Researchers at MIT and the University of Michigan have uncovered multiple security flaws in the online voting platform OmniBallot which could allow hackers to access and manipulate voter data. The platform is currently in use in three states for military personnel and disabled residents.
The attack sounds ripped from an episode of TV show "24": Hackers have infiltrated a government network, and they're days away from unleashing ransomware. Unfortunately for Florence, a city in Alabama, no one saved the day, and officials are sending $300,000 in bitcoins to attackers for a decryption key.
The latest edition of the ISMG Security Report discusses Europol's launch of the European Financial and Economic Crime Center, and also details the London Met's perspective on recent cybercrime trends, and to need to maintain a paper audit trail for mobile voting.
A bipartisan group of lawmakers sent a letter to Juniper Networks seeking a more detailed explanation into a 2015 incident when an NSA-created algorithm - that may have included a backdoor - appeared in a company product that would have allowed VPN traffic to be decrypted.
The National Security Agency and U.S. Cyber Command are ramping up to offer security protection during the presidential election in November. The program, called Cyber 9-Line, will be utilizing National Guard troops trained in cybersecurity.
The FBI is warning that cybercriminals and fraudsters are increasingly targeting mobile banking apps with malware in order to steal credentials and conduct account takeover attacks. The shift to mobile banking has increased since the COVID-19 pandemic.
As Roger Sels of BlackBerry assesses cybersecurity risk, he sees chaos - both cyber and endpoint chaos - as well as enterprises trying to defend automated attacks at human speed. It makes him ask: Isn't it time we rebooted our approach to cybersecurity risk prevention?
Carnegie Mellon University Software Engineering Institute's CERT notification center has posted a warning of a flaw in the Universal Plug and Play protocol that could potentially affect billions of internet-connected devices. If exploited, this flaw could lead to DDoS attacks and theft of data.
Europe is targeting financial and economic crime, including fraud and money laundering, via the new European Financial and Economic Crime Center, hosted by the EU's law enforcement intelligence agency Europol. Officials say the launch of such a center during the COVID-19 pandemic is no accident.
Perceived wisdom is that mobile voting will be open to significant opportunities for interception, manipulation and nation-state interference. Nimit Sawney, CEO of Voatz, describes the architecture of a secure mobile voting system.
Payment fraud continues to evolve during the COVID-19 pandemic, exploiting changing habits and behaviors of consumers. Melissa Gaddis of TransUnion, who has been tracking these changes, says one of the surprising changes concerns millennials: They're now fraudsters' top target.
The number of reported vulnerabilities found in open source software more than doubled in 2019 to almost 1,000, with projects such as Magento, GitLab, and Jenkins posting the largest increases, according to security firm RiskSense.
Surveillance researchers at Citizen Lab have tied thousands of "Dark Basin" corporate espionage phishing attacks to a small Indian cybersecurity firm called BellTroX InfoTech Services. It's led by Sumit Gupta, who was indicted by the U.S. in 2015 for criminal hacking on behalf of private investigators.
Ransomware gangs keep innovating: Maze has begun leaking data on behalf of both Lockbit and RagnarLocker, while REvil has started auctioning data - from victims who don't meet its ransom demands - to the highest bidder. Thankfully, security experts continue to release free decryptors for some strains.