guard training

A rundown of ransomware master keys released recently

Most ransomware devs operate just like real-life crooks and stick with their blackmail until they get paid. They don t care about your personal documents, photos, videos and other irreplaceable information, period. No ransom, no files.

At the same time some strange things may happen. There were cases when extortionists called it quits by releasing master decryption keys for their malicious software, thus allowing victims to get their data back for free. Unfortunately, this scenario is the exception rather than the rule. There are different speculations and theories on the motivation of these sympathetic malefactors. Some researchers believe these threat actors simply drop one campaign to move on with another from scratch. Some consider master key dumps to be a display of compassion. Yet other analysts say there are constant wars between gangs where one group hacks another and publishes all keys of their competitors. One way or another, such cases do occur once in a while. The stories below cover all instances of these releases reported to date.

Recent ransomware master keys An individual who goes by an online alias guest0987654321 dumped the RSA private key for XData ransomware on May 30, 2017. The message was posted in a dedicated XData thread on the BleepingComputer forum. Kaspersky Lab promptly used this master key to update their RakhniDecryptor tool and add support for the ransomware in question. The developer of AES-NI ransomware known as thyrex made his victims day by releasing private decryption keys on May 21, 2017. The dump originally included keys for AES-NI edition using [email protected] contact email. Later on the same day, the crook also published master keys for other variants, which allowed Avast and ESET to cook up ad hoc free decryptors. Whoever the person nicknamed lightsentinelone is, he did a huge favor for all Wallet ransomware victims by providing a link to a Pastebin page with a complete set of master keys. This dump took place via BleepingComputer as of May 18, 2017. Avast and Kaspersky quickly picked up this data to create free decrypt tools.

In an unexpected move, someone who goes by an online handle checker123 released the RSA private key for the BTCWare strain on May 3, 2017. Whereas researchers had previously created free decryptors for older variants of this ransomware, two newer ones remained uncrackable until this dump. Michael Gillespie, the author of ID Ransomware service, leveraged the leaked keys to contrive a universal decrypt tool supporting all BTCWare iterations. The once prolific Dharma ransomware became decryptable due to a dump of master keys that occurred on March 1, 2017. A newly registered BleepingComputer forums user, gektar , posted the corresponding Pastebin link in the Dharma support topic. Anonymous user named crss7777 released master keys for all variants of the CrySiS ransomware on November 13, 2016. To this end, said a member of the CrySiS crew posted a Pastebin link on the above-mentioned BleepingComputer forums pointing to a page with all decryption keys for the perpetrating program. Having validated these keys, Kaspersky released an updated edition of RakhniDecryptor so that CrySiS victims could recover their data without submitting the ransom. The authors of CryptXXX ransomware strand abandoned their extortion campaign and started RSA private keys giveaway as of July 14, 2016.

Plagued users were able to get their keys simply by logging into the infection s payment server. The relief was only partial, though, because this dump only supported CryptXXX editions that appended the .Crypz and .Cryp1 extensions to hostage files. Another happy ending case took place on May 18, 2016. This time, the architects of the TeslaCrypt ransomware campaign closed the project and provided the master key on their Tor based payment page. A security enthusiast nicknamed BloodDolly hard-coded this key into his previously released TeslaDecoder utility so that it could crack all versions of this ransom Trojan. Meanwhile, security researchers don t just sit there and wait for the bad guys to throw a bone to their victims. They are busy analysing various ransomware samples for flaws in crypto implementation and have had some success cracking them. Fortunately, lots of cybercriminals write shoddy code, so a little bit of reverse engineering often suffices to spot weak links in ransom Trojans behavior and defang them. A number of security vendors, including Emsisoft, Avast, Kaspersky, AVG, and Bitdefender, stand out from the crowd in this regard as they have coined most of the free ransomware decryptors.

Overall, more than 160 decryption tools out there allow ransomware victims to get off the hook without coughing up Bitcoins. Quite a few of them support widespread strains that have infected thousands of users and keep wreaking havoc around the globe. These include decryptors for the notorious Petya ransomware, Nemucod, Merry X-Mas (MRCR) ransomware, Linux.Encoder.1, the first-ever Mac ransomware called KeRanger, Jigsaw ransomware, CTB-Locker (website edition), Chimera ransomware, CryptoMix, and Globe ransomware. The moral of the story is: do not pay from the get-go if you fall victim to ransomware unless of course the hostage data is critical and you are too pressed for time. Chances are that the threat actors will release master decryption keys in a dump like the ones above. Furthermore, security analysts are doing their best to find effective workarounds. Consider using a tool called CryptoSearch. It automatically finds files encrypted by ransomware and allows you to move them temporarily to a new location. This technique streamlines the data recovery process if a free decryptor appears in the future.

And keep in mind that prevention is better than cure. Do not open suspicious email attachments, apply operating system updates once they are available, and be sure to keep your important files backed up. Free Download: the Cyber Security Crashcourse This report contains 40 slides packed with insight into the trends shaping the industry and how you can protect yourself.

Eric Hansleman from 451 Research presents a rapid-fire overview of cyber security.

Click here to download now

Construction fire safety: Bull Products upgrades first-responder stations with height-extending detector

Bull Products, which specialises in developing life-safety equipment for the construction industry, says its revamped first-responder stations will cut costs for contractors and construction companies. Based on its on-site investigations into the effectiveness of existing processes and equipment, Bull Products has added an optional, height-extending pole to the stations. Designed to attach to the back of the First Responder Stations, the addition makes detection installation quicker and reduces costs, as wireless detectors are not required, says the company.

The pole can be raised to a height of over three metres with a detector attached to the top, and it can be adjusted to position the detector at any height between 2.1 and 3.2 metres from the ground. The stations, which incorporate fire extinguishers and a Cygnus fire alarm, are fully mobile. In contrast, conventional heat and smoke detectors are fixed to ceilings or walls using ladders or podiums, creating a safety risk for those installing them. Matthew Trigwell, Sales Director at Bull Products, said: We re continuously looking at ways to solve issues within the industry and improve our products to make lives easier for construction companies and M & E contractors. This height-extending detector will not only improve safety for our customers on construction sites but it will provide a time-saving and efficient solution. This new feature comes with a heat detector as default, but smoke and carbon monoxide detectors are also available should these be required. The detector is hard wired to the alarm through a spare input and is only compatible with the following Cygnus alarms, CYG2 and CYG2/85DB. Free download: The video surveillance report 2017 Sponsored by IDIS The Video Surveillance Report 2017 covers all things video surveillance based on a poll of hundreds of security professionals. Specifically looking at topics such as open platforms, 4K, low-light cameras, video analytics, warranties and this year due to the growing threat posed, the cybersecurity landscape.

Click here to Download now

Keyholding Services | Security Guards UK

Keyholding Services | Security Guards UKAssignment Instructions

Security Guards UK provide a 24 hour key holding services. We can deploy a member of our mobile response team to attend to alarm activations 24/7.

We provide our key holding services at a National Level. We endeavour to provide a “Rapid Response” key holding service. Clients’ keys are coded, security sealed and secured within our Control Centre Safes. They are only issued out to our response team for alarm activations.

Our Security Officers attend site, assess the situation and patrol the site, report all incidents and fill out all relevant paperwork. Our Security Supervisors monitor all incidents and relay all information to our dedicated 24 hour control room. We can arrange a FREE consultation with one of our experienced security solution Consultants and draft up a fully managed, integrated service.

Initial client meetings help to establish exact requirements and then a service level agreement is constructed which details specifics of the operation.

Visit Our Portifolio

Please visit our portfolio page1 for a list of companies we are currently working with.

For any further information regarding any aspect of our services, please do not hesitate to contact us on 0800 028 1513 or email us with your enquiry to [email protected]

References

  1. ^ visit our portfolio page (securityguardsuk.osick.co.uk)

Watch: Honeywell s Mick Goodfellow on cybersecurity, connected solutions and critical national infrastructure

IFSEC 2017 Honeywell s Mick Goodfellow visited the offices of IFSEC International to preview the show s forthcoming 2017 edition. Just appointed GM EMEA of commercial security, Goodfellow discusses synergies between Honeywell and Xtralis products (the latter acquired in 2016 by the former), new products, integrations with other vendors, cybersecurity and critical national infrastructure. embedded content Honeywell is showcasing its latest tech in an integrated control room at IFSEC International between 20-22 June 2017 at London ExCeL.

You will find them on stands D250 and D300. Get your free badge now. Honeywell is unveiling a series of new products across its building technology and home security solutions portfolios at IFSEC and FIREX 2017. Honeywell s connected solutions are designed to help homeowners and business managers interpret and exploit the huge and growing volume of data generated by connected buildings. At IFSEC the building management systems giant will be showcasing integrated video solutions and advanced detection technologies. IP video Honeywell s new portfolio of IP video solutions empower site staff to be more productive by providing greater insight and control across the facility. With a connected Honeywell system, staff are informed 24/7 of the status of their system, and alerted immediately when an alarm is triggered so they can take appropriate action. With end-to-end solutions for different budgets, the range includes advanced features including recording failover, facial and audio detection, and EDGE analytics on ONVIF-compliant 4K Ultra HD and H.264 cameras. These products also feature enhanced forensic capabilities, supporting integration with Honeywell s Xtralis IntrusionTrace video content analytics and ADPRO iFT Series NVR+ solutions.

For those looking to protect harsh environments, the new range also includes explosion and corrosion proof thermal cameras with temperature monitoring. Fire Honeywell will be showcasing enterprise class fire solutions including Xtralis VESDA-E VEP and VEA detectors. Yieldsing 1.5 times greater sensitivity and offering six times better dust rejection than the previous generation of products, VESDA-E VEP detector reduces the risk of nuisance alarms and attendant costs. VESDA-E VEA works by dividing a protected space into sampling locations, enabling the localization of possible causes of fire for faster incident response. Both detectors feature built-in Wi-Fi for remote detector access from smart devices to review and monitor status in real time. For smaller sites, FAAST XS aspirating smoke detectors deliver highly accurate very early warning fire detection. Connected home Honeywell is unveiling a professionally-installed, self-monitored wireless security system for the residential market. Called Total Connect Box, it is supported by Total Connect Pro Manager, a maintenance tool that allows installers to perform diagnostics and offer cost-effective maintenance services to homeowners remotely, so homeowners can get the best out of their Total Connect Box system. For those who prefer a monitored solution, the wireless Videofied Video Live Verification with Monitoring Systems will also be showcased.

The new MotionViewer PIR sensors are wireless and equipped with the Video Live function that allows the instant transmission of video to the alarm receiving centre in the event of an alarm, enabling swifter response to genuine alarms and eliminates unnecessary intervention and call outs to false alarms. It also provides homeowners greater peace of mind with the ability to view their homes live anytime day or night. Advanced technology solutions have the power to turn buildings and homes into responsive assets, linking disparate devices and management systems to create truly connected, intelligent buildings that span the most demanding applications, said Dino Koutrouki, vice president and general manager, Security and Fire EMEA, Honeywell Home and Building Technologies. But systems shouldn t be connected just to be connected. They should optimise a person s daily routine, whether at home or work, to improve safety, security and peace of mind. Honeywell is showcasing its latest tech in an integrated control room at IFSEC International between 20-22 June 2017 at London ExCeL. You will find them on stands D250 and D300. Get your free badge now. Join other high-end security professionals at the launch of Borders & Infrastructure Expo In conjunction with Europe s most renowned security event , IFSEC International, B&I is addressing your critical needs for large scale security projects affecting national security, integrated systems, border protection and much more.

You will have access to test the latest security innovations in; Physical & perimeter, Barriers & bollards, Command & control, Emergency response, Cyber solutions, Drones & UAVs, Transport security and much more.

Click here to register your place now to join us at London Excel on 20 22 June 2017.

IFSEC Tool Zone: Discounts, new products and other exciting plans from Anglia Tool Centre

IFSEC 2017 welcomes Anglia Tools as its exclusive partner for the Tool Zone, where visitors can sample a wide range of hand and power tools and take advantage discounts and special offers exclusive to IFSEC visitors. Anglia Tool Centre is a specialist in DIY power tools, selling a wide range of top brands online across the UK. We spoke to Ian Thacker, the company s group manager, about the products we can expect to see at the show and what kind of discounts IFSEC visitors will have exclusive access to.

IFSEC Global: It would be good to kick off asking you to tell us a bit about the company and what you do? Ian Thacker: Anglia Tools Centre was established in November 2006. We re part of the Ridgeons Group, a family-owned builder s merchant established since 1911. So lots of heritage behind us. We set up to become a specialist supplier of power tools to the trade. We re not involved in any DIY tools; it s all trade-rated products aimed at general builders, carpenters, plumbers, electricians, security installers you name it, we have tools to suit the requirements of any trade operation. Everything at the show will be at a discounted price compared to what you would normally pay online, either through ourselves or competitor We opened in East Anglia with one showroom and we now have nine standalone showrooms as well as a heavy online presence, accounts facility, contracts business etc So we ve come quite a long way in the last 10 years and are looking to future progression across the UK in the coming years. IG: What are your plans for IFSEC? IT: We re attending IFSEC as the only tools supplier at the show, so we ve created the Tool Zone.

The idea is to build relationships with security installers and become their supplier of choice for their power tool and accessory requirements. We ll be there with products from all the leading manufacturers the likes of Makita, Dewalt, Milwaukee, Bosch, Hitachi etc and we ll have demonstrations throughout the event. It s an opportunity for installers to get hands on with the latest power tools on the market. They ll all be set up for live demonstrations we ll have concrete blocks to recreate their working environment as closely as we possibly can to make sure they buy the right appliances to suit their needs. They ll also have an opportunity to sign up to our loyalty scheme called ATC rewards, which gives them discounts and money to spend on tools when they recommend us to friends, colleagues, relatives etc. IG: And are there any benefits of buying the tools at IFSEC? Any special show discount? IT: Absolutely. Everything at the show will be at a discounted price compared to what you would normally pay online, either through ourselves or competitors.

IG: Are there any newly launched products or products only just added to your range? IT: We ll have a few be featuring product launches from most manufacturers actually. We ve got the latest SDS machines the 54 volt SDS machine from Dewalt will be there, which is quite ground-breaking stuff. It s true corded performance without the hassle of having a cord. We ve got some new SDS drills with integrated dust management systems, which conform to all the latest health and safety regulations. So as you drill the hole it (A) captures the dust to stop it getting into the environment and (B) avoids a lot of clearing up after the job. So we ll have live demonstrations of the latest dust management products as well. IG: I think that covers it, anything else you want to add? IT: It s also a lot of fun on the stand.

Everyone likes to get hands on with the power tools and see the latest technology for themselves. We try and create a nice, fun environment to make it a pleasant experience for the visitor. IFSEC International takes place 20-22 June 2017, London ExCeL. The Tool Zone takes place in the brand new Installer World area. Get your free badge now. Visit Europe s only large-scale security event in 2017 Taking place in London, 20 22 June 2017, IFSEC International gives you exclusive hands-on access to over 10,000 security solutions, live product demonstrations, and networking with over 27,000 security professionals. Covering every aspect of security, from access control and video surveillance to smart buildings, cyber, border control and so much more.

Time is running out, register now to avoid missing out

Security Guard Jobs | Monster

Security Guard Jobs Overview

Security guards are a vital part of many organisations, whether the job involves looking after individuals, property, premises, or handling public safety at events. Security personnel need to be reliable, honest, discreet, and able to work on their own just as well as they do as part of a team. Depending on the position, people skills can be very important, although with some security guard jobs, the ability to work effectively in solitary conditions can also be important. Security guards should also remain calm under pressure, and be able to deal with the unexpected or unusual just as easily as they do in everyday situations.

Security Guard Jobs Education Requirements

Applicants for security guard vacancies do not need any formal or academic qualifications, although an overall good standard of general education is usually helpful. Previous related experience, such as having had various kinds of police jobs1 or military jobs2, is also highly desirable. Most security guard jobs set in an industrial environment call for a Security Industry Authority licence, which is awarded after completing the relevant training. Most jobs will also require a criminal background check to be carried out, although having minor convictions is not necessarily an obstacle to working in this field.

Security Guard Jobs Market

There is a wide array of security jobs out there, with duties ranging from patrolling premises to monitoring CCTV, and employers ranging from small local businesses to global corporations, so there is usually plenty of opportunity for work in this sector. Although most people assume security guards will be male, dependable female operatives are also in high demand, particularly in positions dealing with public safety, crowd control, or where children and female safety is a concern.

