Welcome to This Week’s [in]Security. DSSv4 timelines. Magecart. New breaches: CVS, Carnival Cruises, Wegmans. New Ransomware: G7 vs. Russia, Bitcoin?, ICS Software, Nukes, source released. Major outages: Puerto Rico, Follow-ups & Fall-out: Avaddon quits, 5B records, Lessons learned, US fines. Privacy: Trusting VPN providers, Pseudonymity, Phones, Cartoon App. Laws & Regs - Canada: Copyright. US: Web Scraping, DPA, Facial recognition, Section 230, Massachusetts and Google app installation. The world: Crypto-wars, USA-EU, Compelling Passwords, Apple-EU. Standards: NIST & NSA. Defense: MFA list, Supply chain, ScriptWatch, Free book. Vulnerabilities: Chrome & Apple ZD, Utility Sector, Cisco, Linux, Defibrillators, Peleton. FPE weaker, 2G/GPRS backdoor. Cybercrime - Trends: Vigilante malware? PDFs, SEO poison, Google Docs, Fake cryptocurrency devices, Ransomware ops, Nation States. Crime. Other Risks: Undersea cables, email risks, BadBots, Win10 EOS, Mainframes. Health, Safety & Environment: Bio-labs, Makeup, Pollution, More mRNA, Smart meters, Tesla crashes, Extremism. Covid-19: Spread, Curves, Waves, and Variants. Response, Vaccine passports, Borders, Immunity, Delta & Gamma, Canada, Learned, Covid Ugly. And more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

• Updated PCI DSS v4.0 Timeline https://blog.pcisecuritystandards.org/updated-pci-dss-v4.0-timeline
• Update timeline: PCI DSS v4 is Coming - What Can You Rely On: https://controlgap.com/blog/PCI-DSSv4-is-Coming
• Magecart are still going strong, join us and fight back! https://scotthelme.co.uk/magecart-still-going-strong-join-us-fight-back/

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

• New Breaches:

  • CVS Health Records for 1.1 Billion Customers Exposed https://threatpost.com/cvs-health-records-billion-customers-exposed/167011/
  • Carnival Cruise hit by data breach, warns of data misuse risk https://www.bleepingcomputer.com/news/security/carnival-cruise-hit-by-data-breach-warns-of-data-misuse-risk/
  • US supermarket chain Wegmans notifies customers of data breach https://www.bleepingcomputer.com/news/security/us-supermarket-chain-wegmans-notifies-customers-of-data-breach/
  • Thai government apologizes for data leak, blames "temporary glitch https://www.databreaches.net/thai-government-apologises-for-data-leak-blames-temporary-glitch/
  • Geek Squad Vishing Attack Bypasses Email Security to Hit 25K Mailboxes https://threatpost.com/geek-squad-vishing-bypasses-email-security/167014/
  • CAN-PQ: Hackers steal data from 2,300 people at CIUSSS de l'Est de Montréal https://www.databreaches.net/ca-hackers-steal-data-from-2300-people-at-ciusss-de-lest-de-montreal/
  • Fertility clinic discloses data breach exposing patient info https://www.bleepingcomputer.com/news/security/fertility-clinic-discloses-data-breach-exposing-patient-info/
  • UK Law Firm Gateley Discloses Data Breach https://www.securityweek.com/uk-law-firm-gateley-discloses-data-breach

• New Ransomware and "Incidents":

  • G7 Tells Russia to Crack Down on Ransomware, Other Cybercrime https://www.securityweek.com/g7-tells-russia-crack-down-ransomware-other-cybercrime
  • In Ransomware Battle, Bitcoin May Actually Be an Ally https://www.databreachtoday.com/blogs/in-ransomware-battle-bitcoin-may-actually-be-ally-p-3059
  • CISA Warns of Threat Posed by Ransomware to Industrial Systems https://www.securityweek.com/cisa-warns-threat-posed-ransomware-industrial-systems
  • REvil ransomware hits US nuclear weapons subcontractor https://www.bleepingcomputer.com/news/security/revil-ransomware-hits-us-nuclear-weapons-subcontractor/
  • Paradise Ransomware source code released on a hacking forum https://www.bleepingcomputer.com/news/security/paradise-ransomware-source-code-released-on-a-hacking-forum/
  • CAN-ON: Humber River Hospital hit by ransomware variant, prompt response prevented encryption and exfiltration https://www.databreaches.net/ca-humber-river-hospital-hit-by-ransomware-variant-prompt-response-prevented-encryption-and-exfiltration/
  • Fujifilm Reportedly Refused to Pay Ransom https://www.databreachtoday.com/fujifilm-reportedly-refused-to-pay-ransom-a-16871
  • MA: UMass Lowell closed due to cybersecurity incident https://www.databreaches.net/ma-umass-lowell-closed-due-to-cybersecurity-incident/
  • Major Australian banks hit by website outage https://www.bbc.co.uk/news/business-57508349
  • Reproductive Biology Associates and My Egg Bank notify 38,538 patients of ransomware incident https://www.databreaches.net/reproductive-biology-associates-and-my-egg-bank-notify-38538-patients-of-ransomware-incident/
  • Union Benefits Administrator Says Data Deleted in Hack https://www.databreachtoday.com/union-benefits-administrator-says-data-deleted-in-hack-a-16872

• Major outages/downs:

  • A Fire And Cyberattack Cause Major Blackouts Across Puerto Rico https://www.databreaches.net/a-fire-and-cyberattack-cause-major-blackouts-across-puerto-rico/

• Follow-ups and fall-out:

  • Avaddon Ransomware Operation Call It Quits, Releases Keys https://www.databreachtoday.com/blogs/avaddon-ransomware-operation-call-quits-releases-keys-p-3057
  • 5 billion records from previous data breaches leaked by cybersecurity company https://www.comparitech.com/blog/information-security/breach-database-leak/
  • Lessons Learned from 100 Data Breaches: Part 4, Trends in Average Volumes of Stolen Records https://www.imperva.com/blog/lessons-learned-from-100-data-breaches-part-4-trends-in-average-volumes-of-stolen-records/
  • Fotolog - 16,717,854 breached accounts https://haveibeenpwned.com/PwnedWebsites#Fotolog
  • University of California - 547,422 breached accounts https://haveibeenpwned.com/PwnedWebsites#UC
  • Volkswagen says a vendor's security lapse exposed 3.3 million drivers' details https://www.databreaches.net/volkswagen-says-a-vendors-security-lapse-exposed-3-3-million-drivers-details/
  • Audi, Volkswagen customer data being sold on a hacking forum https://www.bleepingcomputer.com/news/security/audi-volkswagen-customer-data-being-sold-on-a-hacking-forum/
  • Hacked Emails Give Unfiltered View Into the D.C. Police Gang Database https://theintercept.com/2021/06/18/dc-police-gang-database-hacked-emails/
  • Some patients are first finding out about Blackbaud ransomware incident now https://www.databreaches.net/some-patients-are-first-finding-out-about-blackbaud-ransomware-incident-now/
  • UK's Cake Box says customers informed about 2020 data breach https://www.databreaches.net/uks-cake-box-says-customers-informed-about-2020-data-breach/
  • First American Financial Pays Farcical $500K Fine https://krebsonsecurity.com/2021/06/first-american-financial-pays-farcical-500k-fine/

Privacy

Articles about privacy related news, risks, and trends.

• DuckDuckGo's Quest to Prove Online Privacy Is Possible https://www.wired.com/story/duckduckgo-quest-prove-online-privacy-possible
• VPNs and Trust https://www.schneier.com/blog/archives/2021/06/vpns-and-trust.html
• Best Practices and Techniques for Pseudonymization https://blog.isc2.org/isc2_blog/2021/06/best-practices-and-techniques-for-pseudonymization.html
• Is Your Phone Really Eavesdropping on You? Well, It Doesn't Have To https://www.sciencealert.com/are-our-phones-really-listening-to-us-turns-out-they-don-t-have-to
• Millions of Connected Cameras Open to Eavesdropping https://threatpost.com/millions-connected-cameras-eavesdropping/166950/
• Facial recognition software used to verify unemployment recipients reportedly doesn't work well https://www.theverge.com/2021/6/19/22541427/facial-recognition-software-verify-unemployment-benefits-id-me
• Live facial recognition technology creates 'supercharged CCTV' that could be used recklessly, Information Commission warns https://www.independent.co.uk/life-style/gadgets-and-tech/facial-recognition-cctv-live-information-commissioner-b1868521.html
• Security expert warns against using app to turn yourself into a cartoon character https://globalnews.ca/news/7947902/security-expert-voila-app-cartoon-character/
• Lisbon gave protesters' data to foreign embassies https://www.bbc.co.uk/news/world-europe-57530260
• TikTok Can Now Collect Biometric Data https://www.schneier.com/blog/archives/2021/06/tiktok-can-now-collect-biometric-data.html

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

• Canada:

  • My Appearance Before the Senate Committee on Transport and Communications: Why Copyright Reform Isn't the Answer to the Challenges Faced by the News Media Sector https://www.michaelgeist.ca/2021/06/senatetransportcommittee/
  • The Law Bytes Podcast, Episode 92: A Conversation with Senator Paula Simons on Copyright, the Internet and the Future of Media in Canada https://www.michaelgeist.ca/2021/06/law-bytes-podcast-episode-92/

• US:

  • Supreme Court Sends Web Scraping Case Back to Lower Court https://epic.org/2021/06/supreme-court-sends-web-scrapi.html
  • BREAKING: Sen. Gillibrand Introduces U.S. Data Protection Agency Bill https://epic.org/2021/06/breaking-sen-gillibrand-introd.html
  • Senator Markey Introduces Bill to Ban Face Surveillance https://epic.org/2021/06/senator-markey-introduces-bill.html
  • Changing Section 230 Won't Make the Internet a Kinder, Gentler Place https://www.eff.org/deeplinks/2021/06/changing-section-230-wont-make-internet-kinder-gentler-place
  • Will Ransomware Attacks Push Congress to Enact Regs? https://www.databreachtoday.com/will-ransomware-attacks-push-congress-to-enact-regs-a-16870
  • EPIC Releases Report on FTC's Unused Statutory Authorities https://epic.org/2021/06/epic-releases-report-on-ftcs-u.html
  • Google force installs Massachusetts COVID-19 MassNotify app on Android phones https://www.bleepingcomputer.com/news/security/google-force-installs-massachusetts-massnotify-app-on-android-phones/

• World:

  • We've been shown time and again that strong encryption puts crims behind bars, so why do politicos hate it? https://www.theregister.com/2021/06/14/kiloscrote_nab_strong_encryption/
  • Data Flow Deal Talks Fail Due to Lack of US Action on Privacy https://epic.org/2021/06/data-flow-deal-talks-fail-due-.html
  • Irish Police To Be Given Powers To Compel Passwords https://www.bbc.com/news/world-europe-57468750
  • Tim Cook: Sideloading is a disaster and proposed App Store reforms would harm user privacy and security https://www.theregister.com/2021/06/17/tim_cook_interview_sideloading/
  • Russia bans VyprVPN, Opera VPN services for not complying with blacklist request https://thehackernews.com/2021/06/russia-bans-vyprvpn-opera-vpn-services.html

• Standards News:

  • NIST/NCCoE has finalized NISTIR 8320A, Hardware-Enabled Security: Container Platform Security Prototype https://csrc.nist.gov/publications/detail/nistir/8320a/final
  • NIST/NCCoE has released a new draft report for comment open through August 2, NIST Interagency or Internal Report (NISTIR) 8335 , Identity as a Service for Public Safety Organizations https://csrc.nist.gov/publications/detail/nistir/8335/draft
  • NSA Cybersecurity Technical Report Deploying Secure Unified Communications/Voice and Video over IP Systems https://media.defense.gov/2021/Jun/17/2002744054/-1/-1/1/CTR_DEPLOYING%20SECURE%20VVOIP%20SYSTEMS.PDF and summary https://media.defense.gov/2021/Jun/17/2002744049/-1/-1/1/CSI_DEPLOYING%20SECURE%20VVOIP%20SYSTEMS.PDF

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

• Law Enforcement's Cybercrime Honeypot Maneuvers Keep Paying https://www.databreachtoday.com/blogs/law-enforcements-cybercrime-honeypot-maneuvers-keep-paying-p-3060
• Microsoft Disrupts Large-Scale BEC Campaign https://www.securityweek.com/microsoft-disrupts-large-scale-bec-campaign
• NATO Endorses Cybersecurity Defense Policy https://www.databreachtoday.com/nato-endorses-cybersecurity-defense-policy-a-16878
• A directory of sites supporting 2FA/MFA https://2fa.directory/
• A New Tool Wants to Save Open Source from Supply Chain Hacks https://www.wired.com/story/sigstore-open-source-supply-chain-code-signing
• Google Intros SLSA Framework to Enforce Supply Chain Integrity https://www.securityweek.com/google-intros-slsa-framework-enforce-supply-chain-integrity
• Google Releases Open Source Tools and Libraries for Fully Homomorphic Encryption https://www.securityweek.com/google-releases-open-source-tools-and-libraries-fully-homomorphic-encryption
• Google Workspace Now Offers Client-side Encryption For Drive and Docs https://thehackernews.com/2021/06/google-workspace-now-offers-client-side.html
• Introducing Script Watch: Detect Magecart style attacks, fast! https://scotthelme.co.uk/introducing-script-watch-detect-magecart-style-attacks-fast/
• SANS DFIR Summit 2021 - Top 10 Summit improvements you must know https://www.sans.org/blog/sans-dfir-summit-2021-top-10-summit-improvements-you-must-know
• CCSP: The Best Way to Achieve Cloud Security https://blog.isc2.org/isc2_blog/2021/06/ccsp-the-best-way-to-achieve-cloud-security.html
• How to Create a Post-Pandemic Data Security RFP https://www.securityweek.com/how-create-post-pandemic-data-security-rfp
• Get ready for the 2021 Google CTF https://security.googleblog.com/2021/06/get-ready-for-2021-google-ctf.html
• P2DPI: Practical and Privacy-Preserving Deep Packet Inspection, by Jongkil Kim and Seyit Camtepe and Joonsang Baek and Willy Susilo and Josef Pieprzyk and Surya Nepal https://eprint.iacr.org/2021/789
• Super-Secure Processor Thwarts Hackers by Turning a Computer Into a Puzzle https://www.sciencealert.com/morpheus-computer-processor-is-forever-changing-its-microarchitecture-to-thwart-hackers
• TimeCache aims to block side-channel cache attacks - without hurting performance https://www.theregister.com/2021/06/15/timecache_aims_to_block_sidechannel/
• Welcoming the Finnish Government to Have I Been Pwned https://www.troyhunt.com/welcoming-the-finnish-government-to-have-i-been-pwned/
• Paul van Oorschot's Book: Computer Security and the Internet - https://www.schneier.com/blog/archives/2021/06/paul-van-oorschots-computer-security-and-the-internet.html

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

• Google Confirms Sixth Zero-Day Chrome Attack in 2021 https://www.securityweek.com/google-confirms-sixth-zero-day-chrome-attack-2021
• Apple fixes ninth zero-day bug exploited in the wild this year https://www.bleepingcomputer.com/news/security/apple-fixes-ninth-zero-day-bug-exploited-in-the-wild-this-year/
• Apple Issues Urgent Patches for 2 Zero-Day Flaws Exploited in the Wild https://thehackernews.com/2021/06/apple-issues-urgent-patches-for-2-zero.html
• 50,000 security disasters waiting to happen: The problem of America's water supplies https://www.databreaches.net/50000-security-disasters-waiting-to-happen-the-problem-of-americas-water-supplies/
• Utilities 'Concerningly' at Risk from Active Exploits https://threatpost.com/utilities-risk-active-exploits/166908/
• Cisco Smart Switches Riddled with Severe Security Holes https://threatpost.com/cisco-smart-switches-security-holes/167031/
• Nasty Linux systemd Root Level Security Bug Revealed And Patched https://packetstormsecurity.com/news/view/32382/Nasty-Linux-systemd-Root-Level-Security-Bug-Revealed-And-Patched.html
• Instagram Bug Allowed Anyone to View Private Accounts Without Following Them https://thehackernews.com/2021/06/instagram-bug-allowed-anyone-to-view.html
• CISA: Defibrillator Dashboard Security Flaws Pose Risk https://www.databreachtoday.com/cisa-defibrillator-dashboard-security-flaws-pose-risk-a-16879
• Peloton Vulnerability Found and Fixed https://www.schneier.com/blog/archives/2021/06/peloton-vulnerability-found-and-fixed.html
• We've found another reason not to use Microsoft's Paint 3D - researchers https://www.theregister.com/2021/06/16/3d_paint_vuln/
• Euros-Driven Football Fever Nets Dumb Passwords https://threatpost.com/euros-football-fever-dumb-passwords/166974/
• Poltergeist attack could leave autonomous vehicles blind to obstacles - or haunt them with new ones https://www.theregister.com/2021/06/18/poltergeist_autonomous_vehicles/
• Linear Cryptanalysis of FF3-1 and FEA, by Tim Beyne https://eprint.iacr.org/2021/815
• Intentional Flaw in GPRS Encryption Algorithm GEA-1 https://www.schneier.com/blog/archives/2021/06/intentional-flaw-in-gprs-encryption-algorithm-gea-1.html
• GPRS-era (2G) mobile data encryption algorithm GEA/1 was 'weak by design', still lingers in today's phones https://www.theregister.com/2021/06/17/gprs_encryption_backdoor/
• Cryptanalysis of the GPRS Encryption Algorithms GEA-1 and GEA-2, by Christof Beierle and Patrick Derbez and Gregor Leander and Gaëtan Leurent and Håvard Raddum and Yann Rotella and David Rupprecht and Lukas Stennes https://eprint.iacr.org/2021/819
• Lattice Attacks on NTRU and LWE: A History of Refinements, by Martin Albrecht and Léo Ducas https://eprint.iacr.org/2021/799
• OpenSSLNTRU: Faster post-quantum TLS key exchange, by Daniel J. Bernstein and Billy Bob Brumley and Ming-Shing Chen and Nicola Tuveri https://eprint.iacr.org/2021/826

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

• Trends, Alerts, and Events (other than major breaches):

  • Cl0p affiliated hackers exposed in Ukraine, $500 million in damages estimated https://www.databreaches.net/cl0p-affiliated-hackers-exposed-in-ukraine-500-million-in-damages-estimated/
  • Newly discovered Vigilante malware outs software pirates and blocks you from visiting them https://arstechnica.com/gadgets/2021/06/newly-discovered-vigilante-malware-outs-software-pirates-and-blocks-them/ and https://www.zdnet.com/article/this-strange-malware-stops-you-from-visiting-pirate-websites
  • Malicious PDFs Flood the Web, Lead to Password-Snarfing https://threatpost.com/rotten-pdfs-flood-web-password-snarfing/166932/
  • Microsoft: SEO poisoning used to backdoor targets with malware https://www.bleepingcomputer.com/news/security/microsoft-seo-poisoning-used-to-backdoor-targets-with-malware/
  • Researchers Uncover 'Process Ghosting' - A New Malware Evasion Technique https://thehackernews.com/2021/06/researchers-uncover-process-ghosting.html
  • Threat Actors Use Google Docs to Host Phishing Attacks https://threatpost.com/google-docs-host-attack/166998/
  • Scammers mail fake Ledger devices to steal your cryptocurrency https://www.bleepingcomputer.com/news/cryptocurrency/scammers-mail-fake-ledger-devices-to-steal-your-cryptocurrency/
  • South Korea's Nuclear Research agency breached using VPN flaw https://www.bleepingcomputer.com/news/security/south-koreas-nuclear-research-agency-breached-using-vpn-flaw/
  • A deep dive into the operations of the LockBit ransomware group https://www.zdnet.com/article/a-deep-dive-into-the-operations-of-the-lockbit-ransomware-group
  • Talos Takes Ep. #57: A ransomware-as-a-service explainer https://blog.talosintelligence.com/2021/06/talos-takes-ep-57-ransomware-as-service.html
  • How Does One Get Hired by a Top Cybercrime Gang? https://krebsonsecurity.com/2021/06/how-does-one-get-hired-by-a-top-cybercrime-gang/

• Nation State Actors:

  • China-Connected APT41 Likely Behind Airlines Attacks https://www.databreachtoday.com/china-connected-apt41-likely-behind-airlines-attacks-a-16873
  • Norway says Chinese group APT31 is behind catastrophic 2018 government hack https://www.databreaches.net/norway-says-chinese-group-apt31-is-behind-catastrophic-2018-government-hack/
  • NoxPlayer Supply-Chain Attack is Likely the Work of Gelsemium Hackers https://thehackernews.com/2021/06/noxplayer-supply-chain-attack-is-likely.html
  • Poland blames Russia for breach, theft of Polish officials' emails https://www.bleepingcomputer.com/news/security/poland-blames-russia-for-breach-theft-of-polish-officials-emails/

• Crime & Arrests, etc.:

  • Cuffed: Ukraine police collar six Clop ransomware gang suspects in joint raids with South Korean cops https://www.theregister.com/2021/06/16/clop_ransomware_gang_arrests_ukraine/
  • Ukraine arrests Clop ransomware gang members, seizes servers https://www.bleepingcomputer.com/news/security/ukraine-arrests-clop-ransomware-gang-members-seizes-servers/
  • Ukraine arrests ransomware gang in global cybercriminal crackdown https://arstechnica.com/information-technology/2021/06/ukraine-arrests-ransomware-gang-in-global-cybercriminal-crackdown/
  • Russian Accused of Helping Kelihos Malware Evade Detection Convicted in U.S. https://www.securityweek.com/russian-accused-helping-kelihos-malware-evade-detection-convicted-us
  • Santa Cruz 'homeless hacker' known as "Commander X" extradited from Mexico on decade-old case https://www.databreaches.net/santa-cruz-homeless-hacker-known-as-commander-x-extradited-from-mexico-on-decade-old-case/
  • Woman Arrested In 2019 Case of Fraud Involving Data Breach of Florida DCF https://www.databreaches.net/woman-arrested-in-2019-case-of-fraud-involving-data-breach-of-florida-dcf/
  • CAN-ON: London attack suspect charged with terrorism https://globalnews.ca/news/7942926/london-attack-suspect-terrorism/
  • Thieves In Brazil Steal iPhones Just To Access Banking Info https://www.pymnts.com/news/security-and-risk/2021/thieves-brazil-steal-iphones-just-to-access-banking-info/

Other Security / Risk

Articles covering other types of risks.

