This Week's [in]Security - Issue 183 | insecurity | Control Gap

Welcome to This Week’s [in]Security. Magecart. New breaches: New Ransomware. Oracle+TikTok. Catch22. Secure Time. NIST. OCPMA. Phishing awareness. Fuzzilli. Deepfakes. Complexity. ICS and IoT. Fingerprinting exploits. Cisco. AD Backdoors. Credential Stuffing. Voter phishing. Reply-to-phishing. Account takeovers. Nation States. Legal actions. Chatbots. Remote Exams. Election Security. Outages. Environment. Covid-19: Spread, Curves, Spikes, Waves, & reinfections. Contact Tracing. cluster-busting. Disinformation. And more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud.

• Updated PCI Technical (Mandatory) FAQs for PTS HSM & POI:

  • https://www.pcisecuritystandards.org/documents/PTS_HSM_Technical_FAQs_v3_September_2020.pdf
  • https://www.pcisecuritystandards.org/documents/PTS_POI_Technical_FAQs_v4_September_2020.pdf
  • https://www.pcisecuritystandards.org/documents/PTS_POI_Technical_FAQs_v5_September_2020.pdf
  • https://www.pcisecuritystandards.org/documents/PTS_POI_Technical_FAQs_v6_September_2020.pdf

• New PCI Updates:

  • PCI PIN Security in Practice Case Study: First Tech https://blog.pcisecuritystandards.org/pci-pin-security-in-practice-case-study-first-tech
  • The Value of the PCI Secure Software Lifecycle Standard for Software Vendors https://blog.pcisecuritystandards.org/the-value-of-the-pci-secure-software-lifecycle-standard-for-software-vendors
• (Ongoing)Request for Comments: PCI DSS Version 4.0 Draft Standard https://blog.pcisecuritystandards.org/request-for-comments-pci-dss-version-4.0-draft-standard
• “Magecart” – A Platform Agnostic Threat https://sourcedefense.com/resources/blog/magecart-a-platform-agnostic-threat/
• Two North American hospitality merchants hacked in May and June https://www.zdnet.com/article/two-north-american-hospitality-merchants-hacked-in-may-and-june/
• Fighting Card Fraud in a New Environment https://www.databreachtoday.com/fighting-card-fraud-in-new-environment-a-15079

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

• Trends and Topics:

  • Ransomware: Gangs are shifting targets and upping their ransom demands https://www.zdnet.com/article/ransomware-gangs-are-shifting-targets-and-upping-their-ransom-demands/
  • It takes hackers 1 minute to find and abuse credentials exposed on GitHub https://www.databreaches.net/it-takes-hackers-1-minute-to-find-and-abuse-credentials-exposed-on-github/
  • Framework Outlines How Companies Should Talk About Breaches https://www.databreaches.net/framework-outlines-how-companies-should-talk-about-breaches/
  • SunCrypt ransomware group swears off medical entities, sets sights on cybersecurity firms https://www.databreaches.net/suncrypt-ransomware-group-swears-off-medical-entities-sets-sights-on-cybersecurity-firms/

• New breaches:

  • Hackers Have Infiltrated Many of Washington State’s Agencies https://www.databreaches.net/hackers-have-infiltrated-many-of-washington-states-agencies/
  • French Shipping Giant CMA CGM Discloses Security Breach https://www.securityweek.com/french-shipping-giant-cma-cgm-discloses-security-breach
  • Zhenhua data leak exposes China's new 'hybrid warfare' https://www.dw.com/en/zhenhua-data-leak-exposes-chinas-new-hybrid-warfare/a-55083540
  • Security lapse exposes hundreds of addresses of Minnesotans infected with COVID-19 https://www.databreaches.net/security-lapse-exposes-hundreds-of-addresses-of-minnesotans-infected-with-covid-19/
  • Dfat reveals email addresses of vulnerable Australians stranded overseas https://www.databreaches.net/data-breach-dfat-reveals-email-addresses-of-vulnerable-australians-stranded-overseas/

• New Ransomware:

  • Nevada school district refuses to submit to ransomware blackmail, hacker publishes student data https://www.zdnet.com/article/nevada-school-district-refuses-to-submit-to-ransomware-blackmail-hacker-responds-by-publishing-student-data/
  • TX: Odessa residents suffer from second Click2Gov breach https://www.databreaches.net/tx-odessa-residents-suffer-from-second-click2gov-breach/
  • Government Software Supplier Tyler Technologies Hit By Ransomware https://www.databreachtoday.com/government-software-supplier-hit-by-ransomware-a-15073
  • Ransomware reportedly to blame for outage at 250 location US hospital chain https://www.theverge.com/2020/9/28/21482304/ransomware-outage-hospital-chain-cybersecurity
  • Canada - Two Telus Health medical service providers pay ransom after 60K client files accessed https://www.databreaches.net/ca-two-telus-health-medical-service-providers-pay-ransom-after-60k-client-files-accessed/
  • New Jersey hospital paid ransomware gang $670K to prevent data leak https://www.databreaches.net/new-jersey-hospital-paid-ransomware-gang-670k-to-prevent-data-leak/
  • Northern California casino shut down by external computer attack https://www.databreaches.net/northern-california-casino-shut-down-by-external-computer-attack/

• Follow-ups and fall-out:

  • Inspector General’s Report Confirms CBP Contractor Was Hacked, Resulting In Sensitive Info Making Its Way To The Dark Web https://www.databreaches.net/inspector-generals-report-confirms-cbp-contractor-was-hacked-resulting-in-sensitive-info-making-its-way-to-the-dark-web/
  • Blackbaud Says Bank Account Data, SSNs Impacted in Ransomware Incident https://www.securityweek.com/blackbaud-says-bank-account-data-ssns-impacted-ransomware-incident
  • Anthem agrees to pay $39.5M in latest settlement over 2015 hacking https://www.databreaches.net/anthem-agrees-to-pay-39-5m-in-latest-settlement-over-2015-hacking/

Privacy

Articles about privacy related news, risks, and trends.

• In Letter to EPIC, Oracle Denies it Exploits Personal Data, Calls Privacy Risks to TikTok Users 'Very Theoretical' https://epic.org/2020/10/in-letter-to-epic-oracle-denie.html
• German Privacy Watchdog Fines H&M $41M for Spying on Workers https://www.securityweek.com/german-privacy-watchdog-fines-hm-41m-spying-workers
• Director of nuisance-calls company ordered to cough up £114k after ignoring £40k fine from UK data watchdog https://www.theregister.com/2020/09/29/ico_it_protect_fine_enforcement/
• US Judge Dismisses New Mexico Privacy Claims Against Google https://www.securityweek.com/us-judge-dismisses-new-mexico-privacy-claims-against-google

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy, technology, and public interest.

• Paying ransomware demands could land you in hot water with the feds https://arstechnica.com/tech-policy/2020/10/paying-ransomware-demands-could-land-you-in-hot-water-with-the-feds/
• Internet Engineering Task Force Proposes Standard for Network Time Security https://www.securityweek.com/internet-engineering-task-force-proposes-standard-network-time-security, https://blog.cloudflare.com/nts-is-now-rfc/ and the standard https://www.rfc-editor.org/rfc/rfc8915.html

• New NIST:

  • A new draft paper, Securing Data Integrity Against Ransomware Attacks: Using the NIST Cybersecurity Framework and NIST Cybersecurity Practice Guides, is now available for public comment until November 13 https://csrc.nist.gov/publications/detail/white-paper/2020/10/01/securing-data-integrity-against-ransomware-attacks/draft
  • Draft NIST Interagency Report (NISTIR) 8212, ISCMA: An Information Security Continuous Monitoring Program Assessment availble for feedback until November 13 https://csrc.nist.gov/publications/detail/nistir/8212/draft
• On Executive Order 12333 https://www.schneier.com/blog/archives/2020/09/on-executive-order-12333.html
• EPIC Urges AI Commission to Recommend Robust AI Regulation, Prioritize Protection of Rights https://epic.org/2020/10/epic-urges-ai-commission-to-re.html
• The Online Content Policy Modernization Act Is an Unconstitutional Mess https://www.eff.org/deeplinks/2020/10/online-content-policy-modernization-act-unconstitutional-mess
• Does Germany have answer to social media hate? https://www.bbc.co.uk/news/technology-54363186
• DOJ Seeks To Overturn Ruling To Prevent WeChat Ban https://www.pymnts.com/legal/2020/doj-seeks-to-overturn-ruling-to-prevent-wechat-ban/
• Tell the Department of Homeland Security: Stop Collecting DNA and other Biometrics https://www.eff.org/deeplinks/2020/09/tell-department-homeland-security-stop-collecting-dna-and-other-biometrics
• Unable to Throw the Book at Snowden, US Grabs Royalties https://www.databreachtoday.com/blogs/unable-to-throw-book-at-snowden-us-grabs-royalties-p-2950
• Facebook sues two Chrome extension makers for scraping user data https://www.zdnet.com/article/facebook-sues-two-chrome-extension-makers-for-scraping-user-data
• Civil liberties group finds Ontario police used COVID-19 database illegally https://globalnews.ca/news/7368904/canadian-civil-liberties-association-ontario-police-covid-19/

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

• Phishing awareness training wears off after a few months https://www.zdnet.com/article/phishing-awareness-training-wears-off-after-a-few-months/
• And you thought Fuzzilli was a pasta... Google offers up $50k in cloud credits to fuzz the hell out of JavaScript engines https://www.theregister.com/2020/10/02/google_javascript_fuzzing_funds/
• Detecting Deep Fakes with a Heartbeat https://www.schneier.com/blog/archives/2020/10/detecting-deep-fakes-with-a-heartbeat.html
• Google is creating a special Android security team to find bugs in sensitive apps https://www.zdnet.com/article/google-is-creating-a-special-android-security-team-to-find-bugs-in-sensitive-apps
• Nmap 7.90 Released https://isc.sans.edu/diary/rss/26644
• Why Web Browser Padlocks Shouldn’t Be Trusted https://threatpost.com/why-web-browser-padlocks-shouldnt-be-trusted/159659/
• Russia and China's 'digital authoritarianism' means we need to better arm our cyber troops, warns top UK general https://www.theregister.com/2020/10/02/digital_authoritarianism_general_nick_carter/
• Improving Third-party Security Management: A Case Study with CAPTRUST https://www.databreachtoday.com/webinars/improving-third-party-security-management-case-study-captrust-w-2728

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

• Complexity has broken computer security, says academic who helped spot Meltdown and Spectre flaws https://www.theregister.com/2020/10/02/daniel_gruss_complexity_broke_security/
• Schneier on Story about Hacking a Coffee Maker https://www.schneier.com/blog/archives/2020/09/hacking-a-coffee-maker.html
• Multiple Vulnerabilities in CodeMeter Leave Managed Industrial Control Systems Open to Attack https://www.tenable.com/blog/multiple-vulnerabilities-in-codemeter-leave-managed-industrial-control-systems-open-to-attack
• Kids' Smartwatches Are a Security Nightmare Despite Years of Warnings https://www.datex.ca/blog/kids-smartwatches-are-a-security-nightmare-despite-years-of-warnings
• Hacking Grindr Accounts with Copy and Paste https://www.troyhunt.com/hacking-grindr-accounts-with-copy-and-paste/
• Researchers track hacking ‘fingerprints,’ link Russian attackers to Windows exploit sellers https://www.zdnet.com/article/researchers-track-hacking-fingerprints-link-russian-group-to-windows-exploits
• Analysis of a Phishing Kit https://isc.sans.edu/diary/rss/26634
• Cisco Issues Patches For 2 High-Severity IOS XR Flaws Under Active Attacks https://thehackernews.com/2020/09/cisco.html
• Detecting Microsoft 365 and Azure Active Directory Backdoors http://www.fireeye.com/blog/threat-research/2020/09/detecting-microsoft-365-azure-active-directory-backdoors.html
• Remote code execution bugs in NVIDIA D3D10 driver https://blog.talosintelligence.com/2020/09/vuln-spotlight-nvidia-d3d10-.html
• QR Codes: A Sneaky Security Threat https://threatpost.com/qr-codes-sneaky-security-threat/159757/

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

• Trends, Alerts, and Events:

  • FBI Warns: Credential Stuffing Attacks on the Rise https://www.databreachtoday.com/fbi-warns-credential-stuffing-attacks-on-rise-a-15075
  • Voter Registration ‘Error’ Phish Hits During U.S. Election Frenzy https://threatpost.com/voter-phish-election/159804/
  • This worm phishing campaign is a game-changer in password theft, account takeovers https://www.zdnet.com/article/this-worm-phishing-campaign-is-a-game-changer-in-password-theft-account-takeovers/
  • Account Takeover Fraud Losses Total Billions Across Online Retailers https://threatpost.com/account-takeover-fraud-online-retailers/159802/
  • “Joker”—the malware that signs you up for pricey services—floods Android markets https://arstechnica.com/information-technology/2020/09/joker-the-malware-that-signs-you-up-for-pricey-services-floods-android-markets/

• Nation State Actors:

  • Russia is responsible for most nation-state cyberattacks, followed by Iran, North Korea, and China https://www.businessinsider.com/russia-reportedly-responsible-for-most-nation-state-cyberattacks-2020-10
  • How a Chinese malware gang defrauded Facebook users of $4 million https://www.zdnet.com/article/how-a-chinese-malware-gang-defrauded-facebook-users-of-4-million/
  • The No Good, Very Bad Week for Iran's Nation-State Hacking Ops https://www.darkreading.com/threat-intelligence/the-no-good-very-bad-week-for-irans-nation-state-hacking-ops-/d/d-id/1339052

• Crime:

  • Hackers Steal Swiss University Salaries https://www.databreaches.net/hackers-steal-swiss-university-salaries/
  • Hackers hit South African government fund for children and missing people https://www.databreaches.net/hackers-hit-south-african-government-fund-for-children-and-missing-people/
  • Facebook Small Business Grants Spark Identity-Theft Scam https://threatpost.com/facebook-small-biz-grants-identity-theft-scam/159681/

• Arrests, Charges & Sentencings:

  • NY: Former Information Technology Employee Of Hospital Sentenced To 30 Months In Prison For Computer Intrusion https://www.databreaches.net/ny-former-information-technology-employee-of-hospital-sentenced-to-30-months-in-prison-for-computer-intrusion/
  • Russian Sentenced to Prison for Hacking LinkedIn, Dropbox https://www.securityweek.com/russian-sentenced-prison-hacking-linkedin-dropbox

Other Security / Risk

Articles covering other types of risks.

• Beware the Chatbots: You May Be At Risk https://www.tenable.com/blog/beware-the-chatbots-you-may-be-at-risk
• Tech Isn’t the Answer for Test Taking https://www.nytimes.com/2020/10/02/technology/tech-test-taking.html

• Election Security:

  • US election 2020: Facebook bans more political ads https://www.bbc.co.uk/news/technology-54369303
  • FBI, CISA Warn of DDoS Attacks Targeting November Election https://www.databreachtoday.com/fbi-cisa-warn-ddos-attacks-targeting-november-election-a-15099
• DuckDuckGo cries fowl after being expunged from Google's Android search preferences menu for most of Europe https://www.theregister.com/2020/09/29/googles_android_search_duckduckgo/

• Who’s Behind Monday’s 14-State 911 Outage? https://krebsonsecurity.com/2020/09/whos-behind-mondays-14-state-911-outage/

  • Plane-tracking site Flight Radar 24 DDoSed... just as drones spotted buzzing over Azerbaijan and Armenia https://www.theregister.com/2020/09/29/flight_radar_24_ddos/
  • Tokyo Stock Exchange outage https://www.ctvnews.ca/business/tokyo-stock-exchange-says-it-will-resume-normal-trading-friday-1.5127824
  • Outlook is down: Microsoft web outage hits users worldwide https://www.zdnet.com/article/outlook-is-down-microsoft-web-outage-hits-users-worldwide/
  • Office 365 outage ongoing after roll back fails https://www.zdnet.com/article/office-365-outage-ongoing-after-roll-back-fails/

• Zoom, Twitter Failures Highlight Discriminatory Impact of Facial Recognition https://epic.org/2020/09/zoom-twitter-failures-highligh.html