Security Guard Jobs Salary Information

Starting salaries for security guard vacancies are usually between 12,000 and 15,000, and they can rise to 20,000, depending on experience. Hours are generally longer than average, with a typical working week consisting of 48 hours, and shift work is extremely common, including unsociable hours.

References

  1. ^ police jobs (www.monster.co.uk)
  2. ^ military jobs (www.monster.co.uk)

ComNet enhances cybersecurity for port connections

IFSEC exhibitor ComNet Europe, part of the US manufacturer or transmission and communication networking equipment ComNet Communication Networks, has introduced a new cybersecurity feature in its latest generation of self-managed switches. Known as Port Guardian, the feature has the capability to physically disconnect a port if unauthorised access is detected. Port Guardian can provide a line of defence in situations where network access is attempted by disconnecting an IP-addressable device on the edge in order to connect to the network.

Port Guardian senses the disconnection activity and in response an SNMP notification is sent to the head end. The affected port is physically locked out, preventing access. The network administrator can reopen the port once the threat is eliminated. The Port Guardian feature also rejects access through an activity known as spoofing by disconnecting the port when an interruption is sensed. Port Guardian is being added to the newest generation of ComNet SMS products, including the CNGE2+2SMS and CNGE4+2SMS. The feature will also be available on the new ComNet USA-made line of managed switches. According to Steve Clarke, ComNet Europe managing director: Cybersecurity is not something confined to just a security IP network. Any network can be infiltrated. By introducing this valuable feature on these cutting-edge products, we can provide another unmatched advantage to our partners.

Check out ComNet s latest products at IFSEC International, 20-22 June 2017, London ExCeL. You can find ComNet on stand D450 . Get your free badge now. Visit Europe s only large-scale security event in 2017 Taking place in London, 20 22 June 2017, IFSEC International gives you exclusive hands-on access to over 10,000 security solutions, live product demonstrations, and networking with over 27,000 security professionals. Covering every aspect of security, from access control and video surveillance to smart buildings, cyber, border control and so much more.

Time is running out, register now to avoid missing out

Access control in the connected workplace 2017

The benefits and barriers to enhancing convenience and compliance in connected buildings. IFSEC Global has surveyed hundreds of security professionals, facility managers and building owners/managers across 54 countries to ascertain just how integrated with one another smart building technologies are in a range of building types, from offices to industrial premises. The industry poll had a particular focus on access control, secure identities and credentials and how they consolidate across disparate systems for enhanced monitoring and user experience as people enter and move around buildings and gain access to different systems.

We also wanted to ascertain awareness levels regarding the benefits of integration, to what extent they incentivise system upgrades, whether integration is associated with a heightened cybersecurity risk and viewpoints on what the convergence of physical and IT systems means for training needs and the structure of IT, facilities and physical security teams. The results of this survey are presented in a free-to-download trend report sponsored by HID Global, which powers the trusted identities of the world s people, places and things. Complete the short form to download this trend report.

Churchill Security Ltd

Established in 1993, Churchill Security Ltd is proud to offer a complete range of security guard services throughout the UK delivered by our team of fully SIA licensed and trained guards. Offering static and mobile guards plus key holding and alarm response solutions, we are experienced in providing security guard services to a range of industries including the corporate sector, construction sites, retail establishments, industrial warehouses and one off events. Whether you need temporary one day cover or a long term solution, get in touch today to discuss your requirements.

Churchill Security Guards

For more than 20 years, Churchill Security Ltd has thrived in the security industry by using unrivalled expertise to bring you a service you know and trust at great value for money. Churchill Security Ltd can assess your specific business needs in order to provide a cost-effective, reliable service that meets your requirements. We ensure that all our guards are fully SIA licensed and trained to the highest of standards and we are proud to be a UK top 5% SIA approved contractor for security guarding and key holding.

Internet of things bubble will burst in 2017, predicts Wired Magazine

Internet Of Things Bubble Will Burst In 2017, Predicts Wired Magazine

IoT trends Wired magazine has prophesied the demise of the internet of things (IoT) in 2017. As predictions go it s pretty bold given sales of internet-connected devices already number 12 billion worldwide and are projected to grow to about 30 billion by 2020. On the face of it, the tech bible has really stuck its neck out on this one.

