| |
Business Groups Amp Up Campaign Against Marijuana Legalization
Los Angeles Times (08/13/10) Hoeffel, John
Business groups in California are coming out against Proposition 19, the ballot initiative that would legalize the recreational use of marijuana in the state. Among those criticizing Proposition 19 is the California Chamber of Commerce, which said that the measure would require employers to prove that workers are impaired by marijuana before they can fire them for using the drug. However, supporters of Proposition 19 have said that those claims are not true. Dan Rush, a union official who supports Proposition 19, noted that employees who smoke marijuana can be considered impaired if their job requirement's state that they must be drug free. Meanwhile, employment attorney Jennifer Shaw said that workplaces in California would be less safe if Proposition 19 is approved by voters this fall. That in turn could raise companies' insurance liability expenses and encourage employee lawsuits, Shaw said. She added that Proposition 19 would not allow employers to prohibit workers from smoking marijuana on the job, even though the initiative states that the drug cannot be used in public or a public place. According to Shaw, it remains unclear whether workplaces are considered to be public places, since a court recently decided that grocery stores were not.
Suspect Pleads Not Guilty to Killing L.A. Marijuana Dispensary Worker
Los Angeles Times (08/12/10) Rubin, Joel
Daniel Deshawn Hinton has pleaded not guilty to the murder of a worker at the Los Angeles medical marijuana dispensary Higher Path Holistic Care Collective. He is also charged with attempted murder of a security guard there. Hinton and at least two other men allegedly entered the dispensary and held the worker and the security guard at gunpoint while they stole cash and marijuana. Even though the two did not resist, they were still shot. The Los Angeles Police Department is also searching for Raymond Lemone Easter, who was identified as one of the other attackers. A $50,000 reward for information leading to his arrest has been posted by the Los Angeles City Council. Additionally, police are working to identify one other man believed to be involved in the robbery.
Law Review: Spotting a Troubled Employee Before Mass Murder Is Almost Impossible, Law Experts Say
Philadelphia Inquirer (08/11/10) Mondics, Chris
Experts say that it is difficult for employers to identify a worker who may be about to commit an act of violence. One reason why it can be tough for companies to determine whether an employee is preparing to commit an act of violence in the workplace is the fact that some signs that could be interpreted as being troublesome may in fact mean nothing. For example, an employee who is sullen and withdrawn may not necessarily be planning to commit an act of violence, since many workers can sometimes be sullen and withdrawn. Discovering a firearm in an employee's vehicle may also not be a clear-cut sign that the worker is about to go on a shooting spree, since employees in many parts of the country hunt and keep weapons stored in their vehicles. Nevertheless, employers still need to watch for signs that an employee may be plotting an act of violence, said labor and employment lawyer Fred D'Angelo. In addition, employers must also keep employees who are about to be terminated under supervision until they are escorted off the premises. D'Angelo noted that the gunman in the Connecticut beer distributor shooting was not kept under observation after he was fired, which allowed him to retrieve two handguns he had hidden in a lunch box. Finally, employers need to bring in security when disciplining or firing an employee who has made threatening statements, said Michael Ossip, a partner in the labor and employment practice at Morgan, Lewis & Bockius.
Chinese Seek Anti-Terrorism Training for Work Abroad
GlobalPost (08/10/10) Liu, Coco
As China continues to expand its presence in the global market, more Chinese workers are required to travel to unstable countries such as Iraq, Nigeria, and Pakistan to do business. Chinese led the list of kidnapped foreign nationals in 2008, according to Britain's Special Contingency Risks. For this reason, personal security consultants are seeing their own sector booming. One such firm is Alfa-angel, which is owned by former Israeli paratrooper Adi Talmor. He has designed a course specifically to help Chinese employees stay safe in potentially hostile nations that includes study of religious taboos, first aid, and Krav Maga- an Israeli martial art. Talmor also puts them through 24-hour role-playing exercises that imitate threats from mobile device theft to kidnappings.
