Wednesday, November 30, 2016

Pentagon Links Chinese Cyber Security Firm to Beijing Spy Service

This is a pretty well written expose of the Chinese Cyber Security program, but it dances around the worst of what China has done, mainly because of classified cases, but also because of the financial issues involved, the major suppliers of products to our homes and offices have bought compromised products, not knowingly, but have them for sale. Cheap phones, computers, routers, cctv cameras and controllers, even toys for our children that have IP capabilities, are all capable of being turned against us. This Christmas is going to be a good one for retailers by all sources, but it is also going to be a big day for Chinese espionage as well, by all experts in the business. One interesting reveal was that the Russian espionage work with Kaspersky Labs was outed.
from CTI Consulting http://ift.tt/2gAK197
via IFTTT

Arrested German spy was a onetime gay porn actor — and a secret Islamist - The Washington Post

There is a little bit in this story for everyone, but the biggest point to me is this is one of the biggest insider threat cases ever seen, and the guy is not some 35 year old idealist, but a 51 year old, with quite a past. Just watching his online activity, they found he gave away a lot of very helpful information to his ISIS handler, secrets that could allow terrorists to find ways around German security. It just shows again that we all need to be on the lookout for insider threats, and they can come from anyone.
from CTI Consulting http://ift.tt/2gxv1Jj
via IFTTT

Tuesday, November 29, 2016

Ohio State knife attack: Suspect inspired by ISIS - CNN.com

Most people already thought this from his Facebook rant, but good to see it put out there. If you read inspire magazine the one started by the Al-Awlaki AQ cell, it tells its followers how to use both the car and the knife as a terrorist weapon. This guy did not read the fine print, but he did get the basics down. More important he has kept the struggle alive for all those basement want to be Jihads out there in the world. His attack was not that effective, and was cut short by the Campus Police Officer, but it certainly got the attention of the Press which is what he wanted to get done.
from CTI Consulting http://ift.tt/2fGTMAM
via IFTTT

Campanion app surging in popularity - Business Insider

I have not checked into this yet, but on the face of it, It does look well worth the down load, I have seen several apps like this, the key here is that others do not have to download the app, they just linked to a web site to participate.
from CTI Consulting http://ift.tt/2grQanm
via IFTTT

Program: The Canton of Vaud (CV) Community Supervision Program (Switzerland) - CrimeSolutions.gov

I wish people would read these reports, this program has not shown any effect good or bad on the problem, and should be scrapped, as should other failing programs like the Chicago Project that has not had any effect on crime in the Chicago inner city, yet it gets funded every year. When a program is evaluated and has not shown any success, it does not mean the City has failed, it means that proposed solution has failed and they should try something else. Bentsonville just up the street from Chicago has had great success with their crime reduction program, perhaps it should be tried in Chicago to see if it works. Just a thought.
from CTI Consulting http://ift.tt/2fNCjtV
via IFTTT

IRS Casts Unusually Wide Net for Bitcoin User Data | American Banker

Perhaps a little over reach by the IRS, but they do have a point most using Bitcoin are hiding something, so it is a good place to start looking.
from CTI Consulting http://ift.tt/2fyVIjR
via IFTTT

Wayne State University Police Officer Killed Near Campus - Campus Safety

A lot of Campus Police feel they are not targeted like City and State Police, but the figures show that is not the case. We all need to stay alert to possible problems and keep an eye out for the safety of both Police and Security, you may be the one that helps stop on of these attacks before they turn deadly.
from CTI Consulting http://ift.tt/2fyNatb
via IFTTT

KiDS: Inside the Terror Factory — Make this film a reality | Cause Match

This pulls a little on the gun control it looks like, but most of it is against the worst of the worst teaching little kids to be Jihadist killers and to hate the west.
from CTI Consulting http://ift.tt/2gCA2Ty
via IFTTT

Bush airport worker arrested for allegedly bringing loaded gun to work - Houston Chronicle

Not sure if he just forgot it, or was thinking it would get through, insider threats are one of the biggest vulnerabilities at airports, if this worker had a way to by pass security with his badge, we could have had a real problem.
from CTI Consulting http://ift.tt/2gD0MRt
via IFTTT

FBI Nabs Latest Starbucks Bombing Suspect; ISIS Linked to Previous Attacks | MRCTV

This is one we should stay on top of, three bombings in one week in New Mexico is a trend we may see repeated. I would be very concerned with Starbucks in high trafficked areas, like airports and mass transit areas.
from CTI Consulting http://ift.tt/2fxxSow
via IFTTT

Borderland Beat: Tijuana: The assassination of an Informant

In this case the informant tried to stay in or near the game, and that was a very bad move, he had a way to get he and his family out, and still wanted to play a bad guy, even asking for payments on things he had done in the past.
from CTI Consulting http://ift.tt/2fu1miJ
via IFTTT

Borderland Beat: 'The only two powerful cartels left': rivals clash in Mexico's murder capital

“There’s no ‘pacto’” in Colima, one of the journalists said, referring to an arrangement between authorities and one of the cartels. “It won’t calm down here until there is.” “There’s no ‘pacto’” in Colima, one of the journalists said, referring to an arrangement between authorities and one of the cartels. “It won’t calm down here until there is.” This is an interesting article and perhaps is true for the moment, but other Cartels are forming alliances and even others developing to try and fill voids in plaza controls. As new mid level cartel managers come on line, they are looking to make a name for themselves and if there is not room to advance will start pushing their own brand. As in business when the top positions are filled and the mid level staff feel there is no room to grow they look to expand on their own, look for the same thing here. The Zeta's felt that was the only way for them to get a bigger piece of the pie, and broke away from their Cartel that they where enforcers for, and made their own brand as a Cartel. If anyone thinks this is over they need to rethink, but probably the most troubling news from this article was the last comment by a journalist.: “There’s no ‘pacto’” in Colima, one of the journalists said, referring to an arrangement between authorities and one of the cartels. “It won’t calm down here until there is.” If this is the only way people thing Mexico can calm down all this violence is to make deals with the Cartels, then Mexico is finished. The Cartels just get stronger during these deals, and the corruption flourishes making the Government weaker, in both the minds of the Cartels and the Citizens of Mexico.
from CTI Consulting http://ift.tt/2fwfEE0
via IFTTT

Aides of Philippines' Duterte attacked in ambush: military

We are still getting info on this bombing attack on the Police convoy, at this point all that was determined is that it was a roadside bomb.
from CTI Consulting http://ift.tt/2fMn2JH
via IFTTT

OSU Attacker’s Facebook Goes On Anti-U.S. Rant... Likely Terrorist Attack - BB4SP

There is no right answer to vetting immigrants and this young man was pretty young when he came in, but we still need to try harder, many refugees just do not like the way the USA works, and will never blend in, so we need other options to provide them. Letting them change the USA is not an option. This person was stopped quickly and still did a lot of damage, both to the actual victims, but also to the USA that had to put up with another senseless attack.
from CTI Consulting http://ift.tt/2gRUD78
via IFTTT

Monday, November 28, 2016

Gizmodo on Twitter

TrentonScottH : The security infrastructure needed to halt ransomware spread across the network is often out of reach 4 smaller orgs https://t.co/dH2nSIxxEE
from CTI Consulting https://twitter.com/gizmodo/status/803376723068907520
via IFTTT

Saturday, November 26, 2016

Locky Ransomware Spreads Through Facebook Messenger

Facebook messenger has another ransomware attack. Please if you use Facebook messenger be very careful, if you do not watch out for people trying to get you into it.
from CTI Consulting http://ift.tt/2fCKA3V
via IFTTT

