This Week's [in]Security - Issue 228

Welcome to This Week’s [in]Security. PCI SSF vs PA-DSS, Scoping Cloud, Cooperation, PCI Back to Basics Series, MageCart, Free Card Dump, No stripes. Big-Hacks: T-Mobile. New breaches: Accenture, Salesforce customers, Ford. New Ransomware. Follow-ups & Fall-out. Privacy: PGPP, Uber Surveillance, Politicians. Laws & Regs. Defense: Webinars, HTTPS first, Wiping Data, Passwordless Git, Fuzzing. Vulnerabilities: Windows, MS-ECC-spoofing, IoT non-randomness, Magento, 5G, Voting Machines, DNS. Cybercrime: Trends, Losses, Anti-AML, Office, Exchange, Flytrap, WordPress, Crypto heist? Nation States. Other Risks: Apple's Photo Scanning, Insiders, Disinformation, Bias, English to Code. Health, Safety & Environment: Covid election, Recalls, Wildfires, Heat, EV's. Covid-19: Spread, Curves, Waves, and Variants; Response; Treatments; Immunity; Covid Ugly. And more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

• Part One: Conceptual Differences Between SSF and PA-DSS https://blog.pcisecuritystandards.org/part-one-conceptual-differences-between-ssf-and-pa-dss
• The Importance of Properly Scoping Cloud Environments https://blog.pcisecuritystandards.org/the-importance-of-properly-scoping-cloud-environments
• Payment Security Experts Emphasize Working Together https://www.pcisecuritystandards.org/about_us/press_releases/pr_08122021

• Back-to-Basics Series:

  • Keep Software Patched https://blog.pcisecuritystandards.org/back-to-basics-keep-software-patched
  • Reduce Where Payment Data Can Be Found https://blog.pcisecuritystandards.org/back-to-basics-reduce-where-payment-data-can-be-found
  • Use Strong Encryption https://blog.pcisecuritystandards.org/back-to-basics-use-strong-encryption
  • Use Strong Passwords https://blog.pcisecuritystandards.org/back-to-basics-use-strong-passwords
• Magecart Group 8: Patterns in Hosting Reveal Sustained Attacks on E-Commerce https://www.riskiq.com/blog/external-threat-management/magecart-group8-hosting-patterns/
• 1M Stolen Credit Cards Hit Dark Web for Free https://threatpost.com/1m-stolen-credit-cards-dark-web/168514/
• MasterCard retires the magnetic stripe https://www.mastercard.com/news/perspectives/2021/magnetic-stripe/
• BlackBerry Revs Up the Engine for Connected Car Payments https://www.digitaltransactions.net/blackberry-revs-up-the-engine-for-connected-car-payments/
• Canadian Retailer Hudson's Bay Splits In-Store, eCommerce Sales Into 2 Businesses https://www.pymnts.com/news/retail/2021/canadian-retailer-hudsons-bay-splits-in-store-ecommerce-sales-into-2-businesses/

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

• Major incidents:

  • Hackers claims to steal data of 100 million T-mobile customers https://www.bleepingcomputer.com/news/security/hackers-claims-to-steal-data-of-100-million-t-mobile-customers/

• New Breaches:

  • Accenture Hit By Apparent Ransomware Attack https://www.databreachtoday.com/accenture-hit-by-apparent-ransomware-attack-a-17265
  • Accenture claims 'no impact' in apparent ransomware attack https://www.expressnews.com/business/article/Accenture-claims-no-impact-in-apparent-16380991.php
  • Accenture confirms hack after LockBit ransomware data leak threats https://www.bleepingcomputer.com/news/security/accenture-confirms-hack-after-lockbit-ransomware-data-leak-threats/
  • Ransomware Gang Leaks Files Allegedly Stolen From Accenture https://www.securityweek.com/ransomware-gang-leaks-files-allegedly-stolen-accenture
  • Companies Still Exposing Sensitive Data via Known Salesforce Misconfiguration https://www.securityweek.com/companies-still-exposing-sensitive-data-known-salesforce-misconfiguration
  • Ford bug exposed customer and employee records from internal systems https://www.databreaches.net/ford-bug-exposed-customer-and-employee-records-from-internal-systems/
  • Crytek confirms Egregor ransomware attack, customer data theft https://www.databreaches.net/crytek-confirms-egregor-ransomware-attack-customer-data-theft/
  • Destination Maternity notifying 93,776 employees of hacking incident https://www.databreaches.net/destination-maternity-notifying-93776-employees-of-hacking-incident/
  • Electromed reveals data breach, offers identity theft protection to customers https://www.databreaches.net/electromed-reveals-data-breach-offers-identity-theft-protection-to-customers/
  • The Research Foundation for the State University of New York notifying 46,734 of breach https://www.databreaches.net/the-research-foundation-for-the-state-university-of-new-york-notifying-46734-of-breach/
  • Brooklyn Tech students uncovered a NYC schools data breach. https://www.databreaches.net/brooklyn-tech-students-uncovered-a-nyc-schools-data-breach/
  • Hackers reportedly threaten to leak data from Gigabyte ransomware attack https://www.theverge.com/2021/8/9/22616882/gigabyte-technologies-ransomware-attack-data-leak-112-gb-ransomexx
  • Ie: Patient medical records found in a pub and carpark https://www.databreaches.net/ie-patient-medical-records-found-in-a-pub-and-carpark/

• New Ransomware and "Incidents":

  • Ransomware Payments Explode Amid ‘Quadruple Extortion' https://threatpost.com/ransomware-payments-quadruple-extortion/168622/
  • Start of a board level discussion on ransomware https://www.ncsc.gov.uk/blog-post/what-board-members-should-know-about-ransomware
  • REvil Decryption Key Posted on Cybercrime Forum https://www.databreachtoday.com/revil-decryption-key-posted-on-cybercrime-forum-a-17257
  • SynAck ransomware gang releases decryption keys for old victims https://www.databreaches.net/synack-ransomware-gang-releases-decryption-keys-for-old-victims/
  • Illinois' FOID Card System Hit By Cyber Attack https://www.databreaches.net/illinois-foid-card-system-hit-by-cyber-attack/
  • Ransomware Gangs Exploiting Windows Print Spooler Vulnerabilities https://thehackernews.com/2021/08/ransomware-gangs-exploiting-windows.html
  • Ransomware hackers hit 2 public wastewater plants in Maine https://www.databreaches.net/ransomware-hackers-hit-2-public-wastewater-plants-in-maine/

• Follow-ups and fall-out:

  • (Serial victim or repeat offender?) Hack me once, shame on you. Hack me twice, shame on me? https://www.databreaches.net/hack-me-once-shame-on-you-hack-me-twice-shame-on-me/

Privacy

Articles about privacy related news, risks, and trends.

• Boffins propose Pretty Good Phone Privacy to end pretty invasive location data harvesting by telcos https://www.theregister.com/2021/08/11/phone_location_masking/ and https://arstechnica.com/information-technology/2021/08/a-simple-software-fix-could-limit-location-data-sharing/
• Uber Asked Contractor To Allow Video Surveillance In Employee Homes, Bedrooms https://packetstormsecurity.com/news/view/32545/Uber-Asked-Contractor-To-Allow-Video-Surveillance-In-Employee-Homes-Bedrooms.html
• US politician used a private state database to access confidential information about celebrities like Britney Spears and Justin Timberlake, report finds https://www.businessinsider.com/joel-greenberg-private-database-confidential-records-britney-spears-justin-timberlake-2021-8

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

• Canada:

  • O (No!) Canada: Fast-Moving Proposal Creates Filtering, Blocking and Reporting Rules—and Speech Police to Enforce Them https://www.eff.org/deeplinks/2021/08/o-no-canada-fast-moving-proposal-creates-filtering-blocking-and-reporting-rules-1

• US:

