Home Builder Developer - Interior Renovation and Design

Inspired by a community in Italy, the idea has taken hold in Twin Cities neighborhoods

MINNEAPOLIS Neighbors craving signs of hope are finding it in song, on their front steps, balconies and the porches of their homes.

For four nights straight, Michele Hoch has stood in front of her South Minneapolis home singing John Lennons Imagine.

For the first time, she was joined by her upstairs neighbor, Karen Smith, singing from her balcony.

Stuck at home, Karen laughs. Introverts unite.

Inspired by a community in Italy during its battle with coronavirus, the 7 p.m. nightly sing-along has gained traction on social media and spread to neighborhood across the Twin Cities.

They may be the only person on their block, but it just makes you feel connected to your community, Hoch says.

KARE 11s coverage of the coronavirus is rooted in Facts, not Fear. Visit kare11.com/coronavirus for comprehensive coverage, find outwhat you need to know about the Midwest specifically, learn more about thesymptoms, and keep tabs on thecases around the world here. Have a question? Text it to us at 763-797-7215. And get the latest coronavirus updates sent right to your inbox every morning. Subscribe to the KARE 11 Sunrise newsletter here. Help local families in need: http://www.kare11.com/give11.

The state of Minnesota has set up a hotline for general questions about coronavirus at 651-201-3920 or 1-800-657-3903, available 7 a.m. to 7 p.m.

More information on the coronavirus:

Continue reading here:
Minnesotans stand on balconies and porches to sing - KARE11.com

An epidemiologist answers the biggest questions she's getting about coronavirus. Wochit

Editor's note:The Star is making this story free to readers due to public health concerns related to coronavirus. Please consider a digital subscription to The Star so we can continue doing this important work.

John Gahan stepped out of his Ventura home Tuesday night, his mandolin in his hand, and sat down on the porch.

It was 8 p.m. and he started to play.

He had gotten the idea earlier while talking over the phone withhis brother-in-law in Barcelona. In home isolation because of the new coronavirus, people in the city 6,000 miles away started takinginstruments out on their balconies and played each night at 8.

They did it in honor of all those working at hospitals and clinics to save lives, his brother-in-law told him and his wife.

"I thought I could do that from here," Gahan said.

The new virus hit Ventura later than Barcelona. As the number of cases rose locally, public health officials first urged social distancingand later ordered Californians to shelter at home.

Families, classmates, friends, bands, even neighbors were physically divided as lines grew and the shelves emptied at grocery stores. Schools were closed. Gyms, bars anddine-in restaurants followed suit.

Gatherings bigger than 250 people were canceled,then those with more than 50and finally more than 10.

Before Gahan started to play that first night,he crafted an email to his fellow members of a band called Pint of Irish.

"8:00 Tonight And Every Night I Can (For At Least A While)," he wrote in the subject line.

He toldhis bandmates what his brother-in-law had told him.

"Anyway, in honor of health care workers everywhere dealing with this, I'm going to do it tonight and every night that I can for a while," he wrote. "I'llgo out on my porch and bang out a couple tunes.If anybody is interested, join me from your porch. I'll be listening."

More: Coronavirus: How you can help in Ventura County during the COVID-19 outbreak

The spot set up for a wedding at Lisa and Jeff Daniel's Santa Paula home.(Photo: Contributed photo/The Daniels)

On the same night in Santa Paula, Susie Yee stood with her husband, Dan, and watched their youngest get married.

A small group of family members sat inchairs or stood in the grass, a majestic oak tree nearby.

It wasn't how it was supposed to happen.

Laurie Yee and Landin Osbornegot engaged lastJune andhadaMarch 21 wedding scheduledata private residence and barn in Oxnard.

They had planned for nine months and felt lucky to find the spot just a mile from Laurie's childhood home. About 125 peoplewere coming, including family flying in from homes scattered around the country.

Deposits were made and then the new coronavirus swept through the U.S.

Family members who had planned to stick around after the wedding for a reunion of sortshad to cancel. The wedding also had to be called off.

"There were a lot of tears and disappointment," Susie Yee said.

But while the wedding day they planned was off,neither bride or groom wanted to wait to get married. However this crisis was going to play out, they said they wanted to go through it together.

Lisa Daniel read her friend Yee's Facebook message about the canceled wedding and reached out.

I thought, Well, they still want to get married and I have this big beautiful oak tree with green grass under it,' " she said.

