to his ISIS handler, secrets that could allow terrorists to find ways around German security. It just shows again that we all need to be on the lookout for insider threats, and they can come from anyone.
from CTI Consulting http://ift.tt/2gxv1Jj
via IFTTT

Tuesday, November 29, 2016

Ohio State knife attack: Suspect inspired by ISIS - CNN.com

Most people already thought this from his Facebook rant, but good to see it put out there. If you read inspire magazine the one started by the Al-Awlaki AQ cell, it tells its followers how to use both the car and the knife as a terrorist weapon. This guy did not read the fine print, but he did get the basics down. More important he has kept the struggle alive for all those basement want to be Jihads out there in the world. His attack was not that effective, and was cut short by the Campus Police Officer, but it certainly got the attention of the Press which is what he wanted to get done.
from CTI Consulting http://ift.tt/2fGTMAM
via IFTTT

Campanion app surging in popularity - Business Insider

I have not checked into this yet, but on the face of it, It does look well worth the down load, I have seen several apps like this, the key here is that others do not have to download the app, they just linked to a web site to participate.
from CTI Consulting http://ift.tt/2grQanm
via IFTTT

Program: The Canton of Vaud (CV) Community Supervision Program (Switzerland) - CrimeSolutions.gov

I wish people would read these reports, this program has not shown any effect good or bad on the problem, and should be scrapped, as should other failing programs like the Chicago Project that has not had any effect on crime in the Chicago inner city, yet it gets funded every year. When a program is evaluated and has not shown any success, it does not mean the City has failed, it means that proposed solution has failed and they should try something else. Bentsonville just up the street from Chicago has had great success with their crime reduction program, perhaps it should be tried in Chicago to see if it works. Just a thought.
from CTI Consulting http://ift.tt/2fNCjtV
via IFTTT

IRS Casts Unusually Wide Net for Bitcoin User Data | American Banker

Perhaps a little over reach by the IRS, but they do have a point most using Bitcoin are hiding something, so it is a good place to start looking.
from CTI Consulting http://ift.tt/2fyVIjR
via IFTTT

Wayne State University Police Officer Killed Near Campus - Campus Safety

A lot of Campus Police feel they are not targeted like City and State Police, but the figures show that is not the case. We all need to stay alert to possible problems and keep an eye out for the safety of both Police and Security, you may be the one that helps stop on of these attacks before they turn deadly.
from CTI Consulting http://ift.tt/2fyNatb
via IFTTT

KiDS: Inside the Terror Factory — Make this film a reality | Cause Match

This pulls a little on the gun control it looks like, but most of it is against the worst of the worst teaching little kids to be Jihadist killers and to hate the west.
from CTI Consulting http://ift.tt/2gCA2Ty
via IFTTT

Bush airport worker arrested for allegedly bringing loaded gun to work - Houston Chronicle

Not sure if he just forgot it, or was thinking it would get through, insider threats are one of the biggest vulnerabilities at airports, if this worker had a way to by pass security with his badge, we could have had a real problem.
from CTI Consulting http://ift.tt/2gD0MRt
via IFTTT

FBI Nabs Latest Starbucks Bombing Suspect; ISIS Linked to Previous Attacks | MRCTV

This is one we should stay on top of, three bombings in one week in New Mexico is a trend we may see repeated. I would be very concerned with Starbucks in high trafficked areas, like airports and mass transit areas.
from CTI Consulting http://ift.tt/2fxxSow
via IFTTT

Borderland Beat: Tijuana: The assassination of an Informant

In this case the informant tried to stay in or near the game, and that was a very bad move, he had a way to get he and his family out, and still wanted to play a bad guy, even asking for payments on things he had done in the past.
from CTI Consulting http://ift.tt/2fu1miJ
via IFTTT

Borderland Beat: 'The only two powerful cartels left': rivals clash in Mexico's murder capital

“There’s no ‘pacto’” in Colima, one of the journalists said, referring to an arrangement between authorities and one of the cartels. “It won’t calm down here until there is.” “There’s no ‘pacto’” in Colima, one of the journalists said, referring to an arrangement between authorities and one of the cartels. “It won’t calm down here until there is.” This is an interesting article and perhaps is true for the moment, but other Cartels are forming alliances and even others developing to try and fill voids in plaza controls. As new mid level cartel managers come on line, they are looking to make a name for themselves and if there is not room to advance will start pushing their own brand. As in business when the top positions are filled and the mid level staff feel there is no room to grow they look to expand on their own, look for the same thing here. The Zeta's felt that was the only way for them to get a bigger piece of the pie, and broke away from their Cartel that they where enforcers for, and made their own brand as a Cartel. If anyone thinks this is over they need to rethink, but probably the most troubling news from this article was the last comment by a journalist.: “There’s no ‘pacto’” in Colima, one of the journalists said, referring to an arrangement between authorities and one of the cartels. “It won’t calm down here until there is.” If this is the only way people thing Mexico can calm down all this violence is to make deals with the Cartels, then Mexico is finished. The Cartels just get stronger during these deals, and the corruption flourishes making the Government weaker, in both the minds of the Cartels and the Citizens of Mexico.
from CTI Consulting http://ift.tt/2fwfEE0
via IFTTT

Aides of Philippines' Duterte attacked in ambush: military

We are still getting info on this bombing attack on the Police convoy, at this point all that was determined is that it was a roadside bomb.
from CTI Consulting http://ift.tt/2fMn2JH
via IFTTT

OSU Attacker’s Facebook Goes On Anti-U.S. Rant... Likely Terrorist Attack - BB4SP

There is no right answer to vetting immigrants and this young man was pretty young when he came in, but we still need to try harder, many refugees just do not like the way the USA works, and will never blend in, so we need other options to provide them. Letting them change the USA is not an option. This person was stopped quickly and still did a lot of damage, both to the actual victims, but also to the USA that had to put up with another senseless attack.
from CTI Consulting http://ift.tt/2gRUD78
via IFTTT

Monday, November 28, 2016

Gizmodo on Twitter

TrentonScottH : The security infrastructure needed to halt ransomware spread across the network is often out of reach 4 smaller orgs https://t.co/dH2nSIxxEE
from CTI Consulting https://twitter.com/gizmodo/status/803376723068907520
via IFTTT

Saturday, November 26, 2016

Locky Ransomware Spreads Through Facebook Messenger

Facebook messenger has another ransomware attack. Please if you use Facebook messenger be very careful, if you do not watch out for people trying to get you into it.
from CTI Consulting http://ift.tt/2fCKA3V
via IFTTT

Mexico: Bodies, severed heads found in hidden graves - CNN.com

More bodies and parts of bodies found in central Mexico, some of them very new, some from past violence. Mexico needs a revolution to get back their country. This is just getting worse, even in the calm times the Cartels are just getting stronger, ready to fight for more turf, more distribution point, more cross over points. On the Mexico side, the Cartels are running and operating their business. On the USA side, the Cartels are more and more content to be upper level management and let controlled street and prison gangs to run, enforce, and manage the day to day operations. Most of the management on the USA side stay pretty far away from the dirty businesses, they may have records, but most do not on this side of the border. On the Mexican side, Cartels reach tenuous deals with different Government entities. The Government feels the need for these deals, for both survival and profit. The Cartels value the deal, but which ever cartel has the deal at the moment are always worrying about another Cartel moving in. That is the tenuous part of the deal, and both sides are aware of it each day. How to gain back control of Mexico from the Cartels is problem that does not have any easy answers, and all involve a lot of bloodshed to even get the direction reversed. But when it is allowed to get as bad as it is now in Mexico, it becomes very hard to turn it around. In the USA this turning point is getting closer every day.
from CTI Consulting http://ift.tt/2gpuYC0
via IFTTT

Friday, November 25, 2016

TSA annual test for screeners leads to firings, stress, turnover - StarTribune.com

we are only hearing one side of the story here, but from a trainers point of view if only 100 failed out of 45,000 or so, then I would have to rate the test fair. I think the whole going to FLETC for training with Agents from other agencies is bogus. The TSA screeners are already taught aggressiveness, to the point of often dealing with passengers in a hostile manner. I can under stand the motive of the TSA hierarchy there is a motivational problem, one that is basic to everyone looking for terrorists, that is there are very few terrorists out there. We can play games with the K9 dogs, give them scents every hour or so, so that they can keep motivated, TSA can play games with screeners the same way, but they understand the test, that throws suspect objects digitally in bags. There is another part to this story that should be talked about. The cost, size, and weight of the CAT scan type x-ray systems used for checked bags has come down enough that they can be used for carry on bags. Which is a good thing in many ways, but has some down points as well. A checked bag has to have a bomb that is ready to go, since the passenger will not be touching the bag again, but carry on bags, the explosive, the battery or other detonating method can be carried in separate methods, making the bomb that much harder for an automatic system to catch. With a new President and administration, it maybe time to take another look at what we are trying to do at the TSA, it seems to have lost its way.
from CTI Consulting http://ift.tt/2fxqWCS
via IFTTT

Wednesday, November 23, 2016

Hikvision Removed From US Embassy

Every one needs to know about the serious vulnerability associated with these cameras.
from CTI Consulting http://ift.tt/2gxY16V
via IFTTT

Victim ID'd, investigation continues in Center City package explosion

Letter and package bombs are not all that common, but we need to be cautious of all letters and packages over 8 ounces, especially during the holiday season. The investigation is ongoing but it does appear that opening the package set it off. Notice no one died, which is the case for most small letter and package bombs. You may want to brush off your mail and package bomb threat sheets for review, and ESI graduates may want to see if anyone around them needs to be trained on how to deal with these suspect devices.
from CTI Consulting http://ift.tt/2f6SyUn
via IFTTT

Tuesday, November 22, 2016

Brazil: Four dead after police helicopter 'shot down by gang' - BBC News

Helicopters are vulnerable to long gun fire, and the Cartels in Mexico have been using Barret 50 cal rifles to keep them at bay. If they can get them in close even small arms fire can be deadly to many non militarized helicopters. A lot of a helicopter's strength was that it was perceived to be able to handle more firepower than it actually can.
from CTI Consulting http://ift.tt/2fQmMaA
via IFTTT

GRAPHIC: Cartel Beheadings and Shootings Rock Mexican Resort Area

After a rough summer, it looks like the Cartels are going to have an even rougher winter. The violence is just not slowing down. Mexico needs to really decide what it is they are going to do, they owe it to the citizens of Mexico.
from CTI Consulting http://ift.tt/2gi0Qpv
via IFTTT

Innovative Antennas for Seamless Connectivity in Large Venues | TerraWave

CTI does not endorse any vendor or product, but when we do come up on solutions that may help solve some sticky situations like Executive Protection and Corporate Security face, we will talk about it. There are other vendors that provide these solutions, and I have never used this vendor as of yet, but they do have some great solutions. For instance a temporary WIFI, camera set up kit, with various power options, like solar, intermittent ground power and self powered thru POE for both routers and cameras. I have designed in the past solar charging systems for remote areas, but these folks have a systems ready to buy. If you are looking for ideas, here are few good ones, for that next gig.
from CTI Consulting http://ift.tt/2fZB9tn
via IFTTT

Probable Cause

This is a great article for all Law Enforcement and Security types to learn from. I also teach in addition to Terry vs Ohio, U.S. v. Mendenhall test for 4th Amendment seizures:, but the key as always is to get the officer to be able to articulate their basis for going to the next step. In a 7 hour class for police we show them how to develop the probable cause or reasonable suspicion. We use tests and presents to come up with ways to make the possible suspect react in ways that we can articulate why we believe that they are going to commit a crime. As stated in the post, it can be difficult since in the planning stages the bad guys know not to carry weapons or anything we can arrest for. Often all we have are pictures in their phone or diagrams they are using to set up the attack. Luckily there is case law for both these items to be valid to arrest. Well written article, thanks a lot
from CTI Consulting http://ift.tt/2fnIvc4
via IFTTT

Monday, November 21, 2016

Detecting the language of suicide: There's an app for that

This is apparently the up and coming thing, it is showing promise, but does not take away from the personal interaction with the person. You need to have them talk to someone trained on how to understand the problem.
from CTI Consulting http://ift.tt/2eVjAxL
via IFTTT

The Danger of Ignoring the 'Espionage' in Cyber Espionage | Stratfor

If you are in the security business, espionage is one of those things we have been fighting for centuries, but ad the name Cyber it seems to take on a whole new meaning here is an insightful article on gaining perspective in Cyber Espionage.
from CTI Consulting http://ift.tt/2fitSTM
via IFTTT

