Security News

Senators Mark Warner and Susan Collins this week introduced an amendment to the Help America Vote Act that would require the nation's Election Assistance Commission to include penetration testing in its certification process of voting hardware and software. That tech would need to undergo pen testing before it could be used in elections.

The aftermath of the 2020 election put an intense spotlight on voting machines as supporters of former President Donald Trump claimed victory was stolen from him. While the theories were unproven - and many outlandish and blatantly false - election security experts say there are real concerns that need to be addressed.

It turns out that ES&S has bugs in their hash-code checker: if the "Reference hashcode" is completely missing, then it'll say "Yes, boss, everything is fine" instead of reporting an error. It's simultaneously shocking and unsurprising that ES&S's hashcode checker could contain such a blunder and that it would go unnoticed by the U.S. Election Assistance Commission's federal certification process.

Voting machine-maker Election Systems & Software has formally announced a vulnerability disclosure policy, Wednesday, during a Black Hat USA 2020 session. The adoption of safe-harbor language marks a drastic turnaround from how the voting-machine vendor has interacted with the research community in previous years.

Just as America was getting a grip on improving the security of its electronic ballot boxes, the coronavirus pandemic hit, throwing a potential surge in remote voting unexpectedly into the mix, the Black Hat hacking conference was told today. In his keynote address to the now-virtual infosec confab, Georgetown Professor Matt Blaze said election officials will likely have to deal with a larger-than-normal number of citizens voting by mail, rather than in person, and all that entails, as people are encouraged to socially distance and stay away from crowds to curb the COVID-19 virus outbreak.

In a RSA 2020 simulation, the Red Team compromised email accounts, created deepfake videos and spread disinformation on Election Day in Adversaria. At RSA 2020, Cybereason assembled a group of journalists and other conference attendees to be the Red Team, in charge of creating just enough chaos to cause residents of the fictional city Adversaria to doubt the results of the election.

The CEOs of the three largest voting machine manufacturers testified before a U.S. Congressional committee on Thursday that they would be open to greater federal oversight of their equipment to help ensure the security of voting data in upcoming elections, including the 2020 presidential contest. The three companies - Election Systems and Software, Dominion Voting Systems and Hart InterCivic - have close to 350,000 voting machines deployed across the U.S. and represent more the 80 percent of the country's voting machines, according to NBC News.

Study Aims to Show Links Between U.S. Voting Infrastructure and Nations With a Proven Aptitude and Desire to Target Elections read more

Study Recommends Federal Certification Program for Vendors Providing Election InfrastructureA new report calls for the creation of a federal certification program that makes sure vendors that...

DEF CON Voting Village Study Highlights Security Loopholes in Voting MachinesU.S. voting machines remain susceptible to tampering, hacking and security vulnerabilities despite warnings from...