Welcome to This Week’s [in]Security. Free fraud event. New breaches 44M+ New Ransomware. Facial Recognition. CitizenLab. NIST. National Cybersecurity Career Awareness Week. Naming Vulns. Open source supply chain oops. NAT Slipstreaming. WebLogic. WordPress. Adobe. Zero Days. Solaris. Chrome. Windows. iOS. AnyConnect. NPM. VoIP. Nation States. Zoom Snooping. AI fallibility. Health, Safety & Environment. Covid-19: Spread, Curves, Spikes, Waves, & reinfections. Contact Tracing. Disinformation. And more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud.

• November 10th: full day with fraud prevention experts from Visa, Paypal, EA, Microsoft, Google, Krebs, Troy Hunt, and many more https://www.arkoselabs.com/virtual-summit/#speakers
• Request for Comments: PCI Card Production v3 Draft Standard https://blog.pcisecuritystandards.org/request-for-comment-pci-card-production-v3-draft-standard
• UnionPay Joins PCI SSC as Strategic Member https://www.pcisecuritystandards.org/about_us/press_releases/pr_11022020

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

• New breaches:

  • Millions of marijuana growers hit in major data breach https://www.techradar.com/news/millions-of-marijuana-growers-hit-in-major-data-breach
  • 34M Records from 17 Companies Up for Sale in Cybercrime Forum https://threatpost.com/34m-records-17-companies-cybercrime-forum/160923/
  • Minted - 4,418,182 breached accounts https://haveibeenpwned.com/PwnedWebsites#Minted
  • Wongnai - 3,924,454 breached accounts https://haveibeenpwned.com/PwnedWebsites#Wongnai
  • James - 1,541,284 breached accounts https://haveibeenpwned.com/PwnedWebsites#James
  • Swedish Insurer Folksam Exposes Data on 1 Million Customers https://www.securityweek.com/swedish-insurer-folksam-exposes-data-1-million-customers
  • 23,600 hacked databases have leaked from a defunct 'data breach index' site https://www.zdnet.com/article/23600-hacked-databases-have-leaked-from-a-defunct-data-breach-index-site
  • Trump lawsuit site to report rejected votes leaked voter data https://www.bleepingcomputer.com/news/security/trump-lawsuit-site-to-report-rejected-votes-leaked-voter-data/
  • Private Prison Operator GEO Group Discloses Data Breach https://www.securityweek.com/private-prison-operator-geo-group-discloses-data-breach
  • Club Fitness Provides Notice of Data Security Incident https://www.databreaches.net/club-fitness-provides-notice-of-data-security-incident/
  • Another Indian pharmaceutical giant reports cybersecurity breach within two weeks of ransomware hack on Dr Reddy’s https://www.databreaches.net/another-indian-pharmaceutical-giant-reports-cybersecurity-breach-within-two-weeks-of-ransomware-hack-on-dr-reddys/
  • Update: Newcastle students’ data including home addresses leaked on dark web after cyber attack https://www.databreaches.net/update-newcastle-students-data-including-home-addresses-leaked-on-dark-web-after-cyber-attack/
  • 2 hard drives and documents with personal health info left behind during MLHU move https://www.databreaches.net/ca-2-hard-drives-and-documents-with-personal-health-info-left-behind-during-mlhu-move/
  • Warning after 75,000 ‘deleted’ files found on used USB drives https://www.databreaches.net/warning-after-75000-deleted-files-found-on-used-usb-drives/
  • Ontario, Lawrence General Hospital notifying patients of breach https://www.databreaches.net/lawrence-general-hospital-notifying-patients-of-breach/
  • Federal Source Code Accessed Via Misconfigured SonarQube https://www.databreachtoday.com/federal-source-code-accessed-via-misconfigured-sonarqube-a-15303
  • Police open case into leak of 500 soldiers’ personal data https://www.databreaches.net/police-open-case-into-leak-of-500-soldiers-personal-data/

• New Ransomware:

  • Toy maker Mattel discloses ransomware attack https://www.zdnet.com/article/toy-maker-mattel-discloses-ransomware-attack
  • Ransomware attack shutters Brazilian courts. But did attackers breach the virtual machine divide? https://www.theregister.com/2020/11/06/brazil_court_ransomware/
  • Saarbrücken Airport reports cyberattack https://www.databreaches.net/saarbrucken-airport-reports-cyberattack/
  • Cyberattack shuts down Saskatchewan Polytechnic https://www.databreaches.net/cyberattack-shuts-down-saskatchewan-polytechnic/
  • Alamance Skin Center reports ransomware attack https://www.databreaches.net/alamance-skin-center-reports-ransomware-attack/
  • Hackers Asked Gaming Giant CAPCOM to Pay an $11 Million in Bitcoin Ransom https://www.databreaches.net/hackers-asked-gaming-giant-capcom-to-pay-an-11-million-in-bitcoin-ransom/
  • STJ would have been a victim of ransomware; Ministry of Health suffers attack https://www.databreaches.net/stj-would-have-been-a-victim-of-ransomware-ministry-of-health-suffers-attack/
  • Ransomware crims read our bank balance and demanded the lot, reveals Scotland's Dundee and Angus College https://www.theregister.com/2020/11/06/dundee_college_ransomware_bank_account/

• Follow-ups and fall-out:

  • Cork hospital fined €65k after patients’ personal data found in public recycling facility https://www.databreaches.net/cork-hospital-fined-e65k-after-patients-personal-data-found-in-public-recycling-facility/
  • State Slaps Supermarket Co-Op with HIPAA Settlement https://www.databreachtoday.com/state-slaps-supermarket-co-op-hipaa-settlement-a-15307
  • Data protection scofflaws failed to pay £2m in fines from UK watchdog – and 68% of penalties are still outstanding https://www.theregister.com/2020/11/05/ico_fines_unpaid_research/
  • Blackbaud Expects Cyber Insurer Will Cover Most Attack Costs https://www.databreachtoday.com/blackbaud-expects-cyber-insurer-will-cover-most-attack-costs-a-15298
  • Almost 11 million patients impacted by Blackbaud incident — and still counting https://www.databreaches.net/almost-11-million-patients-impacted-by-blackbaud-incident-and-still-counting/
  • Data Protection Commission Fine on Tusla Child and Family Agency Confirmed in Court https://www.databreaches.net/ie-data-protection-commission-fine-on-tusla-child-and-family-agency-confirmed-in-court/
  • None of our apps (except those 3) could secretly slurp Facebook user details, devs rage to High Court of England and Wales https://www.theregister.com/2020/11/03/facebook_mobiburn_oak_smart_high_court/

Privacy

Articles about privacy related news, risks, and trends.

• Facial Recognition:

  • Clearview’s Faceprinting is Not Sheltered from Biometric Privacy Litigation by the First Amendment https://www.eff.org/deeplinks/2020/11/clearviews-faceprinting-not-sheltered-biometric-privacy-litigation-first-amendment
  • Portland, Maine Votes to Add Teeth to Ban on Facial Recognition https://epic.org/2020/11/portland-maine-votes-to-add-te.html
• No Police Body Cams Without Strict Safeguards https://www.eff.org/deeplinks/2020/11/no-police-body-cams-without-strict-safeguards
• Why Merchants Must Keep An Eye On Changing Data Privacy Perceptions https://www.pymnts.com/bank-regulation/2020/why-merchants-must-keep-an-eye-on-changing-data-privacy-perceptions/
• Google reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use https://www.theregister.com/2020/11/02/google_ad_privacy/
• The Citizen Lab November Newsletter https://mailchi.mp/citizenlab.ca/cbc-ideas-massey-lectures-dual-use-technologies-in-canada-and-more
• Annotated Bibliography: Transnational Digital Repression https://citizenlab.ca/2020/11/annotated-bibliography-transnational-digital-repression/

Laws, Regulations, Standards, and Public Policy

News about laws, regulations, and standards affecting security, privacy, technology, and public interest.

• Canada:

  • CRTC to have ‘roughly nine months’ to act on Broadcasting Act update https://www.thewirereport.ca/2020/11/03/breaking-crtc-to-regulate-online-platforms-under-broadcasting-act-update/
  • The Law Bytes Podcast, Episode 68: Mike Pal on What the Canadian Experience Teaches About the Intersection Between Election Law and the Internet https://www.michaelgeist.ca/2020/11/lawbytes-podcast-episode-68/
  • The Government’s Internet Regulation Bill: Why Bill C-10 Will Mean a CRTC-Approved Netflix Service, Reduced Consumer Choice, and Less Investment in Canadian Culture https://www.michaelgeist.ca/2020/11/the-governments-internet-regulation-bill-why-bill-c-10-will-mean-a-crtc-approved-netflix-service-reduced-consumer-choice-and-less-investment-in-canadian-culture/
  • ‘Deeply concerning’: CBSA’s use of surveillance still has no federal guidance https://globalnews.ca/news/7449933/cbsa-surveillance-federal-guidance/

• US:

  • California Proposition 24 Passes https://www.schneier.com/blog/archives/2020/11/california-proposition-24-passes.html
  • How California Propositions 22 and 24 will shift the tech regulation landscape https://www.businessinsider.com/california-props-22-24-will-reshape-national-tech-regulation-2020-11

• New NIST:

  • Draft Federal Information Processing Standard (FIPS) 201-3, Personal Identity Verification (PIV) of Federal Employees and Contractors untol Feb 1 https://pages.nist.gov/FIPS201/ and https://csrc.nist.gov/publications/detail/fips/201/3/draft
  • Is this a trend? NIST is using GitHub for comments for FIPS 201-3 https://github.com/usnistgov/FIPS201/issues

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

• National Cybersecurity Career Awareness Week November 9-14, 2020 https://content.govdelivery.com/accounts/USNIST/bulletins/2a9e3e9
• FireEye releases ThreatPursuit, a Windows VM for threat intel analysts https://www.zdnet.com/article/fireeye-releases-threatpursuit-a-windows-vm-for-threat-intel-analysts
• LURK: Server-Controlled TLS Delegation https://eprint.iacr.org/2020/1366
• Security of Hybrid Key Encapsulation https://eprint.iacr.org/2020/1364
• How to Prevent Pwned and Reused Passwords in Your Active Directory https://thehackernews.com/2020/11/how-to-protect-yourself-from-pwned-and.html
• CIS Services and Consulting Membership https://www.cisecurity.org/cis-securesuite/pricing-and-categories/services-and-consulting/
• NSA and US Cyber Command reportedly took action against Iranian hackers to preempt any interference in the 2020 election https://www.businessinsider.com/us-iran-2020-election-interference-hack-report-2020-11
• Facebook says it will put groups on probation for violating its content rules https://www.theverge.com/2020/11/7/21554349/facebook-groups-probation-violating-rules-misinformation-election
• RESET: Reclaiming the Internet for Civil Society https://deibert.citizenlab.ca/2020/11/reset-reclaiming-the-internet-for-civil-society/

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

• CERT/CC launches Twitter bot to give security bugs random names https://www.zdnet.com/article/certcc-launches-twitter-bot-to-give-security-bugs-random-names
• Deloitte's 'Test your Hacker IQ' site fails itself after exposing database user name, password in config file https://www.theregister.com/2020/11/05/deloitte_hacker_test/
• Open Source hissy fit or corporate bullying? How one programmer broke the internet by deleting a tiny piece of code https://qz.com/646467/how-one-programmer-broke-the-internet-by-deleting-a-tiny-piece-of-code/
• New NAT/Firewall Bypass Attack Lets Hackers Access Any TCP/UDP Service https://thehackernews.com/2020/11/new-natfirewall-bypass-attack-lets.html
• Oracle Issues Out-of-Band Update for Critical Vulnerability Exploited in Attacks https://www.securityweek.com/oracle-warns-weblogic-flaw-related-exploited-vulnerability
• WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug https://threatpost.com/wordpress_open_to_attacks_welcart_bug/161037/
• WordPress Pushes Out Multiple Flawed Security Updates https://threatpost.com/wordpress-flawed-security-updates/160849/
• Are you protected from the latest threats to Industrial Control Systems? https://www.theregister.com/2020/11/02/ics_asia_pacific_summit/

• Adobe Patches 14 Vulnerabilities in Acrobat Products https://www.securityweek.com/adobe-patches-14-vulnerabilities-acrobat-products

  • Mandiant Details Recently Patched Oracle Solaris Zero-Day https://www.securityweek.com/mandiant-details-recently-patched-oracle-solaris-zero-day, https://threatpost.com/oracle-solaris-zero-day-attack/160929/ and https://www.zdnet.com/article/hacker-group-uses-solaris-zero-day-to-breach-corporate-networks
  • After two zero-days in Chrome desktop, Google patches a third zero-day in the Android version https://www.zdnet.com/article/after-two-zero-days-in-chrome-desktop-google-patches-a-third-zero-day-in-the-android-version/
  • Schneier of last week's Windows Zero-Day https://www.schneier.com/blog/archives/2020/11/new-windows-zero-day.html
  • Microsoft Will Patch Zero-Day Flaw Found by Google and being exploited https://www.databreachtoday.com/microsoft-will-patch-zero-day-flaw-found-by-google-a-15292
  • Apple fixes three iOS zero-days exploited in the wild https://www.zdnet.com/article/apple-fixes-three-ios-zero-days-exploited-in-the-wild/
  • Cisco Zero-Day in AnyConnect Secure Mobility Client Remains Unpatched https://threatpost.com/cisco-zero-day-anyconnect-secure-patch/160988/
• Github unpatched vuln https://www.zdnet.com/article/google-to-github-times-up-this-unfixed-high-severity-security-bug-affects-developers/
• Let's Encrypt warns about a third of Android devices will from next year stumble over sites that use its certs https://www.theregister.com/2020/11/06/android_encryption_certs/ and https://www.engadget.com/old-android-phones-lose-many-secure-websites-in-2021-224728196.html
• Windows 10 20H2 and 2004 upgrades blocked over Intel Thunderbolt 'DMA violation' https://www.zdnet.com/article/windows-10-20h2-and-2004-upgrades-blocked-over-intel-thunderbolt-dma-violation/

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

• No, GitHub's source code wasn't hacked and posted on GitHub, says GitHub CEO https://www.theregister.com/2020/11/05/github_not_hacked_and_cloned/ and https://arstechnica.com/information-technology/2020/11/githubs-source-code-was-leaked-on-github-last-night-sort-of/
• Botnet Operators Abusing Legit GitHub, Pastebin Resources https://www.databreachtoday.com/botnet-operators-abusing-legit-github-pastebin-resources-a-15321
• Malicious npm package opens backdoors on programmers' computers https://www.zdnet.com/article/malicious-npm-package-opens-backdoors-on-programmers-computers
• Premium-Rate Phone Fraudsters Hack VoIP Servers of 1200 Companies https://thehackernews.com/2020/11/premium-rate-phone-fraudsters-hack-voip.html
• Rackspace Hosted Email Flaw Actively Exploited by Attackers https://www.databreachtoday.com/rackspace-hosted-email-flaw-actively-exploited-by-attackers-a-15309
• Google Forms Abused to Phish AT&T Credentials https://threatpost.com/google-forms-abused-to-phish-att-credentials/160957/
• Hackers have only just wet their whistle. Expect more ransomware and data breaches in 2021 https://www.techrepublic.com/article/hackers-have-only-just-wet-their-whistle-expect-more-ransomware-and-data-breaches-in-2021/

• Nation State Actors:

  • U.S. Says Iranian Hackers Accessed Voter Information https://www.securityweek.com/us-says-iranian-hackers-accessed-voter-information
  • Defense Contractor Hacking More Expansive Than First Thought https://www.databreachtoday.com/defense-contractor-hacking-more-expansive-than-first-thought-a-15327

• Crime:

  • The feds just seized Silk Road’s $1 billion stash of bitcoin https://arstechnica.com/tech-policy/2020/11/feds-seize-1-billion-in-bitcoin-from-silk-road-drug-marketplace/
  • DOJ Seizes $24M In Crypto As Part Of Brazilian Internet Fraud Probe https://www.pymnts.com/news/security-and-risk/2020/doj-seizes-24-million-dollars-crypto-brazilian-internet-fraud-probe/
  • $100M Botnet Scheme Lands Cybercriminal 8 Years in Jail https://threatpost.com/100m-botnet-russian-cybercriminal-8-years-jail/160852/ and https://www.zdnet.com/article/russian-hacker-jailed-over-botnet-data-scraping-scheme-that-drained-victim-bank-accounts
  • DOJ Seizes 27 More Iranian-Operated Domains https://www.databreachtoday.com/doj-seizes-27-more-iranian-operated-domains-a-15312
  • Tech support scammer dialed random number and Australian Police’s cybercrime squad answered https://www.theregister.com/2020/11/06/sa_police_support_scam_intercept/
  • Two Charged in SIM Swapping, Vishing Scams https://krebsonsecurity.com/2020/11/two-charged-in-sim-swapping-vishing-scams/

Other Security / Risk

Articles covering other types of risks.

• Zoom Snooping: How Body Language Can Spill Your Password https://threatpost.com/zoom-snooping-passwords/161000/
• NSS Labs' Abrupt Shutdown Leaves Many Unanswered Questions https://www.darkreading.com/risk/nss-labs-abrupt-shutdown-leaves-many-unanswered-questions/d/d-id/1339380
• Founder of hacker group Anonymous reveals his ultimate ‘end-game’ https://www.databreaches.net/founder-of-hacker-group-anonymous-reveals-his-ultimate-end-game/
• How artificial intelligence may be making you buy things https://www.bbc.co.uk/news/technology-54522442
• Walmart Gives Walking Papers to Inventory Tracking Robots https://www.pymnts.com/news/retail/2020/walmart-gives-walking-papers-to-inventory-tracking-robots/

• AI fallibility:

  • (Keep your eye on the bald, what?) AI camera operator repeatedly confuses bald head for soccer ball during live stream https://www.theverge.com/tldr/2020/11/3/21547392/ai-camera-operator-football-bald-head-soccer-mistakes

• Health, Safety & Environment:

  • Canada's 1st Confirmed Case Of Rare Swine Flu Found In Alberta https://www.huffingtonpost.ca/entry/alberta-swine-flu-h1n2v_ca_5fa2ed9bc5b660630aedbe7d
  • Vaccine shows promise against herpes virus https://scienmag.com/vaccine-shows-promise-against-herpes-virus/
  • Canada approves 1st HIV self-test to help reduce screening barriers https://globalnews.ca/news/7438753/hiv-self-test-canada-approve/
  • UK scientists are pushing to get Vitamin D added to bread and milk to fight COVID-19. https://www.businessinsider.com/adding-vitamin-d-bread-milk-may-fight-coronavirus-experts-say-2020-11
  • The role of the Sun in the spread of viral respiratory diseases https://scienmag.com/the-role-of-the-sun-in-the-spread-of-viral-respiratory-diseases/
  • Daylight Saving Time can have several negative impacts on health https://globalnews.ca/news/7438286/daylight-saving-time-negative-health-expert-canada/
  • Getting Interrupted at Work Impacts Stress Levels in Weird Ways We Don't Even Realise https://www.sciencealert.com/getting-interrupted-at-work-raises-stress-levels-in-weird-ways-we-don-t-even-realise
  • (We are now tied with 2005 for named storms)Storm Eta batters Central America https://www.bbc.co.uk/news/world-latin-america-54809744
  • More than 9,700 speeding tickets mailed to Toronto drivers, cameras to be moved to new streets https://globalnews.ca/news/7446330/automated-speed-cameras-toronto-september-tickets/
  • Ontarians can switch hydro bills from time-of-use to tiered pricing — but should they? https://globalnews.ca/news/7432282/ontario-hydro-rates-tiered-vs-time-of-use-pricing/

• Other risks relating to COVID and the new normal:

  • How Your Brain Tricks You Into Taking Risks During the Pandemic https://www.propublica.org/article/how-your-brain-tricks-you-into-taking-risks-during-the-pandemic#1010234
  • AMC’s revenue plummets by more than 90 percent as theaters remain empty https://www.theverge.com/2020/11/2/21545812/amc-theaters-financial-earnings-q3-bankruptcy-streaming-warner-bros-disney-regal
  • COVID-19 is making tinnitus worse https://scienmag.com/covid-19-is-making-tinnitus-worse-new-study/

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

• The spread, curves, spikes, and waves - now reinfection:

  • The World Has Surpassed 50 Million Confirmed Coronavirus Cases https://www.sciencealert.com/the-world-has-surpassed-50-million-confirmed-coronavirus-cases
  • Covid-19 “super-spreading” events dominate disease transmission https://scienmag.com/covid-19-super-spreading-events-play-outsized-role-in-overall-disease-transmission/
  • U.S. posts over 130K cases, 3rd day of 100K+ new cases https://www.reuters.com/article/us-health-coronavirus-usa-records/us-reports-130000-new-coronavirus-cases-fourth-straight-daily-record-idUSKBN27O03I, https://globalnews.ca/news/7443496/us-coronavirus-record-cases-election/ and https://www.theatlantic.com/health/archive/2020/11/100000-coronavirus-cases/616999/
  • A Missouri poll worker who tested positive for COVID-19 worked on Election Day despite being told to quarantine. The worker later died and officials are scrambling to find who was in contact with them. https://www.businessinsider.com/missouri-poll-worker-worked-election-day-covid-19-2020-11
  • Canada sets new COVID-19 records with 4,248 cases reported in one day https://www.ctvnews.ca/health/coronavirus/canada-sets-new-covid-19-record-with-4-248-cases-reported-in-one-day-1.5179943
  • More than 250,000 people have been diagnosed with the novel coronavirus in Canada https://globalnews.ca/news/7445563/coronavirus-canada-update-nov-5/
  • Ontario posts several days of record COVID infections (1300) https://toronto.ctvnews.ca/ontario-breaks-another-covid-19-record-with-more-than-1-300-new-cases-1.5179898, https://toronto.citynews.ca/2020/11/07/ontario-reports-new-single-day-record-of-covid-19-cases-saturday/ and https://toronto.citynews.ca/2020/11/08/ontario-reports-record-number-of-covid-19-cases-for-2nd-straight-day/
  • Fraser Health says 26 cases of COVID-19 linked to Chilliwack dance academy https://globalnews.ca/news/7438667/covid-19-outbreak-dance-academy-chilliwack/
  • Australia records zero Covid-19 cases for first time in five months https://www.bbc.co.uk/news/world-australia-54768038
  • WHO chief self-isolates after contact tests positive for COVID-19 https://globalnews.ca/news/7436472/coronavirus-who-tedros-quarantine/
  • Scientists say New York City likely had COVID-19 infections in February, weeks earlier than official data suggests https://www.businessinsider.com/new-york-city-first-covid-19-covid19-cases-february-scientists-2020-11

• Contact Tracing:

  • Fault in NHS Covid app meant thousands at risk did not quarantine https://www.theguardian.com/world/2020/nov/02/fault-in-nhs-covid-app-meant-thousands-at-risk-did-not-quarantine and https://www.theverge.com/2020/11/2/21546618/uk-coronavirus-contact-tracing-app-error-alert-isolation
  • Alberta hasn’t made a final decision’ on federal COVID-19 app https://globalnews.ca/news/7437443/hinshaw-alberta-health-covid-19-federal-app-kenney/

• Guidance, Response and Recovery:

  • Italy imposes regional lockdown as Europe battles surges https://www.bbc.co.uk/news/world-europe-54839429
  • Sweden brings in rule of eight for diners amid spike in infections https://www.bbc.co.uk/news/world-europe-54797112
  • ‘Rewarding’: Businesses that pivoted to make masks, gowns reflect after first wave of COVID-19 https://globalnews.ca/news/7432304/businesses-masks-gowns-coronavirus-first-wave/
  • What COVID-19 restrictions people in Ontario's hot spots can expect https://toronto.ctvnews.ca/what-covid-19-restrictions-people-in-ontario-s-hot-spots-can-expect-1.5172925
  • Indoor dining returns to Ontario's 3 COVID-19 hotspots Saturday; Nov. 14 for Toronto https://toronto.citynews.ca/2020/11/03/ontario-new-covid19-response-framework/
  • Ontario's new tiered lockdown system slammed by experts who warn it's 'scientifically illiterate' https://toronto.ctvnews.ca/ontario-s-new-tiered-lockdown-system-slammed-by-experts-who-warn-it-s-scientifically-illiterate-1.5177165
  • Call to discontinue open houses amid rise in COVID-19 cases in B.C. https://globalnews.ca/news/7444810/bc-real-estate-open-house-discontinued-coronavirus/
  • Staff at Toronto elementary school with 11 COVID-19 cases refuse work https://toronto.ctvnews.ca/staff-at-toronto-elementary-school-with-11-covid-19-cases-refuse-work-1.5170691

• Treatments, Testing, Triage, and Trials:

  • MIT Team's Cough Detector Identifies 97% of COVID-19 Cases Even in Asymptomatic People https://www.sciencealert.com/ai-cough-analysis-could-detect-covid-19-even-if-you-re-asymptomatic
  • Stanford engineers have developed a genetic microlab that can detect COVID-19 in minutes https://scienmag.com/stanford-engineers-have-developed-a-genetic-microlab-that-can-detect-covid-19-in-minutes/
  • Rapid method finds potent COVID-19 monoclonal antibody among a trillion possibilities https://scienmag.com/rapid-method-finds-potent-covid-19-monoclonal-antibody-among-a-trillion-possibilities/
  • Cancer treatment could be replicated for COVID-19 https://scienmag.com/cancer-treatment-could-be-replicated-for-covid-19/
  • Scientists identify synthetic mini-antibody to combat COVID-19 https://scienmag.com/scientists-identify-synthetic-mini-antibody-to-combat-covid-19/
  • Stable protein decoy neutralized SARS-CoV-2 in cells and protected hamsters from viral challenge https://scienmag.com/stable-protein-decoy-neutralized-sars-cov-2-in-cells-and-protected-hamsters-from-viral-challenge/
  • T-cell response 'lasts six months after Covid infection' https://www.bbc.co.uk/news/health-54781496

• Things we learned:

  • Genetic Mutation May Have Made COVID-19 More Contagious https://scitechdaily.com/its-evolving-coronavirus-genetic-mutation-may-have-made-covid-19-more-contagious/
  • Coronavirus Mutating in minks https://globalnews.ca/news/7446927/coronavirus-mutated-mink-humans/
  • Children produce different antibodies in response to SARS-CoV-2 https://scienmag.com/children-produce-different-antibodies-in-response-to-sars-cov-2/
  • Scientists Find Tissue in The Human Eye That Appears Resistant to SARS-CoV-2 https://www.sciencealert.com/there-s-a-part-of-the-human-eye-that-seems-to-resist-coronavirus-scientists-discover
  • Physical distancing polices not enough to protect lower-income people https://scienmag.com/physical-distancing-polices-not-enough-to-protect-lower-income-people-bu-study/
  • Argonne collaborates on largest COVID-19 viral sequence analysis in U.S. https://scienmag.com/argonne-collaborates-on-largest-covid-19-viral-sequence-analysis-in-u-s/
  • SARS-CoV-2 uses ‘genome origami’ to infect and replicate inside host cells https://scienmag.com/sars-cov-2-uses-genome-origami-to-infect-and-replicate-inside-host-cells/
  • A woman shed infectious coronavirus particles for at least 70 days without showing symptoms https://www.businessinsider.com/patient-with-coronavirus-shed-virus-for-70-days-2020-11
  • It's not just COVID toes: Coronavirus long-haulers are also getting red, scaly rashes https://www.businessinsider.com/coronavirus-long-term-symptoms-rashes-covid-toes-inflammation-2020-10
• Disinformation:

• Masks, anti-maskers, distancing, compliance, and repercussions:

  • USask researchers find face masks don’t hinder breathing during exercise https://scienmag.com/usask-researchers-find-face-masks-dont-hinder-breathing-during-exercise/
  • 3-layer masks with filter now recommended, Canada’s top doctor says https://globalnews.ca/news/7441131/coronavirus-three-layer-face-mask-filter/
  • Most people are wearing N95s incorrectly when they fly. https://www.businessinsider.com/why-you-shouldnt-wear-n95-mask-when-traveling-2020-11
  • Canadians need to cut contacts by a quarter to control COVID-19 outbreak https://toronto.citynews.ca/2020/10/30/canadians-need-to-cut-contacts-by-a-quarter-to-control-covid-19-outbreak-tam-2/
  • Masks now mandatory in public places in Saskatoon, Regina and Prince Albert https://globalnews.ca/news/7445099/masks-mandatory-saskatoon-regina-prince-albert-coronavirus-covid-19/
  • B.C. man who just came back from flat-Earth festival arrested for violating Quarantine Act https://bc.ctvnews.ca/b-c-man-who-just-came-back-from-flat-earth-festival-arrested-for-violating-quarantine-act-1.5176354
  • Mask-wearing ‘prohibited’ at gift shop in Keremeos, B.C., despite public health recommendations https://globalnews.ca/news/7450167/mask-wearing-prohibited-at-gift-shop-in-keremeos-b-c-despite-public-health-recommendations/
  • Aylmer, Ont., declares state of emergency days prior to 2nd coronavirus ‘freedom march’ https://globalnews.ca/news/7438155/aylmer-emergency-coronavirus/
  • ‘It’s concerning and selfish’: Videos show large crowds on Granville Street during global pandemic https://globalnews.ca/news/7437786/videos-crowds-coronavirus-granville-street/
  • Police forced to break up massive Halloween party allegedly organized by anti-maskers https://toronto.ctvnews.ca/police-forced-to-break-up-massive-halloween-party-allegedly-organized-by-anti-maskers-1.5171584
  • London, Ont., police, bylaw investigating after 150 attend Halloween party in student neighbourhood https://globalnews.ca/news/7437374/london-police-bylaw-investigate-halloween-party-coronavirus/
  • When Woodrow Wilson Caught the 1918 Flu During a Pandemic, But Hid It From the Public https://www.mentalfloss.com/article/632876/woodrow-wilson-caught-1918-flu

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

• (ewww)What Happens When You Let a Glass of Cola Sit Out for 3 Months? https://www.mentalfloss.com/article/635707/timelapse-shows-soda-turn-into-mold
• Virgin Hyperloop pod transport tests first passenger journeys https://www.bbc.co.uk/news/technology-54838982
• (Okay what about the sharks?)Researchers develop a high-power, portable terahertz laser https://scienmag.com/researchers-develop-a-high-power-portable-terahertz-laser/
• Inside a $4 million electric plane, the first full-size, all-electric passenger aircraft in the world https://www.businessinsider.com/inside-alice-first-full-size-passenger-electric-plane-eviation-2020-10
• Self-watering soil could transform farming https://scienmag.com/self-watering-soil-could-transform-farming/
• ‘Transparent solar cells’ can take us towards a new era of personalized energy https://scienmag.com/transparent-solar-cells-can-take-us-towards-a-new-era-of-personalized-energy/
• Organic Solar Cells https://scienmag.com/solar-cells-of-the-future/
• A Huge Fusion Experiment in The UK Just Achieved The Much Anticipated 'First Plasma' https://www.sciencealert.com/huge-fusion-experiment-achieves-first-plasma-in-landmark-step-towards-clean-energy
• Neanderthals And Humans Were at War For Over 100,000 Years https://www.sciencealert.com/how-neanderthals-and-humans-battled-for-supremacy-for-over-100-000-years
• North Pole time capsule washes up on Irish coast https://www.bbc.co.uk/news/world-europe-54808196
• The International Space Station Is Doomed to Die by Fire https://www.scientificamerican.com/article/the-international-space-station-is-doomed-to-die-by-fire/
• Asteroid Apophis is speeding up from sunlight as scientists recalculate odds of 2068 impact https://www.space.com/asteroid-apophis-acceleration-2068-impact-chance
• Mars plays shepherd to our moon's long-lost twin, scientists find https://phys.org/news/2020-11-mars-shepherd-moon-long-lost-twin.html
• New Scans Give us a Better View of the Metal Asteroid Psyche https://www.universetoday.com/148640/new-scans-give-us-a-better-view-of-the-metal-asteroid-psyche/
• An Additional Planet Between Saturn and Uranus Was Kicked Out of the Solar System https://scitechdaily.com/an-additional-planet-between-saturn-and-uranus-was-kicked-out-of-the-solar-system/
• Planet that rains rocks and has winds faster than the speed of sound discovered by scientists https://www.independent.co.uk/life-style/gadgets-and-tech/planet-that-rains-rocks-and-has-winds-faster-than-the-speed-of-sound-discovered-by-scientists-b1588152.html