Connect with us

Cyber Security

IOTW: Will There Be An Incident Of Impact On Tuesday’s Election?




The United States presidential election is four days away. Last Wednesday, government officials released a statement about Russian and Iranian hacking threats. The next day, more information followed. What global corporate enteprise lessons can be learned?


On October 21, Director of National Intelligence John Ratcliffe informed the public that Russia and Iran stole voter registration information for the sake of election interference. While the data was publicly available, theories were floated that stealing the data was simply cheaper than buying it or that voter-related breaches help put into question the legitimacy of election results.

A day later, the FBI and the Cyber Security and Infrastructure Security Agency (CISA) released two joint statements providing additional detail to Wednesday’s rushed press conference. Included were some of the strategies deployed by Iran, such as using the stolen data to send fake Proud Boy emails to registered Democrats. Ratcliffe claims that by doing so, Iran attempted to turn voters away from Donald Trump. Some of his colleagues disagree. The same alerts accused Russia of penetrating dozens of state and local government infrastructures, including aviation networks.

Related: Nation-State Security Trends Report 2019

Sowing election uncertainty is a known practice of Russian and Iranian hackers, though both countries vehemently deny the claim. As a response, the Treasury Department imposed sanctions on Iran. Russia remains unpunished. It is important to note that US election and voter systems themselves have not been hacked.

Lessons Learned

Currently, the main cyber threat leading up to election day come in the form of misinformation campaigns and sowing doubt in the legitimacy of election results. It is extremely difficult for foreign operatives to hack into election systems and physically add, remove, or change votes. Instead, these foreign operators hack the minds of Americans. They leak false information that looks legitimate and open lines of questioning on social media that leave some people unsure of its accuracy.

Additionally, campaign staff devices, campaign websites, and other pop-up election infrastructure are prone to weakness. Enterprise infrastructure isn’t immune to cyber crime, and their resources far surpass that of election IT resources.

Related: ‘Not Going To Automate Our Way Out’: Fbi’s David Wallace

In June, the US Treasury Department warned that the Russian hacking group known as Evil Corp.—who also has ties to the Russian government—was taking advantage of new cyber security weaknesses as people increasingly started to work from home. The same infrastructure these hackers use to commit run-of-the mill cyber crimes through ransomware can also be used to wipe out data or spread infections from computer to computer, department to department, and organization to organization using interconnected servers. It is possible the seeds planted for a ransomware attack could pivot into election tampering territory.

Ultimately, widespread distrust around voting accuracy could cause just the right amount of damage. John Hultquist, FireEye director of threat intelligence, made this observation in June: “The disruption may have little effect on the outcome. It may be entirely insignificant to the outcome — but it could be perceived as proof that the election outcome is in question. Just by getting access to these systems they may be preying on fears of the insecurity of the election.”

Read More: Incident Of The Week


Cyber Security

GoDaddy Workers in Action Against Cryptocurrency Resources Hackers Trick





After tricking GoDaddy employees into supplying them with keys to client accounts, cybercriminals were able to alter the DNS settings of certain cryptocurrency websites.

The event occurred earlier this month and impacted an undisclosed number of clients of the firm, including at least two websites connected to cryptocurrencies: the Liquid virtual currency exchange portal and the NiceHash crypto-mining operation.

On November 18, after GoDaddy wrongly turned over custody of their accounts, both platforms announced that threatening individuals were able to hack their internal networks.

Liquid CEO Mike Kayamori confirmed that the incident took place on November 13, and that the “ability to change DNS records and in turn, take control of a number of internal email accounts” was given to the threat perpetrator.

The malicious attacker thus damaged the resources of the trading network and also obtained access to record storage. As well as “preventing further intrusions and mitigating risk to customer accounts and assets,” the platform said it took the appropriate measures to contain the attack shortly after detecting it.

We will ensure that consumer funds are accounted for and remain safe and stable by containing the threat, reaffirming domain ownership, and carrying out a thorough review of our infrastructure. Kayamori said that MPC-based and cold storage crypto wallets are safe and have not been hacked.

NiceHash reported that the same GoDaddy problems triggered a service interruption on November 18th, and that the DNS records for the domain were changed as a result of unauthorised access to the domain settings.”