Hack: How to spy on a 3-D printer | Science News for Students

Espionage on high tech is going old school, well sort in the old days of typewriters, Spy's figured out how listen to the typewriters and the small surges in energy they made to tell what a person in typing. They got so good that they could print as fast as the typewriter did. Now they are using a similar attack on three D printers with a smart phone.
from CTI Consulting http://ift.tt/2fUWzYu
via IFTTT

Dangerous Rootkit found Pre-Installed on nearly 3 Million Android Phones

These phones, some sold by Best Buy, are often given as gifts to our children or friends, it is an android phone with the android operating systems but has a built in back door: Backdoor/Rootkit Comes Pre-installed The vulnerable OTA mechanism, which is associated with Chinese mobile firm Ragentek Group, contains a hidden binary — resides as /system/bin/debugs — that runs with root privileges and communicates over unencrypted channels with three hosts., China has not even started up two of the hosts, but the third is active and as soon as your phone links up to the internet sends your information out to the Chinese server for them to use. Since it is initiated by your phone, your firewalls on your routers do not even know it is happening. By the way since it is sent un-encrypted anyone sniffing the internet could catch the information and use it. China is playing in the weeds on this one waiting for one of your children to use a device like this or one of your employees to find the opening to attack your business or family's internet system.
from CTI Consulting http://ift.tt/2fKTGvZ
via IFTTT

Sunday, November 20, 2016

FBI Warns Of Thanksgiving Terror Potential; Walsh Says No Specific Threat To Boston « CBS Boston

There's no reason to panic, but to stay aware, use your training keep an eye out for unusual actions by people, remember everyone has a place to go or thing to do, even terrorists. You can see the family going to the mall, that is an easy one, now the single guy, even multiple guys walking in and watching , actively watching, not shopping not looking at girls, or meeting other guys, just watching. Watch when a police or security guard shows up, how they will try to not pay attention to them, but can't help themselves. This does not mean they are terrorists, because purse snatchers, robbers, even rapists all tend to conduct surveillance pretty much the same way. Bad guys are bad guys and a good purse snatcher can top a rookie terrorist in surveillance capabilities most of the time. So if you can pick out purse snatchers and pickpockets, terrorists are a piece of cake.
from CTI Consulting http://ift.tt/2gqlKG4
via IFTTT

Why The Mega-Rich Are Getting Bodyguards - The Daily Beast

There is the perception of danger out there, followed quickly by the actual rise in danger. So the need for bodyguards is rising as well, providing jobs for many of our Veterans that have gone for training in field since departing their service.
from CTI Consulting http://ift.tt/2fNI1dt
via IFTTT

Friday, November 18, 2016

As we approach the Thanks Giving Holiday, we need to remember the ISIS and AQ bad guys have not quit, they have threatened us on these very holidays, and we must keep aware at all times for them. They talk about picking the right knife to kill us with, but also discuss in depth the use of trucks, both with bombs and just by themselves to attack with. The know our vehicle regulations and know with a normal drivers licence they are not going to be able to rent anything over a 24 foot U-Haul so they advice using 16 or 18 foot trucks that will not attract as much attention. Keep your eyes out for people scoping out places where events are going to be, as well as rehearsal runs, even the Nice France truck attack used a trial run before he made his attack, If we can catch them there we all win. Have a safe holiday.


via CTI Consulting http://ift.tt/2fEhOAn

Armored Cars and Sniper Rifles: Inside Latin America's Biggest Security Expo - Bloomberg

Yet most Mexicans can not own the weapons to defend themselves and can not afford the other protective items shown at the expo. It is a good show, lots of claims made for different items that may or may not do as well as claimed, but that happens at all of these events. If you have any questions on some of the claims made by vendors, let us know, most of this we have dealt with in the past. Some things do work, but many do not work as well as claimed in the talk and brochures offered.
from CTI Consulting http://ift.tt/1YiehVo
via IFTTT

The silent side of hostage negotiations | Warmington | Canada | News | Toronto S

A former FBI Negotiator told me years ago, that the kidnapper may think they are in charge, but you have what they want and have worked for, the money. This simple fact if remembered and handled correctly can at least put you on a more even playing field with the bad guys.
from CTI Consulting http://ift.tt/1T2bwWW
via IFTTT

Number of kidnapping cases this year highest in two decades - KR Magazine - Kidnap and Ransom News