Insurers Await Report on Japanese Tanker Attack
Insurance Journal (08/09/10) Saul, Jonathan
The suspected militant strike on a Japanese-owned tanker demonstrates yet again how vulnerable merchant ships are to attack, especially with navies already stretched to combat Somali piracy. Maritime security has been a growing concern since the United Arab Emirates news agency announced that investigators had found traces of explosives on the tanker, which had been damaged near the Strait of Hormuz. A militant group called the Abdullah Azzam Brigades, which has connections to al-Qaida, has claimed responsibility for the attack, but the tanker's owner, Mitsui O.S.K., could not confirm details of the report pending completion of its own investigation. More and more merchant ships have been harassed and attacked by Somali gangs in the Gulf of Aden and the Indian Ocean, but security analysts say that an insurgent attack based on al-Qaida's tactics could signal a change in strategy. "Even if this attack was relatively low-level and caused limited damage, it clearly demonstrates the terrorist intent in these waters and against the oil and shipping sectors," said Metsa Rahimi, intelligence analyst with consultancy Janusian. "The threat certainly cannot be underestimated." Al-Qaida has previously threatened to attack shipping in the Strait of Hormuz, which handles 40 percent of the world's seaborne oil, leaving shipping companies concerned not only about attack but insurance rates. Analysts have suggested that Hormuz could be designated a high-risk area, but maritime experts have pointed out that blowing up or sinking a tanker is nearly impossible without massive quantities of explosives, due to watertight compartments and double-hull construction.
Suspect Says Bombings Targeted Americans
Wall Street Journal (08/13/10) Bariyo, Nicholas; Childress, Sarah
The four suspects who have been arrested for their involvement in the July 11 terror attacks on Uganda's capital, which left at least 79 people dead, are cooperating with authorities and have discussed the details of the attack and its planning. Issa Ahmed Luyima, who authorities consider the primary suspect in the attack, said that it was intended to target Ethiopians and Americans for their support of Somalia's interim government. The suspects have also offered significant insight into the operations of the Somali militant group al Shabaab. This bombing was the first outside Somalia for which the group had claimed responsibility. Al Shabaab initially wanted the attack carried out by Muhamoud Mugisha, an al-Qaida- trained fighter who was recruited by al-Qaida in 2004 in Nairobi. However, Mugisha was arrested in April by Ugandan immigration officials, and responsibility for the attack was transferred to Luyima. He says that he initially planned to use four suicide bombers in the Kampala attack, but when two other Somalis abandoned the project, he relied on the remaining bombers and recruited locals, including his brother, Haruma Luyima, to help plan the bombings. Haruma Luyima, for his part, said that he escorted a Kenyan suicide bomber to an Ethiopian restaurant while another suspect, Idris Nsubuga, escorted a Somali bomber to the rugby club and set off a second bomb using his cell phone. Haruma Luyima also confessed that he was supposed to detonate a fourth explosive at a bar in Makindye, but could not go through with it. All four suspects in the bombing will be tried in criminal court, but they may be allowed leniency for their cooperation.
Senate Passes Border Security Bill
Los Angeles Times (08/13/10) Mascaro, Lisa
The U.S. House and Senate on Thursday passed a border security bill that supporters hope will be the first step on the path towards comprehensive immigration reform. The bill provides $600 million to secure the U.S.-Mexico border, money that will be used to deploy 1,000 new Border Patrol agents, 250 new Customs and Border Protection Officers, and 250 Immigration and Customs Enforcement officers. In addition, two unmanned surveillance planes would be deployed to the U.S.-Mexico border. Sen. Charles Schumer (D-N.Y.), a supporter of the bill, said Thursday that he hopes the legislation will break the deadlock in Congress over immigration and allow bipartisan negotiations on immigration reform to resume. The bill is expected to be signed into law by President Obama on Friday.