• Plans for undersea communications cables are at a stalemate after the US warned of China's involvement, report says https://www.businessinsider.com/undersea-cable-project-sinks-after-us-warns-china-reuters-2021-6
• The AN0M fake secure chat app may have been too clever for its own good https://www.theregister.com/2021/06/14/an0m_and_yamamoto/
• Buyers of Amazon Devices Are Guinea Pigs. That's a Problem. https://www.nytimes.com/2021/06/16/technology/personaltech/buyers-of-amazon-devices-are-guinea-pigs-thats-a-problem.html
• Did your risk assessment include what's in your employees' email accounts? https://www.databreaches.net/did-your-risk-assessment-include-whats-in-your-employees-email-accounts/
• Pandemic prompts digital 'boom' in account creation - as well as password fatigue https://www.zdnet.com/article/pandemic-prompts-digital-boom-in-account-creation-as-well-as-password-fatigue
• New website tracks which colleges will use eproctoring software this fall https://www.theverge.com/2021/6/16/22535439/ban-eproctoring-fight-for-the-future-colleges-online-tests
• Mobile Voting -- Still Too Risky?, by Sven Heiberg and Kristjan Krips and Jan Willemson https://eprint.iacr.org/2021/787
• Infographic: How Do You Stop Bad Bots? https://www.imperva.com/blog/infographic-how-do-you-stop-bad-bots/
• Microsoft to end Windows 10 support on October 14th, 2025 https://www.theverge.com/2021/6/14/22533018/microsoft-windows-10-end-support-date
• Windows 10's optional update feature is broken - Here's why https://www.bleepingcomputer.com/news/microsoft/windows-10-s-optional-update-feature-is-broken-here-s-why/
• AI technique - Vortex, the key to information processing capability: Virtual physical reservoir computing https://scienmag.com/vortex-the-key-to-information-processing-capability-virtual-physical-reservoir-computing/
• Mainframes and ransomware https://www.krisecurity.com/what-ransomware-did-for-mainframe-security/
• US Navy uses 40,000lb explosive to test warship in 'Full Ship Shock Trial' https://www.bbc.co.uk/news/world-us-canada-57547885

• Health, Safety & Environment:

  • Only a quarter of the 59 labs that handle the world's deadliest pathogens have top-level biosecurity, experts warn. They fear lax rules could lead to another pandemic. https://www.businessinsider.com/experts-fear-lax-rules-bsl-4-labs-could-lead-pandemic-2021-6
  • Why Scientists Tweak Lab Viruses to Make Them More Contagious https://www.scientificamerican.com/article/why-scientists-tweak-lab-viruses-to-make-them-more-contagious1/
  • Toxins linked to cancer widely used in long-lasting makeup, study warns https://globalnews.ca/news/7950486/makeup-toxins-forever-chemicals/
  • Over 1 Million People Died in 2017 From Fossil Fuels Being Burned, Study Finds https://www.sciencealert.com/over-1-million-people-died-in-2017-from-fossil-fuels-being-burned
  • P-glycoprotein removes Alzheimer's-associated toxin from the brain https://scienmag.com/p-glycoprotein-removes-alzheimers-associated-toxin-from-the-brain/
  • mRNA vaccine yields full protection against malaria in mice https://scienmag.com/mrna-vaccine-yields-full-protection-against-malaria-in-mice/
  • Now proven against coronavirus, mRNA can do so much more https://www.cnn.com/2021/06/01/health/mrna-vaccines-covid-future/index.html
  • Texas power companies automatically raised the temperature of customers' smart thermostats in the middle of a heatwave https://www.businessinsider.com/texas-energy-companies-remotely-raised-smart-thermostats-temperatures-2021-6
  • Thirty Tesla crashes linked to assisted driving system under investigation in US https://www.theguardian.com/technology/2021/jun/18/thirty-tesla-crashes-linked-to-assisted-driving-system-under-investigation-in-us
  • Extremism Has Spread Into the Mainstream https://www.theatlantic.com/ideas/archive/2021/06/us-fighting-extremism-all-wrong/619203/
  • FBI reportedly warns US lawmakers that QAnon supporters may get more violent https://www.businessinsider.com/fbi-warns-lawmakers-qanon-violence-report-2021-6
  • NASA has Approved a Space Telescope That Will Scan the Skies for Dangerous Near-Earth Asteroids https://www.universetoday.com/151539/nasa-has-approved-a-space-telescope-that-will-scan-the-skies-for-dangerous-near-earth-asteroids/
  • A new material made from carbon nanotubes can generate electricity by scavenging energy from its environment https://phys.org/news/2021-06-material-carbon-nanotubes-electricity-scavenging.html
  • Scientists warn G7 that cost of breaching 1.5C will far exceed cost of achieving it https://scienmag.com/scientists-warn-g7-that-cost-of-breaching-1-5c-will-far-exceed-cost-of-achieving-it/
  • Sable Island undergoing dramatic coastline retreat https://www.cbc.ca/news/canada/nova-scotia/sable-island-undergoing-dramatic-coastline-retreat-1.6067018
  • Toronto dealing with 'unprecedented' number of gypsy moth caterpillars this year https://toronto.ctvnews.ca/toronto-dealing-with-unprecedented-number-of-gypsy-moth-caterpillars-this-year-1.5476404