  • Environment & Disaster:
  • California wildfires break record with ‘unfathomable’ 4M acres burned https://globalnews.ca/news/7377475/california-wildfires-break-record-unfathomable/
  • Greenland's Ice Loss This Century on Track to Be Worst in 12,000 Years https://www.sciencealert.com/losing-greenland-s-ice-will-raise-seas-higher-than-any-level-seen-in-12-000-years
  • Ice discharge in the North Pacific set off series of climate events during last ice age https://scienmag.com/ice-discharge-in-the-north-pacific-set-off-series-of-climate-events-during-last-ice-age/
  • The Great Lakes are awash in plastic. A new project is using trash-trapping technology to get rid of it https://www.cbc.ca/news/canada/toronto/ontario-great-lakes-plastic-project-1.5744875
  • Dual-flush toilets are wasting more water than they save, says U.K. water utility https://www.cbc.ca/radio/asithappens/as-it-happens-the-wednesday-edition-1.5744950/dual-flush-toilets-are-wasting-more-water-than-they-save-says-u-k-water-utility-1.5743509
• IRS may put cryptocurrency question at the top of 1040 to catch cheaters https://arstechnica.com/tech-policy/2020/09/irs-may-put-cryptocurrency-question-at-the-top-of-1040-to-catch-cheaters/
• Link Between Alzheimer's Disease And Sleep Apnea Discovered in Brain Tissue https://www.sciencealert.com/link-between-alzheimer-s-disease-and-sleep-apnea-discovered-in-brain-tissue
• Vancouver crew 'unbuilds' home in record time, as it aims to offset demolition waste https://www.cbc.ca/news/canada/british-columbia/unbuilders-home-deconstruction-1.5745605
• (What again?)‘Move to Canada’ searches explode during chaotic Trump-Biden debate https://globalnews.ca/news/7368255/move-to-canada-donald-trump-joe-biden-debate/

• Other risks relating to covid:

  • Covid and the Whitehouse, Now What? https://www.theatlantic.com/health/archive/2020/10/trump-has-covid-how-bad-could-be/616576/
  • Those ‘Doomsday Planes’ Have Nothing to Do With Trump's Covid-19 Test https://www.wired.com/story/doomsday-planes-trump-covid-19-test
  • COVID-19 and Acedia https://www.schneier.com/blog/archives/2020/10/covid-19-and-acedia.html
  • Norwegians May Hold the Secret to Braving a Winter Lockdown https://www.mentalfloss.com/article/632680/norwegians-may-hold-secret-braving-winter-lockdown
  • Thousands of Toronto students to switch between online and in-class learning https://globalnews.ca/news/7374553/toronto-district-school-board-students-switch-online-in-class-learning/
  • How pandemic sparked European cycling revolution https://www.bbc.co.uk/news/world-europe-54353914
  • ‘Totally Under Control’: Movie shot in secret looks at U.S. COVID-19 failure https://globalnews.ca/news/7374552/totally-under-control-movie-trailer-covid-19-donald-trump/

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

• The spread, curves, spikes, and waves - now reinfection:

  • Why Some People Are Still Getting Sick--but Not with COVID https://www.scientificamerican.com/article/why-some-people-are-still-getting-sick-but-not-with-covid/
  • Coronavirus, the flu or the common cold? Here’s what to know https://globalnews.ca/news/7370979/coronavirus-flu-common-cold-what-to-know/
  • Coronavirus: Global Covid-19 death toll passes one million - https://www.bbc.co.uk/news/world-54334496
  • COVID in the White House Should be America's Wake-Up Call https://www.scientificamerican.com/article/covid-in-the-white-house-should-be-americas-wake-up-call/
  • Canada adds 1,796 new coronavirus cases, highest total yet for second wave https://globalnews.ca/news/7370206/canada-coronavirus-cases-sept-30/
  • Quebec tops 1,000 new cases as coronavirus crisis gains steam https://globalnews.ca/news/7373769/quebec-coronavirus-covid-19-october-2/
  • Number of active COVID-19 cases in Alberta rises to 1,582 on Wednesday https://globalnews.ca/news/7369491/alberta-health-covid-19-september-30/
  • Ontario government to reveal latest COVID-19 modelling https://globalnews.ca/news/7368240/ontario-coronavirus-modelling-covid19-september/
  • 5 cases of COVID-19 linked to Kingston house party in university district https://globalnews.ca/news/7371185/5-cases-of-covid-19-linked-to-kingston-house-party-in-university-district-public-health/
  • Amazon has identified more than 19,000 COVID-19 cases among its frontline workers https://www.businessinsider.com/amazon-19000-covid-19-cases-among-us-frontline-workers-report-2020-10

• Contact Tracing:

  • Toronto Public Health shifting COVID-19 contact tracing strategy due to surge https://www.680news.com/2020/10/03/toronto-public-health-coronavirus-tracing-strategy-shift/
  • The COVID Alert app isn’t working as well as it should be, and Canadians are part of the problem https://globalnews.ca/news/7372173/covid-alert-app-canada-problem/
  • COVID Alert app now active in Manitoba http://www.cbc.ca/technology/?cmp=rss
  • What’s It Like to Be a Contact Tracer? We Spoke With 3 to Find Out. http://feeds.propublica.org/link/9499/13919712/whats-it-like-to-be-a-contact-tracer-we-spoke-with-3-to-find-out

• Guidance, Response and Recovery:

  • Airbnb blocking some rentals over Halloween to halt parties https://toronto.citynews.ca/2020/10/02/airbnb-blocking-some-rentals-over-halloween-to-halt-parties/ and https://www.bbc.co.uk/news/technology-54395664
  • Canadians need to find safe alternatives for Thanksgiving amid coronavirus https://globalnews.ca/news/7370774/canadians-safe-alternatives-thanksgiving-coronavirus/

• Testing:

  • No, You Cannot Pierce Your Brain with a Swab Test https://www.snopes.com/news/2020/10/02/no-you-cannot-pierce-your-brain-with-a-swab-test/
  • A coronavirus ‘game changer’: Canadian company claims it can detect virus in the air https://globalnews.ca/news/7367826/coronavirus-biocloud-detect-virus-in-air/
  • Nigerian scientists develop cheaper and faster Covid-19 test kits https://www.cnn.com/2020/10/03/africa/nigeria-cheaper-covid-19-test-kits-intl/index.html
  • Coronavirus: New global test will give results 'in minutes' https://www.bbc.co.uk/news/world-54331921
  • New COVID test doesn’t use scarce reagents, catches all but the least infectious https://scienmag.com/new-covid-test-doesnt-use-scarce-reagents-catches-all-but-the-least-infectious/
  • Millions of coronavirus rapid tests won’t arrive for months: Health Canada https://globalnews.ca/news/7373108/coronavirus-rapid-tests-health-canada/

• Vaccines Progress:

  • 35 Years of Research Into Coronavirus Infections Show Long-Term Immunity Is Unlikely https://www.sciencealert.com/35-year-study-of-coronavirus-reinfections-suggests-human-immunity-is-short-lived
  • US widens safety inquiry into AstraZeneca's coronavirus vaccine https://www.businessinsider.com/us-widens-inquiry-into-astrazeneca-vaccine-review-starts-in-europe-2020-10
  • We could know if a coronavirus vaccine works in October. Here are the 7 most important events to watch for this month. https://www.businessinsider.com/list-of-catalysts-in-october-for-coronavirus-vaccines-2020-9
  • Vaccine will 'not return life to normal within six months' https://www.bbc.co.uk/news/health-54371559

• Things we learned:

  • (Refocus on superspreading and cluster-busting)This Overlooked Variable Is the Key to the Pandemic https://www.theatlantic.com/health/archive/2020/09/k-overlooked-variable-driving-pandemic/616548/
  • One in Seven Dire COVID Cases May Result from a Faulty Immune Response https://www.scientificamerican.com/article/one-in-seven-dire-covid-cases-may-result-from-a-faulty-immune-response/
  • Risk of Severe Coronavirus Linked to Neanderthal Genes From 60,000 Years Ago https://www.sciencealert.com/severe-coronavirus-has-been-linked-to-neanderthal-genes-from-60-000-years-ago
  • Mysterious Post-COVID Syndrome Found in Kids Is Now Also Affecting Adults https://www.sciencealert.com/weird-inflammatory-syndrome-tied-to-covid-19-strikes-adults-as-well-as-kids
  • Are organ transplant recipients at greater risk of death from COVID-19? https://scienmag.com/are-organ-transplant-recipients-at-greater-risk-of-death-from-covid-19/
  • (Don't panic but be vigilant and don't drop your guard) Opinion: Ontario's new COVID models show everyone should stop panicking https://nationalpost.com/opinion/randall-denley-ontarios-new-covid-models-show-everyone-should-stop-panicking-especially-doug-ford