Mexico: Bodies, severed heads found in hidden graves - CNN.com

More bodies and parts of bodies found in central Mexico, some of them very new, some from past violence. Mexico needs a revolution to get back their country. This is just getting worse, even in the calm times the Cartels are just getting stronger, ready to fight for more turf, more distribution point, more cross over points. On the Mexico side, the Cartels are running and operating their business. On the USA side, the Cartels are more and more content to be upper level management and let controlled street and prison gangs to run, enforce, and manage the day to day operations. Most of the management on the USA side stay pretty far away from the dirty businesses, they may have records, but most do not on this side of the border. On the Mexican side, Cartels reach tenuous deals with different Government entities. The Government feels the need for these deals, for both survival and profit. The Cartels value the deal, but which ever cartel has the deal at the moment are always worrying about another Cartel moving in. That is the tenuous part of the deal, and both sides are aware of it each day. How to gain back control of Mexico from the Cartels is problem that does not have any easy answers, and all involve a lot of bloodshed to even get the direction reversed. But when it is allowed to get as bad as it is now in Mexico, it becomes very hard to turn it around. In the USA this turning point is getting closer every day.
from CTI Consulting http://ift.tt/2gpuYC0
via IFTTT

Friday, November 25, 2016

TSA annual test for screeners leads to firings, stress, turnover - StarTribune.com

we are only hearing one side of the story here, but from a trainers point of view if only 100 failed out of 45,000 or so, then I would have to rate the test fair. I think the whole going to FLETC for training with Agents from other agencies is bogus. The TSA screeners are already taught aggressiveness, to the point of often dealing with passengers in a hostile manner. I can under stand the motive of the TSA hierarchy there is a motivational problem, one that is basic to everyone looking for terrorists, that is there are very few terrorists out there. We can play games with the K9 dogs, give them scents every hour or so, so that they can keep motivated, TSA can play games with screeners the same way, but they understand the test, that throws suspect objects digitally in bags. There is another part to this story that should be talked about. The cost, size, and weight of the CAT scan type x-ray systems used for checked bags has come down enough that they can be used for carry on bags. Which is a good thing in many ways, but has some down points as well. A checked bag has to have a bomb that is ready to go, since the passenger will not be touching the bag again, but carry on bags, the explosive, the battery or other detonating method can be carried in separate methods, making the bomb that much harder for an automatic system to catch. With a new President and administration, it maybe time to take another look at what we are trying to do at the TSA, it seems to have lost its way.
from CTI Consulting http://ift.tt/2fxqWCS
via IFTTT

Wednesday, November 23, 2016

Hikvision Removed From US Embassy

Every one needs to know about the serious vulnerability associated with these cameras.
from CTI Consulting http://ift.tt/2gxY16V
via IFTTT

Victim ID'd, investigation continues in Center City package explosion

Letter and package bombs are not all that common, but we need to be cautious of all letters and packages over 8 ounces, especially during the holiday season. The investigation is ongoing but it does appear that opening the package set it off. Notice no one died, which is the case for most small letter and package bombs. You may want to brush off your mail and package bomb threat sheets for review, and ESI graduates may want to see if anyone around them needs to be trained on how to deal with these suspect devices.
from CTI Consulting http://ift.tt/2f6SyUn
via IFTTT

Tuesday, November 22, 2016

Brazil: Four dead after police helicopter 'shot down by gang' - BBC News

Helicopters are vulnerable to long gun fire, and the Cartels in Mexico have been using Barret 50 cal rifles to keep them at bay. If they can get them in close even small arms fire can be deadly to many non militarized helicopters. A lot of a helicopter's strength was that it was perceived to be able to handle more firepower than it actually can.
from CTI Consulting http://ift.tt/2fQmMaA
via IFTTT

GRAPHIC: Cartel Beheadings and Shootings Rock Mexican Resort Area

After a rough summer, it looks like the Cartels are going to have an even rougher winter. The violence is just not slowing down. Mexico needs to really decide what it is they are going to do, they owe it to the citizens of Mexico.
from CTI Consulting http://ift.tt/2gi0Qpv
via IFTTT

Innovative Antennas for Seamless Connectivity in Large Venues | TerraWave

CTI does not endorse any vendor or product, but when we do come up on solutions that may help solve some sticky situations like Executive Protection and Corporate Security face, we will talk about it. There are other vendors that provide these solutions, and I have never used this vendor as of yet, but they do have some great solutions. For instance a temporary WIFI, camera set up kit, with various power options, like solar, intermittent ground power and self powered thru POE for both routers and cameras. I have designed in the past solar charging systems for remote areas, but these folks have a systems ready to buy. If you are looking for ideas, here are few good ones, for that next gig.
from CTI Consulting http://ift.tt/2fZB9tn
via IFTTT

Probable Cause

This is a great article for all Law Enforcement and Security types to learn from. I also teach in addition to Terry vs Ohio, U.S. v. Mendenhall test for 4th Amendment seizures:, but the key as always is to get the officer to be able to articulate their basis for going to the next step. In a 7 hour class for police we show them how to develop the probable cause or reasonable suspicion. We use tests and presents to come up with ways to make the possible suspect react in ways that we can articulate why we believe that they are going to commit a crime. As stated in the post, it can be difficult since in the planning stages the bad guys know not to carry weapons or anything we can arrest for. Often all we have are pictures in their phone or diagrams they are using to set up the attack. Luckily there is case law for both these items to be valid to arrest. Well written article, thanks a lot
from CTI Consulting http://ift.tt/2fnIvc4
via IFTTT

Monday, November 21, 2016

Detecting the language of suicide: There's an app for that

This is apparently the up and coming thing, it is showing promise, but does not take away from the personal interaction with the person. You need to have them talk to someone trained on how to understand the problem.
from CTI Consulting http://ift.tt/2eVjAxL
via IFTTT

The Danger of Ignoring the 'Espionage' in Cyber Espionage | Stratfor

If you are in the security business, espionage is one of those things we have been fighting for centuries, but ad the name Cyber it seems to take on a whole new meaning here is an insightful article on gaining perspective in Cyber Espionage.
from CTI Consulting http://ift.tt/2fitSTM
via IFTTT

Hack: How to spy on a 3-D printer | Science News for Students

Espionage on high tech is going old school, well sort in the old days of typewriters, Spy's figured out how listen to the typewriters and the small surges in energy they made to tell what a person in typing. They got so good that they could print as fast as the typewriter did. Now they are using a similar attack on three D printers with a smart phone.
from CTI Consulting http://ift.tt/2fUWzYu
via IFTTT

Dangerous Rootkit found Pre-Installed on nearly 3 Million Android Phones

These phones, some sold by Best Buy, are often given as gifts to our children or friends, it is an android phone with the android operating systems but has a built in back door: Backdoor/Rootkit Comes Pre-installed The vulnerable OTA mechanism, which is associated with Chinese mobile firm Ragentek Group, contains a hidden binary — resides as /system/bin/debugs — that runs with root privileges and communicates over unencrypted channels with three hosts., China has not even started up two of the hosts, but the third is active and as soon as your phone links up to the internet sends your information out to the Chinese server for them to use. Since it is initiated by your phone, your firewalls on your routers do not even know it is happening. By the way since it is sent un-encrypted anyone sniffing the internet could catch the information and use it. China is playing in the weeds on this one waiting for one of your children to use a device like this or one of your employees to find the opening to attack your business or family's internet system.
from CTI Consulting http://ift.tt/2fKTGvZ
via IFTTT

Sunday, November 20, 2016

FBI Warns Of Thanksgiving Terror Potential; Walsh Says No Specific Threat To Boston « CBS Boston

