Welcome to This Week’s [in]Security. PCI and payments: Target's anti-skimmer Merry Maker, Segway. Payments, Training & events. New breaches: Securitas (S3), News Corp, Whisper. New Ransomware: Changing tactics, Oiltanking, Kronos. Follow-ups & Fall-out: Equifax. Privacy: GPU-fingerprinting, Ungoogling yourself. Laws & Regs - Canada: C-11/streaming, Online harms, Digital Taxes. US: EARN IT, Cyber Review board, EFF. World: EU vs. US. Standards: NIST Software, IoT, &, Security Labeling. NVD API. Defense: volunteers, browsers. Vulnerabilities, Zerodays: Zimbra. Other Vulnerabilities: CISA alerts, Log4shell lives on, Firmware, Cisco, ESET, Supply chains, MSIX, Finding Open Source vulns, Walmart analyzes new ransomware. Patching: CISA must patch, Samba. Crypto-research. Cybercrime: Trends: Reverse proxy attacks, Nation States: taking down North Korea, China, more spyware, Ukraine. Crime & Enforcement; fraud & blackmail, big heists, drones, Other Risks: Automation. Banning ideas. App monopolies, too many secrets, Internet next, Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants; Response; Treatments; Learned; Covid Ugly; Innovation and more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

• Target open sources scanner for digital credit card skimmers https://www.bleepingcomputer.com/news/security/target-open-sources-scanner-for-digital-credit-card-skimmers/
• Magecart Attackers Ride into Segway's E-commerce Website, Segue to Stealing Visitor Data https://sourcedefense.com/resources/magecart-attackers-ride-into-segways-e-commerce-website-segue-to-stealing-visitor-data/

• Other payment related:

  • Visa Calls for Payment Standards in EV Charging https://www.pymnts.com/news/payments-innovation/2022/visa-calls-for-payment-standards-in-ev-charging/
  • Interac on 2021 https://www.interac.ca/en/content/inside-interac/2021-a-year-in-review-at-interac/
  • Dynamic Security Code Cards: A Primer https://www.securetechalliance.org/publications-dynamic-security-code-cards-a-primer/
  • T-Mobile Money app to use Mastercard True Name https://www.finextra.com/pressarticle/91245/t-mobile-money-app-to-use-mastercard-true-name
  • Secure Technology Alliance Payments Council https://www.securetechalliance.org/activities-councils-payments/

• Other educational events, webinars, courses:

  • FISSEA Winter Forum February 15, 2022, 1:00pm-4:00 pm ET https://www.nist.gov/news-events/events/2022/02/fissea-winter-forum-february-15-2022
  • NICE Computational Literacy - A New Literacy Necessary for the Future of Learning and Work February 16, 2022 | 2:00-3:00 PM ET https://www.nist.gov/news-events/events/2022/02/nice-webinar-computational-literacy-new-literacy-necessary-future

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

• New Breaches:

  • Unsecured AWS server exposed 3TB in airport employee records https://www.zdnet.com/article/unsecured-aws-server-exposed-airport-employee-records-3tb-in-data
  • Suspected Chinese spies break into cloud accounts of News Corp journalists https://www.theregister.com/2022/02/04/news_corp_china_compromised/
  • Security issue may have made some personal information vulnerable on WSDOT system https://www.databreaches.net/security-issue-may-have-made-some-personal-information-vulnerable-on-wsdot-system/
  • British Council exposed more than 100,000 files with student records https://www.bleepingcomputer.com/news/security/british-council-exposed-more-than-100-000-files-with-student-records/
  • Messages and user data from secret sharing app Whisper exposed online (again): report https://www.comparitech.com/blog/information-security/secret-sharing-app-exposure/

• New Ransomware and "Incidents":

  • Law enforcement action push ransomware gangs to surgical attacks https://www.bleepingcomputer.com/news/security/law-enforcement-action-push-ransomware-gangs-to-surgical-attacks/
  • One in seven ransomware extortion attempts leak key operational tech records https://www.zdnet.com/article/one-in-seven-ransomware-extortion-attempts-leak-key-business-operation-data
  • OT Data Stolen by Ransomware Gangs Can Facilitate Cyber-Physical Attacks https://www.securityweek.com/ot-data-stolen-ransomware-gangs-can-facilitate-cyber-physical-attacks
  • Ransomware means your database IS the front line. How are you defending it? https://www.theregister.com/2022/02/01/ransomware_database/
  • Hacker Group 'Moses Staff' Using New StrifeWater RAT in Ransomware Attacks https://thehackernews.com/2022/02/hacker-group-moses-staff-using-new.html
  • Inside Trickbot, Russia's Notorious Ransomware Gang https://www.wired.com/story/trickbot-malware-group-internal-messages
  • Iranian Hackers Using New PowerShell Backdoor Linked to Memento Ransomware https://www.securityweek.com/iranian-hackers-using-new-powershell-backdoor-linked-memento-ransomware
  • Cyberattacks Increasingly Hobble Pandemic-Weary US Schools https://www.securityweek.com/cyberattacks-increasingly-hobble-pandemic-weary-us-schools
  • German petrol supply firm Oiltanking paralyzed by cyber attack https://www.bleepingcomputer.com/news/security/german-petrol-supply-firm-oiltanking-paralyzed-by-cyber-attack/
  • Rupert Murdoch's News Corp hit by cyberattack it says was from China https://www.businessinsider.com/news-corp-cyberattack-suspect-china-wsj-2022-2
  • UK Snack Company Hit by Ransomware Attack, Which Could Cause Delivery Delays https://www.databreaches.net/uk-snack-company-hit-by-ransomware-attack-which-could-cause-delivery-delays/
  • Kronos Still Dragging Itself Back From Ransomware Hell https://threatpost.com/kronos-dragging-itself-back-ransomware-hell/178213/

