Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Photo: Thomas Trutschel/Photothek via Getty Images

Three of every 10 candidates running for the U.S. House of Representatives have websites with significant security vulnerabilities, according to research unveiled at cybersecurity conference DEF CON this weekend, per Reuters.

The big picture: Campaigns don't benefit from the kind of federal assistance that states are receiving from Congress to handle election security, and candidates often run on tight budgets and can't always pay for cybersecurity expertise.

  • There are a few free services available to campaigns to help protect against attacks that can flood sites with too much traffic and force them to shut down, including offerings from Cloudflare and Google-owned Jigsaw.
  • Otherwise, they can contact party officials when they suspect they've been targeted, or work with nonprofit groups such as the Defending Digital Democracy Project (D3P) at Harvard. That, or they can hope to have volunteers on board with cyber know-how.

Why it matters: Director of national intelligence Dan Coats has warned that Russian hackers are targeting both candidates and government officials. Midterms are less than 100 days away.

The details:

  • The researchers found problems with websites’ digital certificates that are supposed to verify secure connections.
  • Vulnerabilities were found for Democrats and Republicans alike.
  • The researchers said they are working to contact all the candidates implicated so they can better secure their websites.
  • The group also found several websites built to trick users by changing just a few letters of candidates’ names. The tactic can be used to build fronts for spearphishing campaigns.
  • Joshua Franklin, who used to work at the U.S. Commerce Department’s National Institutes for Standards and Technology and who led the research team, used automated scans and test programs to identify vulnerabilities.

Go deeper

The new Washington

Illustration: Sarah Grillo/Axios

The Axios subject-matter experts brief you on the incoming administration's plans and team.

Rep. Lou Correa tests positive for COVID-19

Lou Correa. Photo: Tom Williams/CQ-Roll Call, Inc via Getty Images

Rep. Lou Correa (D-Calif.) announced on Saturday that he has tested positive for the coronavirus.

Why it matters: Correa is the latest Democratic lawmaker to share his positive test results after last week's deadly Capitol riot. Correa did not shelter in the designated safe zone with his congressional colleagues during the siege, per a spokesperson, instead staying outside to help Capitol Police.

Far-right figure "Baked Alaska" arrested for involvement in Capitol siege

Photo: Shay Horse/NurPhoto via Getty Images

The FBI arrested far-right media figure Tim Gionet, known as "Baked Alaska," on Saturday for his involvement in last week's Capitol riot, according to a statement of facts filed in the U.S. District Court in the District of Columbia.

The state of play: Gionet was arrested in Houston on charges related to disorderly or disruptive conduct on the Capitol grounds or in any of the Capitol buildings with the intent to impede, disrupt, or disturb the orderly conduct of a session, per AP.

You’ve caught up. Now what?

Sign up for Mike Allen’s daily Axios AM and PM newsletters to get smarter, faster on the news that matters.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!