Welcome to This Week’s [in]Security. Trending: The great mask debate. Other PPE. The spread and curve. Projections. Responses. Behaviour - the good, the bad, and the ugly. Magecart. Breaches: Key Ring, Marriot (again), Dueling Network, Redis, Zoom. Equifax post-mortem. WFH and privacy. Zoom privacy. DHS biometric db. Meme privacy. EARN-IT. FISA abuse. Wi-Fi 6E. NIST updates and events. COVID Treatments, Innovation, Vaccines. In the water? Gearing up. More DoH. And More.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

New - Emerging Issues and Trending Stories

Coronovirus updates. We recently change the way we report COVID articles to you so it is less overwhelming. Many COVID articles will appear within our normal blog section headings each with a sub-group dedicated to COVID-19. For example:

• Facts about its spread, direct impact, and how people react will continue under Trending.
• Regulations and restrictions to counter the virus will be under Regulations.
• Privacy Implications, PCI/Payments, Cybercrime under their respective sections
• Treatments, Vaccines, Innovations, Coping methods under Defense
• Information on how/why it spreads, improvements understanding it, etc. under Vulnerabilities
• Economic impact and articles that don't fit into the other categories will be under Other Risk.
• Breaches (and Ransomware) under Breaches.

Our first regular reports on coronavirus can be found at https://controlgap.com/blog/this-weeks-insecurity-issue-147. And our first use of the trending topic section can be found https://controlgap.com/blog/this-weeks-insecurity-issue-149.

• The great mask debate:

  • CDC recommends people wear cloth masks to block the spread of COVID-19 https://www.theverge.com/2020/4/3/21206044/masks-cloth-coronavirus-cdc-recommendation-guidelines-wear-spread-prevent-covid-19
  • Simple Respiratory Mask from the CDC https://wwwnc.cdc.gov/eid/article/12/6/05-1468_article and https://www.nytimes.com/article/how-to-make-face-mask-coronavirus.html
  • Coronavirus Advice: Wear a Mask. Here’s How https://www.nytimes.com/2020/04/02/opinion/letters/coronavirus-masks.html
  • Despite what you may have heard, you should wear a mask for COVID-19 https://nationalpost.com/news/despite-what-you-may-have-heard-you-should-wear-a-mask-for-covid-19
  • The Atlantic Daily: The Debate Over Masks https://www.theatlantic.com/newsletters/archive/2020/04/the-debate-over-masks/609391/
  • Coronavirus: Why you now have to wear a mask in Austrian shops https://www.bbc.co.uk/news/world-europe-52143873
  • Easing the COVID-19 mask shortage https://uwaterloo.ca/stories/engineering/easing-covid-19-mask-shortage
  • Coronavirus Cases Have Surged, But The US Is Refusing To Take The World’s Most Available Masks https://www.buzzfeednews.com/article/kenbensinger/coronavirus-kn95-masks-us-wont-import-china
  • A Scientist Who’s Fought Ebola And Anthrax Explains When To Wear A Mask For Coronavirus Protection https://www.forbes.com/sites/coronavirusfrontlines/2020/04/02/a-scientist-whos-fought-ebola-and-anthrax-explains-when-to-wear-a-mask-for-coronavirus-protection/
  • Head of Ontario registered nurses union says 9M masks per week are needed https://globalnews.ca/news/6756696/coronavirus-ontario-nurses-ppe/
  • Contact lens wearers should switch to glasses during pandemic, some experts say https://www.ctvnews.ca/health/coronavirus/contact-lens-wearers-should-switch-to-glasses-during-pandemic-some-experts-say-1.4874721
  • Toronto restaurant is washing all their cash to ensure it's disinfected for customers https://www.blogto.com/eat_drink/2020/03/toronto-pizza-restaurant-washing-all-their-cash-ensure-its-disinfected-customers/
  • Buying Face Masks and Other PPE from China: Not For the Faint of Heart https://www.chinalawblog.com/2020/03/buying-face-masks-and-other-ppe-from-china-not-for-the-faint-of-heart.html
  • Counterfeit Chinese-made face masks pulled offline after Global News probe

• The spread and curve:

  • Coronavirus: Confirmed global cases pass one million - https://www.bbc.co.uk/news/world-52144390
  • The United States is now the epicentre of the pandemic. Canada has every reason to be alarmed https://www.theglobeandmail.com/canada/article-the-coughing-monster-next-door/
  • Spain sees record coronavirus deaths as New York seeks reinforcements https://globalnews.ca/news/6755146/coronavirus-new-york-workers/
  • Iceland lab's testing suggests 50% of coronavirus cases have no symptoms https://www.cnn.com/2020/04/01/europe/iceland-testing-coronavirus-intl/index.html
  • How bad is COVID-19 in your area? University students launch heat map to track virus across Canada https://nationalpost.com/news/world/how-bad-is-covid-19-in-your-area-university-students-launch-heat-map-to-track-virus-across-canada
  • Map Reveals Hidden U.S. Hotspots of Coronavirus Infection https://www.scientificamerican.com/article/map-reveals-hidden-u-s-hotspots-of-coronavirus-infection/
  • New study identifies characteristics of patients with fatal COVID-19 https://scienmag.com/new-study-identifies-characteristics-of-patients-with-fatal-covid-19/
  • What the heck? A tiger at the Bronx Zoo tested positive for COVID-19 after coming into contact with an asymptomatic caretaker https://www.businessinsider.com/tiger-tests-positive-for-covid-19-bronx-zoo-in-nyc-2020-4
  • 104-year-old WWII veteran recovers from COVID-19 https://globalnews.ca/news/6768961/man-turns-104-recovers-coronavirus/
  • Here's Why Herd Immunity Won't Save Us From The COVID-19 Pandemic https://www.sciencealert.com/why-herd-immunity-will-not-save-us-from-the-covid-19-pandemic
  • The COVID-19 Virus May Have Been in Humans For Years, Study Suggests https://www.sciencealert.com/the-new-coronavirus-could-have-been-percolating-innocently-in-humans-for-years

• Projections:

  • Without global action against coronavirus pandemic, 40 million could have died: report https://globalnews.ca/news/6754014/coronavirus-pandemic-projected-deaths-report/
  • 'Best case scenario': COVID-19 measures expected to last until July, government document says https://nationalpost.com/news/best-case-scenario-covid-19-measures-expected-to-last-until-july-government-document-says
  • Google Publishes Location Data Across 130 Countries To Show How Coronavirus Lockdowns Are Working https://www.forbes.com/sites/isabeltogoh/2020/04/03/google-publishes-location-data-across-130-countries-to-show-how-coronavirus-lockdowns-are-working/
  • COVID-19 could kill 3,000 to 15,000 people in Ontario, provincial modelling shows https://www.cbc.ca/news/canada/toronto/ontario-covid-projections-1.5519575
  • Researchers develop a computer simulator that recreates the spread of COVID-19 in Europe https://scienmag.com/researchers-develop-a-computer-simulator-that-recreates-the-spread-of-covid-19-in-europe/
  • The Interminable Body Count https://www.theatlantic.com/politics/archive/2020/04/how-many-americans-will-die-coronavirus/609175/
  • Wuhan's death toll could be astronomically higher than the Chinese government has reported https://www.businessinsider.com/wuhan-residents-say-chinese-government-coronavirus-death-toll-is-low-2020-3
  • The US intelligence community has reportedly concluded that China intentionally misrepresented its coronavirus numbers https://www.businessinsider.com/us-intelligence-found-china-misrepresented-coronavirus-stats-report-2020-4

• Responses and reactions:

  • Comparing coronavirus responses: What did Canada and the U.S. do differently? https://globalnews.ca/news/6737474/coronavirus-new-york-canada-responses/
  • Germany mobilizes 15,000 soldiers | Global infections near 1 million | FEMA requests 100,000 body bags https://edition.cnn.com/world/live-news/coronavirus-pandemic-04-02-20-intl/index.html
  • New Canadian travel restrictions https://www.chch.com/new-canadian-travel-restrictions-come-into-effect-monday/
  • Police officer wears coronavirus helmet to warn people to stay inside https://www.cnn.com/2020/03/30/asia/coronavirus-helmet-chennai-intl-hnk-scli/index.html
  • Premier Ford announces the shutdown of non-essential services https://toronto.citynews.ca/2020/03/23/premier-ford-announces-the-shutdown-of-non-essential-services/
  • Australian state will install home surveillance hardware to make sure if you're in virus isolation https://www.theregister.co.uk/2020/04/01/west_australia_isolation/
  • Why Sweden’s Coronavirus Approach Is So Different From Others https://www.forbes.com/sites/davidnikel/2020/03/30/why-swedens-coronavirus-approach-is-so-different-from-others/
  • Fauci says he 'doesn't understand why' the entire US is not under a stay-at-home order. Here's why its absence could make America's coronavirus problem even worse https://www.businessinsider.com/coronavirus-lockdown-united-states-entire-country-anthony-fauci-cdc-2020-4
  • How the City of Toronto responded to the Spanish Flu in 1918 https://globalnews.ca/news/6773373/toronto-spanish-flu-coronavirus/
  • Some U.S. Amazon, Instacart workers go on strike over coronavirus safety concerns https://globalnews.ca/news/6754818/coronavirus-amazon-workers-strike-instacart/
  • Do you have to work during the pandemic? Winnipeg labour lawyer lays out options https://globalnews.ca/news/6756093/coronavirus-employment-law-canada/

