Feed aggregator

NEWARK (WCMH) – A man arrested and accused of domestic violence and strangulation will also face an attempted murder charge.

A woman who was found unresponsive and hospitalized on March 17, died six days later from an alleged assault. The incident occurred in the 200 block of Eddy Street, near Newark’s Granville Street, where the woman was located in the back seat of a vehicle.

The Newark Division of Police said upon arrival 21-year-old Talia Smith was not breathing, but after performing life-saving measures medics were able to obtain a pulse. She was taken to Licking Memorial Hospital, then later flown by emergency helicopter to Grant Medical Center in Columbus.

Smith, who was pronounced dead at 6:24 p.m. Saturday, reportedly had numerous contusions and abrasions in various stages of healing, with some appearing to have been recently caused, police said. Newark detectives obtained search warrants for the car and the residence of 22-year-old Andrew Hoskinson.

Evidence of domestic violence was collected, including information that the victim had been strangled as part of ongoing violence.

Hoskinson was charged Sunday with domestic violence and strangulation. The Licking County Prosecutor’s Office later added a charge of attempted murder and will review the case for any potential additional charges, pending the results of an autopsy.

Newark police continues to investigate the case and ask that anyone with any information call 740-670-7215.

NEW ALBANY (WCMH) – A man playing basketball in New Albany was allegedly offered a vape cartridge and robbed at gunpoint by two others Sunday afternoon.

According to the New Albany Police Department, an officer responded to reports of a person with a gun at James River Park, near the intersection of James River Road and Evelyton Road. Police met the victim who said he was playing basketball when two male individuals stopped by the park and began to play basketball with him.

The victim said that the suspects then offered him a “cart,” referring to a marijuana vape cartridge, and the three went to the suspect's vehicle. Once inside the car, one suspect drove north towards U.S. Route 62 while the other pointed a gun at the victim in the back seat.

The victim said the driver, whom he knew as “Andre,” told him to empty his pockets and kept yelling, “I will kill you” and “I just got out of jail.” Police said the driver repeatedly hit the victim in the head and neck and told him again to empty his pockets.

Police said the suspects took the victim's Apple iPhone 14, a blue Cheetah phone case, Oakley sunglasses, and Bose headphones. Once at U.S. 62, the suspects told the victim to get out of the car and they would give him his phone back. They drove off without doing so, police said.

Andre Carl, 20, of Columbus’ Northgate neighborhood, was arrested on aggravated robbery charges, according to New Albany police. He was issued a $150,000 bond in Franklin County Municipal Court and is scheduled to appear in court again on April 4 for a preliminary hearing.

Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple’s password reset feature. In this scenario, a target’s Apple devices are forced to display dozens of system-level prompts that prevent the devices from being used until the recipient responds “Allow” or “Don’t Allow” to each prompt. Assuming the user manages not to fat-finger the wrong button on the umpteenth password reset request, the scammers will then call the victim while spoofing Apple support in the caller ID, saying the user’s account is under attack and that Apple support needs to “verify” a one-time code.

Some of the many notifications Patel says he received from Apple all at once.

Parth Patel is an entrepreneur who is trying to build a startup in the cryptocurrency space. On March 23, Patel documented on Twitter/X a recent phishing campaign targeting him that involved what’s known as a “push bombing” or “MFA fatigue” attack, wherein the phishers abuse a feature or weakness of a multi-factor authentication (MFA) system in a way that inundates the target’s device(s) with alerts to approve a password change or login.

“All of my devices started blowing up, my watch, laptop and phone,” Patel told KrebsOnSecurity. “It was like this system notification from Apple to approve [a reset of the account password], but I couldn’t do anything else with my phone. I had to go through and decline like 100-plus notifications.”

Some people confronted with such a deluge may eventually click “Allow” to the incessant password reset prompts — just so they can use their phone again. Others may inadvertently approve one of these prompts, which will also appear on a user’s Apple watch if they have one.

But the attackers in this campaign had an ace up their sleeves: Patel said after denying all of the password reset prompts from Apple, he received a call on his iPhone that said it was from Apple Support (the number displayed was 1-800-275-2273, Apple’s real customer support line).

