Meanwhile, in the latest chapter of IoT Bugs Run Amok, a suite of 19 vulnerabilities confusingly called Ripple20 affects hundreds of millions of devices, including some critical infrastructure components. A fix is available, but it can take years for some of this tech to receive updates.World of Warcraft Classic players the last several months have had to contend with an enemy more fearful than orcs: bots. Developer Blizzard announced Wednesday that it had banned or suspended 74,000 accounts for botting behavior , which not only makes the game frustrating for normal players but upends its economy.
Spies Say Covid-19 Isn't Manmade
As if the IRA and GRU weren't bad enough, disinformation researchers this week disclosed a third, years-long Russian effort to sow online discord. Called Secondary Infektion, the group maintained obscurity in part because it was also tremendously ineffective at its job. Silver lining? Very tangentially related: If you want to clean up your own social media history for whatever reason, we have a guide to help you do just that—and another one to help limit how Instagram tracks you .Body cameras were supposed to curb police brutality; we took a look and why that hasn't played out in practice . And while Zoom initially intended its upcoming end-to-end encryption for paid accounts only, after a wave of pressure from privacy advocates the video conferencing service this week announced that the feature will be available to everyone .
But that's not all. Every Saturday we round up the security and privacy stories that we didn’t break or report on in depth but think you should know about. Click on the headlines to read them, and stay safe out there.Sneaky Mac Malware Is Using a Fake Flash Installer to SpreadA new variant of the Shlayer trojan that plagues macOS has picked up some tricks, according to new research from security firm Intego. After it fools users into downloading it by posing as a Flash update—that part, not so new, oldest trick in the book—the malware guides victims through an installation process designed to get around protections Apple recently added to the macOS Gatekeeper feature. The trojan is being distributed through Google search results, so as always be careful what you click.
Pirates Are Stealing and Trading OnlyFans PornMotherboard this week took a dive into the underground trade of stolen nudes from OnlyFans, a subscription site where creators post explicit photos and videos of themselves. Scraping tools enable a whole supply chain of thieves, and the content ends up not just in niche forums but on mainstream adult websites.Google Removed 106 Data-Stealing Chrome ExtensionsOn the heels of a report from Awake Security, Google has banished 106 Chrome extensions that researchers found collecting sensitive data. While posing as various productivity and security tools, the extensions were reportedly able to evade Google's routine scans, take screenshots of victim's browsing, and even act as keyloggers to steal passwords. While Google has taken proactive steps in the last year or so to improve Chrome extension security , the incident shows that it still has a ways to go.
79 Netgear Devices All Have the Same Zero Day VulnerabilityAnother day, another router bug. This one's a bit of a doozy though; researchers found a zero day vulnerability affecting 79 Netgear models, affecting firmware dating back to 2007. Netgear is working reportedly on a patch, but it isn't yet available due in part, the company told CyberScoop, to complications from the Covid-19 pandemic. In the meantime, a whole lot of devices remain at risk of takeover.
- When doctors and patients talk about death over Zoom
- Tips to get the most out of Signal and encrypted chat
- How to make your virtual jam session sound—and look—good
- The pandemic is transforming the rental economy
- The NSA’s secret tool for mapping your social network
- 👁 Is the brain a useful model for AI ? Plus: Get the latest AI news
- 🎧 Things not sounding right? Check out our favorite wireless headphones , soundbars , and Bluetooth speakers