"One of the vulnerabilities uncovered by security researcher Ryan Stevenson centered on an in-home authentication portal that lets customers pay bills without signing in with their credentials." via Jeff Baumgartner, writing at Light Reading
In which, Jonathan M. Gitlin, writing at Ars Technica, describes actions sinister, by electioneers in the State of Georgia... I contend this is further evidence of both a fast spiral of free and fair elections at the Stae and below levels, yet a slower spiral on the national scale. Today's Must Read.
"We've looked at poor voting security in the state previously. In 2017, a report by a Georgian security researcher revealed a shocking lack of security throughout the state's voting system. Later that year, we discovered that servers that were thought to be key evidence for the same federal lawsuit that has led to this week's news were wiped, then repeatedly degaussed." - via Jonathan M. Gitlin emendate scribere at Ars Technica
Superlative security research is still coming out of the IOActive game-changing environment (this has been going on for years now - how do they do it...).
Case in Point: The work of Alejandro Hernandez and his current project targeting the apparent insecurity of some (but not all, mind you) stock trading applications so popular amongst the budding young (and old - don't forget the greybeards) kings and queens of capitalism.
In the case under scrutiny, a highly detailed - most importantly: thoroughly accurate - examination of a large number of commercially available applications executing their binary bits on a variety of platforms. Read all about it on Mr. Hernandez's blog post at Iocactive, and white paper. You'll be glad you did.