Security News

More than 1,500 fraudulent votes were cast in the early hours of Monday in the country's annual bird election, briefly pushing the Little-Spotted Kiwi to the top of the leaderboard, organizers and environmental organization Forest & Bird announced Tuesday. Those votes - which were discovered by the election's official scrutineers - have since been removed.

Despite ongoing unsubstantiated claims of fraud from the outgoing Trump administration, senior election officials charged with securing the 2020 vote on Thursday said they had done so successfully. "The November 3rd election was the most secure in American history," said the Elections Infrastructure Government Coordinating Council and the Election Infrastructure Sector Coordinating Council Executive Committees in a joint statement, along with the US government's Cybersecurity and Infrastructure Security Agency and other organizations.

What's more, the voting itself was remarkably smooth. There were not clear rules in many states for voting by mail or sufficient opportunities for voting early.

Plenty of voter data is public in Arizona - but Social Security numbers and DoBs are supposed to be kept confidential. The security issue comes to light amid attacks targeting voters and voter data.

Threat actors have taken advantage of the ongoing uncertainty around the 2020 U.S. election to unleash a new malspam campaign aimed at spreading the Qbot trojan. Criminals behind Qbot resurfaced the day after the election with a wave of spam emails that attempt to lure victims with messages claiming to have information about election interference, according to new researchers.

Consumer anxiety regarding the election results had a muted impact on online shopping activities on Election Day, Nov. 3. Adobe's report noted that today, the day after the election, there will be an expected 13% drop in sales, versus the previous three days, in which online sales increased by 31%. "To be clear," said Taylor Schreiner, director at Adobe Digital Insights, "We're not basing our forecast on who wins the presidency, rather we're looking at people's propensity to shop online during an election cycle, based on historical context."

The Qbot botnet is now spewing U.S. election-themed phishing emails used to infect victims with malicious payloads designed to harvest user data and emails for use in future campaigns. "In addition to stealing and exfiltrating data from its victims, QBot will also start grabbing emails that will later be used as part of the next malspam campaigns," Malwarebytes' Jérôme Segura and Hossein Jazi explain.

SaltStack has officially revealed three bugs in its code - two of them seemingly critical - and told users: "We strongly recommend that you prioritize this update." But the biz appears to have known about the bugs for months and quietly patched them over the summer. SaltStack offers open-source, Python-based automation tools.

Social media firms remained on high alert Tuesday against Election Day misinformation and manipulation efforts as polling places began closing in the US and focus turned to tallying ballots. "Our Election Operations Center will continue monitoring a range of issues in real time - including reports of voter suppression content," said a Facebook statement posted on Twitter.

Russian interference has been minimal so far in the most tempestuous U.S. presidential election in decades. Election officials fear a "Blend" of overlapping attacks intended to undermine voter confidence and incite political violence: taking over state or local government websites to spread misinformation, crippling election results-reporting websites with denial-of-service attacks, hijacking officials' social media accounts and making false claims about rigged voting.