Daily Archives: January 28, 2022

New Delhi: Pakistans National Security Advisor (NSA), Moeed Yusuf Thursday said that the safety of foreigners in the country is Pakistans responsibility, and concerns of Chinese workers and engineers working on the China-Pakistan Economic Corridor (CPEC) are being taken seriously, Express Tribune reported.

The NSAs remarks came in an interview with the Beijing Review where he mentioned that some countries and their proxy actors do not want the CPEC to succeed, as they see the Pakistan-China partnership as a threat.

Yusuf acknowledged that there have been a number of attacks on the CPEC projects, highlighting that India supported and funded them through anti-Pakistan militant organisations operating from third countries, the report said.

Unfortunately, our enemies will continue to seek ways to target us, he added.

However, the NSA stated that regardless of these attacks, there is clear evidence that the Pakistan-China relationship is still going strong as the two countries came out stronger and further strengthened security protocols.

All inimical forces working at the behest of external powers to undermine the CPEC will be defeated, said Yusuf, adding that Pakistan now has a mechanism to ensure the security of every Chinese citizen in the country.

He emphasised that the full potential of the CPEC will only be realised when there is peace in the region, the report said.

Responding to a question, the Pak NSA maintained that Pakistan neither believes in camp politics, nor it wants to be pushed in that direction.

China has always counselled us to have good relations with everyone, and we have always maintained that Islamabads relations with Beijing are not exclusive, he said.

Read the original:
Pak NSA accuses India of funding attacks on CPEC projects - The Kashmir Walla

A bald eagle named Christmas found freedom Tuesdayat Lake Gallimore on the south side of the Naval Support Activity Crane installation. She was released close to the area where she was found, obviously injured, 52 days before by a worker at Crane.

With frigid temperatures and a bitingwind, the eagle flew out of the gloved hands of Robert "Angel" Lange, a Navy veteran who now works as a wildlife rehabilitator. A few short hops up the grassy hillside, testing her wings, took the raptor to the edge of the icy lake.

While a handful of spectators watched, Christmas then headed out onthe ice, into the frigid waters for a short swim and onto a small island in the lake.

"She's testing her wings," Lange said, explaining the bird hadn't been able to truly fly since she was caught almost two months before, even though she'd spent time in his flight cage in Knox County.

The raptor traveled to her release location in a 12-by-24-by-7-foot dog cage and needed to work her wings before taking to the air, Lange said.

While the bird was making her way onto the island, two other bald eagles watched from their perch in a tree above their nest, one of two active nests at Crane.

Eagle events: Want to see a bald eagle? Eagles over Monroe events

Many bird species lay their eggs later in the year, butbald eagles in Indiana do so from December through February. Getting the adult female back into the wild near where she was found increases the chance she may find a mate this year.

When Christmas was captured, she had a puncture wound to her breast and an infected wing. Lange speculates the wound could have been caused during mating or while the bird was adding sticks to a nest.

Because of cooperation between Crane and the Indiana Department of Natural Resources, Crane officialswere able to contact a conservation officer who then contacted Lange. A visit to a veterinarian for X-rays revealed no broken bones and the eagle was transported to Lange's rehab center where she was fed and medicated until her release.

The Crane installation about 35 miles southwest of Bloomingtoncovers63,000 acres, mostly in Martin County,with about 52,000 acres of forest, according to Brady Miller, NSA Crane natural resources manager.

While Naval Support Activity Crane and Naval Surface Warfare Center Crane are best known for the ordnance and technology stored and created on the installation, Jeff Nagan, public affairs officer, said caring for the environment is another priority, especially with the large land mass the installation encompasses.

Counting species: Whooping cranes, barn owls, red-throated loons found during area Christmas Bird counts

The National Audubon Society lists Crane as an "Important Bird Area," adding it has about 100 bird species including many that depend on large tracts of forested areas. Crane officials take annual surveys for certain bird species, including the American woodcock, according to Miller. But bald eagles are making a comeback, with some migrating through the area and others establishing nests.

The two active bald eagle nests, at Gallimore and Greenwood lakes,were established in the 1990s by birds released at Lake Monroe more than 30 years ago. Since that time, bald eagles have found their way to rivers and lakes across the Hoosier state.

Everyone involved with the release of Christmas was hoping she finds a mate andestablishesanother nest at Crane.

Contact Carol Kugler at ckugler@heraldt.com,812-331-4359 or @ckugler on Twitter.

Read more here:
A bald eagle named Christmas is released back into the wild at Crane after rehabilitation - The Herald-Times

Note: This OSINT analysis has been originally published at my current employers Web site https://whoisxmlapi.comwhere Im currently acting as a DNS Threat Researcher since January, 2021.

Weve recently came across to a currently active free VPN domains portfolio which based on ourn research and publicly accessible sources appears to be run and operated by the NSA where the ultimate goal would be to trick users into using these rogue and bogus free VPN service providers in particular Iran-based users where the ultimate goal would be to monitor an eavesdrop on their Internet activities and weve decided to take a deeper look inside the Internet-connected infrastructure of these domains and offer practical and relevant threat intelligence and cyber attack attribution details on the true origins of the campaign.

In this case study well offer practical and relevant technical information on the Internet-connected infrastructure of this campaign with the idea to assist the security community on its way to track down and monitor this campaign including to offer actual cyber attack and cyber campaign attribution clues which could come handy to a security researcher or a threat intelligence analyst on their way to track down and monitor the campaign.

Original rogue portfolio of fake VPN service domains courtesy of the NSA:

bluewebx[.]com

bluewebx[.]us

irs1[.]ga

iranianvpn[.]net

IRSV[.]ME

DNSSPEEDY[.]TK

ironvpn[.]tk

ironvpn[.]pw

irgomake[.]win

make-account[.]us

make-account[.]ir

IRANTUNEL[.]COM

JET-VPN[.]COM

newhost[.]ir

homeunix[.]net

vpnmakers[.]com

hidethisip[.]info

uk[.]myfastport[.]com

witopia[.]net

worldserver[.]in

music30ty[.]net

misconfused[.]org

privatetunnel[.]com

aseman-sky[.]in

Related domain registrant email addresses known to have been involved in thecampaign:

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]COM

[emailprotected][.]cz

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

[emailprotected][.]com

Related domains known to have been involved in the campaign:

gaysexvideo[.]us

keezmovies[.]us

hitporntube[.]com

enjoyfreesex[.]com

allfreesextube[.]com

thegaytubes[.]com

sextubeshop[.]com

pornfetishexxx[.]com

ebonypornox[.]com

freepornpig[.]com

marriagesextube[.]com

searchporntubes[.]com

suckporntube[.]com

darlingmatures[.]com

pornretrotube[.]com

teensexfusion[.]net

rough18[.]us

teendorf[.]us

1retrotube[.]com

typeteam[.]com

biosextube[.]com

hadcoreporntube[.]com

reporntube[.]com

telltake[.]com

asianprivatetube[.]com

hostednude[.]com

alfaporn[.]com

sexbring[.]com

porntubem[.]com

newerotictube[.]com

firstretrotube[.]com

oralsexlove[.]com

1bdsmtubes[.]com

hairytubeporn[.]com

brunettetubex[.]com

tubelatinaporn[.]com

xxxgaytubes[.]com

analxxxvideo[.]com

analsexytube[.]com

aeroxxxtube[.]com

amateurpornlove[.]com

admingay[.]com

xxxretrotube[.]com

xxxshemaletubes[.]com

hotpornstartube[.]com

firsttrannytube[.]com

erotixtubes[.]com

1pornstartube[.]com

Visit link:
Exposing a Currently Active Free Rogue VPN Domains Portfolio Courtesy of the NSA An OSINT Analysis - Security Boulevard

At a glance.

SecurityWeek takes a look at Europols use of mass surveillance via a report by an international law professor. Europols bulk data mining has been determined to be a breach of the General Data Protection Regulation (GDPR), resulting in the European Data Protection Supervisor ordering Europol to delete all stored data not related to a person with a known link to crime. Douwe Korff, an Emeritus Professor at London Metropolitan University, compares Europols recent issues with mass surveillance to the Edward Snowden scandal. The GDPR was instituted, at least in part, in response to Snowdens revelations regarding NSAs mass surveillance, leading some to view Europols behavior as hypocritical. As the Guardian put it, While Europol lags behind the US in terms of technological capacity, it is on the same path as the NSA. Korff writes, This is about the desire of Europol and EU Member States to collect, in a generalized manner, vast stores of personal data on overwhelmingly innocent people,

As we noted yesterday, the White Houses Office of Management and Budget (OMB) has released a memorandum setting out a zero-trust architecture adoption strategy for federal agencies. As CNN notes, the plan gives agencies until 2024 to implement the required benchmarks, and is an attempt to set cybersecurity policies that revolve around outcomes rather than checklists. "This strategy is a major step in our efforts to build a defensible and coherent approach to our federal cyber defenses," National Cyber Director Chris Inglis said in a statement.

Bleeping Computer adds that cybersecurity experts have been advocating for a zero-trust model for years, and in February of last year, the National Security Agency (NSA) and Microsoft recommended the approach for large companies and critical infrastructure. In the press release accompanying the memorandum, CISA director Jen Easterly explained As our adversaries continue to pursue innovative ways to breach our infrastructure, we must continue to fundamentally transform our approach to federal cybersecurity. Zero trust is a key element of this effort to modernize and strengthen our defenses. CISA will continue to provide technical support and operational expertise to agencies as we strive to achieve a shared baseline of maturity.

The Verge explains that now that the final strategy has been issued, agencies are expected to designate a strategy implementation lead within their organization in the next thirty days, and they have sixty days to submit their implementation plan to the OMB.

We received a number of comments from industry about OMB's memorandum.Tim Erlin, VP or strategy at Tripwire, sees the memorandum as an important advance in Federal cybersecurity:

The published memorandum represents a substantial step forward for cybersecurity across the US government. Moving the whole of government in a single, forward direction is incredibly difficult, and the efforts of OMB and all of the participating agencies should be applauded.

"Implementing a Zero Trust Architecture is a proven way to reduce cybersecurity risk, but it is by no means an easy solution. The OMB memorandum lays out a set of foundational steps that agencies must take in order to begin this journey to Zero Trust, but its just a beginning.

"Its unfortunate that this memorandum doesnt provide a clearer role for what NIST identifies as one of the key tenets for Zero Trust: integrity monitoring. Documents from both CISA and NIST include integrity monitoring as a key component of Zero Trust, but the OMB memorandum doesnt include similar treatment. Integrity monitoring is foundational to a successful Zero Trust Architecture.

"This memorandum includes substantial requirements and discussion around Endpoint Detection and Response (EDR), and in doing so, runs the risk of over-reliance on a specific technology. EDR is already evolving into Managed Detection and Response (MDR) and Extended Detection and Response (XDR). The cybersecurity technology landscape moves quickly, and theres a real risk that agencies will find themselves required to implement and run a superseded capability.

Troy Grubbs, Regional Director of Federal at CyberArk, also thinks the emphasis on zero trust is an important advance:

Fully embracing a Zero Trust approach to cybersecurity is a sea-change for much of the federal government, not only operationally, but also in mindset. As described in the OMB memo, the heart of the shift lies in protecting identity both in how users and applications access data and complete tasks. In particular, the compromise of privileged identities (identities that have elevated access to sensitive data), is increasingly a target of bad actors and poses one of the greatest cybersecurity risks. Damages cannot only be measured by the impact of public service disruptions, but also, by the risk of compromising national security and defense readiness and public safety.

"Our geopolitical environment is increasingly uncertain, and the tactics used by adversaries have significantly advanced. A Zero Trust approach, with securing identity at its core, is best suited to protect vital infrastructure and data and allow agencies to securely execute their IT modernization goals.

Michael Crandell, CEO at Bitwarden, thinks the guidance needs some expansion with respect to the storage of passwords:

"With todays news that the Office of Management and Budget (OMB) released a Federal strategy to move the U.S. Government toward a zero trust approach to cybersecurity, there is a clear missing piece to the strategy, with the OMB offering no advice on how to generate and safely store strong and unique passwords.

