Welcome to This Week’s [in]Security. e-commerce security: PCI, Magecart, & the DOM part 1. New breaches: Windows passwords, Pipeline#2, VW, EA games, Mc Donalds, Self-breached? New Ransomware: Exit plans & Lawyers. Major outages: Failing Fastly. Follow-ups & Fall-out: Infographic & analysis, Recouped Bitcoins, Humana suit, JBL meat pays out, MoviePass. Privacy: Cookie banners, Forget my face, Floc, Bitcoin Anon, Apple, WhatsApp. Laws & Regs - Canada: RCMP, More C-10. US: Tiktok, HIPPA, Disclosure, Hacking back. The world: Antitrust, Misuse. Standards: NIST OSCAL, drafts, extensions. Defense: Software Design, Supply Chain, Deepfakes, Slander, HIBP, Fellowships. Vulnerabilities: MS, IE RIP, Chrome, Intel, Adobe, Polkit, ALPACA, Bloodhound, Weapons, Quantum. Cybercrime - Trends: 5 Attacks, Nation States. The An0m sting, Crime. Misconduct, Tricky. Other Risks: Health, Safety & Environment: Alzheimer's, CO2. Covid-19: Spread, Curves, Waves, and Variants. Response, Immunity, Donating Vaccines, Learned, Impact, Covid Ugly. And more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

• PCI, Magecart, and the DOM – Part 1 – The PCI e-commerce rules https://controlgap.com/blog/PCI-MageCart-DOM-Part1

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

• New Breaches:

  • A Mystery Malware Stole 26 Million Passwords From Windows PCs https://www.wired.com/story/mystery-malware-stole-26-million-passwords-from-windows-computers
  • Ransomware Hit Another Pipeline Firm—and 70GB of Data Leaked https://www.wired.com/story/linestar-pipeline-ransomware-leak
  • Security Breach Exposes Data Of 3.3 Million Volkswagen, Audi Owners https://www.pymnts.com/news/security-and-risk/2021/security-breach-exposes-data-of-volkswagen-audi-owners/
  • Hackers breach gaming giant Electronic Arts, steal game source code https://www.bleepingcomputer.com/news/security/hackers-breach-gaming-giant-electronic-arts-steal-game-source-code/
  • McDonald's (Asia) discloses data breach after theft of customer, employee info https://www.bleepingcomputer.com/news/security/mcdonalds-discloses-data-breach-after-theft-of-customer-employee-info/
  • Military Vehicles Maker Navistar Reports Data-Theft Cyberattack https://www.securityweek.com/military-vehicles-maker-navistar-reports-data-theft-cyberattack
  • SmartSearch issues warning over risk of GDPR breach https://www.databreaches.net/smartsearch-issues-warning-over-risk-of-gdpr-breach/
  • Cybercrime forum advertises alleged database, source code from Russian firm that helped Parler https://www.databreaches.net/cybercrime-forum-advertises-alleged-database-source-code-from-russian-firm-that-helped-parler/
  • CD Projekt: Data stolen in ransomware attack now circulating online https://www.bleepingcomputer.com/news/security/cd-projekt-data-stolen-in-ransomware-attack-now-circulating-online/
  • Lax security around URL shortener exposed PII of US retailer Carter's customer base https://www.zdnet.com/article/lax-security-around-url-shortener-exposed-pii-of-us-retailer-carters-customer-base
  • US House Rep on cyber committees tweets Gmail password, PIN in Capitol riot lawsuit outrage https://www.theregister.com/2021/06/07/brooks_gmail_password/

• New Ransomware and "Incidents":