Except Wired hasn t actually forecast the demise of internet-connected devices per se ; rather, it s the IoT term itself it believes is on borrowed time, along with an assumption associated with it: that no object, however mundane, cannot be improved with a computer chip. The Internet of Things was a made-up term to begin with, says the article in question. And now this bit of marketing nonsense carries a sheen of ineptitude, danger, and other shit. The upshot: the term will die in 2017, kinda like Big Data before it. Visitors to CES 2017 in Las Vegas test out some VR headsets The success of a Twitter account called the Internet of Shit, which tweets disparagingly about the myriad IoT devices being launched to more than 100,000 followers, augurs ill for the IoT, says Wired. To test out just how widely the IoT concept was being applied to everyday things , I drew up a list of the most mundane objects I could think of and Googled them with the prefix smart . Of the seven I Googled, four had already been enhanced with a computer chip and Wi-Fi connection (in the IoT camp: toilet roll holder, duvet cover, cushion and mirror; still stuck in the analogue age are sofas, breadbins and shoehorns). Yeah baby shove my smartphone in a 20lb bottle of water with a speaker or whatever #CES2017 pic.twitter.com/4yjkvXPPR6 Internet of Shit (@internetofshit) January 7, 2017 The other problem and one exacerbated by the sheer volume and range of IoT products is the cyber threat. If the media has played its part in hyping up the IoT, then it will also play a key role in facilitating its decline thanks to the slew of stories about the security risks posed by connecting your home.

Long focusing their fire on corporations albeit it s consumer data that is usually stolen tech writers and security experts are now warning of a frightening new spectre: that criminals will turn their attention to smart homes that lack the enterprise-grade security enjoyed by Fortune 500 companies (which is still shown to be lacking in so many cases). Wired noted that in September, nearly 1.5 million IoT devices (mostly surveillance cameras) were hijacked and that the following month, the same piece of malware rendered large swaths of the internet inaccessible to many people. The IoT has also been damaged by bricked devices, irritating outages, bankrupt startups, an international emissions testing scandal, and a viral story about a Brit who spent 11 hours trying make tea with a needlessly high-tech kettle. Aware of this perception the IoT industry has been scrambling to remedy vulnerabilities such as the widespread use of default usernames and passwords that hackers can easily find by trawling Google. At CES 2017 Symantec Norton unveiled what it claims is the most secure router in the world and is certainly one of the most aesthetically interesting. A geodesic orb, it looks like it could be an object of portentous power in a sci-fi fantasy film. Symantec Norton s Core Router Securifi, meanwhile, launched a mobile app that highlights vulnerabilities like easy to guess passwords or open ports and shows users how to remedy them. The next-generation of Bitdefender BOX was launched in Las Vegas too. Bitdefender s IoT security hardware protects against malware, hackers, ransomware, phishing and other online threats with data anonymization, malware scanning, machine-learning algorithms and network intrusion prevention technology.

Clearly, the IoT has been on the well-worn path followed by so many tech crazes. First, there s a lot of hype, but also considerable teething troubles where products malfunction or work less effectively than promised. Developers don t yet know what customers want from the tech, so there s a lot of trial and error and dud technology (that people later mock with the benefit of hindsight). Eventually, issues around usability and compatibility and cyber security will be remedied to a large degree and a clearer picture will emerge of what the IoT or whatever it is called by that time is for and what kinds of things can really benefit from internet connectivity. As Wired writes: The Internet of Things or whatever you want to call it has the potential to save precious resources, spot and fight pollution, and help people lead healthier, safer lives. But adding internet remote control to every single product on the market won t necessarily help us get there. What we need are thoughtful, affordable, durable devices that actually, y know, make our lives better. A new name, and a renewed sense of purpose, could be just what the Internet of Things needs. Click here to read the original feature in Wired, which also makes another four tech predictions for 2017.

Download: The Video Surveillance Report 2016 This exclusive report covers the security needs of surveillance systems as shaped by the physical environment including: What do security professionals think about plug-and-play systems Challenges like low-light conditions or large spaces and the threats posed in various sectors Which cutting-edge features such as mobile access, PTZ smart controls or 4K resolution are most important to security professionals What are the most important factors driving upgrades and would end users consider an upgrade to HD analogue Download the full report here.