This Week's [in]Security - Issue 176 | insecurity | Control Gap

Welcome to This Week’s [in]Security. Magecart. ATM Skimming. New breaches: Military, health, SANS. New Ransomware. Facial Recognition. Shame. Robocall honeypot. Disinformation. 0-days. LTE break. Adobe. Citrix. Struts. Motherboards. Wordpress. Cryptanalysis. CRA Credential Stuffing. Linux Malware. BEC. TOR. Phishing. Data Ubiquity. Security Bias. Jobs. Quantum. FireFox. Covid-19: Spread, Curves, Spikes & Waves. Vaccine Progress. And more.

Note: The COVID section appears later in the article.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud.

• AMEX has updated their PCI Compliance program https://www.americanexpress.com/content/dam/amex/us/merchant/merchant-channel/DSOP_English_July2020.pdf
• PCI SSC Offers Informational Training via New eLearning Platform https://blog.pcisecuritystandards.org/pci-ssc-offers-informational-training-via-new-elearning-platform
• How The Pandemic Is Making Robust Address Verification Critical For eCommerce Platforms https://www.pymnts.com/digital-onboarding/2020/how-pandemic-is-making-robust-address-verification-critical-ecommerce-platforms/
• E-Commerce Sales See Gains in July, But So Does Fraud, Says ACI Worldwide https://www.digitaltransactions.net/e-commerce-sales-see-gains-in-july-but-so-does-fraud-says-aci-worldwide/
• University Investigates Skimming of Credit Card Data https://www.databreachtoday.com/university-investigates-skimming-credit-card-data-a-14803
• Tea at the Ritz soured by credit card scammers https://www.bbc.co.uk/news/technology-53793922
• ATM Hackers Have Picked Up Some Clever New Tricks https://www.wired.com/story/atm-hackers-jackpotting-remote-malware

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

• New breaches:

  • Germany’s military-run transport fleet hacked https://www.databreaches.net/germanys-military-run-transport-fleet-hacked/
  • National cyber agency scans the web, detects scores of exposed Israeli databases https://www.databreaches.net/national-cyber-agency-scans-the-web-detects-scores-of-exposed-israeli-databases/
  • Unsecured Database Exposed on Web - Then Deleted https://www.databreachtoday.com/unsecured-database-exposed-on-web-then-deleted-a-14814
  • Premier Health Partners (Ohio) Discloses Breach, but No Notifications to Patients Yet https://www.databreaches.net/oh-premier-health-partners-discloses-breach-but-no-notifications-to-patients-yet/
  • Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack https://krebsonsecurity.com/2020/08/medical-debt-collection-firm-r1-rcm-hit-in-ransomware-attack/
  • Revealed: 1,400 data breaches at HSE included patient photos and medical files https://www.databreaches.net/revealed-1400-data-breaches-at-hse-included-patient-photos-and-medical-files/
  • Avaddon Ransomware Joins Data-Leaking Club https://www.databreachtoday.com/avaddon-ransomware-joins-data-leaking-club-a-14809
  • Looting Causes Data Breach at Walgreens https://www.infosecurity-magazine.com/news/looting-causes-data-breach-at/
  • Hackers Breach Customer Data at Michigan State Online Store https://www.securityweek.com/hackers-breach-customer-data-michigan-state-online-store?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29
  • Ashley County Medical Center investigates former employee accused of violating federal privacy laws https://www.databreaches.net/ashley-county-medical-center-investigates-former-employee-accused-of-violating-federal-privacy-laws/
  • Hacker leaks data for U.S. gun exchange site on cybercrime forum https://www.databreaches.net/hacker-leaks-data-for-u-s-gun-exchange-site-on-cybercrime-forum/
  • SANS Data Incident 2020 – Indicators of Compromise https://www.sans.org/blog/sans-data-incident-2020-indicators-of-compromise?msc=rss
  • 28,000 Infosec Training Records Stolen From SANS After Staffer Is Phished https://packetstormsecurity.com/news/view/31479/28-000-Infosec-Training-Records-Stolen-From-SANS-After-Staffer-Is-Phished.html

• New Ransomware:

  • Three more medical practices hit by ransomware https://www.databreaches.net/three-more-medical-practices-hit-by-ransomware/

• Follow-ups:

  • Feds are treating BlueLeaks organization as ‘a criminal hacker group,’ documents show https://www.theverge.com/2020/8/13/21365448/blueleaks-dhs-distributed-denial-secrets-dds-ddosecrets-police
  • Health Data Breach Tally Surges https://www.databreachtoday.com/health-data-breach-tally-surges-a-14822

Privacy

Articles about privacy related news, risks, and trends.

