04-11-202006-11-2020

Security daily (05-11-2020)

How the pandemic helped election officials prepare for a flood of misinformation

As Americans await the results of a heated presidential contest, election officials are in the spotlight in a country on edge. They are trying to sift through a fog of domestic misinformation, and their methodical process for counting and verifying ballots is defying demands to hurry up, or stop. Now, security experts say months of extraordinary preparation during the coronavirus are paying off. After months of explaining how elections would work during a pandemic, state and local officials are projecting confidence to the public by being open about their work. Election officials have “transformed some of the challenges associated with COVID into opportunities to increase transparency and election administration education,” said Liz Howard, senior counsel at the Democracy Program at New York University’s Brennan Center for Justice. “Before the election, when many election officials received calls and questions from voters about their absentee ballot security measures, many offered to provide tours of their offices to the press, […] The post How the pandemic helped election officials prepare for a flood of misinformation appeared first on CyberScoop. (CyberScoop)

Election-related misinformation is spilling into the real world. Just look at Arizona.

When a group of pro-Trump protesters surrounded an election center in Arizona in the wee hours of Thursday morning, demonstrators chanted slogans echoing manufactured narratives amplified by right wing social media users that the 2020 U.S. presidential election was somehow being stolen from President Donald Trump. While calling for officials in Maricopa County to count the ballots, demonstrators parroted the baseless allegations, some of which were initiated by Trump, who earlier tweeted that “we are up BIG, but they are trying to STEAL the Election.” In videos of the incident, protesters can be seen holding signs, at least one of which said, “Stop The Steal,” which appeared to be recycled from the hashtag #StopTheSteal, a hashtag that originally began spreading on Twitter on Election Day to suggest, without evidence, that officials somehow were defrauding Trump in Pennsylvania. Our crew being escorted out of ⁦@MaricopaVote⁩ #AZ2020 ⁦@FoxNews⁩ pic.twitter.com/LgiD56drFb — Alicia Acuna (@aacuna1) November 5, 2020 There is no evidence widespread election fraud has […] The post Election-related misinformation is spilling into the real world. Just look at Arizona. appeared first on CyberScoop. (CyberScoop)

DOJ seizes $1 billion in cryptocurrency tied to Silk Road dark web market

The Department of Justice said Thursday that it seized approximately $1 billion worth of bitcoin, its biggest cryptocurrency seizure ever. The announcement solves a a years-old mystery about the shuttered Silk Road dark web market for illegal drugs and other unlawful goods, widely regarded as the largest and most extensive dark web marketplace of its time before its 2013 demise. The law enforcement action  solves another riddle about a bitcoin wallet that just saw a nearly identically valued amount of cryptocurrency withdrawn after sitting dormant for a long time. “The successful prosecution of Silk Road’s founder in 2015 left open a billion-dollar question. Where did the money go?” said U.S. Attorney David Anderson. “Today’s forfeiture complaint answers this open question at least in part. $1 billion of these criminal proceeds are now in the United States’ possession.” Motherboard reported Wednesday on the Election Day emptying of the wallet. Then the complaint, filed Thursday, detailed […] The post DOJ seizes $1 billion in cryptocurrency tied to Silk Road dark web market appeared first on CyberScoop. (CyberScoop)

The critical role of CUI in federal supply chain security

While controlled unclassified information hasn’t attracted the attention of CMMC, it plays a central role in federal government efforts to secure the IT supply chain.
The post The critical role of CUI in federal supply chain security appeared first on CyberScoop. (CyberScoop)

US seizes more domains with ties to suspected Iranian influence campaign

The U.S. Department of Justice’s actions against alleged Iranian influence campaigns continued this week with the seizure of 27 internet domains, including four that the feds say were targeted directly at U.S. audiences. Iran’s Islamic Revolutionary Guard Corps (IRGC) unlawfully used the domains in operations to “covertly influence” opinions in the U.S. and elsewhere, the department said in an announcement Wednesday. In early October, the feds seized 92 domains under similar allegations. Later that month, the Treasury Department sanctioned five Iran-linked organizations for spreading disinformation and making other attempts to sow discord in the U.S. As with previous announcements, U.S. officials cited help from Silicon Valley giants. “Thanks to our ongoing collaboration with Google, Facebook, and Twitter, the FBI was able to disrupt this Iranian propaganda campaign and we will continue to pursue any attempts by foreign actors to spread disinformation in our country,” said FBI Special Agent in Charge Craig […] The post US seizes more domains with ties to suspected Iranian influence campaign appeared first on CyberScoop. (CyberScoop)

S3 Ep5: Chrome, Flash and malware for sale [Podcast]

Here's the latest podcast - listen now! (Naked Security)

What A Possible Trump Win Would Mean For Cyber

(News ≈ Packet Storm)

VMware Issues Updated Fix For Critical ESXi Flaw

(News ≈ Packet Storm)

Hackers Are Exploiting Unpatched VoIP Flaws

(News ≈ Packet Storm)

GitHub Denies Getting Hacked

(News ≈ Packet Storm)

ALFA TEaM Shell ~ v4.1-Tesla: A Feature Update Analysis

We’ve seen a wider variety of PHP web shells being used by attackers this year —  including a number of shells that have been significantly updated in an attempt to “improve” them. Depending on the scope of changes and feature enhancements that are added to an existing web shell’s source code, these updates can be tedious and time consuming for bad actors. For this reason, it’s common to see code for web shells reused among different, unaffiliated attackers. Continue reading ALFA TEaM Shell ~ v4.1-Tesla: A Feature Update Analysis at Sucuri Blog. (Sucuri Blog)

Legacy Mauthtoken Malware Continues to Redirect Mobile Users

During malware analysis, we regularly find variations of this injected script on various compromised websites: . The variable “0x446d” assigns hex encoded strings in different positions in the array. If we get the ASCII representation of the variable, we’ll end up with the following code: var _0x446d=["mauthtoken","indexOf","cookie","userAgent","vendor","opera","hxxps://zeep.ly/ev4Va","googlebot","test","substr","getTime","_mauthtoken=1; path=/;expires=","toUTCString","location"]; In this array, you can find a “shortened” redirect URL: hxxps://zeep[.]ly/ev4Va. Continue reading Legacy Mauthtoken Malware Continues to Redirect Mobile Users at Sucuri Blog. (Sucuri Blog)

Gaming Giant Capcom Hit By Ragnar Locker Ransomware: Report

The Resident Evil creator reportedly been hit in a ransomware attack that stole 1TB of sensitive data. (Threatpost)

Zoom Snooping: How Body Language Can Spill Your Password

Researchers figure out how to read what people are typing during a Zoom call using shoulder movements. (Threatpost)

Cisco Zero-Day in AnyConnect Secure Mobility Client Remains Unpatched

Cisco also disclosed high-severity vulnerabilities in its Webex and SD-WAN products. (Threatpost)

Malspam Campaign Milks Election Uncertainty

Emails try to lure victims with malicious documents claiming to have information about voting interference. (Threatpost)

04-11-202006-11-2020

/security-daily/ 06-11-2020 23:44:22