[ad_1]
CISA and the FBI have issued a series of warnings to American voters in order to avoid Iranian threats to the American elections.
The report by the two agencies came after the announcement that Iran was targeting US government websites, especially sites linked to the presidential elections scheduled for Tuesday, November 3, to steal information from American voters. .
US Officials: Iran Is Forging Media Websites To Influence Elections
“An Iranian group is creating bogus media sites and falsifying media sites to spread anti-American propaganda and misleading voter suppression information,” the FBI warning said.
The Agency for Cybersecurity and Infrastructure Security provided a list of recommended self-protection strategies against electronic technologies used by those who threaten the holding of elections.
check
The agency recommends verifying the original information for different applications and sites, as verifying it can greatly reduce the likelihood of the exploit being successful by providing protection against security vulnerabilities in web applications, by reviewing the Internet service for systems that use Remote Desktop Protocol (RDP) and other services. What facilitates the access to the devices of the users.
Hiring a fixed IP title
Check with a public IP address and avoid using open “RDP” ports unless necessary.
Also, any system with an open RDP port is put behind a firewall and passwords are not uninstalled.
Update apps
It is also recommended that you apply all available software updates and “patches”.
Updates are critical, according to the Agency for Cybersecurity and Infrastructure Security, given the speed of threat actors to create new vulnerabilities after the patch is released.
Web application firewall
The agency also recommends implementing a web application firewall (WAF) to prevent invalid input attacks and other attacks targeting WAFs.
Web application vulnerabilities can be corrected or configuration weaknesses that allow “web shell” attacks to be corrected, and malware running on the web must be detected and prevented.
Malicious cyber actors often deploy web shells, programs that can trigger administration remotely, on the victim’s web server.
Malicious cyber actors can also use web shells to execute random system commands that are usually sent over HTTP or HTTPS. Attackers often create web shells by adding or modifying a file in an existing web application.
Web shells give attackers constant access to a compromised network, using disguised communication channels to merge with legitimate traffic.