  • Avaddon ransomware shuts down and releases decryption keys https://www.bleepingcomputer.com/news/security/avaddon-ransomware-shuts-down-and-releases-decryption-keys/
  • Computer memory maker ADATA hit by Ragnar Locker ransomware https://www.bleepingcomputer.com/news/security/computer-memory-maker-adata-hit-by-ragnar-locker-ransomware/
  • NYC's 1,000-Lawyer Law Department Targeted by Cyberattack https://www.securityweek.com/nyc%E2%80%99s-1000-lawyer-law-department-targeted-cyberattack
  • Spain's Ministry of Labor and Social Economy hit by cyberattack https://www.bleepingcomputer.com/news/security/spains-ministry-of-labor-and-social-economy-hit-by-cyberattack/
  • De: Pearl takes online shop offline after cyberattack https://www.databreaches.net/de-pearl-takes-online-shop-offline-after-cyberattack/

• Major outages/downs:

  • StackOverflow, Twitch, Reddit, others down in Fastly CDN outage https://www.bleepingcomputer.com/news/security/stackoverflow-twitch-reddit-others-down-in-fastly-cdn-outage/
  • Websites begin to work again after major breakage https://www.bbc.co.uk/news/technology-57399628
  • How an Obscure Company Took Down Big Chunks of the Internet https://www.wired.com/story/fastly-cdn-internet-outages-2021
  • One Fastly customer triggered internet meltdown https://www.bbc.co.uk/news/technology-57413224

• Follow-ups and fall-out:

  • Ten years of breaches in one image https://www.theverge.com/22518557/data-breach-infographic-leaked-passwords-have-i-been-pwned
  • Analysis of 100 Data Breaches: Part 2, What are the root causes of breaches? https://www.imperva.com/blog/analysis-of-100-data-breaches-part-2-what-are-the-root-causes-of-breaches/
  • Billions of Compromised Records and Counting: Why the Application Layer is Still the Front Door for Data Breaches https://threatpost.com/billions-of-compromised-records-and-counting/166633/
  • US recovers most of Colonial Pipeline's $4.4M ransomware payment https://www.bleepingcomputer.com/news/security/us-recovers-most-of-colonial-pipelines-44m-ransomware-payment/
  • Wray: FBI Frowns on Ransomware Payments Despite Recent Trend https://www.securityweek.com/wray-fbi-frowns-ransomware-payments-despite-recent-trend
  • Humana sued in federal court over apparent data breach https://www.databreaches.net/humana-sued-in-federal-court-over-apparent-data-breach/
  • Meat company pays $11m ransom over cyber-attack https://www.bbc.co.uk/news/business-57423008
  • MoviePass settles with FTC over fraud and data security failures https://www.theverge.com/2021/6/7/22523172/moviepass-ftc-fraud-subscribers-data-security-privacy-app

Privacy

Articles about privacy related news, risks, and trends.

• Are Cookie Banners a Waste of Time or a Complete Waste of Time?, (Thu, May 20th) https://isc.sans.edu/diary/rss/27436
• Is there any way out of Clearview's facial recognition database? https://www.theverge.com/22522486/clearview-ai-facial-recognition-avoid-escape-privacy
• Mozilla Says Google's New Ad Tech—FLoC—Doesn't Protect User Privacy https://thehackernews.com/2021/06/mozilla-says-googles-new-ad.html
• Bitcoin anonymity is just a big myth — and using it to launder dirty money is stupid, a crypto ATM chief says https://markets.businessinsider.com/currencies/news/bitcoin-anonymous-untraceable-myths-stupid-dirty-money-laundering-crypto-chief-2021-6-1030517840
• All the New Privacy Features Coming to iOS and macOS https://www.wired.com/story/new-privacy-security-features-ios-15-macos-monterey
• iOS15: Apple continues privacy war with app tracker reports https://www.bbc.co.uk/news/technology-57392458
• WhatsApp launches privacy campaign after backlash https://www.bbc.co.uk/news/technology-57440405

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

• Canada:

  • RCMP broke the law with Clearview AI facial recognition software: watchdog https://globalnews.ca/news/7937654/rcmp-clearview-ai-facial-recognition-canada/
  • The Law Bytes Podcast, Episode 91: “This is No Way to Regulate” – Former CRTC Chair Konrad von Finckenstein Speaks Out on the CRTC and Bill C-10 https://www.michaelgeist.ca/2021/06/law-bytes-podcast-episode-91/