U.S. Works With Sudan on Gitmo
Wall Street Journal (08/12/10) Bravin, Jess
The military commission that tried former al-Qaida cook Ibrahim al-Qosi was presented with evidence on Wednesday that indicates that the U.S. has been working with Sudan to take in some of the detainees from Guantanamo Bay. Qosi, a Sudanese man who was captured in Afghanistan in 2001 on suspicion that he helped run a front company for al-Qaida that funneled money to the terrorist group, is among the Guantanamo detainees who could be sent to Sudan. The military commission recommended Wednesday that Qosi receive a 14-year sentence, though he has already agreed to a separate sentence under a secret plea bargain that could be shorter. Sudan has said that Qosi would not be a threat to the U.S. once he is repatriated, since he would be put in mandatory rehabilitation program. In addition, Sudan has said that it plans to monitor Qosi's phone calls and e-mails and keep him under surveillance to ensure that he no longer ascribes to radical beliefs. According to the Sudanese National Intelligence and Security Service, the program is 85 percent effective. If Qosi is repatriated to Sudan, he would join nine other former Guantanamo detainees who were sent to the African nation by the Bush administration.
Gains in Bioscience Cause Terror Fears
Wall Street Journal (08/11/10) Johnson, Keith
The rapid proliferation of bioscience knowledge and technology in recent years has raised concerns that it may now be easier for terrorists to gain the capability to launch a biological attack. As Jonathan Tucker, an expert on biological and chemical weapons at the James Martin Center for Nonproliferation Studies, points out, "Certain areas of biotechnology are getting more accessible to people with malign intent." The U.S. government is currently taking a number of steps in order to prevent potentially dangerous bioscience from falling into the hands of terrorists. The FBI has reached out to amateur biologists, encouraging them to tighten security measures and to be careful who they share their findings with. President Obama has also ordered the creation of a bioethics commission, which has devoted a great deal of time to the prevention of bioterrorism. Additionally, the president issued an executive order to tighten security on labs that handle dangerous pathogens such as anthrax, Ebola, and smallpox. Both houses of Congress also have legislation in the works to improve the country's ability to detect, prevent, and recover from a large-scale biological attack.
Act Now on Terror Threat to Key Oil Routes, Say Experts
CNSNews.com (08/10/10) Goodenough, Patrick
The July 28 terrorist attack on the Japanese oil tanker M. Star in the Strait of Hormuz is raising fears that militants will attack oil shipments that pass through the important Middle Eastern waterway. The damage to the M. Star, which was carrying more than 270,000 tons of crude oil, was originally thought to have been the result of a freak wave created by an earthquake. However, the al-Qaida linked Abdullah Azzam Brigades published a statement on the Internet on Aug. 3 claiming responsibility for the attack, which it said was carried out to avenge the theft of resources from Muslim countries. In the wake of the attack on the M. Star, experts such as Ariel Cohen of the Heritage Foundation are urging countries to take steps now to protect oil shipments that pass through the Strait of Hormuz and the Strait of Malacca, which is located between Malaysia, Singapore, and Indonesia. According to a 2008 report from the Heritage Foundation, which looked at the effects of a terrorist attack on oil shipments in the Strait of Hormuz and the Strait of Malacca, both oil producing and oil consuming countries should work together to protect oil tankers by conducting mine sweeps and escorting vessels through risky waterways. Meanwhile, maritime security experts say that shipping companies should use visible armed protection to dissuade terrorists from attacking their vessels.
Lack of Attention Invites Cybersecurity Breaches
Washington Technology (08/11/10) Lais, Sam
Verizon's Data Breach Investigations Report for 2010 finds that insiders were responsible for nearly half of all data breaches in 2009, an increase of 25 percent over 2008. However, most of the data breaches that took place last year were committed by criminals outside the organization that was attacked, the report finds. As a result, most of the data stolen in data breaches in 2009 was stolen by outsiders. Almost all of that data, or 85 percent, was stolen by organized crime syndicates. In addition, the report finds that organizations are still making mistakes that put their data at risk, including failing to change default passwords. Some organizations also do not make their passwords strong enough. Verizon, for example, was the victim of a data breach committed by a fired employee who tried to steal customers' personal information in order to blackmail the company. Although Verizon changed the perpetrator's administrative password because he had a history of infomation technology violations and inappropriate behavior, the change was so small that the employee was still able to break into the system. The report also finds that organizations are failing to analyze their log data to find evidence of breaches. In 86 percent of the breaches Verizon examined, companies had evidence of security breaches in their log files. Finally, the report finds that while most organizations are still learning about security breaches through third-party fraud detection, the number of companies that became aware of a breach in this manner fell 9 percent from 2008.