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

• The spread, curves, spikes, waves, reinfection, and variant strains:

  • Graph shows how US COVID-19 spikes track strongly with the places where people are refusing vaccinations https://www.businessinsider.com/us-coronavirus-spikes-where-people-refusing-vaccines-wapo-graph-2021-6
  • Covid on Everest https://www.cbc.ca/news/world/everest-covid-19-outbreak-1.6037459
  • Brazil hits 500,000 deaths at critical moment https://www.bbc.co.uk/news/world-latin-america-57541794
  • Covid: US death toll passes 600,000 as vaccination rate slows https://www.bbc.co.uk/news/world-us-canada-57473436
  • Ontario reports 296 new COVID-19 cases, lowest daily count in 9 months https://globalnews.ca/news/7950629/covid-19-cases-june-15-coronavirus/
  • Toronto hospital ICU marks having no active COVID-19 patients for first time in nearly 15 months https://globalnews.ca/news/7957104/covid-toronto-general-hospital-icu/
  • How did Waterloo Region become one of Ontario's major COVID-19 hot spots? https://globalnews.ca/news/7959199/waterloo-region-covid-19-hot-spot/
  • Expect the Unexpected From the Delta Variant https://www.theatlantic.com/health/archive/2021/06/expect-unexpected-delta-variant/619245/
  • Everything We Know So Far About The COVID-19 Delta Variant https://www.sciencealert.com/everything-we-know-so-far-about-the-covid-19-delta-variant

• Guidance, Response, and Recovery:

  • Expert urges Canada to 'follow the science' on COVID-19 vaccine passports https://globalnews.ca/news/7964482/vaccine-passport-problems/
  • California launches digital vaccine verification system but says it will not be mandatory https://www.businessinsider.com/california-launches-digital-vaccine-cards-but-program-isnt-mandatory-2021-6
  • Ontario announces it will reopen provincial borders on June 16 https://toronto.ctvnews.ca/ontario-announces-it-will-reopen-provincial-borders-on-june-16-1.5469525
  • Canada-U.S. border closure extended again, until July 21 https://globalnews.ca/news/7961418/covid-canada-us-border-closed-july-21/
  • Some U.S. airlines are mandating COVID-19 vaccinations for hires. Should Canada follow? https://globalnews.ca/news/7945953/us-airlines-employee-vaccinations/
  • Canada's Wonderland to reopen July 7 with health and safety protocols in place https://toronto.ctvnews.ca/canada-s-wonderland-to-reopen-july-7-with-health-and-safety-protocols-in-place-1.5469477

• Treatments, Testing, Triage, Trials, and things we Learned:

  • Regeneron's COVID-19 drug cuts risk of death for hospitalized patients, study shows https://globalnews.ca/news/7954426/regeneron-covid-treatment-study-hospitalizations/

• Immunity and Vaccinations:

  • Vaccines effective at preventing hospitalization from Delta variant, studies suggest https://www.ctvnews.ca/health/coronavirus/vaccines-effective-at-preventing-hospitalization-from-delta-variant-studies-suggest-1.5470525
  • Vaccination, previous infection, protect against gamma variant in animal model https://scienmag.com/vaccination-previous-infection-protect-against-gamma-variant-in-animal-model/
  • Canada tops world in vaccinated population as new COVID-19 cases fall below 1,000 https://globalnews.ca/news/7949797/canada-covid-cases-june-14-2021/
  • Canada hits COVID-19 vaccine milestone as 75% receive one dose, 20% fully vaccinated https://globalnews.ca/news/7954768/canada-vaccine-target-covid/
  • Canada set to receive 9.5M COVID-19 vaccine doses this week due to Moderna influx https://globalnews.ca/news/7947265/covid-vaccines-canada-moderna-delivery/
  • 25% of Toronto adults are fully vaccinated against COVID-19; 75% received first dose https://toronto.ctvnews.ca/25-of-toronto-adults-are-fully-vaccinated-against-covid-19-75-received-first-dose-1.5477548
  • Covid: China administers a billion vaccine doses https://www.bbc.co.uk/news/world-asia-china-57543842
  • mRNA vaccine now preferred as second dose following AstraZeneca shot: NACI https://www.ctvnews.ca/health/coronavirus/mrna-vaccine-now-preferred-as-second-dose-following-astrazeneca-shot-naci-1.5475020
  • NACI advice to mix vaccines gets varied reaction from AstraZeneca double-dosers https://www.ctvnews.ca/health/coronavirus/naci-advice-to-mix-vaccines-gets-varied-reaction-from-astrazeneca-double-dosers-1.5475787
  • Novavax says its coronavirus shot is 90% effective https://www.businessinsider.com/novavax-covid-19-vaccine-us-clinical-trial-results-2021-4
  • If you're having trouble keeping the types of vaccines straight, there are 4 groups https://www.healthcareitnews.com/news/emea/four-types-covid-19-vaccine-snapshot
  • Ontario residents say initial vaccine appointments tough to cancel once earlier dose booked https://globalnews.ca/news/7961120/ontario-vaccine-appointments-tough-cancel-covid/
  • COVAX Effort to Vaccinate the World Is Faltering https://www.scientificamerican.com/article/covax-effort-to-vaccinate-the-world-is-faltering/
  • The US is scrambling to send promised vaccines abroad after the same production plant that ruined millions of J&J vaccines also taints AstraZeneca shots https://www.businessinsider.com/production-plant-ruined-millions-vaccine-doses-delaying-us-global-aid-2021-6