"For instance, the strategy mentions that password policies must not require use of special characters or regular rotation. However, their advice to not rotate also comes with a need for people to use strong and unique passwords, an area where they offer no guidance.

"The federal strategy also covers the important matter of multi-factor authentication, which can stop hackers from guessing weak passwords or reusing passwords obtained from a data breach. But whats missing is how are people advised to avoid weak or re-used passwords? That question is left open and misses an opportunity to show people the value of a password generator, available for free both outside and inside password management products.

"When it comes to cybersecurity, we are all in this together. It helps all of us when the administration reinforces the message that cybersecurity is everybodys responsibility and gives the public guidance on the tools they need.What would make their guidance complete is simple: use a password manager.There are many available, including several free options, and experts, including NIST the National Institute of Standards recommend them. Password managers are a simple, practical solution that will help people avoid weak and re-used passwords, and instead create, save, and use strong and unique passwords to keep themselves safe online."

And Craig Mueller, of iBoss, sees an implicit mandate for cloud service providers:

Cloud Service Providers (CSPs) that cannot make all applications and resources private, including those in the cloud, will fail to reduce cyber risk and deliver on the Zero Trust model as outlined in the NIST Special Publication 800-207 mentioned in the memorandum. Cloud Service Providers will require a containerized cloud architecture to ensure cloud applications become completely isolated and only accessible specifically to trusted users. With a containerized architecture, the federal government can implement the goals of the memorandum and ultimately protect and isolate all resources, regardless of location, while granting access to those resources to trusted users working from anywhere.

Continued here:
Europol, mass surveillance, and GDPR. More on US zero-trust architecture plans. - The CyberWire

On September 30, 2021, the federal Departments of Treasury, Labor, and Health and Human Services issued Requirements Related to Surprise Billing;Part II, the second in a series of interim final regulations (the Second NSA Rules) implementing the No Surprises Act (NSA). This new federal law became effective for services on or after January 1, 2022.

Not surprisingly, the Second NSA Rules have sparked a series of federal lawsuits against these agencies (seehere,here, andhere) brought by providers, hospitals, and medical associations alleging that the Rules unlawfully create advantages to the payors that were not intended by the NSA. The Second NSA Rules focus on the independent dispute resolution (IDR) that may be initiated by either party if there is a disagreement as to the payment amount. The IDR process will determine how much the payor must reimburse the non-participating provider or facility for out-of-network emergency or certain facility based non-emergency services (subject also to applicable state law or a state all-payer system).

As we previouslydiscussed, the first set of NSA regulations provided, among other things, a methodology for how the payor calculates a patients estimated cost-share amount and the qualifying payment amount (QPA), which was identified as one of several factors that IDR entities must consider if the provider and payor cannot agree on an out-of-network rate for that particular date of service. Now, pursuant to the IDR rules outlined in the Second NSA Rules, arbitrators are required to begin with the presumption that the market-based QPA represents fair compensation, thereby creating additional evidentiary burdens for providers to prove that a more generous payment is warranted.

Here is an overview of how the NSA claims submission process works and, if necessary, how the IDR process works:

The IDR process is a baseball-style arbitration, meaning that each party must submit a proposed offer of payment and the IDR entity resolves the dispute by selecting one of the parties proposed amounts. Significantly, the Second NSA Rules make clear that the IDR entitymustselect the offer that is closest to the QPAunlessthe opposing party has submitted credible information that clearly demonstrates that the QPA is materially different from the appropriate out-of-network rate for the covered item or service. Additional information that may be submitted to rebut this presumption includes: the providers training and experience, the complexity of the procedure or medical decision-making, the patients acuity, the market share of the insurer and provider, the teaching status of the facility, the scope of services, any demonstrations of good faith efforts to agree on a payment amount, and the contracted rates from within the prior four years. But the IDR entity maynotconsider such information in resolving the dispute unless the information clearly demonstrates that the QPA is an inappropriate rate for the item or service at issue. In addition, according to the statute and regulations, the IDR entity maynotconsider: (i) the usual and customary charges; (ii) the amount that would have been billed but for the NSA; and, (iii) payment rates under Medicare, Medicaid, TRICARE, or other federal programs.

Provider groups that had intended to rely on the other permissible factors listed in the federal law during IDR proceedings are now confronted with the additional burden of having to overcome this new presumption in favor of the QPA. In the various federal lawsuits challenging the presumption favoring the QPA, the plaintiffs argue that Congress intended for the arbiter to considerseveralfactors, such as prior contracted rates for the medical service, the physicians experience and training, and case complexity, among others. According to these lawsuits, the federal agencies failure to follow the NSAs clear statutory mandates when promulgating these interim final rules by adding this new rebuttable presumption will drive down physician reimbursement rates and encourage payors to further narrow their networks, ultimately making it harder for patients to access necessary medical care. The lawsuits also argue that the Second NSA Rules may result in consumers paying higher premiums, which is contrary to Congresss stated intent to protect certain consumers from ever-increasing health care costs.

Whether and how providers will be able to meet these new credible and material difference regulatory requirements, and the overall impact of these new regulatory requirements on network and rate negotiations, remain to be seen. These are important cases to watch as we are in the first month of the implementation of the NSA and they may further shape the regulatory implementation of the NSA.

This document has been provided for informational purposes only and is not intended and should not be construed to constitute legal advice. Please consult your attorneys in connection with any fact-specific situation under federal law and the applicable state or local laws that may impose additional obligations on you and your company. 2022 Epstein Becker & Green, P.C.

Read more from the original source:
Hotly Contested Dispute Resolution Rules in Second Federal No Surprises Act Interim Final Regulations Are Being Challenged in Court - Lexology

Elizabeth Meyers Promoted to Director of Client Services at Kairoi Residential

Elizabeth Meyers

Kairoi Residential a premier, vertically integrated, multifamily investment, development and property management company announced the promotion of Elizabeth Meyers to director of client services, based in the Denver market. Elizabeth has more than 12 years of leadership experience in the multi-family industry, with a wealth of expertise in social outreach, marketing, relationship building and property operations.

Elizabeth has proven herself to be a very valuable part of our team, providing our residents and partners with a professional commitment to their satisfaction and success, said Sam Kasparek, managing partner of Kairoi Residential. At Kairoi we strive to provide everyone we work for and represent with a team of individuals who are leaders in the industry and respected by their peers. Elizabeth exemplifies that goal in every possible way.

Elizabeth has provided management services for more than 20 clients in nine states and is well-versed in lease-ups, value add, repositioning, and all classes of asset type. Herbackground in design and understanding of residents needshas solidified her work as a pre-construction consultant on luxury ground-up developments, as well as spearheading thousands of unit renovations and many other capital improvement projects. In the past, she worked with leading companies such as Lincoln Property Company and Aspen Square Management and has a Bachelor of Arts degree in both Communications and Psychology from the University of Montana.

Ally Hyziak

Jill Jimerson

i2Construction Hires Assistant Project Manager and Office Manager

i2 Construction, a Denver-based full-service commercial general contractor recently welcomed two new professionals to its team: Jill Jimerson as assistant project manager, and Ally Hyziak as office manager.

Jilljoins i2 with10 years of industry experience. She began her construction career estimating roofing and restoration projects later working her way up to a project coordinator roleon ground-up and multifamily projects.This is where Jill gained much experience in and found her love of construction management.In her current role as an assistant project manager with i2 she will work insupportof the senior project managers composing contracts,obtainingpermits, andtracking long lead items, to name a few. She also works directly with clients, architects and the field to ensure a smooth execution of projects and help to maintain healthy, long lasting relationships with everyone involved.

Ally has approximately10 years of experience in sales, marketing, and office management, with three of those spent in the construction industry. Sheprovides overall support to all departments internally throughout i2 and assists with business development and marketing. She earned aBachelor of Science Applied Business Analytics and Certificate in Marketing Management from the University of Southern California.