More: Food Share, local pantries worry about volunteers, donations as coronavirus takes a toll

Susie and Dan Yee at the Santa Paula home where their youngest child got married last week. The bride and groom had to cancel the large wedding they had been planning for months because of the coronavirus.(Photo: Contributed photo/The Yees)

There wasnt room at the Daniels' Santa Paula home to host a big wedding. But a big wedding couldn't happen anymore.

"We trimmed everything way back," Susie Yee said. "But once we knew this was the place, it was like the clouds lifted."

The Daniels invited them to their home.A friend of her daughterdonated flowers from her farm. Another friend of the family gave them a reduced price for photos.

Even though everyone is going through tough times, Yee said, so many people put everything aside to make the night happen. And, it would happenrain or shine.

By 2 p.m. Tuesday,the raintapered off and the sun came out. Lisa and her husband, Jeff, dried off their patio chairs and set them up by the big oak, keeping them spaced apart.

I had a wooden table here in my house that I had actually hauled to San Francisco when my daughter got married for an outdoor wedding, she said. I just pulled that thing back out there, and we used it for another wedding.

In the end, most of thedetails didnt really matter.

There was a pastor.The bride had a dress, and the groom had a suit. He played a song he had written on his guitar while she walked down the aisle. Someone took video for everyone who wasn't able to be there.

"I swear it was like the best way to have a wedding," Yee said.

An old photo shows Pint of Irish practicing before coronavirus required social distancing.(Photo: Contributed photo/Mike McChesney)

At 8 on Wednesday night, Gerry McGuirecoaxed notes of a couple Irish songs from hisconcertina.

He couldn't hear the other members of Pint of Irish but knew they were out there.

The night after Gahan's email, ahalf-dozen or so played at their homes separated by miles or cities in some cases. By Thursday, the number had doubled, and on Friday night, a neighbor of the Gahans even joined in, playing a bongo drum.

Any weirdness about playing alone in the dark on his Venturapatio faded quickly, McGuire said."It's a good feeling to be doing something."

In his 80s, hehad taken the call to stay at home seriously.

"My wife had a doctor's appointment today. It was the first time we left the house since this happened," he said one day last week.

They have some family in the area and two neighbors already hadoffered to bring foodif or when they need it. One neighbor had posted some mailfor them.

"We're doing fine," McGuire said.

As he played "Merry Blacksmith" that night, his wife cheering him on from inside, he didn't know if his neighbors listened in.

"Nobody threw anything. I know that," McGuiresaid laughing."I didn't see anyone, but I imagine they were in awe."

More: Cafe Society: Ventura County restaurants address dining in the time of coronavirus

John Gahan, in the blue shirt, plays with Pint of Irish band members pre-coronavirus social distancing.(Photo: Contributed photo/John Gahan)

The band members choose the songs every day before 8. Mostly, they aim for up-tempo, happy tunes with some lilting melodies mixed in.

Group leader Mike McChesney, who plays the tin whistle from his Thousand Oaks porch, tried to find a video-conferencing program that they could use.

It hasn't been entirely successful, but it hasn't really mattered.

"Even though you're there kind of isolated in your front yard," he said, "you feel like you're part of a group."

That was kind of the point.

It is important to take what ishappening seriously, Gahan said. "But I also feel like life doesn't have to be dismal in such circumstances."

People can find ways to connect, check in on each other, save a weddingand maybe cheer on some health workers with a tune or two.

"It sounds like it really helps to unite people even if there is a physical distance," Gahan had typed in his message to the band.

Then, he had clicked send, grabbed a cushion and stepped outside to play.

Cheri Carlson covers the environment for the Ventura County Star. Reach her at cheri.carlson@vcstar.com or 805-437-0260.

Read or Share this story: https://www.vcstar.com/story/news/local/2020/03/21/coronavirus-band-members-still-play-miles-apart/2877760001/

See the original post:
Coronavirus canceled a wedding and band practice. But these friends didn't give up - VC Star

Knoxville, Beaverdale host bear hunts, but it's not what you think

Updated: 8:00 PM CDT Mar 21, 2020

Knoxville and Beaverdale neighborhoods are taking a page out of the book "We're Going on a Bear Hunt."Homes are putting stuffed animals in windows and on porches so families can go on bear hunts, whether in their cars or on walks. While some people didn't have bears to show, the Cookie Monster made an appearance, and so did some unicorns. To find where bears are in your community, click here.

Knoxville and Beaverdale neighborhoods are taking a page out of the book "We're Going on a Bear Hunt."

Homes are putting stuffed animals in windows and on porches so families can go on bear hunts, whether in their cars or on walks.

While some people didn't have bears to show, the Cookie Monster made an appearance, and so did some unicorns.

To find where bears are in your community, click here.

Follow this link:
Knoxville, Beaverdale host bear hunts, but it's not what you think - KCCI Des Moines

As we adjust to life amid the COVID-19 pandemic, well likely turn to the artsa favorite poem, a beloved album, a treasured paintingover and over in search of comfort and relief. Art, in all its forms, is a vital part not just of our personal lives but of our community. Social distancing measures and the resulting venue closures have turned the local creative world upside down, both for individual artists and the organizations that support them. Heres what some of those folks are saying about the state of the arts in Charlottesville, and what might come next.

St. Patricks Day was supposed to be Matthew ODonnells busiest day of the entire year. A multi-instrumentalist who specializes in Irish music, he was booked for 15 hours of serenading audiences, from senior center residents to late-night beer-swigging revelers.

But this year, his St. Paddys calendar was wide open. As the COVID-19 pandemic spreads throughout the United States, Virginia governor Ralph Northam has banned all nonessential gatherings of more than 10 people. In response, local venues that support the artsconcert halls, theaters, galleries, bookshops, libraries, restaurant-bars, you name ithave shuttered their doors for an undetermined amount of time.

This leaves ODonnell and many other artists in Charlottesville without physical places to share their worknot just for arts sake, but for a living. Its also worth noting that many local artists participate in the service industry and gig economythey tend bar, wait tables, work retail, drive ride-shares, and more. And most of those jobs are gone, or paused until, well, who knows when.

ODonnell makes his entire living from performances, and he looks forward to the month of Marchin large part because of St. Patricks Daywhen he can bring in twice what he makes in an average month, to make up for the lean ones (namely January and February).

I began to get concerned in late February, as the senior communities closed their doors to visitors, says ODonnell, and that concern grew as gigs canceled one by one during the first couple weeks of March. I thought the worst-case scenario would be that everything would shut down, but I honestly didnt think the worst-case scenario would come.

At first, it was a professional worry of realizing that all of my business is gone, says ODonnell, who hopes he can make some money by playing donation-based virtual concerts. But the worry, the sadness, has turned personal: These people are my friends, he says of his audiences, particularly those folks at the senior centers. When he sings with them, he says he feels something profound. And [now] I cant go see my friends. I do want to be looking forward to the next thingbut all I know is that the next thing I do is going to be very different from what Ive been doing.

Graphic novelist Laura Lee Gulledge knows that, too. Im friends with change and constant reinvention, she says. As a full-time artist Gulledge relies not just on book sales and illustration commissions but art teaching residencies. She says she often feels like shell get by on the skin of my teeth, but [I] make it work. Artists are always having to come up with new business models, she says. Its implode or evolve.

Her new book, The Dark Matter of Mona Starr, is scheduled to be released on April 7, and she planned to launch it at last weeks Virginia Festival of the Book. But the festival was canceled due to the threat of COVID-19, as was the rest of her North American book tour.

In a way, the book is more relevant than Gulledge could have predicted, or ever wanted to imagine. The protagonist, Mona, is a sensitive and creative teen learning to live with anxiety and depression. In the back of the book, Gulledge includes a guide for creating a self-care plan for particularly dark and stressful times, and she shares her own.

Its like my masterpiece, she says of The Dark Matter of Mona Starr. I was finally mentally prepared to own it and step into it, and start conversations about mental health and not feel like a fraud.

Rather than consider the whole thing a wash, Gulledge will do a virtual book tour via Facebook Live, where shell be talking about topics such as drawing through depression and cultivating healthy artistic practices.

The Front Porch roots music school is also pivoting to an online lessons model, to keep instructors paid and to keep students in practice. Songwriter Devon Sproule (who had to cancel her upcoming U.K. tour) usually teaches somewhere around 80 students a week between group classes and private lessons, and, so far, a handful of them have made the leap to live virtual lessons. Keeping the routine and personal connection of a lesson could be particularly important right now, says Sproule. She had to teach one young pupil how to tune a ukulele, a task Sproule had taken on in their in-person lessons. I had no idea this kid could tune their own ukulele, and I dont think they did either, says Sproule. I think it was empowering.

The Charlottesville Players Guild, the citys only black theater troupe, has postponed its run of August Wilsons Radio Golf, originally scheduled to premiere at the Jefferson School African American Heritage Center April 16. The paid cast and crew were in the middle of rehearsals, and while they hope to be able to open the show on April 30, things are still very uncertain, says CPG artistic director Leslie Scott-Jones. When you hear medical professionals say this might go through July or longer, its like, Whatll we do?

The JSAAHC has also had to cancel two benefit concerts for Eko Ise, a music conservatory program for local black children, that the center hoped to launch later this year. Now, theyll be months behind in that fundraising effort, says Scott-Jones.

The Bridge Progressive Arts Initiative, which provides not only a physical gallery space for visual and performance art, but funding for public art and after-school programs, has canceled all in-person events (though it is finding creative ways for people to participate from a distance, such as its virtual Quarantine Haiku video series). The Bridge has also postponed its annual Revel fundraiser, originally scheduled for May 2. Revel brings in between 20 and 30 percent of the organizations operating budget for the year, says director Alan Goffinski,

Gulledge makes an excellent case for continued support of the arts as we face uncertainty: This is the sort of moment where people will look to the creative thinkers to generate hope, and to generate positivity and be beacons of light in this moment of darkness. This is part of our purpose.

The Bridge Progressive Arts Initiative and New City Arts announced Friday, March 20, that it has established the Charlottesville Emergency Relief Fund for Artists. We will have more information on that soon.

The Front Porch and WTJU 91.1 FM are also teaming up to broadcast live concertsFriday and Wednesday evenings. Follow us at @cville_culture on Twitter for regular updates about virtual arts eventsthat will take place over the coming weeks.

Continued here:
State of the art: How COVID-19 is affecting Charlottesvilles arts community - C-VILLE Weekly

The partial but increasingly growing, self-imposed isolation has begun.

I am writing these words on Sunday, and it will be a couple of days before they are out in print and online. Who knows what will happen between now and then, what with how fast this coronavirus is moving and affecting society?

Like many of us, I am voraciously consuming news about the COVID-19 pandemic. No need to panic, but definitely time to respond, to take steps and to not be stupid as in overreacting and moving into the old Cold War bunker out in the backyard or ignore everything and go about life as usual with a false sense of invincibility.

And even though it appears most people who get this darn thing will come through it OK, I do think a bit of alarm is understandable and maybe even helpful. But please, keep perspective.

I went to Costco on Saturday. I needed a few things and had been waiting until my list was long enough to merit a trip there (toilet paper was not on the list). I had tried the day before, but there were cars parked everywhere, including in spots Im sure were not actual parking places, and I saw maybe just a dozen shopping carts available outside the store. Yikes. I came back Saturday morning about 20 minutes before the store opened, so I could park within sight of the store.

By the time I shopped and fled, the place was jammed. The butcher told me the day before they sold out all the products they made from scratch (meatloaf and mashed potatoes, chicken enchiladas, mac n cheese, etc.), and were working feverishly to catch up and restock. The checker told me they had just experienced their highest volume sales days two days in a row.

I kept looking at the overloaded carts that went by me. Every one had in it at least one giant size or multiple packages of the following: toilet paper, paper towels, cleaning products, liquid hand soap and the like. I saw one of the big flat carts that had stacked on it about half a pallet of ramen meals.

Theres preparedness and then theres whatever this was.

When I was growing up in Florida, there was a regular drill when a hurricane was approaching. It was fairly simple, and it made sense. And it was adapted based on specific circumstance. For example, we had a neighbor with a swimming pool who was often out of town. If he wasnt there when a storm approached, wed go over to remove and stash the cushions from his outdoor furniture and throw the furniture into the pool. In a hurricane, everything becomes a potentially lethal projectile.

Since then the state has created an incredible preparedness and response network, including staging areas of material, which can be relocated quickly depending on where the storm will hit. Its a model for the nation.

Anticipate, prepare and do what makes sense.

