The Week in Cyber Security News, Feb 17 - Feb 23
01. New data suggests that YouTube Gaming has a serious problem with scammers and cheat-makers — and lots and lots of bots.
02. For the first time ever, Macs saw more cyberthreats per endpoint than Windows PCs, according to the 2020 State of Malware Report.
03. Security researchers are warning of a new plugin vulnerability which is exposing over 200,000 WordPress sites to the risk of being remotely wiped by an attacker.
04. Cybersecurity researchers have uncovered evidence of Iranian state-sponsored hackers targeting dozens of companies and organizations in Israel and around the world, by exploitating unpatched VPN vulnerabilities to penetrate and steal information.
05. An Israeli court has ordered Facebook to unblock the account of an employee of NSO Group, an Israeli company that sells hacking tools to governments, after Facebook accused NSO Group of being complicit in a hack last of 1,400 mobile devices running WhatsApp.
06. Cisco has disclosed a critical flaw in its Cisco Smart Software Manager On-Prem product, a software-license management tool targeted at organizations with sensitive security requirements.
07. The personal information of 10.6 million guests who stayed at MGM Resorts hotels was hacked and the stolen information posted to a hacking forum.
08. The threat actor behind the internet's largest WordPress botnet is using an anti-adblocker script to make sure the ads they inject on hacked sites are showing up in users' browsers and generating a profit.
09. A new Emotet campaign is spread via SMS messages pretending to be from banks and may have ties to the TrickBot trojan.
10. The State Department has formally blamed Russian intelligence for a cyber incident that disrupted thousands of websites in Georgia last year.
11. New Mexico is suing Google for allegedly attempting to use Google Education to mine the data of students who use it.
12. The number of WhatsApp phishing URLs has skyrocketed, with a 13,467.6% surge in the number of unique phishing URLs targeting its users.
13. Almost half of connected hospital devices are still exposed to the wormable BlueKeep Windows flaw nearly a year after it was announced.
14. Cybersecurity researchers have discovered a large-scale ongoing fraud scheme that lures unsuspecting Russian Internet users into participating in a "Like of the Year 2020" scam.
15. The US defense agency responsible for secure White House communications said Social Security numbers and other personal data in its network may have been compromised.
16. One FBI office has stated in its weekly tech advice column that it is in favour of using longer passphrases than short, complex passwords that are hard to remember.
17. A potential privacy risk has arisen with the release of Google Chrome 80, in which Google has added a new feature that allows users to create a link directly to a specific word or phrase on a page.
. . .
If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.
