This Week's [in]Security - Issue 193 | insecurity

This Week's [in]Security - Issue 193

13 Dec 2020.

Tags:

insecurity
x

Welcome to This Week’s [in]Security. Magecart. Payment Terminal Vulnerabilities. New Breaches. Chinese Communists. Ottawa. New Ransomware: planes, trains, ~~automobiles~~, cameras, sewage, IoT, schools, and Kmart. $1,5M/day. COVID Apps. Crypto-wars. CSIS. 5G. DCMA. FTC v. FaceBook. Legal Sector Data Security. NIST. Brave. ODoh. BGP. Nearly free courses. Primes. Data Governance. De-noising. LLMNR/NBT-NS Poisoning. Bugs. Amnesia-33. OpenSSL. Teams. Jabber. PDF Injection. Wordpress. Struts. D-Link. Radiology. ICS. Patch Tuesday. Trends. Fireeye Hack. Treasury, US Commerce. SolarWinds supply chain. Nation States. Re-victimized. Phishing. Gootkit. Arrests, etc. Disagreement. Disinformation. Health, Safety & Environment. Covid-19: Spread, Curves, Spikes, Waves, & reinfections. Vaccine Progress. Vaccine Purgatory. Vaccine Passports? And more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud.

GTK intros touchless hygienic touchscreens https://www.mobilepaymentstoday.com/news/gtk-intros-touchless-hygienic-touchscreens/
Payment Card Skimmer Group Using Raccoon Info-Stealer to Siphon Off Data https://thehackernews.com/2020/12/payment-card-skimmer-group-using.html
Researchers warn of security vulnerabilities in these widely used point-of-sale terminals https://www.zdnet.com/article/update-now-researchers-warn-of-security-vulnerabilities-in-widely-used-point-of-sale-terminals/, https://threatpost.com/security-issues-pos-terminals-fraud/162210/
Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company https://krebsonsecurity.com/2020/12/payment-processing-giant-tsys-ransomware-incident-immaterial-to-company/
Sensitive details of of 7 million Indian cardholders available on dark web https://www.databreaches.net/sensitive-details-of-of-7-million-indian-cardholders-available-on-dark-web/
Card brands cut off Porn website over illegal content accusations https://www.bbc.co.uk/news/technology-55267311