• Follow-ups and fall-out:

  • Yes, the Equifax data breach settlement email and website are real https://www.databreaches.net/yes-the-equifax-data-breach-settlement-email-and-website-are-real/
  • Rhode Island attorney general subpoenas RIPTA, UnitedHealthcare over data breach https://www.databreaches.net/rhode-island-attorney-general-subpoenas-ripta-unitedhealthcare-over-data-breach/
  • UK: Statement on an agreement reached between Somerset Bridge Insurance Services Limited and the ICO https://www.databreaches.net/uk-statement-on-an-agreement-reached-between-somerset-bridge-insurance-services-limited-and-the-ico/
  • Can Data Breaches Be Good For Some Corporate Brands? https://www.databreaches.net/can-data-breaches-be-good-for-some-corporate-brands/

Privacy

Articles about privacy related news, risks, and trends.

• Researchers use GPU fingerprinting to track users online https://www.bleepingcomputer.com/news/security/researchers-use-gpu-fingerprinting-to-track-users-online/
• What To Do To Delete The Scary Amount Of Data Google Has On You https://packetstormsecurity.com/news/view/33056/What-To-Do-To-Delete-The-Scary-Amount-Of-Data-Google-Has-On-You.html
• Welcome to the Burner Phone Olympics https://www.wired.com/story/winter-olympics-2022-phones-security

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

• Canada:

  • Not Ready for Prime Time: Why Bill C-11 Leaves the Door Open to CRTC Regulation of User Generated Content https://www.michaelgeist.ca/2022/02/not-ready-for-prime-time/
  • Liberals say new online streaming bill won't hurt free speech — but some remain skeptical https://globalnews.ca/news/8592505/online-streaming-bill-c-11-free-speech/
  • Time to Hit the Reset Button: Canadian Heritage Releases “What We Heard” Report on Online Harms Consultation https://www.michaelgeist.ca/2022/02/time-to-hit-the-reset-button-canadian-heritage-releases-what-we-heard-report-on-online-harms-consultation/
  • The Law Bytes Podcast, Episode 115: Reuven Avi-Yonah on the Past, Present and Future of Digital Services Taxes https://www.michaelgeist.ca/2022/01/law-bytes-podcast-episode-115/

• US:

  • The EARN IT Act Is Back https://www.schneier.com/blog/archives/2022/02/the-earn-it-act-is-back.html
  • It's Back: Senators Want EARN IT Bill to Scan All Online Messages https://www.eff.org/deeplinks/2022/02/its-back-senators-want-earn-it-bill-scan-all-online-messages
  • DHS Launches Cyber Safety Review Board to Analyze Major Vulnerability Events https://www.darkreading.com/vulnerabilities-threats/cyber-safety-review-board-to-analyze-major-vulnerability-events
  • Podcast Episode: Saving Podcasts from a Patent Troll https://www.eff.org/deeplinks/2022/01/podcast-episode-saving-podcasts-patent-troll
  • Nike Suing Retailer Selling Sneaker NFTs https://www.pymnts.com/news/retail/2022/nike-suing-retailer-selling-sneaker-nfts/
  • Tell the Copyright Office Who Is Really Affected by Filters https://www.eff.org/deeplinks/2022/02/tell-copyright-office-who-really-affected-filters

• World:

  • Privacy Shield: EU citizens might get right to challenge US access to their data https://www.theregister.com/2022/02/03/privacy_shield_progress/
  • Google Faces New Antitrust Law in Europe https://www.nytimes.com/2022/02/02/technology/google-seznam-antitrust-czech-republic.html
  • Israeli Lawyer, Hungarian Rights Group Target Pegasus Spyware https://www.securityweek.com/israeli-lawyer-hungarian-rights-group-target-pegasus-spyware

• Standards News:

  • NIST Issues Guidance on Software, IoT Security and Labeling:
  • Executive Order https://www.nist.gov/itl/executive-order-improving-nations-cybersecurity/software-supply-chain-security-guidance
  • Secure Software Development Framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities https://csrc.nist.gov/publications/detail/sp/800-218/final
  • Consumer Cybersecurity Labeling Pilots: The Approach and Contributions https://www.nist.gov/itl/executive-order-improving-nations-cybersecurity/consumer-cybersecurity-labeling-pilots-approach
  • Recommended Criteria for Cybersecurity Labeling of Consumer Software https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.02042022-1.pdf
  • Recommended Criteria for Cybersecurity Labeling for Consumer Internet of Things (IoT) Products https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.02042022-2.pdf
  • NIST Special Publication 1800-32 Securing Distributed Energy Resources: An Example Solution of Industrial Internet of Things Cybersecurity https://www.nccoe.nist.gov/energy/securing-distributed-energy-resources
  • REMINDER | National Vulnerability Database (NVD) API Keys are NOW Available https://nvd.nist.gov/developers/request-an-api-key

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

• Vulnerability Remediation: It's Not Just Patching https://blog.qualys.com/product-tech/2022/02/01/vulnerability-remediation-its-not-just-patching
• Living Off the Land: How to Defend Against Malicious Use of Legitimate Utilities https://threatpost.com/living-off-the-land-malicious-use-legitimate-utilities/177762/
• HOW TO BECOME AN (ISC)² VOLUNTEER AND MAKE A DIFFERENCE IN THE CYBERSECURITY COMMUNITY https://blog.isc2.org/isc2_blog/2022/01/how-to-become-an-isc%C2%B2-volunteer.html
• Projects I Support https://scotthelme.co.uk/projects-i-support/
• 2022 Information Controls Fellowship Program https://citizenlab.ca/2022/01/2022-information-controls-fellowship-program/
• Secure Web Browsers Tackle Ransomware, Insider Threat in Enterprises https://www.darkreading.com/emerging-tech/secure-web-browsers-tackle-ransomware-insider-threat-in-enterprises
• Firefox's anti-tracking feature adds per-account VPN for more privacy https://www.theverge.com/2022/2/2/22914078/mozilla-vpn-multi-account-containers-add-on
• DevSecOps for Databases: Data Masking, Cloud Backup, WAF and More https://www.datex.ca/blog/devsecops-for-databases-data-masking-cloud-backup-waf-and-more
• NortonLifeLock Introduces Social Media Monitoring https://www.darkreading.com/endpoint/nortonlifelock-introduces-social-media-monitoring

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

• Other Zero-day news:

  • Hackers Exploited 0-Day Vulnerability in Zimbra Email Platform to Spy on Users https://thehackernews.com/2022/02/hackers-exploited-0-day-vulnerability.html

• Other Vulnerabilities:

  • CISA adds 8 vulnerabilities to list of actively exploited bugs https://www.bleepingcomputer.com/news/security/cisa-adds-8-vulnerabilities-to-list-of-actively-exploited-bugs/
  • CISA issues advisory warning of critical vulnerabilities in Airspan Networks Mimosa https://www.zdnet.com/article/cisa-issues-advisory-warning-of-critical-vulnerabilities-in-airspan-networks-mimosa
  • ‘Long Live Log4Shell': CVE-2021-44228 Not Dead Yet https://threatpost.com/log4shell-cve-2021-44228/178225/
  • UEFI firmware vulnerabilities affect at least 25 computer vendors https://www.bleepingcomputer.com/news/security/uefi-firmware-vulnerabilities-affect-at-least-25-computer-vendors/
  • CVE-2022-20699, CVE-2022-20700, CVE-2022-20708: Critical Flaws in Cisco Small Business RV Series Routers https://www.tenable.com/blog/cve-2022-20699-cve-2022-20700-cve-2022-20708-critical-flaws-in-cisco-small-business-rv-series
  • ESET antivirus bug let attackers gain Windows SYSTEM privileges https://www.bleepingcomputer.com/news/microsoft/eset-antivirus-bug-let-attackers-gain-windows-system-privileges/
  • DMCA-dot-com XSS vuln reported in 2020 still live today and firm has shrugged it off https://www.theregister.com/2022/02/02/dmca_com_live_xss_flaw/
  • OpenSSF Alpha-Omega Project Tackles Supply Chain Security https://www.securityweek.com/openssf-alpha-omega-project-tackles-supply-chain-security
  • Supply-Chain Security Is Not a Problem…It's a Predicament https://threatpost.com/supply-chain-security-predicament/178166/
  • Worried about occasional npm malware scares? It's more common than you may think https://www.theregister.com/2022/02/03/npm_malware_report/
  • New SureMDM Vulnerabilities Could Expose Companies to Supply Chain Attacks https://thehackernews.com/2022/01/new-suremdm-vulnerabilities-could.html
  • Microsoft disables MSIX protocol handler abused in Emotet attacks https://www.bleepingcomputer.com/news/microsoft/microsoft-disables-msix-protocol-handler-abused-in-emotet-attacks/
  • Apple Pays $100,500 Bounty to Hacker Who Found Way to Hack MacBook Webcam https://thehackernews.com/2022/01/apple-pays-100500-bounty-to-hacker-who.html
  • Security Through Obscurity. It Doesn't Work. https://blog.isc2.org/isc2_blog/2022/02/security-through-obscurity-it-doesnt-work.html
  • Finding Vulnerabilities in Open Source Projects https://www.schneier.com/blog/archives/2022/02/finding-vulnerabilities-in-open-source-projects.html
  • Walmart Dissects New 'Sugar' Ransomware https://www.securityweek.com/walmart-dissects-new-sugar-ransomware

