Slovakia's populist prime minister shot in assassination attempt, shocking Europe before elections [AP]

Who is Slovak populist prime minister Robert Fico? [Sky] What do we know about Robert Fico's alleged shooter? [Euronews] Robert Fico shooting was 'politically motivated,' Slovak officials say [Politico] Archduke Franz Ferdinand of Austria

As the United States gears up for another round of crucial elections, the focus on securing polling locations is more critical than ever. In a bid to fortify security preparedness at the frontline of U.S. elections, the Cybersecurity and Infrastructure Security Agency (CISA) has released the Physical Security Checklist for Polling Locations, a new tool tailored to empower election workers with actionable and accessible security measures.

Cait Conley, Senior Advisor at CISA, emphasized the importance of protecting polling places, stating, “Protecting against physical threats to election locations like polling places where Americans cast their vote is one of the most significant responsibilities election officials bear. CISA is committed to doing anything we can to support this mission,”

Simplified Security Measures With Physical Security Checklist

The Physical Security Checklist is part of CISA’s suite of election security resources, designed to equip election workers with straightforward measures for enhancing security at temporary election facilities. It is crafted for simplicity, requiring no prior security expertise for implementation, and covers pre-planning and Election Day procedures. The checklist is adaptable to individual facility needs and resources, allowing election workers and volunteers to assess potential security threats and incidents easily. Through a series of yes or no questions, election workers can evaluate existing security measures and identify areas for improvement, aiding in the establishment and enhancement of physical security measures. While no measure can eliminate all risk, these resources empower officials to understand, mitigate, and address security challenges proactively. The checklist is part of a broader initiative by CISA to support the physical security of election infrastructure. The agency's Protective Security Advisors, serving all 50 states, the District of Columbia, and territories, offer support to state and local election officials by sharing information, conducting physical security assessments of election facilities, and providing no-cost services and training on various security areas. These offerings include de-escalation techniques, responding to active shooter situations, and other physical threat-specific training to address the evolving threats facing election officials.

Key Security Principles

In an effort to ensure ease of use and accessibility, the Physical Security Checklist for Polling Locations broadly addresses several overarching security principles:

1. Identifying Responsibility: Establishing an individual or group responsible for security and safety.
2. Risk Assessment: Utilizing risk assessments to inform security measures.
3. Developing Plans: Developing plans to inform processes and procedures.
4. Refining Measures: Refining security measures before Election Day.
5. Implementing Mitigations: Implementing mitigations and “day of” security measures.
6. Reporting Incidents: Encouraging the reporting of suspicious behavior or potential incidents.

Individuals or groups responsible for preparing polling locations for use on Election Day can utilize this resource to assess potential security vulnerabilities and identify additional actions required in advance of the election. The checklist requires no prior security experience and is designed to be user-friendly. As the nation prepares for upcoming elections, CISA's Physical Security Checklist for Polling Locations serves as a crucial tool in safeguarding the integrity of the electoral process. By empowering election workers with accessible and actionable security measures, CISA continues to demonstrate its commitment to ensuring the security and resilience of U.S. elections. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

The US Treasury Department has sanctioned Predator spyware vendor Intellexa Consortium, and banned the company from doing business in the US.

Predator can turn infected smartphones into surveillance devices. Intellexa is based in Greece but the Treasury Department imposed the sanctions because of the use of the spyware against Americans, including US government officials, journalists, and policy experts.

Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson said:

“Today’s actions represent a tangible step forward in discouraging the misuse of commercial surveillance tools, which increasingly present a security risk to the United States and our citizens.”

Since its founding in 2019, the Intellexa Consortium has marketed the Predator label as a suite of tools created by a variety of offensive cybercompanies that enable targeted and mass surveillance campaigns.

Predator is capable of infiltrating a range of electronic devices without any user interaction (known as ‘zero-click’). Once installed, Predator deploys its extensive data-stealing and surveillance capabilities, giving the attacker access to a variety of applications and personal information on the compromised device. The spyware is capable of turning on the user’s microphone and camera, downloading their files without their knowledge, tracking their location, and more.

Under the sanctions, Americans and people who do business with the US are forbidden from transacting with Intellexa, its founder and architect Tal Dilian, employee Sara Hamou and four of the companies affiliated with Intellexa.

Sanctions of this magnitude leveraged against commercial spyware vendors for enabling misuse of their tools are unprecedented, but the US has expressed concerns about commercial spyware vendors before.

“A growing number of foreign governments around the world, moreover, have deployed this technology to facilitate repression and enable human rights abuses, including to intimidate political opponents and curb dissent, limit freedom of expression, and monitor and target activists and journalists.”

In July 2023, the US Commerce Department’s Bureau of Industry and Security (BIS) added Intellexa and Cytrox AD to the Entity List for trafficking in cyber exploits used to gain access to information systems. Cytrox AD is a North Macedonia-based company within the Intellexa Consortium and acts as a developer of the consortium’s Predator spyware.

The Entity List is a trade control list created and maintained by the US government. It identifies foreign individuals, organizations, companies, and government entities that are subject to specific export controls and restrictions due to their involvement in activities that threaten US national security or foreign policy interests.

Earlier this month, a California federal judge ordered spyware maker NSO Group to hand over the code for Pegasus and other spyware products used to spy on WhatsApp users.

While you’ll see Predator and Pegasus usually deployed in small-scale and targeted attacks, putting a stop to the development and deployment of spyware by these commercial entities is good news for everyone.

How to remove spyware

Because spyware apps install under a different name and hide themselves from the user, it can be hard to find and remove them. That is where Malwarebytes for Android can help you.

1. Open Malwarebytes for Android and navigate to the dashboard
2. Tap Scan now
3. It may take a few minutes to scan your device, but it will tell you if it finds spyware or any other nasties.
4. You can then uninstall the app.

---

We don’t just report on phone security—we provide it

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.