Welcome to This Week’s [in]Security. Fallout from US Unrest. Covid-19: Spread & Curve. Lockdown, Reopening, & The New Normal. Predicting outbreaks with social media. More of the Good, Bad, and Ugly. Medical research scandal. PCI SSF for Terminal Software. New FAQ. COVID related breaches. Another 100M breached credentials surface. Approximately 10M new. Contact tracing app problems. Google Incognito Lawsuit. Twitter War NIST key generation and IoT updates. Defending against future pandemics. e tu Password. Cybercrime prevention Homomorphic encryption tools. Shades of 'The Italian Job'. Air-gapped malware. e-Voting. Huawei 5G and the 5 Eyes. Zoom Encryption Controversy. And more.

Trending news and COVID-19 updates.

The COVID related articles here fit together. Other COVID articles will appear under our normal section headings like regulations, privacy, breaches, and other risks. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

• Fallout from US Unrest:

  • Analysing the (Alleged) Minneapolis Police Department "Hack" https://www.troyhunt.com/analysing-the-alleged-minneapolis-police-department-hack/ and https://threatpost.com/anonymous-hack-minneapolis-police-department-fake/156171/
  • Protests are disrupting deliveries of packages and food across the US https://www.businessinsider.com/how-protests-are-impacting-deliveries-packages-food-2020-6
  • George Floyd death draws scrutiny on police use of force. What’s Canada’s protocol? https://globalnews.ca/news/7020523/george-floyd-police-use-force-canada/
  • New mental health program helps first responders across Ontario https://globalnews.ca/news/7027007/coronavirus-first-responders-mental-health-ontario/

• The spread and the curve:

  • Lessons from Asia's new virus spikes https://www.bbc.co.uk/news/world-asia-52807255
  • Officials worry U.S. protests, South America’s reopening could spread COVID-19 https://globalnews.ca/news/7015214/coronavirus-us-protests-south-america/
  • Brazil takes down months of coronavirus data from website as COVID-19 deaths rise https://globalnews.ca/news/7036247/brazil-coronavirus-data-taken-down/
  • COVID-19 pandemic hits world’s poorest hard as cases rise in India, Pakistan https://globalnews.ca/news/7024878/coronavirus-pandemic-worldwide-june-4/
  • First coronavirus death reported at Rohingya refugee camp in Bangladesh https://globalnews.ca/news/7019607/rohingya-coronavirus-death/
  • Mexico deaths pass 10,000 as restrictions eased https://www.bbc.co.uk/news/world-latin-america-52889111
  • How coronavirus tore through Britain's ethnic minorities https://www.bbc.co.uk/news/uk-52894225
  • Alabama Reopens And COVID-19 Cases Soar 300 Pct Month Over Month https://www.pymnts.com/economy/2020/alabama-reopens-covid-19-cases-soar-300-percent-month/
  • Ontario, Quebec account for more than 90% of national COVID-19 cases: federal data https://www.cbc.ca/news/politics/covid-projections-update-1.5598219
  • COVID-19 Can Last for Several Months https://www.theatlantic.com/health/archive/2020/06/covid-19-coronavirus-longterm-symptoms-months/612679/
  • All active COVID-19 cases in N.B. remain linked to doctor that failed to self-isolate https://globalnews.ca/news/7011949/n-b-covid-19-june-1-update/
  • The mystery of asymptomatic 'silent spreaders' https://www.bbc.com/news/uk-52840763
  • A Hidden COVID-19 Risk Factor: Your Boss https://www.theatlantic.com/health/archive/2020/06/sick-leave-covid-time-off/612361/
  • Employers could face legal action over COVID-19 exposure https://scienmag.com/employers-could-face-legal-action-over-covid-19-exposure-expert-warns/

• Lockdown, reopening, and The New Normal:

