Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Data Breach
  • CISA Warns Election-Related Entities to Be on Watch for Phishing Attacks
  • Data Breach

CISA Warns Election-Related Entities to Be on Watch for Phishing Attacks

5 years ago David Bisson
CISA Warns Election-Related Entities to Be on Watch for Phishing Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned election-related entities to be on the lookout for phishing attacks.

In an insight piece published on September 10, CISA highlighted malicious actors’ preference for phishing attacks in their efforts to target political parties, think tanks and other entities that might be involved in an election.

The security agency noted that malicious actors could use a successful phish to lay the groundwork for secondary attacks.

For instance, those nefarious individuals could use a compromised password to conduct password spraying attacks against multiple web accounts of a single user. They could also use an exposed set of credentials to launch brute-force attacks.

Responding to those threats, CISA recommended that election-related entities take several steps to enhance their email security.

First, it emphasized the importance of organizations of using provider-offered services such as multi-factor authentication (MFA) and advanced protection tools.

Second, it noted that organizations could better secure their users’ accounts with the help of MFA, a password manager, a breach monitoring service and guidelines that encourage “user-friendly” passwords consisting of multi-word sequences instead of combinations containing symbols and/or numbers.

Third, it urged organizations to uphold authentication and reduce the likelihood of spoofed phishing emails by enabling STARTTLS, disabling outdated protocols, implementing SPF and DKIM as well as ideally configuring a “reject” DMARC policy.

Finally, it recommended that organizations configure their email gateway solutions to detect phishing emails with the help of updated blocklists, header screening and other best practices.

This bulletin arrived on the same day when Microsoft revealed that malicious actors from Russia, China and Iran were launching digital attacks against both campaigns in the 2020 U.S. presidential election.

These findings emphasize the importance of organizations educating their users about spear-phishing and other well-known types of phishing attacks that are in circulation today. This resource is a good place to start.

The post ” CISA Warns Election-Related Entities to Be on Watch for Phishing Attacks” appeared first on TripWire

Source:TripWire – David Bisson

Tags: Encryption, Goverment, Microsoft, Phishing, TripWire

Continue Reading

Previous New Unpatched Bluetooth Flaw Lets Hackers Easily Target Nearby Devices
Next New Linux Malware Steals Call Details from VoIP Softswitch Systems

More Stories

  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

3 hours ago [email protected] (The Hacker News)
  • Data Breach

The Buyer’s Guide to AI Usage Control

5 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

6 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

10 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

11 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models

22 hours ago [email protected] (The Hacker News)

Recent Posts

  • ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
  • The Buyer’s Guide to AI Usage Control
  • Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
  • Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows
  • Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT