Welcome to This Week’s [in]Security. Fallout from US Unrest. Facebook Ad boycott. Covid-19: Spread & Curve. Lockdown, Reopening, & The New Normal. More of the Good, Bad, and Ugly. Mostly Magento. COVID Breach Bubble. Darkweb trove on 14M exposed. 132M records from 14 sites. More Blueleaks? Evolution of ransomware. Mac ransomware. A privacy friendly search? SSN lock fail. Naughty FB apps. Crypto-wars. Geofencing Warrants. SIM swap lawsuit. Ad blocker benefits. HTTP/3. Securing IoT. Palo Alto severity 10 bug. F5 Compromise. Massive password study. Kill 2G. Netgear routers. Too many tools. EncroChat. Nortel hack? Bossware. Unemployment. Security through inefficiency! Facial False Positives. AI bias. Fake Social Media Accounts. H1N1 (G4). Wiki-washing. And more.

Trending news and COVID-19 updates.

The COVID related articles here fit together. Other COVID articles will appear under our normal section headings like regulations, privacy, breaches, and other risks. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

• Fallout from US Unrest:

  • Ring Doorbell’s Police Partnerships Questioned Over Racial Bias https://threatpost.com/rings-police-partnerships-racial-bias/157140/
  • Amazon’s Ring Enables the Over-Policing Efforts of Some of America’s Deadliest Law Enforcement Agencies https://www.eff.org/deeplinks/2020/07/amazons-ring-enables-over-policing-efforts-some-americas-deadliest-law-enforcement
  • Shootings, Violence Jump In Cities Where Mayors Have Restrained Police https://thefederalist.com/2020/06/21/shootings-violence-jump-in-cities-where-mayors-have-restrained-police/
  • Another Fatal Shooting in Seattle’s ‘CHOP’ Protest Zone https://www.nytimes.com/2020/06/29/us/seattle-protests-CHOP-CHAZ-autonomous-zone.html
  • Two teenagers shot in Seattle's Chop autonomous zone - https://www.bbc.co.uk/news/world-us-canada-53224445
  • Police Clear Seattle’s Protest ‘Autonomous Zone’ https://www.nytimes.com/2020/07/01/us/seattle-protest-zone-CHOP-CHAZ-unrest.html
  • Why People Are Toppling Monuments to Racism https://www.scientificamerican.com/article/why-people-are-toppling-monuments-to-racism/

• Facebook Ad boycott:

  • Canadian companies Lululemon, MEC and Arc'teryx join Facebook ad boycott https://www.cbc.ca/news/business/facebook-ad-boycott-canada-1.5631054
  • Is Facebook losing the Ad boycott battle? https://www.bbc.co.uk/news/av/world-us-canada-53273480/zuckerberg-hits-back-at-facebook-boycott
  • Mark Zuckerberg: advertisers' boycott of Facebook will end 'soon enough' https://www.theguardian.com/technology/2020/jul/02/mark-zuckerberg-advertisers-boycott-facebook-back-soon-enough

• The spread and the curve:

  • WHO reports record level of new coronavirus cases, largest single-day increase https://www.ctvnews.ca/health/coronavirus/who-reports-record-level-of-new-coronavirus-cases-largest-single-day-increase-1.5011405
  • The deadly impact of lifting lockdown too early https://edition.cnn.com/2020/07/03/health/coronavirus-lockdown-lifting-deadly-charts-intl/index.html
  • Coronavirus cases more than doubled in 10 U.S. states in June https://globalnews.ca/news/7124710/coronavirus-cases-united-states-june/
  • Coronavirus cases now rising in 40 U.S. states as Texas orders mandatory mask use https://globalnews.ca/news/7134604/us-coronavirus-40-states/
  • US reports over 48,000 new single-day coronavirus cases, setting a new record for the fourth time in a week https://www.businessinsider.com/us-reports-new-coronavirus-cases-setting-new-record-2020-6
  • What's behind alarming new US outbreaks? https://www.bbc.co.uk/news/world-us-canada-53228134
  • Houston hospitals 'could be in a world of hurt' as coronavirus cases surge to record highs https://www.businessinsider.com/houston-coronavirus-texas-harris-county-hospitals-2020-7
  • India just surpassed Russia to become the country with the 3rd-highest number of coronavirus infections https://www.businessinsider.com/coronavirus-india-russia-third-highest-infected-country-2020-7
  • A Dire Warning From COVID-19 Test Providers https://www.theatlantic.com/science/archive/2020/06/us-coronavirus-testing-could-fail-again/613675/
  • Drunk people will not keep apart https://www.bbc.co.uk/news/uk-53296689
  • U.S. holiday could fuel COVID-19 outbreak https://globalnews.ca/news/7140271/coronavirus-fourth-of-july/
  • The human cost of fake news in India https://www.bbc.co.uk/news/world-asia-india-53165436
  • Inside the secret Covid rave scene https://www.bbc.co.uk/news/av/uk-53283351/coronavirus-inside-the-secret-covid-rave-scene
  • Migrant farm workers ‘hid’ from coronavirus testing in Windsor-Essex https://globalnews.ca/news/7133107/migrant-workers-hid-coronavirus-testing-windsor-doug-ford/

• Lockdown, reopening, and The New Normal:

  • Hundreds of thousands of U.S. visitors are still crossing border into Canada each week https://nationalpost.com/news/hundreds-of-thousands-of-u-s-visitors-are-still-crossing-border-into-canada-each-week
  • Canada extends ban on most foreign travellers https://globalnews.ca/news/7125697/coronavirus-canada-extends-ban-on-most-foreign-travellers/
  • EU to allow in visitors from 15 'safe' countries https://www.bbc.co.uk/news/world-europe-53222356
  • EU confirms ban on American travelers as US scrambles to contain coronavirus https://www.theverge.com/2020/6/30/21308023/eu-ban-american-travelers-tourists-coronavirus-pandemic-response
  • 5 Americans who flew by private jet to Italy were reportedly denied entry due to the EU https://www.businessinsider.com/italy-americas-tourists-unable-enter-sardinia-coronavirus-high-in-us-2020-7
  • Canadians allowed to travel to Europe amid coronavirus pandemic https://globalnews.ca/news/7123882/eu-travel-coronavirus-canada/
  • Wasaga Beach, Ont., to close main area of beach following Canada Day crowds https://globalnews.ca/news/7133461/coronavirus-wasaga-beach-closing/

• Treatments, Testing, Triage, and Trials, and things we learned:

  • Dominant Coronavirus Strain Appears to Be a Mutated, More Virulent Version https://www.sciencealert.com/current-dominant-strain-of-covid-19-more-infectious-than-original-study
  • "DART" ‘shield’ protects healthcare workers caring for COVID-19 patients https://scienmag.com/new-shield-protects-healthcare-workers-caring-for-covid-19-patients/
  • Canadians to get first glimpse of true COVID-19 infection rate in mid-July thanks to anti-body testing https://globalnews.ca/news/7140251/coronavirus-canada-infection-rate/
  • Meet the 'long-haulers': A growing chorus of coronavirus patients have had symptoms for more than 100 days https://www.businessinsider.com/long-term-coronavirus-symptoms-patients-sick-for-months-2020-7
  • An asymptomatic coronavirus carrier infected an apartment neighbor without sharing the same space. A study blames the building's elevator buttons. https://www.businessinsider.com/coronavirus-jumped-between-people-via-elevator-surfaces-study-2020-7
  • Can an Algorithm Predict the Pandemic’s Next Moves? https://www.nytimes.com/2020/07/02/health/santillana-coronavirus-model-forecast.html
  • To Spot Future Coronavirus Flare-Ups, Search the Sewers https://www.scientificamerican.com/article/to-spot-future-coronavirus-flare-ups-search-the-sewers/
  • We're 6 Months Into The Pandemic. Experts Predict What 12 Months Might Look Like https://www.sciencealert.com/the-pandemic-is-now-six-months-old-here-s-what-we-could-expect-in-the-next-six
  • Report calls out ‘systemic’ failings in Canada’s long-term care system https://globalnews.ca/news/7137461/canada-long-term-care-report/
  • There's Another Insidious Side Effect of This Pandemic - More Anti-Vaxxer Activity https://www.sciencealert.com/anti-vaxxers-seize-virus-moment-to-spread-fake-news
  • Sweden: Immunity may be more widespread than tests suggest https://www.bbc.co.uk/news/health-53248660
  • Experimental COVID-19 Vaccine Shows Positive Early Results in Human Trial https://www.sciencealert.com/german-and-us-pharmaceutical-companies-have-great-news-on-coronavirus-vaccines