• The Good:

  • University of Guelph donates 10,000 masks to frontline workers https://globalnews.ca/news/6749968/coronavirus-university-of-guelph-masks/
  • Shopify Purges Thousands of Merchants for Price Gouging and Making False Covid-19 Claims https://www.digitaltransactions.net/shopify-purges-thousands-of-merchants-for-price-gouging-and-making-false-covid-19-claims/
  • 3M Faces Pressure to Prevent Price Gouging Among Distributors of Its N95 Masks https://theintercept.com/2020/04/01/coronavirus-3m-n95-masks-price-gouging/
  • Medical fetish site donates scrubs to help U.K. hospitals fighting coronavirus https://globalnews.ca/news/6750437/medical-fetish-site-donation-coronavirus/
  • The WHO is recommending video games as an effective way to stop the spread of COVID-19, one year after adding 'gaming disorder' to its list of addictive behaviors https://www.businessinsider.com/who-video-games-coronavirus-pandemic-mental-health-disorder-2020-4

• The Bad:

  • More than 40 spring breakers who ignored public health advice test positive for coronavirus https://www.cnn.com/travel/article/austin-spring-breakers-coronavirus-trnd/index.html
  • Peloton won’t stop live classes amid NYC lockdown, and now an employee has tested positive for COVID-19 https://www.theverge.com/2020/4/3/21207751/peloton-live-classes-employee-tested-positive-covid-19
  • Sen. Loeffler Dumped $19 Million In Shares After Coronavirus Intel Briefing https://www.forbes.com/sites/lisettevoytko/2020/04/01/sen-loeffler-dumped-19-million-in-shares-after-coronavirus-intel-briefing/
  • Kentucky puts ankle monitors on coronavirus patients who break quarantine https://globalnews.ca/news/6763001/coronavirus-house-arrest/
  • Man lies about having COVID-19 to get free Airbnb stay https://globalnews.ca/news/6757264/victoria-airbnb-covid-19-scam/
  • Brampton man charged after faking COVID-19 contact to get out of work https://globalnews.ca/news/6751096/coronavirus-brampton-man-charged-fake-covid-19/
  • Halifax police seize vehicle, issue ticket to woman violating COVID-19 emergency order https://globalnews.ca/news/6748452/halifax-police-issue-ticket-covid-19-emergency-order/
  • A California community closed beaches over coronavirus concerns. The emergency manager took his family anyway. https://www.washingtonpost.com/nation/2020/04/01/sonoma-emergency-beach/
  • GameStop Is Telling Employees To Wrap Their Hands In Plastic Bags And Keep Working https://www.forbes.com/sites/erikkain/2020/03/29/gamestop-is-telling-employees-to-wrap-their-hands-in-plastic-bags-and-keep-working/

• The Ugly:

  • Two Doctors Who Treated SARS: Beware These Behavioral Changes That Could Make The Coronavirus Pandemic Worse https://www.forbes.com/sites/coronavirusfrontlines/2020/04/04/two-doctors-who-treated-sars-beware-these-behavioral-changes-that-could-make-the-coronavirus-pandemic-worse/
  • The US paid millions of taxpayer dollars to a company for thousands of much-needed ventilators. But the company is busy selling more expensive models abroad. https://www.businessinsider.com/us-paid-royal-philips-nv-millions-ventilators-unavailable-national-stockpile-2020-3
  • Pastor arrested for packing ‘hundreds’ into Florida megachurch amid coronavirus lockdown https://globalnews.ca/news/6751899/pastor-coronavirus-church-florida/
  • 'It is everywhere already': Fox News hosts amp up the pressure on Trump to give up on coronavirus lockdowns and reopen the economy https://www.businessinsider.com/coronavirus-fox-news-hosts-pressure-trump-end-lockdowns-reopen-economy-2020-4
  • Coronavirus Expert Dr. Anthony Fauci’s Personal Security Has Been Stepped Up After Threats To His Safety https://www.forbes.com/sites/isabeltogoh/2020/04/02/coronavirus-expert-dr-anthony-faucis-personal-security-has-stepped-up-after-threats-to-his-safety/
  • People across the UK are apparently burning cellphone masts and abusing engineers on the street over baseless conspiracy theories linking the coronavirus to 5G networks https://www.businessinsider.com/coronavirus-5g-conspiracy-theory-england-cellphone-masts-engineers-attacked-2020-4
  • US threatens to halt mask exports to Canada https://www.bbc.co.uk/news/world-us-canada-52161032, https://globalnews.ca/news/6772979/coronavirus-3m-n95-respirators-trump-canada/
  • Spot a COVIDIOT? Here’s how to report coronavirus rule-breakers https://globalnews.ca/news/6752215/coronavirus-isolation-how-to-report-covidiot/

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud.