There's no reason to panic, but to stay aware, use your training keep an eye out for unusual actions by people, remember everyone has a place to go or thing to do, even terrorists. You can see the family going to the mall, that is an easy one, now the single guy, even multiple guys walking in and watching , actively watching, not shopping not looking at girls, or meeting other guys, just watching. Watch when a police or security guard shows up, how they will try to not pay attention to them, but can't help themselves. This does not mean they are terrorists, because purse snatchers, robbers, even rapists all tend to conduct surveillance pretty much the same way. Bad guys are bad guys and a good purse snatcher can top a rookie terrorist in surveillance capabilities most of the time. So if you can pick out purse snatchers and pickpockets, terrorists are a piece of cake.
from CTI Consulting http://ift.tt/2gqlKG4
via IFTTT

Why The Mega-Rich Are Getting Bodyguards - The Daily Beast

There is the perception of danger out there, followed quickly by the actual rise in danger. So the need for bodyguards is rising as well, providing jobs for many of our Veterans that have gone for training in field since departing their service.
from CTI Consulting http://ift.tt/2fNI1dt
via IFTTT

Friday, November 18, 2016

As we approach the Thanks Giving Holiday, we need to remember the ISIS and AQ bad guys have not quit, they have threatened us on these very holidays, and we must keep aware at all times for them. They talk about picking the right knife to kill us with, but also discuss in depth the use of trucks, both with bombs and just by themselves to attack with. The know our vehicle regulations and know with a normal drivers licence they are not going to be able to rent anything over a 24 foot U-Haul so they advice using 16 or 18 foot trucks that will not attract as much attention. Keep your eyes out for people scoping out places where events are going to be, as well as rehearsal runs, even the Nice France truck attack used a trial run before he made his attack, If we can catch them there we all win. Have a safe holiday.


via CTI Consulting http://ift.tt/2fEhOAn

Armored Cars and Sniper Rifles: Inside Latin America's Biggest Security Expo - Bloomberg

Yet most Mexicans can not own the weapons to defend themselves and can not afford the other protective items shown at the expo. It is a good show, lots of claims made for different items that may or may not do as well as claimed, but that happens at all of these events. If you have any questions on some of the claims made by vendors, let us know, most of this we have dealt with in the past. Some things do work, but many do not work as well as claimed in the talk and brochures offered.
from CTI Consulting http://ift.tt/1YiehVo
via IFTTT

The silent side of hostage negotiations | Warmington | Canada | News | Toronto S

A former FBI Negotiator told me years ago, that the kidnapper may think they are in charge, but you have what they want and have worked for, the money. This simple fact if remembered and handled correctly can at least put you on a more even playing field with the bad guys.
from CTI Consulting http://ift.tt/1T2bwWW
via IFTTT

Number of kidnapping cases this year highest in two decades - KR Magazine - Kidnap and Ransom News

Kidnapping is a booming business, we see the trend getting worse not better. Still most of it was identifiable before the actual grab, you just need to be aware. No kidnapper likes being noticed prior to the event, so just noticing them, maybe taking a picture of them with your phone can be a big deterrence. If you are wrong then throw the picture away after a while, but make sure you send the picture and any information to a place where others can find it. Send it to your favorite security consultant, I always enjoy getting these in the middle of the night. Still when they get home safe I just dump them and wait till the next time. I get them on folks going into strip clubs and worse, and as they come out, often followed by local thugs, looking for an easy buck. But most of the time the picture alone lets the bad guys know they are aware of them. What goes to your security consultant stays with them, till your safe again. Lady clients has sent some of the most interesting pictures, but it works for them as well. Have a safe holiday season.
from CTI Consulting http://ift.tt/2eOntV0
via IFTTT

Suspicious tracking device found on MTA bus in Staten Island - NY Daily News

Much ado about nothing, there are a hundred reasons to put a tracking device on a bus, one of the first being, it was on someones car, and they moved it to the bus to misguide the folks tracking them, or a bus company that wants to know how a bus driver is covering his route.
from CTI Consulting http://ift.tt/2g19yHk
via IFTTT

Thursday, November 17, 2016

Risk & Insurance

This could be a game changer for many small and some large businesses, many businesses like small hotels do not pay some or even many managers over 45 thousand a year, yet expect them to put in the hours needed to get the job done. This little change made by the Obama administration could bring lawsuits in by the thousands as mid level managers feel that they are not be represented correctly by this law. It should be an interesting year coming up. On the other side of the fence, you just made weekend manager, a great career boost, but they have to take it away because you do not make enough to handle the flexibility of a managers work load.
from CTI Consulting http://ift.tt/2flHfU0
via IFTTT

What burglars can teach us about architecture - RN - ABC News (Australian Broadcasting Corporation)

This is a must read article for homeowners to business owners to Police, good advice and some great ideas to implement. In the coming holiday season, criminals are going to be out in force, lets try and be ready for them,
from CTI Consulting http://ift.tt/2g2E2dZ
via IFTTT

Pre-installed Backdoor On 700 Million Android Phones Sending Users' Data To China

This is just a further update to what testers found on the ZTE phones you can buy in the USA for 10$ with out a cell plan. As long as you keep them off the internet they are fine, but if you do hook them up to the internet look out. One testing firm took a ZTE phone down as far as they could stripped all the software off of it, brought it back up with clean android software and it was reinfected by the firm ware on the phone before they finished. Make no mistake this is a dangerous phone to use, even if you just give it to your kids, as soon as you put the passwords in so the kids can use the internet at the house, it is one its way to China. scary stuff, we have found the same on a number of low end CCTV cameras you can buy at Wallmart even Best Buy, they have back door built into them that can compromise your home and office internet security. With the Christmas season coming up, please watch what you buy, at the end of every holiday Christmas buying spree CTI gets call on problems with their privacy, everything from internet toys to the kids, to remote phones for the house all can have back doors in them. Even that harmless remote controlled thermostat you bought for the house, can be a danger to your cyber security. In fact we have not found one home internet controlled thermostat that did not have a vulnerability to be hacked and quite easily.
from CTI Consulting http://ift.tt/2fJowCN
via IFTTT

Texans warned to stay in hotel, not order room service in Mexico | khou.com

Safety and Security is a real concern for both players and staff, just another day in Mexico.
from CTI Consulting http://ift.tt/2eJqBBG
via IFTTT

This $5 Device Can Hack your Password-Protected Computers in Just One Minute

This will work but it you have this much access to the target computer, you can buy keyboard loggers that can do much more and quicker, and cheaper. When someone has access to your computer beware, just about anything can happen. I have taken to easy to slide off desktop PC covers, just to find unused USP ports inside, that you can put your own spy devices in, in less than 30 seconds, but since most people do not even look behind their computer after they set them up, inserting a keyboard logger into the same USB slot as their key board plugs into is not a real problem. a good one slides into the computer leaving just an 8th of an inch more for people to see if they look at the back of the computer.
from CTI Consulting http://ift.tt/2gkJwTK
via IFTTT

New Hack: How to Bypass iPhone Passcode to Access Photos and Messages

like most hacks it is harder than it looks and there are other ways to get this done. But it is a new hack, and users should be aware of it.
from CTI Consulting http://ift.tt/2g2lBpH
via IFTTT

Mexico's Carmen Aristegui shares tips for journalists fearful of libel lawsuits | IJNet

It is not enough to be shooting and throwing hand grenades at journalists, they are also being harassed by bogus legal actions meant to shut them down. We complain about our Press in the USA, but the Press in Mexico have it much worse. While we see that fat cats on Telimondo spout off about our elections, they will never cross the Mexican Government, or the Cartels for fear they will be killed. The press in Mexico take their lives in their hands everyday they try and do their jobs on reporting the corruption and cartel violence in their country. We all need to support them in anyway we can..
from CTI Consulting http://ift.tt/2fO0RkZ
via IFTTT

