Iowa – WindowsTechs.com

The long-lasting consequences of Coalfire’s Iowa pentest fiasco

Posted on August 5, 2020 by Jeff Stone

The two security pros who were arrested for doing their job are still angry. Gary DeMurcurio and Justin Wynn, who work as penetration testers for Colorado-based security firm Coalfire Labs, were charged with burglary in September 2019 after they broke into an Iowa courthouse. Unlike in a typical break-in, though, Iowa state officials had hired DeMercurio and Wynn to test the courthouse’s defenses, then alert the authorities about any vulnerabilities that actual thieves may try to exploit. While prosecutors eventually dropped charges against the two pen-testers, the case made national headlines and highlighted the risks that security professionals take as part of their employment. Now, DeMercurio and Wynn are breaking their silence with a presentation at Black Hat, the virtual cybersecurity conference where they plan to detail their experience, and may delve into how performative security tactics, like arresting people without grounds, doesn’t actually solve anything. “The citizens of Iowa […]

The post The long-lasting consequences of Coalfire’s Iowa pentest fiasco appeared first on CyberScoop.

Continue reading The long-lasting consequences of Coalfire’s Iowa pentest fiasco→

FBI, DHS advise states on potential Russian voter suppression tactics in 2020

Posted on October 4, 2019 by Sean Lyngaas

The FBI and Department of Homeland Security have issued an advisory to state election officials that the Russian government could use voter suppression tactics in an attempt to interfere in the 2020 U.S. election, according to U.S and state officials familiar with the memo. The advisory sent this week to states’ secretaries of state and security advisers cautions that Moscow could try to keep Americans away from the polls next year by, for example, trying to breach voter registration databases or fanning political tensions online, said the officials familiar with memo, which is titled, “Russia May Try to Discourage Voter Turnout and Suppressing Votes in 2020 US Election.” The document is marked “For Official Use Only.” The officials described the advisory as a proactive effort to stay on top of the threat. “We want to make sure we’re pushing out as much information as possible to the front lines,” a senior Trump administration […]

The post FBI, DHS advise states on potential Russian voter suppression tactics in 2020 appeared first on CyberScoop.

Continue reading FBI, DHS advise states on potential Russian voter suppression tactics in 2020→

Repairing All the ‘Structurally Deficient’ Bridges in the US Would Take More Than 80 Years

Posted on April 3, 2019 by Rob Dozier

Every day roughly 178 million people in the US travel over bridges in need of “urgent” repair. Continue reading Repairing All the ‘Structurally Deficient’ Bridges in the US Would Take More Than 80 Years→

Google’s Cloud Spanner database adds new features and regions

Posted on December 19, 2018 by Frederic Lardinois

Cloud Spanner, Google’s globally distributed relational database service, is getting a bit more distributed today with the launch of a new region and new ways to set up multi-region configurations. The service is also getting a new feature that gives developers deeper insights into their most resource-consuming queries. With this update, Google is adding to […] Continue reading Google’s Cloud Spanner database adds new features and regions→

Phishing attack exposes data of more than a million patients across Midwest

Posted on July 31, 2018 by Mark Satter

Nearly 1.4 million people across the U.S. Midwest may have had their personal information exposed in a data breach at one of the region’s largest health care networks. UnityPoint Health, a network of hospitals, clinics, and home care services in Iowa, Illinois, and Wisconsin, said this week that multiple internal email accounts were compromised between March 14 and April 3, following a series of phishing attacks. The phishing emails were disguised to appear to have originated from a “trusted executive” within UnityPoint Health. The stolen data included patient names, addresses, dates of birth, extensive medical records including surgical information and lab results, insurance information and, in some cases, Social Security, bank account, and driver’s license numbers. According to UnityPoint Health’s press release, the attack was likely financially motivated, rather than focused on obtaining patient information, as the hackers tried to use the company’s email system to divert payroll or vendor payments. Stolen personal […]

The post Phishing attack exposes data of more than a million patients across Midwest appeared first on Cyberscoop.

Continue reading Phishing attack exposes data of more than a million patients across Midwest→

DHS official: States will probably know first if malicious cyber-activity hits primaries

Posted on June 5, 2018 by Sean Lyngaas

The Department of Homeland Security is on standby to alert state officials about any malicious cyber-activity during Tuesday’s primary elections, but the states themselves will likely know first if something is amiss, Matthew Masterson, a senior cybersecurity adviser at DHS, told CyberScoop. With voters going to the polls in eight states, Tuesday’s primaries are a chance for DHS to test the communication protocols it has sought to ingrain in election personnel across the country. State officials, who generally have the best views of their networks, will flag potentially malicious activity for DHS, which can in turn alert other states, according to Masterson. “If we see or have information to suggest something is going on, we have the ability to immediately share it with the states,” he said in an interview. Ahead of the midterm elections, DHS has looked to “ramp up” its cyberthreat reports to state officials to get them information that […]

The post DHS official: States will probably know first if malicious cyber-activity hits primaries appeared first on Cyberscoop.

Continue reading DHS official: States will probably know first if malicious cyber-activity hits primaries→