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

New Breaches:
- Major leak 'exposes' members and 'lifts the lid' on the Chinese Communist Party and its' extraterritorial members https://www.skynews.com.au/details/_6215946537001, https://www.databreaches.net/major-leak-exposes-members-and-lifts-the-lid-on-the-chinese-communist-party/
- Tip of the iceberg: Hackers sell 4000 .nz email addresses, passwords stolen from popular Nitro PDF app https://www.databreaches.net/hackers-sell-4000-nz-email-addresses-passwords-stolen-from-popular-app/
- More than 1 million patients notified of hack involving Dental Care Alliance https://www.databreaches.net/more-than-1-million-patients-notified-of-hack-involving-dental-care-alliance/
- Hackers Break Into Alaska Voter Database and Steal Info on 100K Voters https://thespectator.info/2020/12/04/hackers-break-into-alaska-voter-database-steal-info-on-100000-voters/
- Foxconn Says Systems in U.S. Targeted in Cyberattack https://www.securityweek.com/foxconn-says-systems-us-targeted-cyberattack
- 'Malwareless' ransomware campaign operators pwned 83k victims' MySQL servers, 250k databases up for sale https://www.theregister.com/2020/12/10/mysql_malwareless_ransomware/
- OC Transpo notifying My Alerts subscribers of data breach https://www.databreaches.net/ca-oc-transpo-notifying-my-alerts-subscribers-of-data-breach/
- Spotify Informs Users of Personal Information Exposure https://www.securityweek.com/spotify-informs-users-personal-information-exposure
- Telecom LG U+ fined as a third party downloads and sells customer data https://www.databreaches.net/kr-telecom-lg-u-fined-as-a-third-party-downloads-and-sells-customer-data/
New Ransomware and "Incidents":
- World’s largest manufacturer of machines and systems for solid wood processing hit in cyberattack https://www.databreaches.net/worlds-largest-manufacturer-of-machines-and-systems-for-solid-wood-processing-hit-in-cyberattack/
- Hackney cyber-attack causes collapse of property purchases https://www.bbc.co.uk/news/uk-england-london-55260488
- The publisher Dedalus victim of a cyber attack https://www.databreaches.net/fr-the-publisher-dedalus-victim-of-a-cyber-attack/
- Long Beach (NY) Computer Network Shut Down After Cyber Attack Found https://www.databreaches.net/ny-long-beach-computer-network-shut-down-after-cyber-attack-found/
- Brooklyn Defender Services Identifies and Addresses Data Security Incident https://www.databreaches.net/brooklyn-defender-services-identifies-and-addresses-data-security-incident/
- SSQ and La Capitale sites paralyzed https://www.databreaches.net/ca-ssq-and-la-capitale-sites-paralyzed/
- Easy Way In? 5 Ransomware Victims Had Their Pulse Secure VPN Credentials Leaked https://www.databreaches.net/easy-way-in-5-ransomware-victims-had-their-pulse-secure-vpn-credentials-leaked/
Follow-ups and fall-out:
- Cyberattack cost UVM Medical Center $1.5 million a day https://www.databreaches.net/cyberattack-cost-uvm-medical-center-1-5-million-a-day/
- Norway Accuses Russian Hackers of Parliament Attack https://www.securityweek.com/norway-accuses-russian-hackers-parliament-attack
- Norwegian DPA imposes administrative fine to Østfold HF Hospital https://www.databreaches.net/norwegian-dpa-imposes-administrative-fine-to-ostfold-hf-hospital/
- Flight Centre hackathon behind 2017 breach, exposed 6918 customers’ data https://www.databreaches.net/flight-centre-hackathon-behind-2017-breach-exposed-6918-customers-data/

Privacy

Articles about privacy related news, risks, and trends.

Give Virus Alert Apps a Shot https://www.nytimes.com/2020/12/11/technology/coronavirus-alert-apps.html
Senators Express Privacy Concerns Over Proctoring Apps https://www.eff.org/deeplinks/2020/12/senators-express-privacy-concerns-over-proctoring-apps
Feds ‘completely unwilling’ to hold political parties to account on privacy, expert says https://globalnews.ca/news/7518225/liberals-privacy-act/

Laws, Regulations, Standards, and Public Policy

News about laws, regulations, and standards affecting security, privacy, technology, and public interest.

Crypto-wars:
- EFF at 30: Saving Encryption, with Technologist Bruce Schneier https://www.eff.org/deeplinks/2020/12/eff-30-saving-encryption-cryptographer-bruce-schneier
- Court orders encrypted email biz Tutanota to build a backdoor in user's mailbox, founder says 'this is absurd' https://www.theregister.com/2020/12/08/tutanota_backdoor_court_order/
Canada:
- CSIS use of geolocation data could be unlawful, says watchdog https://www.cbc.ca/news/politics/csis-nsira-geolocation-report-1.5838598, and https://globalnews.ca/news/7517697/csis-geolocation-data-broke-law-report/
- Huawei and 5G Explained https://citizenlab.ca/2020/12/huawei-and-5g-explained/ and https://citizenlab.ca/2020/12/huawei-5g-clarifying-the-canadian-equities-and-charting-a-strategic-path-forward/
US:
- The deal with DMCA 1201 reform https://blog.erratasec.com/2020/12/the-deal-with-dmca-1201-reform.html
- 48 U.S. States and FTC are suing Facebook for illegal monopolization https://thehackernews.com/2020/12/48-us-states-and-ftc-are-suing-facebook.html, and https://epic.org/2020/12/breaking-48-states-and-us-sue-.html
- The Legal Industry Has Finally Created a Data Security Standard of its Own https://www.databreaches.net/the-legal-industry-has-finally-created-a-data-security-standard-of-its-own/
- First Federal IoT Security Legislation Becomes Law https://www.databreachtoday.com/first-federal-iot-security-legislation-becomes-law-a-15539
- Publisher or Platform? It Doesn't Matter. https://www.eff.org/deeplinks/2020/12/publisher-or-platform-it-doesnt-matter
World:
- Google and Apple are banning technology for sharing users’ location data https://www.theverge.com/2020/12/11/22169905/google-apple-removing-location-tracking-data-sale-government-advertisers
- Huawei reportedly worked with 4 additional companies to build surveillance tools that track people by ethnicity https://www.businessinsider.com/huawei-built-more-surveillance-tools-to-track-uyghurs-report-2020-12
- Black Hat Europe: Hackers Need to Educate Policymakers https://www.databreachtoday.com/black-hat-europe-hackers-need-to-educate-policymakers-a-15557
- Mastercard Facing £14 Billion UK Class Action Suit https://www.pymnts.com/mastercard/2020/mastercard-facing-14-billion-uk-class-action-suit/
New NIST:
- New supplemental materials and errata for NIST SP 800-53 and SP 800-53B https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final and https://csrc.nist.gov/publications/detail/sp/800-53b/final
- Workshop in a new series focusing on the Open Security Controls Assessment Language (OSCAL) on February 2-03, 2021 https://go.usa.gov/xAqnR
- NCCoE Cybersecurity Practice Guides for Securing Data Integrity Against Ransomware Attacks https://csrc.nist.gov/publications/detail/sp/1800-25/final, https://csrc.nist.gov/publications/detail/sp/1800-26/final, https://csrc.nist.gov/publications/detail/sp/1800-11/final
- Draft NIST Internal Report (NISTIR) 8320A, Hardware-Enabled Security: Container Platform Security Prototype https://csrc.nist.gov/publications/detail/nistir/8320a/draft
- Virtual Conference DevSecOps and Zero Trust Architecture (ZTA) for Multi-Cloud Environments January 27, 2021 https://www.nist.gov/news-events/events/2021/01/devsecops-and-zero-trust-architecture-zta-multi-cloud-environments

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Brave browser-maker launches privacy-friendly news reader https://arstechnica.com/information-technology/2020/12/brave-browser-maker-launches-privacy-friendly-news-reader/
OPAQUE: The Best Passwords Never Leave your Device https://blog.cloudflare.com/opaque-oblivious-passwords/
Improving DNS Privacy with Oblivious DoH in 1.1.1.1 https://blog.cloudflare.com/oblivious-dns/ and https://www.schneier.com/blog/archives/2020/12/oblivious-dns-over-https.html
Microsoft Details Plans to Improve Security of Internet Routing https://www.securityweek.com/microsoft-details-plans-improve-security-internet-routing
AWS, Cisco, and CompTIA Exam Prep — Get 22 Courses for $4.50 Each https://thehackernews.com/2020/12/aws-cisco-and-comptia-exam-prep-get-22.html
UK Ministry of Defence: We won't prosecute bug bounty hunters – oh btw, we now have one of those https://www.theregister.com/2020/12/10/uk_mod_bug_bounty/
Designer Primes https://eprint.iacr.org/2020/1535
Data Governance: Take Control of Your Data in 2020 https://www.cloudwards.net/what-is-data-governance/
New Computational Method Validates Images Without ‘Ground Truth’ https://scienmag.com/new-computational-method-validates-images-without-ground-truth/
How the Atheris Python Fuzzer Works https://security.googleblog.com/2020/12/how-atheris-python-fuzzer-works.html

