Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

Gov't, Judicial IT Systems Beset by Access Control Bugs

There was the bug in the state of Georgia's portal for canceling voter registrations, the access control issue that exposed court documents in counties across Florida, and the many critical vulnerabilities bogging down a public records request management platform used by hundreds of city, county, and state governments nationwide. If anything's going to change, Parker says, it will start with the Federal Risk and Authorization Management Program (FedRAMP) — a governmentwide program for cloud security assessment, authorization, and continuous monitoring — and StateRAMP — a nonprofit offering a similar program for state and local governments. GovQA is a public records management system that is used by more than one-third of the largest US cities, more than 80 state agencies, and nearly half of the "top" US counties, according to GovQA's website. Govtech systems are some of the most critical out there, responsible for storing the most sensitive personally identifying information (PII) US citizens own: Social Security numbers (SSNs) and IDs; legal and medical records; voter registrations; and much more. Parker, for example, found that anyone could submit a cancellation request using only the information easily gleaned from public sources — names, dates of birth, counties of residence — while skipping any requirement for more serious PII, like a driver's license or SSN. Another series of bugs in Granicus' electronic filing system allowed for the leakage of sensitive information, the ability to block user logins or modify accounts without authorization, and privilege escalation. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. "The Thing," for example — a listening device embedded into a wooden seal, which hung in the residence of the US ambassador to Moscow for seven years before it was discovered. More issues of similar severity were uncovered in court record systems used in counties in Florida, Arizona, Georgia, South Carolina, and others. Copyright © 2024 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG.

This Cyber News was published on www.darkreading.com. Publication date: Tue, 01 Oct 2024 21:15:24 +0000

Cyber News related to Gov't, Judicial IT Systems Beset by Access Control Bugs

New York's cyber chief on keeping cities and states safe from cyberattacks | The Record from Recorded Future News - And so we think that that'll continue to evolve the security posture of New York State in a way that first and foremost provides the public good, which is, if a government service is not secure, it can't be considered reliable. We're ...
5 months ago Therecord.media

Gov't, Judicial IT Systems Beset by Access Control Bugs - There was the bug in the state of Georgia's portal for canceling voter registrations, the access control issue that exposed court documents in counties across Florida, and the many critical vulnerabilities bogging down a public records request ...
11 months ago Darkreading.com

Kansas Courts' Computer Systems Are Starting to Come Back Online, 2 Months After Cyberattack - The court system in Kansas has started bringing its computer system for managing cases back online, two months after a foreign cyberattack forced officials to shut it down along with public access to documents and other systems, the judicial branch ...
1 year ago Securityweek.com

How Public & Private Sectors Can Better Align Cyber Defense - Over the past 25 years, organizations like the FBI's Internet Crime Complaint Center (IC3), the National Cyber Investigative Joint Task Force (NCIJTF), and the Cybersecurity and Infrastructure Security Agency (CISA) have been created. Uncovering ...
6 months ago Darkreading.com

Estonia’s cyber ambassador on digitalization, punching upwards and outing GRU spies | The Record from Recorded Future News - Well, UNIDIR [the United Nations Institute for Disarmament Research] has been doing some capacity building with some countries, and been doing in a smaller scale, but we saw that there's a need, really, to bring in people from all around the ...
2 months ago Therecord.media

Dragos Expands ICS Platform with New Acquisition - "We grew pretty fast to become the de facto solution in the electric industry as the OT network visibility and segmentation analysis solution, which is extremely important in the case of compliance for the regulation in this industry," ...
11 months ago Darkreading.com

Russian Groups Target Signal Messenger in Spy Campaign - But the tactics the threat actors are using in the campaign could well serve as a blueprint for other groups to follow in broader attacks on Signal, WhatsApp, Telegram, and other popular messaging apps, GTIG warned in a blog post this week. The other ...
6 months ago Darkreading.com Turla

How This Security Firm's 'Bias' Is Also Its Superpower - "We are helping our clients simplify their strategies and align them to their actual business objectives so that they have a much easier and more efficient approach to developing not just minimum viable security for whatever their product is, ...
6 months ago Darkreading.com Equation

UAE, Saudi Arabia Become Plum Cyberattack Targets - Hacktivism-related DDoS attacks have risen 70% in the region, most often targeting the public sector, while stolen data and access offers dominate the Dark Web. With the UAE and Saudi Arabia increasingly invested in digitization, AI development, and ...
11 months ago Darkreading.com

International Criminal Court Hit by New Sophisticated Cyber Attack - A comprehensive Court-wide impact analysis is currently being conducted to evaluate the full scope of the cyber incident and assess potential risks to sensitive judicial proceedings and confidential case materials. Cybersecurity experts note that ...
2 months ago Cybersecuritynews.com