Our son was supposed to fly into Spokane this week. My husband wisely nixed the trip. Sam agreed. He texted: Although Im not in a high-risk group, should I catch something on the plane and visit my, ahem, elderly parents, well

And hes right. Bruce and are I are in our 70s, which is the hardest-hit population, with the highest death rate. And while we dont have the kinds of respiratory or immuno-suppressed ailments that appear to be exacerbating factors, by virtue of our age and the fact that we do have some health things were dealing with, we reside in COVID-19s target demographic.

The good news, if its even appropriate to think in those terms yet, is that this pandemic seems largely to be skipping the children. A silver lining to be sure.

I remember when I first began writing about historic landmarks, Id spend time tromping through cemeteries in Spokane and in rural areas of the region. I saw so many grave markers with the date of 1918 on them and often a simple Baby Jones or Infant girl Smith. Those, of course, were the result of the infamous Spanish flu pandemic that infected fully one-third of the worlds population at the time and killed 20-50 million people (675,000 of whom were Americans), mostly between the ages 20 to 40.

And for those of us with the target on our backs now, we love the little ones in our lives, but they could quite likely carry the disease to us when we grab them up in the hugs that we love to give them. A lot of things need to change, at least until were on the downside of the coronavirus bell curve we are climbing. And yet, we dont want to scare the children.

Washing hands, social distancing, limiting large-group exposure, staying home more, covering a cough with the crook of our elbows, not shaking hands and not touching our faces easy(ish) to do. Not hugging a grandchild is a whole lot tougher.

And then theres the issue of trying to work at home. I do that already. But my husband goes to peoples homes and businesses to do his work. If you are a server in a restaurant, for example, you cant work from home. Kids are out of school. How do you manage child care and still work?

I dont need to itemize all the hurdles and problems were in the midst of, or are coming. Or to jump into the discussion of how and why were not farther along in dealing with this. Conversation for another time.

Were here now, so for now, lets just proceed with an abundance of caution, do what the virologists and health care professionals tell us.

But lets begin the process of thinking long term, getting set up, preparing for next time, too. Like with hurricanes, its not if, but rather when one will hit. Lets get smart about these viruses. They may well be the hurricanes of the future.

Voices correspondent Stefanie Pettit can be reached by email at upwindsailor@comcast.net.

Follow this link:
Front Porch: Follow health experts advice, and lets also think long term - The Spokesman-Review

At one major US agency, some officials have resorted to holding meetings on iPhone group calls because the regular conference bridges haven't always been working, according to one federal employee. But the workaround has its limits: The group calls support only five participants at a time, the employee noted.

"Things have worked better than I anticipated, but there are lots of hiccups still," said the employee, who spoke on condition of anonymity because he is not authorized to speak on the record.

As they increasingly log on from home, Americans are having to meld their personal technology with professional tools at unprecedented scale. For employers, the concern isn't just about capacity, but also about workers introducing new potential vulnerabilities into their routine whether that's weak passwords on personal computers, poorly secured home WiFi routers, or a family member's device passing along a computer virus.

"All it takes is one of their kids to get [electronically] infected and it spreads inside the house," said Marcus Sachs, a former vice president for national security policy at Verizon.

From there, experts say, malware could easily jump from a compromised employee's machine into a connected office network.

A big test for government computer systems

This year, those numbers may shift dramatically.

"I'm sure every agency right now is scrambling to load-test their VPNs and access points to make sure not just 10 or 20 percent of their workforce can log on, but 70 or 80 or 90 percent," said the former chief information officer of a major US agency. "That will be a challenge, for sure."

Not all government agencies use VPNs exclusively anymore. As online storage and computing platforms have taken hold in corporate America, so too have they spread in government IT systems. Now, it's more common to see civil servants logging into cloud-based applications and services from wherever they are.

Others may not have access to office computing devices that they can take home with them either because they were never expected to work remotely, or perhaps because their work may be extremely sensitive.

How the intelligence community is adapting

Among the federal workers most hamstrung by efforts to reduce their presence in the workplace are members of the intelligence community. Working on topics and systems that are classified makes it difficult at best to work from home, if not impossible.

"There are some very senior military and government officials who have the capability to do up to Secret [work] from their house, but we're talking about four-star generals and admirals and things like that," said Jamie Barnett, a retired US Navy rear admiral and senior vice president of government services for the secure communications firm RigNet.

"For other classified work, there's going to be limited facilities to be able to do that," Barnett added, "so that's going to take some grappling."

