Welcome to This Week’s [in]Security. Card Production, Data Removal, Digesting PCI, Issuers. Fingerprint cards. New breaches: Saudi Aramco, Mexican voters, S3 service provider bucket, Denials and False breaches. New Ransomware: trains, suppliers, Major outages: Akamai. Follow-ups & Fall-out: Named and Shamed, Insurance restrictions, Audi, Kaseya, Privacy: Data brokers. Laws & Regs: Right to be Forgotten. Pipelines, Right-to-repair, Web-scraping. India's platforms, EU Crypto. Cybersecurity Career Awareness, AES Review, Lightweight Crypto Final, NIST. Defense: Backups, browsers, trackers, Tools, Russia's Firewall. Vulnerabilities: Print Drivers, SeriousSAM/HiveNightmare, PetitPotam, Linux "Sequoia", Telegram. Cybercrime: Pegasus Spyware, Trends: NPM Password Thief, MosaicLoader, Discord, Nation States: China, Crime. Homoglyphs, DNA, Swatter, Twitter, flattened-miners, ID Theft Scumbags. Other Risks: AI, Disinformation for Hire, Cloud ICS, Expired Domains, MLB Sign stealing. Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants; Response; Treatments; Immunity; Covid Ugly; Covid Compliance. And more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

• Request for Comments: PCI Card Production and Provisioning v3 Draft Standard https://blog.pcisecuritystandards.org/request-for-comments-pci-card-production-and-provisioning-v3-draft-standard
• Back-to-Basics: Reduce Where Payment Data Can Be Found https://blog.pcisecuritystandards.org/back-to-basics-reduce-where-payment-data-can-be-found
• 6 Ways to Deal with the Magnitude of PCI DSS https://controlgap.com/blog/6-Ways-to-Deal-with-the-Magnitude-of-PCI-DSS
• Why do some Issuers believe they don’t need to be PCI DSS compliant? https://controlgap.com/blog/Why-Issuers-believe-they-dont-need-to-be-PCI-DSS-compliant
• Cloud Security Principles for Compliance https://www.datex.ca/blog/cloud-security-principles-for-compliance
• Thales launches payment card with onboard fingerprint scanner (interesting article with both claims and skepticism) https://www.theregister.com/2021/07/22/thales_fingerprint_payment/

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

• New Breaches:

  • Saudi Aramco data breach sees 1 TB stolen data for sale https://www.bleepingcomputer.com/news/security/saudi-aramco-data-breach-sees-1-tb-stolen-data-for-sale/
  • Hackers reportedly demand $50m from Saudi Aramco over data leak https://www.bbc.co.uk/news/business-57924355
  • How many leaks have there been of Mexico's voter database? https://www.databreaches.net/how-many-leaks-have-there-been-of-mexicos-voter-database/
  • Guntrader - 112,031 breached accounts https://haveibeenpwned.com/PwnedWebsites#Guntrader
  • Italian hosting firm Aruba.it defends data breach notification delay https://www.databreaches.net/italian-hosting-firm-aruba-it-defends-data-breach-notification-delay/
  • Over 80 US Municipalities' Sensitive Information, Including Resident's Personal Data, Left Vulnerable in Massive Data Breach https://www.databreaches.net/over-80-us-municipalities-sensitive-information-including-residents-personal-data-left-vulnerable-in-massive-data-breach/
  • Talbert House investigating hack and theft of employee and client data https://www.databreaches.net/talbert-house-investigating-hack-and-theft-of-employee-and-client-data/
  • Short Édition - 505,466 breached accounts
  • Leak of 50,000 Contact Details Tied to Spyware Targeting https://www.databreachtoday.com/leak-50000-contact-details-tied-to-spyware-targeting-a-17097
  • Kenya: Our database has never been hacked, says IEBC https://www.databreaches.net/ke-our-database-has-never-been-hacked-says-iebc/
  • Clubhouse denies data breach and researchers back them up https://www.databreaches.net/clubhouse-denies-data-breach/

• New Ransomware and "Incidents":

  • Northern Train's ticketing system out to lunch as ransomware attack shuts down servers https://www.theregister.com/2021/07/20/northern_trains_ticketing_system/
  • Ransomware Attack Hits UK Northern Railway Ticketing Terminals https://www.pymnts.com/news/security-and-risk/2021/ransomware-attack-hits-uk-northern-railway-ticketing-terminals/
  • Il: Ransomware attack on Israeli IT company impacts more than 100 customers, including hospitals https://www.databreaches.net/il-ransomware-attack-on-israeli-it-company-impacts-more-than-100-customers-including-hospitals/

• Major outages/downs:

  • Akamai Software Update Triggers Internet Outages https://www.securityweek.com/akamai-software-update-triggers-internet-outages

• Follow-ups and fall-out:

  • 740 Ransomware Victims Named On Data Leak Sites In Q2 2021 https://packetstormsecurity.com/news/view/32493/740-Ransomware-Victims-Named-On-Data-Leak-Sites-In-Q2-2021.html
  • Insurers Tighten Coverage For Cyberattacks https://www.pymnts.com/news/security-and-risk/2021/insurers-tighten-coverage-for-cyberattacks/
  • Audi - 2,743,539 breached accounts https://haveibeenpwned.com/PwnedWebsites#Audi
  • Kaseya obtains universal decryptor for REvil ransomware victims https://www.databreaches.net/kaseya-obtains-universal-decryptor-for-revil-ransomware-victims/
  • What's Next for REvil's Victims? https://threatpost.com/whats-next-revil-victims/167926/
  • Case Study: A REvil Ransom Negotiation https://www.databreachtoday.com/case-study-revil-ransom-negotiation-a-17106
  • CNA Financial - Ransomware gang breached network via fake browser update https://www.bleepingcomputer.com/news/security/ransomware-gang-breached-cna-s-network-via-fake-browser-update/

Privacy

Articles about privacy related news, risks, and trends.

• Data Brokers are the Problem https://www.eff.org/deeplinks/2021/07/data-brokers-are-problem

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

• Canada:

  • The Law Bytes Podcast, Episode 95: Mark Phillips on the Federal Court of Canada's Right to be Forgotten Ruling https://www.michaelgeist.ca/2021/07/law-bytes-podcast-episode-95/

• US:

  • TSA Issues Cybersecurity Requirements for Pipelines https://www.databreachtoday.com/tsa-issues-cybersecurity-requirements-for-pipelines-a-17110
  • FTC pledges to fight unlawful right to repair restrictions https://www.theverge.com/2021/7/21/22587331/right-to-repair-apple-iphone-ftc-lina-khan-open-meeting
  • iFixit CEO names and shames tech giants for right to repair obstruction https://www.zdnet.com/article/ifixit-ceo-names-and-shames-tech-giants-for-right-to-repair-obstruction/
  • Senators target Section 230 to fight COVID-19 vaccine misinformation https://www.theverge.com/2021/7/22/22588903/covid19-misinformation-section-230-facebook-joe-biden-white-house
  • EFF to Ninth Circuit: Recent Supreme Court Decision in Van Buren Does Not Criminalize Web Scraping https://www.eff.org/deeplinks/2021/07/eff-ninth-circuit-recent-supreme-court-decision-van-buren-does-not-criminalize-web

• World:

  • India's Draconian Rules for Internet Platforms Threaten User Privacy and Undermine Encryption https://www.eff.org/deeplinks/2021/07/indias-draconian-rules-internet-platforms-threaten-user-privacy-and-undermine
  • EU's new crypto law will ban anonymous wallets and force senders to hand over names and addresses https://www.independent.co.uk/life-style/gadgets-and-tech/eu-crypto-law-bitcoin-wallet-b1888012.html

• Standards News:

  • 2021 Cybersecurity Career Awareness Week call for community commitments (actions to promote awareness, cybersecurity careers, hosted events, etc.) October 18-23 https://nist.gov/nice/ccaw
  • As AES turns 20, NIST Publishes NISTIR 8319 Cryptographic Review of the Advanced Encryption Standard (AES) https://csrc.nist.gov/publications/detail/nistir/8319/final and https://csrc.nist.gov/projects/crypto-publication-review-project
  • NIST Announces 10 Lightweight Cryptography Finalists https://csrc.nist.gov/news/2021/lightweight-crypto-finalists-announced
  • NIST Lightweight Cryptography Standardization Process: NISTIR 8369 Round 2 Status Report https://csrc.nist.gov/publications/detail/nistir/8369/final
  • NIST Publishes SP 800-47 Rev. 1 Managing the Security of Information Exchanges https://csrc.nist.gov/publications/detail/sp/800-47/rev-1/final
  • NISTIR 8270 Draft, Introduction to Cybersecurity for Commercial Satellite Operations Comment Period Extended to October 13 https://csrc.nist.gov/publications/detail/nistir/8270/draft

