Tag: items | SpinSafe

Nearly 600 items of contraband including drugs, shivs and mobile phones were found during prison searches | The Canberra Times

December 11, 2021/in Mobile Security

news, crime, prison, contraband, seizures, drugs, smuggling

Custodial staff seized 25 mobile phones and 45 phone-related items such as chargers, as well as 276 makeshift shivs, weapons and other assorted contraband during searches inside Canberra’s jail across the 2020-21 financial year. During a reporting period marked by the most significant riot in the jail’s 13-year history, the number of planned and random searches of detainees and locations within the jail fell from 4234 to 3862, with a total of 587 contraband items located. This compared with 644 items located in the previous reporting year. The volume and types of drugs smuggled in was not recorded, although admissions by prisoners in court statements suggested a prevalence of methamphetamine, opioids and cannabis. The peak time for seizures was in December last year, when around 100 various items were found after around 400 location searches within the prison. Three drug detection dogs have been operating on rotation at the jail and the arrival of a fourth, trained specifically in phone detection, together with a canine team supervisor in mid-2021, was expected to give a significant boost to this capability. In budget estimates two months ago, Corrective Services commissioner Ray Johnson said he had hoped to have a new body scanner in place by the end of the 2021-22 financial year, “if not sooner”. Numbers of detainees held within the Alexander Maconochie Centre are not provided on a regular basis and vary throughout the year depending on court throughput. In June 2021 there were 377 detainees held at the prison, a huge drop from the 452 held 12 months previously. Sentenced prisoners are still mixed with those held on remand, which is in breach of the legislation. Around one-third of these detainees were prisoners held on remand, or yet to be sentenced. Of those, just over a third identified as Aboriginal or Torres Strait Islanders. While those full-time (sentenced) prisoners serving less than two years or between two to five years had declined, the latest reporting period saw a huge jump in those serving 20-plus years for very serious offences. There are now 21 prisoners serving 20-plus years in the prison, almost…

Source…

BIS issues significant new export controls on certain cybersecurity items and related guidance

December 3, 2021/in Computer Security

On October 21, 2021, the Bureau of Industry and Security (BIS) published an interim final rule (IFR) to implement significant new controls regarding certain cybersecurity items. The rule contains new and updated Export Control Classification Numbers (ECCNs) and new License Exception Authorized Cybersecurity Exports (ACE). On November 12, 2021, BIS issued Frequently Asked Questions (FAQs) to provide guidance on the IFR and License Exception ACE.

On October 21, 2021, the Bureau of Industry Security (BIS) published an Interim Final Rule (IFR) to implement controls on certain “cybersecurity items” that can be used for malicious cyber activities. Most notably, the IFR defines “cybersecurity items” to include the new and updated Export Control Classification Numbers (ECCNs) and creates a new License Exception Authorized Cybersecurity Exports (ACE). This IFR follows BIS’s original proposal to implement the addition of cybersecurity items to the Wassenaar Arrangement (WA) in 2015. However, the 2015 proposed rule received substantial industry scrutiny, including concerns that the rule was overly broad, would impose a heavy burden on licensing for legitimate transactions, and could cripple legitimate cybersecurity research. In response to those and other concerns, BIS suspended implementation of the 2015 proposed rule and, instead, renegotiated changes to the WA control lists in 2017, intending to define more precisely the scope of the cybersecurity controls. BIS released the October 2021 IFR to implement the 2017 WA decisions. Public comments on the IFR are due December 6, 2021, and the IFR is set to go into effect on January 19, 2022.

On November 12, 2021, BIS issued Frequently Asked Questions (FAQs) that provide guidance on this IFR.

New Export Control Classification Numbers

“Cybersecurity items” are defined to include the new and updated ECCNs referenced below and certain related ECCNs in Categories 4 and 5.

Category 4 includes two new ECCNs related to “intrusion software”:

4A005 “Systems,” “equipment,” and “components” therefor, “specially designed” or modified for the generation, command and control, or delivery of “intrusion software.”
4D004…

Source…

Intrusion Preclusion: BIS Issues Long-Awaited Controls on Cybersecurity Items, Creates New License Exception | Wilson Sonsini Goodrich & Rosati

October 28, 2021/in Computer Security

On October 21, 2021, the Department of Commerce’s Bureau of Industry and Security (BIS) issued an interim final rule (the rule) implementing expanded export controls on cybersecurity items based on the belief that these items “could be used for surveillance, espionage, or other actions that disrupt, deny or degrade the network or devices on it.” The new controls on cybersecurity items stem from the 2013 addition by the Wassenaar Arrangement¹ (WA) of cybersecurity items, including intrusion software to Wassenaar’s list of controlled items. Public comments in 2015 indicating significant concerns over BIS’s implementation and scope of the proposed controls resulted in renegotiation of these controls at the WA’s 2017 meeting. Last week’s rule implements the WA 2017 controls. The rule is intended to prevent malicious “intrusion software” from being exported to certain countries of concern without a BIS license and not to hinder responses to cybersecurity flaws and incidents.

New Cybersecurity Related ECCNs

The rule creates new controls on hardware and software (ECCNs 4A005 and 4D004, respectively) specially designed or modified for the generation, command and control, or delivery of intrusion software. The EAR defines intrusion software as software specially designed or modified to avoid detection by monitoring tools² or to defeat protective countermeasures,³ of a computer or network capable device (such as a mobile device or smart meter). Intrusion software either 1) extracts data or information (from the computer or network-capable device) or modifies system or user data or 2) modifies the standard execution path of a program or process in order to allow the execution of externally provided instructions. According to the proposed rule, it does not include any of the following: Hypervisors, debuggers or Software Reverse Engineering (SRE) tools; Digital Rights Management (DRM) software; or software designed to be installed by manufacturers, administrators, or users, for the purposes of asset tracking or recovery.

The rule also adds paragraph 5A001.j “IP network communications surveillance systems or equipment” to ECCN 5A001 which is similar to controls on…

Source…

44M Digital Wallet Items Exposed in Key Ring Cloud Misconfig

April 2, 2020/in Mobile Security

Millions of IDs, charge cards, loyalty cards, gift cards, medical marijuana ID cards and personal information was left exposed to the open internet.
Mobile Security – Threatpost

Tag Archive for: items