Agencies Could Be Prone to New Kind of Sophisticated Cyberattack
NextGov.com (08/10/10) Aitoro, Jill R.
Federal agencies are vulnerable to a new type of cyberattack, known as a man-in-the-browser attack, that could steal classified or sensitive information, warns a security expert. In man-in-the-browser attacks, cybercriminals infect third-party advertisements on legitimate Web sites with Trojan horses that are capable of changing Web transactions in real time. When users visit certain sites and enter their log-in information, the attackers are able gain access to the victim's account, which in turn allows them to intersect transactions and manipulate requests such as money transfers. M86 Security says this type of attack was used to steal more than $1 million from roughly 3,000 customers of a major financial institution in July and August. M86's Bradley Anstis notes that security measures such as multifactor authentication will not protect against man-in-the-browser attacks because the Trojan horses used in the attack give cybercriminals access to victims' log-in information.
Broward College Student Data Exposed
South Florida Sun-Sentinel (08/10/10) Travis, Scott
Private data for about 126,000 students and faculty at six community colleges, including Broward College, was publicly available on the Web for five days, a Florida state library service center announced. A spokesperson for the College Center for Library Automation would not identify the specific information exposed, but says it was protected by a Florida statute and did not include financial data or library records. That means the data could include student names, Social Security numbers, drivers' licenses, or Florida information card numbers, which also are protected by state law. The data was exposed from May 29 to June 2, and library agency officials say they believe unauthorized persons accessed it. However, there is no reason to believe the data has been misappropriated, says representative Lauren Sproull. Nevertheless, the agency is issuing letters to those affected, recommending they put a fraud alert on their credit files to mitigate the likelihood of identity theft.
Teraflop Troubles: The Power of Graphics Processing Units May Threaten the World’s Password Security System
Georgia Tech Research Institute (08/10/10) Englehardt, Kirk J.; Toon, John
Georgia Tech Research Institute (GTRI) computer scientists are studying whether desktop computers with graphics processing units (GPUs) are so powerful that they compromise password protection. "Right now we can confidently say that a seven-character password is hopelessly inadequate--and as GPU power continues to go up every year, the threat will increase," says GTRI's Richard Boyd. Modern GPUs are so fast because they are designed as parallel computers. When given a problem, GPUs divide the task among multiple processing units and tackle different parts of the problem simultaneously. Software programs designed to break passwords are freely available on the Internet, and these programs, combined with the availability of GPUs, mean it is only a matter of time before the password threat will be immediate, the researchers say. GTRI's Joshua L. Davis says the best password is an entire sentence that includes numbers or symbols, because it is both long and complex and yet easy to remember.
Flawed Deployments Undermine Kerberos Security
Dark Reading (08/08/10) Lemos, Robert
Experts say there are several security flaws in the typical configurations of Kerberos-based authentication servers. According to researchers with iSEC Partners, attackers could take advantage of one such flaw to make Kerberos use a less powerful type of data encryption than it would normally use. In such an attack, a hacker could prevent Kerberos version 5 from using the secure Advanced Encryption Standard and instead use the 64-bit Data Encryption Standard (DES), which is no longer considered to be secure. In fact, experts have developed a computer capable of cracking DES in less than three days. Although the most recent versions of Kerberos have corrected this problem, most versions of the system—particularly those that allow users to downgrade to DES—are still vulnerable. However, companies can protect themselves from attacks on this flaw by reissuing certificates to all domain controllers and prohibiting DES-based authenticators from being accepted. Meanwhile, companies that use smart cards to log into their authentication servers also are vulnerable to a flaw in default Windows deployments of Kerberos. ISEC says that companies can protect themselves from exploits that target this flaw by limiting the number of users that can add a system to a domain.
Abstracts Copyright © 2010 Information, Inc. Bethesda, MD |
No comments:
Post a Comment