NSA, CIA have proof of Russians hacking Florida voting systems, says Woodward’s ‘Rage’

It’s not November yet, but it’s time for an election dust-up in Florida. Journalist Bob Woodward claims in his new book on President Trump that the NSA and CIA possess classified evidence that Russians had placed malware on the election registration systems of at least two Florida counties. Despite no evidence that the malware was activated, it allegedly could erase voters in specific districts, Woodward writes. 

(CNN)

DHS whistleblower alleges he was ordered to halt Russia analysis because Trump looked ‘bad’

The official in charge of intelligence and analysis at the Department of Homeland Security until recently alleges he was told to stop providing intelligence reports on the threat of Russian interference in this year’s election, in part because QUOTE it made the President look bad QUOTE. *Brian Murphy, the official, filed a whistleblower complaint that on two occasions he was told to back away from reporting the threat to the U.S. from Russia, and alleges that he was ordered to alter reports about white supremacists to align with public comments by President Trump—and ultimately refused

(Washington Post)

U.S. Supreme Court will decide legality of bug bounties

Does violating the terms of service for software, hardware, or online services constitute illegal hacking? The U.S. Supreme Court might decide, and technology companies, digital-rights groups, and independent security researchers have issued friend-of-the-court briefs in a case that could determine the future of ethical hacking.

(Dark Reading)

What you need to know about yesterday’s Patch Tuesday 

For the fourth month in a row, Microsoft has patched more than 120 security vulnerabilities. For the seventh month in a row, they’ve fixed more than 100 vulnerabilities. The good news is that Microsoft is actively shipping patches for everything from corporate stalwart Office 365 to Edge, its Internet Explorer update. The bad news? For the most part, Redmond’s not going to install those updates without user participation.

(Krebs on Security)

Thanks to our sponsor, Remediant

Remediant is a fast growing Gartner Cool vendor focused on the concept of precision Privileged Access Management and one Fortune 100 company calls them “the world’s best protection against major incidents.” Remediant uniquely deploys & inventories thousands of privileged accounts in hours, locks down lateral movement & ransomware spread by removing standing privilege with a single action, and administers privileges just-in-time with MFA.

Strategic cyberwarfare is more complex than ever before. Here’s why

There’s a lot more to hacktivism in 2020 than Kpop stans. And there’s a lot more to how countries interact online than just “hacking.” Renowned hacker The Grugq explains why strategic cyberwarfare, the ability to use the Internet to create advantages and influence events in the real world across the realms of diplomacy, information, military, and the economy, has gotten cheaper and easier as nations and individuals have grown more interconnected.

(The Parallax)

Next up for General Keith Alexander: Amazon

The public face of the United States during the Edward Snowden leaks is now joining the Board of Directors of Amazon. The first head of the U.S. Cyber Command and former honcho of the National Security Agency, Alexander retired from public service in 2013. During his tenure, he suggested that reporters needed to be legally restrained from reporting on Snowden’s disclosures.

(The Verge)

Ireland to Facebook: Stop sending E.U. user data to the U.S.

*The official privacy regulator of Ireland has issued a preliminary order to Facebook to stop the company’s data transfers to the U.S. over American government surveillance practices. The move is seen as the first step towards curtailing the social media giant’s influence in European markets. Facebook could face a fine of up to 4 percent of its annual revenue, or $2.8 billion.

(Wall Street Journal)

There’s spyware on TikTok, say researchers

The TikTok Pro app is anything but. A fake TikTok app advertising itself as a “pro” version of the social network can steal text messages, photos, location, and even Facebook passwords. Not scary enough? It can also take screenshots, tap into your mic, dial friends and family, send texts, and even launch other apps. If you know any TikTok fans, give its Pro a pass.(Tom’s Guide)