• Guidance, Response and Recovery:

  • The coronavirus still kills hundreds of people in the US every day, but Americans have stopped caring — and it's not entirely their fault https://www.businessinsider.com/why-americans-are-numb-to-coronavirus-death-threat-2020-7
  • Research underway in N.S., N.B. to develop new coronavirus-killing package coating https://globalnews.ca/news/7131363/research-nova-scotia-new-brunswick-coronavirus-killing-package-coating/
  • Dr. Bonnie Henry takes over Olivia Munn’s Instagram to fight COVID-19 misinformation https://globalnews.ca/news/7124953/dr-bonnie-henry-olivia-munns-instagram-takeover/
  • Stay Home Anyway https://www.theatlantic.com/newsletters/archive/2020/06/covid-19-outbreak-july-2020/613702/
  • (ISC)2 Security Congress Will Be Virtual This Year https://blog.isc2.org/isc2_blog/2020/06/its-official-isc2-security-congress-will-be-virtual-this-year.html

• Behaviour - the good, the bad, and the ugly:

  • With no flights, man sails 9,000 km across Atlantic to see dad on Father’s Day https://globalnews.ca/news/7120544/man-sails-atlantic-portugal-argentina-fathers-day/
  • Shaming and Scolding Beachgoers Isn’t Helping https://www.theatlantic.com/health/archive/2020/07/it-okay-go-beach/613849/
  • Officials urge Kingston residents to ‘be kind to one another’ after visitors reportedly mistreated https://globalnews.ca/news/7139528/kingston-be-kind-visitors-mistreated-coronavirus/
  • ‘People who are honest don’t get on the ferry’: BC Ferries customers call for resident ID checks https://globalnews.ca/news/7136985/bc-ferries-resident-id-check/
  • Pair of Americans in Ontario fined, charged under Quarantine Act https://globalnews.ca/news/7139291/americans-quarantine-act-coronavirus/
  • Coronavirus detectives couldn’t get partygoers to answer the phone. So they issued subpoenas https://www.washingtonpost.com/nation/2020/07/03/contact-tracing-covid-party-subpoena/

• Masks, anti-maskers, and distancing:

  • Visualization shows exactly how face masks stop COVID-19 transmission |https://www.livescience.com/face-mask-visualization-droplets-covid-19.html
  • Should masks be mandatory? It depends https://globalnews.ca/news/7119749/mandatory-masks-toronto-canada/
  • Face masks or coverings now mandatory on TTC https://globalnews.ca/news/7130662/coronavirus-ttc-mandatory-face-masks-coverings-policy/
  • Aggressive anti-mask customers are forcing some restaurants to shut dining rooms to protect employees from abuse https://www.businessinsider.com/anti-mask-customers-force-some-restaurants-re-close-dining-rooms-2020-7
  • A 19-year-old McDonald's worker was assaulted after asking a customer to wear a mask https://www.businessinsider.com/restaurants-face-crisis-with-customers-mask-enforcement-2020-7
  • Fake Face mask exemption cards https://www.bbc.co.uk/news/53266431
  • More than 160,000 N95 masks in Saskatchewan expired before coronavirus hit https://globalnews.ca/news/7133756/expired-n95-masks-saskatchewan-coronavirus/
  • Bolsonaro shuns face masks at event as country records 1,000 deaths in single day https://globalnews.ca/news/7139759/brazil-coronavirus-cases-deaths-july/

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud.

