31 Mar 2022
By Mary

InfoSec News Nuggets 03/31/2022

Spring4Shell: No need to panic, but mitigations are advised Security teams around the world got another shock on Thursday when news of disclosure of a PoC for an unauthenticated RCE zero-day vulnerability in Spring Core, a massively popular framework for building modern Java-based enterprise applications, began circulating online. Thanks to many security researchers, the situation is a bit clearer today and there’s no need to panic just yet: Unlike Log4Shell, this new flaw – with no official…
Read More
30 Mar 2022
By Mary

InfoSec News Nuggets 03/30/2022

Log4Shell exploited to infect VMware Horizon servers with backdoors, crypto miners The Log4Shell vulnerability is being actively exploited to deliver backdoors and cryptocurrency miners to vulnerable VMware Horizon servers. On Tuesday, Sophos cybersecurity researchers said the attacks were first detected in mid-January and are ongoing. Not only are backdoors and cryptocurrency miners being deployed, but in addition, scripts are used to gather and steal device information. Log4Shell is a critical vulnerability in Apache Log4J Java logging library. The…
Read More
29 Mar 2022
By Mary

InfoSec News Nuggets 03/29/2022

Hundreds more packages found in malicious npm 'factory' Researchers continue to investigate a wave of malicious npm packages, with the published tally now reaching over 700. Last week, JFrog researchers disclosed the scheme in which an unknown threat actor had published at least 200 malicious Node Package Manager (npm) packages. The team said that the repositories were first detected on March 21 and grew rapidly, with each npm package deliberately named to mimic legitimate software. An automated script targeted…
Read More
28 Mar 2022
By Mary

InfoSec News Nuggets 03/28/2022

Estonian Tied to 13 Ransomware Attacks Gets 66 Months in Prison An Estonian man was sentenced today to more than five years in a U.S. prison for his role in at least 13 ransomware attacks that caused losses of approximately $53 million. Prosecutors say the accused also enjoyed a lengthy career of “cashing out” access to hacked bank accounts worldwide. Maksim Berezan, 37, is an Estonian national who was arrested nearly two years ago in…
Read More
25 Mar 2022
By Mary

InfoSec News Nuggets 03/25/2022

Hundreds of HP printer models vulnerable to remote code execution HP has published security advisories for three critical-severity vulnerabilities affecting hundreds of its LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models. The first security bulletin warns about about a buffer overflow flaw that could lead to remote code execution on the affected machine. Tracked as CVE-2022-3942, the security issue was reported by Trend Micro’s Zero Day Initiative team. Although it comes with…
Read More
24 Mar 2022
By Mary

InfoSec News Nuggets 03/24/2022

Android app downloaded 100,000 times from Google Play Store contained password-stealing malware, say security researchers Google has removed an app with over 1000,000 downloads from its Play Store after security researchers warned that the app was able to harvest the Facebook credentials of smartphone users. Researchers at French mobile security firm Pradeo said the app embeds Android trojan malware known as "Facestealer" because it dupes victims into typing in their Facebook credentials to a web…
Read More
23 Mar 2022
By Mary

InfoSec News Nuggets 03/23/2022

Italy Investigates Russia's Kaspersky Antivirus Software Italy's data privacy watchdog said Friday it was investigating the "potential risks" that Russian antivirus software Kaspersky could be used to launch cyberattacks. It followed what it called "alarms sounded by many Italian and European organisations specialised in computer security" over the potential use of Kaspersky software for hacking assaults in the wake of Russia's invasion of Ukraine. The watchdog has asked the company to provide details on the…
Read More
22 Mar 2022
By Mary

InfoSec News Nuggets 03/22/2022

Lapsus$ hackers leak 37GB of Microsoft's alleged source code The Lapsus$ hacking group claims to have leaked the source code for Bing, Cortana, and other projects stolen from Microsoft's internal Azure DevOps server. Early Sunday morning, the Lapsus$ gang posted a screenshot to their Telegram channel indicating that they hacked Microsoft's Azure DevOps server containing source code for Bing, Cortana, and various other internal projects. Monday night, the hacking group posted a torrent for a 9 GB…
Read More
21 Mar 2022
By Mary

InfoSec News Nuggets 03/21/2022

1 - The German BSI agency recommends replacing Kaspersky antivirus software The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. The Agency warns the cybersecurity firm could be implicated in hacking attacks during the ongoing Russian invasion of Ukraine. According to §7 BSI law, the BSI warns against the use of Kaspersky Antivirus and recommends replacing it asap with defense solutions from other vendors. “The Federal Office for…
Read More
14 Mar 2022
By Mary

InfoSec News Nuggets 03/14/2022

1 - Extortion scheme impersonates government officials, law enforcement The FBI issued a public warning this week about a fraud scheme wherein scammers impersonate government officials and law enforcement personnel. According to the PSA, the scammers spoof legitimate numbers and names and use fake credentials of well-known members of the government and law enforcement agencies. The scam starts off either as a call from the “police” or a text message from a “government agency”. The content…
Read More
11 Mar 2022
By Mary

InfoSec News Nuggets 03/11/2022

1 - Ukrainian IT Army Hijacked by Info-stealing Malware Security researchers are urging pro-Ukrainian actors to be wary of downloading DDoS tools to attack Russia, as they may be booby-trapped with info-stealing malware. In late February, Ukrainian vice prime minister, Mykhailo Fedorov, called for a volunteer “IT army” of hackers to DDoS Russian targets. However, Cisco Talos claimed that opportunistic cyber-criminals are looking to exploit the subsequent widespread outpouring of support for the Eastern European nation. Specifically,…
Read More
10 Mar 2022
By Mary

InfoSec News Nuggets 03/10/2022

1 - FBI pushes for ‘real time’ cyber incident reporting mandates, liability protections FBI Director Christopher Wray continued to argue that his bureau should receive mandatory reports about hacks and other significant cyber incidents from critical infrastructure “in real time” and called for strong liability protections for businesses. In testimony to the House Intelligence Committee Tuesday, Wray was asked to assess the impact of the Cyber Incident Reporting Act, which passed the Senate last week in a…
Read More
09 Mar 2022
By Mary

InfoSec News Nuggets 03/09/2022

Rompetrol gas station network hit by Hive ransomware Romania's Rompetrol gas station network has been hit by a ransomware attack. A subsidiary of KMG International, Rompetrol announced today that it is dealing with a "complex cyberattack" that forced it to shut down its websites and the Fill&Go service at gas stations. Today, Romania's petroleum provider Rompetrol has announced that it is battling a "complex cyberattack." BleepingComputer has learned that Hive ransomware gang is behind this attack, and…
Read More
08 Mar 2022
By Mary

InfoSec News Nuggets 03/08/2022

Ukraine joins Nato cyber knowledge hub Nato’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) has unanimously approved the accession of Ukraine to the organisation as a contributing participant in a vote held at a meeting of its Steering Committee. CCDCOE, which is based in the Estonian capital Tallinn, said Ukraine’s experience from previous state-backed cyber attacks orchestrated by Moscow would provide significant value to the organisation, which is tasked with interdisciplinary applied research, consultations, training and exercises in…
Read More
07 Mar 2022
By Mary

InfoSec News Nuggets 03/07/2022

Ukraine to issue non-fungible tokens to fund armed forces Ukraine has announced it will issue non-fungible tokens to fund its armed forces, as cryptocurrency becomes an increasingly popular means of giving support to the government in Kyiv. Mykhailo Fedorov, Ukraine’s vice-prime minister, said on Twitter on Thursday that the government would soon issue NFTs to help pay for its military. NFTs confer ownership of a unique digital item – with pieces of virtual art proving particularly popular –…
Read More
04 Mar 2022
By Mary

InfoSec News Nuggets 03/04/2022

Learn a New Survival Skill: Spotting Deepfakes The word "deepfake" is a combination of "deep learning" and "fake." Deepfakes are falsified pictures, videos, or audio recordings. Sometimes the people in them are computer-generated, fake identities that look and sound like they could be real people. Sometimes the people are real, but their images and voices are manipulated into doing and saying things they didn’t do or say. For example, a deepfake video could be used…
Read More
03 Mar 2022
By Mary