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

• Don't Wanna Pay Ransom Gangs? Test Your Backups. https://krebsonsecurity.com/2021/07/dont-wanna-pay-ransom-gangs-test-your-backups/
• Chrome 92 Brings Several Privacy, Security Improvements https://www.securityweek.com/chrome-92-brings-several-privacy-security-improvements
• DuckDuckGo launches new Email Protection service to remove trackers https://www.theverge.com/2021/7/20/22576352/duckduckgo-email-protection-privacy-trackers-apple-alternative
• Stopping FTP support in Firefox 90 https://blog.mozilla.org/security/2021/07/20/stopping-ftp-support-in-firefox-90/
• Protecting more with Site Isolation https://security.googleblog.com/2021/07/protecting-more-with-site-isolation.html
• A New Security Paradigm: External Attack Surface Management https://threatpost.com/external-attack-surface-management/167732/
• Tool to detect program capabilities - capa 2.0 : http://www.fireeye.com/blog/threat-research/2021/07/capa-2-better-stronger-faster.html
• Russia disconnected itself from the rest of the internet, a test of its new defense from cyber warfare, report says https://www.businessinsider.com/russia-cuts-self-off-from-global-internet-tests-defenses-rbc-2021-7
• State-free End-to-End Encrypted Storage and Chat Systems based on Searchable Encryption, by Keita Emura and Ryoma Ito and Sachiko Kanamori and Ryo Nojima and Yohei Watanabe https://eprint.iacr.org/2021/953

• Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

• Microsoft shares permissions fix for new Windows 10 zero-day https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-permissions-fix-for-new-windows-10-zero-day/
• Spyware Exposé Highlights Suspected Apple Zero-Day Flaws https://www.databreachtoday.com/spyware-expose-highlights-suspected-apple-zero-day-flaws-a-17096
• MITRE updates list of top 25 most dangerous software bugs https://www.bleepingcomputer.com/news/security/mitre-updates-list-of-top-25-most-dangerous-software-bugs/
• Five Critical Password Security Rules Your Employees Are Ignoring - Survey by Keeper https://thehackernews.com/2021/07/five-critical-password-security-rules.html
• Nasty Windows Printer Driver Vulnerability https://www.schneier.com/blog/archives/2021/07/nasty-printer-driver-vulnerability.html
• HP patches vulnerable driver lurking in printers for 16 years https://www.zdnet.com/article/hp-patches-vulnerable-printer-driver-impacting-millions-of-devices
• Microsoft Issues Windows 10 Workaround Fix for ‘SeriousSAM' Bug https://threatpost.com/win-10-serioussam/168034/
• New Windows 10 vulnerability allows anyone to get admin privileges https://www.bleepingcomputer.com/news/microsoft/new-windows-10-vulnerability-allows-anyone-to-get-admin-privileges/
• New non-print spooler NTLM attack PetitPotam allows take over of Windows domains https://www.bleepingcomputer.com/news/microsoft/new-petitpotam-attack-allows-take-over-of-windows-domains/
• New Linux kernel bug lets you get root on most modern distros https://www.bleepingcomputer.com/news/security/new-linux-kernel-bug-lets-you-get-root-on-most-modern-distros/
• Turns Out That Low-Risk iOS Wi-Fi Naming Bug Can Hack iPhones Remotely https://thehackernews.com/2021/07/turns-out-that-low-risk-ios-wi-fi.html
• Atlassian asks customers to patch critical Jira vulnerability https://www.bleepingcomputer.com/news/security/atlassian-asks-customers-to-patch-critical-jira-vulnerability/
• Oracle July 2021 Critical Patch Update Addresses 231 CVEs https://www.tenable.com/blog/oracle-july-2021-critical-patch-update-addresses-231-cves
• Fortinet fixes bug letting unauthenticated hackers run code as root https://www.bleepingcomputer.com/news/security/fortinet-fixes-bug-letting-unauthenticated-hackers-run-code-as-root/
• One in 16 home wi-fi routers tested vulnerable to default password attacks: report https://www.comparitech.com/blog/information-security/default-password-routers-study/
• Researchers Found Flaws in Telegram's Cryptographic Protocol https://www.databreachtoday.com/researchers-found-flaws-in-telegrams-cryptographic-protocol-a-17108

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

• The NSO Group's Pegasus Spyware for hire comes under the spotlight after a breach revealing their targets:

  • “Clickless” exploits from Israeli firm hacked activists' fully updated iPhones https://arstechnica.com/gadgets/2021/07/clickless-exploits-from-israeli-firm-hacked-activists-fully-updated-iphones/
  • NSO Group Hacked https://www.schneier.com/blog/archives/2021/07/nso-group-hacked.html
  • Leaked NSO Group Data Hints at Widespread Pegasus Spyware Infections https://threatpost.com/nso-group-data-pegasus/167897/
  • NSO Group's Pegasus spyware used against journalists, political activists worldwide https://www.zdnet.com/article/nso-groups-pegasus-spyware-used-against-journalists-political-activists-worldwide-report
  • Pegasus: French President Macron identified as spyware target https://www.bbc.co.uk/news/world-europe-57907258
  • An explosive spyware report shows limits of iOS, Android security https://arstechnica.com/information-technology/2021/07/an-explosive-spyware-report-shows-limits-of-ios-android-security/
  • Al Jazeera: How Vulnerable are We to Spying Technology? https://citizenlab.ca/2021/07/al-jazeera-how-vulnerable-are-we-to-spying-technology/
  • Amazon Web Services bans accounts linked with Pegasus spyware https://www.theverge.com/2021/7/19/22583523/amazon-web-services-bans-nso-group-pegasus-spyware-infrastructure
  • Here's how to check your phone for Pegasus spyware using Amnesty's tool https://www.theverge.com/2021/7/21/22587234/amnesty-international-nso-pegasus-spyware-detection-tool-ios-android-guide-windows-mac
  • Pegasus Project Shows the Need for Real Device Security, Accountability, and Redress for Those Facing State-Sponsored Malware https://www.eff.org/deeplinks/2021/07/nso-group-leak-shows-need-real-device-security-accountability-and-redress-those
  • What needs to be done to disrupt the NSO groups of the world -a case against security nihilism https://blog.cryptographyengineering.com/2021/07/20/a-case-against-security-nihilism/

• Trends, Alerts, and Events (other than major breaches):

  • CISA warns of stealthy malware found on hacked Pulse Secure devices https://www.bleepingcomputer.com/news/security/cisa-warns-of-stealthy-malware-found-on-hacked-pulse-secure-devices/
  • Fake Windows 11 installers now used to infect you with malware https://www.bleepingcomputer.com/news/security/fake-windows-11-installers-now-used-to-infect-you-with-malware/
  • This New Malware Hides Itself Among Windows Defender Exclusions to Evade Detection https://thehackernews.com/2021/07/this-new-malware-hides-itself-among.html
  • NPM package steals Chrome passwords on Windows via recovery tool https://www.bleepingcomputer.com/news/security/npm-package-steals-chrome-passwords-on-windows-via-recovery-tool/
  • FBI: Threat actors may be targeting the 2020 Tokyo Summer Olympics https://www.bleepingcomputer.com/news/security/fbi-threat-actors-may-be-targeting-the-2020-tokyo-summer-olympics/
  • Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows https://threatpost.com/kubernetes-cyberattacks-argo-workflows/167997/
  • MosaicLoader Malware Delivers Facebook Stealers, RATs https://threatpost.com/mosaicloader-malware-facebook-stealers/167939/
  • APT Hackers Distributed Android Trojan via Syrian e-Government Portal https://thehackernews.com/2021/07/apt-hackers-distributed-android-trojan.html
  • Discord CDN and API Abuses Drive Wave of Malware Detections https://threatpost.com/discord-malware-researchers/168096/
  • Never mind the trolls, Discord hosts 'significant volumes of malware' in its CDN https://www.theregister.com/2021/07/23/discord_malware_channel/
  • Researchers Warn of Linux Cryptojacking Attackers Operating from Romania https://thehackernews.com/2021/07/researchers-warn-of-linux-cryptojacking.html
  • When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure https://www.microsoft.com/security/blog/2021/07/22/when-coin-miners-evolve-part-1-exposing-lemonduck-and-lemoncat-modern-mining-malware-infrastructure/

• Nation State Actors:

  • China Breached Dozens of Pipeline Companies in Past Decade, U.S. Says https://www.nytimes.com/2021/07/20/us/politics/china-hacking-pipelines.html
  • Chinese state hackers breached over a dozen US pipeline operators https://www.bleepingcomputer.com/news/security/chinese-state-hackers-breached-over-a-dozen-us-pipeline-operators/
  • US and Global Allies Accuse China of Massive Microsoft Exchange Attack https://thehackernews.com/2021/07/us-and-global-allies-accuse-china-of.html
  • US: Chinese Government Waged Microsoft Exchange Attacks https://www.databreachtoday.com/us-chinese-government-waged-microsoft-exchange-attacks-a-17098
  • US indicts four members of Chinese hacking group APT40 https://www.databreaches.net/us-indicts-four-members-of-chinese-hacking-group-apt40/
  • China says Microsoft hacking accusations fabricated by US and allies https://www.bbc.co.uk/news/world-asia-china-57898147
  • France warns of APT31 cyberspies targeting French organizations https://www.bleepingcomputer.com/news/security/france-warns-of-apt31-cyberspies-targeting-french-organizations/

• Crime & Arrests, etc.:

  • Microsoft Cracks Down on Malicious Homoglyph Domains https://www.securityweek.com/microsoft-cracks-down-malicious-homoglyph-domains
  • Las Vegas murder case cracked with smallest ever amount of DNA https://www.bbc.co.uk/news/world-us-canada-57947785
  • Serial Swatter Who Caused Death Gets Five Years in Prison https://krebsonsecurity.com/2021/07/serial-swatter-who-caused-death-gets-five-years-in-prison/
  • ‘PlugWalkJoe' arrested in connection with 2020 hack of famous Twitter accounts https://www.theverge.com/2021/7/21/22587022/twitter-hack-2020-man-arrested-uk-spain
  • Another Hacker Arrested for 2020 Twitter Hack and Massive Bitcoin Scam https://thehackernews.com/2021/07/another-hacker-arrested-for-2020.html
  • Third Arrest in Connection With 2020 Twitter Hack https://www.databreachtoday.com/third-arrest-in-connection-2020-twitter-hack-a-17121
  • Estonian Botnet Operator Pleads Guilty in U.S. Court https://www.securityweek.com/estonian-botnet-operator-pleads-guilty-us-court
  • Police steamroll 1,000 bitcoin mines after ‘electricity theft' prompts power outages https://www.independent.co.uk/life-style/gadgets-and-tech/bitcoin-mining-steamroll-crypto-electricity-b1886711.html
  • Ruthless Attackers Target Florida Condo Collapse Victims for ID Theft https://threatpost.com/attackers-target-florida-condo-collapse-victims/167917/
  • Vancouver police launch campaign to warn public of distraction thefts https://globalnews.ca/news/8044609/vancouver-distraction-thefts-campaign/

Other Security / Risk

Articles covering other types of risks.

• AI firm DeepMind puts database of the building blocks of life online https://www.theguardian.com/technology/2021/jul/22/ai-firm-deepmind-puts-database-building-blocks-life-human-protein-structure-free-online
• New algorithm flies drones faster than human racing pilots https://scienmag.com/new-algorithm-flies-drones-faster-than-human-racing-pilots/
• Artificial intelligence models to analyze cancer images take shortcuts that introduce bias https://scienmag.com/artificial-intelligence-models-to-analyze-cancer-images-take-shortcuts-that-introduce-bias/
• Ars AI headline experiment finale—we came, we saw, we used a lot of compute time https://arstechnica.com/information-technology/2021/07/ars-ai-headline-experiment-conclusion-we-came-we-saw-we-used-a-lot-of-compute-time/
• Disinformation for Hire, a Shadow Industry, Is Quietly Booming https://www.nytimes.com/2021/07/25/world/europe/disinformation-social-media.html
• White House Dispute Exposes Facebook Blind Spot on Misinformation https://www.nytimes.com/2021/07/19/technology/facebook-misinformation-blind-spot.html
• Industrial Firms Warned of Risk Posed by Cloud-Based ICS Management Systems https://www.securityweek.com/industrial-firms-warned-risk-posed-cloud-based-ics-management-systems
• Modern Mainframe Security Threats https://www.krisecurity.com/mainframe-security-threats
• Twitter reveals surprisingly low two-factor auth (2FA) adoption rate https://www.bleepingcomputer.com/news/security/twitter-reveals-surprisingly-low-two-factor-auth-2fa-adoption-rate/
• Amazon's new MMO may be bricking Nvidia 3090s https://www.theverge.com/2021/7/21/22587616/amazon-games-new-world-nvidia-rtx-3090-bricked-evga-closed-beta
• Major news sites serve porn after vid.me domain takeover https://www.bleepingcomputer.com/news/technology/major-news-sites-serve-porn-after-vidme-domain-takeover/
• How to search through someone's tweets and find anything they've tweeted https://www.businessinsider.com/how-to-search-someones-tweets
• Study finds surprising source of social influence https://scienmag.com/study-finds-surprising-source-of-social-influence/
• Teen girl struck in the face by seagull on N.J. amusement park ride https://globalnews.ca/news/8054300/seagull-girl-face-slingshot-ride-amusement-park-video/
• MLB will try encrypted transmitters and bone conduction to stop sign stealing https://www.theverge.com/2021/7/25/22593363/mlb-baseball-sign-stealing-transmitter-pitchcom

• Health, Safety & Environment:

  • Why Extreme Heat Is So Deadly https://www.scientificamerican.com/article/why-extreme-heat-is-so-deadly/
  • Life Expectancy in The US Has Totally Plummeted, And It's Not All Due to COVID https://www.sciencealert.com/the-us-saw-the-largest-single-year-decline-in-life-expectancy-in-2020-since-world-war-ii
  • Drinking 6 Cups of Coffee a Day? Your Brain May Pay For It Later, Says a Large Study https://www.sciencealert.com/largest-study-of-its-kind-says-too-much-coffee-could-harm-your-brain-in-the-long-run
  • The common cold was rare during 2020 — but it's having a resurgence https://www.theverge.com/2021/7/22/22588448/flu-cold-covid-resurgence-season
  • Scientists identify protein markers related to the most common form of leukemia https://scienmag.com/scientists-identify-protein-markers-related-to-the-most-common-form-of-leukemia/
  • The invisible reasons mosquitoes prefer some people over others https://www.cbc.ca/news/canada/north/mosquitoes-prefer-some-people-yukon-1.6113232
  • A.I. Predicts the Shapes of Molecules to Come https://www.nytimes.com/2021/07/22/technology/deepmind-ai-proteins-folding.html
  • Canada's building codes don't focus on tornadoes — even though we see 2nd most in the world https://www.cbc.ca/news/tornado-canada-building-code-1.6111943
  • Drone blocks water bomber from fighting wildfire in Manitoba's Whiteshell Provincial Park https://www.cbc.ca/news/canada/manitoba/drone-intercepts-fire-1.6108946
  • Surfside condo collapse victims to get $150M in initial compensation: judge https://globalnews.ca/news/8047884/surfside-condo-collapse-victims-compensation/
  • We Need to Fix Space Junk Before It's Too Late https://www.universetoday.com/151835/we-need-to-fix-space-junk-before-its-too-late/
  • Poison Ivy Could Be Getting Itchier—Here's Why https://www.mentalfloss.com/article/648526/poison-ivy-could-be-getting-itchier-heres-why
  • Concrete Buildings Could Be Turned into Rechargeable Batteries https://www.scientificamerican.com/article/concrete-buildings-could-be-turned-into-rechargeable-batteries/
  • The little tech firm gunning for an airspeed record https://www.bbc.co.uk/news/business-57747128

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

• The spread, curves, spikes, waves, reinfection, and variant strains:

  • 4 Olympic athletes test positive for COVID-19 as Tokyo Games loom https://globalnews.ca/news/8039531/olympic-athletes-positive-covid-19-tokyo-games/
  • Delta COVID-19 variant now behind more than 80% of new U.S. cases https://globalnews.ca/news/8043995/delta-covid-cases-us/
  • COVID-19 cases in U.S. triple over 2 weeks as vaccination rates slow https://globalnews.ca/news/8048087/us-covid-19-cases-july-21/
  • Canada's 4th COVID-19 wave will be among unvaccinated, with fewer restrictions: experts https://globalnews.ca/news/8042113/covid-19-fourth-wave-unvaccinated/
  • 96% of COVID-19 cases are among those not fully vaccinated, B.C. health officials say https://globalnews.ca/news/8056167/new-covid-cases-not-fully-vaccinated/
  • Ontario reports 185 COVID-19 cases, 7 deaths https://globalnews.ca/news/8050699/ontario-covid-coronavirus-numbers-cases-july-22/
  • People with COVID Often Infect Their Pets https://www.scientificamerican.com/article/people-with-covid-often-infect-their-pets/
  • Alpha variant spread via ‘super-seeding' event in UK: Oxford research https://scienmag.com/alpha-variant-spread-via-super-seeding-event-in-uk-oxford-research/

• Guidance, Response, and Recovery:

  • Canada will let fully vaccinated American travellers into country on Aug. 9, others on Sept. 7 https://www.ctvnews.ca/health/coronavirus/canada-will-let-fully-vaccinated-american-travellers-into-country-on-aug-9-others-on-sept-7-1.5514869
  • The U.S. has extended its border closure with Canada. Here's what you need to know https://globalnews.ca/news/8048650/us-canada-border-closure-extension-rules/
  • As COVID-19 surges in U.S., is Canada lifting border rules too early? Experts are mixed https://globalnews.ca/news/8042114/canada-us-border-reopening-reactions/
  • U.S. border restrictions for Canada, Mexico renewed until Aug. 21 https://globalnews.ca/news/8046683/u-s-canada-border-mexico-restrictions/
  • Canada extends ban on flights from India to Aug. 21 due to Delta variant fears https://globalnews.ca/news/8040573/canada-covid-india-flight-ban-august/
  • Ontario LTC home where 81 died turned down advice on COVID-19 isolation rooms: public health emails say https://globalnews.ca/news/8033539/ontario-ltc-home-covid-19/
  • The State Department warns Americans not to fly to UK because of its COVID-19 outbreak https://www.businessinsider.com/us-travel-advisory-warning-do-not-fly-uk-covid-2021-7
  • ‘Freedom Day' kicks off in U.K. as country drops remaining COVID-19 restrictions https://globalnews.ca/news/8039276/freedom-day-u-k-covid-19-restrictions/
  • Isolate if ‘pinged' by NHS Covid app, says No 10, despite minister's claims https://www.theguardian.com/world/2021/jul/20/isolate-if-pinged-by-nhs-covid-app-says-no-10-despite-ministers-claims

• Treatments, Testing, Triage, Trials, and things we Learned:

  • Existing drug is shown to inhibit SARS-CoV-2 virus https://scienmag.com/existing-drug-is-shown-to-inhibit-sars-cov-2-virus/

• Immunity and Vaccinations:

  • 2 shots of Pfizer vaccine 88% effective against Delta variant: study https://globalnews.ca/news/8050563/pfizer-astrazeneca-vaccine-delta-variant/
  • COVID-19 antibodies persist at least nine months after infection https://scienmag.com/covid-19-antibodies-persist-at-least-nine-months-after-infection/
  • Longer gap between Pfizer COVID-19 vaccine shots boosts antibodies higher, study finds https://globalnews.ca/news/8053778/pfizer-covid-19-vaccine-shots-antibodies/
  • Over 50% of all Canadians are now fully vaccinated against COVID-19 https://globalnews.ca/news/8041809/covid-canada-vaccinations-cases-july-19-2021/
  • The Atlantic Daily: How to Think About Your COVID-19 Risk, Post-vaccination https://www.theatlantic.com/newsletters/archive/2021/07/how-to-think-about-your-covid-19-risk-post-vaccination/619501/
  • ‘Vaccine certificates' may speed up reopening, incentivize vaccination: Ontario science table https://globalnews.ca/news/8049125/ontario-sceince-table-covid-vaccine-certificates/
  • Ontario's top doctor suggests new vaccination target to account for risk posed by Delta variant https://toronto.ctvnews.ca/ontario-s-top-doctor-suggests-new-vaccination-target-to-account-for-risk-posed-by-delta-variant-1.5516590
  • Vaccinated America Has Had Enough https://www.theatlantic.com/ideas/archive/2021/07/vaccinated-america-breaking-point-anti-vaxxers/619539/
  • America Is Getting Unvaccinated People All Wrong - they aren't all anti-vaxers https://www.theatlantic.com/health/archive/2021/07/unvaccinated-different-anti-vax/619523/
  • Italy joins France in requiring COVID-19 vaccination for services https://globalnews.ca/news/8052018/italy-france-covid-19-vaccination/
  • “Don't You Work With Old People?”: Many Elder-Care Workers Still Refuse to Get COVID-19 Vaccine https://www.propublica.org/article/dont-you-work-with-old-people-many-elder-care-workers-still-refuse-to-get-covid-19-vaccine#1093542
  • UHN will require that unvaccinated employees test negative for COVID-19 before arriving at work https://toronto.ctvnews.ca/uhn-will-require-that-unvaccinated-employees-test-negative-for-covid-19-before-arriving-at-work-1.5520921
  • Canada's vaccine supply to hit 66M doses next week — enough for all currently eligible https://globalnews.ca/news/8043453/canada-covid-19-vaccine-doses/
  • Not all countries recognize mixed vaccines. Minister says thinking will likely ‘evolve' https://globalnews.ca/news/8043677/covid-vaccine-mix-match-travel-canada/
  • Canadian travellers frustrated as U.S. cruise lines won't recognize mixing-and-matching COVID-19 vaccines https://globalnews.ca/news/8047816/canadian-travellers-us-cruise-mixing-covid-19-vaccines/
  • Quebecers can get a 3rd COVID vaccine ‘at their own risk' to travel to a country that requires it https://globalnews.ca/news/8058856/quebec-third-covid-vaccine-travel/

• More of the good, the bad, and the ugly:

  • Website listing Toronto businesses with vaccination policies shuts down after receiving hateful messages https://toronto.ctvnews.ca/website-listing-toronto-businesses-with-vaccination-policies-shuts-down-after-receiving-hateful-messages-1.5518607

• Masks, anti-maskers, distancing, compliance, and repercussions:

  • Are fake vaccine cards being used to enter Canada? https://globalnews.ca/news/8054332/fake-covid-vaccine-cards-enter-canada/
  • Communication around masks is still terrible https://www.theverge.com/22588755/covid-mask-guidance-bad-delta-surge

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

• American Kids Are Talking Like Brits Again Because of Peppa Pig and the Pandemic https://www.mentalfloss.com/article/648468/peppa-pig-giving-american-children-british-accents
• China builds world's fastest train, capable of 600 km/h https://www.cbc.ca/news/science/china-fastest-train-1.6110819
• What does a future-proofed home look like? https://www.bbc.co.uk/news/business-57738681
• The Reason Why a Standard Piece of Paper Is 8.5 Inches by 11 Inches https://www.mentalfloss.com/article/648466/why-is-standard-paper-size-8.5-x-11-inches
• 15,000-year-old viruses discovered in Tibetan glacier ice https://scienmag.com/15000-year-old-viruses-discovered-in-tibetan-glacier-ice/
• Blue Origin Successfully Launches the Oldest and Youngest Person to Ever go to Space (oh, and Jeff Bezos too) https://www.universetoday.com/151900/blue-origin-successfully-launches-the-oldest-and-youngest-person-to-ever-go-to-space-oh-and-jeff-bezos-too/
• SuperBIT: A low-cost balloon-borne telescope to rival Hubble https://scienmag.com/superbit-a-low-cost-balloon-borne-telescope-to-rival-hubble/
• Fantastic Visualization Shows What Would Happen if you Dropped a Ball Across the Solar System https://www.universetoday.com/151884/fantastic-visualization-shows-what-would-happen-if-you-dropped-a-ball-across-the-solar-system/
• A Gravitational Wave Observatory on the Moon Could "Hear" 70% of the Observable Universe https://www.universetoday.com/151959/a-gravitational-wave-observatory-on-the-moon-could-hear-70-of-the-observable-universe/
• Neutron Stars Have Mountains, They're Just a Fraction of a Millimeter High https://www.universetoday.com/151926/neutron-stars-have-mountains-theyre-just-a-fraction-of-a-millimeter-high/
• Astrophysicists Say Our Universe Could Actually Be a Giant 3D Donut https://www.sciencealert.com/astrophysicists-say-our-universe-could-really-be-a-giant-3d-donut
• Here are the First New Pictures From the Fully Operational Hubble https://www.universetoday.com/151920/here-are-the-first-new-pictures-from-the-fully-operational-hubble/