• Alina Point-of-Sale Malware Spotted in Ongoing Campaign https://threatpost.com/alina-point-sale-malware-ongoing-campaign/157087/
• Tuesday’s Magento 1 EOL Leaves Clock Ticking on 100K Online Stores https://threatpost.com/tuesdays-magento-1-eol-100k-online-stores/157000/
• CVE-2017-7391: Vulnerability in Magento Mass Import (MAGMI) Plugin Exploited in the Wild https://www.tenable.com/blog/cve-2017-7391-vulnerability-in-magento-mass-import-magmi-plugin-exploited-in-the-wild
• Fighting Against Formjacking and Magecart Webinar https://sourcedefense.com/resources/webinars/recording-the-fight-against-formjacking-and-magecart/
• Examples of client side JavaScript protection https://www.imperva.com/blog/imperva-prevents-client-side-attacks-like-formjacking-and-magecart/ and https://sourcedefense.com/resources/white-papers/healthcare-white-paper/

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

• COVID-19 ‘Breach Bubble’ Waiting to Pop? https://krebsonsecurity.com/2020/06/covid-19-breach-bubble-waiting-to-pop/
• Files Stolen from 945 Websites Discovered on Dark Web https://www.darkreading.com/vulnerabilities---threats/files-stolen-from-945-websites-discovered-on-dark-web/d/d-id/1338192
• Seller floods hacker forum with data stolen from 14 companies https://www.bleepingcomputer.com/news/security/seller-floods-hacker-forum-with-data-stolen-from-14-companies/
• AU: Hacked: Thousands of MyGov accounts for sale on dark web https://www.databreaches.net/au-hacked-thousands-of-mygov-accounts-for-sale-on-dark-web/
• NY Employment Nonprofit Client Data Potentially Exposed https://www.databreaches.net/ny-employment-nonprofit-client-data-potentially-exposed/
• Data breach at Canadian insurance firm Heartland Farm Mutual exposes personal information https://www.databreaches.net/data-breach-at-canadian-insurance-firm-exposes-personal-information/
• QC: SAQ computers hacked, personal data of employees consulted https://globalnews.ca/news/7126504/saq-hacked-personal-data/
• UK: Second NHS data leak to be fully investigated https://www.databreaches.net/uk-second-nhs-data-leak-to-be-fully-investigated/
• Personal Data of 250,000 People From 20 Countries Leaked by Bitcoin Scam https://www.databreaches.net/personal-data-of-250000-people-from-20-countries-leaked-by-bitcoin-scam/
• Serious data privacy breach at DU admit card 2020 download portal, students’ personal details available https://www.databreaches.net/serious-data-privacy-breach-at-du-admit-card-2020-download-portal-students-personal-details-available/
• Security Breach Impacts State Police Database https://www.securityweek.com/security-breach-impacts-state-police-database
• (Foothold, Exfiltrate, Encrypt, Ransom, Shame, Report) Hacker ransoms 23k MongoDB databases and threatens to contact GDPR authorities https://www.zdnet.com/article/hacker-ransoms-23k-mongodb-databases-and-threatens-to-contact-gdpr-authorities/
• Ransomware Operators Demand $14 Million From Brazillian Power Company https://www.securityweek.com/ransomware-operators-demand-14-million-power-company
• Inside a ransomware attack: From the first breach to the ransom demand https://www.zdnet.com/article/inside-a-ransomware-attack-from-the-first-breach-to-encrypting-a-network-in-just-two-weeks/
• Xerox Apparent Victim Of Maze Attack https://packetstormsecurity.com/news/view/31351/Xerox-Apparent-Victim-Of-Maze-Attack.html
• New Mac ransomware is even more sinister than it appears https://arstechnica.com/information-technology/2020/07/new-mac-ransomware-is-even-more-sinister-than-it-appears/
• New ThiefQuest ransomware discovered targeting macOS users https://www.zdnet.com/article/new-evilquest-ransomware-discovered-targeting-macos-users/
• Attackers Compromised Dozens of News Websites as Part of Ransomware Campaign https://www.darkreading.com/attacks-breaches/attackers-compromised-dozens-of-news-websites-as-part-of-ransomware-campaign/d/d-id/1338265

• Follow-ups:

  • Possible Click2Gov Security Breach Under Investigation https://www.databreaches.net/possible-click2gov-security-breach-under-investigation/
  • University of Michigan: Leaked emails, passwords were from ‘3rd-party data breaches’ https://www.databreaches.net/university-of-michigan-leaked-emails-passwords-were-from-3rd-party-data-breaches/
  • Credit unions can serve up negligence claim in Sonic data breach case https://www.databreaches.net/credit-unions-can-serve-up-negligence-claim-in-sonic-data-breach-case-judge/
  • One of Florida’s largest orthopedic providers faces class-action lawsuit after data breach https://www.databreaches.net/one-of-floridas-largest-orthopedic-providers-faces-class-action-lawsuit-after-data-breach/
  • US schools leaked 24.5 million records in 1,327 data breaches since 2005 https://www.comparitech.com/blog/vpn-privacy/us-schools-data-breaches/

Privacy

Articles about privacy related news, risks, and trends.

• Search engine startup asks users to be the customer, not the product https://arstechnica.com/gadgets/2020/06/googles-former-advertising-vp-starts-a-subscriber-only-search-engine/
• E-Verify’s “SSN Lock” is Nothing of the Sort https://krebsonsecurity.com/2020/07/e-verifys-ssn-lock-is-nothing-of-the-sort/
• With Edge, Microsoft’s forced Windows updates just sank to a new low https://www.theverge.com/21310611/microsoft-edge-browser-forced-update-chromium-editorial
• Sixteen Facebook apps caught secretly sharing data with third-parties https://www.zdnet.com/article/sixteen-facebook-apps-caught-secretly-sharing-data-with-third-parties/
• Uncovered: 1,000 phrases that incorrectly trigger Alexa, Siri, and Google Assistant https://arstechnica.com/information-technology/2020/07/uncovered-1000-phrases-that-incorrectly-trigger-alexa-siri-and-google-assistant/
• Google removes 25 Android apps caught stealing Facebook credentials https://www.zdnet.com/article/google-removes-25-android-apps-caught-stealing-facebook-credentials/ and https://www.schneier.com/blog/archives/2020/06/android_apps_st.html
• Follow-up: Tim Hortons’ mobile app under investigation for breaking privacy laws https://globalnews.ca/news/7120611/tim-hortons-app-privacy-breach/

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

• It's Official: CCPA Enforcement Begins https://www.bankinfosecurity.com/its-official-ccpa-enforcement-begins-a-14549
• The Encryption Wars Are Back but in Disguise https://www.scientificamerican.com/article/the-encryption-wars-are-back-but-in-disguise/
• Bills Call for State, White House Cybersecurity Coordinators https://www.bankinfosecurity.com/bills-call-for-state-white-house-cybersecurity-coordinators-a-14533
• Online privacy experts sound alarm as US Senate bill sparks surveillance fears https://www.theguardian.com/technology/2020/jul/02/earn-it-act-online-privacy-surveillance
• Tell Your Senator: Vote No on the EARN IT Act https://www.eff.org/deeplinks/2020/06/tell-your-senator-vote-no-earn-it-act
• China passes controversial Hong Kong security law https://www.bbc.co.uk/news/world-asia-china-53230391
• EFF Successfully Defends Users’ Right to Challenge Patents and Still Recover Legal Fees https://www.eff.org/deeplinks/2020/06/eff-successfully-defends-users-right-challenge-patents-and-still-recover-legal
• EFF Files Amicus Brief Arguing Geofence Warrants Violate the Fourth Amendment https://www.eff.org/deeplinks/2020/07/eff-files-amicus-brief-arguing-geofence-warrants-violate-fourth-amendment
• NICE Conference and Expo is now virtual https://niceconference.org/covid-19
• It’s happened again: AT&T sued for allegedly transferring victim's number to thieves in $1.9m cryptocoin heist https://www.theregister.com/2020/07/01/att_sim_swap_lawsuit_shapiro/
• Google's AMP, the Canonical Web, and the Importance of Web Standards https://www.eff.org/deeplinks/2020/07/googles-amp-canonical-web-and-importance-web-standards-0

