Security News

US officials and cyber experts warned Tuesday that the voting debacle in the Democratic caucuses in Iowa underscored the vulnerabilities in the country's election infrastructure in everything from hacking to trust-eroding conspiracy theories. The technology problems which have prevented a complete vote count in the first test for the 2020 election were founded on what experts described as a poorly-tested, poorly performing vote reporting smartphone app.

EU companies aren't taking out insurance against attacks on online assets because the companies selling coverage aren't organised enough - while Brits are more likely to pay off ransomware crooks than others. The "What is covered" argument was sharply highlighted by a number of high-profile court cases brought by insurance companies against their own customers, in efforts to evade paying out in the aftermath of cyber incidents.

Now can't be an easy time to be a professional drone pilot working for the US Department of the Interior. Until the issue is resolved, the only DOI drone flights allowed will be those connected to emergencies - monitoring wildfires and floods, both uses that underscore the importance of drones to the agency's work.

The United States on Thursday welcomed the European Union's new rules on fifth-generation internet but pressed them to go further after the bloc resisted Washington's pressure to ban China's Huawei directly. The European Union, setting guidelines that mirror those announced a day earlier by Britain, said Wednesday that countries should ban telecoms operators deemed to be a security risk.

A spear-phishing campaign targeted a U.S. government agency for several months last year using emails with content about North Korea geopolitics as a lure, according to an analysis from Palo Alto Networks' Unit 42. It targeted five employees at a U.S. government agency - which the report did not identify - as well as two foreign nationals who had professional ties to North Korea, according to the Unit 42 report.

The U.S. Cybersecurity and Infrastructure Security Agency on Wednesday warned that it's seen a surge in targeted attacks using a sophisticated strain of malware called Emotet. "The Cybersecurity and Infrastructure Security Agency is aware of a recent increase in targeted Emotet malware attacks," its Emotet alert reads.

The United States pressed France on Wednesday to take "Strong security measures" against potential breaches from 5G services provided by Chinese telecommunications firm Huawei, saying failure to do so could imperil intelligence exchanges. The United States did not ask France for a Huawei ban, he said, but for strong protections against potential "Malicious intrusions" from software and firmware updates of any systems provided by the company.

The U.S. Cyber Command's campaign to hack ISIS and disrupt its media operations faced some challenges, including a lack of data storage, but ultimately proved successful, according to government documents from 2016 that were made public Tuesday. The heavily-redacted documents published by the National Security Archive, a not-for-profit research organization, show that U.S. Cyber Command was not prepared to handle the amount of information it collected when it hacked ISIS. The command, which is part of the U.S. Defense Department and includes units from all military branches, also faced problems with interagency coordination and the lengthy process of vetting ISIS cyber targets.

The US military claims to have "Successfully" disrupted the online propaganda efforts of the Islamic State in a hacking operation dating back at least to 2016, according to declassified national security documents released Tuesday. The heavily redacted, previously top secret documents said the US Cyber Command "Successfully contested ISIS in the information domain" and limited its online efforts on radicalization and recruitment "By imposing time and resource costs" on the jihadist group.

Governments in the US and China are at the front of the line when it comes to knocking on Apple's door to request user data relating to fraud/phishing, according to the company's latest transparency report. Like any tech company that handles user data, Apple gets different types of requests: those that are made when an account holder is in imminent danger, those from law enforcement agencies trying to help people find their lost or stolen devices, those asking for Apple's help when thieves rip off credit card data so they can buy Apple products or services on somebody else's dime, and in situations where investigators think an account's been used to do something illegal.