As we continue to expand our organization, with new roles and depth of support, it has been incredible to find exceptional people across all departments. Ally and Jill give us just that, an expanded breadth of support and abilities that will continue to help us grow our abilities, said Scott Farrell, president of i2 Construction.

BMC Investments Adds Four Members to its Leadership Team

Tiffany Stanley

Josh Mesner

BMC Investments (BMC), a Denver-based real estate investment company specializing in the acquisition, development, and management of properties across various asset classes and geographies, announced today the addition of four individuals to its leadership team: Tiffany Stanley as managing director, head of property management; Josh Mesner as senior vice president, asset management; Julian Felch as vice president, asset management; and Nick Martin as vice president, corporate finance & accounting.

With over $1.6B in transaction volume in 2021 and even more aggressive goals in 2022, its imperative that we continue to add depth of experience to our leadership team, said Matt Joblon, chief executive officer of BMC Investments. With decades of combined experience, the addition of Tiffany, Julian, Josh and Nick will be invaluable as we pursue our growth plan of reaching $5B in assets under management over the next five years.

Tiffany Stanley has joined BMC as managing director, head of property management. In her new role, she will oversee BMCs property management platform, creating a scalable structure through operational discipline, technology and top-tier talent that can accommodate the growth of another 20,000 units over the next five years. Tiffany brings over 26 years of experience in the property management industry to BMC, including managing more than 30,000 units over the course of her career. Prior to joining BMC, Tiffany had most recently been executive vice president with Steadfast Apartment REIT, overseeing all aspects of property operations, including revenue management, procurement, and capital facilities operations.

Josh Mesner has joined BMC as a seniorvice president of asset management where he will oversee asset management of BMCs commercial assets, Class A multifamily and new developments while implementing an institutional portfolio management program to accommodate the companys transition into fund management. Prior to joining BMC, he was a director of acquisitions in the Housing Group at Nuveen Real Estate, responsible for sourcing and closing equity investments across the firms various capital sources. Prior to Nuveen, Josh spent seven years at Invesco Real Estate, most recently as a portfolio manager on the Invesco U.S. Income Fund and previously three years in the transactions group. Before joining Invesco, Josh held real estate positions with Pacific Western Bank, Strategic Investment Group and JLL. He graduated from the University of Wisconsin-Madison with an MBA, specializing in Real Estate and received a BBA in Finance from James Madison University.

Julian Felch

Nick Martin

Julian Felch has joined BMC as vice president of asset management where he will oversee the management of the companys workforce housing portfolio and execute the value-add business plans of interior and exterior renovations to upgrade Class B and C properties as well as implement new analytics to maximize revenue, reduce expenses and achieve operational outperformance for all properties.

Julian began his real estate career managing a multifamily construction project on West 30th Street in Manhattan and subsequently held several senior operations roles with prominent owner/operators in New York City, spanning multifamily, industrial, and commercial portfolios as well as alternative assets such as self-storage and parking. Most notably, Julian spent five years on the management team at the 80-acre, 11,200-unit Stuyvesant Town/Peter Cooper Village rental community in Manhattan, first with Rose Associates and then with CWCapital/CompassRock. He was centrally involved in re-positioning the property for its subsequent $5.3B sale in 2016. He earned a BA from Bates College and holds an MBA from Harvard Business School.

Nick Martin has joined BMC as the vice president of accounting & corporate finance. He is responsible for the companys accounting, reporting and financial planning & analysis functions. Prior to joining BMC, Nick was vice president of accounting & finance at Yugo, a student housing management company with nearly $2 billion in assets under management, where he was responsible for accounting and finance while leading multiple strategic initiatives, helping complete two national portfolio recapitalizations, and having a critical role in the formation of the joint venture between GSA and Morgan Stanley. Prior to joining Yugo, Nick spent 10 years in real estate, public accounting, business valuation and financial reporting which he achieved while serving in multiple roles and being a key member of two publicly traded financial reporting teams, CoreSite and Natural Grocers.He earned a B.A. in Economics from the University of Wisconsin-Oshkosh, Masters degrees in Finance and Economics from the University of Colorado and is a Certified Public Accountant.

National Storage Affiliates Trust Announces Executive Leadership Promotions

Melissa Cameron

Tiffany Kenyon

National Storage Affiliates Trustrecently announced the following promotions among its senior leadership team, effective January 1, 2022:

Tiffany Kenyon has been promoted to executive vice president and general counsel (she was previously senior vice president and senior legal officer).

Melissa Cameron has been promoted to senior vice president of customer acquisitions (she was previously vice president of customer acquisitions).

Were extremely pleased to announce these promotions which recognize the growth in responsibility and expertise both Tiffany and Melissa have demonstrated, said Tamara Fischer, president and chief executive officer, of NSA. Their commitment to the continued success of NSA has been invaluable. These promotions exemplify NSAs commitment to furthering our Diversity, Equity and Inclusion initiatives.

Prior to her promotion, Tiffany served as NSAs senior vice president and senior legal officer. She joined NSA in 2018 after previous positions with MarkWest Energy Partners, including vice president of law and working in private practice with Greenberg Traurig, LLP as a shareholder. She received her J.D. degree from the University of Colorado at Boulder, where she graduated Order of the Coif, and received her bachelors degree in Business Administration from the University of North Carolina at Chapel Hill, where she graduated Phi Beta Kappa.

Melissa also joined NSA in 2018 as vice president of marketing. She has over 20 years of experience in digital marketing, including roles as the senior director of digital marketing at Extra Space Storage where she led the digital marketing and customer experience teams. In 2014 she won the Direct Marketing News 40 under 40 award. Melissa holds a Bachelor of Commerce degree with a concentration in Marketing from Carleton University in Ottawa, Canada.

Go here to see the original:
Movers and Shakers Week Ending 01.28.22 - Mile High CRE

The smartphone landscape has changed drastically over the past few years. Consider this: not too long ago it was easy to make a case arguing that Apples iPhone was the best smartphone on the market. These days, rival devices from Google and Samsung routinely give top-of-the-line iPhones a run for their money. Indeed, when it comes to certain metrics like camera performance, there are some years where Google and Samsung devices leave the iPhone stranded in second place. With that said, the narrative around smartphones today doesnt necessarily center on which device to get. Rather, its about how to make the most out of whatever device you already own. And under that umbrella is the important issue of maintaining Android and iPhone security.

Especially these days, when scammers are more sophisticated and clever than ever, any concrete advice designed to keep your iPhone or Android device secure is worth paying attention to. To this point, the NSA not too long ago released a list of best practices for mobile devices. If youre keen on maintaining optimal security for your iPhone or Android, youll want to read below.

Many of the iPhone and Android security tips from the NSA are familiar. However, there are a few interesting entries on the list. For example, the NSA advises users to shut down and power on their devices every single week.

Touching on this, Citizen Lab security expert Bill Marczak explains that many hackers today are opting for in-memory payloads that are harder to detect and trace back to whoever sent them. However, these types of hacks, Marczak notes, cant persist once a device is powered off.

Is powering your device on and off a foolproof strategy? Not at all. Still, its one tool of many that users should keep in mind when it comes to iPhone security.

It should go without saying, but never open unknown email attachments and links. This is especially worth paying attention to in an age where security firms like the NSO group have come up with incredibly ingenious exploits. As the NSA warns, even legitimate senders can pass on malicious content accidentally or as a result of being compromised or impersonated by a malicious actor.

The NSA document also advises to only use original charging cords. This is especially good advice for iPhone users who might be tempted to buy a knockoff charger because Apple peripherals tend to be pricy. This is an especially important iPhone security tip.

iPhone and Android users alike should also make sure that theyre always running current software. Apple and Google issue security updates periodically. In turn, users should make sure that their software is always up to date so that malicious actors cant take advantage of patched exploits.

Other security tips from the NSA include:

Use biometric authentication like Face ID to prevent unauthorized access to your device.

Disable location services for apps that dont need it.

Disable Bluetooth when youre not using it.

Dont connect to public Wi-Fi networks.

Use text applications with strong encryption.

Only use trusted accessories.

Read the rest here:
Every iPhone and Android user needs to do this once a week - BGR