Security News

Because of the CISA's support of a fair election process, the White House is expected to call for Krebs' resignation, according to a Reuters report, citing sources close to the CISA chief. Upon hearing the news, lawmakers and other observers took to Twitter and to praise the job Krebs has done as CISA director, nothing how he put aside partisanship to work for a common goal to protect U.S. cybersecurity infrastructure and the election process.

Two election committees of the U.S. Department of Homeland Security issued a joint statement on Thursday saying there was no evidence of voting systems being compromised, noting that the recent election "Was the most secure in American history." "Other security measures like pre-election testing, state certification of voting equipment, and the U.S. Election Assistance Commission's certification of voting equipment help to build additional confidence in the voting systems used in 2020.".

The Cybersecurity and Infrastructure Security Agency on Friday informed users about the availability of patches for two remote code execution vulnerabilities that affect Windows Codecs Library and Visual Studio Code. Residing in Visual Studio Code and tracked as CVE-2020-17023, the second vulnerability can be triggered when the user opens a malicious 'package.

The U.S. Cybersecurity and Infrastructure Security Agency warns of an increase in attacks targeting state and local governments with the Emotet Trojan. Active for over a decade, Emotet is a Trojan mainly used to drop additional malware onto compromised systems.

Emotet attacks have targeted multiple state and local governments in the U.S. as part of potentially targeted campaigns that have been ramping up since August, the Cybersecurity and Infrastructure Security Agency said in an alert published today. Since August, the two organizations "Have seen a significant increase in malicious cyber actors targeting state and local governments with Emotet phishing emails."

DDoS attacks would either slow down election-related public-facing websites or render them inaccessible, thus preventing voters from staying updated with voting information or from accessing voting results. "The public should be aware that if foreign actors or cyber criminals were able to successfully conduct DDoS attacks against election infrastructure, the underlying data and internal systems would remain uncompromised, and anyone eligible to vote would still be able to cast a ballot," the FBI and CISA note.

Threat actors are expected to spread false information regarding hacked voter information and voting systems, the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency say in an alert. At the time, the agencies noted that disinformation campaigns might leverage websites, social media, and other venues to disseminate false information about voter suppression, cyber-attacks on election infrastructure, fraud, and other issues.

The U.S. Cybersecurity and Infrastructure Security Agency has issued an alert to warn of attackers actively targeting a recently addressed vulnerability in the Microsoft Windows Netlogon Remote Protocol. The vulnerability allows an unauthenticated attacker connected to a domain controller using Netlogon to gain domain administrator access.

A threat actor was able to compromise the network of a federal agency and create a reverse proxy and install malware, the Cybersecurity and Infrastructure Security Agency reported on Thursday. Following initial access, the threat actor started gathering information of interest from email accounts, enumerated the Active Directory and Group Policy key, modified a registry key for the Group Policy, and enumerated compromised systems.

The U.S. Cybersecurity and Infrastructure Security Agency is warning that the LokiBot info-stealing trojan is seeing a surge across the enterprise landscape. LokiBot targets Windows and Android endpoints, and spreads mainly through email.