Kidnapping is a booming business, we see the trend getting worse not better. Still most of it was identifiable before the actual grab, you just need to be aware. No kidnapper likes being noticed prior to the event, so just noticing them, maybe taking a picture of them with your phone can be a big deterrence. If you are wrong then throw the picture away after a while, but make sure you send the picture and any information to a place where others can find it. Send it to your favorite security consultant, I always enjoy getting these in the middle of the night. Still when they get home safe I just dump them and wait till the next time. I get them on folks going into strip clubs and worse, and as they come out, often followed by local thugs, looking for an easy buck. But most of the time the picture alone lets the bad guys know they are aware of them. What goes to your security consultant stays with them, till your safe again. Lady clients has sent some of the most interesting pictures, but it works for them as well. Have a safe holiday season.
from CTI Consulting http://ift.tt/2eOntV0
via IFTTT

Suspicious tracking device found on MTA bus in Staten Island - NY Daily News

Much ado about nothing, there are a hundred reasons to put a tracking device on a bus, one of the first being, it was on someones car, and they moved it to the bus to misguide the folks tracking them, or a bus company that wants to know how a bus driver is covering his route.
from CTI Consulting http://ift.tt/2g19yHk
via IFTTT

Thursday, November 17, 2016

Risk & Insurance

This could be a game changer for many small and some large businesses, many businesses like small hotels do not pay some or even many managers over 45 thousand a year, yet expect them to put in the hours needed to get the job done. This little change made by the Obama administration could bring lawsuits in by the thousands as mid level managers feel that they are not be represented correctly by this law. It should be an interesting year coming up. On the other side of the fence, you just made weekend manager, a great career boost, but they have to take it away because you do not make enough to handle the flexibility of a managers work load.
from CTI Consulting http://ift.tt/2flHfU0
via IFTTT

What burglars can teach us about architecture - RN - ABC News (Australian Broadcasting Corporation)

This is a must read article for homeowners to business owners to Police, good advice and some great ideas to implement. In the coming holiday season, criminals are going to be out in force, lets try and be ready for them,
from CTI Consulting http://ift.tt/2g2E2dZ
via IFTTT

Pre-installed Backdoor On 700 Million Android Phones Sending Users' Data To China

This is just a further update to what testers found on the ZTE phones you can buy in the USA for 10$ with out a cell plan. As long as you keep them off the internet they are fine, but if you do hook them up to the internet look out. One testing firm took a ZTE phone down as far as they could stripped all the software off of it, brought it back up with clean android software and it was reinfected by the firm ware on the phone before they finished. Make no mistake this is a dangerous phone to use, even if you just give it to your kids, as soon as you put the passwords in so the kids can use the internet at the house, it is one its way to China. scary stuff, we have found the same on a number of low end CCTV cameras you can buy at Wallmart even Best Buy, they have back door built into them that can compromise your home and office internet security. With the Christmas season coming up, please watch what you buy, at the end of every holiday Christmas buying spree CTI gets call on problems with their privacy, everything from internet toys to the kids, to remote phones for the house all can have back doors in them. Even that harmless remote controlled thermostat you bought for the house, can be a danger to your cyber security. In fact we have not found one home internet controlled thermostat that did not have a vulnerability to be hacked and quite easily.
from CTI Consulting http://ift.tt/2fJowCN
via IFTTT

Texans warned to stay in hotel, not order room service in Mexico | khou.com

Safety and Security is a real concern for both players and staff, just another day in Mexico.
from CTI Consulting http://ift.tt/2eJqBBG
via IFTTT

This $5 Device Can Hack your Password-Protected Computers in Just One Minute

This will work but it you have this much access to the target computer, you can buy keyboard loggers that can do much more and quicker, and cheaper. When someone has access to your computer beware, just about anything can happen. I have taken to easy to slide off desktop PC covers, just to find unused USP ports inside, that you can put your own spy devices in, in less than 30 seconds, but since most people do not even look behind their computer after they set them up, inserting a keyboard logger into the same USB slot as their key board plugs into is not a real problem. a good one slides into the computer leaving just an 8th of an inch more for people to see if they look at the back of the computer.
from CTI Consulting http://ift.tt/2gkJwTK
via IFTTT