Study: Deaths by Firearms Reach Record Highs in Mexico

Welcome to a country with some of the toughest gun control programs in the world. Yet, the bad guys always find weapons, but a citizen has to break the law in most cases just to defend their home, let alone themselves as they walk down the street. There are a lot of reasons for these record levels of violence in Mexico, but no one can say they did not bring it on themselves with the way the Government deals with the cartels and its citizens. After one small town rid themselves of the cartel control, the first thing the Federal Police announced as they ventured back into the town, was to take the guns away from all the citizens, now that the violence was over. Left undefended the cartels came back in force and killed most of the people that had fraught them. Mexico has no easy answer to the cartels and corruption that exists, and it is going to be painful to even try and take back control, but that is what they must do, for their children to have positive lives in the future.
from CTI Consulting http://ift.tt/2fW1Wtn
via IFTTT

How to Be Mindful at Airport Security - The New York Times

This is perfect try this at your next TSA screening line, in fact try this the next time you are waiting in any line.
from CTI Consulting http://ift.tt/2fJ3cNE
via IFTTT

Wednesday, November 16, 2016

LDS introduces innovative drone-operated explosive detection system | Government Security News

This type of laser explosive detection is a fairly proven principal, and has been used by shore based teams on boats heading into harbor, It would appear they have solved some of the stability problems, basically you excite the explosive material with the laser and then read bounce off of the device, It could be a faster way to check for explosives that the robot used now days.
from CTI Consulting http://ift.tt/2fX53NY
via IFTTT

The Mysterious Recurring Case of Mexico’s Disappearing Governors - Bloomberg

when you consider that as little as 2 percent of crimes committed in Mexico end in a conviction, it is not that hard to see why many just ignore the Police and the prosecutors..
from CTI Consulting http://ift.tt/2fVxMny
via IFTTT

TSA Agent, 7 Others Arrested For Drug Trafficking Ring | WFMYNEWS2.com

Insider threat continue to plague all levels of our lives, the TSA is but one of them. When you see it at such a high prominent level like this a lot of people wonder if they will ever get a fair brake. This is not the first, nor will it be the last of TSA officer misdeeds, we have to remember that 5% of any large group will be bad guys, and 11% of any group will take advantage of a situation, Not all TSA are bad not by a long shot, but we and other TSA officers need to keep our eyes and ears open to find the bad one before someone gets hurt.
from CTI Consulting http://ift.tt/2fhlQf3
via IFTTT

Abbas cuts salaries to dozens backing rival Dahlan | The Times of Israel

This could have serious ramifications for years to come. Dahlan has his issues, but he does have a lot of supporters both in and out of the Gaza Strip and the West Bank. He does find ways to bridge the divides between Israel, Egypt and the EU not to mention the US and the Quartet.. Mr. Dahlan has come up from the streets and knows his way around the problems that exist, he should be considered for a replacement of Abbas in the future.
from CTI Consulting http://ift.tt/2eWl85U
via IFTTT

Tuesday, November 15, 2016

News from The Associated Press

Shooting at Oklahoma Airport, the airport is still on lock down,
from CTI Consulting http://ift.tt/2fVen92
via IFTTT

Securing Trump Tower -- Security Today

This is truly going to be interesting, normally the President picks one home to call his during his presidency, Trump like VP Rockefeller before him has multiple residences he in the end for cost he will have to pick one, perhaps two if he chips in for the security upgrade. As President he can chose to visit his home and it is kept secure, Jimmy Carter had an old farm home back in the woods while he was president. How all this shakes out will bt the mystery to follow.
from CTI Consulting http://ift.tt/2gd2RXK
via IFTTT

Bosch Security Systems and Sony Establish Partnership for Video Security Business -- Security Today

Did not see this coming, this could be a big issue in the year coming up, I mean every one is using Sony video chips for the most part, but this is taking it way rurther.
from CTI Consulting http://ift.tt/2fW5QAC
via IFTTT

Security incident closes checkpoints, Sky Train at Phoenix airport

Phoenix did a fair job at this event, cool heads prevailed and they left other screening check points and terminals open for flights. I think most airports are getting more realistic in their bomb evacuation response. A backpack device is only going to be at most in the 50 pounds of explosive range, and probably a lot less, like 20 pounds. Either device size would not really affect anything out side the immediate area. certainly nothing out side the terminal. This threat of terror is not going away, so we need to develop plans and procedures that minimize the effect of the threats. PHX was one of the first to go to the bomb resistant trash cans, in fact helped with the testing of the devices. It is things like this and constant police patrols as well as having the rest of the airport and airline staff in the terminals be aware of bomb and suspected devices recognition. Chicago Airports authority provided training for all staff at both airports, so they could help keep the police aware of any possible problems. Boston did the same to all their staff after 9/11.
from CTI Consulting http://ift.tt/2fCCPc6
via IFTTT

Russian Court bans LinkedIn in Russia; Facebook and Twitter Could be Next

This could be devastating, more than Russia will be affected.by this. This will be one to watch.
from CTI Consulting http://ift.tt/2gcQ7QV
via IFTTT

Wi-Fi Signal Interference Can Leak Your Passwords and Keystrokes

This is one of those deals where I am pretty sure this is highly compartmentalized over at the agency, pick the three letter agency you want. It still would take a lot of technology and skill to pull off, and most companies would have a tough time with this. and a security/consulting/espionage firm, is not going to get paid much for a 68% chance they got it right. Countries think anything over 10% take is good, usually not for big firms paying for the info, For a hacker team, this would be a gold mine, just looking for passwords.
from CTI Consulting http://ift.tt/2fCkiwv
via IFTTT

3 Ways To Make “No” Work For You

Do you want to know how to win at negotiations or even just every day questions, here are some tips from a pro, Chris Voss, a former FBI negotiator that dealt with the big league stuff, and now teaches businessmen how to use those skills, to deal with everyday business and life.
from CTI Consulting http://ift.tt/2fUwawI
via IFTTT

Monday, November 14, 2016

Hikvision 'Phone Home' Raises Security Fears

Using your phone with many if not all the Hikvision cameras and recorders can leave your network passwords as well as your phone passwords, vulnerable, to the point that DOD and others are not allowing their use in many areas of the Government. You may want to take the hint.
from CTI Consulting http://ift.tt/2fs5L97
via IFTTT

Adult Friend Finder and Penthouse hacked in massive personal data breach | Technology | The Guardian

Newest Hack attack, will have millions trying to come up with stories of how they showed up on this data base.
from CTI Consulting http://ift.tt/2fRySky
via IFTTT

Wednesday, November 9, 2016

Genetec Expels Hikvision

This is an unprecedented move, but should tell everyone about the vulnerabilities associated with Hikvision. I think Genetec made the right move and I hope other companies follow suit. They have a real problem over at Kikvision, and we need to watch out for any firms they are providing any OEM cameras for. Now if I could just figure out how what to do with my Lenovo laptop, which DOD is saying they will not allow contractors working on Government contracts to use.
from CTI Consulting https://ipvm.com/reports/genetec-hikvision
via IFTTT

DDoS Attack Takes Down Central Heating System Amidst Winter In Finland

Mirai botnet malware scans for insecure IoT devices, like security cameras, DVRs, and routers, that uses their default passwords and then enslaves them into a botnet network, which is then used to launch DDoS attacks. It is available on line in different forms, but all can be devastating. If older or much younger folks had been caught with this, it could have been deadly as well. Unfortunately many of these attacks are done by kids, just trying to see what mischief they can cause. And tho in this case no one was injured, they could have been.
from CTI Consulting http://thehackernews.com/2016/11/heating-system-hacked.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29&_m=3n.009a.1362.am0ao05w0h.sti
via IFTTT

Man jailed for bomb alert at Geneva Airport

This is the best way to stop these type of bomb threats, by big fines and jail time. Over 90% of bomb threats are like this one, just false alarms, but each one has to be taken and analysed by itself. We have procedures in place in the USA for evaluating these threats, and CTI helps businesses as well as Government entities develop polices and procedures on dealing with bomb threats. If you have policies in place and have had training on how to evaluate bomb threats, your legal liabilities should be minimized, no matter which way you chose to handle the threat. As I teach at the ESI bomb classes, airports and airlines have some of the highest rates of bomb threats, and normally is has to do with someone missing a flight, sometimes even flight crews call them in to try and hold the plane for their arrival.
from CTI Consulting http://www.travelmole.com/news_feature.php?news_id=2024562&c=setreg&region=2
via IFTTT

Tuesday, November 8, 2016

Ding-Dong -- Your Easily Hacked 'Smart' Doorbell Just Gave Up Your WiFi Credentials | Techdirt

The Ring smart door bell that provides you video of someone at the door, is like all the IoT or (Internet of Things) a nice thing to have, but a security vulnerability that could come bite you. This is dealing with only one hack on this device, and the company has developed a patch for it, but if you have one already good luck on getting the patch installed. The key words in the advertisement of the device are easy to set up. This should be a warning to all, yes your going to be able to install the device easily, but they made it so easy that the bad guy can steal the access not only to the device, but also your access code to your router, and then to any device you have hooked up the the router, like printers, digital storage on the network, your scale in your bathroom. It does not have much if any security on it. The article also goes into the Comcast Home security system and how easily it can be hacked. As well it talks about the home smart Thermostat, that a patch was developed for, since it had a very critical vulnerability, now the majority of the almost million devices do not work with the patch, and the only fix is to send it back to the manufacturer. IoT can make your lives perhaps a little simpler, but at what cost.
from CTI Consulting http://ift.tt/1ZPqsh6
via IFTTT

This is the one stop shopping place to get all the critical infrastructure risk assessment information, There are 16 sectors and each one has a report going into the vulnerabilities as well as how they are being addressed so far, these sector reports are driven by ongoing risk assessments of each sector. Great for knowing what risks we face and for marketing to the different sectors. http://www.ncisrm.org/


via CTI Consulting http://ift.tt/2fBGZjO

Ohio man arrested boarding plane to allegedly join ISIS - CBS News

We have to stay aware, in two other instances like this, the attempt to join the Jihad was supplanted by conducting terrorist attacks over here. The threat these home grown Jihadists is real and from what we can see is very noticeable in hindsight. We just need to understand the actions and report suspicious activity as quickly as possible. The time from conversion to radicalization has tended to be very quick, for those not converting, but are Muslim, there still is a very quick conversion to radicalization that other people around them tend to notice. We just need to tell law enforcement of our suspicions, and keep an eye on them for further reporting. The FBI is getting better and better at dealing with these threats, and a lot of it comes from people reporting suspect activity. Remember we are the eyes and ears of our communities, if you have received training in detecting these precursor events, then your abilities are even more important to keeping us all safer. Military and police even retired are great people to watch,to see how they keep aware of what is going on around them, this is a skill that take practice, training if you can get it, but constant practice.
from CTI Consulting http://ift.tt/2exusg0
via IFTTT

Risk & Insurance

Programmable Logic Controllers or Computers as they are described here are in virtually every business that uses computer interfaces to their manufacturing machines. This type of PLC attack is best known by the Stuxnet attack on Iran's Nuclear Program. PLC's are what controlled the spinning of the centrifuges used to separate nuclear materials so that they could make Nuclear bombs, they had thousands of them, and when the Stuxnet hit the PLC's they caused many if not the majority of the centrifuges to self destruct. What this scenario is dealing with are the PLC's that control the manufacturing process of the Beverage makers product. This could be any company that uses computers to control manufacturing which could be just about all of them. Please read this and see how vulnerable your product or company are. PLC's are used to control the Gates to airports, Gates in Prisons, valves in water plants, switch gear in our Power grid, even the lights in our traffic control computers all over the US. As you can see these cyber worms can hit just about anything, and they are very small programs that can hide in computers even PLC's for years before turned on. The Stuxnet has been altered by different groups and companies to come back and attack us in the USA, so we all need to be very careful. .
from CTI Consulting http://ift.tt/2eAB51e
via IFTTT

Edward Snowden shows how easy it is to HACK into a US voting machine with a £24 memory card

This should make all voters cringe, I think it would be detected, but I could be wrong.
from CTI Consulting http://ift.tt/2fjU4Pl
via IFTTT

Snake on a plane: Reptile dangled from overhead storage during Aeromexico flight | NOLA.com

Do not know what type of snake it is, but it would make me jump coming out of the luggage area like that. Video tells it all., OK, how do you react to this?
from CTI Consulting http://ift.tt/2fB3DIN
via IFTTT

isis and the election this the chatter | Dr.Rick Breazeale PhD Kent University, | Pulse | LinkedIn

Interesting take here, and probably not wrong
from CTI Consulting http://ift.tt/2fXgPfn
via IFTTT

Monday, November 7, 2016

Cartels are leaving grisly displays as a warning at a major US-Mexico border crossing

You can hear ongoing gun battles from the US Side of the Border. From a number of points in South Texas cities of Mission, Rio Grand City, McAllen , all the way to the coastal cities near Brownsville. The Cartels have a mass grave yard in view of the US Side of the Border, near a small town of Progreso which is abandoned at times when the warring factions of the Reynosa and Mattamoros Plaza bosses are having at it. Other times the small town is a favorite for our Snow Bird visitors from the North, to go and get cheap medical work done, and pick up prescriptions at a very reduced rate from the cost on the USA side. We just had an assassin conduct a hit in the McAllen area and then we have a picture of him crossing the border into Mexico driving the same pickup truck he used to shoot the USA citizen, less than an hour later. Yes the Cartels are leaving signs of their presence, all along the border.
from CTI Consulting http://ift.tt/2fsRVBo
via IFTTT

Widen The Approach -- Security Today

Not sure who the author of this article is, but Security Professionals, of all types should read it. It is meant for IT security types, but read it, it's principals are true of every type of the security, from guard forces, to Bodyguards. The people that know you, your company, and yes your IT systems, are always the folks that have an easier time of noticing something that does not fit the norm, what is out of place, and that is the kind of security you want for all aspects of your business.
from CTI Consulting http://ift.tt/2fvY2qS
via IFTTT

GE alerts airlines about engine part after American Airlines fire | Reuters

Now the problem is how many of these parts are going to show up on the black market for aircraft parts, a reportedly multi million dollar market, that deals in parts taken off broken or even crashed aircraft, or in this case jobbers that do not want to get caught holding these parts that can not be sold on the open market. These black market parts usually show up in third world aircraft maintenance shops, but have made it into the USA markets at times. The cost of a black market part over a FAA supported market cost is in the 1/3 to 1/10 value. So it is always a problem when costs for repairs are getting high. Many airlines will not leave repair parts on their planes once they get to America, they just do the repairs over again to make sure of the parts and the installation.
from CTI Consulting http://ift.tt/2fsF16u
via IFTTT

Tulsa businesses offer products to help airlines deal with lithium ion battery problems - Tulsa World: Tulsa Business & Legal News

