US: Iowa paid a security firm to break into a courthouse, then arrested employees when they succeeded - - PressFrom - US
  •   
  •   
  •   

US Iowa paid a security firm to break into a courthouse, then arrested employees when they succeeded

08:50  13 november  2019
08:50  13 november  2019 Source:   cnbc.com

Trump's ex-advisor Michael Flynn will ask judge to throw out criminal case against him due to 'government misconduct'

  Trump's ex-advisor Michael Flynn will ask judge to throw out criminal case against him due to 'government misconduct' President Donald Trump's former national security advisor Michael Flynn will ask a judge to dismiss the criminal case against Flynn because of "egregious government misconduct and in the interest of justice," a court filing reveals.Flynn pleaded guilty in late 2017 to a single count of lying to the FBI about the nature of his discussions with Russia's ambassador to the United States after Trump's election as president.

Pen testers are paid to attempt to break into corporate or government facilities, computers, devices and data centers. On September 9, Justin Wynn and Gary Demercurio, employees of pen testing firm Coalfire, were attempting to circumvent the security system at a courthouse in Dallas County, Iowa

When two Coalfire employees successfully broke into one Iowa courthouse , they were arrested , and the The incident occurred in September. The Coalfire employees found a door to the Dallas In this case, we were helping to protect the residents of Iowa ." Security experts fear that this could have


a gate in front of a building© Provided by CNBC LLC

The state of Iowa contracted with a prominent cybersecurity company to conduct "penetration tests" of certain municipal buildings in September, particularly courthouses.

In September, two employees of the company were arrested in the course of doing their jobs. The charges still have not been dropped.

The incident has sparked concern across the cybersecurity industry, including worries that ramped-up efforts by many firms to test facilities, including voting and election facilities in advance of the 2020 presidential election, may put security professionals at risk.

An ambush on a convoy transporting employees of a Canadian mining company in Burkina Faso killed 37 people on Wednesday, the deadliest attack in nearly five years of jihadist violence in the West African country.

  An ambush on a convoy transporting employees of a Canadian mining company in Burkina Faso killed 37 people on Wednesday, the deadliest attack in nearly five years of jihadist violence in the West African country. An ambush on a convoy transporting employees of a Canadian mining company in Burkina Faso killed 37 people on Wednesday, the deadliest attack in nearly five years of jihadist violence in the West African country. The impoverished and politically fragile Sahel country has been struggling to quell a rising jihadist revolt that has claimed hundreds of lives since early 2015. On Wednesday morning "unidentified armed individuals" ambushed five busesThe impoverished and politically fragile Sahel country has been struggling to quell a rising jihadist revolt that has claimed hundreds of lives since early 2015.

When two Coalfire employees successfully broke into one Iowa courthouse , they were arrested , and the The incident occurred in September. The Coalfire employees found a door to the Dallas In this case, we were helping to protect the residents of Iowa ." Security experts fear that this could have

Then something else happened In one of its tests back in September, two Coalfire employees found a door at the Dallas County Courthouse wide open. “Sheriff Leonard failed to exercise common sense and good judgement [sic] and turned this engagement into a political battle between the State

A common test, an uncommon outcome

A penetration test, often referred to as a "pen test," is an assessment conducted by a security firm meant to root out technical and physical security flaws that could put data at risk.This can include testing servers to see whether sensitive data can be stolen electronically, or testing facilities to see whether someone could easily break in and gain access to sensitive data or equipment. Pen testers are paid to attempt to break into corporate or government facilities, computers, devices and data centers.

On September 9, Justin Wynn and Gary Demercurio, employees of pen testing firm Coalfire, were attempting to circumvent the security system at a courthouse in Dallas County, Iowa, to gain entry using those "other means." The pair had already successfully tested two other courthouses, and they'd had positive interactions with authorities there, according to the company's CEO, Tom McAndrew.