New Hack: How to Bypass iPhone Passcode to Access Photos and Messages

like most hacks it is harder than it looks and there are other ways to get this done. But it is a new hack, and users should be aware of it.
from CTI Consulting http://ift.tt/2g2lBpH
via IFTTT

Mexico's Carmen Aristegui shares tips for journalists fearful of libel lawsuits | IJNet

It is not enough to be shooting and throwing hand grenades at journalists, they are also being harassed by bogus legal actions meant to shut them down. We complain about our Press in the USA, but the Press in Mexico have it much worse. While we see that fat cats on Telimondo spout off about our elections, they will never cross the Mexican Government, or the Cartels for fear they will be killed. The press in Mexico take their lives in their hands everyday they try and do their jobs on reporting the corruption and cartel violence in their country. We all need to support them in anyway we can..
from CTI Consulting http://ift.tt/2fO0RkZ
via IFTTT

Study: Deaths by Firearms Reach Record Highs in Mexico

Welcome to a country with some of the toughest gun control programs in the world. Yet, the bad guys always find weapons, but a citizen has to break the law in most cases just to defend their home, let alone themselves as they walk down the street. There are a lot of reasons for these record levels of violence in Mexico, but no one can say they did not bring it on themselves with the way the Government deals with the cartels and its citizens. After one small town rid themselves of the cartel control, the first thing the Federal Police announced as they ventured back into the town, was to take the guns away from all the citizens, now that the violence was over. Left undefended the cartels came back in force and killed most of the people that had fraught them. Mexico has no easy answer to the cartels and corruption that exists, and it is going to be painful to even try and take back control, but that is what they must do, for their children to have positive lives in the future.
from CTI Consulting http://ift.tt/2fW1Wtn
via IFTTT

How to Be Mindful at Airport Security - The New York Times

This is perfect try this at your next TSA screening line, in fact try this the next time you are waiting in any line.
from CTI Consulting http://ift.tt/2fJ3cNE
via IFTTT

Wednesday, November 16, 2016

LDS introduces innovative drone-operated explosive detection system | Government Security News

This type of laser explosive detection is a fairly proven principal, and has been used by shore based teams on boats heading into harbor, It would appear they have solved some of the stability problems, basically you excite the explosive material with the laser and then read bounce off of the device, It could be a faster way to check for explosives that the robot used now days.
from CTI Consulting http://ift.tt/2fX53NY
via IFTTT

The Mysterious Recurring Case of Mexico’s Disappearing Governors - Bloomberg

when you consider that as little as 2 percent of crimes committed in Mexico end in a conviction, it is not that hard to see why many just ignore the Police and the prosecutors..
from CTI Consulting http://ift.tt/2fVxMny
via IFTTT

TSA Agent, 7 Others Arrested For Drug Trafficking Ring | WFMYNEWS2.com

Insider threat continue to plague all levels of our lives, the TSA is but one of them. When you see it at such a high prominent level like this a lot of people wonder if they will ever get a fair brake. This is not the first, nor will it be the last of TSA officer misdeeds, we have to remember that 5% of any large group will be bad guys, and 11% of any group will take advantage of a situation, Not all TSA are bad not by a long shot, but we and other TSA officers need to keep our eyes and ears open to find the bad one before someone gets hurt.
from CTI Consulting http://ift.tt/2fhlQf3
via IFTTT

Abbas cuts salaries to dozens backing rival Dahlan | The Times of Israel

This could have serious ramifications for years to come. Dahlan has his issues, but he does have a lot of supporters both in and out of the Gaza Strip and the West Bank. He does find ways to bridge the divides between Israel, Egypt and the EU not to mention the US and the Quartet.. Mr. Dahlan has come up from the streets and knows his way around the problems that exist, he should be considered for a replacement of Abbas in the future.
from CTI Consulting http://ift.tt/2eWl85U
via IFTTT

Tuesday, November 15, 2016

News from The Associated Press

Shooting at Oklahoma Airport, the airport is still on lock down,
from CTI Consulting http://ift.tt/2fVen92
via IFTTT

Securing Trump Tower -- Security Today

This is truly going to be interesting, normally the President picks one home to call his during his presidency, Trump like VP Rockefeller before him has multiple residences he in the end for cost he will have to pick one, perhaps two if he chips in for the security upgrade. As President he can chose to visit his home and it is kept secure, Jimmy Carter had an old farm home back in the woods while he was president. How all this shakes out will bt the mystery to follow.
from CTI Consulting http://ift.tt/2gd2RXK
via IFTTT