This is probably a good idea, I do not think we have seen the end of Samsung 7 type problems. As we try and make Lithium Ion Batteries do more with less structure (weight) this could happen again. The biggest issue is how to get them in the bag, if they start to go.
from CTI Consulting http://ift.tt/2eFVzcc
via IFTTT

Puerto Rico TSA worker indicted in $30M drug smuggling case

Insider threat continue's, even the TSA is not immune. This is not the first TSA person caught up in smuggling, even the Sky Marshall's have had arrests made on them for drug smuggling. These are armed TSA on airplanes, which is about a bad as it gets. Still the number is under the 5% of any group that do bad things, from FBI Agents to Priests. For many security experts when you point to the less than 5% of any group doing something bad, then we usually think they are not looking hard enough.
from CTI Consulting http://ift.tt/2fUi2Ej
via IFTTT

Vulnerability Summary for the Week of October 31, 2016 | US-CERT

There are two real issues to be looked at here, one is the Flash Player (again) most experts just tell you to get rid of Adobe Flash, the next is Cisco routers (again) the issue is the home router, the office routers your IT department can handle, the home one you may have to take care of. It has the highest risk rating the CERT provides, so please take a look at it.
from CTI Consulting http://ift.tt/2eOM0p5
via IFTTT

20 Islamists Found Infiltrating German Army

This is a problem the world has to deal with now. It is not the first time the Military has had to worry about infiltration of bad guys either singly or in groups. The DOD is constantly on the watch for gang members either joining in groups, or forming up while in the Military. As for the Islamist issue, we in the USA under this administration may have tilted the scale a bit, to not judge the Islamic intentions in a bad way, over 60 radical Islamic, to the point of showing allegiance to ISIS or AQ , have been found working for our Government as TSA, Airport workers, and others. Another 170 are under active investigations. This happens anytime you tilt the scale, and has happen the other way around as well, just look at the interment of American Citizens of Japanese decent back in WWII. We need to keep our hands off the scale and let the process work, seems to be the answer.
from CTI Consulting http://ift.tt/2fsbFoM
via IFTTT

Saturday, November 5, 2016

Experts Warn Of Election Day Cyberattacks

TrentonScottH : This concern has been growing for some time: Fears Of Cyber Warfare Loom Over Election Officials #CyberSecurity https://t.co/P7s23I5Vt0
from CTI Consulting http://ift.tt/2fqbpqJ
via IFTTT

Friday, November 4, 2016

Wi-Fi can be turned into IMSI Catcher to Track Cell Phone Users Everywhere

Ok as we go into the Weekend, let us leave you with this neat little trick. You can try this one at home kids, but we all need to be aware of it. I knew I could get MAC ID's from phones and other devices set to use free WIFI, in fact I teach a course on part of this, that immediately gets everyone in the class to adjust their phones, tablets and computers. So take off the auto log in feature off all your devices now.
from CTI Consulting http://ift.tt/2ew7fyj
via IFTTT