• US:

  • Biden revokes Trump bans on TikTok and WeChat https://www.theverge.com/2021/6/9/22525953/biden-tiktok-wechat-trump-bans-revoked-alipay
  • Big Data Profits If We Deregulate HIPAA https://www.eff.org/deeplinks/2021/06/big-data-profits-if-we-deregulate-hipaa
  • CISA Expanding Mandatory Vulnerability Disclosure Program https://www.databreachtoday.com/cisa-expanding-mandatory-vulnerability-disclosure-program-a-16831
  • Combating Ransomware: Lawmaker Wants Spies 'Hacking Back' https://www.databreachtoday.com/combating-ransomware-lawmaker-wants-spies-hacking-back-a-16815
  • FBI drops subpoena to identify readers of USA Today article about shootout with agents https://www.theregister.com/2021/06/08/fbi_usatoday_subpoena/
  • Connecticut on its Way to an Enhanced Data Breach Notification Law https://www.databreaches.net/connecticut-on-its-way-to-an-enhanced-data-breach-notification-law/
  • EFF Files Amicus Brief Defending the Right to Repair in Massachusetts https://www.eff.org/deeplinks/2021/06/eff-files-amicus-brief-defending-right-repair-massachusetts
  • The cryptocurrency market doesn't need new rules and can be governed under existing regulation, former SEC chief says https://www.businessinsider.com/cryptocurrency-can-be-governed-under-existing-regulation-former-sec-chief-2021-6
  • A federal judge just ruled against over 100 Houston hospital workers who will be fired if they don't get the COVID-19 vaccine https://www.businessinsider.com/federal-judge-dismisses-houston-methodist-hospital-vaccine-mandate-lawsuit-2021-6

• World:

  • Google Pays $270 Million to Settle Antitrust Charges in France https://www.nytimes.com/2021/06/07/technology/google-france-antitrust-ads.html
  • We're right behind Computer Misuse Act reforms for busting ransomware gangs, says UK infosec industry https://www.theregister.com/2021/06/07/cma_reforms_anti_ransomware_high_agenda/

• Standards News:

  • NIST Releases the Open Security Controls Assessment Language (OSCAL) 1.0.0 https://csrc.nist.gov/news/2021/nist-releases-oscal-1-0-0
  • NIST/NCCoE has released a new draft report, NISTIR 8336, Background on Identity Federation Technologies for the Public Safety Community open for comment through July 26 https://csrc.nist.gov/publications/detail/nistir/8336/draft
  • NIST/NCCoE has released a new preliminary Draft report, NISTIR 8374, Cybersecurity Framework Profile for Ransomware Risk Management open for comment through July 9 https://csrc.nist.gov/publications/detail/nistir/8374/draft
  • NIST extended the comment period to July 9 on draft SP 800-66 Revision 1, An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule (“Resource Guide”) https://csrc.nist.gov/publications/detail/sp/800-66/rev-2/draft
  • NIST extended the comment period to June 25 on draft SP 800-161 Revision 1, Cyber Supply Chain Risk Management Practices for Systems and Organizations https://csrc.nist.gov/publications/detail/sp/800-161/rev-1/draft

