Cyber Security Headlines – November 5, 2020

Facebook and Instagram add pop-up banners about election results

The banners inform US users that the results of the US election have not been determined, with a time stamp to show when the platform’s information was updated. It accurately informs users that votes are still being counted, and links out to other in-app election resources. A Facebook spokesperson told TechCrunch the banner was put up short after President Trump prematurely declared victory on Facebook. 

(TechCrunch)

Election night was seemingly free of cybersecurity drama

A senior official at the Cybersecurity and Infrastructure Security Agency said election day was “another Tuesday on the internet,” in terms of unusual cyberthreat activity, with no apparent targeted attacks on election systems. While some electronic poll books and voting machines suffered glitches in Georgia and Ohio, these were technical errors with paper backups readily available. Officials with the Election Infrastructure Information Sharing and Analysis Center confirmed the quiet night. The organizations will now be on the lookout of disinformation campaigns and cyberattacks targeting sites carrying election results. 

(CyberScoop)

California passes Prop 24

This law will replace California’s Consumer Privacy Act which was passed in 2018. The proposition essentially keeps the protections of the original act but requires a supermajority of the legislature, or another proposition, to change them. It adds the ability for California citizens to require companies to limit the use of sensitive personal information and creates a government agency to handle privacy law enforcement. California businesses have until January 2023 to comply with the new provisions.

(Protocol)

Thousands of hacked databases leaked online

The website Cit0Day.in was founded in 2018 as a private data breach index available for cybercriminals to lookup leaked passwords on targeted accounts. The site went dark in September, showing an FBI takedown notice. This notice appears to be fake and copied from another site. Then last month, more than 23,000 hacked databases used by the site were available on several hacking forums and Telegram channels for download for several hours, before being taken down from the host provider following an abuse complaint. The download was estimated at 50GB with 13 billion user records, although some came from databases several years old.  

(ZDNet)

Thanks to our sponsor, Trusona

Secure your workforce with desktop MFA (passwords not included).
Security leaders have been tasked with securing a remote workforce across a vulnerable variety of locations — and Trusona is here to help. With a single passwordless desktop MFA sign-in, employees are automatically authenticated into their SSO for simple, secure access to all corporate applications, including Office 365. To learn more, visit trusona.com/desktopSSO.

Portland bans facial recognition

Voters in Portland, Maine approved an ordinance against the use of facial recognition by the city fixed for five years. The measure lets citizens sue to receive $100 per violation or a total of $1,000. It requires the city to suppress any illegally obtained evidence and be grounds for a city official’s termination.

(Engadget)

$1 billion Bitcoin wallet emptied

A cryptocurrency wallet identified with over 69,000 Bitcoins on November 3rd was emptied out overnight, leaving the equivalent of about $1.38 left. The wallet had been spotted by Hudson Rock CTO Alon Gal earlier this year, believing that the wallet was being passed around by hackers trying to crack the password. The wallet had not had any transactions since 2015. Gal believes either a hacker was successful in cracking the password, or the original owner emptied it as a result of the publicity. 

(Bleeping Computer)

Zero-day disclosed for Cisco client

The enterprise networking giant disclosed a zero-day vulnerability to its Cisco AnyConnect Secure Mobility Client software, with a proof-of-concept exploit code, but has not yet issued a patch. A flaw in the interprocess communication channel allows for local authenticated users to execute scripts on a targeted user. Windows, Linux, and macOS clients are vulnerabile, but iOS and Android versions are unaffected. Toggling off the Enable Scripting configuration setting will reduce the attack surface, but there is no workaround available. Cisco is expected to fix the flaw in the next AnyConnect Client release. 

(Security Affairs)

Americans feel fine with device security

A survey by the National Cyber Security Alliance found that 77% of consumers aged 50 to 75 and 81% of consumers aged 18 to 34 were moderately or highly confident in the security of their connected devices. The survey also found that 34% of older respondents rarely or never checked for software updates on their devices, 54% of younger respondents frequently connected to unsecure Wi-Fi to access secure systems, with 50% in the same group rarely deactivating manufacturer defaults for location tracking and data sharing. 

(InfoSecurity Magazine)


Rich Stroffolino
Rich Stroffolino is a podcaster, editor and writer based out of Cleveland, Ohio. Since 2015, he's worked in technology news podcasting and media. He dreams of someday writing the oral history of Transmeta.