Flagler County woman shows up for court with meth in her pocket, deputies say

  Flagler County woman shows up for court with meth in her pocket, deputies say A Flagler County woman was arrested after deputies said she showed up to court with methamphetamine in her pocket. Officials with the Flagler County Sheriff’s Office said that when Tessa Lilly was passing through security at the courthouse Wednesday the metal detector went off and a deputy asked her to empty her pockets. Sign up for our Newsletters After initially telling deputies, “I have nothing in my pockets,” Lilly removed a plastic baggie from her pocket and said it was her makeup, an arrest report said. Deputies said the contents in the baggie tested positive for methamphetamine and Lilly was placed under arrest. She’s charged with possession of methamphetamine.

Iowa asked researchers to break into a courthouse , then it arrested them . The tech giant's 2019 Diversity and Inclusion report offers the first public glimpse at Microsoft's Inclusion Index, or the percentage of employees who feel welcomed by both coworkers and management based on their

Iowa asked researchers to break into a courthouse , then it arrested them . Facebook Pay lets you buy goods and send money inside Facebook's apps. Some users said that when they viewed a video in full screen and then shrank it back, the app layout would shift slightly to the right.

At the Dallas County courthouse, the pair found a door left propped open, McAndrew told CNBC. They closed the door, then attempted to open it again, tripping an alarm in the process.

The protocol in this type of situation is to wait for authorities to arrive, McAndrew said, which Wynn and Demercurio did. At that point, they had a friendly interaction with sheriff's deputies, he said. The deputies examined their paperwork and credentials. But when a sheriff arrived, they were arrested on burglary charges. They spent a night in jail, and the company had to bail them out.

"It's not totally unusual to have police involved," in a pen test, but it is unusual for security professionals to get arrested, McAndrew said.

Even more surprisingly, the two employees are still facing charges in Dallas County, despite having a clear contract outlining that they were hired by the state's judicial branch to break into the building. McAndrew believes it "might be unprecedented" for contractors arrested during a pen test to face charges.

2 Disney employees, former assistant principal among 17 facing charges in child porn sting

  2 Disney employees, former assistant principal among 17 facing charges in child porn sting Two Disney employees and a former middle school principal are among 17 people facing child pornography charges following a monthlong investigation. Polk County Sheriff Grady Judd announced the arrests Friday during a press conference. Sign up for our Newsletters Brett Kinney, 40, worked in the entertainment sector of Disney. “Brett has worked for 15 years for Disney, we arrested him two times,” Judd said. The sheriff also added that Kinney told investigators he’d been viewing child porn for 22 years. Also arrested was 52-year-old Disney hotel maintenance employee Donald Durr, Jr. “Here's what Donald told us during his interview: ‘I'm a pervert, not a monster.

Iowa asked researchers to break into a courthouse , then it arrested them . The company doesn't have much choice when the EU and other governments will require sounds in the name of pedestrian safety. At the same time, it's evident that Ford is using this as a marketing opportunity.

Iowa paid a security firm to break into a courthouse , then arrested employees when they succeeded . Elsewhere in the world, another oddity was spotted from above by an eagle-eyed viewer, though this time in Beijing. When the camera was pulled

Local prosecutors could not immediately be reached for comment, and an inquiry to the Iowa governor's office was not immediately answered.

According to local news reports at the time of the arrest, there appeared to be a miscommunication between the state, which contracted for the pen test, and the county, which had jurisdiction to monitor security at the courthouse. But this should not have been relevant to the issue of whether a crime occurred, McAndrew said.

"I don't know why they didn't let them go. They were remanded to jail. We had thought the state was going to work out these issues with the county. Once we were told the charges were going to be reduced and not dropped, we were shocked that this was happening," McAndrew said.

Iowa Supreme Court Justice Mark Cady apologized to a state Senate committee for the incident last month, according to the Des Moines Register. But some legislators complained that the tests may have posed some sort of "danger" to the public, according to reports.

Coalfire had been engaged with the Iowa Supreme Court for pen testing since 2015, according to an investigation of the incident. A service order allowed for typical pen test services including "tail-gating" -- attempting to enter facilities behind an authorized employee access to all building areas and "non destructive lock-picking."

Uber has to pay New Jersey nearly $650 million in employment taxes

  Uber has to pay New Jersey nearly $650 million in employment taxes Uber may insist that its drivers are contractors and not employees, but New Jersey isn't buying that argument. The state's labor department has slapped Uber and its Rasier subsidiary with a nearly $650 million bill for overdue unemployment and disability insurance taxes from the past four years, arguing that the ridesharing firm misclassified drivers. About $523 million of that is actual taxes, while up to $119 million is due in interest and penalties.

