Attacks/Breaches

8/22/2018
12:58 PM
50%
50%

DNC Reports Attempted Cyberattack on its Voter Database

FBI is investigating phony domain posing as Votebuilder.

The Democratic National Committee (DNC) was alerted this week to an attack attempt on its voter database, CNN reports. 

Cloud service provider and security firm Lookout reported to the DNC that a phony login page spoofing Votebuilder, a service used by party officials and campaigns, had been discovered attempting to grab usernames and passwords to the database. DNC officials then contacted the FBI.

According to CNN, a Democratic source told the media site that it's unclear who is behind the attack just yet, and that there's no indication that voter file was hacked by the attackers.

Lookout said in a statement shared with Dark Reading that it detected the custom phishing kit being used on a phishing site hosted by cloud computing provider DigitalOcean. "After notifying the hosting provider the phishing site was then taken down by DigitalOcean within hours. As that investigation progressed, our VP of Security Intelligence, Mike Murray, reached out to DNC, NGP VAN, and DigitalOcean to initiate the response process and start the investigation," the company said. 

Read more here

Learn from the industry's most knowledgeable CISOs and IT security experts in a setting that is conducive to interaction and conversation. Early bird rate ends August 31. Click for more info

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
8/28/2018 | 8:37:41 AM
Re: Needs a correction/update
Sure, yeah - whatever they say.  Remember the Chairman of Equifax (lost that job too) said that the entire mess there was caused by one (1) IT STAFFER who failed to apply one (1) update.  
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
8/27/2018 | 8:26:21 AM
Re: Needs a correction/update
Thanks for being so attentive! This was corrected in a follow up article: DNC Incident was a Phising Exercise 8/23/2018. 

 


 
unsafeword
50%
50%
unsafeword,
User Rank: Apprentice
8/26/2018 | 7:41:18 PM
Needs a correction/update
This story needs a correction/update. The DNC later said that this was a phishing test, conducted by the Michigan DNC without alerting the national DNC.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Now, we come here to play Paw-ke Man Go!"
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6497
PUBLISHED: 2019-01-20
Hotels_Server through 2018-11-05 has SQL Injection via the controller/fetchpwd.php username parameter.
CVE-2018-18908
PUBLISHED: 2019-01-20
The Sky Go Desktop application 1.0.19-1 through 1.0.23-1 for Windows performs several requests over cleartext HTTP. This makes the data submitted in these requests prone to Man in The Middle (MiTM) attacks, whereby an attacker would be able to obtain the data sent in these requests. Some of the requ...
CVE-2019-6496
PUBLISHED: 2019-01-20
The ThreadX-based firmware on Marvell Avastar Wi-Fi devices allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of...
CVE-2019-3773
PUBLISHED: 2019-01-18
Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
CVE-2019-3774
PUBLISHED: 2019-01-18
Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.