| Banning 'the Box' to Give Ex-Convicts a Better Chance at Finding a Job PBS NewsHour (12/25/14) Some states and municipalities have begun to prevent employers from asking job applicants about criminal convictions to make it easier for convicts to find jobs after being released from prison. The measures passed by these jurisdictions are part of the "ban the box" movement, referring to the elimination of the box on job applications that applicants check if they have been convicted of a felony. While there are already federal and state laws that forbid employers from using a conviction as a pre-screening tool, ban-the-box advocates say they do not work. In addition, governments and communities are looking for ways to reduce costs associated with the growth of the prison population and turn former inmates into productive citizens, according to Safer Foundations Director of Policy and Advocacy Anthony Lowery. Illinois has become the latest state to pass a law that prohibits employers from asking applicants on initial job applications if they have ever been convicted of a felony. The law delays when a prospective employer can ask about criminal history, allowing the candidate to get past the initial screening. Opponents of ban-the-box laws, meanwhile, say existing laws that prohibit employers from using past convictions during the screening process make the new statutes unnecessary. In About-Face, Sony Will Show Film in Dispute New York Times (12/24/14) Barnes, Brooks; Cieply, Michael Sony Pictures Chairman Michael Lynton announced Tuesday that the studio had reversed its decision to shelve the controversial movie "The Interview" due to security concerns and will now release the film to a small number of theaters on Dec. 25. The film, which has drawn the ire of North Korea because its plot line focuses on the assassination of North Korean leader Kim Jong-un, will be shown in roughly 200 smaller theaters but is unlikely to be shown at major theater chains because of ongoing concerns about security. A group of hackers believed to have ties to the North Korean government had threatened to attack theaters showing "The Interview," which prompted some theater chains to decide last week not to show the movie. The FBI initially urged theaters to take the threat seriously, but now it is backing away from that advice as federal officials try to determine the credibility of the threat. The smaller theaters that will show "The Interview" may take a number of security precautions in light of the threat, including banning packages or backpacks, people familiar with the theaters' plans say. Meanwhile, Sony Pictures is considering releasing "The Interview" via video on demand at some point, although any such plans could be hampered by concerns about among satellite operators, cable systems, and online platforms about possible retaliatory cyberattacks. Indeed, the hackers behind the threats against movie theaters have also vowed to carry out further cyberattacks if the "The Interview" is released. Access Control: What's on the Horizon Security Magazine (12/14) "Security Magazine" recently interviewed Jason Ouellette, Tyco Security Products' product line director for access control, about future trends in access control. Some of the major changes that the market has seen in the past couple years include the move from integrations to unified platforms, which provide access and video information with a single-server solution, Ouellette said. He adds that the cloud is being used in access control, but that data privacy and access in case of a disaster remain major concerns. Ouellette says the government and corporate sectors, as well as medium- and large-sized businesses, are increasingly interested in using enterprise access control. While costs and reliability have limited the use of biometrics, Ouellette says that the technology and adoption have improved, and it is another area where growth can be expected. Standardization organizations are beginning to develop access-control standards, with the Security Industry Association (SIA)'s Open Supervised Device Protocol and Physical Security Interoperability Alliance calling for interoperability between access-control systems. IT departments are playing a "significant role" in the installation of access control, Ouellette said, and are now primarily responsible for making decisions regarding access control. Investigation: Addicted Nurses Steal Patients' Drugs News Leader (Shenandoah Valley) (12/05/14) Borns, Patricia Nine hundred nurses in Virginia have been publicly disciplined by the Virginia Board of Nursing between 2007 and mid-2013 for drug theft and use, an investigation by The News Leader has found. Public records, interviews with nurses and experts, and administrative hearings show that dozens of patients in Virginia have been denied medication because a nurse had been stealing it. Employers often fail to catch nurses with drug problems, and may not always report them to the state. Because Virginia does not consider healthcare a "high-risk industry," it does not require random drug screens or criminal background checks for nurses. Virginia officials, however, have begun to discuss the possibility of giving the nursing board the authority to run criminal background checks on licensing applicants. Diebold's Responsive Banking Concept Enhances ATM Security and Service Security Management (12/14) Moran, Mike Diebold unveiled new ATM banking technologies and capabilities in November as part of what it calls a "branch transformation solution." This solution involves four "experience zones" that merge in-person, online, and mobile banking, and use security technologies such as Internet Protocol video, privacy glass, and directional audio. Specially designed kiosks use near-field communication, proximity sensors, and motion detection to identify customers, who then use smart phones to authenticate