{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
A lowly brand of cyberattack could still be a big headache between now and Election Day. CISA hates the timing of a particular piece of oversight. And there's more about an Iranian information operation related to the election. This is CyberScoop for Wednesday, October 28, 2020.

DDoS threats and the 2020 election

One of the oldest hacking tricks in the book, distributed denial of service attacks, might not be the most severe election threat, but experts say it could still play a role in any 2020 chaos. DDoS attacks have reared their heads in other nations in recent years, as well as in the U.S. in 2016, when both presidential candidates' websites were targeted unsuccessfully. The tendency of DDoS attacks to resemble more benign outages means they've been suspected, incorrectly so far, in several incidents around the nation. But a successful hit could damage voters' confidence or delay their ability to vote. Tim Starks puts the DDoS election threat in perspective.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

Chris Krebs to IG: Not now, folks

The head of CISA and the Department of Homeland Security's inspector general are at odds over the timing of a report criticizing some of the agency’s election security work. “[R]eleasing this report before Election Day fails to account for CISA’s actions throughout the entirety of the actual 2020 election cycle,” CISA Director Chris Krebs said. The report credited his agency for making progress on cyberthreats to elections since 2016, but also said CISA needed to focus more on physical threats. Amy Cohen, executive director of the National Association of State Election Directors, was also critical of the IG report. Sean Lyngaas has more.

Iran’s voting misinformation email campaign was on Facebook too

Following a tipoff from the FBI, Facebook has removed a network of fake accounts and pages with connections to the Iranian government, one of which was peddling misinformation related to the U.S. elections, the company announced Tuesday. The Iranian network broadly focused on the U.S. and Israel, but it included one fake account that was operating as part of the Iranian email misinformation campaign that recently sent unsubstantiated threats about voting, Facebook’s head of cybersecurity policy Nathaniel Gleicher told reporters in a phone call. The network is emblematic of a worrying trend Facebook and other social media platforms have been grappling with for years: Some of the bad actors behind disinformation operations on the platform don’t seem deterred by removals. Shannon Vavra has the big picture.

A very short and very weird 'poll'

The defacement of President Trump's campaign website Tuesday night wasn't necessarily a threat to national security or the balance of the 2020 election, but it briefly served as a reminder of the vulnerability of political sites everywhere. The real reason for the attack, it seems, was the desire of scammers to collect a pile of the cryptocurrency Monero. The defacement message — which was reportedly up for less than an hour before the campaign overrode it — made some wild claims about hacked material, then gave visitors the opportunity to "vote" yes or no on whether the attackers should publish it. The means of polling? Irreversible contributions of Monero to two coin wallets. Joe Warminsky has more.

The feds stare down a North Korean threat

Outside of politics, the biggest cyberthreat news Tuesday was a joint alert from the FBI, DOD’s Cyber Command, and CISA warning the private sector about what appears to be a global hacking operation run by North Korean government-linked attackers. The hacking group, known as Kimsuky, tends to run intelligence-gathering intrusions against targets in South Korea, Japan and the U.S., and historically has targeted entities with a focus on sanctions and nuclear issues, the alert said. Shannon has the background.

Double check those conference invites for APT35

Iranian government-linked hackers have been sending spearphishing emails to over 100 high-profile potential attendees of the upcoming Munich Security Conference as well as the Think 20 Summit in Saudi Arabia, according to Microsoft researchers. The attackers, known as Phosphorous, APT35 or Charming Kitten, have disguised themselves as conference organizers and have sent fake invitations containing PDF documents with malicious links, the report says. The researchers do not believe this specific campaign is linked with the election, but Phosphorous reportedly has targeted associates of President Donald Trump’s campaign in recent months. Shannon breaks it down.

Travel scams, they’re all the rage

You can add travel-booking scams to the ways that cybercriminals have adapted to the pandemic-era economy. Mentions of travel-related issues on underground forums went from roughly 100 per day in early June to more than 600 per day in early September after lockdowns eased, according to new research from Gemini Advisory. These types of schemes, which involve using stolen payment card data to book flights, have cost the airline industry an estimated $1 billion. Sean digs in to the research.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}