InfoSec News Nuggets 03/03/2022

NVIDIA Confirms Employee Credentials Stolen in Cyberattack NVIDIA this week acknowledged that employee credentials were stolen during a cyberattack on February 23 and confirmed the attackers have started leaking the information online. The compromise occured on February 23 and impacted certain "IT resources," an NVIDIA spokesperson told SecurityWeek. "Shortly after discovering the incident, we further hardened our network, engaged cybersecurity incident response experts, and notified law enforcement," the NVIDIA spokesperson added. While the investigation into…
Read More
02 Mar 2022
By Mary

InfoSec News Nuggets 03/02/2022

New Chinese hacking tool found, spurring U.S. warning to allies Security researchers with U.S. cybersecurity firm Symantec said they have discovered a “highly sophisticated” Chinese hacking tool that has been able to escape public attention for more than a decade. The discovery was shared with the U.S. government in recent months, who have shared the information with foreign partners, said a U.S. official. Symantec, a division of chipmaker Broadcom (AVGO.O), published its research about the tool,…
Read More
01 Mar 2022
By Mary

InfoSec News Nuggets 03/01/2022

Beware: new IRS rules will lead to a wave of phishing frauds Thanks to new legislation that went into place at the beginning of this year, I predict that a lot of unsuspecting small business owners are about to fall victim to a fresh scam. The scam will relate to legislation around new tax reporting rules that will affect millions of freelancers and small businesses. As I explained in an earlier column, beginning for the 2022…
Read More
28 Feb 2022
By Mary

InfoSec News Nuggets 02/28/2022

Nobelium Returns to the Political World Stage Nobelium, also known as APT29 and Cozy Bear, is a highly sophisticated group of Russian-sponsored cybercriminals. Approximately two years ago, countless system administrators and IT teams were forced to work around the clock to address Nobelium’s attack on SolarWinds. And last year, they similarly targeted numerous IT supply chains in the hopes of being able to embed themselves once again deep inside IT networks. But fast forward to…
Read More
25 Feb 2022
By Mary

InfoSec News Nuggets 02/25/2022

Twitter admits it mistakenly removed Ukraine open source intelligence accounts Twitter said it had mistakenly suspended the accounts of open source intelligence reporters posting about Russia’s military build-up around Ukraine, leading to many of them accusing the Russian state of launching a “bot” campaign against them. Based on publicly available satellite imagery, open source reporters have used social media to supply a steady commentary on the activities of Russian forces near the Ukrainian border, providing…
Read More
24 Feb 2022
By Mary

InfoSec News Nuggets 02/24/2022

EU Deploys Cyber Response Unit to Ukraine The EU is deploying a newly formed Cyber Rapid-Response Team (CRRT) to Ukraine to help the country combat Russian threat actors as troops start pouring over the border. The Lithuanian Ministry of National Defence tweeted the news yesterday, revealing that the move came at the request of the Ukrainian government. Lithuania will be leading the coalition of six EU countries – which also includes Croatia, Poland, Estonia, Romania and the…
Read More
23 Feb 2022
By Mary

InfoSec News Nuggets 02/23/2022

OKC Police rape kit info exposed in data breach of DNA contractor Victims of past sexual assault who had their DNA collected in a rape kit by the Oklahoma City Police Department now face yet more uncertainty because of a data breach. Rape kits are used to collect DNA evidence by law enforcement agencies for sexual assault investigations. Saturday, those who had their DNA information stored by a contractor for OKCPD in connection to sexual…
Read More
22 Feb 2022
By Mary

InfoSec News Nuggets 02/22/2022

Conti ransomware gang takes over TrickBot malware operation After four years of activity and numerous takedown attempts, the death knell of TrickBot has sounded as its top members move under new management, the Conti ransomware syndicate, who plan to replace it with the stealthier BazarBackdoor malware. TrickBot is a Windows malware platform that uses multiple modules for various malicious activities, including information stealing, password stealing, infiltrating Windows domains, initial access to networks, and malware delivery.…
Read More
18 Feb 2022
By Mary

InfoSec News Nuggets 02/18/2022

Google Cloud offers good news and bad news on Log4Shell, other issues Google Cloud is seeing 400,000 scans per day for systems vulnerable to the Log4Shell bug, the company said Tuesday. The findings — released as part of the company’s semi-regular Threat Horizons report — show that IT security professionals need to “keep paying attention to this, because the scans keep coming, and if you leave one vulnerable instance open, you’re going to be found,” Phil Venables,…
Read More
17 Feb 2022
By Mary