• Things we learned:

  • COVID-19 survivors may suffer from a loss of gray matter and other brain tissue over time, a long-term study suggests https://www.businessinsider.com/covid-19-survivors-gray-matter-brain-tissue-long-term-study-2021-6
  • We Just Got More Evidence COVID-19 May Have Spread in The US in December 2019 https://www.sciencealert.com/mounting-evidence-suggests-covid-19-was-spreading-in-the-us-by-december-2019

• More of the good, the bad, and the ugly:

  • A grocery store cashier in Atlanta was shot dead after a face mask dispute with a customer https://www.businessinsider.com/store-mask-rules-mandate-cashier-shot-dead-argument-customer-2021-6
  • Anti-vaccine groups used Telegram to send 'apparent death threats' to BBC journalists, report says https://www.businessinsider.com/bbc-news-telegram-threats-anti-vaccine-messaging-apps-social-media-2021-6
  • How conspiracy theorists are using a CDC database to spread misinformation and fear https://globalnews.ca/news/7957771/covid-19-vaccine-misinformation/

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

• Major Scientific Leap: Quantum Microscope Created That Can See the Impossible https://scitechdaily.com/major-scientific-leap-quantum-microscope-created-that-can-see-the-impossible/
• Meringue-like material could make aircraft as quiet as a hairdryer https://scienmag.com/meringue-like-material-could-make-aircraft-as-quiet-as-a-hairdryer/
• Sir Tim Berners-Lee is selling the first web browser's code as an NFT https://www.theverge.com/2021/6/15/22535479/tim-berners-lee-nft-worldwideweb-source-code-auction
• Loose llama causes brief partial closure of Highway 400 southbound lanes near King City https://globalnews.ca/news/7957258/highway-400-llama-opp-traffic/
• Bizarre Deep-Sea Creature Bristling With Teeth Is 'Totally Unique', Scientist Says https://www.sciencealert.com/bizarre-deep-sea-creature-bristling-with-teeth-is-totally-unique-scientist-says
• Elon Musk's Starlink space internet goes into 'thermal shutdown' in hot weather https://www.independent.co.uk/life-style/gadgets-and-tech/elon-musk-starlink-space-internet-thermal-shutdown-b1868479.html
• Nasa attempting to restart Hubble Space Telescope after it was forced into 'safe mode' by computer error https://www.independent.co.uk/life-style/gadgets-and-tech/nasa-hubble-space-telescope-restart-computer-error-safe-mode-b1868412.html
• The Lunar Lantern Could be a Beacon for Humanity on the Moon https://www.universetoday.com/151459/the-lunar-lantern-could-be-a-beacon-for-humanity-on-the-moon/
• Earth tipped over on its side 84 million years ago and then righted itself, new study finds https://www.businessinsider.com/earth-tipped-over-84-million-years-ago-study-2021-6
• The Earth has a pulse - a 27.5-million-year cycle of geological activity https://scienmag.com/the-earth-has-a-pulse-a-27-5-million-year-cycle-of-geological-activity/
• Bizarre particle discovered morphing between matter and antimatter raises mystery about the Big Bang https://www.independent.co.uk/life-style/gadgets-and-tech/scientists-particle-matter-antimatter-subatomic-quark-b1865430.html
• The Mystery of Betelgeuse's Great Dimming Has Officially Been Solved! https://www.sciencealert.com/the-mystery-of-betegeuse-s-great-dimming-has-been-solved
• How long would it take for an alien civilization to populate an entire galaxy? https://www.syfy.com/syfywire/how-long-would-it-take-for-an-alien-civilization-to-populate-an-entire-galaxy
• The Largest Rotating Objects in the Universe: Galactic Filaments Hundreds of Millions of Light-Years Long https://www.universetoday.com/151553/the-largest-rotating-objects-in-the-universe-galactic-filaments-hundreds-of-millions-of-light-years-long/