• Patching:

  • CISA Adds Recent iOS, SonicWall Vulnerabilities to 'Must Patch' List https://www.securityweek.com/cisa-adds-recent-ios-sonicwall-vulnerabilities-must-patch-list
  • CISA orders federal agencies to patch actively exploited Windows bug https://www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-to-patch-actively-exploited-windows-bug/
  • Samba Patches Critical Flaws That Earned Researchers Big Rewards https://www.securityweek.com/samba-patches-critical-flaws-earned-researchers-big-rewards
  • Twelve-Year-Old Linux Vulnerability Discovered and Patched https://www.schneier.com/blog/archives/2022/01/twelve-year-old-linux-vulnerability-discovered-and-patched.html

• Cryptography and Cryptographic Research:

  • Development of Cryptography since Shannon, by Funda Özdemir and Çetin Kaya Koç https://eprint.iacr.org/2022/100
  • Rocca: An Efficient AES-based Encryption Scheme for Beyond 5G (Full version), by Kosei Sakamoto and Fukang Liu and Yuto Nakano and Shinsaku Kiyomoto and Takanori Isobe https://eprint.iacr.org/2022/116

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

• Trends, Alerts, and Events (other than major breaches):

  • MFA adoption pushes phishing actors to reverse-proxy solutions https://www.bleepingcomputer.com/news/security/mfa-adoption-pushes-phishing-actors-to-reverse-proxy-solutions/
  • Phishing kits' use of man-in-the-middle reverse proxies is growing, warns Proofpoint https://www.theregister.com/2022/02/03/proofpoint_mitm_reverse_proxies/
  • FBI shares Lockbit ransomware technical details, defense tips https://www.bleepingcomputer.com/news/security/fbi-shares-lockbit-ransomware-technical-details-defense-tips/
  • FBI warns of 2022 Beijing Olympics cyberattack, privacy risks https://www.bleepingcomputer.com/news/security/fbi-warns-of-2022-beijing-olympics-cyberattack-privacy-risks/
  • Beware of phishing scams offering packages, refunds, or rebates https://toronto.ctvnews.ca/beware-of-phishing-scams-offering-packages-refunds-or-rebates-1.5762062
  • How Phishers Are Slinking Their Links Into LinkedIn https://krebsonsecurity.com/2022/02/how-phishers-are-slinking-their-links-into-linkedin/
  • Mac Malware-Dropping Adware Gets More Dangerous https://www.darkreading.com/vulnerabilities-threats/mac-malware-dropping-adware-gets-more-dangerous
  • New SEO Poisoning Campaign Distributing Trojanized Versions of Popular Software https://thehackernews.com/2022/02/new-seo-poisoning-campaign-distributing.html
  • SolarMarker Malware Uses Novel Techniques to Persist on Hacked Systems https://thehackernews.com/2022/02/solarmarker-malware-uses-novel.html
  • The evolution of a Mac trojan: UpdateAgent's progression https://www.microsoft.com/security/blog/2022/02/02/the-evolution-of-a-mac-trojan-updateagents-progression/
  • Be careful with RPMSG files, (Mon, Jan 31st) https://isc.sans.edu/diary/rss/28292
  • Reasons Why Every Business is a Target of DDoS Attacks https://thehackernews.com/2022/01/reasons-why-every-business-is-target-of.html

• Nation State Actors:

  • A lone hacker on a revenge mission says he is the one who keeps turning off North Korea's internet https://www.businessinsider.com/lone-hacker-claims-responsibility-for-turning-off-north-koreas-internet-2022-2
  • FBI says more cyber attacks come from China than everywhere else combined https://www.theregister.com/2022/02/03/fbi_china_threat_to_usa/
  • New Malware Used by SolarWinds Attackers Went Undetected for Years https://thehackernews.com/2022/02/new-malware-used-by-solarwinds.html
  • Finnish Diplomats Targeted by Pegasus Spyware: Ministry https://www.securityweek.com/finnish-diplomats-targeted-pegasus-spyware-ministry
  • iPhone Flaw Exploited By Second Israeli Spy Firm https://packetstormsecurity.com/news/view/33067/iPhone-Flaw-Exploited-By-Second-Israeli-Spy-Firm.html
  • ACTINIUM targets Ukrainian organizations https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
  • Researchers Uncover New Iranian Hacking Campaign Targeting Turkish Users https://thehackernews.com/2022/01/researchers-uncover-new-iranian-hacking.html
  • State hackers' new malware helped them stay undetected for 250 days https://www.bleepingcomputer.com/news/security/state-hackers-new-malware-helped-them-stay-undetected-for-250-days/

• Crime & Arrests, etc.:

  • FTC: Americans lost $770 million from social media fraud surge https://www.bleepingcomputer.com/news/security/ftc-americans-lost-770-million-from-social-media-fraud-surge/
  • Landmark research shows increase in online sex blackmailing during pandemic https://scienmag.com/landmark-research-shows-increase-in-online-sex-blackmailing-during-pandemic/
  • Hackers Move $3.55B Worth of Bitcoin From 2016 Bitfinex Hack https://www.databreaches.net/hackers-move-3-55b-worth-of-bitcoin-from-2016-bitfinex-hack/
  • ‘Catfishing on a whole other level': the shocking story of the Tinder Swindler https://www.theguardian.com/film/2022/feb/02/tinder-swindler-netflix-documentary-simon-leviev
  • That's a signature move: How $320m in Ether was stolen from crypto biz Wormhole https://www.theregister.com/2022/02/04/wormhole_currency_theft/
  • Wormhole restores stolen $326 million after major crypto bailout https://www.bleepingcomputer.com/news/security/wormhole-restores-stolen-326-million-after-major-crypto-bailout/
  • DeepDotWeb News Site Operator Sentenced to 8 Years for Money Laundering https://thehackernews.com/2022/01/deepdotweb-news-site-operator-sentenced.html
  • A tiny DJI drone smuggled its own weight in drugs over the US border wall https://www.theverge.com/2022/2/3/22916246/dji-mini-2-drone-smuggle-meth-us-mexico-border-wall
  • Drugs, weapons 'smuggled to prisoners by drone' https://www.bbc.co.uk/news/world-us-canada-60262715
  • Catalytic converter thefts already an issue for drivers this year https://globalnews.ca/news/8596619/catalytic-converter-thefts-already-an-issue-2022/
  • Robbers staged public shootings to distract from Toronto-area jewelry store heists: court video https://toronto.ctvnews.ca/robbers-staged-public-shootings-to-distract-from-toronto-area-jewelry-store-heists-court-video-1.5763726

Other Security / Risk

Articles covering other types of risks.

• Automation is Nice But Don't Replace Your Knowledge, (Tue, Feb 1st) https://isc.sans.edu/diary/rss/28296
• Banning Bad Ideas Won't Make Them Go Away https://www.theatlantic.com/ideas/archive/2022/02/south-carolina-education-legislate-bad-ideas/621406/
• Me on App Store Monopolies and Security https://www.schneier.com/blog/archives/2022/02/me-on-app-store-monopolies-and-security.html
• Top US Spy Warns Too Many Government Secrets Harms National Security https://packetstormsecurity.com/news/view/33058/Top-US-Spy-Warns-Too-Many-Government-Secrets-Harms-National-Security.html
• The Reason Putin Would Risk War https://www.theatlantic.com/ideas/archive/2022/02/putin-ukraine-democracy/621465/
• The Atlantic Daily: People Really, Really Hate the Future of the Internet https://www.theatlantic.com/newsletters/archive/2022/02/future-of-crypto-nft-web3/621504/
• The Collateral Damage of Facebook's Flops https://www.nytimes.com/2022/02/01/technology/facebook-experiments.html
• Interview with the Head of the NSA's Research Directorate https://www.schneier.com/blog/archives/2022/02/interview-with-the-head-of-the-nsas-research-directorate.html
• Meet the NSA spies shaping the future https://www.technologyreview.com/2022/02/01/1044561/meet-the-nsa-spies-shaping-the-future/
• US carriers want to junk three times more Chinese comms kit than planned https://www.theregister.com/2022/02/07/secure_and_trusted_communications_reimbursement_program_overrun/
• Air Force Taps Clearview AI to Research Face-Identifying A.R. Glasses https://www.nytimes.com/2022/02/03/technology/air-force-clearview-ai-glasses.html
• Apple's Face ID with a Mask works so well, it might end password purgatory https://www.theverge.com/2022/2/2/22912677/apple-face-id-mask-update-ios-15-4-beta-hands-on-impressions
• DeepMind AI rivals average human competitive coder https://www.bbc.co.uk/news/technology-60231058
• Google has lost 2 ethical AI researchers to a research institute founded by ousted colleague Timnit Gebru https://www.businessinsider.com/two-google-researchers-quit-to-join-timnit-gebru-ethical-ai-2022-2
• Canada lost 200K jobs in January amid Omicron-driven shutdowns https://globalnews.ca/news/8594594/canada-jobs-january-omicron-lockdowns/
• One in three Canadians struggles with non-mortgage debts, Credit Counselling Society says https://globalnews.ca/news/8593839/canadians-non-mortgage-debt/
• Toronto considers new tax for homeowners to help curb soaring house prices https://toronto.ctvnews.ca/toronto-considers-new-tax-for-homeowners-to-help-curb-soaring-house-prices-1.5763407
• Economist Mohamed El-Erian warns more wild volatility in stocks is likely, and sets out two overlooked factors driving the swings https://markets.businessinsider.com/news/stocks/mohamed-el-erian-stocks-volatility-selloff-federal-reserve-liquidity-etfs-2022-2
• Facebook's user numbers shrunk for the first time in its history https://www.businessinsider.com/meta-facebook-user-numbers-shrink-first-time-ever-2022-2

• Health, Safety & Environment:

  • COVID-19: Canadian Blood Services makes urgent call for donors to replenish the supply depleted during Omicron https://globalnews.ca/news/8584437/covid-19-canadian-blood-services-makes-urgent-call-for-donors-to-replenish-the-supply-depleted-during-omicron/
  • Hospitals Can't Accept This as ‘Normal' https://www.theatlantic.com/health/archive/2022/02/omicron-surge-hospital-chicago/621455/
  • The myth of a 'super-charged' immune system https://www.bbc.co.uk/news/health-60171592
  • Five Lessons Humans must Learn to Defeat Pandemics https://www.horsesforsources.com/5-lessons-pandemics_020322
  • The Lancet: Over 1.2 million additional opioid overdose deaths expected in North America by 2029, with epidemic set to expand globally, experts warn https://scienmag.com/the-lancet-over-1-2-million-additional-opioid-overdose-deaths-expected-in-north-america-by-2029-with-epidemic-set-to-expand-globally-experts-warn/
  • An aggressive HIV variant silently spread in the Netherlands for 2 decades — a cautionary tale for the current pandemic https://www.businessinsider.com/lethal-hiv-variant-spreading-decades-netherlands-2022-2
  • Avian Flu detected in geese on hobby farm outside Halifax, owner ‘devastated' https://globalnews.ca/news/8584192/avian-flu-detected-in-geese-on-hobby-farm-outside-halifax-owner-devastated/
  • Mysterious 'Havana Syndrome' may be attacks caused by targeted electromagnetic pulses, US intel report says https://www.businessinsider.com/havana-syndrome-may-caused-electromagnetic-attack-us-intelligence-report-2022-2
  • Mosquitoes are seeing red: These new findings about their vision could help you hide from these disease vectors https://scienmag.com/mosquitoes-are-seeing-red-these-new-findings-about-their-vision-could-help-you-hide-from-these-disease-vectors/
  • Illinois research reveals cadmium's route into chocolate https://scienmag.com/illinois-research-reveals-cadmiums-route-into-chocolate/
  • A Cosmic Airburst May Have Devastated a Vast Native American Culture 1,500 Years Ago https://www.sciencealert.com/a-near-earth-comet-may-have-destroyed-a-north-american-culture-1-500-years-ago
  • Smoke detectors have a life expectancy. A Nova Scotia family is sounding the alarm https://www.cbc.ca/news/canada/nova-scotia/fire-related-deaths-nova-scotia-1.6331334
  • SpaceX aborts rocket mission 33 seconds before launch after a cruise liner sailed close to the launch site https://www.businessinsider.com/spacex-aborts-rocket-launch-seconds-cruise-liner-sails-hazard-zone-2022-1
  • Tesla owners report dozens of instances of ‘phantom braking' https://www.theverge.com/2022/2/2/22914236/tesla-phantom-braking-complaints-nhtsa-fsd
  • Tesla Recalls Cars With Full Self-Driving to Prevent Rolling Stops https://www.nytimes.com/2022/02/01/business/tesla-recall.html
  • 13,000 Years Ago, a Firestorm Covered 10% of Earth's Surface, Triggering an Ice Age https://www.sciencealert.com/a-firestorm-bigger-than-the-one-that-killed-the-dinosaurs-triggered-an-ice-age-13-000-years-ago
  • Almost 500-mile-long lightning bolt crossed three US states https://www.bbc.co.uk/news/world-us-canada-60221521
  • Almost No Coral Reefs in The World Will Be Safe at 1.5°C Warming, Scientists Warn https://www.sciencealert.com/study-warns-safe-havens-for-coral-reefs-will-be-almost-non-existent-at-1-5-c-warming
  • Extreme marine heat has become the “new normal”, in analysis of data from 1870 onwards – with 57% of the ocean surface recording 2019 temperatures once considered extreme https://scienmag.com/extreme-marine-heat-has-become-the-new-normal-in-analysis-of-data-from-1870-onwards-with-57-of-the-ocean-surface-recording-2019-temperatures-once-considered-extreme/
  • Flowers in The UK Are Blooming a Whole Month Earlier Than They Did in The 1980s https://www.sciencealert.com/flowers-are-blooming-a-whole-month-earlier-in-britain-than-they-did-in-the-early-80s
  • Global Covid response generating masses of waste, WHO says https://www.bbc.co.uk/news/world-60214689
  • Crows trained to clean up cigarette butts on Swedish streets https://globalnews.ca/news/8586599/crows-cigarette-butts-sweden/
  • Game-changing technology to remove 99% of carbon dioxide from air https://scienmag.com/game-changing-technology-to-remove-99-of-carbon-dioxide-from-air/
  • How to Destroy 'Forever Chemicals' https://www.scientificamerican.com/article/how-to-destroy-forever-chemicals/
  • Satellites and light reflections help spot costal plastic waste https://scienmag.com/satellites-and-light-reflections-help-spot-costal-plastic-waste/
  • Researchers mystified after Canada goose tagged in B.C. is spotted almost 3,000 km away in Chicago https://www.cbc.ca/news/canada/british-columbia/bc-canada-goose-chicago-1.6334676
  • We Almost Forgot About the Moon Trees https://www.theatlantic.com/science/archive/2022/01/nasa-moon-trees-apollo/621395/

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

• The spread, curves, spikes, waves, reinfection, and variant strains:

  • ‘Shouldn't be happening': WHO tracking ‘worrying' increase in deaths as Omicron surges https://globalnews.ca/news/8585718/who-omicron-cases-when-to-lift-restrictions/
  • BA.2 subvariant harder to identify than original Omicron strain, WHO says https://globalnews.ca/news/8592197/ba2-harder-to-identify-original-omicron-who/
  • ‘Deltacron' danger: Name of presumed hybrid fuels panic, experts say https://globalnews.ca/news/8578002/covid-deltacron-hybrid-panic/
  • Researchers use mobile device data to predict COVID-19 outbreaks https://scienmag.com/researchers-use-mobile-device-data-to-predict-covid-19-outbreaks/
  • 46% of people who felt well enough to work 5 days after COVID were likely still infectious, study finds https://www.businessinsider.com/46-still-likely-contagious-5-days-felt-ok-study-2022-2
  • WHO calls for stronger China collaboration on COVID-19 origins https://globalnews.ca/news/8597673/who-china-covid-origins/

• Guidance, Response, and Recovery:

  • Legal “sunset clauses” should be used to limit use of covid certificates to current pandemic https://scienmag.com/legal-sunset-clauses-should-be-used-to-limit-use-of-covid-certificates-to-current-pandemic/
  • 'Frustration is real' Ontario politicians agree on eliminating COVID-19 lockdowns https://toronto.ctvnews.ca/frustration-is-real-ontario-politicians-agree-on-eliminating-covid-19-lockdowns-1.5761605
  • 'Hopefully this is the last time': Ontario businesses reopen with cautious optimism https://toronto.ctvnews.ca/hopefully-this-is-the-last-time-ontario-businesses-reopen-with-cautious-optimism-1.5761034
  • How Denmark Decided COVID Isn't a Critical Threat to Society https://www.theatlantic.com/ideas/archive/2022/02/denmark-covid-restrictions/621482/
  • COVID-19: Quebec premier drops plan to tax people who are unvaccinated https://globalnews.ca/news/8585595/covid-19-quebec-premier-drops-plan-to-tax-people-who-are-unvaccinated/
  • COVID-19: Saskatchewan business owners wonder how no proof of vaccine will affect business https://globalnews.ca/news/8587554/covid-19-saskatchewan-business-owners-proof-vaccine/

• Treatments, Testing, Triage, Trials, and things we Learned:

  • CNIO researchers identify drugs potentially capable of reducing the mortality of COVID-19 https://scienmag.com/cnio-researchers-identify-drugs-potentially-capable-of-reducing-the-mortality-of-covid-19/
  • Researchers develop molecular traps to target SARS-CoV-2 https://scienmag.com/researchers-develop-molecular-traps-to-target-sars-cov-2/
  • Things we learned:
  • Small group of genetic variants found in extremely ill patients with COVID may help explain big differences in how sick people get https://scienmag.com/small-group-of-genetic-variants-found-in-extremely-ill-patients-with-covid-may-help-explain-big-differences-in-how-sick-people-get/

• More of the good, the bad, and the ugly:

  • ‘Sham' coronavirus testing company gave people false results as samples piled up in trash bags, lawsuit claims https://www.washingtonpost.com/nation/2022/02/02/washington-sues-testing-company-center-for-covid-control/
  • Ottawa declares state of emergency over Canadian trucker protests that have blockaded the city for 10 days https://www.businessinsider.com/ottawa-state-of-emergency-canadian-trucker-protests-feedom-convoy-2022-2
  • Ottawa police issue more than 450 tickets in connection with anti-mandate protests https://globalnews.ca/news/8598918/ottawa-police-tickets-anti-mandate-protests/
  • Ottawa police vow ‘surge and contain' response to trucker convoy ‘occupation' https://globalnews.ca/news/8594689/ottawa-trucker-convoy-plan-to-end/
  • Ottawa police, city lawyers considering court order to end convoy protests https://www.ctvnews.ca/canada/ottawa-police-city-lawyers-considering-court-order-to-end-convoy-protests-1.5764263
  • This is what Toronto's anti-mandate protests looked like https://toronto.ctvnews.ca/this-is-what-toronto-s-anti-mandate-protests-looked-like-1.5769598
  • Toronto hospitals suggest that staff wear plainclothes when coming into work due to weekend 'Freedom Convoy' https://toronto.ctvnews.ca/toronto-hospitals-suggest-that-staff-wear-plainclothes-when-coming-into-work-due-to-weekend-freedom-convoy-1.5766916
  • Man arrested after allegedly throwing feces at another person during Toronto convoy protest https://toronto.ctvnews.ca/man-arrested-after-allegedly-throwing-feces-at-another-person-during-toronto-convoy-protest-1.5770126
  • Trucker convoy in Ottawa faces lawsuit worth $10M: ‘excruciatingly loud' https://globalnews.ca/news/8596707/trucker-convoy-ottawa-lawsuit/

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

• Innovations & Inventions:

  • Math That Helped Solve Fermat's Theorem Now Safeguards the Digital World https://www.nytimes.com/2022/01/31/science/fermat-elliptic-curves-encryption.html
  • A new method for quantum computing https://scienmag.com/a-new-method-for-quantum-computing/
  • Electric Porsche breaks battery record by driving from LA to New York with just 2.5 hours of charge https://www.independent.co.uk/life-style/gadgets-and-tech/electric-car-battery-record-porsche-b2004169.html
  • Recycled Lithium-Ion Batteries Can Perform Better Than New Ones https://www.scientificamerican.com/article/recycled-lithium-ion-batteries-can-perform-better-than-new-ones/
  • U.S. Project Reaches Major Milestone toward Practical Fusion Power https://www.scientificamerican.com/article/u-s-project-reaches-major-milestone-toward-practical-fusion-power/
  • A Chinese Space Tug Just Grappled a Dead Satellite https://www.universetoday.com/154338/a-chinese-space-tug-just-grappled-a-dead-satellite/
  • Finally, a Practical use for Space-Based Power Beaming. Sending Power to Satellites in Shade https://www.universetoday.com/154353/finally-a-practical-use-for-space-based-power-beaming-sending-power-to-satellites-in-shade/

• Other:

  • More than half of her class had never seen snow. So a Florida teacher got her sister to ship her a snowman. https://www.washingtonpost.com/nation/2022/02/01/florida-teacher-snowman-kentucky/
  • AI-generated Valentine's Cards https://www.aiweirdness.com/ai-generated-valentines-cards/ and https://www.aiweirdness.com/bonus-more-ai-generated-valentine-cards/
  • XKCD's Randall Munroe announces What If? 2, with more scientific answers to life's most absurd hypothetical questions https://www.theverge.com/2022/1/31/22910603/xkcd-randall-munroe-what-if-2-book-annoucement-release-date
  • Shackleton's Endurance: The impossible search for the greatest shipwreck https://www.bbc.co.uk/news/science-environment-60239105
  • Astronomers Finally Find a Second Asteroid in Earth's Trojan Belt https://www.universetoday.com/154348/astronomers-finally-find-a-second-asteroid-in-earths-trojan-belt/
  • NASA Details Its Plan for the End of the International Space Station in 2031 https://www.universetoday.com/154375/nasa-details-its-plan-for-the-end-of-the-international-space-station-in-2031/
  • The Space Shuttle was Originally Hoped to be a Fully Reusable two-Stage Rocket https://www.universetoday.com/154381/the-space-shuttle-was-originally-hoped-to-be-a-fully-reusable-two-stage-rocket/
  • Our Solar System in True Color Is Really Something Else https://www.theatlantic.com/science/archive/2022/02/venus-true-color-solar-system/621460/
  • The Atmosphere of This Extreme Exoplanet Has an Intriguing Similarity to Earth https://www.sciencealert.com/the-atmosphere-of-this-extreme-exoplanet-has-an-intriguing-similarity-to-earth-s
  • Astronomers find the first rogue black hole wandering the Milky Way! https://www.syfy.com/syfy-wire/bad-astronomy-first-rogue-black-hole-ever-found