democratic national committee

Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

Posted on April 16, 2021 by BrianKrebs

On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious file and other submissions by the same VirusTotal user suggest the account that initially flagged the backdoor as suspicious belongs to IT personnel at the National Telecommunications and Information Administration (NTIA), a division of the U.S. Commerce Department that handles telecommunications and Internet policy. Continue reading Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?→

Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

Posted on April 16, 2021 by BrianKrebs

Emotet Emails Strike Thousands of DNC Volunteers

Posted on October 1, 2020 by Lindsey O'Donnell

Hundreds of U.S. organizations on Thursday received emails purporting to come from the Democratic National Committee, in a new politically charged Emotet spear-phishing attack. Continue reading Emotet Emails Strike Thousands of DNC Volunteers→

DNC updates cybersecurity advice to protect candidates from hackers in 2020

Posted on February 22, 2019 by Sean Lyngaas

As Washington turns its attention to the 2020 presidential election, the Democratic National Committee on Friday released updated security guidance it says will “dramatically reduce the risk” of hackers breaching candidates’ devices. The checklist is straightforward security advice driven by an awareness of current threats. The DNC, scarred by the Russian intervention in the 2016 presidential election, has invested in improving Democrats’ cyberdefenses in the last two years. U.S. intelligence officials warn that foreign adversaries will continue to target political organizations ahead of votes being cast in 2020. “Our adversaries are already at work, whether a candidate has announced or not,” DNC Chief Security Officer Bob Lord said in a statement. The DNC checklist advises candidates and their staffers to encrypt their laptops in case they are lost or stolen and to use a password manager to make it harder for attackers to crack credentials. The committee is encouraging everyone from […]

The post DNC updates cybersecurity advice to protect candidates from hackers in 2020 appeared first on CyberScoop.

Continue reading DNC updates cybersecurity advice to protect candidates from hackers in 2020→

DNC targeted by Russian hackers beyond 2018 midterms, it claims

Posted on January 22, 2019 by Danny Bradbury

The Democratic National Committee has filed a civil complaint accusing Russia of trying to hack its computers as recently as November 2018. Continue reading DNC targeted by Russian hackers beyond 2018 midterms, it claims→

DNC officials say Russians unsuccessfully tried to hack them after 2018 midterms

Posted on January 18, 2019 by Sean Lyngaas

Hackers linked with the Russian government were likely behind an attempt to breach email accounts of Democratic National Committee officials just days after the 2018 midterm elections, the committee alleged late Thursday. Dozens of DNC officials were targeted with spearphishing emails on Nov. 14, eight days after the elections, the committee said in an updated court filing that is part of its lawsuit against the Russian government. The DNC is the Democratic Party’s top governing body. In this particular incident, there was no breach of email accounts, the committee said. After the infamous 2016 Russian intrusions into the DNC computer network, the party has trained its staff rigorously in cybersecurity. Analysts have said Russian state-sponsored hacking activity has increased recently. The DNC declined to comment beyond the court filing. “The content of these emails and their timestamps were consistent with a spearphishing campaign that leading cybersecurity experts have tied to Russian intelligence,” the court […]

The post DNC officials say Russians unsuccessfully tried to hack them after 2018 midterms appeared first on CyberScoop.

Continue reading DNC officials say Russians unsuccessfully tried to hack them after 2018 midterms→

DNC ‘spearphishing attack’ was actually a test

Posted on August 24, 2018 by Lisa Vaas

A fake login page turned out to be a test phishing attack from the Michigan Democratic Party, which hadn’t told the DNC or the ISP about it. Continue reading DNC ‘spearphishing attack’ was actually a test→

The DNC False Alarm Hack Is Good Cybersecurity, Bad PR

Posted on August 23, 2018 by Lorenzo Franceschi-Bicchierai

The DNC thought it was getting hacked again, but it was just a false alarm set off by a security test. It’s a sign that the organization is taking its cybersecurity seriously. Continue reading The DNC False Alarm Hack Is Good Cybersecurity, Bad PR→

DNC says phishing incident was a false alarm

Posted on August 23, 2018 by Sean Lyngaas

The Democratic National Party now says a phishing campaign against its voter database revealed Wednesday was in fact an unauthorized test by a third party and not the work of a malicious attacker. “We, along with the partners who reported the site, now believe it was built by a third party as part of a simulated phishing test on VoteBuilder,” DNC Chief Security Officer Bob Lord said in a statement. “The test, which mimicked several attributes of actual attacks on the Democratic party’s voter file, was not authorized by the DNC, VoteBuilder nor any of our vendors.” Lord did not identify the unauthorized third party that had carried out the phishing test. Citing a source familiar with the matter, PCMag reported that the Michigan Democratic Party had given its approval for an unnamed organization to carry out the test. Spearphishing was devastatingly effective during the 2016 presidential campaign, as Russian hackers breached […]

The post DNC says phishing incident was a false alarm appeared first on Cyberscoop.

Continue reading DNC says phishing incident was a false alarm→

Microsoft disrupts Fancy Bear election meddlers

Posted on August 22, 2018 by John E Dunn

In a new skirmish, Microsoft took control of six internet domains that were about to be used by the group to spoof US political organisations. Continue reading Microsoft disrupts Fancy Bear election meddlers→