  • ICU doctor sends stark reminder about COVID-19 with tweet showing Alberta ventilators https://globalnews.ca/news/7022149/icu-doctor-covid-19-tweet-ventilators-edmonton/
  • Ontario extends COVID-19 Emergency Orders until June 19 https://www.680news.com/2020/06/06/ontario-extends-covid-19-emergency-orders-until-june-19/
  • Two weeks after reopening, some Vancouver restaurants nearly empty https://bc.ctvnews.ca/two-weeks-after-reopening-some-vancouver-restaurants-nearly-empty-1.4968510
  • City of Brampton says all transit riders must wear masks as of July 2 https://globalnews.ca/news/7020594/brampton-masks-transit-mandatory-july/
  • Brampton tries to crack down on backyard parties as temperatures get warmer https://globalnews.ca/news/7029491/brampton-backyard-parties-crack-down-coronavirus/
  • France has won the R-number battle, but the COVID war rages on https://scienmag.com/france-has-won-the-r-number-battle-but-the-covid-war-rages-on/
  • A cluster of islands: How Shetland locked down early and stopped the virus in its tracks https://www.bbc.co.uk/news/stories-52823510
  • Top epidemiologist admits he got Sweden’s COVID-19 strategy wrong https://nationalpost.com/news/world/top-epidemiologist-admits-he-got-swedens-covid-19-strategy-wrong
  • SA court rules lockdown restrictions 'irrational' https://www.bbc.co.uk/news/world-africa-52904043

• Treatments, Testing, Triage, and Trials, and things we learned:

  • Coronavirus and the Flu: A Looming Double Threat https://www.scientificamerican.com/article/coronavirus-and-the-flu-a-looming-double-threat/
  • Some People May Have a Head Start Against Coronavirus https://www.sciencealert.com/surprise-finding-suggests-some-people-are-already-primed-to-fight-the-coronavirus
  • SFU, Providence Health Care develop AI tool for quicker COVID-19 diagnosis https://scienmag.com/sfu-providence-health-care-develop-ai-tool-for-quicker-covid-19-diagnosis/
  • Small study demonstrates sample inactivation may lead to SARS-CoV-2 false negatives https://scienmag.com/small-study-demonstrates-sample-inactivation-may-lead-to-sars-cov-2-false-negatives/
  • No evidence of coronavirus becoming less severe https://globalnews.ca/news/7013414/coronavirus-who-potency-experts-italy/
  • Pathogen scientist collaborating on vaccine that could prevent and treat COVID-19 https://scienmag.com/pathogen-scientist-collaborating-on-vaccine-that-could-prevent-and-treat-covid-19/
  • In Sweden, people with coronavirus symptoms say getting a test is nearly impossible — and it affects their ability to get medical care https://www.businessinsider.com/sweden-coronavirus-testing-lags-patients-say-they-cant-be-treated-2020-6
  • COVID-19 mortality alarmingly high in dialysis patients https://scienmag.com/covid-19-mortality-alarmingly-high-in-dialysis-patients/
  • Scientists Find a Way to Infect Mice With Coronavirus. Here's Why That's So Important https://www.sciencealert.com/scientists-have-found-a-way-to-infect-mice-with-the-coronavirus-here-s-why-that-s-super-important
  • What It Will Take To Trace The Coronavirus Source https://www.nature.com/articles/d41586-020-01541-z
  • Unmasking the stealth virus behind COVID-19 https://www.cbc.ca/news/health/interferon-covid-1.5599340

• Guidance, Response and Recovery:

  • The New Science of Lockdowns - alternating WFH https://blogs.scientificamerican.com/observations/the-new-science-of-lockdowns/
  • Feds continue to bolster PPE supply as COVID-19 pandemic continues https://globalnews.ca/news/7016649/coronavirus-ppe-supply/
  • Even a Vaccine Won’t Erase this Pandemic https://thetyee.ca/Analysis/2020/06/03/Vaccine-Will-Not-Erase-Pandemic/
  • University of Waterloo researchers using social media to predict disease outbreaks https://globalnews.ca/news/6996910/university-of-waterloo-researchers-social-media-disease-outbreaks/

• Behaviour - the good, the bad, and the ugly:

  • The Facebook Groups Where People Pretend the Pandemic Isn’t Happening https://www.theatlantic.com/technology/archive/2020/06/facebook-groups-role-play-pandemic/612697/
  • COVID-19, Fake Science, And Conspiracy Theories https://scienmag.com/covid-19-fake-science-and-conspiracy-theories/

• Medical research scandal:

  • Ripples from coronavirus research scandal rocks global scientific community http://www.rfi.fr/en/science-and-technology/20200606-ripples-from-coronavirus-research-scandal-rocks-global-scientific-community
  • Two coronavirus studies retracted after questions emerge about data https://www.cnn.com/2020/06/04/health/retraction-coronavirus-studies-lancet-nejm/index.html
  • Hydroxychloroquine study retraction shows the problems of speedy science https://www.theverge.com/2020/6/4/21280738/hydroxychloroquine-retraction-lancet-surgisphere-speed-study
  • Hydroxychloroquine doesn’t prevent COVID-19 in people exposed to the virus https://globalnews.ca/news/7022284/hydroxychloroquine-clinical-trial-coronavirus-prevention/

• Masks, anti-maskers, and distancing:

  • Keep wearing masks and social distancing — it works, McMaster study https://www.cbc.ca/news/canada/hamilton/mcmaster-covid-masks-1.5594525
  • Here’s what WHO says your mask should have to prevent COVID-19 spread https://arstechnica.com/science/2020/06/who-now-recommends-the-public-use-masks-good-masks-in-covid-19-areas/

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud.

• Request for Comments: Secure Software Standard Update: Draft Terminal Software Module https://blog.pcisecuritystandards.org/request-for-comments-secure-software-standard-update-draft-terminal-software-module
• New PCI FAQ #1481 - https://pcissc.secure.force.com/faq/articles/Frequently_Asked_Question/What-type-of-assessor-signatures-are-allowable-for-PCI-SSC-attestation-documentation?q=1481&l=en_US&fs=Search&
• Updated index of PCI FAQs https://controlgap.com/index-pci-frequently-asked-questions/
• We Are All in This Together: Responding to the COVID-19 Pandemic https://blog.pcisecuritystandards.org/we-are-all-in-this-together-responding-to-the-covid-19-pandemic
• Fitness Depot hit by e-commerce data breach after ISP fails to ‘activate the antivirus’ https://www.databreaches.net/fitness-depot-hit-by-data-breach-after-isp-fails-to-activate-the-antivirus/
• The FTC Announces Settlement With ISO That Processed for Fraudulent Online Marketer https://www.digitaltransactions.net/the-ftc-announces-settlement-with-iso-that-processed-for-fraudulent-online-marketer/
• Would-be passengers get around airline refund policies via credit card chargebacks https://globalnews.ca/news/7025912/credit-card-chargebacks-coronavirus-air-travel/
• Romanian Skimmer Gang in Mexico Outed by KrebsOnSecurity Stole $1.2 Billion https://krebsonsecurity.com/2020/06/romanian-skimmer-gang-in-mexico-outed-by-krebsonsecurity-stole-1-2-billion/

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

• COVID related breaches - unemployment, stimulus, apps:

  • Security flaw in Qatar’s COVID-19 contact-tracing app ‘put 1m people’s sensitive data at risk’ https://www.databreaches.net/security-flaw-in-qatars-covid-19-contact-tracing-app-put-1m-peoples-sensitive-data-at-risk/
• India’s BHIM Payments Site May Have Exposed 7 Million Users’ Data https://www.pymnts.com/news/security-and-risk/2020/indias-bhim-payments-site-may-have-exposed-7-million-users-data/
• Lead Hunter - 68,693,853 breached accounts from March added to HIBP https://haveibeenpwned.com/PwnedWebsites#LeadHunter
• French Civic Service exposes 1.4 million user records on the web, including volunteers’ personal details https://www.comparitech.com/blog/information-security/agence-du-service-civique-leak/
• Indiana covered entities discover that their documents storage and secure destruction vendor dumped records improperly https://www.databreaches.net/indiana-covered-entities-discover-that-their-documents-storage-and-secure-destruction-vendor-dumped-records-improperly/
• “Aeries Software” Breached and Over 150 School Districts Compromised https://www.databreaches.net/aeries-software-breached-and-over-150-school-districts-compromised/
• San Francisco Benefits Program Breach Exposes PII On 74K https://www.scmagazine.com/home/security-news/data-breach/san-francisco-benefits-program-breach-exposes-pii-on-74000/
• Duluth schools had some kind of breach… https://www.databreaches.net/duluth-schools-had-some-kind-of-breach/
• The Unattributable "Lead Hunter" Data Breach https://www.troyhunt.com/the-unattributable-lead-hunter-data-breach/
• IT Services Giant Conduent Suffers Ransomware Attack, Data Breach https://www.databreaches.net/it-services-giant-conduent-suffers-ransomware-attack-data-breach/
• Two Data Breaches Hit Kentucky Employees’ Health Plan https://www.databreaches.net/two-data-breaches-hit-kentucky-employees-health-plan/
• Ransomware Attacks Hit 2 More Healthcare Organizations https://www.databreachtoday.com/ransomware-attacks-hit-2-more-healthcare-organizations-a-14379
• REvil ransomware gang launches auction site to sell stolen data https://www.zdnet.com/article/revil-ransomware-gang-launches-auction-site-to-sell-stolen-data/
• U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked https://threatpost.com/nuclear-contractor-maze-ransomware-data-leaked/156289/
• Privacy breach at Manitoba Agricultural Services Corporation https://www.databreaches.net/ca-privacy-breach-at-manitoba-agricultural-services-corporation/
• Joomla Resources Directory (JRD) Portal Suffers Data Breach https://thehackernews.com/2020/06/joomla-data-breach.html
• CPA discloses security breach affecting over 329,000 http://www.bnnbloomberg.ca/cpa-discloses-security-breach-affecting-over-329-000-1.1445612
• San Francisco Employees’ Retirement System notifies employees of contractor breach https://www.databreaches.net/san-francisco-employees-retirement-system/
• Castro Valley Health notifies patients after learning that patient data had been improperly transferred to Docker Hub https://www.databreaches.net/ca-castro-valley-health-notifies-patients-after-learning-that-patient-data-had-been-improperly-transferred-to-docker-hub/
• Data from Nigerian and Kenyan universities compromised after unis fail to act upon whitehat’s notifications https://www.databreaches.net/data-from-nigerian-and-kenyan-universities-compromised-after-unis-fail-to-act-upon-whitehats-notifications/
• Agromart’s data up for auction while threat actors read — and publish — their victim’s emails about the attack https://www.databreaches.net/agromarts-data-up-for-auction-while-threat-actors-read-and-publish-their-victims-emails-about-the-attack/
• Mathway - 25,692,862 breached accounts from 2020 https://haveibeenpwned.com/PwnedWebsites#Mathway
• Zoomcar - 3,589,795 breached accounts from 2018 https://haveibeenpwned.com/PwnedWebsites#Zoomcar
• REvil ransomware gang publishes 'Elexon staff's passports' after UK electrical middleman shrugs off attack https://www.theregister.com/2020/06/01/elexon_ransomware_was_revil_sodinokibi/
• Ransomware Attack Kidnaps Austrian City https://www.databreaches.net/ransomware-attack-kidnaps-austrian-city/
• Ransomware gang says it breached one of NASA's IT contractors https://www.zdnet.com/article/ransomware-gang-says-it-breached-one-of-nasas-it-contractors/
• NJ: Systems returning after computer hack in Bernards Township https://www.databreaches.net/nj-systems-returning-after-computer-hack-in-bernards-township/
• Canadian hospitals ‘overwhelmed’ by cyberattacks fuelled by booming black market https://www.cbc.ca/news/canada/nova-scotia/hospitals-health-care-cybersecurity-federal-government-funding-1.5493422

Privacy

Articles about privacy related news, risks, and trends.

