Colorado Butches Election Security , FBI Warns on Election Fraud Schemes, Android Malware Fakecall

As the election season heats up and Halloween sets the tone for a chilling CyberHub Podcast episode, the focus is on the urgent issues impacting election security, evolving cyber threats, and ongoing breaches.

This October 31st edition covers everything from election-related vulnerabilities exposed by the Colorado Secretary of State to advanced malware like Fake Call, spear-phishing attacks from Russian APTs, and recent ransomware incidents targeting global institutions.

With vital insights and action points, this episode equips cybersecurity professionals with the knowledge needed to protect critical infrastructure, prevent social engineering scams, and strengthen security protocols across industries.

Election Security Oversight Concerns in Colorado

The main story on today's podcast was an election security lapse in Colorado, where voting system passwords were inadvertently made accessible on the Colorado Secretary of State’s website. Colorado’s Secretary of State, Janet Griswold, who lacks cybersecurity experience, downplayed the significance of the exposure, but quick actions were eventually taken to secure the system. Despite assurances, this incident underscores the critical need for cybersecurity expertise in state-level election oversight.

Action Item for Cybersecurity Professionals: Advocate for appointing cybersecurity-trained personnel to election oversight roles and ensure secure storage of sensitive information in systems accessible to the public.

FBI Warning on Election-Related Scams

The FBI has alerted the public about schemes capitalizing on election season. These range from fraudulent donations to fake voter registration services. Cybercriminals are exploiting social engineering techniques to gather personal information, often targeting younger demographics.

Action Item for Cybersecurity Professionals: Ramp up awareness campaigns, especially aimed at educating the public about recognizing fraudulent messages and scams during high-profile events like elections.

CISA’s Stance on Election Infrastructure Security

CISA Director Jen Easterly reassured the public that there’s no current evidence of foreign interference in U.S. election infrastructure. However, disinformation campaigns from countries like Russia, China, and Iran remain a concern. CISA is also emphasizing the need for the public to trust local election officials, with misinformation flagged as a major ongoing threat.

Action Item for Cybersecurity Professionals: Collaborate with local election boards and CISA to reinforce security practices and transparency, especially around disinformation detection.

Fake Call Malware Targeting Android Users

A new version of the Fake Call malware, first reported in 2022, has been hijacking Android users' outgoing calls to reroute them to attacker-controlled numbers, impersonating banks. Enhanced by deep fakes, this malware poses an advanced threat for voice phishing.

Action Item for Cybersecurity Professionals: Implement proactive monitoring for voice phishing schemes and promote best practices for secure app installation, including discouraging APK downloads from unknown sources.

Midnight Blizzard Spear-Phishing Campaign

Microsoft reported a spear-phishing campaign by the Russian group Midnight Blizzard (aka Cozy Bear), targeting executives in Europe, Japan, and Australia. This attack aims to compromise sensitive information by accessing executive emails.

Action Item for Cybersecurity Professionals: Update phishing protection protocols and ensure executives are trained on identifying spear-phishing attempts. Use Microsoft’s provided IOCs for enhanced detection and response.

Former Disney Employee Hacks System

A former Disney employee used still-active credentials to access internal systems, modifying menus and removing allergen labels, which posed serious health risks. He was later charged under the Computer Fraud and Abuse Act.

Action Item for Cybersecurity Professionals: Regularly audit and immediately revoke access for terminated employees. Implement layered security controls to prevent unauthorized access to sensitive systems.

Interbank Data Breach in Peru

Interbank, a leading financial institution in Peru, confirmed a ransomware attack resulting in data leakage. The breach reportedly compromised over 3 million customer records and sensitive credentials.

Action Item for Cybersecurity Professionals: Review and bolster ransomware defenses and data protection practices, particularly in sensitive sectors like finance. Conduct regular cybersecurity assessments to prevent and mitigate potential breaches.

UnitedHealthcare Appoints New CISO Following Breach

Tim McKnight has been appointed as the new CISO for UnitedHealthcare, following one of the largest data breaches in the healthcare industry. McKnight’s role will involve strengthening data security and recovery strategies.

Action Item for Cybersecurity Professionals: Prioritize continuity planning and response protocols post-breach. Draw insights from breaches like UnitedHealthcare’s to refine detection, response, and prevention strategies within healthcare security.

This episode emphasized critical election security issues, evolving Android malware threats, nation-state spear-phishing campaigns, and high-profile breaches across different industries.

Each story highlighted the vital role cybersecurity professionals play in risk prevention, breach response, and public awareness, especially during vulnerable periods like election seasons.

Cybersecurity professionals should focus on

1. Enhancing security awareness and preparedness across sectors.

2. Supporting election infrastructure and public trust initiatives.

3. Fortifying defenses against advanced phishing and malware tactics.

4. Maintaining strict post-employment access control to prevent insider threats.

Stay tuned for next week’s updates, and remember to stay vigilant and proactive in your cybersecurity efforts.

✅ Story Links: 

https://www.securityweek.com/colorado-accidentally-put-voting-system-passwords-online-but-officials-say-election-is-secure/

https://www.bleepingcomputer.com/news/security/fbi-upcoming-us-general-election-fuel-multiple-fraud-schemes/

https://therecord.media/2024-election-systems-foreign-meddling-cisa-update

https://www.bleepingcomputer.com/news/security/android-malware-fakecall-now-reroutes-bank-calls-to-attackers/

https://www.securityweek.com/microsoft-warns-of-russian-spear-phishing-attacks-targeting-over-100-organizations/

https://www.darkreading.com/cyberattacks-data-breaches/ex-disney-employee-charged-hacking-menu-database

https://www.bleepingcomputer.com/news/security/interbank-confirms-data-breach-following-failed-extortion-data-leak/

https://therecord.media/unitedhealth-new-ciso-ransomware-change-healthcare

🔔 Subscribe now for the latest insights from industry leaders, in-depth analyses, and real-world strategies to secure your digital world. https://www.youtube.com/@TheCyberHubPodcast/?sub_confirmation=1  

✅ Important Links to Follow: 

👉Substack:

CISO Talk by James Azar

The latest news and topics from a cybersecurity practitioners discussing Cybersecurity, Privacy, Technology & Geo-Politics. I am a two times Founder and Chief Information Security Officer. All opinions are my own

👉Listen here: https://linktr.ee/cyberhubpodcast   

✅ Stay Connected With Us.

👉Facebook: https://www.facebook.com/CyberHubpodcast/ 

👉LinkedIn: https://www.linkedin.com/company/cyberhubpodcast/ 

👉Twitter (X): https://twitter.com/cyberhubpodcast 

👉Instagram: https://www.instagram.com/cyberhubpodcast 

✅ For Business Inquiries:  info@cyberhubpodcast.com

=============================

✅ About The CyberHub Podcast.

The Hub of the Infosec Community. 

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure. 

Tune in to our podcast Monday through Thursday at 9AM EST for the latest news.