After ensuring that funds were safe and customers had access to their accounts, the firm promptly froze all wallet operations and resumed its operation. Pending the outcome of an independent investigation into the incident, withdrawals were suspended.

“It looks like no emails, passwords, or any personal information has been accessed at this point in time, but we do suggest resetting your password and activating 2FA security,” the firm said last week.

In looking into the attack, investigative journalist Brian Krebs found that threatening perpetrators used social engineering to manipulate staff of GoDaddy into changing access to their accounts, and that their addresses were changed to for all the targeted accounts.

Cryptocurrency sites that may have been attacked by the same hacker community include,, and, in addition to Liquid and NiceHash.

The event seems to have been recognised by GoDaddy, claiming that only a limited number of clients were harmed, but not providing specifics about how the opponents attacked their staff.


Continue Reading

Cyber Security

Cyber Security: What Is The First Thing To Do In 2021




You may have seen last week’s piece showcasing cogent advice from some of our venerate contributors on the last thing to do this year. Some of those same executives as well as a few others, have chimed in on the first thing to do next year in cyber security. 

Insights from Aligning Security Strategy With Business Strategy; Aligning Security Enablement With Business Execution; Engaging Threat Hunting; Matching Talent With Technology; Understanding Budget vs. Reality; Engaging Strategic Partner Security and Engaging Immediate Security Awareness are covered.

What is the first thing to do in 2021?

Align Security Strategy With Business Strategy

Parag Deodhar, Regional Chief Information Security Officer- APAC, VF Corporation

Understand the strategy of the organization. CISOs need to understand the business a lot more deeply and align their strategy with the business strategy. So the first thing to do is to do a deep study on the business strategy and realizing how the security strategy can align with the business strategy.

Align Security Enablement With Business Execution

Iain Lumsden, Director of Information Security, Denver Health

We’ve been so agile this year and I suspect it’s going to be the same thing in the beginning of next year. Speaking specifically in healthcare- there’s conversation around a COVID-19 vaccine coming soon. We’re working with the business to make sure that we can do what’s needed for the patients. And that’s still going to be on top of our minds at the beginning of next year. We need to be flexible, but at the same time enforce necessary security requirements. 

Engage Threat Hunting

Kayne McGladrey, Public Visibility Initiative spokesperson, IEEE

It’s really looking at the threat landscape as it exists on that day, in that point of time and do a reality check on how much the world has changed since you got that budgetary approval. This is a step that not everyone does. They focus on doing things right, not necessarily doing the right things. Organizations need to have a continuous model of risk reduction and risk assessment and threat informed assessments of those risk models. 

Something that we’ve seen historically, threat actors know we take holiday. They know that those two weeks around Christmas and New Year’s, between like the last two weeks of the year, if you don’t celebrate those holidays, tend to be slow weeks. Tends to be the B shift, the C shift that are actually taking the reigns of organizations. When companies come back- if they weren’t threat hunting over those periods of time- start a threat hunt. Go find out who now has persistence in your network. And I hope it’s nobody. 

Matching The Talent With The Technology

Nannette Cutliff, SVP, Chief Information Officer, CISO, Pacific Service Credit Union

The first thing to do next year is to make sure that you have resource accountability for managing and assessing how you’re going to attack the things that you know have to be executed. Look at the skill set and the resources that you have on staff to make sure that you’re adequately geared up to handle what you’ve got on your plate and the future threats that are coming.

Many of us bring on new tools, new platforms, new integrations and we haven’t gone back to look at how they’ve played in our environment. 

Understanding Budget vs. Reality

Tom Kartanowicz, Regional Chief Information Officer- Americas,Commerzbank AG

The first thing to do next year is check my budget numbers. Check the approval process and see what amount of coinage I’m working with and what the reality is. Checking the project status and seeing what we can kick off, and balancing the money versus the reality. 

Engage Strategic Partner Security

Lisa Tuttle, Chief Information Security Officer, SPX Corporation

We’ve had a lot of strategy meetings with our vendors. We will start off the year focused on our priorities. We’ll focus on strategic partner tools as well as the potential enhancements they can make. We’ll then be able to realize how we can be better business partners to each other so we’re in lockstep on how we take advantage of the things for which we’re already paying.