“I pick up the phone and I’m super suspicious,” Patel recalled. “So I ask them if they can verify some information about me, and after hearing some aggressive typing on his end he gives me all this information about me and it’s totally accurate.”

All of it, that is, except his real name. Patel said when he asked the fake Apple support rep to validate the name they had on file for the Apple account, the caller gave a name that was not his but rather one that Patel has only seen in background reports about him that are for sale at a people-search website called PeopleDataLabs.

Patel said he has worked fairly hard to remove his information from multiple people-search websites, and he found PeopleDataLabs uniquely and consistently listed this inaccurate name as an alias on his consumer profile.

“For some reason, PeopleDataLabs has three profiles that come up when you search for my info, and two of them are mine but one is an elementary school teacher from the midwest,” Patel said. “I asked them to verify my name and they said Anthony.”

Patel said the goal of the voice phishers is to trigger an Apple ID reset code to be sent to the user’s device, which is a text message that includes a one-time password. If the user supplies that one-time code, the attackers can then reset the password on the account and lock the user out. They can also then remotely wipe all of the user’s Apple devices.

Chris is a cryptocurrency hedge fund owner who asked that only his first name be used so as not to paint a bigger target on himself. Chris told KrebsOnSecurity he experienced a remarkably similar phishing attempt in late February.

“The first alert I got I hit ‘Don’t Allow’, but then right after that I got like 30 more notifications in a row,” Chris said. “I figured maybe I sat on my phone weird, or was accidentally pushing some button that was causing these, and so I just denied them all.”

Chris says the attackers persisted hitting his devices with the reset notifications for several days after that, and at one point he received a call on his iPhone that said it was from Apple support.

“I said I would call them back and hung up,” Chris said, demonstrating the proper response to such unbidden solicitations. “When I called back to the real Apple, they couldn’t say whether anyone had been in a support call with me just then. They just said Apple states very clearly that it will never initiate outbound calls to customers — unless the customer requests to be contacted.”

Massively freaking out that someone was trying to hijack his digital life, Chris said he changed his passwords and then went to an Apple store and bought a new iPhone. From there, he created a new Apple iCloud account using a brand new email address.

Chris said he then proceeded to get even more system alerts on his new iPhone and iCloud account — all the while still sitting at the local Apple Genius Bar.

Chris told KrebsOnSecurity his Genius Bar tech was mystified about the source of the alerts, but Chris said he suspects that whatever the phishers are abusing to rapidly generate these Apple system alerts requires knowing the phone number on file for the target’s Apple account. After all, that was the only aspect of Chris’s new iPhone and iCloud account that hadn’t changed.

“Ken” is a security industry veteran who spoke on condition of anonymity. Ken said he first began receiving these unsolicited system alerts on his Apple devices earlier this year, but that he has not received any phony Apple support calls as others have reported.

“This recently happened to me in the middle of the night at 12:30 a.m.,” Ken said. “And even though I have my Apple watch set to remain quiet during the time I’m usually sleeping at night, it woke me up with one of these alerts. Thank god I didn’t press ‘Allow,’ which was the first option shown on my watch. I had to scroll watch the wheel to see and press the ‘Don’t Allow’ button.”

Ken shared this photo he took of an alert on his watch that woke him up at 12:30 a.m. Ken said he had to scroll on the watch face to see the “Don’t Allow” button.

Unnerved by the idea that he could have rolled over on his watch while sleeping and allowed criminals to take over his Apple account, Ken said he contacted the real Apple support and was eventually escalated to a senior Apple engineer. The engineer assured Ken that turning on an Apple Recovery Key for his account would stop the notifications once and for all.

A recovery key is an optional security feature that Apple says “helps improve the security of your Apple ID account.” It is a randomly generated 28-character code, and when you enable a recovery key it is supposed to disable Apple’s standard account recovery process. The thing is, enabling it is not a simple process, and if you ever lose that code in addition to all of your Apple devices you will be permanently locked out.

