Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
After DHS Notice, 21 States Reveal They Were Targeted During Election
Oldest First  |  Newest First  |  Threaded View
Page 1 / 2   >   >>
jenshadus
67%
33%
jenshadus,
User Rank: Strategist
9/26/2017 | 10:01:00 AM
Really? We're still pointing fingers at the Russians?
There are so many things in this article that I disagree with.  I'll just point out one.

What's the evidence it was the Russians.  I went to Defcon and it took many of these people but 10 to 15 minutes to hack into the sample machines that were available.  I heard that one of them turned the booth into a PACMAN game.  Don't know if that's also true.  Virginia had one 100% red country that voted 100% blue, Maryland is notorious for sending people to vote in Virginia using fake ID's, not counting all the dead people who come in to vote (huh?). 

 
screwbird
50%
50%
screwbird,
User Rank: Strategist
9/26/2017 | 10:37:43 PM
Re: Really? We're still pointing fingers at the Russians?
It would be nice to know how attribution was established. 
REISEN1955
100%
0%
REISEN1955,
User Rank: Ninja
9/27/2017 | 9:50:09 AM
Re: Really? We're still pointing fingers at the Russians?
There are any number of fine countries to blame - North Korea and China to start with and just assuming that all BAD in the world belongs to Russian hackers is simplistic.  IP trace does not mean a tinker's damn as those can be hidden, fudged quite easily.    As for me,I personally fear hackers from Towaco, New Jerssy!!!  Now THAT is a tough area!!! LOL
jenshadus
50%
50%
jenshadus,
User Rank: Strategist
9/27/2017 | 10:42:45 AM
Re: Really? We're still pointing fingers at the Russians?
Amen
Dr.T
100%
0%
Dr.T,
User Rank: Ninja
9/27/2017 | 11:08:09 AM
DHS is late
It is a little bit late for DHS to come out with this information, everybody knows not only Russians but may other countries try to attack other counties systems and that includes election systems too.
Dr.T
100%
0%
Dr.T,
User Rank: Ninja
9/27/2017 | 11:09:43 AM
Re: Really? We're still pointing fingers at the Russians?
What's the evidence it was the Russians. Good question. There may not be a clear set of evidence. However Russians and many others have interests in attacking US systems.
Dr.T
100%
0%
Dr.T,
User Rank: Ninja
9/27/2017 | 11:11:24 AM
Re: Really? We're still pointing fingers at the Russians?
Virginia using fake ID's, not counting all the dead people who come in to vote (huh?). Yes, fake ID would be another major issue for an selection system. All needs to be avoided,
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
9/27/2017 | 11:12:37 AM
Re: Really? We're still pointing fingers at the Russians?
There are any number of fine countries to blame - North Korea and China to start with That is true, I would add many others that have capabilities to execute an attack.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
9/27/2017 | 11:14:55 AM
Re: Really? We're still pointing fingers at the Russians?
IP trace does not mean a tinker's damn as those can be hidden, fudged quite easily I would agree, IP address can easily be spoofed. It is not a traceable entity, there needs to be other mechanisms to track the attackers.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
9/27/2017 | 7:54:34 PM
Re: Really? We're still pointing fingers at the Russians?
@Dr. T: Absolutely. Reminds me of the forensics tracking that big Sony hack that was traced to North Korea...except other researchers eventually traced it to...Russia!

And even then, that location tracking may not have been accurate/the whole story. There seems to be little shortage of IP-masking tech if you know where to look (no pun intended).
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 4/7/2020
Researcher Hijacks iOS, macOS Camera with Three Safari Zero-Days
Kelly Sheridan, Staff Editor, Dark Reading,  4/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: The dead do not laugh...
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11655
PUBLISHED: 2020-04-09
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
CVE-2020-11656
PUBLISHED: 2020-04-09
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
CVE-2019-20637
PUBLISHED: 2020-04-08
An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be disclosed from the connecti...
CVE-2020-11650
PUBLISHED: 2020-04-08
An issue was discovered in iXsystems FreeNAS 11.2 and 11.3 before 11.3-U1. It allows a denial of service.
CVE-2020-11653
PUBLISHED: 2020-04-08
An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss.