Security News

"Authorities and election officials know this is the case and have taken precautions to try to ensure a safe election. These include election infrastructure assessment and securing voting registration systems. However, given the recent hack involving Hall County, Ga., where election data was released to public for failure to pay a ransom, it really brings into question how effective the measures will be in the final stretch of the election." "If ransomware hits a county, the mail-in count will be thrown into question. Because Republicans are known to vote in person on election day and Democrats favor mail-in ballots, this is a danger."

DHS CISA and the FBI today shared more info on how an Iranian state-sponsored hacking group was able to harvest voter registration info from U.S. state websites, including election sites. The attempts to download voter info from election websites took place between September 29 and October 17, 2020, according to the advisory.

Threatpost breaks down the scariest stories of the week ended Oct. 30 haunting the security industry -- including bugs that just won't die.

The US government, in full pre-presidential election high alert, has issued a warning about an evolved strain of backdoor malware from a Russian offensive cyber unit. The Zebrocy backdoor, warned the CISA infosec agency, has evolved - and while the agency didn't explicitly link it to Russia, previous research from the private sector made it abundantly clear who the malware's operators are.

As America counts down to the November 3 elections, things are tense for political campaigns. The Republican Party of Wisconsin, a key battleground state which President Trump won in 2016 by less than 1 per cent, has admitted that it lost $2.3m earlier this month to business email deception - where phishing emails harvest credentials and use these to submit fake or altered invoices for services rendered.

While 2020 has brought many challenges, perhaps the most critical from a social perspective is how we have intertwined mobile devices into our daily lives. We've seen a similar tactic used in an ongoing mobile phishing campaign that sends a message purporting to be a missed package delivery with a link to a fake claim page that is a mobile phishing attack.

A recent attack on Tyler Technologies, a software provider for local governments across the US, highlighted the concerns held across the nation and left many to wonder if the software providers in charge of presidential election data might suffer a similar fate. The best defense also integrates cybersecurity and data protection, as removing segmentation streamlines the process of detecting and responding to attacks, while simultaneously recovering systems and data.

An election security report released by Valimail exposed some significant issues with email security which could have the potential to disrupt the 2020 elections. Just 7% of the largest counties' domains are protected, an increase of just 2 percentage points from 2019.Only one of the eight election systems manufacturers certified by the US government is protected from email spoofing.

Hackers seeking to sow chaos in the November 3 election are hard at work - but some experts say they don't need to be successful to have an impact. Simply the perception of breaching election systems could have the same effect of undermining confidence in the outcome and opening the door to discrediting the results.

Through disinformation campaigns, foreign adversaries attempt to exploit the fear and uncertainty among US voters, says Digital Shadows. The 2016 presidential election was marked by meddling most notably from Russian agents who attempted to influence voters through disinformation on social media and other platforms.