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

• Ransomware Is Not the Problem - arbitrarily powerful software is https://www.darkreading.com/attacks-breaches/ransomware-is-not-the-problem/a/d-id/1341171
• Software Security Testing – Hidden Thoughts Can Cost You https://blog.isc2.org/isc2_blog/2021/06/software-security-testing.html
• Verifiable Supply Chain Metadata for Kubernetes Tekton https://security.googleblog.com/2021/06/verifiable-supply-chain-metadata-for.html
• Detecting Deepfake Picture Editing https://www.schneier.com/blog/archives/2021/06/detecting-deepfake-picture-editing.html
• Google Seeks to Break Vicious Cycle of Online Slander https://www.nytimes.com/2021/06/10/technology/google-algorithm-known-victims.html and https://www.theverge.com/2021/6/10/22527481/google-search-results-slander-industry-individuals-nyt-report
• Keeping an Eye on Dangerous Python Modules, (Fri, Jun 11th) https://isc.sans.edu/diary/rss/27514
• Senate approves billions for US semiconductor manufacturing https://www.theverge.com/2021/6/8/22457293/semiconductor-chip-shortage-funding-frontier-china-competition-act
• GitHub now scans for accidentally-exposed PyPI, RubyGems secrets https://www.bleepingcomputer.com/news/security/github-now-scans-for-accidentally-exposed-pypi-rubygems-secrets/
• How purple teams can embrace hacker culture to improve security https://www.microsoft.com/security/blog/2021/06/10/how-purple-teams-can-embrace-hacker-culture-to-improve-security/
• Expanding the Have I Been Pwned Volunteer Community https://www.troyhunt.com/expanding-the-have-i-been-pwned-volunteer-community/
• Welcoming the Uruguayan Government to Have I Been Pwned https://www.troyhunt.com/welcoming-the-uruguayan-government-to-have-i-been-pwned/
• 2021 Information Controls Fellowship Program https://citizenlab.ca/2021/06/2021-information-controls-fellowship-program/
• Hiring for iCrime https://www.lightbluetouchpaper.org/2021/06/08/hiring-for-icrime/
• Celebrating 7 Years of Project Galileo https://blog.cloudflare.com/celebrating-7-years-of-project-galileo/

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

• Microsoft Patches Six Zero-Day Security Holes https://krebsonsecurity.com/2021/06/microsoft-patches-six-zero-day-security-holes/
• June Patch Tuesday: Internet Explorer Finally Laid to Rest https://www.trendmicro.com/en_us/research/21/f/june-patch-tuesday-internet-explorer-finally-laid-to-rest.html
• Google Patches Chrome Zero-Day Used by Commercial Exploit Company https://www.securityweek.com/google-patches-chrome-zero-day-used-commercial-exploit-company
• Intel Releases 29 Advisories to Describe 73 Vulnerabilities Affecting Its Products https://www.securityweek.com/intel-releases-29-advisories-describe-73-vulnerabilities-affecting-its-products
• Intel's latest patch set plugs some serious holes in CPU, Bluetooth, server, and – ironically – security lines https://www.theregister.com/2021/06/09/intels_latest_patch_set/
• Adobe issues security updates for 41 vulnerabilities in 10 products https://www.bleepingcomputer.com/news/security/adobe-issues-security-updates-for-41-vulnerabilities-in-10-products/
• WAGO Controller Flaws Can Allow Hackers to Disrupt Industrial Processes https://www.securityweek.com/wago-controller-flaws-can-allow-hackers-disrupt-industrial-processes
• 7-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access https://thehackernews.com/2021/06/7-year-old-polkit-flaw-lets.html
• Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users https://thehackernews.com/2021/06/hackers-can-exploit-samsung-pre.html
• ALPACA: New TLS Attack Allows User Data Extraction, Code Execution https://www.securityweek.com/alpaca-new-tls-attack-allows-user-data-extraction-code-execution
• BloodHound – Sniffing Out the Path Through Windows Domains https://www.sans.org/blog/bloodhound-sniffing-out-path-through-windows-domains
• Hackers can mess with HTTPS connections by sending data to your email server https://arstechnica.com/gadgets/2021/06/hackers-can-mess-with-https-connections-by-sending-data-to-your-email-server/
• Vulnerabilities in Weapons Systems https://www.schneier.com/blog/archives/2021/06/vulnerabilities-in-weapons-systems.html
• Researchers take quantum encryption out of the lab https://scienmag.com/researchers-take-quantum-encryption-out-of-the-lab/
• On Tight Quantum Security of HMAC and NMAC in the Quantum Random Oracle Model, by Akinori Hosoyamada and Tetsu Iwata https://eprint.iacr.org/2021/774