Agencies have already enacted safety measures and made leave policies more flexible. The Office of the Director of National Intelligence -- which oversees 16 different intelligence agencies -- says it is "reducing staff contact88 through a variety of options including staggered shifts, flexible schedules, and social distancing practices."

In a business that demands 24/7 attention, the agencies "are also developing and implementing appropriate response plans" an ODNI spokesperson added.

Dealing with COVID-19, however, "is a contingency for which the IC never prepared," said former National Intelligence Council chairman Greg Treverton.

Some who work in intelligence are contractors who, due to contract provisions, must physically report to a government facility and do their jobs under direct oversight, said the former CIO. It's possible those contracts may be reinterpreted in light of the coronavirus crisis, he said.

Intelligence officials certainly have technology and practices that would make them among the most digitally secure to work outside the office, but they're still exposed. In the best of times, for example, intelligence officials can't even bring their mobile phones into the workplace, recognizing the security risk that they are.

Working at home, "you get more vulnerable and you get much less efficient because you're being careful," adds Treverton, who said that for the country at large, the security issues associated with teleworking are an "enormous vulnerability."

Still, the rise of cloud computing means many workplaces are in a much better position for telework than they were even a few years ago.

"If this had happened five years ago, I would guess that a very, very large percentage of government employees would not be able to remotely access their systems or do anything from home," said Gordon Bitko, a former FBI chief information officer. "Today, that's definitely not true. I can't speak to every agency, but it's far, far greater than it was."

Continue reading here:
Millions of Americans are suddenly working from home. That's a huge security risk - CNN

From smart doorbells to outdoor cameras and models with facial recognition, there are a ton ofhome security cameraoptions out there. Indoor security cameras keep watch when you aren't home, looking after your valuables -- or simply monitoring a mischievous pet.

They range in price from 20 bucks up to several hundreds of dollars and offer a variety of features and specs. I've highlighted three of my favorite models below to help guide your decision if you're on the hunt for a new indoor home security camera.

Let's start with price: The Wyze Cam only costs $20. In a sea of costly security cameras, the Wyze Cam offers a killer value. Couple that with its straightforward app, easy installation and solid performance -- and you have an excellent indoor home security camera.

The thing that sets it apart even more is its free two-week cloud storage and built-in microSD card slot for local storage. You have to buy a microSD card separately, but that's standard for most cams with local storage. It supports Alexa and Google Assistant voice commands and has a motion detection zone feature. Read more from CNET.

Read more: Top cheap home security devices in 2020

The $200 Netatmo Smart Indoor Camera, previously called the Netatmo Welcome, is one of the few indoor security cameras that works with HomeKit Secure Video. HomeKit Secure Video is a service that works with the iOS-only Home app. It offers 10 days of free event-based video history, stored in iCloud.

Few security camera companies offer free cloud storage anymore (ahem, Arlo) -- and even fewer offer 10 full days of free cloud storage. Wyze is an exception with its two weeks of free storage, which is one reason why it's my current favorite indoor cam.

The Smart Indoor Camera from Netatmo has 1080p HD live streaming, a 130-degree field of view, night vision and local storage with an included microSD card. It also has facial recognition capabilities when you create a database of friends and family members. In addition to working with HomeKit, the Smart Indoor Camera also supports Alexa and Google Assistant voice commands. Read more from CNET.

Read more: Our favorite DIY home security systems of 2020

At $299, the Nest Cam IQ Indoor is definitely pricey. But it also happens to have a ton of high-end features with a lot of appeal. First, it has 1080p HD live streaming, free person alerts and 4K image sensor. That 4K image sensor allows for a feature called "Supersight" that zooms in on a person and tracks them within the camera's field of view.

If you pay for Nest Aware, which starts at $5 per month, you get access to the facial recognition feature. With facial recognition, you can create a database of friends and family in the app and then receive custom alerts when the camera recognizes"Dave" or "Molly."

The Nest Cam IQ Indoor also has a built-in Google Assistant speaker for general or smart-home-specific voice commands. Read more from CNET.