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

• Ad blockers may benefit websites, users, and the market at large https://scienmag.com/ad-blockers-may-benefit-websites-users-and-the-market-at-large/
• System hardening in Android 11 https://security.googleblog.com/2020/06/system-hardening-in-android-11.html
• How to Passcode Lock Any App on Your Phone https://www.wired.com/story/how-to-passcode-lock-any-app-on-your-phone/
• Wireshark 3.2.5 Released https://isc.sans.edu/diary.html?storyid=26308
• Change is coming ... How to test HTTP/3 and QUIC with Firefox Nightly https://blog.cloudflare.com/how-to-test-http-3-and-quic-with-firefox-nightly/
• Making the WAF 40% faster https://blog.cloudflare.com/making-the-waf-40-faster/
• Securing the International IoT Supply Chain https://www.schneier.com/blog/archives/2020/07/securing_the_in_1.html
• "Don't Believe Proven Liars": The Absolute Minimum Standard of Prudence in Merger Scrutiny https://www.eff.org/deeplinks/2020/07/dont-believe-proven-liars-absolute-minimum-standard-prudence-merger-scrutiny

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

• (Palo Alto FW & VPN Remotely Exploitable SAML bug CVSS severity 10) US Cyber Command says foreign hackers will most likely exploit new PAN-OS security bug https://www.zdnet.com/article/us-cyber-command-says-foreign-hackers-will-most-likely-exploit-new-pan-os-security-bug/
• Serious Vulnerabilities in F5's BIG-IP Allow Full System Compromise https://www.securityweek.com/serious-vulnerabilities-f5s-big-ip-allow-full-system-compromise
• One out of every 142 passwords is '123456' https://www.zdnet.com/article/one-out-of-every-142-passwords-is-123456/
• Bulletproof TLS Newsletter #66 - another root cert expiry and session ticket flaw https://www.feistyduck.com/bulletproof-tls-newsletter/issue_66_expired_addtrust_certificate_causes_trouble
• Email Sender Identity is Key to Solving the Phishing Crisis https://threatpost.com/valimail-email-sender-identity-is-key-to-solving-the-phishing-crisis/157020/
• Your Phone Is Vulnerable Because of 2G, But it Doesn't Have to Be https://www.eff.org/deeplinks/2020/06/your-phone-vulnerable-because-2g-it-doesnt-have-be
• Living on a prayer? Netgear not quite halfway there with patches for 28 out of 79 vulnerable router models https://www.theregister.com/2020/06/30/netgear_router_patches_28_of_79_done/
• The more cybersecurity tools an enterprise deploys, the less effective their defense is https://www.zdnet.com/article/the-more-cybersecurity-tools-an-enterprise-deploys-the-less-effective-their-defense-is/
• Windows Codecs Library Vulnerabilities Allow Remote Code Execution https://www.securityweek.com/windows-codecs-library-vulnerabilities-allow-remote-code-execution
• Apache remote desktop software was silently pwnable for snooping on sessions https://www.theregister.com/2020/07/02/apache_guacamole_vulns_hijackable_rdp/
• LinkedIn says iOS clipboard snooping after every key press is a bug, will fix https://www.zdnet.com/article/linkedin-says-ios-clipboard-snooping-after-every-key-press-is-a-bug-will-fix/
• Hackers Can Target ICS via Barcode Scanners https://www.securityweek.com/researchers-show-how-hackers-can-target-ics-barcode-scanners

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

• EncroChat Hacked by Police https://www.schneier.com/blog/archives/2020/07/hacked_by_polic.html
• 'GoldenSpy' Malware Uninstaller Delivered to Victims Following Public Exposure https://www.securityweek.com/goldenspy-malware-uninstaller-delivered-victims-following-public-exposure
• Connection discovered between Chinese hacker group APT15 and defense contractor https://www.zdnet.com/article/connection-discovered-between-chinese-hacker-group-apt15-and-defense-contractor/
• Hackers hijack Twitter account of Russia’s Ministry of Foreign Affairs, offer to sell stolen data https://www.databreaches.net/hackers-hijack-twitter-account-of-russias-ministry-of-foreign-affairs-offer-to-sell-stolen-data/
• National Highway Authority of India server attacked by malware, govt says no data loss https://www.databreaches.net/nhai-server-attacked-by-malware-govt-says-no-data-loss/
• DDoS and dingoes: Australia to bolster cyber-defences with 500 hackers amid China spat https://www.theregister.com/2020/06/30/australia_cyber_defence_fund/
• Roblox accounts hacked with pro-Trump messages https://www.zdnet.com/article/roblox-accounts-hacked-with-pro-trump-messages/
• Did a Chinese hack kill Canada's greatest tech company? https://www.bnnbloomberg.ca/did-a-chinese-hack-kill-canada-s-greatest-tech-company-1.1459269
• Anatomy of a Long-Con Phish https://www.darkreading.com/cloud/anatomy-of-a-long-con-phish/d/d-id/1338268
• Russian leader of Infraud stolen ID, credit card ring pleads guilty https://www.zdnet.com/article/russian-leader-of-568m-stolen-id-credit-card-ring-pleads-guilty/