Engage Immediate Security Awareness

Stephanie Derdouri, Sr. Director Information Security Risk at Fannie Mae

Everybody’s going to want to be optimistic about the year ahead. Start out by saying ‘we’re all in this together and that means that we’re all holding each other accountable.’ We understand everybody has flexible schedules. It’s important to get in right away with that employee engagement. And that probably needs to happen before any sort of hope of there being any sort of security awareness digestion. You have to make sure people are ready and listening.


Continue Reading

Cyber Security

5 Reasons You May Not Want to Install macOS 11




Mac malware

After nearly two decades, Apple finally decided to leave macOS 10 behind and introduce macOS 11. Many people installed the operating system immediately after the release with the strong belief that Apple knows what they are doing. Of course, the new macOS 11 was bound to be an upgrade from its predecessors, but is it really better than what you are currently using? What are its downsides? Read on for a few reasons you might want to avoid Apple’s macOS 11:

Table of Contents

Lack of support for 32-Bit apps

The absence of the 32-bit software functionality has proved a major turn-off for most Mac users, with some early adopters choosing to downgrade from Mac OS 11 just to continue using apps that are only available in 32-bit. It is a real dilemma for anyone running a 32-bit app, as you have to choose between giving it up and sticking with the OS you are currently using.

Compatibility issues

As expected, macOS is heavier and packed with CPU-resource-consuming features that need newer processors to run correctly. However, unlike recent updates such as High Sierra, which came out in 2017 and ran on machines from as early as 2009, Big Sur only runs on machines released in 2013 or later. There is no point mooning over the new operating system if your machine isn’t among the following:

    • 2013 or newer Mac Pro
    • 20-17 or newer iMac Pro
    • 2014 or newer iMac
    • 2014 or newer Mac mini
    • 2015 or newer MacBook
    • 2013 or newer MacBook Pro (Some MacBook Pro machines from early 2013 may not be compatible)
    • 2013 or newer MacBook Air

Some programs bypass VPN

If you fancy encrypting your data using a VPN, macOS has found a way to circumvent that for some of their apps. The OS, unlike all its predecessors, won’t allow you to use the Kernel Extension to set up a VPN or firewall. This is because all of Apple’s applications do not strictly operate within the user’s control on macOS 11. This is a huge data privacy and security issue, especially for businesses that use Apple devices on their network.

Huge space requirements

Not only have people reported problems with downloading macOS 11, but the space requirements for installation are also proving an impediment for some users. To install the operating system, you need to have at least 35 GB of space on your SSD.

Issues with certificate checks

There have been concerns over how certificate checks are conducted on macOS 11. According to hacker Paul Jeffrey, the Apple server was down for most users when they tried to install the new OS, and programs started significantly slowly. This is because the system conducts a check every time you start a program to confirm the validity of the developer’s certificate.


Without a doubt, macOS 11 has lived up to the hype, if you choose to focus on the pros. However, there are quite a few downsides that some users cannot afford to ignore. Hopefully, Apple corrects the above issues in upcoming updates to enhance the OS’s inclusivity.


Continue Reading

Cyber Security

Microsoft Released an Out-of-Band Update for Windows to Address Authentication Issues





In order to fix authentication problems relating to a newly patched Kerberos flaw, Microsoft issued an out-of-band update for Windows last week.

The problem is linked to the subkey value of the Perform Ticket Signature register in CVE-2020-17049, a bypass security function flaw in Kerberos Key Distribution Center (KDC) patched by Microsoft on November 2020 Patch Tuesday.

CVE-2020-17049, clarified in an advisory by the tech firm, exists in the way in which KDC decides whether tickets through Kerberos Constrained Delegation (KCD) are eligible for delegation.

A compromised server designed to use KCD could leverage a service ticket that is not legitimate for delegation to compel the KDC to allow it in order to exploit the vulnerability. The upgrade fixes this vulnerability by modifying how Microsoft states that the KDC validates service tickets used for KCD.