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

A look at a dangerous, common, often overlooked, and easily exploited vulnerability https://controlgap.com/blog/LLMNR-NBT-NS-is-Poison
Record Levels of Software Bugs Plague Short-Staffed IT Teams in 2020 https://threatpost.com/record-levels-software-bugs-it-teams-2020/162095/
Critical Flaws in Millions of IoT Devices May Never Get Fixed https://www.wired.com/story/amnesia33-iot-vulnerabilitiesmay-never-get-fixed/, https://www.tenable.com/blog/amnesia33-researchers-disclose-33-vulnerabilities-tcpip-libraries-uip-fnet-picotcp-nutnet
OpenSSL Ships ‘High Severity’ Security Patch https://www.securityweek.com/openssl-ships-%E2%80%98high-severity%E2%80%99-security-patch
Zero-Click Wormable RCE Vulnerability Reported in Microsoft Teams https://thehackernews.com/2020/12/zero-click-wormable-rce-vulnerability.html and https://www.theregister.com/2020/12/07/microsoft_teams_rce_flaw/
Wormable Code Execution Flaw In Cisco Jabber and flawed patch https://packetstormsecurity.com/news/view/31843/Wormable-Code-Execution-Flaw-In-Cisco-Jabber-Is-Bad.html and https://www.theregister.com/2020/12/10/cisco_jabber_xss_rce_ntlm_hash_patches/
New Injection Technique Exposes Data in PDFs https://www.securityweek.com/new-injection-technique-exposes-data-pdfs
Zero-day in WordPress SMTP plugin abused to reset admin account passwords https://www.zdnet.com/article/zero-day-in-wordpress-smtp-plugin-abused-to-reset-admin-account-passwords
Possible Code Execution Flaw in Apache Struts https://www.securityweek.com/possible-code-execution-flaw-apache-struts
D-Link Routers at Risk for Remote Takeover from Zero-Day Flaws https://threatpost.com/d-link-routers-zero-day-flaws/162064/
GE puts default password in radiology devices, leaving healthcare networks exposed https://arstechnica.com/information-technology/2020/12/default-password-in-radiology-devices-leaves-healthcare-networks-open-to-attack/
Siemens, Schneider Electric Address Serious Vulnerabilities in ICS Products https://www.securityweek.com/siemens-schneider-electric-address-serious-vulnerabilities-ics-products and https://blog.talosintelligence.com/2020/12/vulnerability-spotlight-remote-code.html
Patch Tuesday, Good Riddance 2020 Edition https://krebsonsecurity.com/2020/12/patch-tuesday-good-riddance-2020-edition/
Bitter war of words erupts between UK cops and web security expert over alleged flaws in Cyberalarm monitoring tool https://www.databreaches.net/bitter-war-of-words-erupts-between-uk-cops-and-web-security-expert-over-alleged-flaws-in-cyberalarm-monitoring-tool/
Valve's Steam Server Bugs Could've Let Hackers Hijack Online Games https://thehackernews.com/2020/12/valves-steam-server-bugs-couldve-let.html

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

Trends, Alerts, and Events:
- FireEye Says It Was Hacked by a Nation-State https://www.nytimes.com/2020/12/08/technology/fireeye-hacked-russians.html and https://www.schneier.com/blog/archives/2020/12/fireeye-hacked.html
- US Government Confirms Cyberattacks https://www.securityweek.com/us-government-confirms-cyberattack, https://www.databreachtoday.com/us-commerce-treasury-hit-in-network-intrusions-a-15584
- SolarWinds admits product updates were subverted by nation state while FireEye warns exploit is rampant https://www.theregister.com/2020/12/14/solarwinds_fireeye_cozybear/
Nation State Actors:
- Hackers Breached Israeli Water Reservoir HMI System https://www.databreachtoday.com/hackers-breached-israeli-water-reservoir-hmi-system-a-15537
- COVID-19 vaccine data has been unlawfully accessed in hack of EU regulator https://arstechnica.com/information-technology/2020/12/hackers-unlawfully-access-data-related-to-promising-covid-19-vaccines/ and https://threatpost.com/pfizer-covid-19-vaccine-cyberattack/162170/
- MoleRats APT Returns with Espionage Play Using Facebook, Dropbox https://threatpost.com/molerats-apt-espionage-facebook-dropbox/162162/
- Russian APT28 Hackers Using COVID-19 as Bait to Deliver Zebrocy Malware https://thehackernews.com/2020/12/russian-apt28-hackers-using-covid-19-as.html
- SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign https://threatpost.com/sidewinder-apt-nepal-afghanistan-spy-campaign/162086/
CISA Warns of Increasing Cyberthreats to US K-12 Schools https://www.databreachtoday.com/cisa-warns-increasing-cyberthreats-to-us-k-12-schools-a-15580
Ransomware gangs are getting faster at encrypting networks. That will make them harder to stop https://www.zdnet.com/article/ransomware-gangs-are-getting-faster-at-encrypting-networks-that-will-make-them-harder-to-stop/
Most Victim Organizations Suffer Second Intrusion Within a Year https://www.databreaches.net/most-victim-organizations-suffer-second-intrusion-within-a-year/
Phishing Campaign Targets 200M Microsoft 365 Accounts https://www.darkreading.com/threat-intelligence/phishing-campaign-targets-200m-microsoft-365-accounts/d/d-id/1339637
2020's worst cryptocurrency breaches, thefts, and exit scams https://www.zdnet.com/article/2020s-worst-cryptocurrency-breaches-thefts-and-exit-scams
Investigating the Gootkit Loader https://www.trendmicro.com/en_us/research/20/l/investigating-the-gootkit-loader.html
Crime:
- Rogue ex-Cisco employee who crippled WebEx conferences and cost Cisco millions gets two years in US prison https://www.theregister.com/2020/12/12/in_brief_security/
- Federal Aviation Administration Employee Arrested for Using Confidential Information for Attempted Extortion Scheme https://www.databreaches.net/va-federal-aviation-administration-employee-arrested-for-using-confidential-information-for-attempted-extortion-scheme/
- Individual Pleads Guilty to Participating in Internet-of-Things Cyberattack in 2016 https://www.databreaches.net/individual-pleads-guilty-to-participating-in-internet-of-things-cyberattack-in-2016/
- British voyeur escapes US extradition over 770 cases of webcam malware https://www.theregister.com/2020/12/11/christopher_taylor_webcam_perv_extradition_case/