• COVID-19 Contact tracing and surveillance:

  • Legal complaint lodged with UK data watchdog over claims coronavirus Test and Trace programme flouts GDPR https://www.theregister.com/2020/06/04/test_and_trace_ico_gdpr_complaint/
  • City of Toronto urges province to collect COVID-19 race and occupation data https://globalnews.ca/news/7015438/toronto-covid-19-race-occupation-data/
  • Don’t Mix Policing with COVID-19 Contact Tracing https://www.eff.org/deeplinks/2020/06/dont-mix-policing-covid-19-contact-tracing
  • Inverse-Sybil Attacks in Automated Contact Tracing https://eprint.iacr.org/2020/670
  • Contact-tracer spoofing is already happening – and it's dangerously simple to do https://www.theregister.com/2020/06/02/contact_tracing_spoofable/
  • A Survey of Automatic Contact Tracing Approaches https://eprint.iacr.org/2020/672
• Big GDPR Fines in UK and Ireland: What's the Holdup? https://www.bankinfosecurity.com/big-gdpr-fines-in-uk-ireland-whats-holdup-a-14361
• Google Faces Privacy Lawsuit Over Tracking Users in Incognito Mode https://threatpost.com/google-faces-privacy-lawsuit-over-tracking-users-in-incognito-mode/156269/
• Google Faces $5B Lawsuit for Tracking Users in Incognito Mode https://www.darkreading.com/endpoint/google-faces-$5b-lawsuit-for-tracking-users-in-incognito-mode/d/d-id/1337997
• $5bn+ sueball bounces into Google's court over claims it continues to track netizens in 'private browsing mode' https://www.theregister.com/2020/06/03/google_lawsuit/
• WhatsApp Phone Numbers Pop Up in Google Search Results — But is it a Bug? https://threatpost.com/whatsapp-phone-numbers-google-search-results/156141/
• Protecting Your Privacy if Your Phone is Taken Away https://www.eff.org/deeplinks/2020/06/protecting-your-privacy-if-your-phone-taken-away
• Signal goes Gaussian to take privacy to the next level: All your faces don't belong to us https://www.theregister.com/2020/06/05/signal_blur_tool/

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

• The War on Twitter:

  • Dangers of Trump’s Executive Order Explained https://www.eff.org/deeplinks/2020/05/dangers-trumps-executive-order-explained
  • Why the USMCA Locks in the Internet Platform Liability System in the U.S., Canada and Mexico https://www.michaelgeist.ca/2020/05/why-the-usmca-locks-in-the-internet-platform-liability-system-in-the-u-s-canada-and-mexico/
  • Snap will stop promoting Trump’s account after concluding his tweets incited violence https://www.theverge.com/2020/6/3/21279280/snapchat-snap-remove-trump-account-discover-promotion-incite-violence-twitter_FTC Slams Children’s App Developer for COPPA Violations https://threatpost.com/ftc-childrens-app-developer-coppa-violations/156355/
• Publishers sue Internet Archive over Open Library ebook lending https://www.theverge.com/2020/6/1/21277036/internet-archive-publishers-lawsuit-open-library-ebook-lending
• California Cops Can No Longer Pass the Cost of Digital Redaction onto Public Records Requesters https://www.eff.org/deeplinks/2020/06/california-cops-can-no-longer-pass-cost-digital-redaction-public-records
• NIST updated (SP) 800-133 Revision 2, Recommendation for Cryptographic Key Generation covers generation of keys for approved cryptographic algorithms https://csrc.nist.gov/publications/detail/sp/800-133/rev-2/final

• NIST IoT updates for device manufacturers https://content.govdelivery.com/accounts/USNIST/bulletins/28ea048 :

  • NISTIR 8259A, IoT Device Cybersecurity Capability Core Baseline https://csrc.nist.gov/publications/detail/nistir/8259a/final
  • NISTIR 8259, Foundational Cybersecurity Activities for IoT Device Manufacturers https://csrc.nist.gov/publications/detail/nistir/8259/final
• Should 'Killer Robots' Be Banned? https://www.bankinfosecurity.com/blogs/do-killer-robots-dream-electric-sheep-p-2906
• No Opinions Permitted: Broadcast Panel Rules Jokingly Criticizing Canadian Content During Radio News Segment Violates Code of Ethics https://www.michaelgeist.ca/2020/06/no-opinions-permitted-broadcast-panel-rules-jokingly-criticizing-canadian-content-during-radio-news-segment-violates-code-of-ethics/