• Emerging MakeFrame Skimmer from Magecart Sets Sights on SMBs https://threatpost.com/emerging-makeframe-skimmer-magecart-smbs/154374/
• MakeFrame: Magecart Group 7’s Latest Skimmer Uses iFrames and Has Claimed 19 Victim Sites https://www.riskiq.com/blog/labs/magecart-makeframe/ and https://thehackernews.com/2020/04/magecart-digital-skimmer.html

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

• 14 Million Key Ring Users Exposed In Open Database https://www.scmagazine.com/home/security-news/data-breach/14-million-key-ring-users-exposed-in-open-database/
• Marriott data breach exposes personal data of 5.2 million guests https://www.databreaches.net/marriott-data-breach-exposes-personal-data-of-5-2-million-guests/
• Dueling Network - 5,473,883 breached accounts https://haveibeenpwned.com/PwnedWebsites#DuelingNetwork
• More Than 8,000 Unsecured Redis Instances Found in the Cloud https://blog.trendmicro.com/trendlabs-security-intelligence/more-than-8000-unsecured-redis-instances-found-in-the-cloud/
• Health Data Breach Tally Spikes in Recent Weeks https://www.bankinfosecurity.com/health-data-breach-tally-spikes-in-recent-weeks-a-14031
• Zoom Contacts Feature Leaks Email Addresses, Photos https://www.bankinfosecurity.com/zoom-contacts-feature-leaks-email-addresses-photos-a-14039
• Microsoft Alerts Healthcare to Human-Operated Ransomware https://www.darkreading.com/vulnerabilities---threats/microsoft-alerts-healthcare-to-human-operated-ransomware/d/d-id/1337463
• What Went Wrong at Equifax? We Have Good Answers https://www.bankinfosecurity.com/interviews/what-went-wrong-at-equifax-unusually-we-have-good-answers-i-4642
• Class Action Lawsuit Filed Against Marriott Over New Data Breach https://www.securityweek.com/class-action-lawsuit-filed-against-marriott-over-new-data-breach
• Virgin Media facing lawsuit over exposed database https://www.databreaches.net/virgin-media-facing-lawsuit-over-exposed-database/
• UK: Morrisons not liable for 2014 data breach, says Supreme Court https://www.databreaches.net/uk-morrisons-not-liable-for-2014-data-breach-says-supreme-court/

Privacy

Articles about privacy related news, risks, and trends.

• COVID-19 Privacy:

  • Google uses location data to show which places are complying with stay-at-home orders — and which aren't https://www.theverge.com/2020/4/3/21206318/google-location-data-mobility-reports-covid-19-privacy
  • A new phone-tracing technology could tell if you've been exposed to the coronavirus — without sacrificing privacy https://www.businessinsider.com/coronavirus-covid-19-contact-tracing-mobile-phones-bluetooth-pepp-pt-2020-4
  • Countries opt for phone tracking amid coronavirus — should Canada? https://globalnews.ca/news/6761351/coronavirus-poland-phone-tracking/
  • China's coronavirus health code apps raise concerns over privacy https://www.theguardian.com/world/2020/apr/01/chinas-coronavirus-health-code-apps-raise-concerns-over-privacy
• Could Work-From-Home Staff be Violating Privacy Laws During Conference Calls? https://www.darkreading.com/edge/theedge/could-work-from-home-staff-be-violating-privacy-laws-during-conference-calls/b/d-id/1337462

• Zoom:

  • Security and Privacy Implications of Zoom https://www.schneier.com/blog/archives/2020/04/security_and_pr_1.html
  • Zoom's Security and Privacy Woes Violated GDPR https://www.securityweek.com/zooms-security-and-privacy-woes-violated-gdpr-expert-says
  • 'Zoom-bombing': Hijackers using video calling apps to broadcast porn, FBI warns https://www.independent.co.uk/life-style/gadgets-and-tech/news/zoom-video-call-porn-bombing-conference-privacy-school-fbi-a9439916.html
  • Zoom is being sued for allegedly handing over data to Facebook https://www.businessinsider.com/zoom-sued-allegedly-sharing-data-with-facebook-2020-3
  • New York Attorney General Looks Into Zoom’s Privacy Practices https://www.nytimes.com/2020/03/30/technology/new-york-attorney-general-zoom-privacy.html
  • The Zoom Privacy Backlash Is Only Getting Started https://www.wired.com/story/zoom-backlash-zero-days/
• DHS Proposes Database to Link Biometric Data, EPIC will Oppose https://epic.org/2020/04/dhs-proposes-database-to-link-.html
• Did you MEME to share your personal info? https://controlgap.com/blog/Did-you-MEME-to-share-PII

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

• COVID 19 Regulations/Restrictions/Policy:

  • COVID Or No, Data Demands Compliance https://www.pymnts.com/news/regulation/2020/covid-or-no-data-demands-compliance/
  • World Health Organization Again Speaks Up for Data Protection https://epic.org/2020/03/world-health-organization-agai.html
  • Council of Europe Issues Statement on COVID-19 and Data Protection https://epic.org/2020/03/council-of-europe-issues-state.html
• Clarifying the Computer Fraud and Abuse Act https://www.schneier.com/blog/archives/2020/03/clarifying_the_.html
• The EARN IT Act Violates the Constitution https://www.eff.org/deeplinks/2020/03/earn-it-act-violates-constitution
• Inspector General Report Uncovers Widespread FISA Abuse https://epic.org/2020/04/inspector-general-report-uncov.html
• EFF Joins Locast Defense Team to Fight for TV Viewers’ Right to Use Free, Legal Streaming Service https://www.eff.org/press/releases/eff-joins-locast-defense-team-fight-tv-viewers-right-use-free-legal-streaming-0
• Wi-Fi 6E becomes official—the FCC will vote on rules this month https://arstechnica.com/gadgets/2020/04/fcc-will-vote-on-rules-for-1-2ghz-of-new-wi-fi-6e-spectrum-on-april-23/
• 2020 Sanctions Compliance Report https://www.digitaltransactions.net/csi-2020-sanctions-compliance-report/

• NIST updates and events:

  • NIST Draft Special Publication (SP) 800-210, General Access Control Guidance for Cloud Systems available for public comment until May 15 https://csrc.nist.gov/publications/detail/sp/800-210/draft
  • 2020 NICE K12 Cybersecurity Education Conference December 7-8, 2020 | St. Louis, Missouri - Call for Presentations until June 12 https://www.k12cybersecurityconference.org/
  • NIST Special Publication (SP) 800-175B Revision 1, Guideline for Using Cryptographic Standards in the Federal Government: Cryptographic Mechanisms includes guidance deprecating the Triple Data Encryption Algorithm (TDEA) https://csrc.nist.gov/publications/detail/sp/800-175b/rev-1/final
  • NIST virtual event on updates in Draft NIST Special Publication (SP) 800-53, Revision 5 On Wednesday, April 8, 2020 from 2:00 – 3:30 PM ET. Information and registration https://go.usa.gov/xd7Vq. Draft NIST SP 800-53, Revision 5 (FPD) https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/draft
  • NCCoE wants feedback on Draft NIST Cybersecurity White Paper, Methodology for Characterizing Network Behavior of Internet of Things Devices . NCCoE homepage: https://nccoe.nist.gov/. Draft https://csrc.nist.gov/publications/detail/white-paper/2020/04/01/methodology-for-characterizing-network-behavior-of-iot-devices/draft

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

• COVID-19 Tests, Treatments, Innovation, Vaccines:

  • By far the fastest supercomputer on earth - a one exaflop computer is fighting COVID-19 - over 1M PC owners combine their GPU power https://decrypt.co/24173/one-million-pc-owners-combine-their-gpu-power-to-fight-covid-19
  • Bill Gates is funding new factories for 7 potential coronavirus vaccines, even though it will waste billions of dollars https://www.businessinsider.com/bill-gates-factories-7-different-vaccines-to-fight-coronavirus-2020-4
  • 'Like warp speed': J&J's top scientist told us how the pharma giant plans to rapidly test a potential coronavirus vaccine and pump out 1 billion doses https://www.businessinsider.com/jj-coronavirus-vaccine-interview-timetable-testing-manufacturing-2020-3
  • A group at MIT figured out how to make an emergency ventilator for $100 using a common hospital item — instead of the usual $30,000 https://www.businessinsider.com/mit-emergency-ventilator-cheaper-design-plans-2020-3
  • Mercedes F1 Team Trials New Coronavirus Breathing Aid In London Hospital https://www.forbes.com/sites/iainmartin/2020/03/30/mercedes-f1-team-trials-new-coronavirus-breathing-aid-in-london-hospital/
  • Architects and engineers are 3D printing medical gear during pandemic https://www.theverge.com/2020/3/31/21200883/3d-printing-ppe-medical-gear-pandemic-universities-architects-engineers
  • D.I.Y. Coronavirus Solutions Are Gaining Steam https://www.nytimes.com/2020/03/31/science/coronavirus-masks-equipment-crowdsource.html
  • This is important to get right. Removing the novel coronavirus from the water cycle https://scienmag.com/removing-the-novel-coronavirus-from-the-water-cycle/
  • Scientists Are Developing a Test to Find The New Coronavirus in Wastewater http://www.sciencealert.com/scientists-are-developing-a-test-that-can-find-the-new-coronavirus-in-wastewater
  • A quick finger-prick blood test can determine whether you've ever had the coronavirus. It could be widely available within weeks https://www.businessinsider.com/coronavirus-antibody-blood-test-covid-19-2020-3
  • Australian scientists begin tests of potential vaccines https://www.bbc.co.uk/news/world-australia-52130402
  • COVID-19 survivors’ blood could help others beat the disease, scientists hope https://globalnews.ca/news/6769386/coronavirus-covid-19-survivors-blood-treatment/
  • HSC professor on team using stem cells to combat COVID-19 pneumonia https://scienmag.com/hsc-professor-on-team-using-stem-cells-to-combat-covid-19-pneumonia/
  • A TB Vaccine From The 1920s Is Now Being Tested For Use Against The Coronavirus Pandemic https://www.forbes.com/sites/ericmack/2020/03/31/a-vaccine-from-the-1920s-could-help-fight-the-coronavirus-pandemic/
  • Genetic analysis of the coronavirus gives scientists clues about how it’s spreading https://www.theverge.com/2020/3/31/21199782/coronavirus-samples-genetic-analysis-covid-spread-biotech-pandemic
  • What our leaders can do now https://www.linkedin.com/pulse/what-our-leaders-can-do-now-bill-gates
  • Interesting idea if it can be practial - Group Testing for Coronavirus https://www.forbes.com/sites/kotlikoff/2020/03/29/group-testing-is-our-secret-weapon-against-coronavirus/
  • Nasa experts asked to come up with ideas to fight pandemic https://www.independent.co.uk/life-style/gadgets-and-tech/news/nasa-coronavirus-covid-19-ppe-ventilators-protective-equipment-hospital-a9446396.html
  • Simple idea - Walmart is encouraging social distancing with tactics like one-way aisles https://www.businessinsider.com/walmart-alters-store-formats-to-address-coronavirus-pandemic-2020-4
  • Irving Oil to produce hand sanitizer during coronavirus pandemic https://globalnews.ca/news/6759194/irving-oil-hand-sanitizer-coronavirus/
• A Forbes alum armed with $150 million is building a new social network to fix fake and misleading news on social media https://www.businessinsider.com/blockone-is-launching-new-social-network-voice-with-150-million-2020-3
• How to Keep Your Zoom Chats Private and Secure https://www.wired.com/story/keep-zoom-chats-private-secure/
• Introducing family friendly DoH 1.1.1.1 https://blog.cloudflare.com/introducing-1-1-1-1-for-families/
• Announcing the Results of the 1.1.1.1 Public DNS Resolver Privacy Examination https://blog.cloudflare.com/announcing-the-results-of-the-1-1-1-1-public-dns-resolver-privacy-examination/
• AWS Security Service 'Amazon Detective' Now Generally Available https://www.securityweek.com/aws-security-service-amazon-detective-now-generally-available
• MongoDB’s field-level encryption protects private data—even from DBAs https://arstechnica.com/information-technology/2020/04/mongodbs-field-level-encryption-protects-private-data-even-from-dbas/
• Microsoft to Add Compromised Password Notification to Edge https://www.securityweek.com/microsoft-add-compromised-password-notification-edge
• 31 free Harvard University classes you can take online through edX https://www.businessinsider.com/harvard-free-online-courses
• Blue and Red team webinars from SpecterOps https://twitter.com/SpecterOps/status/1243623526046871552

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

• New vulnerability classes are rare, Researcher Finds New Class of Windows Vulnerabilities https://www.securityweek.com/researcher-finds-new-class-windows-vulnerabilities
• Thousands of Android Apps Are Silently Accessing Your Data (list of all your apps) https://arstechnica.com/information-technology/2020/03/4000-android-apps-silently-access-your-installed-software/
• SMBGhost Vulnerability Allows Privilege Escalation on Windows Systems https://www.securityweek.com/smbghost-vulnerability-allows-privilege-escalation-windows-systems
• ‘War Dialing’ Tool Exposes Zoom’s Password Problems https://krebsonsecurity.com/2020/04/war-dialing-tool-exposes-zooms-password-problems/
• This fingerprint-verified smart lock can be foiled by a magnet https://www.theverge.com/2020/3/30/21199640/tapplock-one-smart-lock-fingerprint-hack
• Browser Makers Delay Removal of TLS 1.0 and 1.1 Support https://www.securityweek.com/browser-makers-delay-removal-tls-10-and-11-support

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

• COVID-19 Crime and Cybercrime:

  • Fraud piggybacking on UK alert SMS https://www.thisismoney.co.uk/money/beatthescammers/article-8155145/Coronavirus-fraud-Beware-fake-text-messages-Government-HMRC.html
  • 80% of cyber threat landscape uses COVID-19 as leverage https://securitybrief.co.nz/story/80-of-cyber-threat-landscape-uses-covid-19-as-leverage-report
  • Thousands of shady websites with 'coronavirus' or 'covid' in their domain have popped up since January — and it reflects how eagerly scammers are trying to cash in on the epidemic https://www.businessinsider.com/scammers-are-creating-shady-new-websites-with-coronavirus-domains-2020-4
  • Van Gogh painting stolen from museum shuttered by Covid-19 pandemic https://www.cnn.com/style/article/van-gogh-stolen-covid-19-intl-scli/index.html
• Oldschool malware prehaps should be called spiteware? There's now COVID-19 malware that will wipe your PC and rewrite your MBR https://www.zdnet.com/article/theres-now-covid-19-malware-that-will-wipe-your-pc-and-rewrite-your-mbr/
• Phish of GoDaddy Employee Jeopardized Escrow.com and others https://krebsonsecurity.com/2020/03/phish-of-godaddy-employee-jeopardized-escrow-com-among-others/
• A Crypto-Mining Botnet Has Been Hijacking MSSQL Servers For Almost Two Years https://www.zdnet.com/article/a-crypto-mining-botnet-has-been-hijacking-mssql-servers-for-almost-two-years/
• Active Directory Attacks Hit the Mainstream https://www.darkreading.com/endpoint/authentication/active-directory-attacks-hit-the-mainstream/a/d-id/1337405
• FBI Warns of 'Kwampirs' Malware Supply Chain Attacks https://www.databreachtoday.com/fbi-warns-kwampirs-malware-supply-chain-attacks-a-14037
• FBI Re-Sends Alert About Supply Chain Attacks For The Third Time In Three Months https://www.zdnet.com/article/fbi-re-sends-alert-about-supply-chain-attacks-for-the-third-time-in-three-months/

Other Security / Risk

Articles covering other types of risks.

• COVID-19 Economic impact and articles that don't fit anywhere else:

  • COVID-19 Fact/hoax checking Archives https://www.snopes.com/tag/covid-19/
  • One of the internet's oldest fact-checking organizations is overwhelmed by coronavirus misinformation — and it could have deadly consequences https://www.businessinsider.com/coronavirus-snopes-misinformation-fact-checking-overwhelmed-deadly-consequences-2020-3
  • The COVID-19 Pandemic Exposes The Harm Of Denying Scientific Facts https://www.forbes.com/sites/startswithabang/2020/04/01/the-covid-19-pandemic-exposes-the-harm-of-denying-scientific-facts/
  • Microsoft: Cloud services demand up 775%; prioritization rules in place due to COVID-19 https://www.zdnet.com/article/microsoft-cloud-services-demand-up-775-percent-prioritization-rules-in-place-due-to-covid-19/
  • The Economy Is Ruined. It Didn’t Have to Be This Way https://www.theatlantic.com/ideas/archive/2020/04/economy-ruined-it-didnt-have-be-way/609334/
  • Why U.S. Housing Bubble 2.0 Is About To Burst https://www.forbes.com/sites/jessecolombo/2020/03/31/why-us-housing-bubble-20-is-about-to-burst/
  • We Can’t Tell How Bad Things Really Are - leddond from the great depression https://www.theatlantic.com/ideas/archive/2020/04/uncertainty-virus/609223/
  • The government's official scorekeeper just poured cold water all over the Trump administration's predictions of a rapid economic recovery from the coronavirus
  • Canada’s carbon tax increasing April 1 despite coronavirus economic crunch https://globalnews.ca/news/6751873/carbon-tax-increase-april-1-coronavirus/
  • The coronavirus pandemic is the breakthrough Xi Jinping has been waiting for. And he’s making his move https://www.macleans.ca/opinion/the-coronavirus-pandemic-is-the-breakthrough-xi-jinping-has-been-waiting-for-and-hes-making-his-move/
  • CFOs Plan To Permanently Shift Significant Numbers Of Employees To Work Remotely — Survey https://www.forbes.com/sites/ezequielminaya/2020/04/03/cfos-plan-to-permanently-shift-significant-numbers-of-employees-to-work-remotely---survey/
  • The Post-Coronavirus World May Be The End Of Globalization https://www.forbes.com/sites/kenrapoza/2020/04/03/the-post-coronavirus-world-may-be-the-end-of-globalization/
  • U.N. Postpones Global Climate Summit Over Pandemic Concerns https://www.scientificamerican.com/article/u-n-postpones-global-climate-summit-over-pandemic-concerns/
  • The Virus Is a Reminder of Something Lost Long Ago https://www.theatlantic.com/ideas/archive/2020/04/coronavirus-is-changing-habits-of-mind/609181/
• 6.5-magnitude Idaho earthquake felt by residents of British Columbia’s Wine Country and in Alberta https://globalnews.ca/news/6760008/idaho-earthquake-felt-bc-residents/, https://globalnews.ca/news/6759957/idaho-earthquake-shakes-calgary/
• Tech Giants Prepared for 2016-Style Meddling. But the Threat Has Changed. https://www.nytimes.com/2020/03/29/technology/facebook-google-twitter-november-election.html
• How Russia’s Troll Farm Is Changing Tactics Before the Fall Election https://www.nytimes.com/2020/03/29/technology/russia-troll-farm-election.html
• Iran’s ban on Telegram that was intended to facilitate domestic spying backfired https://www.databreaches.net/irans-ban-on-telegram-that-was-intended-to-facilitate-domestic-spying-backfired/
• Cryptanalyst decrypts file containing keys to $300,000 in Bitcoin https://decrypt.co/24503/crypto-bitcoin-free-zip
• Toilet paper is a giant waste of resources https://bigthink.com/surprising-science/toilet-paper-is-a-giant-waste-of-resources
• Annual Protest to ‘Fight Krebs’ Raises €150K+ https://krebsonsecurity.com/2020/03/annual-protest-to-fight-krebs-raises-e150k/
• Bizarre - The cruise ship RCGS RESOLUTE sunk a Venezuelan Navy ship after being fired at and rammed https://www.fleetmon.com/maritime-news/2020/29297/cruise-ship-sunk-venezuelan-navy-ship-and-fled-pro/

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

• How (not) to cut your hair at home https://www.bbc.co.uk/news/av/uk-52095554/how-not-to-cut-your-hair-at-home
• Coronavirus lockdowns have changed the way Earth moves https://www.nature.com/articles/d41586-020-00965-x
• Good News, There's a Microbe That Can Metabolise One of The Hardest Plastics to Recycle https://www.sciencealert.com/scientists-identify-a-microbe-that-can-break-down-hard-to-recycle-plastics
• Was that my inside voice? Machine translates brainwaves into sentences https://www.bbc.co.uk/news/science-environment-52094111
• Scientists Have Unearthed Traces of an Ancient Rainforest In... Antarctica https://www.sciencealert.com/discovery-of-ancient-rainforest-in-antarctica-is-a-grim-warning-of-earth-s-future
• Scientists discover gene that increases risk of Alzheimer’s disease https://scienmag.com/scientists-discover-gene-that-increases-risk-of-alzheimers-disease/
• Blood test accurately detects over 50 types of cancer, often before symptoms show https://scienmag.com/blood-test-accurately-detects-over-50-types-of-cancer-often-before-symptoms-show/
• Astonishing actual film footage from war time Bletchley Park https://www.bbc.com/news/av/uk-52136986/mi6-world-war-two-workers-in-rare-forbidden-footage
• Second World War footage of Bletchley Park-linked MI6 intelligence heroes emerges, shared online https://www.theregister.co.uk/2020/04/04/mi6_personnel_bletchley/
• Scientists Took Mentos And Coke to The Top of a Mountain, For Science https://www.sciencealert.com/mixing-mentos-and-coke-on-a-mountain-top-shows-why-it-s-the-candy-for-the-job
• Might as well just say it: Uranus is leaking gas into space https://www.syfy.com/syfywire/might-as-well-just-say-it-uranus-is-leaking-gas-into-space
• Astronomers Define the “Really Habitable Zone https://www.universetoday.com/145540/astronomers-define-the-really-habitable-zone-planets-capable-of-producing-gin-and-tonic/
• It looks like a star 750 million light years away was torn apart by a mid-sized black hole https://www.syfy.com/syfywire/it-looks-like-a-star-750-million-light-years-away-was-torn-apart-by-a-mid-sized-black-hole
• Dilbert-esque explanation of what is cryptography https://blog.isc2.org/isc2_blog/2020/04/what-is-cryptography.html
• An AI's idea of a prank https://aiweirdness.com/post/614209593176899584/an-ais-idea-of-a-prank