Ken said he enabled a recovery key for his account as instructed, but that it hasn’t stopped the unbidden system alerts from appearing on all of his devices every few days.

KrebsOnSecurity tested Ken’s experience, and can confirm that enabling a recovery key does nothing to stop a password reset prompt from being sent to associated Apple devices. Visiting Apple’s “forgot password” page — https://iforgot.apple.com — asks for an email address and for the visitor to solve a CAPTCHA.

After that, the page will display the last two digits of the phone number tied to the Apple account. Filling in the missing digits and hitting submit on that form will send a system alert, whether or not the user has enabled an Apple Recovery Key.

The password reset page at iforgot.apple.com.

What sanely designed authentication system would send dozens of requests for a password change in the span of a few moments, when the first requests haven’t even been acted on by the user? Could this be the result of a bug in Apple’s systems?

Apple has not yet responded to requests for comment.

Throughout 2022, a criminal hacking group known as LAPSUS$ used MFA bombing to great effect in intrusions at Cisco, Microsoft and Uber. In response, Microsoft began enforcing “MFA number matching,” a feature that displays a series of numbers to a user attempting to log in with their credentials. These numbers must then be entered into the account owner’s Microsoft authenticator app on their mobile device to verify they are logging into the account.

Kishan Bagaria is a hobbyist security researcher and engineer who founded the website texts.com (now owned by Automattic), and he’s convinced Apple has a problem on its end. In August 2019, Bagaria reported to Apple a bug that allowed an exploit he dubbed “AirDoS” because it could be used to let an attacker infinitely spam all nearby iOS devices with a system-level prompt to share a file via AirDrop — a file-sharing capability built into Apple products.

Apple fixed that bug nearly four months later in December 2019, thanking Bagaria in the associated security bulletin. Bagaria said Apple’s fix for that bug was to add stricter rate limiting on AirDrop requests, and he suspects that someone has figured out a way to bypass Apple’s rate limit on how many of these password reset requests can be sent in a given timeframe.

“I think this could be a legit Apple rate limit bug that should be reported,” Bagaria said.

POWELL, Ohio (WCMH) -- A lone central Ohio Target will soon have a series of retail neighbors, as developers are nearing construction on a new 43,000-square-foot shopping center next to the department store.

Named "The Shoppes at Wedgewood," the complex will be built on a vacant 6.1-acre site to the left of the Target store at 10560 Sawmill Parkway in Powell, according to the property's leasing listing. The shopping district will feature retail units ranging from 1,600 square feet to 20,000 square feet available for lease.

More than 300 parking spaces will be dedicated to Wedgewood, in addition to the 475-space parking lot home to Target. The listing argues the complex is a prime location for prospective tenants, along a "desired shopping corridor" with businesses like Skyline Chili, Taco Bell, Tire Discounters and WesBanco.

• The Shoppes at Wedgewood will be built on a vacant 6.1-acre site to the left of the Powell Target store. (Courtesy Photo/City of Powell)
• The Shoppes at Wedgewood will be built on a vacant 6.1-acre site to the left of the Powell Target store. (Courtesy Photo/City of Powell)

"Infill site surrounded by residential, retail and office rooftops making it a highly visible and desirable location in one of Ohio's fastest growing trade corridors," the listing states, which says the lease rate will be $28 per square foot per year, but does not provide an exact construction timeline.

The Powell center is led by two central Ohio companies, Saberi Development and Transform Construction. The two recently paired to build a mixed-use complex in Westerville, including an 11,000-square-foot building under construction at 21 W. College St. that will be home to Ampersand Asian Supper Club's second location.

Other developments taking shape in Powell include a revamp of the city's downtown, with co-working business COhatch one of the main developers tasked with transforming a section at North Liberty and East Olentangy streets.

In addition, Ohio State's Wexner Medical Center is expected to start building a $183 million outpatient campus in Powell this spring, a years-long effort once regarded as the "largest economic development project" in the city’s history.

GRANDVIEW HEIGHTS, Ohio (WCMH) - A bar has recently opened inside of a music hall.

