The U.S. Cyber Command and National Security Agency's joint election security task force has already been working to prevent the interference of China, Russia, Iran, and other adversaries on the upcoming midterm polls, reports The Record, a news site by cybersecurity firm Recorded Future.
Officials' announcement of the joint task force's efforts comes after Cyber Command and National Security Administration Chief Gen. Paul Nakasone touted that more than 50 foreign networks across 16 countries have already been disrupted as part of the Cyber Command's efforts to disrupt foreign interference in the U.S. elections.
Despite not detailing the joint group's concrete actions, lessons from Cyber Command's several 'hunt forward' missions in Ukraine, Croatia, and Lithuania may have been adopted.
"We are building on previous successes, while also maximizing our strong relationships and synchronizing often, enabling the U.S. to respond rapidly to election threats. We cant just watch our adversaries, we have to do something about it, whether sharing timely information, or taking action against that actor," said NSA Senior Executive Anna Horrigan in May.
Malicious posts detailing instructions for downloading cracked software on torrent trackers and forums enable deployment of SteelFox and acquisition of administrator access, which is then leveraged to establish a WinRing0.sys driver susceptible to privilege escalation via the CVE-2020-14979 and CVE-2021-41285 flaws, according to an analysis from Kaspersky.
Malicious emails purporting to be invoices that contain ZIP attachments have been delivered to facilitate the execution of a WebDAV-retrieved DLL that loads the updated Strela Stealer variant.
Pro-Russian hacktivist operations Killnet and Passion have leveraged Dstat.cc to promote their DDoS attack capabilities, with the latter touting its abilities to launch level 4 and level 7 intrusions, according to Germany's Federal Crime Police Office, or BKA.