cardless transactions. Mobile devices are used as the primary user interface for banking transactions, but customers without smart phones can use 19-inch touch monitors that have privacy filters to protect sensitive information. U.S. Prepares to Accelerate Detainee Transfers From Guantanamo Bay Prison Washington Post (12/25/14) Ryan, Missy; Goldman, Adam The Obama administration is preparing to move dozens of inmates out of the Guantanamo Bay detention center within the next several months in an effort to shut down the prison before President Obama leaves office. Officials say there are plans to significantly reduce the prison's population over the next six months, and that the government is communicating with various nations who may accept the 64 detainees approved for transfer. Five detainees have been approved for transfer to a host country by the end of this year, and five or six more are expected to be moved in January. Uruguay has already accepted six Guantanamo detainees this month, and officials are hoping that other Latin American nations will follow suit. Detainees from Yemen, who make up the largest portion of the remaining prisoners, are unlikely to be returned to their home country in the near future due to U.S. concerns about militant activity there. Ten detainees are in the process of a military trial, and 60 more are slated for official reviews that may make some eligible for transfer. Several others, however, are considered too dangerous for release but are ineligible for trial due to a lack of evidence. Australian Terror Threat High After Sydney Siege, Abbott Says Wall Street Journal (12/23/14) Taylor, Rob Following a meeting with senior national security ministers and police on Tuesday, Australian Prime Minister Tony Abbott warned that the terrorism threat facing Australia is "high" a week after the hostage situation in Sydney that Abbott has characterized as a terrorist attack. "There has been a heightened level of terrorist chatter in the aftermath of the Martin Place siege," said Abbott, referring to last week's incident where Iranian immigrant and self-styled sheik Man Haron Monis held 17 people hostage in a Sydney cafe for 16 hours before killing two of them. Although Abbott has called the incident a terrorist attack, others have attributed it to Haron's history of mental instability and violence. Abbott has ordered an investigation into the attack to answer a number of questions, such has why Haron was free on bail at the time of the attack despite his history of violence and extremism as well as how he was able to obtain a gun in spite of Australia's stringent gun control laws. FBI's Investigation of 2001 Anthrax Attacks Was Flawed: GAO Homeland Security News Wire (12/22/14) The FBI used flawed scientific methods when investigating the 2001 anthrax attacks, according to a report released Dec. 19 by the Government Accountability Office (GAO). For example, the authors say that the FBI did not provide a full explanation of how bacteria mutate, at least partly because the bureau's researchers did not completely understand this process. The GAO's report added that because genetic mutations were used to differentiate between samples of anthrax and because the researchers failed to adequately understand the mutation process, the investigation contained a "key scientific gap." The GAO also found that the FBI lacked rigorous controls over sampling procedures and did not highlight the degree of uncertainty in identifying genetic markers. These genetic markers were the basis for FBI investigators' conclusion that the parent material of the spores used in the 2001 attacks came from a flask that was created and solely maintained by Army biodefense specialist Bruce Ivins, who the blamed for the attacks. The GAO did not take a position on whether Ivins was involved in making and mailing anthrax-filled envelopes, but some say the findings call into question whether he was responsible for the attacks. FBI spokesman Christopher Allen said the report does not change the bureau's confidence in its decision to close the investigation in 2010. White House Weighs Options Against North Korea Wall Street Journal (12/21/14) Lee, Carol E.; Solomon, Jay; Grossman, Andrew President Obama is weighing several possible responses to North Korea's alleged hacking of Sony Pictures Entertainment days after the reclusive regime threatened to attack the U.S. Among the responses the president is reportedly considering are the reinstatement of several sanctions against North Korea that were lifted by the Bush administration in an effort to broker a nuclear accord with Pyongyang. Congressional Republicans in particular are pushing for such sanctions, which would in part target the Kim regime's ability to carry out financial transactions, as well as redesignating North Korea as a state sponsor of terrorism. President Obama is also said to be seeking China's assistance in putting pressure on North Korea, which could lead the president to forgo sanctions. North Korea's National Defense Commission issued a statement Sunday denying its role in the hacking of Sony Pictures Entertainment, but vowing to carry out an attack "thousands of times greater" and accusing the Obama administration of being "deeply involved" in the making of "The Interview." The attack against Sony is believed to have been in retaliation for the film, which hinges on a plot to assassinate North Korean leader Kim Jong Un. Pakistan Moves to End Policy on 'Good Taliban' Wall Street Journal (12/21/14) Shah, Saeed After several months of moving away from supporting some jihadist groups, Pakistan may be making more substantial changes in the aftermath of the Peshawar school massacre. Pakistan's security agencies have long used militant groups against India and Afghanistan. After last week's attack, however, Prime Minister Nawaz Sharif declared that the Pakistani government would no