Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Photo: Saul Loeb/AFP/Getty Images

The DNC walked back an assertion that it had detected a "sophisticated" hacking attempt early Thursday, announcing instead that it was simply a subcontractor's unauthorized security test.

Why it matters: While this is a slight black eye for the DNC, who look a little foolish for riling up the press over what turned out to be an internal matter, it's a massive victory for Lookout, the third-party security firm that caught the "attempt" with its unique approach to discovering phishing sites.

What actually happened:

  • The DNC uses the contractor NGP VAN to manage its digital voter operations — specifically, a product known as VoteBuilder.
  • Lookout discovered what appeared to be a newly-registered phishing site meant to look like the NGP VAN site and alerted several stakeholders.
  • After an FBI investigation, it turned out that, according to the DNC's chief security officer Bob Lord, a third party "not authorized by the DNC or its vendors" set up the site to test Democrats' resiliency to phishing attacks.
  • Michael Kan, a reporter for PCMag, determined that the unauthorized third party was the Michigan Democratic Party — technically a separate entity from the national group.
  • It's not uncommon for organizations to try to phish their own members as both an educational experience and security audit.

The tech behind the hullabaloo:

  • "Most people in security want to know why a mobile security company discovered the phishing site," Aaron Cockerill, chief strategy officer at Lookout, told Axios. "There are dedicated products to protect organizations from phishing. Lookout is not one of them."
  • Cockerill said Lookout, which protects mobile phones, got into the phishing protection buisness because phishing remains a key mobile threat. Lookout caught the site where others didn't because it uses a different apparatus than other phishing protection services.
  • Most products run checks on a site after links are sent to clients. "We call that the 'sacrificial lamb approach,'" said Cockerill. "The links won't be detected as phishing sites until someone first sees them, which may be too late for that person."
  • Lookout, on the other hand, uses AI to detect if any newly-registered sites are phishing sites. In the NGP VAN case, Cockerill said, it identified the site half an hour after it launched.

Go deeper: Inside the Democratic war against hacks.

Get more stories like this by signing up for our cybersecurity newsletter, Codebook. 

Go deeper

Updated 4 hours ago - World

Over 3,000 detained in protests across Russia demanding Navalny's release

Russian police officers beat protestesters at a rally against of jailing of oppositon leader Alexei Navalny in Moscow on Saturday. Photo: Mikhail Svetlov/Getty Images

Police in Russia on Saturday arrested more than 3,300 people as protesters nationwide demanded that opposition leader Alexey Navalny be released from jail.

Details: Demonstrations began in the eastern regions of Russia and spread west to more than 60 cities.

Updated 6 hours ago - Politics & Policy

Arizona Republicans censure Cindy McCain and GOP governor

Combination images of Cindy McCain and Gov. Doug Ducey. Photo: FilmMagic/FilmMagic for U.S.VETS/Michael Brochstein/SOPA Images/LightRocket via Getty Images

Arizona Republican Party members voted on Saturday to censure prominent GOP figures Cindy McCain, Gov. Doug Ducey and former Sen. Jeff Flake (R-Ariz.), who've all faced clashes with former President Trump.

Why it matters: Although the resolution is symbolic, this move plus the re-election of the Trump-endorsed Kelli Ward as state GOP chair shows the strong hold the former president has on the party in Arizona, despite President Biden winning the state in the 2020 election.

Updated 9 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Eniola Odetunde/Axios

  1. Health: Most vulnerable Americans aren't getting enough vaccine information — Fauci says Trump administration's lack of facts on COVID "very likely" cost lives.
  2. Education: Schools face an uphill battle to reopen during the pandemic.
  3. Vaccine: Florida requiring proof of residency to get vaccine — CDC extends interval between vaccine doses for exceptional cases.
  4. World: Hong Kong puts tens of thousands on lockdown as cases surge — Pfizer to supply 40 million vaccine doses to lower-income countries — Brazil begins distributing AstraZeneca vaccine.
  5. Sports: 2021 Tokyo Olympics hang in the balance.
  6. 🎧 Podcast: Carbon Health's CEO on unsticking the vaccine bottleneck.