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

• Trends, Alerts, and Events (other than major breaches):

  • Phished Account Credentials Mostly Verified in Hours https://www.darkreading.com/threat-intelligence/phished-account-credentials-mostly-verified-in-hours/d/d-id/1341240
  • Researchers Discover First Known Malware Targeting Windows Containers https://thehackernews.com/2021/06/researchers-discover-first-known.html
  • The Five Most Dangerous New Attack Techniques https://www.sans.org/blog/the-five-most-dangerous-new-attack-techniques
• Steam Gaming Platform Hosting Malware https://threatpost.com/steam-gaming-delivering-malware/166784/
• The Ruthless Cyber Gang Behind the Hospital Ransomware Crisis https://www.databreaches.net/the-ruthless-cyber-gang-behind-the-hospital-ransomware-crisis/
• Stealthy Gelsemium cyberspies linked to NoxPlayer supply-chain attack https://www.bleepingcomputer.com/news/security/stealthy-gelsemium-cyberspies-linked-to-noxplayer-supply-chain-attack/
• Combating Against Malware Attacks: A Perspective from Brazil https://blog.pcisecuritystandards.org/combating-against-malware-attacks-a-perspective-from-brazil

• Nation State Actors:

  • APT Group Kimsuky Has New Attack Technique, Researchers Say https://www.databreachtoday.com/apt-group-kimsuky-has-new-attack-technique-researchers-say-a-16833
  • Russian hackers breached Dutch police systems in 2017 https://www.databreaches.net/russian-hackers-breached-dutch-police-systems-in-2017/
  • Security researcher says attacks on Russian government have Chinese fingerprints – and typos, too https://www.theregister.com/2021/06/09/mail_o_malware_maybe_chinese/

• The An0m sting:

  • ‘An0m' Encrypted-Chat Sting Leads to Arrest of 800 https://threatpost.com/an0m-encrypted-chat-sting-arrest-800/166716/
  • ANOM: Hundreds arrested in massive global crime sting https://www.bbc.co.uk/news/world-57394831
  • FBI/AFP-Run Encrypted Phone https://www.schneier.com/blog/archives/2021/06/fbi-afp-run-encrypted-phone.html
  • FBI paid renegade developer $180k for backdoored AN0M chat app that brought down drug underworld https://www.theregister.com/2021/06/08/fbi_trojan_shield/

• Crime & Arrests, etc.:

  • Authorities Take Down Stolen Login Credentials Marketplace Slilpp https://www.securityweek.com/authorities-take-down-stolen-login-credentials-marketplace-slilpp
  • Chief Operating Officer of Network Security Company Charged with Cyberattack on Medical Center https://www.databreaches.net/chief-operating-officer-of-network-security-company-charged-with-cyberattack-on-medical-center/
  • 30 going on 13: Mom charged after posing as teen daughter at school https://globalnews.ca/news/7927536/school-pose-teen-daughter-student-13-30/
  • ADT Technician Sentenced for Hacking Home Security Footage https://www.databreaches.net/adt-technician-sentenced-for-hacking-home-security-footage/
  • Trikbot Hacker Known as Max Is 55-Year-Old Woman From Russia, U.S. Says https://www.databreaches.net/trikbot-hacker-known-as-max-is-55-year-old-woman-from-russia-u-s-says/

Other Security / Risk

Articles covering other types of risks.