Other Security / Risk

Articles covering other types of risks.

• COVID-19 Other risks and impact:

  • Inside the Invasive, Secretive “Bossware” Tracking Workers https://www.eff.org/deeplinks/2020/06/inside-invasive-secretive-bossware-tracking-workers
  • CERB poses back-to-work dilemma: ‘We’re being incentivized to make just under $1,000’ https://globalnews.ca/news/7092281/cerb-back-to-work-dilemma/
  • US Jobless Rate Surpasses 47 Pct Of Population https://www.pymnts.com/economy/2020/us-jobless-rate-surpasses-47-pct-of-population/
  • US companies tumble into bankruptcy at fastest pace since 2013 https://markets.businessinsider.com/news/stocks/us-companies-file-bankruptcy-fastest-rate-coronavirus-fallout-economy-recession-2020-6-1029356044
  • UK economy hit by worst contraction in 41 years https://www.bbc.co.uk/news/business-53231851
  • The Voting Disaster Ahead https://www.theatlantic.com/politics/archive/2020/06/voter-suppression-novembers-looming-election-crisis/613408/
• Save Trust, Save Open Technology Fund https://hackademix.net/2020/06/30/save-trust-save-otf/
• A plan to redesign the internet could make apps that no one controls https://www.technologyreview.com/2020/07/01/1004725/redesign-internet-apps-no-one-controls-data-privacy-innovation-cloud/
• Goodbye to the Wild Wild Web https://www.nytimes.com/2020/07/02/technology/goodbye-to-the-wild-wild-web.html
• The Security Value of Inefficiency https://www.schneier.com/blog/archives/2020/07/the_security_va.html
• AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals https://threatpost.com/aws-facial-recognition-platform-misidentified-over-100-politicians-as-criminals/156984/
• When data is messy https://aiweirdness.com/post/622648824384602112/when-data-is-messy
• Reinforcement Learning and Adversarial thinking https://www.lightbluetouchpaper.org/2020/07/03/reinforcement-learning-and-adversarial-thinking/
• Fake Accounts Are Constantly Manipulating What You See on Social Media. Here's How https://www.sciencealert.com/fake-accounts-are-constantly-manipulating-what-you-see-on-social-media-here-s-how
• Health risks of showering too much https://www.theatlantic.com/magazine/archive/2020/07/hygiene-is-overrated/
• Australia Has a Flesh-Eating-Bacteria Problem https://www.theatlantic.com/health/archive/2020/07/flesh-eating-bacteria-are-spreading/613762/
• Keeping an eye on a new H1N1 swine flu https://www.sciencealert.com/is-swine-flu-really-going-to-be-the-next-pandemic, https://www.sciencealert.com/researchers-identify-a-new-swine-flu-that-has-pandemic-potential and https://www.bbc.co.uk/news/health-53218704
• Winnipeg woman sentenced in U.S. for trying to get chemical weapon from dark web https://globalnews.ca/news/7125896/winnipeg-woman-sentenced-chemical-weapon-dark-web/
• Morocco Asks Amnesty for Proof It Used Spyware on Journalist https://www.securityweek.com/morocco-asks-amnesty-proof-it-used-spyware-journalist
• An Iranian nuclear facility was apparently sabotaged and a mysterious dissident group called the 'Homeland Cheetahs' claimed responsibility https://www.businessinsider.com/an-important-iranian-nuclear-facility-was-apparently-sabotaged-2020-7
• Amid Russia bounty reports, U.S. critics say Taliban can’t be trusted to uphold deal https://globalnews.ca/news/7138677/us-taliban-trust/
• Leon Panetta: Russian bounties close to 'act of war' with US https://www.bbc.co.uk/news/av/world-us-canada-53244009/leon-panetta-russian-bounties-close-to-act-of-war-with-us
• FCC officially designates Huawei, ZTE as national security threats https://www.zdnet.com/article/fcc-officially-designates-huawei-zte-as-national-security-threats/
• UK government hints at U-turn on Huawei role in 5G technology https://www.theguardian.com/technology/2020/jun/30/uk-government-hints-at-u-turn-on-huawei-role-in-5g-technology
• An example of Politicians cleaning up their image https://theintercept.com/2020/07/02/kamala-harris-wikipedia/
• FEMA Flood Maps Miss Risk to Millions of Homes https://www.scientificamerican.com/article/fema-flood-maps-miss-risk-to-millions-of-homes/
• A College Degree Is No Guarantee of a Good Life https://www.theatlantic.com/family/archive/2020/07/will-going-college-make-you-happier/613729/
• Boeing kept FAA in the dark on key 737 MAX control system design changes https://globalnews.ca/news/7127725/boeing-faa-737-max-designs/
• 2 bottles of high-end whiskey, worth $80K, stolen from Richmond, B.C., liquor store https://globalnews.ca/news/7136660/dalmore-whiskey-stolen-richmond-liquor-store/
• Microsoft announces new Windows 10 Start menu design and updated Alt-Tab https://www.theverge.com/2020/7/1/21310597/microsoft-windows-10-start-menu-design-new-alt-tab-features