Last week the company disclosed that a variety of problems could arise on writable and read-only domain controllers (DC), including tickets that are not renewed for non-Windows Kerberos clients and S4UProxy delegation fail when PerformTicketSignature is set to 1 (default), and services fail when PerformTicketSignature is set to 0.0 for all clients.

To fix a documented problem concerning Kerberos authentication, an optional out-of-band upgrade is now available on the Microsoft Update List. Ticket renewal and other tasks, such as scheduled tasks and clustering, may fail as part of this problem. Microsoft states that this phenomenon only concerns Windows Servers and Windows 10 computers and apps in business environments.

The business advises that only affected organisations instal their domain controllers with the out-of-band update. In addition, Microsoft advises that after downloading the update, there are several problems that businesses should be aware of about the Microsoft Input System Editor (IME) for Japanese or Chinese languages.

In a post last week in addition to applying the upgrade to all of the DCs and RODCs (Read-Only Domain Controllers) in the environment, Microsoft Japan issued a set of guidelines on the steps administrators could take to resolve certain issues.


Continue Reading
AI6 hours ago

Europe sets out the rules of the road for its data reuse plan

AR/VR6 hours ago

Cybershoes for Quest Kickstarter Reaches Funding Goal in First Day

SaaS8 hours ago

AI10 hours ago

How Do You Differentiate AI From Automation?

Blockchain11 hours ago

Bitcoin Breaks Out but Is Stopped Short of New All-Time High

Blockchain12 hours ago

Ethereum Becomes One of the Largest Proof of Stake Chains Even Before Launch

Energy13 hours ago

XCMG lança X-GSS na Bauma China 2020, e mostra como se tornar digital na fabricação de máquinas

Energy13 hours ago

XCMG lanza X-GSS en Bauma China 2020 y muestra cómo aplicar la digitalización en la manufactura de maquinaria

Esports13 hours ago

KT Rolster signs top laner Doran

Blockchain14 hours ago

Dormant Ripple Whale Linked to Genesis Address Moves 40 Million XRP to Bitstamp

Esports14 hours ago

Suning parts ways with support SwordArt

Blockchain15 hours ago

Will TRON (TRX) Finally Break Out Above $0.04?

Energy15 hours ago

Sinopec gibt Startschuss für ausführliche Untersuchungen zur Energiewende und Klimaneutralität

Energy15 hours ago

Sinopec lance une recherche approfondie sur le pic d’émissions de CO2 et la neutralité carbone

Cyber Security15 hours ago

GoDaddy Workers in Action Against Cryptocurrency Resources Hackers Trick

Energy16 hours ago

Sinopec inicia uma extensa pesquisa sobre o pico de emissões de CO2 e o carbono neutro

AR/VR18 hours ago

Oculus CTO Wants Android Apps on Quest, But is “not winning” the Debate Within Facebook

Energy18 hours ago

LONGi alcanza los 10 GW de envíos de módulos bifaciales

Energy18 hours ago

Remessas de módulos bifaciais LONGi de alta eficiência chegam a 10GW

Energy18 hours ago

Los cargamentos de módulos bifaciales de alta eficiencia de LONGi alcanzan los 10 GW

Energy19 hours ago

Continental Resources Announces Early Results And Upsizing Of Cash Tender Offers

Energy20 hours ago

Neutrinovoltaic Energy and Electromagnetic Capacitors Set to Usher in a New Era of Truly Clean Energy

Cyber Security20 hours ago

Cyber Security: What Is The First Thing To Do In 2021

Energy20 hours ago

/R E P E A T — KORE Mining Considering Spin-Out of South Cariboo Gold Exploration Assets to KORE Shareholders/

Energy21 hours ago

Line 3 Moves Forward to Construction

AI21 hours ago

MIT Study: Effects of Automation on the Future of Work Challenges Policymakers  

AI21 hours ago

Power of AI With Cloud Computing is “Stunning” to Microsoft’s Nadella 

AI21 hours ago

IT Departments Find Timing is Good to Modernize Legacy Systems; AI Can Help 

Energy21 hours ago

Venture Global LNG gibt KBR EPC Zuschlag für die LNG-Exportanlage in Plaquemines

AI21 hours ago

AI Autonomous Cars Contending With Human Bullying Drivers