Xerox Printer Vulnerabilities Enable Credential Capture - "Since LDAP and SMB settings on MFP devices typically contain Windows Active Directory credentials, a successful attack would give a malicious actor access to Windows file services, domain information, email accounts, and database systems," ...
6 months ago Darkreading.com CVE-2024-12510 CVE-2024-12511

IT and OT cybersecurity: A holistic approach - In comparison, OT refers to the specialized systems that control physical processes and industrial operations. OT Technologies include industrial control systems, SCADA systems and programmable logic controllers that directly control physical ...
1 year ago Securityintelligence.com

North Korea Profits as 'Stonefly' APT Swarms US Co's. - Researchers at Symantec's Threat Hunter Team said this week that the state-sponsored group it tracks as "Stonefly" (aka Andariel, APT45, Silent Chollima, and Onyx Sleet) is flaunting an indictment and a $10 million bounty from the US ...
11 months ago Darkreading.com Andariel

CVE-2025-21706 - In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only set fullmesh for subflow endp With the in-kernel path-manager, it is possible to change the 'fullmesh' flag. The code in mptcp_pm_nl_fullmesh() expects to ...
55 years ago Tenable.com

Experts warn of DDoS attacks using linux printing vulnerability - Benjamin Harris, CEO of cybersecurity firm watchTowr, said CUPS itself is the software that handles printing on a Linux machine, and thus, by virtue of Linux not being a 'desktop' operating system in many environments in the same way that ...
11 months ago Therecord.media

The Future of AI Safety: What California's Vetoed Bill Means - Although the veto was a setback for the bill, it highlights key debates in the emerging field of AI governance and the potential for California to shape the future of AI regulation. With the rapid advancement of AI technology, California's ...
11 months ago Darkreading.com

Kansas courts confirm data theft, ransom demand after cyberattack - The Kansas Judicial Branch has published an update on a cybersecurity incident it suffered last month, confirming that hackers stole sensitive files containing confidential information from its systems. In mid-October 2023, the Kansas courts ...
1 year ago Bleepingcomputer.com

Notorious Evil Corp Hackers Targeted NATO Allies for Russian Intelligence | WIRED - On Tuesday, the United Kingdom's National Crime Agency released new details about the real world identities of alleged Evil Corp members, the group's connection to the LockBit platform, and the gang's ties to the Russian state. UK law ...
11 months ago Wired.com LockBit

The Embedded Systems and The Internet of Things - The Internet of Things is a quite new concept dealing with the devices being connected to each other and communicating through the web environment. This concept is gaining its popularity amongst the embedded systems that exist - let's say - 10 or ...
1 year ago Cyberdefensemagazine.com

How to Identify a Cyber Adversary: Standards of Proof - In cybersecurity, attribution refers to identifying an adversary likely responsible for malicious activity. It is typically derived from collating many types of information, including tactical or finished intelligence, evidence from forensic ...
1 year ago Darkreading.com

Australian Infrastructure Faces 'Acute' Foreign Threats - "Cyber units from at least one nation state routinely try to explore and exploit Australia’s critical infrastructure networks, almost certainly mapping systems so they can lay down malware or maintain access in the future," Burgess said. ...
6 months ago Darkreading.com

Patch Now: Palo Alto Flaw Exploited in the Wild - Indeed, researchers observed attackers making exploit attempts by chaining CVE-2025-0108 with two other PAN-OS Web management interface flaws — CVE-2024-9474, a privilege escalation flaw, and CVE-2025-0111, an authenticated file read vulnerability ...
6 months ago Darkreading.com CVE-2025-0108 CVE-2024-9474 CVE-2025-0111

North Korea's Kimsuky Attacks Rivals' Trusted Platforms - North Korea-linked threat groups are increasingly using living-off-the-land (LotL) techniques and trusted services to evade detection, with a recent Kimsuky campaign showcasing the use of PowerShell scripts and storing data in Dropbox folders, along ...
6 months ago Darkreading.com Andariel Kimsuky

The FBI's Brett Leatherman gives the latest ‘Typhoon’ forecast | The Record from Recorded Future News - We're fully engaged with the victims still, in order to ensure that there's containment, that there remains containment in the environment, and that, as the victims continue to do their work with CISA, their third-party remediation ...
4 months ago Therecord.media Volt Typhoon

Cybersecurity In Critical Infrastructure: Protecting Power Grids and Smart Grids - Cyber Defense Magazine - Network Intrusion: Network communication systems of power and smart grids can be intruded through weak security configurations like default password, unsecured remote access, or unpatched systems and other vulnerabilities to gain control into the ...
11 months ago Cyberdefensemagazine.com