• Disinformation:

  • Study Finds ‘Single Largest Driver’ of Coronavirus Misinformation: Trump https://www.nytimes.com/2020/09/30/us/politics/trump-coronavirus-misinformation.html
  • Misinformation is spread as fast as coronavirus. It will ‘take a village’ to fight it https://globalnews.ca/news/7371108/coronavirus-misinformation-infodemic-canada/

• Masks, anti-maskers, distancing, compliance, and repercussions:

  • DO NOT RECYCLE - Masks and gloves go in the garbage, York Region cities tell residents https://globalnews.ca/news/7374303/masks-gloves-garbage-waste-york-region-residents/
  • Western University places 100 students under review after weekend residence parties https://www.theglobeandmail.com/canada/article-western-university-places-100-students-under-review-after-weekend/
  • Nearly 200 charges, citations after Wasaga Beach free-for-all https://torontosun.com/news/local-news/nearly-200-charges-citations-after-wasaga-beach-free-for-all
  • U.S. boater fined $2,000 for breaking quarantine to visit B.C. girlfriend https://globalnews.ca/news/7369949/coronavirus-boater-fined-girlfriend/
  • Britons face up to £10,000 fine for not self-isolating https://www.bbc.co.uk/news/uk-54320482
  • Ottawa’s West End Villa faces $15M class-action lawsuit over coronavirus outbreak https://globalnews.ca/news/7372451/ottawa-west-end-villa-lawsuit-coronavirus/

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

• Fat Bear Week is the matchup 2020 needs https://www.theverge.com/2020/9/30/21495128/fat-bear-week-2020-vote-katmai-national-park-bearcam
• This one-off, record-holding boat has a Ferrari race engine and a $12 million price tag — see the 1952 Arno XI https://www.businessinsider.com/1952-ferrari-arno-xi-f1-race-boat-sale-12-million-2020-10
• Hydrogen-powered train makes UK maiden journey https://www.bbc.co.uk/news/business-54350046
• Scientists develop 'super enzyme' that breaks down plastic faster than ever https://www.cbc.ca/radio/asithappens/as-it-happens-thursday-edition-1.5746442/scientists-develop-super-enzyme-that-breaks-down-plastic-faster-than-ever-1.5746444
• Jet suit trial for Great North Air Ambulance paramedics https://www.bbc.co.uk/news/uk-england-54341378
• 'Never seen anything like that': Yukoner's dashcam captures brighter-than-usual meteor https://www.cbc.ca/news/canada/north/yukon-mount-lorne-meteor-dashcam-video-1.5743498
• New evidence suggests it was matter ejected from the Chicxulub crater that led to impact winter https://phys.org/news/2020-09-evidence-ejected-chicxulub-crater-impact.html
• (Uhmmm ....) A Black Hole at the Center of Earth - Is This Study Fake? https://www.popularmechanics.com/science/environment/a34166354/black-hole-center-of-earth-fake-study/
• Buried lakes of liquid water discovered on Mars https://www.bbc.co.uk/news/science-environment-54337779
• Second alignment plane, the empty ecliptic, of solar system discovered https://phys.org/news/2020-09-alignment-plane-solar.html
• Those are Exoplanets. You’re Looking at Actual Exoplanets 63 Light-Years Away! https://www.universetoday.com/148148/those-are-exoplanets-youre-looking-at-actual-exoplanets-63-light-years-away/
• Cheops Finds a World That’s Utterly Alien From Anything We Have in the Solar System https://www.universetoday.com/148096/cheops-finds-a-world-thats-utterly-alien-from-anything-we-have-in-the-solar-system/
• Astronomers Say They've Detected a Rogue Earth-Mass Planet Drifting in The Milky Way https://www.sciencealert.com/rogue-planet-the-size-of-earth-found-drifting-through-the-dark-on-its-own
• Astronomers think they’ve found an exoplanet in a galaxy 23 million light-years away https://www.universetoday.com/148070/astronomers-think-theyve-found-an-exoplanet-in-a-galaxy-23-million-light-years-away/
• Dramatic Timelapse From Hubble Shows a Star Literally Exploding in Nothingness https://www.sciencealert.com/watch-hubble-s-incredible-timelapse-of-an-exploding-star