InfoSec News Nuggets 02/17/2022

Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology From at least January 2020, through February 2022, the Federal Bureau of Investigation (FBI), National Security Agency (NSA), and Cybersecurity and Infrastructure Security Agency (CISA) have observed regular targeting of U.S. cleared defense contractors (CDCs) by Russian state-sponsored cyber actors. The actors have targeted both large and small CDCs and subcontractors with varying levels of cybersecurity protocols and…
Read More
16 Feb 2022
By Mary

InfoSec News Nuggets 02/16/2022

Outrage over Telenor Myanmar sale grows as more ties between military and new owner revealed Activists in Myanmar have released troves of data linking the country's military dictatorship to a company that will be purchasing a majority stake in Telenor Myanmar -- a subsidiary of Norwegian telecom giant Telenor that controls the personal data of 18 million Myanmar subscribers. Telenor, which is owned and controlled by the Norwegian government, has faced significant backlash for weeks after it announced a decision to sell its…
Read More
15 Feb 2022
By Mary

InfoSec News Nuggets 02/15/2022

Patch now: Adobe releases emergency fix for exploited Commerce,  Magento zero-day Adobe has released an emergency patch to tackle a critical bug that is being exploited in the wild. On February 13, the tech giant said that the vulnerability impacts Adobe Commerce and Magento Open Source, and according to the firm's threat data, the security flaw is being weaponized "in very limited attacks targeting Adobe Commerce merchants." Tracked as CVE-2022-24086, the vulnerability has been issued a CVSS severity score of…
Read More
14 Feb 2022
By Mary

InfoSec News Nuggets 02/14/2022

Hidden in plain sight: How the dark web is spilling onto social media Just a few years ago, illicit services and online contraband were firmly sourced in the hidden, largely untraceable depths of the internet: the dark web. People frequenting dark web sites knew how to take advantage of the anonymity offered, and often managed to evade law enforcement. However, fast forward a couple of years and this model is changing. We are now seeing illegal…
Read More
11 Feb 2022
By Mary

InfoSec News Nuggets 02/11/2022

Mac malware spreading for ~14 months installs backdoor on infected systems Mac malware known as UpdateAgent has been spreading for more than a year, and it is growing increasingly malevolent as its developers add new bells and whistles. The additions include the pushing of an aggressive second-stage adware payload that installs a persistent backdoor on infected Macs. The UpdateAgent malware family began circulating no later than November or December 2020 as a relatively basic information-stealer.…
Read More
10 Feb 2022
By Mary

InfoSec News Nuggets 02/10/2022

Criminals Increasing SIM Swap Schemes to Steal Millions of Dollars from US Public The Federal Bureau of Investigation is issuing this announcement to inform mobile carriers and the public of the increasing use of Subscriber Identity Module (SIM) swapping by criminals to steal money from fiat and virtual currency accounts. From January 2018 to December 2020, the FBI Internet Crime Complaint Center (IC3) received 320 complaints related to SIM swapping incidents with adjusted losses of…
Read More
09 Feb 2022
By Mary

InfoSec News Nuggets 02/09/2022

Microsoft plans to kill malware delivery via Office macros Microsoft announced today that it will make it difficult to enable VBA macros downloaded from the Internet in several Microsoft Office apps starting in early April, effectively killing a popular distribution method for malware. Using VBA macros embedded in malicious Office documents is a very popular method to push a wide range of malware families in phishing attacks, including Emotet, TrickBot, Qbot, and Dridex. "This change only affects Office on devices running Windows…
Read More
08 Feb 2022
By Mary

InfoSec News Nuggets 02/08/2022

Fortune 500 service provider says ransomware attack led to leak of more than 500k SSNs Morley Companies, an organization that provides business services to dozens of Fortune 500 companies, said this week it was hit with a ransomware attack last year that led to the leak of sensitive information for more than 500,000 people. In a press release, the company said the ransomware attack began on August 1 and made their data "unavailable." Despite requests for…
Read More
07 Feb 2022
By Mary

