State of security: Missouri
Who’s in charge: Secretary of State John R. Ashcroft
Security in action: Missouri recently held a National Election Security Summit in St. Louis to discuss and share best practices as well as usable steps to mitigate threats and vulnerabilities concerning...
State of security: Utah
Who’s in charge: Lieutenant Governor Spencer Cox, Director of Elections Justin Lee
Security in action: Utah uses a vote by mail system in all but two counties (Carbon and Emery). The two outliers instead use direct-recording electronic (DRE) voting machines that...
Amazon patches IoT and critical infrastructure security flaws
Amazon patched 13 security flaws affecting the operating systems of its IoT devices and Amazon Web Services (AWS) connection modules putting smart homes and critical infrastructure alike at risk.
Researchers at Zimperium identified the CVE vulnerabilities which included four remote...
Updated Azorult malware for sale on the Dark Web
A new and improved version of the info stealer and malware downloader Azorult was spotted being distributed by the RIG exploit kit.
Check Point researchers report the malware has been heavily upgraded, version 3.3 as labeled by its creators, and...
Apple CEO Cook calls for Bloomberg retraction
Apple CEO Tim Cook asked Bloomberg BusinessWeek to retract a story posted earlier this month that stated Apple had used computers that were hacked by the Chinese military.
Apple’s Tim Cook at WWDC 2016Cook made his demand during an interview...
ObamaCare portal breach compromises data of 75,000 patients
Threat actors compromised the information of 75,000 patients after breaching an ObamaCare (Affordable Care Act) enrollment portal last month.
The Centers for Medicare and Medicaid first noticed problems in the online enrollment portal available to agents and brokers October 13 and...
Securing Middle America: small towns more at risk of ransomware, phishing and more
Cybersecurity firms may be leaving money on the table chasing big fish in the form of large enterprise deals, while smaller local government entities go unprotected.
While cyberattacks target entities of all sizes in both the public and private sector,...
It’s Ok, I’m verified; libssh flaw allows attacker bypass server authentication
A vulnerability in the libssh platform could allow an attacker to bypass authentication and gain full control over vulnerable servers.
The vulnerability basically allows the attacker to simply tell the targeted system that the authentication is complete rather than the...
VestaCP supply-chain attack installs DDoS malware
Hosting control panel solution VestaCP was compromised in a supply chain attack that installed malware used to carry out DDoS attacks.
Earlier this week ESET researchers learned the official VestaCP distribution was compromised to install a malware dubbed Linux/ChachaDDoS onto...
Justice unseals criminal complaint against Russian lawyer for 2018 midterms interference
The midterm elections have yielded their first criminal case – the Justice Department on Friday charged Russian accountant Elena Khusyaynora with conspiracy to defraud the U.S. for her role in a plan to spend more than $10 million on...
West Haven, Indiana National Guard, Muscatine hit with ransomware attacks
Ransomware attacks have struck government entities across the nation this week with West Haven, Conn., the Indiana National Guard and Muscatine, Iowa being targeted.
West Haven almost immediately succumbed to the cybercriminals threat and paying what city officials called a...
Survey: Federal agencies slow to migrate to cloud, despite promise of security
Although a cloud-based architecture would offer cybersecurity benefits to federal agencies whose systems are in need of digital defense, many government entities are not yet ready to make the migration, based on the results of a new survey.
Conducted by...
Philippines orders Facebook to offer ID protections following breach
Among the 30 million accounts affected in the September 2018 Facebook data breach incident were 755,973 users in the Philippines, and now the Southeast Asian nation is demanding action from the social media company, according to a report from area news outlet...
State of security: Colorado
Who’s in charge: Secretary of State Wayne Williams ...
State of security: New Jersey
Who’s in charge: Secretary of State Tahesha Way
Security in action: In August New Jersey made public its spending plan for the $10.2 million the state has set aside to help secure its state and local level elections. The federal...
Japan Orders Facebook to Improve Data Protection
The Japanese government on Monday ordered Facebook to improve protection of users' personal information following data breaches affecting tens of millions of people worldwide.
read more
If Facebook buys a security company, how will it retain the staff who absolutely hate Facebook?
According to reports, Facebook is planning to acquire a cybersecurity firm. But what will the security boffins think of working for Mark Zuckerberg of all people?
jQuery? More like preyQuery: File upload tool can be exploited to hijack at-risk websites
Flaw present for the past eight years, easy to exploit, and there are thousands of forks A serious vulnerability in a widely used, and widely forked, jQuery file upload plugin may have been exploited for years by hackers to...
Watch how a Tesla Model S was stolen with just a tablet
Criminals were able to dupe the Tesla’s passive entry system into giving them access, and letting them drive away.
(But only after they struggled to unplug it.)
Facebook Rumored to Be Hunting for Major Cybersecurity Acquisition
Goal appears both a bid to bolster its own security and its tattered reputation for privacy, according to reporting by The Information.