longer make a distinction between "good" militant groups, or those that help Islamabad achieve its foreign policy goals, and groups that do not. He added that militants "would be dealt equally with an iron hand." Interior Minister Chaudhry Nisar Ali Khan said Sunday that Pakistan was at war with militants, and asked citizens to help authorities in a countrywide crackdown. Authorities on Sunday made several arrests in connection to the school attack. Sharif also lifted a seven-year-old moratorium on the death penalty for terrorist cases, which resulted in the execution of six men. Pakistan's military controls security policy independent of the civilian government, so it is currently unclear how closely it will follow a zero-tolerance approach to jihadists. U.S. Puts New Focus on Cyber Defenses Wall Street Journal (12/26/14) Lee, Carol E.; Yadron, Danny The recent cyberattack against Sony Pictures Entertainment has set off alarm bells within the Obama administration and could prompt new government action on cybersecurity in the near future, observers say. White House National Security Council Cybersecurity Coordinator Michael Daniel says that what sets the Sony hack apart from other cyberattacks is the fact that it was aimed at pressuring the movie studio to halt the release of the controversial film "The Interview" and because it caused an unusual amount of damage. Other senior administration officials say the attack is concerning because it was successfully carried out by an impoverished country like North Korea. These and other concerns prompted President Obama to call on Congress to pass new cybersecurity legislation that allows for the sharing of cyber threat information. Some lawmakers agree that the need for cybersecurity legislation is high. Sen. John McCain (R-Ariz.) has said Congress should prioritize the passage of "comprehensive" cybersecurity legislation. The administration has already tried to be more open to giving private companies classified cybersecurity briefings to help them protect themselves from attacks. Past legislation that called for greater information sharing in the private sector has been met with resistance from businesses, who objected to what they said were overly-stringent cybersecurity standards included in these measures. Apple Pushes First Ever Automated Security Update to Mac Users Reuters (12/23/14) Finkle, Jim On Dec. 22, Apple released its first-ever automated security update to patch new security flaws in Macintosh computers that could be exploited by hackers to gain remote control of these machines. The software fixes security vulnerabilities in a component of the OS X operating system called the network time protocol (NTP), which is used for synchronizing clocks on computer systems. Carnegie Mellon University Software Engineering Institute found several technology companies, including Apple, whose products might be open to attack because of such flaws. Normally, Apple releases security patches through its regular software update system, which requires user intervention. Apple spokesman Bill Evans said the company used the automatic security update because of the potential severe impact from a successful attack against the flaws, and because the company wanted to ensure that Macintosh users were provided protection as soon as possible. SIFMA Says Sony Hack is Cautionary Tale for CARDS InvestmentNews (12/23/14) Schoeff, Mark, Jr. The recent cyberattack on Sony Pictures Entertainment should serve as a cautionary tale for FINRA's Comprehensive Automated Risk Data System proposal, says the Securities Industry and Financial Markets Association (SIFMA). “Housing all this financial data in one place does not make sense,” Ira Hammerman, SIFMA executive vice president and general counsel, said in a recent interview. “The Sony hacking incident gives everyone involved a real-life, real-time reminder of what we've been saying in our comment letters over the last year or so.” Four Flaws Expose Critical Network Time-Keeping Servers to Attack eWeek (12/22/14) Lemos, Robert Cybersecurity experts warn the ntpd server program, which is used by Linux servers and other Internet-connected systems to implement the network time protocol (NTP) and synchronize their clocks, contains four security vulnerabilities that could be exploited to attack machines running this application. According to ThreatStream Lab's Jason Trost, attackers could scan the Internet to find machines running the ntpd server program, exploit one or more of the vulnerabilities, and use the machines for "whatever purpose" they want. As many as 4.6 million Internet-connected computers were believed to have been running the NTP service as of last March, according to the Shadowserver Foundation. However, an advisory from the U.S. Computer Emergency Readiness Team warning about the flaws says only one of the vulnerabilities appears to be remotely exploitable. Meanwhile, NTP.org, which maintains the ntpd server program, released an updated version of the application. Another program used to implement NTP, openntpd, does not contain the most serious vulnerabilities that were recently identified. Openntpd is used to implement NTP and handle network time synchronization in systems running an open source version of Unix called OpenBSD. OpenBSD founder Theo de Raadt suggests openntpd is more secure than ntpd because it contains fewer lines of code, which means it is easier for openntpd's programmers to weed out vulnerabilities. U.S. Asks China to Help Rein in Korean Hackers New York Times (12/21/14) Sanger, David E.; Perlroth, Nicole; Schmitt, Eric The U.S. has asked China for help in blocking North Korea's ability to launch cyberattacks. Chinese support would be important because almost all of North Korea's telecommunications run through Chinese-operated networks. Abstracts Copyright © 2014 Information, Inc. Bethesda, MD |
No comments:
Post a Comment