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

• This is not the last pandemic, hunting for future killer viruses https://www.bbc.co.uk/news/science-environment-52775386
• Most people don't change their passwords after a breach!? https://www.schneier.com/blog/archives/2020/06/password_changi.html and https://www.zdnet.com/article/after-a-breach-users-rarely-change-their-passwords-study-finds/
• This Bot Hunts Software Bugs for the Pentagon https://www.wired.com/story/bot-hunts-software-bugs-pentagon/
• Firefox fixes cryptographic data leakage in latest security update https://nakedsecurity.sophos.com/2020/06/03/firefox-fixes-cryptographic-data-leakage-in-latest-security-update/
• Update Firefox: Mozilla just patched three hijack-me holes and a bunch of other flaws https://www.theregister.com/2020/06/04/firefox_77_security_fixes/
• Zoom Patches Two Serious Vulnerabilities Found by Cisco Researchers https://www.securityweek.com/zoom-patches-two-serious-vulnerabilities-found-cisco-researchers
• Researchers Disclose 2 Critical Vulnerabilities in SAP ASE https://www.bankinfosecurity.com/researchers-disclose-2-critical-vulnerabilities-in-sap-ase-a-14375
• NCA launches UK ad campaign to divert kids searching for cybercrime tools https://www.zdnet.com/article/nca-launches-ad-campaign-to-divert-kids-searching-for-cybercrime-tools/
• IBM Releases Open Source Toolkits for Processing Data While Encrypted https://www.securityweek.com/ibm-releases-open-source-toolkits-processing-data-while-encrypted
• Tor’s latest release makes it easier to find secure onion services https://www.zdnet.com/article/tors-latest-release-makes-it-easier-to-find-secure-onion-services/
• Leading authority on cryptography and data privacy receives Knuth Prize https://scienmag.com/leading-authority-on-cryptography-and-data-privacy-receives-knuth-prize/

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

• Researcher Discloses 'Sign in with Apple' Flaw (It was patched so not a zero-day) https://www.bankinfosecurity.com/researcher-discloses-sign-in-apple-zero-day-flaw-a-14365
• Critical Vulnerability Could Have Allowed Hackers to Disrupt Traffic Lights https://www.securityweek.com/critical-vulnerability-could-have-allowed-hackers-disrupt-traffic-lights
• VMware Workstation 15 denial-of-service vulnerability https://blog.talosintelligence.com/2020/06/vulnerability-spotlight-vmware.html
• Two Critical Flaws in Zoom Could've Let Attackers Hack Systems via Chat https://thehackernews.com/2020/06/zoom-video-software-hacking.html
• Two Critical Android Bugs Open Door to RCE https://threatpost.com/two-critical-android-bugs-rce/156216/ and https://arstechnica.com/information-technology/2020/06/google-fixes-android-flaws-that-allow-code-execution-with-high-system-rights/
• Users discover wallpaper that can crash some Android phones https://www.theverge.com/2020/6/1/21276658/android-phone-wallpaper-bug-crash-rgb-srgb-samsung-pixel
• Breaking the Solidity Compiler with a Fuzzer https://blog.trailofbits.com/2020/06/05/breaking-the-solidity-compiler-with-a-fuzzer/