Anvato Universal Player

http://up.anv.bz/latest/anvload.html?key=eyJtIjoiYW52IiwicCI6ImRlZmF1bHQiLCJ2IjoiMzc4OTg4OCIsInBsdWdpbnMiOnsiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP3N6PTQwMHgzMDAmaXU9LzEyNTIzMjkzL09ybGFuZG9fVFYvd2Z0dl93ZWJfZGVmYXVsdC9uZXdzJmltcGw9cyZnZGZwX3JlcT0xJmVudj12cCZvdXRwdXQ9dmFzdCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJnVybD1odHRwOi8vd3d3LndmdHYuY29tL25ld3MvcmF3LXN1cnZlaWxsYW5jZS12aWRlby1mcm9tLXBhcnJpc2gtaG9zcGl0YWwtc2hvb3RpbmdfMjAxNjEwMjYwMDIwNTMvNDYwNjI5NzQ1JmRlc2NyaXB0aW9uX3VybD1odHRwOi8vd3d3LndmdHYuY29tL25ld3MvcmF3LXN1cnZlaWxsYW5jZS12aWRlby1mcm9tLXBhcnJpc2gtaG9zcGl0YWwtc2hvb3RpbmdfMjAxNjEwMjYwMDIwNTMvNDYwNjI5NzQ1JmNvcnJlbGF0b3I9V0ZUViZrdz1yYXd2aWRlb3MscmF3dmlkZW8ifX0sImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNTk0NCJ9LCJyZWFsVGltZUFuYWx5dGljcyI6dHJ1ZSwiaGVhcnRiZWF0QmV0YSI6eyJ2ZXJzaW9uIjoiMS41IiwibWFya2V0aW5nQ2xvdWRJZCI6IjE0NjIzNEI4NTI3ODM1RTEwQTQ5MEQ0NEBBZG9iZU9yZyIsImN1c3RvbVRyYWNraW5nU2VydmVyIjoiY294bmV0LjExMi4ybzcubmV0IiwidHJhY2tpbmdTZXJ2ZXIiOiJjb3huZXQuaGIub210cmRjLm5ldCIsImpvYklkIjoiajIiLCJhY2NvdW50IjoiY294d2Z0dixjb3hnbG9iYWwiLCJwdWJsaXNoZXJJZCI6ImNveG5ldCIsImN1c3RvbU1ldGFkYXRhIjp7InZpZGVvIjp7InBhZ2VOYW1lIjoiL25ld3MvcmF3LXN1cnZlaWxsYW5jZS12aWRlby1mcm9tLXBhcnJpc2gtaG9zcGl0YWwtc2hvb3RpbmdfMjAxNjEwMjYwMDIwNTMvNDYwNjI5NzQ1IiwicGFnZVNpdGVTZWN0aW9uIjoiTmV3cyIsInBhZ2VDYXRlZ29yeSI6IiIsInBhZ2VTdWJDYXRlZ29yeSI6IiIsInBhZ2VDb250ZW50VHlwZSI6InZpZGVvIiwicGFnZVRpdGxlIjoiV0ZUViAtIFJhdzogU3VydmVpbGxhbmNlIHZpZGVvIGZyb20gUGFycmlzaCBob3NwaXRhbCBzaG9vdGluZyAtIFN0b3J5Iiwic2l0ZVZlcnNpb24iOiJyZXNwb25zaXZlIHNpdGUiLCJzaXRlRG9tYWluIjoid2Z0di5jb20iLCJzaXRlRm9ybWF0IjoidHYiLCJzaXRlTWV0cm8iOiJmbDogb3JsYW5kbyIsInNpdGVNZWRpdW0iOiJ0diIsInNpdGVJRCI6IndmLXR2Iiwic2l0ZVR5cGUiOiJtYWluIiwic2l0ZUNNUyI6Imxha2FuYSIsInVzZXJTdGF0dXMiOiJub3QgcmVnaXN0ZXJlZCIsInVzZXJQcm9maWxlSUQiOiIiLCJ1c2VyQWN0aXZlIjoibm90IGxvZ2dlZC1pbiIsInVzZXJUeXBlIjoiYW5vbnltb3VzIiwiY29udGVudFRvcGljcyI6Ik5ld3MiLCJjb250ZW50QnlsaW5lIjoiIiwiY29udGVudElEIjoiNDYwNjI5NzQ1IiwiY29udGVudFZlbmRvciI6IiJ9LCJjaGFwdGVyIjp7fSwiYWQiOnt9fX19LCJhbnZhY2siOiJhbnZhdG9fY294X2FwcF93ZWJfcHJvZF9jZTQ1Y2RhMjM3OTY5ZjkzZTcxMzBmNTBlZThiYjYyODBjMTQ4NGFiIn0
from CTI Consulting http://up.anv.bz/latest/anvload.html?key=eyJtIjoiYW52IiwicCI6ImRlZmF1bHQiLCJ2IjoiMzc4OTg4OCIsInBsdWdpbnMiOnsiZGZwIjp7ImNsaWVudFNpZGUiOnsiYWRUYWdVcmwiOiJodHRwczovL3B1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9nYW1wYWQvYWRzP3N6PTQwMHgzMDAmaXU9LzEyNTIzMjkzL09ybGFuZG9fVFYvd2Z0dl93ZWJfZGVmYXVsdC9uZXdzJmltcGw9cyZnZGZwX3JlcT0xJmVudj12cCZvdXRwdXQ9dmFzdCZ1bnZpZXdlZF9wb3NpdGlvbl9zdGFydD0xJnVybD1odHRwOi8vd3d3LndmdHYuY29tL25ld3MvcmF3LXN1cnZlaWxsYW5jZS12aWRlby1mcm9tLXBhcnJpc2gtaG9zcGl0YWwtc2hvb3RpbmdfMjAxNjEwMjYwMDIwNTMvNDYwNjI5NzQ1JmRlc2NyaXB0aW9uX3VybD1odHRwOi8vd3d3LndmdHYuY29tL25ld3MvcmF3LXN1cnZlaWxsYW5jZS12aWRlby1mcm9tLXBhcnJpc2gtaG9zcGl0YWwtc2hvb3RpbmdfMjAxNjEwMjYwMDIwNTMvNDYwNjI5NzQ1JmNvcnJlbGF0b3I9V0ZUViZrdz1yYXd2aWRlb3MscmF3dmlkZW8ifX0sImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNTk0NCJ9LCJyZWFsVGltZUFuYWx5dGljcyI6dHJ1ZSwiaGVhcnRiZWF0QmV0YSI6eyJ2ZXJzaW9uIjoiMS41IiwibWFya2V0aW5nQ2xvdWRJZCI6IjE0NjIzNEI4NTI3ODM1RTEwQTQ5MEQ0NEBBZG9iZU9yZyIsImN1c3RvbVRyYWNraW5nU2VydmVyIjoiY294bmV0LjExMi4ybzcubmV0IiwidHJhY2tpbmdTZXJ2ZXIiOiJjb3huZXQuaGIub210cmRjLm5ldCIsImpvYklkIjoiajIiLCJhY2NvdW50IjoiY294d2Z0dixjb3hnbG9iYWwiLCJwdWJsaXNoZXJJZCI6ImNveG5ldCIsImN1c3RvbU1ldGFkYXRhIjp7InZpZGVvIjp7InBhZ2VOYW1lIjoiL25ld3MvcmF3LXN1cnZlaWxsYW5jZS12aWRlby1mcm9tLXBhcnJpc2gtaG9zcGl0YWwtc2hvb3RpbmdfMjAxNjEwMjYwMDIwNTMvNDYwNjI5NzQ1IiwicGFnZVNpdGVTZWN0aW9uIjoiTmV3cyIsInBhZ2VDYXRlZ29yeSI6IiIsInBhZ2VTdWJDYXRlZ29yeSI6IiIsInBhZ2VDb250ZW50VHlwZSI6InZpZGVvIiwicGFnZVRpdGxlIjoiV0ZUViAtIFJhdzogU3VydmVpbGxhbmNlIHZpZGVvIGZyb20gUGFycmlzaCBob3NwaXRhbCBzaG9vdGluZyAtIFN0b3J5Iiwic2l0ZVZlcnNpb24iOiJyZXNwb25zaXZlIHNpdGUiLCJzaXRlRG9tYWluIjoid2Z0di5jb20iLCJzaXRlRm9ybWF0IjoidHYiLCJzaXRlTWV0cm8iOiJmbDogb3JsYW5kbyIsInNpdGVNZWRpdW0iOiJ0diIsInNpdGVJRCI6IndmLXR2Iiwic2l0ZVR5cGUiOiJtYWluIiwic2l0ZUNNUyI6Imxha2FuYSIsInVzZXJTdGF0dXMiOiJub3QgcmVnaXN0ZXJlZCIsInVzZXJQcm9maWxlSUQiOiIiLCJ1c2VyQWN0aXZlIjoibm90IGxvZ2dlZC1pbiIsInVzZXJUeXBlIjoiYW5vbnltb3VzIiwiY29udGVudFRvcGljcyI6Ik5ld3MiLCJjb250ZW50QnlsaW5lIjoiIiwiY29udGVudElEIjoiNDYwNjI5NzQ1IiwiY29udGVudFZlbmRvciI6IiJ9LCJjaGFwdGVyIjp7fSwiYWQiOnt9fX19LCJhbnZhY2siOiJhbnZhdG9fY294X2FwcF93ZWJfcHJvZF9jZTQ1Y2RhMjM3OTY5ZjkzZTcxMzBmNTBlZThiYjYyODBjMTQ4NGFiIn0
via IFTTT

Body left hanging on bridge in Mexico's Tijuana

ISIS has nothing on the Mexican Cartels, what they do would put many ISIS folks to shame. People in rehab clinics in Mexico are attacked the Doctors and Counselors shot and the addicts driven out on the streets, so they will buy more drugs. The Cartels have no regard for fellow Mexican's lives, and even less for USA lives. They have the same business problem all business does, it they do not grow the management path stops. New talent has to find ways to stand out and make money, so violence is usually the answer. Make management notice you, and also make room at the top by killing the top guys, or turning them in. Business cycles are found in Cartels, Terrorist Groups, as well as in the halls of Wall Street, either grow to make room for new managers to rise, or watch good talent leave. Both are seen in the Cartel world, but they do not retire people like they do on Wall Street, they usually kill them.
from CTI Consulting http://ift.tt/2fJ9xvD
via IFTTT

Sources: U.S. intel warning of possible al Qaeda attacks in U.S. Monday - CBS News

Threat still being assessed, but it does fit within the AQ attack plan. Lone Wolfe attacks with small arms at Polling places is considered a possible target. If you look at the AQ magazine 2 months ago, it showed polling place lines, and pointed them out as a way to really effect the American Election. If you can drive by polling places and see if you notice anyone conducting surveillance, or looking out of place, please tell someone. This would be the time for those last second looks by the bad guys prior to the attack. If you are police make yourself visible around the areas, that will show a change in security for those taking those last looks before an attack, and may make them pick another target, or give up the attack plans to come back another day. If it is a small arms attack, just the presence of one armed Police officer keeping a look out could be just the game changer we need. Going up against innocent voters is one thing, going up against trained Law Enforcement is quite another. If we citizens keep an eye out as well, and warn Law Enforcement, you could be saving their lives as well as your own.
from CTI Consulting http://ift.tt/2fKAnDz
via IFTTT

Thursday, November 3, 2016

Isis bomb suspect planned to target Berlin airport - The Local

Airports are still a primary target of ISIS, the bomb was not that big, about the size of the one's used in the Brussels bombing, perhaps even less. Once again go back to your terrorist planning cycle this person was buying the last chemical needed for his bomb when the chase started. Great Job by the Police, this is the key we have to catch them on the cycle of planning and preparing before they have the device and are on the way.
from CTI Consulting http://ift.tt/2e2bL9S
via IFTTT

Four Nigerian airport officials arrested for allegedly exporting hard drugs - Premium Times Nigeria

This is could be the biggest insider threat so far, the head law enforcement officer of the airport is being charged.
from CTI Consulting http://ift.tt/2eVvlTx
via IFTTT