Bosch Security Systems and Sony Establish Partnership for Video Security Business -- Security Today

Did not see this coming, this could be a big issue in the year coming up, I mean every one is using Sony video chips for the most part, but this is taking it way rurther.
from CTI Consulting http://ift.tt/2fW5QAC
via IFTTT

Security incident closes checkpoints, Sky Train at Phoenix airport

Phoenix did a fair job at this event, cool heads prevailed and they left other screening check points and terminals open for flights. I think most airports are getting more realistic in their bomb evacuation response. A backpack device is only going to be at most in the 50 pounds of explosive range, and probably a lot less, like 20 pounds. Either device size would not really affect anything out side the immediate area. certainly nothing out side the terminal. This threat of terror is not going away, so we need to develop plans and procedures that minimize the effect of the threats. PHX was one of the first to go to the bomb resistant trash cans, in fact helped with the testing of the devices. It is things like this and constant police patrols as well as having the rest of the airport and airline staff in the terminals be aware of bomb and suspected devices recognition. Chicago Airports authority provided training for all staff at both airports, so they could help keep the police aware of any possible problems. Boston did the same to all their staff after 9/11.
from CTI Consulting http://ift.tt/2fCCPc6
via IFTTT

Russian Court bans LinkedIn in Russia; Facebook and Twitter Could be Next

This could be devastating, more than Russia will be affected.by this. This will be one to watch.
from CTI Consulting http://ift.tt/2gcQ7QV
via IFTTT

Wi-Fi Signal Interference Can Leak Your Passwords and Keystrokes

This is one of those deals where I am pretty sure this is highly compartmentalized over at the agency, pick the three letter agency you want. It still would take a lot of technology and skill to pull off, and most companies would have a tough time with this. and a security/consulting/espionage firm, is not going to get paid much for a 68% chance they got it right. Countries think anything over 10% take is good, usually not for big firms paying for the info, For a hacker team, this would be a gold mine, just looking for passwords.
from CTI Consulting http://ift.tt/2fCkiwv
via IFTTT

3 Ways To Make “No” Work For You

Do you want to know how to win at negotiations or even just every day questions, here are some tips from a pro, Chris Voss, a former FBI negotiator that dealt with the big league stuff, and now teaches businessmen how to use those skills, to deal with everyday business and life.
from CTI Consulting http://ift.tt/2fUwawI
via IFTTT

Monday, November 14, 2016

Hikvision 'Phone Home' Raises Security Fears

Using your phone with many if not all the Hikvision cameras and recorders can leave your network passwords as well as your phone passwords, vulnerable, to the point that DOD and others are not allowing their use in many areas of the Government. You may want to take the hint.
from CTI Consulting http://ift.tt/2fs5L97
via IFTTT

Adult Friend Finder and Penthouse hacked in massive personal data breach | Technology | The Guardian

Newest Hack attack, will have millions trying to come up with stories of how they showed up on this data base.
from CTI Consulting http://ift.tt/2fRySky
via IFTTT

Wednesday, November 9, 2016

Genetec Expels Hikvision

This is an unprecedented move, but should tell everyone about the vulnerabilities associated with Hikvision. I think Genetec made the right move and I hope other companies follow suit. They have a real problem over at Kikvision, and we need to watch out for any firms they are providing any OEM cameras for. Now if I could just figure out how what to do with my Lenovo laptop, which DOD is saying they will not allow contractors working on Government contracts to use.
from CTI Consulting https://ipvm.com/reports/genetec-hikvision
via IFTTT

DDoS Attack Takes Down Central Heating System Amidst Winter In Finland

Mirai botnet malware scans for insecure IoT devices, like security cameras, DVRs, and routers, that uses their default passwords and then enslaves them into a botnet network, which is then used to launch DDoS attacks. It is available on line in different forms, but all can be devastating. If older or much younger folks had been caught with this, it could have been deadly as well. Unfortunately many of these attacks are done by kids, just trying to see what mischief they can cause. And tho in this case no one was injured, they could have been.
from CTI Consulting http://thehackernews.com/2016/11/heating-system-hacked.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29&_m=3n.009a.1362.am0ao05w0h.sti
via IFTTT