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

• Milo the magnificent: Calgary rescue dog goes viral for his extreme smarts https://globalnews.ca/news/7138211/milo-calgary-rescue-dog-tricks/
• There's Now an Artificial Cartilage Gel Strong Enough to Work in Knees https://www.sciencealert.com/there-s-now-an-artificial-cartilage-gel-that-s-strong-enough-to-work-on-knees
• Google now lets you see dinosaurs in the real world through augmented reality https://www.theverge.com/2020/6/30/21308071/google-search-augmented-reality-animals-dinosaurs-tyrannosaurus-rex-velociraptor-triceratops
• How the Scientist Who Invented Ibuprofen Accidentally Discovered It Was Great for Hangovers https://www.mentalfloss.com/article/626035/how-ibuprofen-inventor-realized-it-was-hangover-cure
• Ancient Mayan City abandoned over water supply https://www.sciencealert.com/mysterious-abandonment-of-once-great-maya-city-may-now-finally-be-explained
• Exotic never before seen particle discovered at CERN https://phys.org/news/2020-07-exotic-particle-cern.html
• New insights into an old fusion problem https://scienmag.com/mathematical-noodling-leads-to-new-insights-into-an-old-fusion-problem/
• Surprise Discovery in Lunar Craters Could Force Us to Rethink The Moon's Origins https://www.sciencealert.com/metal-inside-lunar-craters-might-mean-a-rethink-over-how-the-moon-was-formed
• Two planets spotted doing 'gravitational dance' deep in space https://www.independent.co.uk/life-style/gadgets-and-tech/news/two-planets-gravitational-dance-space-wasp-a9598386.html
• A brand new magnetar found, it’s only 240 years old https://www.universetoday.com/146753/a-brand-new-magnetar-found-its-only-240-years-old/
• Did Betelgeuse fade due to supersized sunspots? https://www.syfy.com/syfywire/did-betelgeuse-fade-due-to-supersized-sunspots
• Core of a gas planet seen for the first time https://www.bbc.co.uk/news/science-environment-53250819
• Missing kaboom. A Massive Star Has Disappeared From a Distant Galaxy, And No One's Sure Where It Went https://www.sciencealert.com/a-massive-star-in-a-distant-galaxy-has-disappeared
• In the distant Universe a supermassive black hole eats a sun a day https://www.syfy.com/syfywire/supermassive-black-hole-eats-a-sun-a-day