Other Security / Risk

Articles covering other types of risks.

Why IT and Security Teams Do Not See Eye to Eye https://www.databreachtoday.com/it-security-teams-do-see-eye-to-eye-a-15541
Artificial Intelligence Is Now Shockingly Good at Sounding Human https://www.scientificamerican.com/video/artificial-intelligence-is-now-shockingly-good-at-sounding-human/
Zodiac Killer cipher is cracked after eluding sleuths for 51 years https://arstechnica.com/information-technology/2020/12/zodiac-killer-cipher-is-cracked-after-eluding-sleuths-for-51-years/
Google Chrome's crackdown on ad blockers and browser extensions https://www.theregister.com/2020/12/10/googles_browser_extension_platform_rewrite/
With guns drawn, police raid home and seize computers of COVID-19 data whistleblower https://www.theverge.com/2020/12/7/22160181/rebekah-jones-raid-seizure-search-warrant-covid-19-whistleblower-florida
Coronavirus Shows You May Not Be as Good at Detecting Misinformation as You Think https://www.sciencealert.com/coronavirus-reveals-you-may-not-be-as-good-at-detecting-misinformation-as-you-think
(Bullet Missed) A huge eruption on the sun could interfere with power grids and GPS this week. The aurora may appear from Pennsylvania to Oregon https://www.businessinsider.com/solar-eruption-storm-could-bring-aurora-to-northern-us-2020-12
Health, Safety & Environment:
- Clinical Trials of 'Universal' Flu Vaccine That Blocks Multiple Strains Show Promise https://www.sciencealert.com/early-clinical-trials-promise-a-universal-vaccine-that-blocks-multiple-flu-strains
- Patients with non-cardiac chest pain are reassured with brief education https://scienmag.com/patients-with-non-cardiac-chest-pain-are-reassured-with-brief-education/
- How clean is the air in your office? https://www.bbc.co.uk/news/business-55235252
- Test your heart health by climbing stairs https://scienmag.com/test-your-heart-health-by-climbing-stairs/