InfoSec News Nuggets 02/07/2022

Chinese APT Uses Custom Backdoor to Target Financial Institutions in Taiwan Chinese state-backed advanced persistent threat (APT) group Antlion has been targeting financial institutions in Taiwan in a persistent campaign over the course of at least 18 months. The attackers deployed a custom backdoor we have called xPack on compromised systems, which gave them extensive access to victim machines. The backdoor allowed the attackers to run WMI commands remotely, while there is also evidence that they…
Read More
04 Feb 2022
By Mary

InfoSec News Nuggets 02/04/2022

OpenSSF Announces The Alpha-Omega Project to Improve Software Supply Chain Security for 10,000 OSS Projects Following a meeting with government and industry leaders at the White House, OpenSSF is excited to announce the Alpha-Omega Project to improve the security posture of open source software (OSS) through direct engagement of software security experts and automated security testing. Microsoft and Google are supporting the Alpha-Omega Project with an initial investment of $5 million. This builds on previous industry-wide investments…
Read More
03 Feb 2022
By Mary

InfoSec News Nuggets 02/03/2022

Thousands of Malicious npm Packages Threaten Web Apps More than 1,300 malicious packages have been identified in the most oft-downloaded JavaScript package repository used by developers, npm, in the last six months — a rapid increase that showcases how npm has become a launchpad for a range of nefarious activities. New research from open-source security and management firm WhiteSource has discovered the disturbing increase in the delivery of malicious npm packages, which are used as building blocks for…
Read More
02 Feb 2022
By Mary

InfoSec News Nuggets 02/02/2022

Threat actor target Ubiquiti network appliances using Log4Shell exploits Developed by Ubiquiti Networks, one of the largest hardware vendors in the world, the UniFi software can be installed on Linux and Windows servers and allow network administrators to manage Ubiquiti wireless and networking equipment from a centralized web-based application. This application was built using Java and utilized the Log4j library for its logging capabilities and was listed as impacted by the Log4Shell, having received a patch on December 10,…
Read More
01 Feb 2022
By Mary

InfoSec News Nuggets 02/01/2022

Who Wrote the ALPHV/BlackCat Ransomware Strain? In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “BlackCat“), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. In this post, we’ll explore some of the clues left behind by a developer who was reputedly hired to code the ransomware variant. According to an analysis released this week by Varonis, ALPHV is actively recruiting operators from several ransomware organizations…
Read More
31 Jan 2022
By Mary

InfoSec News Nuggets 01/31/2022

Attackers connect rogue devices to organizations’ network with stolen Office 365 credentials Attackers are trying out a new technique to widen the reach of their phishing campaigns: by using stolen Office 365 credentials, they try to connect rogue Windows devices to the victim organizations’ network by registering it with their Azure AD. If successful, they are ready to launch the second wave of the campaign, which consists of sending more phishing emails to targets outside…
Read More
28 Jan 2022
By Mary

InfoSec News Nuggets 01/28/2022

‘Dark Herring’ Billing Malware Swims onto 105M Android Devices Nearly 500 malicious apps lurking on the Google Play Store have successfully installed Dark Herring malware — a cash-stealer intended to add sneaky charges onto mobile carrier bills — on more than 100 million Android devices across the globe. That’s quite a school of fish. Dark Herring malware was discovered by a research team with Zimperium, who estimate the amount the campaign has been able to steal…
Read More
27 Jan 2022
By Mary

InfoSec News Nuggets 01/27/2022

Threats Are (Still) on the Rise: 2022 Ponemon Report Insider threats are a major risk for organizations of all sizes—and it’s expensive to ignore them. Insider threat incidents are costing businesses upwards of $15 million annually, on average. And it’s not just careless insiders who are to blame for insider threats; more organizations are reporting that credential theft is a growing concern in 2022. To compound matters, it now takes 85 days to contain an insider threat,…
Read More
26 Jan 2022
By Mary

InfoSec News Nuggets 01/26/2022

EU to fund bug bounty programs for LibreOffice, Mastodon, three others The European Union will fund a bug bounty program for five open source projects that are heavily used by public services across the EU. The five programs include LibreOffice, a document editing app and a free alternative to Microsoft Office; Mastodon, a web-based utility for hosting your private social network; Odoo, an enterprise resource planning (ERP) application; Cryptopad, an app exchanging encrypted messages; and LEOS, a software designed to…
Read More
25 Jan 2022
By Mary