19-Year-Old Teenage Hacker Behind DDoS-for-Hire Service Pleads Guilty

This 19 year old exploited vulnerabilities in the IoT devices like 1400 plus home and office CCTV cameras that are wireless and cheap, another large number of routers for homes and small offices, as well as throw in another good number of smart refrigerators, smart thermostats, and a goodly number of smart TV sets. But the real bad news is from what the Law Enforcement and Cyber Security folks are seeing, lots of teen age hackers are learning quickly how to do the same thing. But say they do a denial of service to their school, or local Police or Parole office, then a lot of damage could be done. The answer in the short term is get these Internet of Things (IoT) off the internet. Buy a cheap, probably hackable) router keep it off the internet, and run your CCTV, scales, thermostats, and other devices off of the non internet connects router to a cheap computer that you had hanging around, so that records and recordings can be kept, but not hacked by the internet folks out there. The bad news is you will not be able to change the temperature of your home from the office or hotel you are staying at. But you can once you get home do all those things by logging on to the local cheap router you have not hooked up to the internet.
from CTI Consulting http://ift.tt/2fgoS3K
via IFTTT

Watch a drone hack a room full of smart lightbulbs from outside the window - The Verge

The Internet of Things is billed as the way to have a better and connected life, sort of Like George Jetsen's home of the future. The problem is that it not only can be a plus, but a huge minus as well. Once control of a home, office, or city is linked together, it is possible for outsiders to control these as well. Remember when the electric company under one of President Obama's projects, wanted to install smart outlets in peoples homes to control how much electricity you used in your home. It was billed as a benefit to you. Now we are putting not only smart outlets in our homes but also smart light bulbs, smart thermostats, smart refrigerators, and even smart scales in our bath rooms. If hackers wanted to control many of these things, they can and have, now think of a Government Program, even Agency that thinks it should have more say on how you use electricity in your home or office, or a health care program that hacks your scale in your bathroom to see how you are doing on the diet. It is at this time a remote possibility, but still a possibility. Right now the hackers seem to just want to control all these things in your home to email, not your phone to tell you that it dimmed the lights but to a bank or other institution to that no valid emails can make it into the system. There are many IoT devices out there and more coming on board each day. They are mini, maybe even micro computers that have very little security and openings for both bad guys and good guys. So if you are looking for a real stable career, take a look at becoming an IoT security expert.
from CTI Consulting http://ift.tt/2fhyOKV
via IFTTT

In Muhammad Dahlan’s Ascent, a Proxy Battle for Legitimacy - The New York Times

Say what you will, Mr. Dahlan is a powerful and,if given the chance, positive force for Palestine, his knowledge and behind the scenes control of the Gaza Strip is a big part of how he can still put a lid on Hamas under the right conditions. He has his negatives and yes he has made a lot of money in an area of the world that it is hard to do, with out being in the grey areas of the conflict. But so has Mohammad Abbas, so did Arafat with his family. I do know Mr. Dahlan supported the peace process with Egypt and Israel to get the Rafah Crossing open under Palestinian control with EU, Egypt, and Israel oversight. He personally stepped in an made things happen when we hit a number of road blocks on the way to open the crossing. He is known and can and has dealt with all sides of the issue, both up in front and behind the scenes. It will be interesting to see how this shakes out in the coming months.
from CTI Consulting http://ift.tt/2eY7PFJ
via IFTTT

Wednesday, November 2, 2016

China-Linked APT3 Group Focuses Attacks on Hong Kong | SecurityWeek.Com

Read this get upset about all the things this APT3 cyber attack group has and is doing around the world, then remember the APT1 Chinese Cyber Attack group is bigger, has been around longer and has been successful against the USA for years. Now just give a thought to the APT2 cyber attack group and what it is doing.
from CTI Consulting http://ift.tt/2cADvAA
via IFTTT

US Charges Chinese Worker for IBM With 'Economic Espionage' | SecurityWeek.Com

Insiders at many of our largest USA companies are a constant problem, Chinese agents often go to school in the USA then develop tasking assignments while in school with some of our biggest firms. These often called summer jobs or post graduate jobs, let them often get hired permanently by the firm, and then the insider is off to the races, stealing anything they can to help Mother China. It has been used so often it is a wonder that our country has not taken more stringent actions to ferret them out. Still many universities have ideas of the intent of some of these students, but turn a blind eye to it all. Universities often look at what is espionage as just sharing with other universities, things that should not be used for profit or military goals.
from CTI Consulting http://ift.tt/21l7OtR
via IFTTT

Chinese Attackers Conduct Cyberespionage for Economic Gain | SecurityWeek.Com

What makes this group of attacks so problematic is it targets anti virus software as an entry point. If you read any of the books on Chinese Espionage and Intelligence programs, you will quickly see each node of the more that 25 cyber intelligence nodes in their agencies make up are all tasked with Economic Espionage not just attacks on our Military and Intel Agencies. Like when the Soviet Union and now to some extent the Russian's used to mount attacks on the US in foreign countries, so are the Chinese.
from CTI Consulting http://ift.tt/28DZc7k
via IFTTT

China-Linked Cyberspies Lure Victims With Security Conference Invites | SecurityWeek.Com

Another attack by Chinese linked actors, this time they targeted a group that has been working against them. Spear Phishing attacks are developed to go after a specif event or group. In this case a cyber security convention, if you get one of these invitations do not open it, the conference has actually stopped using emails to get the word out.
from CTI Consulting http://ift.tt/2f3Drbj
via IFTTT

Spinach Can Now Be Used to Detect Explosives

Before you get too excited, it only detects the residue in ground water, so do not expect to see these at the TSA check point line anytime soon. There are a number of plants that have been found to detect different types o counter-ban, from explosives, to chemical Biological weapons, to drugs. It is, I guess good research, but I am not sure of its potential for Law Enforcement.
from CTI Consulting http://ift.tt/2f0VI8h
via IFTTT

Borderland Beat: US Citizen dissapears in Sinaloa, kidnapping investigation in progress

Any help anyone can give to help find this US Citizen will be greatly appreciated. We all know folks in Mexico and many are aware of what is going on in the criminal world, so even hints can be a big help.
from CTI Consulting http://ift.tt/2ek9mF2
via IFTTT

Tuesday, November 1, 2016

Watch Out for Workplace Intruders | Stratfor

Great report from the Stratfor folks. I am always looking for old school attacks, and with everyone looking for the next cyber criminal or attack, perhaps we should be looking for the Office Creeper. Well done Stratfor, and the timing is perfect, during the holiday seasons coming up unknown folks hanging around should be looked at carefully.
from CTI Consulting http://ift.tt/2f8uXl3
via IFTTT

OCR Sends Message to Healthcare Industry with 2 HIPAA Settlements - Campus Safety

How does your Hospital, Doctors Office, or Business Associate even a medical Research Institute, stack up with the HIPAA regulations. In one case a laptop was stolen out of a consultants car, HIPAA went after the Consultants Firm. If you are dealing with health care records there are regulations that must be followed, even your HR department can run afoul of HIPAA regulations. In one case the Health Care Facility had a risk assessment done, but it was found to be too disjointed and haphazard to be effective, and fines were levied. For the first years of HIPPA no real follow thru on assessing plans or their solutions had been made, unless a complaint was made, now days things are getting more organized and 2016 was to be the year of assessments, but it will carry into 2017 for many initial assessments. Anyone dealing with HIPAA covered records, need to dust off their plans and make sure everything is working as stated in the plan. Do not forget the training it is imperative that the basic training be done, check your records to insure that all training for new hires has been done and is properly documented.
from CTI Consulting http://ift.tt/2exj84y
via IFTTT