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

• Apple tracks looters who steal iPhones https://www.bbc.co.uk/news/technology-52903677
• Sophisticated Info-Stealer Targets Air-Gapped Devices via USB https://threatpost.com/info-stealer-air-gapped-devices-usb/156262/ and https://thehackernews.com/2020/06/air-gap-malware-usbculprit.html
• Researchers Dive Into Evolution of Malicious Excel 4.0 Macros https://www.securityweek.com/researchers-dive-evolution-malicious-excel-40-macros
• Attackers Target 1M+ WordPress Sites To Harvest Database Credentials https://threatpost.com/attackers-target-1m-wordpress-sites-to-harvest-database-credentials/156255/
• Phishers Use Fake VPN Alerts to Steal Office 365 Passwords https://www.bankinfosecurity.com/phishers-use-fake-vpn-alerts-to-steal-office-365-passwords-a-14382
• Trump, Biden Campaign Staffers Targeted By APT Phishing Emails https://threatpost.com/trump-biden-campaign-apt-phishing-emails/156319/
• ZLoader-Laced Emails Masquerade As CVs From Job-Seekers https://threatpost.com/zloader-laced-emails-unemployed-victims/156222/
• TrickBot Update Makes Malware Harder to Detect https://www.bankinfosecurity.com/trickbot-update-makes-malware-harder-to-detect-report-a-14363
• Electrolux, Others Conned Out of Big Money by BEC Scammer https://threatpost.com/electrolux-conned-money-bec-scammer/156359/
• Identity Theft, Fraud Exploding in 2020 https://www.datex.ca/blog/identity-theft-fraud-exploding-in-2020
• Enterprise Mobile Phishing Attacks Skyrocket Amidst Pandemic https://threatpost.com/enterprise-mobile-phishing-pandemic/156236/
• Inside Job at Clinics: Mobile Phone Used for Fraud https://www.databreachtoday.com/inside-job-at-clinics-mobile-phone-used-for-fraud-a-14364
• Barcode Reader Apps on Google Play Found Using New Ad Fraud Technique https://blog.trendmicro.com/trendlabs-security-intelligence/barcode-reader-apps-on-google-play-found-using-new-ad-fraud-technique/
• Owners of DDoS-for-Hire Service vDOS Get 6 Months Community Service https://krebsonsecurity.com/2020/06/owners-of-ddos-for-hire-service-vdos-get-6-months-community-service/

Other Security / Risk

Articles covering other types of risks.

• COVID-19 Other risks and impact:

  • Coronavirus could ‘drag on US economy for a decade' https://www.bbc.co.uk/news/business-52887724
  • US companies cut 2.76 million jobs in May, less than one-third of what economists expected https://www.businessinsider.com/us-private-payrolls-declined-million-may-less-expected-adp-jobs-2020-6
  • The Inflated Promise of Genomic Medicine https://blogs.scientificamerican.com/blogs/observations/the-inflated-promise-of-genomic-medicine/
  • IT and business services is taking a massive 10.2% hit this year https://www.horsesforsources.com/post-covid-hfs-forecast_06022020
  • Sophos puts 100 at risk of redundancy as future of Naked Security blog hangs in balance https://www.theregister.com/2020/06/04/sophos_100_redundancies_naked_security/
  • Walmart to Shut Down 269 Stores, Including 154 in US https://abcnews.go.com/Business/walmart-shut-269-stores-globally-including-154-us/story?id=36315019
  • Amazon Dives Into Weak Aircraft Market, Leases 12 More Planes https://www.bloomberg.com/news/articles/2020-06-03/amazon-dives-into-weak-aircraft-market-leases-12-more-planes
  • Remote government voting amid coronavirus can be done securely: House of Commons Speaker https://globalnews.ca/news/7017329/remote-voting-securely-coronavirus-commons-speaker/
• Q&A: Eugene Spafford on the Risks of Internet Voting https://www.darkreading.com/risk/qanda-eugene-spafford-on-the-risks-of-internet-voting/d/d-id/1338011

• Huawei 5G and the 5 Eyes:

  • Bell, Telus to use Nokia and Ericsson, not Huawei, in building their next-generation 5G networks https://www.cbc.ca/news/business/bce-5g-ericsson-1.5594601
  • US State Department says U.S. will reassess intelligence-sharing with Canada if it lets Huawei into 5G https://www.cbc.ca/news/politics/huawei-5g-state-department-trudeau-china-1.5598548

• Zoom Encryption Controversy:

  • Zoom's Commitment to User Security Depends on Whether you Pay It or Not https://www.schneier.com/blog/archives/2020/06/zooms_commitmen.html
  • Zoom Not Offering End-to-End Encryption to Free Users to Help Law Enforcement https://www.securityweek.com/zoom-not-offering-end-end-encryption-free-users-help-law-enforcement
  • Zoom defenders cite legit reasons to not end-to-end encrypt free calls https://arstechnica.com/information-technology/2020/06/zoom-defenders-say-there-are-legit-reasons-to-not-encrypt-free-calls/
  • Zoom Restricts End-to-End Encryption to Paid Users https://threatpost.com/zoom-end-to-end-encryption-paying-users/156286/
• Facebook starts labeling ‘state-controlled media’ pages https://www.theverge.com/2020/6/4/21280542/facebook-state-controlled-media-account-post-label-election-interference-ads-rt
• How to Recognize and Avoid Common Thinking Traps https://www.quickanddirtytips.com/health-fitness/mental-health/thinking-traps-part-1
• Five dead in newest Ebola outbreak in Congo https://www.cnn.com/2020/06/01/health/ebola-outbreak-congo-intl/index.html
• India is using drones and fire trucks to fight its worst locust invasion in almost 30 years https://www.cnn.com/2020/06/02/asia/india-desert-locust-swarm-intl-hnk/index.html
• Facebook employees walk out in protest of Donald Trump’s posts https://www.theverge.com/2020/6/1/21277135/facebook-walkout-protest-virtual-president-donald-trump-posts and https://www.nytimes.com/2020/06/01/technology/facebook-employee-protest-trump.html
• Bell Canada to sell 25 data centres for $1.04B to Equinix https://globalnews.ca/news/7010590/bell-canada-sells-data-centres-equinix/
• At long last, new carbon capture project launches in Alberta https://www.cbc.ca/news/business/actl-enhance-energy-oil-ccs-co2-ccus-1.5593969
• The US Air Force wants to put an AI drone up against a fighter pilot in a dogfight that could change aerial combat https://www.businessinsider.com/us-air-force-to-have-drone-dogfight-a-fighter-jet-2020-6

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

• Scientists Just Created Artificial Red Blood Cells That May Be Even Better Than The Real Thing https://www.sciencealert.com/these-synthetic-red-blood-cells-could-be-even-better-than-the-real-thing
• A potential new weapon in the war against superbugs https://scienmag.com/a-potential-new-weapon-in-the-war-against-superbugs/
• Researchers Unveil a Sodium-Ion Battery That Rivals Commercial Lithium-Ion Models https://www.sciencealert.com/new-sodium-ion-battery-performs-as-well-as-some-commercial-lithium-ion-models
• High-speed atomic video https://scienmag.com/high-speed-atomic-video/
• A Bald Eagle Nest With Eggs Has Been Spotted on Cape Cod for the First Time Since 1905 https://www.mentalfloss.com/article/625103/bald-eagle-nest-with-eggs-spotted-on-cape-cod
• Dead Sea Scrolls ‘puzzle’ pieced together with DNA https://scienmag.com/dead-sea-scrolls-puzzle-pieced-together-with-dna/
• Nuclear Fusion - ITER | Tokamak Fusion Reactors https://www.popularmechanics.com/science/energy/a32733163/nuclear-fusion-iter-reactor-tokamak-cryostat/
• A secret military space plane is carrying an experiment to harvest power from space https://www.cbc.ca/radio/quirks/a-secret-military-space-plane-is-carrying-an-experiment-to-harvest-power-from-space-1.5590837
• We Just Got Even More Evidence Mars Once Had a Ring https://www.sciencealert.com/the-weird-orbit-of-mars-moon-suggests-the-red-planet-once-had-a-ring
• Strange, 'Never-Before-Seen' Trojan Asteroid Turns Out to Be Something Much More Common https://www.sciencealert.com/strange-never-before-seen-asteroid-turns-out-to-be-something-much-more-common
• Is the alien chunk 'Oumuamua actually a hydrogen iceberg? https://www.syfy.com/syfywire/is-the-alien-chunk-oumuamua-actually-a-hydrogen-iceberg
• What are the Odds of Life Emerging on Another Planet? https://www.universetoday.com/146308/what-are-the-odds-of-life-emerging-on-another-planet/