I Like It Like That Bar, located at 945 King Ave., opened earlier this month inside of Natalie's Grandview. According to the bar's website, inspiration for the name of the bar comes from the song by Chris Kenner.

The 21-and-over spot serves a variety of classic cocktails, along with mixed drinks called "hooch concoctions" where patrons can choose from a list of specialty sips made with rum, gin, and more. The bar also offers "giggle water" which is a variety of red and white wines, champagne and more. I Like It Like That also offers nonalcoholic options and mocktails as well.

While trying out drinks, the cocktail bar also has several snacks and small plates to choose from, along with pizza and dessert.

I Like It Like That Bar is open Wednesday through Saturday. Dinner reservations can be made from 5 to 9:30 p.m. and after hours are set for 10 p.m. to midnight Wednesday and Thursday and from 10 p.m. to 1 a.m. Friday and Saturday.

COLUMBUS, Ohio (WCMH) -- March is National Social Work Month, and Columbus is using the opportunity to recognize and celebrate the contributions of the profession.

The theme for Social Work Month in 2024 is "Empowering Social Workers," which Columbus City Council recognized at a recent meeting. Councilmember Melissa Green, a licensed social worker, said the work often goes unnoticed.

"We're really trying to elevate and shine a light on the important role that social workers play across our community," Green said. "People historically, in my experience also being a social worker, have sort of had a very one-dimensional view of what it means to be a social worker."

Green said social work is a diverse field that includes people from different positions and sectors, all with the mission of advocating for social justice and the welfare of a community's most at-risk and vulnerable populations.

"You'll find social workers in our schools or in behavioral health care, certainly in our child welfare system, and even in elected positions, like being on city council," Green said.

Danielle Smith, executive director of the National Association of Social Workers' state chapter, echoed that point.

"Every person, whether they know it or not, has benefited from a social worker," Smith said. "We often have other job titles like a therapist or counselor or director. So, you might not realize that you've worked with a social worker, but social workers are in every practice setting, doing work to help folks live happy and healthy lives."

Green announced a new partnership Monday related to social work. A program from NASW Ohio, Kaleidoscope Youth Center, Tepper Counseling, and SAIGE Ohio will train mental health professionals in gender-affirming care. The partnership was launched ahead of International Transgender Day of Visibility on Sunday.

Smith said the passage of House Bill 68, which will prohibit children’s hospitals from providing gender-affirming treatment to minors once it takes effect in April, highlighted the need for social workers. The funding will help local social workers update their practices to reflect changes in the state.

"For social workers that keep providing mental health services to gender-diverse youth, there's a lot of considerations of how their practices are going to need to change," Smith said.

There are other ways that social workers can help with those seeking gender-affirming care, according to Smith.

"Social workers also help with case management and can help families who need to go out of state to access medical gender affirming care, who need other resources, like housing or support in other ways," Smith said. "Social workers can help across the board in both medical and mental health spaces."

For an earlier report on this story, view the video player above.

CIRCLEVILLE (WCMH) – For the second time in two weeks a police chief in Circleville has been placed on administrative leave.

According to a statement from the City of Circleville, Acting Chief of Police Doug Davis was placed on administrative leave, with pay, due to alleged employee misconduct. The statement said that the department is “in the capable hands of experienced leaders within the Agency,” but did not publicly name an interim successor.

The statement said the city took this action, “in order to protect the integrity of the department while the investigation is ongoing.”

Details of an investigation were not released, though a letter submitted to Davis by Circleville Mayor Michelle Blanton cited “potential misconduct”.

The decision to place Davis on leave comes two weeks after Shawn Baer was placed on administrative leave for alleged harassment, intimidation, retaliation, threats of discipline, misuse of position, improper expenditures, failure to adhere to deadlines and timekeeping violations.

The Circleville Police Department continues its recent run of controversy after an incident in July 2023, when one of its officers, Ryan Speakman, unleashed a K-9 on a truck driver during a traffic stop on U.S. Highway 23, which began on U.S. 35.

Speakman was initially fired by the Circleville Police Department but he contested the decision by filing a grievance through the Ohio Patrolman’s Benevolent Association. He received a $40,000 lump sum payment after submitting a voluntary letter of resignation. The City of Circleville also settled with the truck driver, Jadarrius Rose, for $225,000.

The chief, who reviewed the incident two days after it occurred, said that Speakman was fired not for the incident itself, but only after receiving reports that, “he was crying and talking with other employees about being stressed over the July 4, 2023, K-9 deployment.”

Baer ordered Speakman to stop communication about the incident, but the chief would later receive more reports about Speakman discussing the incident with fellow officers, dispatchers, the city’s Director of Public Safety with another employee present, and family members.

COLUMBUS, Ohio (WCMH) -- Fat Girl Bakery, a central Ohio confectionary with vibrant cakes, cookies and cupcakes, announced the bakeshop will permanently shutter after relocating its storefront less than a year ago.

The bakery at 6457 N. Hamilton Road, between New Albany and Westerville, is closing on Saturday, Fat Girl Bakery's owner announced on social media. The closure comes after the bakeshop relocated its Lewis Center storefront in May 2023.

"Our move was financially too much, and we just were never able to climb back with such high overhead," the social media post said. "I can't thank all of you enough for being a part of my journey. I don't feel this is the end of my story honestly but it's what needs to happen next."

While Fat Girl Bakery will maintain normal operating hours until then, the bakeshop said it is prioritizing in-store sales and will not be accepting orders.

The confectionery warned in a January social media it would "be next on the closing list if things don't change quickly." The owner cited personal medical issues and pleaded with patrons, stating, "We need you. Or we will have to close our doors soon."

Fat Girl Bakery is one of several Westerville businesses that has closed recently, including Winking Lizard Tavern which shuttered in December and Chick'nCon which closed its storefront in November after less than one year after opening.

DiCarlo's Pizza had also closed in Westerville last fall, but is reopening this spring under direct management of the DiCarlo family.

Vertex AI Studio is an online environment for building AI apps, featuring Gemini, Google’s own multimodal generative AI model that can work with text, code, audio, images, and video. In addition to Gemini, Vertex AI provides access to more than 40 proprietary models and more than 60 open source models in its Model Garden, for example the proprietary PaLM 2, Imagen, and Codey models from Google Research, open source models like Llama 2 from Meta, and Claude 2 and Claude 3 from Anthropic. Vertex AI also offers pre-trained APIs for speech, natural language, translation, and vision.

To read this article in full, please click here

Vertex AI Studio is an online environment for building AI apps, featuring Gemini, Google’s own multimodal generative AI model that can work with text, code, audio, images, and video. In addition to Gemini, Vertex AI provides access to more than 40 proprietary models and more than 60 open source models in its Model Garden, for example the proprietary PaLM 2, Imagen, and Codey models from Google Research, open source models like Llama 2 from Meta, and Claude 2 and Claude 3 from Anthropic. Vertex AI also offers pre-trained APIs for speech, natural language, translation, and vision.

To read this article in full, please click here

An ever-increasing number of employers are experiencing the many benefits of artificial intelligence throughout their human resources practices—from candidate personalization, conversational experiences, matching and scoring algorithms and AI-generated insights.

With the emergence of generative AI, HR tech products are starting to build use cases to optimize communication among recruiters, managers, candidates, and employees as well as build assistants to boost HR productivity. These technologies are also assisting HR teams to build better employee retention and growth strategies and helping them transform into a skills-based organization.

To read this article in full, please click here

Years ago, I found myself sitting in a conference room dealing with a question that I’ve gotten thousands of times in my career: Was the technology I was representing, which I created as the CTO of an enterprise technology company (I’m being purposely vague), the right fit for a specific customer problem that I had just learned about in that conference room?

This would have been an easy sale and one that we needed to make our quarter. All I needed to do was agree with the customer, who was already convinced that my technology was a “perfect fit.” Instead, I explained that a competitor’s technology was likely a better fit and had the features and functions needed for this problem. The salesperson shot daggers at me from across the table. Commission gone.

To read this article in full, please click here