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

The spread, curves, spikes, and waves - now reinfection:
- Record deaths in Germany and Russia https://www.bbc.co.uk/news/55273817
- U.S. could see more coronavirus deaths per day than 9/11 for months https://globalnews.ca/news/7515674/coronavirus-deaths-us-9-11/
- Canada’s coronavirus cases surpass 460K as first vaccine shipments arrive https://globalnews.ca/news/7519817/coronavirus-canada-update-dec-13/
- Ontario reports 1,677 new coronavirus cases, 16 more deaths https://globalnews.ca/news/7519210/ontario-coronavirus-cases-december-13-covid19/
- Quebec reports 40 additional COVID-19 deaths, 1,898 more cases https://globalnews.ca/news/7518406/quebec-covid-19-coronavirus-dec-12/
- A medical conference held in late February in Boston may have caused up to 300K coronavirus infections https://www.businessinsider.com/february-medical-conference-caused-up-to-300000-covid-19-cases-2020-12
- Whitby nursing home now reports almost 160 coronavirus cases, including 40 staff https://globalnews.ca/news/7507093/coronavirus-sunnycrest-nursing-home-whitby/
- Hundreds of mink dead from COVID-19 on Fraser Valley farm in B.C. https://globalnews.ca/news/7518149/hundreds-of-mink-dead-from-covid-19-on-fraser-valley-farm-in-b-c/
Guidance, Response and Recovery:
- New Zealand and Australia agree on quarantine-free travel bubble https://www.bbc.co.uk/news/world-asia-55298324
- Canada-U.S. border closure extended to Jan. 21 as coronavirus cases soar, CBSA says https://globalnews.ca/news/7518359/coronavirus-canada-us-border-closure-extension/
- York Region to enter lockdown zone in Ontario’s COVID-19 pandemic plan https://globalnews.ca/news/7515895/york-region-lockdown-grey-zone-ontario-coronavirus/
- Pandemic has 1 in 4 Canadians thinking about switching careers https://globalnews.ca/news/7519633/covid-19-pandemic-has-1-in-4-canadians-thinking-about-switching-careers/
Treatments, Testing, Triage, Trials, and things we Learned:
- Five key genes linked to severe COVID-19 found, suggesting drug targets https://www.ctvnews.ca/health/coronavirus/five-key-genes-linked-to-severe-covid-19-found-suggesting-drug-targets-1.5227383
- We Just Got Even More Evidence That Some Dogs Can Reliably Detect COVID-19 https://www.sciencealert.com/early-tests-show-dogs-have-some-ability-to-smell-covid-19-on-our-sweat
- A saliva-based smartphone platform could rapidly expand COVID-19 testing https://scienmag.com/a-saliva-based-smartphone-platform-could-rapidly-expand-covid-19-testing/
- Scientists Show How SARS-CoV-2 Causes Multiple Organ Failure in Experimental Mouse Model https://www.sciencealert.com/experimental-breakthrough-shows-how-sars-cov-2-causes-multiple-organ-failure-in-mice
- In case you were wondering, the 1981 Spanish Flu ended in heard immunity https://www.washingtonpost.com/history/2020/09/01/1918-flu-pandemic-end/
- Children need not worry, Santa Claus granted travel exemption for Christmas in Ottawa https://globalnews.ca/news/7516291/coronavirus-ottawa-santa-claus/_Vaccines Progress:
- Russia’s Sputnik coronavirus vaccine and alcohol don't mix https://nationalpost.com/news/world/an-unforeseen-problem-with-russias-sputnik-coronavirus-vaccine-stop-drinking-alcohol
- How to Build Trust in the Vaccines https://www.theatlantic.com/ideas/archive/2020/12/how-to-build-trust-vaccines/617367/
- U.S. FDA approves Pfizer coronavirus vaccine https://globalnews.ca/news/7518069/us-approves-pfizer-coronavirus-vaccine/
- Canada approves Pfizer coronavirus vaccine https://globalnews.ca/news/7510755/pfizer-vaccine-approval-canada/
- UK allergy warning over Pfizer jab https://www.bbc.co.uk/news/health-55244122
- No, there isn’t evidence that Pfizer’s vaccine causes infertility https://www.nytimes.com/2020/12/10/technology/no-there-isnt-evidence-that-pfizers-vaccine-causes-infertility.html
- Canada’s 1st batch of coronavirus vaccines have arrived https://globalnews.ca/news/7520018/canada-coronavirus-vaccine-1st-batch/
- Australia has become the first country to abandon a vaccine attempt https://www.businessinsider.com/coronavirus-vaccine-australia-scrap-750m-project-false-hiv-test-results-2020-12
- Welcome to Vaccine Purgatory https://www.theatlantic.com/newsletters/archive/2020/12/the-next-six-months-will-be-vaccine-purgatory/617373/
- Deaths rise along with vaccine hopes as Canada faces grim coronavirus winter https://globalnews.ca/news/7517817/canada-coronavirus-cases-dec-11/
Vaccine Passports:
- Proof of vaccination wades into ‘murky territory’ ethically, experts say https://globalnews.ca/news/7510650/coronavirus-proof-of-vaccination-ethics-experts/
- Issues may arise if employers ask employees if they’re vaccinated https://globalnews.ca/news/7517468/coronavirus-issues-employers-ask-employees-vaccinated-ipc/
- Ontario to provide proof of COVID vaccination, those without it may face restrictions https://toronto.citynews.ca/2020/12/08/ontario-to-provide-proof-of-covid-vaccination-those-without-it-may-face-restrictions/
- Vaccinated? Show Us Your App https://www.nytimes.com/2020/12/13/technology/coronavirus-vaccine-apps.html
Masks, anti-maskers, distancing, compliance, and repercussions:
- The mask-wearing US city that bucked the trend https://www.bbc.com/news/55216518
- What Motivates COVID Rule Breakers? https://www.scientificamerican.com/article/what-motivates-covid-rule-breakers/
- Man fined $3,500 for breaking Taiwan coronavirus quarantine for 8 seconds https://www.cnn.com/2020/12/07/asia/taiwan-quarantine-fine-scli-intl/index.html
- Regina police ready to enforce public health orders at anti-mask rally https://globalnews.ca/news/7518519/regina-police-enforce-public-health-orders-anti-mask-rally/
- Cambridge gym, Waterloo restaurant fined for not following COVID-19 rules https://globalnews.ca/news/7517166/cambridge-waterloo-coronavirus-violation-fines/
- Europol Warns of COVID-19 Vaccine Crime Gangs https://www.databreachtoday.com/europol-warns-covid-19-vaccine-crime-gangs-a-15536