InfoSec News Nuggets 01/25/2022

Russian Authorities Arrest Head of International Cybercrime Group Four individuals believed to be members of the international cyber theft ring known as the “Infraud Organization” were arrested in Russia, news agency TASS reports. Allegedly created in 2010 by Svyatoslav Bondarenko, of Ukraine, the cybercrime group was involved in the theft, sale, and dissemination of personally identifiable information (PII), credit card data, and malware, among others. In 2018, the United States Department of Justice (DoJ) announced charges…
Read More
24 Jan 2022
By Mary

InfoSec News Nuggets 01/24/2022

FSB detains administrator of UniCC carding forum The Russian Federal Security Service (FSB) has arrested the administrator of the UniCC carding forum and one of the members of the Infraud cybercrime cartel. The suspect was identified as Andrey Sergeevich Novak and was detained for two months on charges of computer crimes and money laundering. Three other suspects, identified as Kirill Samokutyaev, Konstantin Vladimirovich Bergman, and Mark Avramovich Bergman, were also detained and subsequently placed under…
Read More
21 Jan 2022
By Mary

InfoSec News Nuggets 01/21/2022

FireEye & McAfee Enterprise Renamed as Trellix The company created from the merger of security firms McAfee Enterprise and FireEye will be called Trellix, with an aim to become a force in the field of extended detection and response (XDR). In March 2021, Symphony Technology Group (STG) acquired the McAfee Enterprise business for $4 billion. A few months later, STG bought FireEye's products business for $1.2 billion in a deal that separated FireEye's network, email, endpoint, and cloud security…
Read More
20 Jan 2022
By Mary

InfoSec News Nuggets 01/20/2022

NSO Group Spyware Reportedly Used by Israeli Police Force Spyware from controversial Israeli software firm NSO Group was reportedly used by the nation's civilian police force, according to a new report from an Israeli business publication, Calcalist. The new findings allege that the Israeli police conducted warrantless phone taps on Israeli politicians and activists, among others. According to the report, NSO Group, which was sanctioned by the U.S. Department of Commerce in November 2021, provided its flagship spyware…
Read More
19 Jan 2022
By Mary

InfoSec News Nuggets 01/19/2022

Europol takes down VPNLab, a service used by ransomware gangs An international law enforcement operation has seized the servers of VPNLab.net, a virtual private network provider that advertised its services on the criminal underground and catered to various cybercrime groups, including ransomware gangs. Europol said it seized 15 servers operated by the VPNLab team in Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine, the US, and the UK. No arrests were announced,…
Read More
18 Jan 2022
By Mary

InfoSec News Nuggets 01/18/2022

Meta faces billion-pound class-action case Up to 44 million UK Facebook users could share £2.3bn in damages, according to a competition expert intending to sue parent company Meta. Dr Liza Lovdahl Gormsen alleges Meta "abused its market dominance" to set an "unfair price" for free use of Facebook - UK users' personal data. She intends to bring the case to the Competition Appeal Tribunal. A Meta representative said users had "meaningful control" of what information…
Read More
14 Jan 2022
By Mary

InfoSec News Nuggets 01/14/2022

New Paper Explains How to Secure SMS in the 5G Era AdaptiveMobile Security has published a white paper entitled “Messaging for the Future: Securing SMS in 5G” which explains why 5G networks will be at increased risk because of the interplay between the way SMS messaging has been implemented and the manifold vulnerabilities inherited from earlier generations of network. The paper makes many recommendations about how to shore up the defenses surrounding SMS messaging before telcos…
Read More
13 Jan 2022
By Mary

InfoSec News Nuggets 01/13/2022

Fact-checkers label YouTube a 'major conduit of online disinformation' Fact-checking organisations around the world say that YouTube is not doing enough to prevent the spread of misinformation on the platform. Some 80 groups have signed a joint letter to the Google-owned platform's chief executive Susan Wojcicki. The letter says it is "one of the major conduits of online disinformation and misinformation worldwide". The organisations want YouTube to take firmer action against anti-vaccine videos, and election…
Read More