Read more:

Now playing: Watch this: The Nest Cam IQ brings 4K for a high price

1:40

Read the original:
The best indoor home security cameras of 2020 - CNET

DALLAS-FORT WORTH, Texas, March 19, 2020 (GLOBE NEWSWIRE) -- Monitronics International, Inc. and its subsidiaries, doing business as Brinks Home Security, (Brinks Home Security or the Company) (OTC: SCTY) will issue a press release to report its results for the fourth quarter and full year ended December 31, 2019 after the market closes on Thursday, March 26, 2020. The Company will host a conference call that day at 5:00 PM ET, in which management will provide an update on Brinks Home Securitys financial results as well as other matters impacting the business including the Companys continued response to the COVID-19 Pandemic.

Participating on the call will be Brinks Home Securitys Interim Chief Executive Officer, William Niles and Executive Vice President and Chief Financial Officer, Fred Graffam.

To access the call please dial (833) 712-2984 from the United States, or (602) 563-8728 from outside the U.S. The conference call I.D. number is 1865698. Participants should dial in 5 to 10 minutes before the scheduled time.

A replay of the call can be accessed through April 2, 2020 by dialing (800) 585-8367 from the U.S., or (404) 537-3406 from outside the U.S. The conference call I.D. number is 1865698.

This call will also be available as a live webcast, which can be accessed at Brinks Home Securitys Investor Relations Website at https://ir.brinkshome.com/.

About Brinks Home Security

Brinks Home Security (OTC: SCTY) is one of the largest home security and alarm monitoring companies in the U.S. Headquartered in the Dallas-Fort Worth area, Brinks Home Security secures approximately 848,000 residential and commercial customers through highly responsive security solutions backed by expertly trained professionals. The Company has the nations largest network of independent authorized dealers providing products and support to customers in the U.S., Canada and Puerto Rico as well as direct-to-consumer sales of DIY and professionally installed products.

Contact:Erica Bartsch Sloane & Company212-446-1875ebartsch@sloanepr.com

The rest is here:
Brinks Home Security to Report Fourth Quarter and Full Year 2019 Results on March 26, 2020 - GlobeNewswire

In response to the unprecedented increase of remote and work-from-home workers, we are takingproactive steps to providecompanies across the globetools necessary to enable their employees to be immediately productive as they work remotely while ensuring that company resources anddata stayprotected.

Effective today, we are offering free, no-obligation use of our SSO and MFA products for six months.* Any company, regardless of the size, the number of employees, or deployed apps, can leverage our platform for secure and convenient access to their applications and endpoints.**

Our goal is toensure that companies impacted by thecurrent situationcanrapidly supporttheirremote employeeswhile keeping theirresources, applications, anddata safe.

The following functionality is included, withoutcost or long-termobligation,to any company:

To get started withIdaptive,all you need to doisfill outthis form.Thereis no need to provide a credit card or sign contracts.

If you have any questions,please reach out by calling(408) 495-8124 or sendingus an email our team will be happy to answer them!

Stay safe!

Go here to see the original:
Everybody Work From Home Idaptive is Ready to Help - Security Boulevard

As the world sits back and waits for Coronavirus to pass, the normally frantic pace of security news has slowed just a bit. Google is not exempt, and Chrome 81 has been delayed as a result. Major updates to Chrome and Chrome OS are paused indefinitely, but security updates will continue as normal. In fact, Google has verified that the security related updates will be packaged as minor updates to Chrome 80.

Speaking of COVID-19, researchers at Check Point Research stumbled upon a malware campaign that takes advantage of the current health scare. A pair of malicious RTF documents were being sent to various Mongolian targets. Created with a tool called Royal Road, these files target a set of older Microsoft Word vulnerabilities.

This particular attack drops its payload in the Microsoft Word startup folder, waiting for the next time Word is launched to run the next stage. This is a clever strategy, as it would temporarily deflect attention from the malicious files. The final payload is a custom RAT (Remote Access Trojan) that can take screenshots, upload and download files, etc.

While the standard disclaimer about the difficulty of attribution does apply, this particular attack seems to be originating from Chinese intelligence agencies. While the Coronavirus angle is new, this campaign seems to stretch back to 2017.

Its a fairly common practice to build web services with a dedicated front-end server, and then a back-end server or group of servers. I just recently migrated a handful of websites that I host to this paradigm, using an Nginx server as a shared front-end that routes traffic to the appropriate Apache back-end server. Nginx scales better than Apache, and it helps ration public IPv4 addresses. There is an attack that takes advantage of this arrangement: HTTP request smuggling.