• Information Flows and Democracy https://www.schneier.com/blog/archives/2021/06/information-flows-and-democracy.html
• Amazon Sidewalk: Cutting Through the Hype - what it is and isn't https://isc.sans.edu/diary/rss/27502
• Microsoft's Kate Crawford: ‘AI is neither artificial nor intelligent' https://www.theguardian.com/technology/2021/jun/06/microsofts-kate-crawford-ai-is-neither-artificial-nor-intelligent
• Adventures in Contacting the Russian FSB https://krebsonsecurity.com/2021/06/adventures-in-contacting-the-russian-fsb/
• New Hampshire Election Audit, part 2 https://freedom-to-tinker.com/2021/06/07/new-hampshire-election-audit-part-2/
• The Humans In The Mainframe | Common Misunderstandings In Mainframe Security Management https://www.itspmagazine.com/their-stories/the-humans-in-the-mainframe-common-misunderstandings-in-mainframe-security-management-a-key-resources-story-with-ray-overby

• Health, Safety & Environment:

  • Why It Took A Pandemic To Bring Healthcare Into The Connected Economy https://www.pymnts.com/healthcare/2021/why-it-took-a-pandemic-to-bring-healthcare-into-the-connected-economy/
  • Bodies May Treat Fast Food Like a Dangerous Infection, Mouse Experiment Shows https://www.sciencealert.com/bodies-may-treat-a-western-diet-like-a-dangerous-infection-mouse-experiment-shows
  • Controlling insulin production with a smartwatch https://scienmag.com/controlling-insulin-production-with-a-smartwatch/
  • A 'Universal' Coronavirus Vaccine to Prevent the Next Pandemic https://www.scientificamerican.com/podcast/episode/a-universal-coronavirus-vaccine-to-prevent-the-next-pandemic1/
  • Mosquito hack cuts dengue fever by 77% https://www.bbc.co.uk/news/health-57417219
  • A better understanding of ‘wet markets' is key to safeguarding human health, biodiversity https://scienmag.com/a-better-understanding-of-wet-markets-is-key-to-safeguarding-human-health-biodiversity/
  • Molecular changes in white blood cells can help diagnose ‘the bends' earlier in divers https://scienmag.com/molecular-changes-in-white-blood-cells-can-help-diagnose-the-bends-earlier-in-divers/
  • Deposits of Copper And Magnetic Iron Found in Alzheimer's Patients' Brains https://www.sciencealert.com/scientists-identify-deposits-of-copper-and-magnetic-iron-in-alzheimer-s-brains
  • The Drug That Could Break American Health Care https://www.theatlantic.com/ideas/archive/2021/06/aduhelm-drug-alzheimers-cost-medicare/619169/
  • Landmark Alzheimer's Drug Approval Confounds Research Community https://www.scientificamerican.com/article/landmark-alzheimers-drug-approval-confounds-research-community/
  • FDA Just Approved First New Alzheimer's Drug in 18 Years. Is It Worth It? https://www.sciencealert.com/the-fda-just-approved-the-first-new-alzheimer-s-drug-in-18-years-but-not-everyone-is-impressed
  • The Canadians who thought residential schools were a good idea https://www.msn.com/en-ca/news/canada/the-canadians-who-thought-residential-schools-were-a-good-idea/ar-AAKP6pE
  • Patient dies after fake doctor performs surgery at Pakistan hospital https://globalnews.ca/news/7928207/fake-doctor-security-guard-surgery-hospital-pakistan/
  • 8 of the world's most dangerous roads https://www.businessinsider.com/most-dangerous-roads-highways-world-2021-6
  • Canada, Alberta sign deal for $1.3B hydrogen plant in Edmonton https://www.cbc.ca/news/canada/edmonton/cda-alta-hydrogen-1.6059241
  • Atmospheric CO2 Just Hit a Peak Not Seen on Earth in 4 Million Years https://www.sciencealert.com/carbon-dioxide-just-hit-a-peak-not-seen-on-earth-in-4-million-years
  • Experiment evaluates the effect of human decisions on climate reconstructions https://scienmag.com/experiment-evaluates-the-effect-of-human-decisions-on-climate-reconstructions/
  • Climate protection: Deep decarbonization by 2050 currently not plausible https://scienmag.com/climate-protection-deep-decarbonization-by-2050-currently-not-plausible/

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

• The spread, curves, spikes, waves, reinfection, and variant strains:

  • More people have died of COVID-19 in 2021 than in 2020 and it's only June https://www.businessinsider.com/more-coronavirus-deaths-2021-so-far-compared-all-of-2020-2021-6
  • Mexico says a quarter of its population has been infected with COVID-19 https://globalnews.ca/news/7944278/mexico-covid-cases-population/
  • Canada's COVID-19 outlook continues to improve as cases, hospitalizations drop https://globalnews.ca/news/7935405/coronavirus-canada-june-9-2021/
  • Ontario reports 590 new COVID-19 cases, 11 deaths https://globalnews.ca/news/7937414/covid-19-cases-june-10-coronavirus/
  • 'Potential fourth wave is brewing' with spread of Delta variant, warns Peel's top doctor https://toronto.ctvnews.ca/potential-fourth-wave-is-brewing-with-spread-of-delta-variant-warns-peel-s-top-doctor-1.5462696
  • Delta COVID-19 variant cases are rising, prompting caution on reopening plans https://globalnews.ca/news/7939152/covid-delta-variant-canada/
  • All of Quebec now out of the red zone, restrictions ease further in some regions https://globalnews.ca/news/7927138/covid-19-quebec-exits-red-zone/
  • 2 passengers aboard a Mediterranean cruise tested positive for COVID-19 https://www.businessinsider.com/covid-cruises-msc-passengers-mediterranean-2021-6

• Guidance, Response, and Recovery:

  • The Public-Health Calculus Has Shifted https://www.theatlantic.com/ideas/archive/2021/06/public-health-vaccine-covid-19-calculus-has-changed/619180/
  • Canada easing COVID-19 hotel quarantine, isolation rules for fully vaccinated: source https://globalnews.ca/news/7933944/canada-quarantine-hotel-program/
  • Students living in residence at University of Toronto required to get COVID-19 vaccine https://toronto.ctvnews.ca/students-living-in-residence-at-university-of-toronto-required-to-get-covid-19-vaccine-1.5461796
  • Ontarians will now have to book a day pass for a provincial park 5 days in advance https://toronto.ctvnews.ca/ontarians-will-now-have-to-book-a-day-pass-for-a-provincial-park-5-days-in-advance-1.5459489
  • Pedal Pub in Saskatoon closer to spinning wheels https://globalnews.ca/news/7929730/pedal-pub-in-saskatoon-closer-to-spinning-wheels/

• Immunity and Vaccinations:

  • Ontario 'actively considering' prioritizing second doses of COVID-19 vaccine to hot-spot areas https://toronto.ctvnews.ca/ontario-actively-considering-prioritizing-second-doses-of-covid-19-vaccine-to-hot-spot-areas-1.5459034
  • Canada paid a premium to get COVID-19 vaccine doses from Pfizer earlier than planned https://www.cbc.ca/news/politics/canada-vaccine-contracts-1.6063776
  • Health Canada not releasing more than 300K doses of J&J vaccine over possible quality control issue https://www.ctvnews.ca/health/coronavirus/health-canada-not-releasing-more-than-300k-doses-of-j-j-vaccine-over-possible-quality-control-issue-1.5467374
  • Vaccine hesitancy: What prevents some Albertans from getting the COVID-19 vaccine? https://globalnews.ca/news/7942922/vaccine-motivation-hesitancy-alberta-covid-19/
  • U.S. unlikely to hit goal of vaccinating 70% of adults against COVID-19 by July 4 https://globalnews.ca/news/7933474/us-covid-vaccine-goal-unlikely/
  • Russia tests nasal spray COVID-19 vaccine for children aged 8 to 12 https://globalnews.ca/news/7944728/covid-vaccine-children-russia/

• G-7 leaders to pledge 1 billion doses of Covid vaccines to low-income nations https://www.cnbc.com/2021/06/11/g7-leaders-to-pledge-1-billion-doses-of-covid-vaccines-to-poorer-nations-.html

