Security news aggregator

Latest coverage for Election

Stay informed on election security with the latest updates on cyber threats, data protection, and integrity in the democratic process.

1 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Election is a legally governed process for choosing public officials or deciding a question through voting, with rules for registration, ballot creation, voting, counting, and certification. Its cybersecurity scope includes the digital systems supporting those stages—not only voting devices, but voter-registration databases, election-management systems, poll-worker accounts, result-reporting networks, and public information services.

Security priorities are preserving vote and result integrity, keeping essential services available, and protecting voter and worker information from unnecessary exposure. Material risks include unauthorized changes to ballot definitions or tallies, compromise of privileged accounts, disruption of reporting systems, and exploitation of software or network vulnerabilities. Defenses include least-privilege access, multifactor authentication, network separation, tested backups, vulnerability management, and paper records or other independent evidence that supports verification. Election security also requires documented procedures for detecting, containing, and correcting incidents without undermining lawful certification.

Showing 1 most recent headlines Filtered view
Krebs on Security 3 years, 8 months ago

Patch Tuesday, November 2022 Election Edition

Let's face it: Having “2022 election” in the headline above is probably the only reason anyone might read this story today. Still, while most of us here in the United States are anxiously awaiting the results of how well we've patched our Democracy, it seems fitting that Microsoft Corp. today released gobs of security patches for its ubiquitous Windows operating systems. November's patch batch includes fixes for a whopping six zero-day security vulnerabilities that miscreants and malware are already exploiting in the wild.