When using a dedicated front-end, common practice is to share a TCP connection, and potentially an SSL connection, and send all the traffic to the back-end in a single shared stream. Particularly when using SSL, the performance gain is substantial. Using a shared stream does introduce a dose of extra complexity. What happens when the front-end interprets a request differently than the back-end, and how does the back-end make sure to keep requests separate?

Back in 2005, an attack was devised that took advantage of the problems inherent in these two questions. The original HTTP Request Smuggling attack (whitepaper) was as simple as including two Content-Length headers in a request. It was found that in some combinations of front-end and back-end software, the front-end would use the last Content-Length header to interpret the request, whereas the web server itself would use the first header. With a bit of careful request crafting, then, an attacker could send a single HTTP request to the front-end, and have that single request interpreted as two separate requests by the back-end. This seems like a rather unimpressive attack, until you consider that many deployments rely on the front-end server for request verification and security controls. If you can sneak a malicious request past the front-end by embedding it in one that is harmless, you may have a path to attack the back-end server directly.

Request Smuggling didnt catch on as a viable attack, and so much time has passed that all the major products automatically catch and mitigate this particular attack. Revealed at DEF CON 27, HTTP Desync is a new take on this old attack. Rather than specify content-length twice, this attack uses both content-length and chunked encoding. Its another approach to the same end goal, give two different lengths that are understood differently. There are a handful of clever techniques that [James Kettle] covered in his DEF CON talk, like adding non-standard white spaces in the Transfer-Encoding: chunked header. One end sees the header as non-standard and ignores it, and the other might clean up the whitespace before processing the headers, leading to desync.

You may think that SSL protects against this technique, but were describing a scenario where the SSL certificate is installed on the front-end server. All the incoming requests are decrypted and interleaved together, and then may or may not get re-encrypted en route to the back-end. Because its that interleaving that gives rise to this class of vulnerability, the SSL connection doesnt have an impact.

What can you actually do with this sort of attack? Bypass source IP restrictions to a certain endpoint, to name the simplest. Have your WordPress sites /wp-admin page restricted to just one IP address? An HTTP Desync can bypass that restriction. In another example, [James] was able to dump all the custom HTTP headers the front-end was using, and then spoof some of those headers to gain admin access to an entire web service. The whole talk is great, check it out below:

The related news from this week, [Emile Fugulin] took a look at HTTP Desyncs and discovered that Amazons Application Load Balancer is potentially vulnerable in its default configuration, when paired with a Gunicorn back-end. If youre using ALB, he suggests looking at the routing.http.drop_invalid_header_fields.enabled option, and turning it on if you can. Gunicorn has been patched, so go make sure youre running the latest version there, as well.

Well this is awkward. Trend Micro disclosed a set of five security bugs in its products, and revealed that two of them have been actively exploited by attackers. The details are a bit sparse, but it seems that the two attacks found in the wild require some level of authentication before they could be exploited. The two vulnerabilities that seem the most alarming are CVE-2020-8598 and CVE-2020-8599, both of which allow remote compromise before any authentication. Its humorous to see that the vulnerability bulletin lists a mitigating factor, paraphrased: You have a firewall and NAT, right? If you use Trend Micro, make sure its up to date, and maybe do a quick audit on what ports are open on your workstations.

This story sneaked in just in time. An unnamed security researcher discovered a flaw in Netflixs handling of session cookies, combined with their use of unsecured HTTP connections for a few endpoints. Yes, Netflix is still vulnerable to Firesheep.

That could have been the end of the story Netflix should have made their bug bounty payment, fixed their unsecured subdomain, and all would be well. Instead, when our anonymous researcher submitted his finding through Bugcrowd, the firm that handles Netflixs bug bounty program, the official response was that this finding is out-of-scope for a reward. Thats not surprising, its normal for a researcher to disagree with the target company about how important a vulnerability is. As one might expect, once the researcher was told his findings were out-of-scope, he made them public and shortly got an official scolding from Bugcrowd. Apparently an out-of-scope bug submission is still in-scope enough to be kept secret. Even more concerning, Bugcrowds documentation doesnt seem to include a set timeline, but implies that all disclosure must first receive the target companys permission.

Bug-bounties are great, but Bugcrowd puts researchers into an ugly catch-22. I think its ethically rotten to refuse a payout, and then continue to hold a researcher over the barrel on an issue.

Thats it for this week, stay safe and do some security research!

Read the original post:
This Week In Security: Working From Home Edition - Hackaday