The employees of Coalfire Security said they had been employed by the state's judicial branch to test physical accessibility of courthouses . While nothing specifically instructed the security testers to break into buildings, nothing in the documents suggested this was forbidden either.

your break lasts 20 minutes or less; generally, these shorter breaks are considered part of your work day and must be paid . In those states that require meal breaks , employees who work more than five or six hours at a time typically must be allowed to take a half hour to eat.

Alarm in the cybersecurity field

These tests are very common, explained David Kennedy, founder and CEO of Binary Defense and Trusted Sec, a cybersecurity consulting firm that also conducts penetration tests.

"I've had a lot of discussions with owners of organizations that do this kind of work that are kind of freaking out about this," Kennedy said. "You look at your job, and the protections you have in place. We try our best to make sure you are getting the full authorization. It's really a shame these folks were trying to help that facility get better with security."

Kennedy said that he was arrested in the course of conducting a sanctioned pen test involving an insurance company in 2017. He said his interaction with authorities was positive, and like the Coalfire workers in Iowa, he carried documentation outlining why he was there and for whom he was working. In Kennedy's case, the police called the phone numbers provided by the company that had contracted with his firm, and ultimately received reassurance that the pen test had been requested.

"We are all watching this very closely, and we are concerned," Kennedy said.

Casey Ellis, founder and chairman of cybersecurity crowd-testing service Bugcrowd, which deals in organized pen tests for corporations and government agencies, said he sees parallels in Dallas County's reaction in corporations that are new to pen tests, especially successful ones.

Another Confederate monument comes down, this time in North Carolina

  Another Confederate monument comes down, this time in North Carolina A Confederate monument that had stood in front of a North Carolina courthouse for 112 years was taken down overnight after months of debate and protests. require(["medianetNativeAdOnArticle"], function (medianetNativeAdOnArticle) { medianetNativeAdOnArticle.getMedianetNativeAds(true); }); Crews used cranes early Wednesday to remove the monument -- a bronze statue of a Confederate soldier atop a marble pedestal -- from its spot outside the Chatham County courthouse in Pittsboro, roughly a 35-mile drive west of Raleigh.

An employer must pay an employee for time spent traveling to and from another city in the same day. When employees are required to travel away from their homes and that travel spans more than one workday, an employer must include in hours worked the time actually spent traveling, e.g., in a

Have him break goals down into tasks and set interim objectives, especially if it’s a large or When goals aren’t met There will be times, even with the best support, when employees fail to meet their The firm has a semi-annual review process where goals are set and discussed; they also do more

"Oftentimes, when offensive testing is being done, there can be a big overreaction that someone has gone out there and demonstrated impact," Ellis said. Hackers trying to test vulnerabilities in corporations also have faced legal action as a result of their efforts, something the industry has tried to put legal frameworks around, he said.

Ellis said the incident in Iowa spurred his company to "double-down" on a project it had launched in 2018 called Disclose.io, an open-source project meant to outline guidelines for disclosing vulnerabilities while creating "safe harbor" protocols for researchers looking to disclose vulnerabilities.

Ellis said he is worried about how the incident may limit the reach and effectiveness of pen testers, especially as election and voting facilities are under increasing scrutiny in the run-up to the 2020 election.

"People that build systems, whether they can be computer networks or they can be physical buildings, it has a primary function and the people building it aren't necessarily thinking about security," Ellis said. "I can only see the need for this accelerating."

Follow @CNBCtech on Twitter for the latest tech industry news.

Google workers to hold rally in support of employees placed on leave .
Activists at Google say two employees are facing retaliation for worker organizing.The two employees, Laurence Berland and Rebecca Rivers, will speak at the public rally, which will be held outside one of Google's San Francisco offices. The workers were placed on leave while the company investigates alleged policy violations, including accessing documents and calendar information outside the scope of their jobs, a Google spokeswoman said. But some of their co-workers said the move by Google is punishment for workplace organizing.

—   Share news in the SOC. Networks

Topical videos:

usr: 18
This is interesting!