Weak Security Opened Door to Russian Hack of Voter System App Firm
Today’s topics include how weak security helped Russian hackers efforts to break into a voter registration software company's network, why Google is likely facing hefty fines as a result of a European Union antitrust probe, Microsoft’s contact management updates for Outlook Mobile, and a Mimecast report that highlights the increasing frequency of email impersonation attacks.
Former National Security Agency contractor Reality Winner has been charged with leaking a document that showed how weak IT security helped Russian Hackers break into a voter registration software vendor's network.
Hackers linked to Russian military intelligence were able to penetrate the firm network with relative ease. The hackers gained access through a two-phased attack. The first was a phishing attack against the software vendor that gave the hackers access to a database containing the contact information of election officials in several states.
A second phishing attack delivered a payload of malware-tainted Microsoft Word files to voter registration officials in multiple states. The files appeared as though they came from the vendor, VR Systems of Tallahassee, Fla.
The leaked NSA document was published on The Intercept, news web site. The U.S. Justice Department announced on June 5 that it had charged Winner with sending the classified document to The Intercept.
Google is staring down what could be a massive fine as the EU nears the end of an antitrust investigation alleging anti-competitive business practices involving Google Shopping.
The investigation stems from complaints that Google is using its search engine dominance to give its own shopping service preference over others. Numerous ad aggregation sites have complained that Google gave preference to paid ads on Google Shopping over native search results.
Companies have claimed the process of highlighting paid ads over other search results siphons traffic away from competing comparison shopping sites.
Citing unnamed sources Reuters has reported that EU officials have determined that Google was in fact abusing its market position and is preparing to assess a hefty fine. Google has stated it will not comment on reports covering the impending decision.
Microsoft is updating Outlook Mobile for iOS and Android to make contact management easier for users. The latest version of Outlook Mobile for iOS lets users add and edit Outlook.com and Office 365 contacts.
The feature will soon be available in an update to the Android version of the app. "To create a new contact in Outlook, simply go to the People tab and tap the + sign. You can also add a new contact directly from a message or event by tapping the name of a person and then tapping Add Contact," Microsoft explained.
"Lastly, you can also use the search bar in the People tab to find and add contacts from your company directory." The company will also give contact cards a makeover and allow users to save Outlook contacts directly into built-in contacts apps in iOS and Android.
Email security vendor Mimecast’s quarterly Email Security Risk Assessment released June 6 found email impersonation attacks are on the rise. Mimecast collected information from more than 44,644 users over a 287-day period.
Through last quarter the company collected 9 million emails it categorized as some form of unwanted message. Of those spam emails, 8,605 were categorized as impersonation attacks. The number represents a 400 percent increase over the first quarter of 2017.
Thanks for watching. Follow the links on this page to learn more about the stories mentioned in this broadcast. And check back every weekday for another Daily Tech Briefing from eWEEK.com.