• More Facial Recognition:

  • Researchers Trick Facial-Recognition Systems https://www.darkreading.com/attacks-breaches/researchers-trick-facial-recognition-systems/d/d-id/1338643
  • Police face-recog tech use in Welsh capital of Cardiff was unlawful https://www.theregister.com/2020/08/11/facial_recognition_cardiff_unlawful_court_appeal/
  • Instagram could face up up to $500 billion in fines in class-action lawsuit alleging it illegally harvested biometric data https://www.businessinsider.com/instagram-facing-500-billion-in-fines-in-facial-recognition-lawsuit-2020-8
• Government paid Vote Leave AI firm to analyse UK citizens’ tweets https://www.theguardian.com/world/2020/aug/10/government-paid-vote-leave-ai-firm-to-analyse-uk-citizens-tweets
• Collecting and Selling Mobile Phone Location Data - Anomaly Six & the US Government https://www.schneier.com/blog/archives/2020/08/collecting_and_.html
• Barclays Faces Employee Spying Probe https://www.databreachtoday.com/barclays-faces-employee-spying-probe-a-14796
• Oracle And Salesforce Face Class Action Lawsuits Over Privacy Violationshttps://www.pymnts.com/legal/2020/oracle-and-salesforce-face-class-action-lawsuits-over-privacy-violations/
• TikTok’s Data Collection Methods Were Previously Prohibited By Google https://www.pymnts.com/data/2020/tiktok-data-collection-methods-were-previously-prohibited-by-google/

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy, technology, and public interest.

• Germany Prepares New Law for Patient Data Protection and Increased Digitalisation in Healthcare and for “Data Donations” for Research Purposes https://www.databreaches.net/germany-prepares-new-law-for-patient-data-protection-and-increased-digitalisation-in-healthcare-and-for-data-donations-for-research-purposes/
• Stupid Patent of the Month - Guitar Villain? Ubisoft Patents Basic Teaching Techniques https://www.eff.org/deeplinks/2020/08/guitar-villain-ubisoft-patents-basic-teaching-techniques
• National Cybersecurity Career Awareness Week (November 9-14) nist.gov/nice/nccaw
• NIST (SP) 800-207, Zero Trust Architecture https://csrc.nist.gov/publications/detail/sp/800-207/final
• Australian government wants power to run cyber-response for businesses under attack https://www.theregister.com/2020/08/14/australian_critical_infrastructure_defence_plan/
• ‘Ballot harvesting’ latest target in fight over U.S. election voting rules https://globalnews.ca/news/7278824/2020-us-election-ballot-harvesting-voting/

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

• The SSO Wall of Shame https://sso.tax/
• A simple telephony honeypot received 1.5 million robocalls across 11 months https://www.zdnet.com/article/a-simple-telephony-honeypot-received-1-5-million-robocalls-across-11-months/
• Patches, passwords, policies - https://www.theregister.com/2020/08/13/pentest_networks_fail/
• 9 Apps to Boost Your Phone's Security and Privacy https://www.wired.com/story/9-apps-smartphone-security
• How 'Rumor Clinics' Fought Fake News 80 Years Ago https://www.mentalfloss.com/article/626984/-rumor-clinics-fake-news-world-war-ii
• Facebook expands anti-misinformation efforts for U.S. users ahead of Nov. 3 election https://globalnews.ca/news/7271731/facebook-anti-misinformation-us-users/