  • Canada donating 13M surplus COVID-19 vaccine doses to developing countries https://www.ctvnews.ca/health/coronavirus/canada-donating-13m-surplus-covid-19-vaccine-doses-to-developing-countries-1.5468407
  • Canada to donate 100M COVID-19 vaccines to world https://globalnews.ca/news/7941255/canada-covid-vaccine-donation-covax/
  • UK to donate more than 100m surplus vaccine doses, says PM https://www.bbc.co.uk/news/uk-57436535
  • U.S. expected to donate 500M COVID-19 Pfizer vaccine doses to the world https://globalnews.ca/news/7936240/u-s-donate-500m-covid-19-pfizer-vaccine/

• Things we learned:

  • Deadly Crashes in The US Surged During The Pandemic. This Could Be The Explanation https://www.sciencealert.com/deadly-crashes-in-the-us-surged-in-the-pandemic-despite-americans-driving-less
  • How COVID-19 wreaks havoc on human lungs https://scienmag.com/how-covid-19-wreaks-havoc-on-human-lungs/
  • How coronavirus aerosols travel through our lungs https://scienmag.com/how-coronavirus-aerosols-travel-through-our-lungs/
  • Scientists Have Calculated The Weight of All The SARS-CoV-2 in The World https://www.sciencealert.com/how-much-does-all-the-sars-cov-2-in-the-world-weigh
  • Don't Fall for These Lab-Leak Traps https://www.theatlantic.com/ideas/archive/2021/06/lab-leak-trap/619150/
  • The COVID Lab-Leak Hypothesis: What Scientists Do and Do Not Know https://www.scientificamerican.com/article/the-covid-lab-leak-hypothesis-what-scientists-do-and-do-not-know1/

• Impact:

  • Almost 16 million medical procedures built up in Ontario pandemic backlog https://toronto.ctvnews.ca/almost-16-million-medical-procedures-built-up-in-ontario-pandemic-backlog-1.5464945
  • Ontario students are up to 3 months behind in their learning due to COVID-19 lockdowns: Science Table https://toronto.ctvnews.ca/ontario-students-are-up-to-3-months-behind-in-their-learning-due-to-covid-19-lockdowns-science-table-1.5460940
  • Rest in peace: More than 400 tombstones placed in Toronto small business storefronts https://toronto.ctvnews.ca/rest-in-peace-more-than-400-tombstones-placed-in-toronto-small-business-storefronts-1.5459344

• More of the good, the bad, and the ugly:

  • A doctor falsely told lawmakers vaccines magnetize people: ‘They can put a key on their forehead. It sticks.' https://www.washingtonpost.com/nation/2021/06/09/sherri-tenpenny-magnetized-vaccine-ohio/
  • The Brazilian doctor offering bogus Covid remedies for social media likes https://www.bbc.co.uk/news/blogs-trending-57276286

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

• Earth now has a 5th ocean, according to National Geographic, which upgraded the status of the waters around Antarctica https://www.businessinsider.com/national-geographic-adds-fifth-southern-ocean-to-maps-2021-6
• New twist on DNA data storage lets users preview stored files https://scienmag.com/new-twist-on-dna-data-storage-lets-users-preview-stored-files/
• Ancient 'Megalake': The Largest Lake Ever Held 10 Times The Water of All Lakes Today https://www.sciencealert.com/new-study-charts-the-rise-and-fall-of-eurasia-s-ancient-megalake
• The Giant Megalodon Mega-Shark May Have Been Even Bigger Than We Thought https://www.sciencealert.com/prehistoric-mega-shark-megalodon-may-have-been-even-bigger-than-we-thought
• Clever Trick Used to Clean off InSight's Solar Panels and Boost its Power https://www.universetoday.com/151410/clever-trick-used-to-clean-off-insights-solar-panels-and-boost-its-power/
• Rogue Exoplanets Lurking in Space Could Have Habitable Moons, Scientists Say https://www.sciencealert.com/rogue-exoplanets-could-have-habitable-moons
• White Dwarf Measured Before it Exploded as a Supernova https://www.universetoday.com/151505/white-dwarf-measured-before-it-exploded-as-a-supernova/