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

Scientists Just Set a New World Record in Solar Cell Efficiency https://www.sciencealert.com/scientists-just-beat-another-solar-cell-efficiency-world-record
New African Potato Resists The Same Disease That Caused The Irish Potato Famine https://www.sciencealert.com/scientists-create-a-new-potato-with-complete-resistance-to-a-disastrous-disease
Chuck Yeager: First pilot to fly supersonic dies aged 97 https://www.bbc.co.uk/news/world-us-canada-55225903
SpaceX Mars rocket launches successfully, explodes upon landing https://www.cbc.ca/news/technology/spacex-starship-1.5832868
If We Used the Sun as a Gravitational Lens Telescope, This is What a Planet at Proxima Centauri Would Look Like https://www.universetoday.com/149214/if-we-used-the-sun-as-a-gravitational-lens-telescope-this-is-what-a-planet-at-proxima-centauri-would-look-like/
Does Planet Nine exist? An alien world 300 light years away gives hope https://www.syfy.com/syfywire/does-planet-nine-exist-an-alien-world-300-light-years-away-gives-hope
Physicists Give Schrodinger's Cat a Cheshire Grin https://www.sciencealert.com/schrodinger-s-cat-gets-a-cheshire-grin-in-a-mind-bending-quantum-physics-analysis
This Teen's Brilliantly Simple Explainer on Quantum Mechanics Just Won a Global Prize https://www.sciencealert.com/17-year-old-wins-global-science-prize-for-brilliant-explainer-on-quantum-mechanics
Dogs Probably Don't Understand Us as Well as We Think https://www.sciencealert.com/dogs-may-not-actually-understand-us-as-much-we-think-brain-scans-reveal
Weird grammar rule that most people who were brought up speaking English know but aren't aware of (older) https://www.theguardian.com/commentisfree/2016/sep/13/sentence-order-adjectives-rule-elements-of-eloquence-dictionary

previous

LLMNR / NBT-NS: You’re Poison!

next