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

• Microsoft Put Off Fixing Zero Day for 2 Years https://krebsonsecurity.com/2020/08/microsoft-put-off-fixing-zero-day-for-2-years/
• Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft https://threatpost.com/0-days-active-attack-bugs-patched-microsoft/158280/
• Security researcher publishes details and exploit code for a vBulletin zero-day https://www.zdnet.com/article/security-researcher-publishes-details-and-exploit-code-for-a-vbulletin-zero-day/, and https://threatpost.com/researcher-publishes-bypass-for-patch-for-vbulletin-0-day-flaw/158232/
• Re­VoLTE attack can decrypt 4G (LTE) calls to eavesdrop on conversations https://www.zdnet.com/article/re-vol-te-attack-can-decrypt-4g-lte-calls-to-eavesdrop-on-conversations/ and https://arstechnica.com/information-technology/2020/08/your-mobile-calls-may-be-vulnerable-to-a-new-revolting-eavesdrop-attack/
• Critical Adobe Acrobat and Reader Bugs Allow RCE https://threatpost.com/critical-adobe-acrobat-reader-bugs-rce/158261/ and https://www.zdnet.com/article/adobe-tackles-critical-code-execution-vulnerabilities-in-acrobat-reader
• Citrix warns of patch-ASAP-grade bugs in its working-from-home products, just as we're all working from home https://www.theregister.com/2020/08/12/citrix_endpoint_management_critical_bug/
• Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28 https://thehackernews.com/2020/08/zoom-software-vulnerabilities.html
• PoC Exploit Targeting Apache Struts Surfaces on GitHub https://threatpost.com/poc-exploit-github-apache-struts/158393/ and https://www.tenable.com/blog/cve-2019-0230-apache-struts-potential-remote-code-execution-vulnerability?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+tenable%2FqaXL+%28Tenable+Network+Security+Blog%29
• 30+ Vulnerabilities Discovered Across 20 CMS Products https://www.securityweek.com/over-30-vulnerabilities-discovered-across-20-cms-products
• Peer-to-peer takes on a whole new meaning when used to spy on 3.7 million or more cameras, other IoT gear https://www.theregister.com/2020/08/10/iot_p2p_horror/
• Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules https://threatpost.com/critical-intel-flaw-motherboards-server-compute-modules/158270/
• Kr00k, KRACK, and the Seams in Wi-Fi, IoT Encryption https://www.darkreading.com/iot/kr00k-krack-and-the-seams-in-wi-fi-iot-encryption/d/d-id/1338633
• Google Chrome Browser Bug Exposes Billions of Users to Data Theft (CSP bypass) https://threatpost.com/google-chrome-bug-data-theft/158217/
• Google Awards $10,000 for Remote Code Execution Vulnerability in Chrome https://www.securityweek.com/google-awards-10000-remote-code-execution-vulnerability-chrome?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29
• Google Fixes Mysterious Audio Recording Blip in Smart Speakers https://threatpost.com/google-fixes-mysterious-audio-recording-blip-in-smart-speakers/158219/
• Samsung Quietly Fixes Critical Galaxy Flaws Allowing Spying, Data Wiping https://threatpost.com/samsung-quietly-fixed-critical-galaxy-flaws-allowing-spying-data-wiping/158241/
• Critical Flaws in WordPress Quiz Plugin Allow Site Takeover https://threatpost.com/critical-flaws-wordpress-quiz-plugin-site-takeover/158379/
• Windows Defender Detected Citrix Services as Malware https://www.securityweek.com/windows-defender-detected-citrix-services-malware?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29
• High-Severity TinyMCE Cross-Site Scripting Flaw Fixed https://threatpost.com/high-severity-tinymce-cross-site-scripting-flaw-fixed/158306/
• Interesting talk about inexpesive password cracking beyond 15 characters https://www.youtube.com/watch?v=yK-idC6NZas
• Cryptanalysis of an Old Zip Encryption Algorithm https://www.schneier.com/blog/archives/2020/08/cryptanalysis_o_5.html
• Computation of a 30750-Bit Binary Field Discrete Logarithm (Cyptography impact) https://eprint.iacr.org/2020/965
• Discussion on UltraLoq IoT smart lock failure and lockpicking https://www.schneier.com/blog/archives/2020/08/smart_lock_vuln.html
• Follow-up on Reddit Pro-Trump hack - hijacked non-MFA moderator accounts https://www.securityweek.com/accounts-reddit-moderators-hijacked-pro-trump-hack

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

• Hackers targeted thousands of CRA, government service accounts in ‘credential stuffing’ attacks https://globalnews.ca/news/7278345/canada-hackers-credential-stuffing-attack/, https://www.databreaches.net/thousands-of-cra-accounts-breached-following-pair-of-cyberattacks/
• NSA and FBI warn that new Linux malware, 'Drovorub', threatens national security https://arstechnica.com/information-technology/2020/08/nsa-and-fbi-warn-that-new-linux-malware-threatens-national-security/ and https://www.zdnet.com/article/fbi-and-nsa-expose-new-linux-malware-drovorub-used-by-russian-state-hackers/
• The NSA and FBI Expose Fancy Bear's Sneaky Hacking Tool https://www.wired.com/story/nsa-russian-hacking-revolte-tiktok-security-news
• BEC Scam Targets Executives' Office 365 Accounts https://www.databreachtoday.com/bec-scam-targets-executives-office-365-accounts-a-14799
• Malicious Actor Controlled 23% of Tor Exit Nodes https://www.securityweek.com/malicious-actor-controlled-23-tor-exit-nodes?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29
• North Korean Hackers Wage Job-Themed Spear-Phishing Attacks https://www.databreachtoday.com/north-korean-hackers-wage-job-themed-spear-phishing-attacks-a-14832
• DDoS Attacks Cresting Amid Pandemic https://threatpost.com/ddos-attacks-cresting-pandemic/158211/
• How Much Taxpayer Money Goes to Hackers? https://www.secureworldexpo.com/industry-news/how-much-taxpayer-money-goes-to-hackers
• Attribution: A Puzzle https://blog.talosintelligence.com/2020/08/attribution-puzzle.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+feedburner%2FTalos+%28Talos%E2%84%A2+Blog%29
• The Hacker Group Anonymous Returns https://www.theatlantic.com/technology/archive/2020/08/hacker-group-anonymous-returns/615058/
• RedCurl cybercrime group has hacked companies for three years https://www.zdnet.com/article/redcurl-cybercrime-group-has-hacked-companies-for-three-years/
• The millions being made from cardboard theft https://www.bbc.co.uk/news/business-53724620
• Texas Man Sentenced to 57 Months in Prison for Hacking Major Tech Firm https://www.securityweek.com/texas-man-sentenced-57-months-prison-hacking-major-tech-firm?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29
• US Seizes $2 Million in Cryptocurrency From Terrorist Groups https://www.databreachtoday.com/us-seizes-2-million-in-cryptocurrency-from-terrorist-groups-a-14823

Other Security / Risk

Articles covering other types of risks.

• ybersecurity: These two basic flaws make it easy for hackers to break into your systems https://www.zdnet.com/article/cybersecurity-these-two-basic-flaws-make-it-easy-for-hackers-to-break-into-you-systems/
• Researchers Reveal How Bias Undermines Your Cybersecurity https://sector.ca/researchers-reveal-how-bias-undermines-your-cybersecurity/
• Microsoft tells Windows 10 users they can never uninstall Edge. Wait, what? https://www.zdnet.com/article/microsoft-tells-windows-10-users-they-can-never-uninstall-edge-wait-what/
• Cybersecurity Skills Gap Worsens, Fueled by Lack of Career Development https://threatpost.com/cybersecurity-skills-gap-career-development/158253/
• Canadian tech group spends $100K on billboards to lure anxious tech workers from U.S. https://www.cbc.ca/news/canada/kitchener-waterloo/tech-billboards-1.5683762
• Security Jobs With a Future -- And Ones on the Way Out https://www.darkreading.com/edge/theedge/security-jobs-with-a-future----and-ones-on-the-way-out/b/d-id/1338652
• Scientists discover way to make quantum states last 10,000 times longer https://phys.org/news/2020-08-scientists-quantum-states-longer.html
• How Nvidia built Selene, the world's seventh-fastest computer, in three weeks https://www.zdnet.com/article/how-nvidia-built-selene-the-worlds-seventh-fastest-computer-in-three-weeks/
• For six months, security researchers have secretly distributed an Emotet vaccine across the world https://www.zdnet.com/article/for-six-months-security-researchers-have-secretly-distributed-an-emotet-vaccine-across-the-world/
• Risky Business #594 -- How ESNIs will change censorship and NDR https://risky.biz/RB594
• An endangered internet species: Firefox https://www.zdnet.com/article/an-endangered-internet-species-firefox/
• Mozilla Cybersecurity Staff Hit by Layoffs https://www.securityweek.com/mozilla-cybersecurity-staff-hit-layoffs?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29
• CREST: We are investigating NCC Group certification cheat sheet scandal – and not with NCC personnel https://www.theregister.com/2020/08/14/crest_investigates_ncc_group/
• GPT-3 Raises Complex Questions for Philosophy and Policy https://freedom-to-tinker.com/2020/08/13/gpt-3-raises-complex-questions-for-philosophy-and-policy/
• Opinion: If we’re cancelling historical villains, why not Norman Bethune? https://www.theglobeandmail.com/opinion/article-if-were-cancelling-historical-villains-why-not-norman-bethune/
• A Vaccine Against a Widespread Common Cold Type Just Passed Promising Clinical Trials https://www.sciencealert.com/a-vaccine-against-one-of-the-most-common-strains-of-cold-could-be-just-years-away?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+sciencealert-latestnews+%28ScienceAlert-Latest%29
• Lab-created molecule achieves positive results in the treatment of arthritis https://scienmag.com/lab-created-molecule-achieves-positive-results-in-the-treatment-of-arthritis/
• When Is Someone Really, Truly Dead? The World Brain Death Project Seeks a New Answer https://www.sciencealert.com/world-brain-death-project-proposes-better-ways-to-tell-when-we-re-really-truly-gone?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+sciencealert-latestnews+%28ScienceAlert-Latest%29
• Quebec farms facing lost profits and rotting harvests due to migrant worker shortage https://globalnews.ca/news/7271453/quebec-farms-coronavirus-impact-migrants-harvests/
• This Is What Happens When Society ‘Has to Function’ https://www.theatlantic.com/culture/archive/2020/08/disaster-tourist-yun-ko-eun-capitalist-satire-pandemic-work/615151/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheAtlantic+%28The+Atlantic+-+Master+Feed%29

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

• The spread, curves, spikes, and waves:

  • US Already Had Over 200,000 Excess Deaths This Year, CDC Data Show https://www.sciencealert.com/2020-has-killed-up-to-200-000-extra-people-in-the-us-so-far?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+sciencealert-latestnews+%28ScienceAlert-Latest%29
  • Scientists say the coronavirus is at least as deadly as the 1918 flu pandemic https://www.cnbc.com/2020/08/13/scientists-say-the-coronavirus-is-at-least-as-deadly-as-the-1918-flu-pandemic.html
  • Why India could still be a long way off herd immunity https://www.cnn.com/2020/08/12/asia/herd-immunity-coronavirus-india-intl-hnk-dst/index.html
  • Toronto strip club worker tests positive for coronavirus, 550 potentially exposed to COVID-19 https://globalnews.ca/news/7274877/brass-rail-tavern-toronto-coronavirus-exposure/

• Guidance, Response and Recovery:

  • New Zealand extends Auckland lockdown for 12 days https://www.bbc.co.uk/news/world-asia-53776045
  • Coronavirus cases could exceed Canada’s health care capacity this fall, officials warn https://globalnews.ca/news/7275423/coronavirus-planning-fall-canada/
  • Engineer Explains How You Can Use Ventilation to Prevent Coronavirus Spread Indoors https://www.sciencealert.com/engineer-explains-how-you-can-use-ventilation-to-prevent-coronavirus-spread-indoors
  • WHO Is Now Asking People to Avoid Routine Dental Work https://www.sciencealert.com/who-says-you-should-delay-routine-dental-work-due-to-coronavirus-risk
  • 'Hundreds dead' because of Covid-19 misinformation - https://www.bbc.co.uk/news/world-53755067
  • Canada, U.S., Mexico agree to extend non-essential travel ban to Sept. 21 https://globalnews.ca/news/7274999/canada-us-mexico-agree-extend-travel-ban/
  • Americans, go home: Tension at Canada-US border https://www.bbc.com/news/world-us-canada-53742684

• Treatments, Testing, Triage, and Trials, and things we learned:

  • Coronavirus: Putin says vaccine has been approved for use https://www.bbc.co.uk/news/world-europe-53735718
  • Russia has approved a coronavirus vaccine without widespread testing. Medical experts warn it could be dangerous. https://www.businessinsider.com/russia-approves-coronavirus-vaccine-experts-say-needs-more-testing-2020-8
  • Cutting corners by fast-tracking a COVID-19 vaccine could be unsafe https://globalnews.ca/news/7271713/covid-19-vaccine-2/
  • Russia's Fast-Track Coronavirus Vaccine Draws Outrage over Safety https://www.scientificamerican.com/article/russias-fast-track-coronavirus-vaccine-draws-outrage-over-safety/
  • Russia's coronavirus vaccine is dangerous because it could 'kill' acceptance of future vaccines if it goes wrong https://www.businessinsider.com/germany-warns-putin-russia-coronavirus-vaccine-has-not-been-fully-tested-2020-8
  • U.S. inks deal with Moderna for 100M doses of potential COVID-19 vaccine https://globalnews.ca/news/7267845/us-coronavirus-vaccine-deal/
  • The Ocean Carries 'Memories' of SARS-CoV-2 https://www.scientificamerican.com/article/the-ocean-carries-memories-of-sars-cov-2/
  • Coronavirus found on imported frozen food packaging in 3 Chinese cities https://www.msn.com/en-ca/news/world/coronavirus-found-on-imported-frozen-food-packaging-in-3-chinese-cities/ar-BB17USJF
  • Can Imported Frozen Foods Really Spread COVID-19? Here's What Experts Say https://www.sciencealert.com/can-imported-frozen-foods-really-spread-covid-19-here-s-what-experts-say?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+sciencealert-latestnews+%28ScienceAlert-Latest%29
  • Ontario researchers study ‘doors’ in human cells affected by COVID-19 https://globalnews.ca/news/7267877/coronavirus-ontario-researchers-study-doors-cells-covid-19/
  • Researchers identify a protein that may help SARS-CoV-2 spread rapidly through cells https://scienmag.com/researchers-identify-a-protein-that-may-help-sars-cov-2-spread-rapidly-through-cells/
• DOJ Works To Shut Down Over 300 Fraudulent Websites Exploiting Pandemic https://www.pymnts.com/news/security-and-risk/2020/doj-works-shut-down-over-300-fraudulent-websites-exploiting-pandemic/

• Masks, anti-maskers, and distancing:

  • Expired and gently used N95 masks can block coronavirus particles just as well as new ones https://www.businessinsider.com/expired-n95-masks-may-block-coronavirus-as-efficiently-as-new-2020-8
  • Masks, PPE materials should be hydrophilic https://scienmag.com/masks-ppe-materials-should-be-hydrophilic/
  • Neck gaiters may be worse than not wearing a mask at all, study shows https://www.cbsnews.com/news/neck-gaiters-may-do-more-harm-than-not-wearing-a-mask-at-all-study-shows/
  • 3,800 exemption cards have been issued in wake of Edmonton face mask bylaw https://globalnews.ca/news/7267059/exemption-cards-edmonton-face-mask-bylaw-coronavirus/
  • People balked at masks in 1918, too. Then the arrests started https://www.sandiegouniontribune.com/news/health/story/2020-08-15/1918-flu-mask-tickets
  • Research Shows a Way to Sanitize N95 Masks at Home - You Just Need an Electric Cooker https://www.sciencealert.com/there-s-an-easy-way-to-clean-your-n95-at-home-all-you-need-is-a-rice-cooker-or-crockpot?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+sciencealert-latestnews+%28ScienceAlert-Latest%29

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

• Scientists Create a Material That Makes Salty Water Safe to Drink in Minutes https://www.sciencealert.com/new-material-makes-seawater-drinkable-in-minutes-and-is-cleaned-by-sunlight?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+sciencealert-latestnews+%28ScienceAlert-Latest%29
• Google creates 'world's largest earthquake detection network' by linking all Android phones https://www.independent.co.uk/life-style/gadgets-and-tech/news/google-android-earthquake-detection-network-phone-seismometer-a9666726.html
• Wind and solar energy is steadily replacing coal https://www.theverge.com/2020/8/13/21366373/wind-solar-power-electricity-doubled-paris-climate-change-agreement
• Milne Ice Shelf: Satellites capture Arctic ice split https://www.bbc.co.uk/news/science-environment-53737138
• It’s Starting to Look Like Ceres is an Ocean World, Too https://www.universetoday.com/147399/its-starting-to-look-like-ceres-is-an-ocean-world-too/
• Smoking gun at Betelgeuse: Hubble shows it was belching dust that dimmed the red supergiant https://www.syfy.com/syfywire/smoking-gun-at-betelgeuse-hubble-shows-it-was-belching-dust-that-dimmed-the-red-supergiant
• Astronomers Think They’ve Found the Neutron Star Remnant From Supernova 1987a https://www.universetoday.com/147340/astronomers-think-theyve-found-the-neutron-star-remnant-from-supernova-1987a/