26 matches found
How to avoid election related scams
With the US election campaigns at full throttle, scammers have taken a renewed interest in the ways this can be used to defraud people, often using the same tactics legitimate campaigns leverage for support emails, text messages, phone calls, and social media pleas. The lure that we have seen the...
When Get-Out-The-Vote Efforts Look Like Phishing
Multiple media reports this week warned Americans to be on guard against a new phishing scam that arrives in a text message informing recipients they are not yet registered to vote. A bit of digging reveals the missives were sent by a California political consulting firm as part of a well-meaning...
Problems with Georgia’s Voter Registration Portal
Its possible to cancel other peoples voter registrations: On Friday, four days after Georgia Democrats began warning that bad actors could abuse the states new online portal for canceling voter registrations, the Secretary of States Office acknowledged to ProPublica that it had identified multipl...
Strava heatmap loophole may reveal users' home addresses
Researchers at NC State University have outlined potential privacy issues with popular fitness app Strava which could lead to users' homes being pinpointed. The researchers' findings are detailed in a paper called Heat marks the spot: de-anonymising users' geographical data on the Strava heat map...
FBI and CISA Publish a PSA on Malicious Cyber Activity Against Election Infrastructure
The Federal Bureau of Investigation FBI and CISA have published a joint public service announcement that: Assesses malicious cyber activity aiming to compromise election infrastructure is unlikely to result in large-scale disruptions or prevent voting. Confirms “the FBI and CISA have no reporting...
Possibility of unfair voting
Lines of code Vulnerability details Impact The proposal could never get the THRESHOLD Proof of Concept On VoterRegistration.sol: 1- the voteradmin could mint issueVotesTo unlimited tokens to address0 or any address On Governance.sol: 2- this will effect to the totalSupply so no one can execute...
Heightened Awareness for Iranian Cyber Activity
Iranian cyber threat actors have been continuously improving their offensive cyber capabilities. They continue to engage in more conventional offensive cyber activities ranging from website defacement, distributed denial of service DDoS attacks, and theft of personally identifiable information PI...
Crippling Cyberattacks, Disinformation Top Concerns for Election Day
What keeps researchers up at night leading up to Nov. 3 isn’t election-day winners and losers. Most cite possible attacks on local infrastructure, crippling ransomware incidents and disinformation campaigns. There are also many concerned voters this year. Election-related cybersecurity attacks ha...
CISA and FBI Release Joint Advisory on Iranian APT Actor Targeting Voter Registration Data
The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released a joint cybersecurity advisory on an Iranian advanced persistent threat APT actor targeting U.S. state websites, including elections websites, to obtain voter registration data. Joi...
Cyber Insecurity: Securing the Vote in the 2020 Election
Ahead of the 2020 U.S. presidential election, there are a number of cybersecurity threats looming. In an unprecedented year, we have already begun to see foreign interference,1 government agencies hit with ransomware attacks2, the National Guard deployed by state and local governments to assist...
Election Security: Beyond Mail-In Voting
As a highly publicized event, every four years the U.S presidential election comes with inevitable security risks — and interest from high-level hackers and sophisticated cybercriminals looking to sway its results. The upcoming election ups the stakes — it has captured the attention of everyone...
Feds: Iran Behind 'Proud Boys' Email Attacks on Democratic Voters
Federal officials claim that Iranian threat actors are behind two separate email campaigns that assailed Democratic voters this week with threats to “vote for Trump or else.” The campaigns claimed to be from violent extremist group Proud Boys. Two specific email campaigns — one on Tuesday Oct. 20...
A Cut Cable Knocked Out Virginia’s Voter Registration Site
Plus: Barnes and Noble got hacked, Zoom adds real end-to-end encryption, and more of the week’s top security news...
Phishers Capitalize on Headlines with Breakneck Speed
The speed with which phishers are able to adapt to new messaging based on the latest headlines is accelerating, according to the Proofpoint Threat Research Team, which was able to track backend data from a recent voter-registration scam to uncover just how quickly cybercriminals can pivot to...
Voter Registration ‘Error’ Phish Hits During U.S. Election Frenzy
Cybercriminals this week are tapping into this week’s political frenzy with a new phishing lure that warns U.S. targets that their voter registration data needs extra details. The emails purport to come from the U.S. Election Assistance Commission, an independent agency of the United States...
The informed voter’s guide to election cyberthreats
Singapore held its most recent general election on July 10 2020, and although they used the electoral system called first-past-the-post FPTP, a scheme favored by the US, UK, and most English-speaking countries, the road leading to Election Day was not without challenges and obstacles. While all...
voter-registration-form.com Cross Site Scripting vulnerability OBB-1318667
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Shoring Up the 2020 Election: Secure Vote Tallies Aren't the Problem
With the 2020 U.S. Presidential Election coming up in just two months, cybersecurity concerns are taking center stage for average citizens and politicians. That said, the likelihood of election results being impacted by an attack are slim, security researchers say. The focus should be on other...
ThreatList: Almost All Security Pros Believe Election Systems Are at Risk
As the U.S. midterm election season gets underway in earnest, concerns about the ability to hack the vote is more in the spotlight than ever. A fresh survey from Venafi has found that a full 93 percent of security pros are concerned about cyber-attacks targeting election infrastructure. The poll,...
Vendor Exposes Backup of Chicago Voter Roll via AWS Bucket
Voter registration data belonging to the entirety of Chicago’s electoral roll—1.8 million records—was found a week ago in an Amazon Web Services bucket configured for public access. The data was a backup stored in AWS by Election Systems & Software ES&S, a voting machine and election management...