This Week's [in]Security - Issue 181 | insecurity | Control Gap

Written by CG Blogger | Sep 21, 2020 2:07:00 AM

Welcome to This Week’s [in]Security. PCI FAQs. Magecart surge. COVID test data. New breaches: 320M dating records. influencers. Access keys. New Ransomware. Facebook. Facial Recognition. IoT. TikTok. NIST Updates, Drafts & Workshops. Phish Scale. OneFuzz. Elections. Severe Vulnerability. MobileIron. Bluetooth. Firefox. Malicious QR. Wifi pwnage. Iranian, Chinese, and Russian hacking. @Failure to learn. IP Theft. Security Questions with Attitude. Quantum. Number Stations. Deepfake arms race. Boarding Passes. Hurricanes. Wildfires. Glaciers. Covid-19: Spread, Curves, Spikes, Waves, & reinfections. Lockdown, Reopening, & The New Normal. More of the Good, Bad, and Ugly. And more.

Note: The COVID section appears later in the article.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud.

PCI SSC to Host its 2020 Community Meetings Online as Virtual Events https://blog.pcisecuritystandards.org/pci-ssc-to-host-its-2020-community-meetings-online-as-virtual-events
3 new PCI FAQ's:
- 1482 Are P2PE Products (P2PE Solutions, P2PE Components, P2PE Applications) on the P2PE Expired Listings still considered “validated” per the P2PE Program Guide? https://pcissc.secure.force.com/faq/articles/Frequently_Asked_Question/Are-P2PE-Products-P2PE-Solutions-P2PE-Components-P2PE-Applications-on-the-P2PE-Expired-Listings-still-considered-validated-per-the-P2PE-Program-Guide
- 1483 If a P2PE Solution is on PCI’s list of Point-to-Point Encryption Solutions with Expired Validations, does the solution meet the eligibility criteria for SAQ P2PE? https://pcissc.secure.force.com/faq/articles/Frequently_Asked_Question/If-a-P2PE-Solution-is-on-PCI-s-list-of-Point-to-Point-Encryption-Solutions-with-Expired-Validations-does-the-solution-meet-the-eligibility-criteria-for-SAQ-P2PE
- 1484 If a P2PE Solution is shown as red or orange on PCI’s list of Validated P2PE Solutions, does the solution meet the eligibility criteria for SAQ P2PE? https://pcissc.secure.force.com/faq/articles/Frequently_Asked_Question/If-a-P2PE-Solution-is-shown-as-red-or-orange-on-PCI-s-list-of-Validated-P2PE-Solutions-does-the-solution-meet-the-eligibility-criteria-for-SAQ-P2PE
- Our updated index of all known PCI FAQ's https://controlgap.com/index-pci-frequently-asked-questions/
PCI Updates P2PE SAQ and AOC:
- SAQ https://www.pcisecuritystandards.org/documents/PCI-DSS-v3_2_1-SAQ-P2PE-1_1.pdf
- AOC https://www.pcisecuritystandards.org/documents/AOC-SAQ_P2PE-v3_2_1-r1_1.pdf
PCI DSS in Practice Case Study: PicPay https://blog.pcisecuritystandards.org/pci-dss-in-practice-case-study-picpay
Magecart:
- Magecart Attack Impacts More Than 10K Online Shoppers https://threatpost.com/magecart-campaign-10k-online-shoppers/159216/
- Payment Card Skimming Hits 2,000 E-Commerce Sites https://www.databreachtoday.com/payment-card-skimming-hits-2000-e-commerce-sites-a-15000
- Magento online stores hacked in largest campaign to date https://www.databreaches.net/magento-online-stores-hacked-in-largest-campaign-to-date/
- Russian hacker selling how-to vid on exploiting unsupported Magento installations to skim credit card details for $5,000 https://www.theregister.com/2020/09/15/magento_1_exploit_sold_online/
Moneris Introduces New Credit and Debit Card Processing Terminal https://go.moneris.com/monerisgo
My stolen credit card details were used 4,500 miles away. I tried to find out how it happened https://www.zdnet.com/article/my-stolen-credit-card-details-were-used-4500-miles-away-i-tried-to-find-out-how-it-happened/
Followup - Interesting Attack on the EMV Smartcard Payment Standard https://www.schneier.com/blog/archives/2020/09/interesting-attack-on-the-emv-smartcard-payment-standard.html

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

Breach of COVID-19 Test Data Undermines Pandemic Response https://www.databreachtoday.com/blogs/breach-covid-19-test-data-undermines-pandemic-response-p-2938
New breaches:
- Cloud Leak Exposes 320M Dating-Site Records https://threatpost.com/cloud-leak-320m-dating-site-records/159225/
- Chinese database details 2.4 million influential people outside of China, their kids, addresses, and how to press their buttons https://www.theregister.com/2020/09/15/china_shenzhen_zhenhua_database/
- Research Finds Nearly 800,000 Access Keys Exposed Online https://www.darkreading.com/vulnerabilities---threats/research-finds-nearly-800000-access-keys-exposed-online/d/d-id/1338918
- Staples US hit by data breach https://www.tomsguide.com/news/staples-data-breach
- Hackers leak details of 1,000 high-ranking Belarus police officers https://www.zdnet.com/article/hackers-leak-details-of-1000-high-ranking-belarus-police-officers
- A bug in Joe Biden’s campaign app gave anyone access to millions of voter files https://www.databreaches.net/a-bug-in-joe-bidens-campaign-app-gave-anyone-access-to-millions-of-voter-files/
- Hackers Divert VA Payments Intended for Healthcare Providers https://www.databreachtoday.com/hackers-divert-va-payments-intended-for-healthcare-providers-a-14999
New Ransomware:
- Ontario nurses' college hit by ransomware attack; personal data at risk https://www.cp24.com/news/ontario-nurses-college-hit-by-ransomware-attack-personal-data-at-risk-1.5111009 and https://globalnews.ca/news/7344192/ontario-nurses-college-ransomware-cyberattack/
- (Almost certainly not a first)First death reported following a ransomware attack on a German hospital https://www.zdnet.com/article/first-death-reported-following-a-ransomware-attack-on-a-german-hospital/
- (A first) German prosecutors open homicide case after hacker attack on hospital leaves woman dead https://www.cbc.ca/news/technology/german-homicide-case-hacker-hospital-1.5729949
- City of Carmel website remains down after hacking incident https://www.databreaches.net/update-city-of-carmel-website-remains-down-after-hacking-incident/
- NC: Guilford Technical Community College hit with ransomware https://www.databreaches.net/nc-guilford-technical-community-college-hit-with-ransomware/
- TX: School district reaches out to FBI following cyberattack https://www.databreaches.net/tx-school-district-reaches-out-to-fbi-following-cyberattack/
- GA: Jekyll Island Authority computer system infiltrated in ransomware attack https://www.databreaches.net/ga-jekyll-island-authority-computer-system-infiltrated-in-ransomware-attack/
- NY: Floral Park-Bellerose school district hit with ransomware attack https://www.databreaches.net/ny-floral-park-bellerose-school-district-hit-with-ransomware-attack/
- Computer Attack Disables California School District's System https://www.securityweek.com/computer-attack-disables-california-school-districts-system
Follow-ups:
- Senators Demand More Details on VA Breach https://www.databreachtoday.com/senators-demand-more-details-on-va-breach-a-15023
- Report: 97% of Cybersecurity Companies Have Leaked Data on the Dark Web https://thehackernews.com/2020/09/dark-web-cybersecurity-report.html
- Halifax-area man shares his experience after CRA cyberattack https://globalnews.ca/news/7337042/halifax-area-cra-cyberattack/

Privacy

Articles about privacy related news, risks, and trends.

Facebook Accused of Watching Instagram Users Through Cameras https://www.bloomberg.com/news/articles/2020-09-18/facebook-accused-of-watching-instagram-users-through-cameras
Facebook Plans To Launch Smart Glasses In 2021 https://www.pymnts.com/facebook/2020/facebook-plans-to-launch-smart-glasses-in-2021/
Companies Can Track Your Phone’s Movements to Target Ads https://www.wired.com/story/companies-track-phones-movements-target-ads
WhatsApp-tracking apps are letting people spy on when you're sleeping and who you're likely talking to on the Facebook-owned app https://www.businessinsider.com/whatsapp-tracking-apps-online-activity-sleep-interactions-2020-9
COVID-19 and HIPAA: HHS’s Troubled Approach to Waiving Privacy and Security Rules for the Pandemic https://www.databreaches.net/covid-19-and-hipaa-hhss-troubled-approach-to-waiving-privacy-and-security-rules-for-the-pandemic/
Workplace Surveillance in Times of Corona https://www.eff.org/deeplinks/2020/09/workplace-surveillance-times-corona
Portland City Council Votes to Ban Facial Recognition https://epic.org/2020/09/portland-city-council-votes-to.html
Professors Hartzog and Richards: Clearview AI Gets Privacy and First Amendment Wrong https://epic.org/2020/09/professors-hartzog-and-richard.html
Ca: Regina clinic failed to notify patients of privacy breach https://www.databreaches.net/ca-regina-clinic-failed-to-notify-patients-of-privacy-breach-says-commissioner/
Cyber security breach at National Informatics Centre https://www.databreaches.net/cyber-security-breach-at-national-informatics-centre-malware-attack-traced-to-bengaluru/
Regulators Failed and Google Turned The Internet Into a Surveillance Machine https://epic.org/2020/09/regulators-failed-and-google-t.html

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy, technology, and public interest.

IoT Security Bill Passed in House of Representatives https://epic.org/2020/09/iot-security-bill-passed-in-ho.html
Trump Admin to Ban TikTok, WeChat From U.S. App Stores https://www.nytimes.com/2020/09/18/business/trump-tik-tok-wechat-ban.html
Judge blocks US ban on WeChat that was set to go into effect today https://www.theverge.com/2020/9/20/21447540/judge-blocks-ban-wechat-tiktok-trump
After banning WeChat, the US government is turning its focus to Tencent's gaming concerns https://www.pcgamer.com/after-banning-wechat-the-us-government-is-turning-its-focus-to-tencents-gaming-concerns/ and https://www.theverge.com/2020/9/18/21445310/trump-administration-cfius-tencent-investigation-letter-epic-riot
Facebook Could Face FTC Antitrust Suit By Year's End https://www.pymnts.com/antitrust/2020/facebook-could-face-ftc-antitrust-suit-by-years-end/
Senate Republicans Introduce Weak "SAFE DATA Act” https://epic.org/2020/09/senate-republicans-introduce-w.html
EFF Joins Coalition Urging Senators to Reject the EARN IT Act https://www.eff.org/deeplinks/2020/09/eff-joins-coalition-urging-senators-reject-earn-it-act
Michigan Considers Enhanced Data Breach Notification Law https://www.databreaches.net/michigan-considers-enhanced-data-breach-notification-law/
European Police Malware Could Harvest GPS, Messages, Passwords, More https://www.vice.com/en_us/article/k7qjkn/encrochat-hack-gps-messages-passwords-data
Three Interactive Tools for Understanding Police Surveillance https://www.eff.org/deeplinks/2020/09/three-interactive-tools-understanding-police-surveillance
Why It’s Time to Reboot Canada’s Failed Digital Agenda https://www.michaelgeist.ca/2020/09/why-its-time-to-reboot-canadas-failed-digital-agenda/
US China tariffs violated trade rules, WTO says https://www.bbc.co.uk/news/business-54168419
NIST updates and drafts:
- Mobile Device Security: Corporate-Owned Personally-Enabled (COPE)—NIST Publishes SP 1800-21 https://csrc.nist.gov/publications/detail/sp/1800-21/final
- Securing Home IoT Devices Using MUD: Final Public Draft of SP 1800-15 Now Available until October 16 https://csrc.nist.gov/publications/detail/sp/1800-15/draft
- Securing Property Management Systems: Draft SP 1800-27 is Available for Comment until October 28 https://csrc.nist.gov/publications/detail/sp/1800-27/draft
National Cybersecurity Center of Excellence (NCCoE) Virtual Workshops:
- Challenges with Compliance, Operations, and Security with Encrypted Protocols, in Particular TLS 1.3 (Sep 25) https://www.nccoe.nist.gov/events/rescheduled-virtual-workshop-challenges-compliance-operations-and-security-encrypted
- Automation of the NIST Cryptographic Module Validation Program (CMVP) (Oct 5) https://www.nccoe.nist.gov/events/rescheduled-virtual-workshop-automation-nist-cryptographic-module-validation-program-cmvp
- Considerations in Migrating to Post-Quantum Cryptographic Algorithms (Oct 7) https://www.nccoe.nist.gov/events/rescheduled-virtual-workshop-considerations-migrating-post-quantum-cryptographic-algorithms

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

The Phish Scale: NIST-Developed Method Helps IT Staff See Why Users Click on Fraudulent Emails https://www.nist.gov/news-events/news/2020/09/phish-scale-nist-developed-method-helps-it-staff-see-why-users-click
Microsoft announces new Project OneFuzz framework, an open source developer tool to find and fix bugs at scale https://www.microsoft.com/security/blog/2020/09/15/microsoft-onefuzz-framework-open-source-developer-tool-fix-bugs/
Election Security:
- Twitter Taking Steps to Protect Election-Related Accounts https://www.securityweek.com/twitter-taking-steps-protect-election-related-accounts
- Election Audits in NJ 2020 https://freedom-to-tinker.com/2020/09/16/election-audits-in-nj-2020/
- The International Playbook for Foiling Russian Interference https://www.wired.com/story/international-playbook-foiling-russian-interference
- A new research tool, NYU Ad Observatory, tracks political advertising on Facebook https://scienmag.com/a-new-research-tool-nyu-ad-observatory-tracks-political-advertising-on-facebook/
- Vote-by-mail meltdowns in 2020? https://freedom-to-tinker.com/2020/09/20/vote-by-mail-meltdowns-in-2020/
- How We’ll Know the Election Wasn’t Rigged https://www.wired.com/story/election-mass-voter-fraud-protections
Oracle will have to pore over the TikTok's source code to make sure there are no backdoors https://www.businessinsider.com/report-oracle-proposed-tiktok-deal-includes-source-code-audit-2020-9
Google can now scan malicious files for Advanced Protection users https://www.theverge.com/2020/9/16/21439599/google-chrome-scan-malicious-files-safe-browsing-advanced-protection
NSA Publishes Guidance on UEFI Secure Boot Customization https://www.securityweek.com/nsa-publishes-guidance-uefi-secure-boot-customization
Vulnerability Detection Pipeline (Beta) https://blog.qualys.com/vulnerabilities-research/2020/09/16/vulnerability-detection-pipeline-beta
Nozomi Networks Becomes CVE Numbering Authority https://www.securityweek.com/nozomi-networks-becomes-cve-numbering-authority
One Data Scientist’s Quest to Quash Misinformation https://www.wired.com/story/data-scientist-cybesecurity-tools-quash-misinformation

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Windows Update Gets Serious: You Have The Weekend To Comply, Homeland Security Says https://www.forbes.com/sites/daveywinder/2020/09/19/windows-updates-get-serious-you-have-the-weekend-to-comply-homeland-security-says/
US Cybersecurity Agency CISA Alert: Foreign Threat Actors Continue to Target Unpatched Vulnerabilities https://www.tenable.com/blog/us-cybersecurity-agency-cisa-alert-foreign-threat-actors-target-unpatched-vulnerabilities
Zerologon attack lets hackers take over enterprise networks https://www.zdnet.com/article/zerologon-attack-lets-hackers-take-over-enterprise-networks/
Vulnerabilities Expose Thousands of MobileIron Servers to Remote Attacks https://www.securityweek.com/vulnerabilities-expose-thousands-mobileiron-servers-remote-attacks
Billions of devices vulnerable to new 'BLESA' Bluetooth security flaw https://www.zdnet.com/article/billions-of-devices-vulnerable-to-new-blesa-bluetooth-security-flaw/
Followup on BLURtooth attack - https://www.schneier.com/blog/archives/2020/09/new-bluetooth-vulnerability.html
Firefox bug lets you hijack nearby mobile browsers via WiFi https://www.zdnet.com/article/firefox-bug-lets-you-hijack-nearby-mobile-browsers-via-wifi/
QR Codes Serve Up a Menu of Security Concerns https://threatpost.com/qr-codes-menu-security-concerns/159275/
Video encoders using Huawei chips have backdoors and bad bugs – and Chinese giant says it's not to blame https://www.theregister.com/2020/09/17/huawei_iptv_video_encoder_security/
(Old trick, why no defense?)Spammers use hexadecimal IP addresses to evade detection https://www.zdnet.com/article/spammers-use-hexadecimal-ip-addresses-to-evade-detection/
Google corrects unfortunate ‘Stalkerware’ typo allowing partner-tracking apps https://www.theverge.com/2020/9/18/21441154/google-play-store-stalkerware-ban-parent-children-tracking
Feeling bad about your last security audit? Check out what just happened to the US Department of Interior https://www.theregister.com/2020/09/17/dot_pentesers_expose_wifi/
Far Field EM Side-Channel Attack on AES Using Deep Learning https://eprint.iacr.org/2020/1096

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

MITRE releases emulation plan for FIN6 hacking group https://www.zdnet.com/article/mitre-releases-emulation-plan-for-fin6-hacking-group-more-to-follow
DDoS Attacks Skyrocket as Pandemic Bites https://threatpost.com/ddos-attacks-skyrocket-pandemic/159301/
Iranian hacker group developed Android malware to steal 2FA SMS codes https://www.zdnet.com/article/iranian-hacker-group-developed-android-malware-to-steal-2fa-sms-codes
3 Iranian Hackers Charged With Targeting US Satellite Firms https://www.databreachtoday.com/3-iranian-hackers-charged-targeting-us-satellite-firms-a-15021
US sanctions Iranian government front company hiding major hacking operations https://www.zdnet.com/article/us-sanctions-iranian-government-front-company-hiding-major-hacking-operations
CISA Shares Details on Web Shells Employed by Iranian Hackers https://www.securityweek.com/cisa-shares-details-web-shells-employed-iranian-hackers
Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack https://krebsonsecurity.com/2020/09/chinese-antivirus-firm-was-part-of-apt41-supply-chain-attack/
FBI adds 5 Chinese APT41 hackers to its Cyber's Most Wanted List https://thehackernews.com/2020/09/apt41-hackers-wanted-by-fbi.html
Chinese Tech Giant Alibaba’s Servers Found To Be Involved In Data Theft, At-least 72 Servers Sending Data To China https://www.databreaches.net/chinese-tech-giant-alibabas-servers-found-to-be-involved-in-data-theft-at-least-72-servers-sending-data-to-china/
Chinese Hackers 'Stole Data From Spanish Vaccine Labs' https://www.securityweek.com/chinese-hackers-stole-data-spanish-vaccine-labs-report
How the FIN7 Cybercrime Gang Operates https://www.schneier.com/blog/archives/2020/09/how-the-fin7-cybercrime-gang-operates.html
Due Diligence That Money Can’t Buy https://krebsonsecurity.com/2020/09/due-diligence-that-money-cant-buy/
Dunkin' Donuts drops some dough to glaze over lawsuit accusing it of covering up customer account hacks https://www.theregister.com/2020/09/15/dunkin_donuts_cooks_up_deal/
13-year-old student nabbed in cyber attacks on Valpo schools https://www.databreaches.net/13-year-old-student-nabbed-in-cyber-attacks-on-valpo-schools-police-say/
Man Pleads Guilty to Role in $600K Malware Protection Scam https://www.securityweek.com/man-pleads-guilty-role-600k-malware-protection-scam

Other Security / Risk

Articles covering other types of risks.

Why We Don’t Learn From Our Cybersecurity Mistakes https://sector.ca/why-we-dont-learn-from-our-cybersecurity-mistakes/
Time for CEOs to Stop Enabling China's Blatant IP Theft https://www.darkreading.com/vulnerabilities---threats/time-for-ceos-to-stop-enabling-chinas-blatant-ip-theft/a/d-id/1338879
Nihilistic Password Security Questions https://www.schneier.com/blog/archives/2020/09/nihilistic-password-security-questions.html
IBM Just Committed to Having a Functioning 1,000 Qubit Quantum Computer by 2023 https://www.sciencealert.com/ibm-thinks-it-ll-have-a-1-000-qubit-quantum-computer-running-within-three-years
Matt Blaze on OTP Radio Stations https://www.schneier.com/blog/archives/2020/09/matt-blaze-on-otp-radio-stations.html
Network Security Efficacy in the Age of Pervasive TLS Encryption https://blogs.cisco.com/security/network-security-efficacy-in-the-age-of-pervasive-tls-encryption
Encrypted Traffic Inference: An Alternative to Enterprise Network Traffic Decryption https://www.darkreading.com/omdia/encrypted-traffic-inference-an-alternative-to-enterprise-network-traffic-decryption/a/d-id/1338919
Deepfake Detection Poses Problematic Technology Race https://www.darkreading.com/analytics/deepfake-detection-poses-problematic-technology-race/d/d-id/1338953
Australia ex-PM hacked after Instagramming boarding pass https://www.bbc.co.uk/news/world-australia-54193764
Researcher Describes Risks Posed by Posting Boarding Passes https://www.databreachtoday.com/researcher-describes-risks-posed-by-posting-boarding-passes-a-15008
GitHub to replace 'master' with 'main' starting next month https://www.zdnet.com/article/github-to-replace-master-with-main-starting-next-month/
On the trail of stolen photographs https://www.bbc.co.uk/news/business-53998711
Microsoft's underwater data centre resurfaces after two years https://www.bbc.com/news/technology-54146718
This Year's Atlantic Hurricane Season Is So Bad We Ran Out of Names Two Storms Ago https://www.sciencealert.com/this-year-s-hurricane-season-is-so-bad-we-ran-out-of-names-two-storms-ago
The West Coast's record wildfire season has ground the real-estate industry to a halt with $8 billion of assets in danger https://www.businessinsider.com/how-west-coast-wildfires-impact-real-estate-2020-9
Smoke From the West Coast Wildfires Has Been Reported As Far Away As the Netherlands https://www.mentalfloss.com/article/630118/west-coast-wildfire-smoke-reported-in-netherlands
Wildfire Smoke Could Leave Lungs Vulnerable to COVID-19 And The Flu https://www.sciencealert.com/all-this-wildfire-smoke-is-going-to-leave-lungs-vulnerable-to-the-flu-and-covid-19
What Ancient Mass Extinctions Tell Us about the Future https://www.scientificamerican.com/article/what-ancient-mass-extinctions-tell-us-about-the-future/
Antarctica's 'Doomsday Glacier' Is in Serious Danger, New Research Confirms https://www.sciencealert.com/antarctica-s-doomsday-glacier-is-in-serious-danger-new-research-reveals
Boeing hid design flaws in 737 Max jets from pilots and regulators https://arstechnica.com/information-technology/2020/09/boeing-hid-design-flaws-in-max-jets-from-pilots-and-regulators/
Tesla owner in Canada charged with ‘sleeping’ while driving over 90 mph https://www.theverge.com/2020/9/18/21445168/tesla-driver-sleeping-police-charged-canada-autopilot
Driver Charged in Uber’s Fatal 2018 Autonomous Car Crash https://www.nytimes.com/2020/09/15/technology/uber-autonomous-crash-driver-charged.html
Toronto police to crack down on stunt driving after significant uptick in incidents https://globalnews.ca/news/7337689/stunt-driving-toronto-charges/
(Just Lovely)This Toxic Australian Plant Injects Scorpion-Like Venom. The Pain Can Last For Days https://www.sciencealert.com/this-australian-stinging-tree-injects-a-toxin-like-spider-venom-if-you-get-too-close
Teen 'Blasts Away' Parts of Retina by Staring Into a Pet's Laser Pointer https://www.sciencealert.com/teen-in-ohio-blasts-away-retina-by-staring-into-laser-pointer-case-study-reports
Chinese pharma leak infects thousands with bacterial disease https://globalnews.ca/news/7341054/china-bacterial-disease-leak-pharma-brucellosis/
A Rare Blood Type Variant Helps Prevent Malaria. Now We Finally Know How https://www.sciencealert.com/we-now-know-how-this-rare-blood-type-helps-the-body-resist-malaria
Scientists uncover a novel approach to treating Duchenne muscular dystrophy https://scienmag.com/scientists-uncover-a-novel-approach-to-treating-duchenne-muscular-dystrophy/
Removal of a gene could render lethal poxviruses harmless https://scienmag.com/removal-of-a-gene-could-render-lethal-poxviruses-harmless/
This sleek futuristic off-grid smart home can cost up to $413,00 and only takes 90 minutes to install https://www.businessinsider.com/iohouse-space-smart-home-2020-9
Anonymous Site Ramps Up 'Doxxing' Campaign Against HK Activists https://www.securityweek.com/anonymous-site-ramps-doxxing-campaign-against-hk-activists
DOJ Releases New Material from Mueller Report https://epic.org/2020/09/breaking-justice-department-re-1.html
Edmonton-developed idea to combat liquor store theft targets bars, restaurants who purchase stolen products https://globalnews.ca/news/7336576/edmonton-liquor-store-theft-contest-winner-macewan-university/
Stiffer fines for ‘dooring’ cyclists go into effect Monday https://globalnews.ca/news/7347413/bc-dooring-fines-quadruple/
COVID-19 Other risks and impact:
- Pandemic leads to critical shortage of U.S. election workers https://globalnews.ca/news/7326335/us-election-worker-shortage/
- Report Looks at COVID-19’s Massive Impact on Cybersecurity https://threatpost.com/cynet-report-looks-at-covid-19s-massive-impact-on-cybersecurity/159249/
- NYC Approves Restaurant Surcharge https://www.pymnts.com/restaurant-innovation/2020/nyc-approves-restaurant-surcharge/
- Guelph police report shows COVID-19 impact on calls for service https://globalnews.ca/news/7343920/guelph-police-coronavirus-covid-19-calls/
- Canadians’ view of U.S. drops to lowest level in nearly 2 decades https://globalnews.ca/news/7335966/canada-view-u-s-drop-lowest-two-decades-poll/

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

The spread, curves, spikes, and waves - now reinfection:
- Superspreader events the biggest threat in surging coronavirus cases, deaths https://globalnews.ca/news/7345157/superspreader-events-coronavirus/
- Street-racing group stages ‘mega meet’ in Hamilton amid COVID-19 restrictions https://globalnews.ca/news/7346920/hundreds-show-up-as-street-racing-group-stages-mega-meet-at-ancaster-cineplex-parking-lot/
- Almost 1/4 of Canadians believe coronavirus warnings from officials are overblown https://globalnews.ca/news/7335572/canadians-coronavirus-warnings-officials-overblown/
- Canada reports 792 new coronavirus infections as global cases near 30 million https://globalnews.ca/news/7337365/canada-coronavirus-sept-15/
- Ontario reports more than 400 new coronavirus cases for 2nd day in a row https://globalnews.ca/news/7345891/ontario-coronavirus-cases-sept-19-covid19/
- Quebec reports over 400 new cases for 2nd consecutive day https://globalnews.ca/news/7346961/covid-19-quebec-coronavirus-sep-20/
- Cambridge school reports COVID-19 case in kindergarten class https://globalnews.ca/news/7340814/kindergarten-covid-19-cambridge-st-anne/
- Coronavirus cases reported at 172 schools in Quebec https://globalnews.ca/news/7336197/quebec-schools-coronavirus-cases-rise/
- 28 Western University students test positive for coronavirus, prompting tightened restrictions https://globalnews.ca/news/7340976/28-western-university-students-coronavirus/
- India's coronavirus infections top five million mark https://www.bbc.co.uk/news/world-asia-india-54172321
- New fear grips Europe as cases top 30m worldwide https://www.bbc.co.uk/news/world-54199825
- Europe’s 'alarming' rates of Covid spread - WHO https://www.cnn.com/2020/09/17/europe/coronavirus-europe-who-second-wave-intl/index.html and https://www.bbc.co.uk/news/world-europe-54189575
- UK FM learned of data breach 11 days after health minister https://www.bbc.com/news/uk-wales-politics-54164636
Lockdown, reopening, and The New Normal:
- U.S. supply firm executives 'should not have been permitted' to enter Canada: Blair https://www.ctvnews.ca/politics/u-s-supply-firm-executives-should-not-have-been-permitted-to-enter-canada-blair-1.5109369
- Canada-U.S. border closure extended through Oct. 21 amid rising coronavirus cases https://globalnews.ca/news/7343625/canada-u-s-border-closure-october-coronavirus/
- Ontario tightens private gathering restrictions to 10 indoors, 25 outdoors in Toronto, Peel and Ottawa https://globalnews.ca/news/7340816/ontario-private-gathering-restrictions-limits-toronto-peel-region-ottawa/
- New COVID-19 gathering restrictions expanded to all of Ontario https://globalnews.ca/news/7345932/coronavirus-ontario-gathering-restrictions-expanded/
Guidance, Response and Recovery:
- UK sets £10,000 fines for self-isolation breaches https://www.bbc.co.uk/news/uk-54221953
- COVID-19 medical coverage now available even though Canadians advised to avoid international travel https://www.cbc.ca/news/business/covid-19-coverage-travel-insurance-air-canada-westjet-manulife-1.5728580
- TDSB no longer needs extra classroom space after more parents opt students for online learning https://globalnews.ca/news/7338676/tdsb-no-longer-needs-extra-space-students-online-class/
- How New Mexico Controlled the Spread of COVID-19 https://www.scientificamerican.com/article/how-new-mexico-controlled-the-spread-of-covid-19/
Treatments, Testing, Triage, and Trials, and things we learned:
- Internet Search Results Predict US COVID-19 Hotspots Weeks Later https://www.sciencealert.com/internet-search-results-predict-us-covid-hotspots-weeks-later-study-reveals
- Around 2 percent of Red Cross blood donors have COVID-19 antibodies https://www.theverge.com/2020/9/15/21438104/red-cross-blood-donors-antibody-test-research
- Stroke emerging as a symptom of COVID-19 in new research https://globalnews.ca/news/7338109/stroke-covid-19-symptom/
- CDC Just Reversed Its Controversial COVID-19 Testing Guidelines https://www.sciencealert.com/cdc-walks-back-its-controversial-guidelines-of-covid-19-testing
- CDC says asymptomatic people should get tested for COVID-19 after all https://www.theverge.com/2020/9/18/21445706/coronavirus-cdc-test-guidelines-covid-19-asymptomatic-trump
- Canada not yet ready to deploy rapid COVID testing devices https://www.cbc.ca/news/politics/canada-covid-19-testing-devices-1.5726686
- COVID-19 virus uses heparan sulfate to get inside cells https://scienmag.com/covid-19-virus-uses-heparan-sulfate-to-get-inside-cells/
- Population Density Does Not Doom Cities to Pandemic Dangers https://www.scientificamerican.com/article/population-density-does-not-doom-cities-to-pandemic-dangers/
- NIH 'Very Concerned' about Serious Side Effect in Coronavirus Vaccine Trial https://www.scientificamerican.com/article/nih-very-concerned-about-serious-side-effect-in-coronavirus-vaccine-trial/
- Scientists predict that COVID-19 will become a seasonal virus – but not yet https://scienmag.com/scientists-predict-that-covid-19-will-become-a-seasonal-virus-but-not-yet/
Behaviour - the good, the bad, and the ugly:
- A Massachusetts teenager tested positive for the coronavirus. His parents sent him to school anyway. https://www.washingtonpost.com/nation/2020/09/18/massachusetts-high-school-student-covid/
- Bleach touted as 'miracle cure' for Covid being sold on Amazon https://www.theguardian.com/world/2020/sep/19/bleach-miracle-cure-amazon-covid
- Bolivians are drinking a toxic bleach, wrongly believing it will ward off COVID-19. Many end up in the hospital. https://www.businessinsider.com/bolivians-drink-toxic-bleach-mms-belieiving-combat-coronavirus-2020-9
- A Chinese virologist claimed the coronavirus was 'intentionally' released. Turns out, she works for a group led by Steve Bannon https://www.businessinsider.com/virologist-who-said-china-released-coronavirus-works-with-steve-bannon-2020-9
Masks, anti-maskers, and distancing:
- Face masks ‘more guaranteed’ to work against coronavirus than vaccine, CDC director warns https://globalnews.ca/news/7338646/facemasks-work-against-coronavirus-masks-cdc/
- Most homemade masks are doing a great job, even when we sneeze https://scienmag.com/most-homemade-masks-are-doing-a-great-job-even-when-we-sneeze-study-finds/
- Edmonton seeing 97% compliance rate on mandatory masks https://globalnews.ca/news/7342048/edmonton-mandatory-mask-compliance-rate/
- Anti-masker thrown out of Disney World while misquoting ‘A Bug’s Life’ https://globalnews.ca/news/7340871/disney-world-bugs-life-mask-coronavirus/
- Guelph’s updated mandatory mask order includes places of worship https://globalnews.ca/news/7335888/guelph-updates-mask-order/

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

Scientists Discover What Happens in Our Brains When We Make an 'Educated Guess' https://www.sciencealert.com/scientists-figure-out-what-happens-in-the-brain-when-we-make-educated-guesses
This cargo-ship concept is powered by gigantic wings and wants to reduce emissions by 90% https://www.businessinsider.com/wing-powered-cargo-ship-aims-reduce-emissions-oceanbird-swedish-sailing-2020-9
Eerily Well-Preserved 17th Century Ship Found in The Dark Waters of The Baltic Sea https://www.sciencealert.com/incredibly-well-preserved-17th-century-ship-found-in-the-depths-of-the-baltic-sea
Flypast marks Battle of Britain anniversary https://www.bbc.co.uk/news/uk-54219509
Air Force New Fighter Jet: Secret 6th Generation Fighter Details https://www.popularmechanics.com/military/aviation/a34030586/air-force-secret-new-fighter-jet/
New Military Aircraft Designation: Air Force Debuts e-Planes https://www.popularmechanics.com/military/aviation/a34043731/air-force-new-designation-e-series-aircraft/
Thousands Saw a UFO in New Jersey. It was the Goodyear Blimp https://www.universetoday.com/147840/thousands-saw-a-ufo-in-new-jersey-it-was-the-goodyear-blimp/
Why Can’t You Smell Your Own Breath? https://www.mentalfloss.com/article/629960/why-you-cant-smell-your-own-breath
Malaysian man 'finds' monkey selfies on lost phone https://www.bbc.co.uk/news/world-asia-pacific-54157459
Astronomers Have Discovered a 2-km Asteroid Orbiting Closer to the Sun than Venus https://www.universetoday.com/147762/astronomers-have-discovered-a-2-km-asteroid-orbiting-closer-to-the-sun-than-venus/
Did Scientists Just Find Signs of Life on Venus? https://www.universetoday.com/147797/did-scientists-just-find-signs-of-life-on-venus/
Missions Are Already Being Planned to Figure Out What’s Creating the Biosignature on Venus https://www.universetoday.com/147819/missions-are-already-being-planned-to-figure-out-whats-creating-the-biosignature-on-venus/
Astronomers find the first intact planet orbiting a white dwarf… and it's far bigger than its star! https://www.syfy.com/syfywire/astronomers-find-the-first-intact-planet-orbiting-a-white-dwarf-and-its-far-bigger-than

View full post