  • US Senators Press Amazon On Palm-Recognition Security https://www.pymnts.com/amazon/2021/us-senators-amazon-palm-recognition-biometrics-security/

• World:

  • Activist raided by police after downloading London property firm's 'confidential' meeting minutes from Google Search https://www.theregister.com/2021/08/10/police_raid_man_for_downloading_google_search_docs/
  • China now lets citizens opt out of private face recognition. Does your country? https://www.comparitech.com/blog/vpn-privacy/china-curbs-frt-misuse/

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

• Upcoming Webinars, Virtual Events, and other training related:

  • NIST/NICE Webinar - The Information Technology Workforce and Skills for the Future – Sept 15 https://www.nist.gov/news-events/events/2021/09/nice-webinar-information-technology-workforce-and-skills-future
• Firefox 91 introduces HTTPS by Default in Private Browsing https://blog.mozilla.org/security/2021/08/10/firefox-91-introduces-https-by-default-in-private-browsing/
• How to wipe personal data from discarded devices a mystery for some, researcher says https://www.cbc.ca/news/canada/kitchener-waterloo/guelph-study-clearing-old-devices-data-information-1.6136231
• GitHub deprecates account passwords for authenticating Git operations https://www.bleepingcomputer.com/news/security/github-deprecates-account-passwords-for-authenticating-git-operations/
• Google drops Bluetooth Titan Security Keys in favor of NFC versions https://www.bleepingcomputer.com/news/security/google-drops-bluetooth-titan-security-keys-in-favor-of-nfc-versions/
• Welcoming the Turkish Government to Have I Been Pwned https://www.troyhunt.com/welcoming-the-turkish-government-to-have-i-been-pwned/
• Fuzz Off: How to Shake Up Code to Get It Right – Podcast https://threatpost.com/fuzz-off-how-to-shake-up-code-to-get-it-right-podcast/168487/
• Mathematicians are deploying algorithms to stop gerrymandering https://www.technologyreview.com/2021/08/12/1031567/mathematicians-algorithms-stop-gerrymandering/

• Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

• Microsoft Patches 3 Zero-Day Vulnerabilities https://www.databreachtoday.com/microsoft-patches-3-zero-day-vulnerabilities-a-17256
• Microsoft confirms another Windows print spooler zero-day bug https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-another-windows-print-spooler-zero-day-bug/
• Actively Exploited Windows Zero-Day Gets a Patch https://threatpost.com/exploited-windows-zero-day-patch/168539/
• Microsoft Takes Another Stab at PrintNightmare Security Fix https://www.securityweek.com/microsoft-takes-another-stab-printnightmare-security-fix
• Detecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One https://www.trendmicro.com/en_us/research/21/h/detecting-printnightmare-exploit-attempts-with-trend-micro-vision-one-and-cloud-one.html
• The NSA advised Microsoft about a bug in one of the CryptoAPI libraries used since NT 4.0 days https://www.darkreading.com/abtv/nsa-schools-microsoft-about-crypto/a/d-id/756878
• Microsoft August 2021 Patch Tuesday, (Tue, Aug 10th) https://isc.sans.edu/diary/rss/27736
• Windows 365 exposes Microsoft Azure credentials in plain-text https://www.bleepingcomputer.com/news/microsoft/windows-365-exposes-microsoft-azure-credentials-in-plain-text/
• One Year Later: What Can We Learn from Zerologon? https://www.tenable.com/blog/one-year-later-what-can-we-learn-from-zerologon
• A Critical Random Number Generator Flaw Affects Billions of IoT Devices https://thehackernews.com/2021/08/a-critical-random-number-generator-flaw.html
• Magento Update Released to Fix Critical Flaws Affecting E-Commerce Sites https://thehackernews.com/2021/08/magento-update-released-fix-critical.html
• A 5G Shortcut Leaves Phones Exposed to Stingray Surveillance https://www.wired.com/story/5g-network-stingray-surveillance-non-standalone
• Leaked Voting Machine BIOS Passwords May Implicate Q-Friendly County Clerk https://packetstormsecurity.com/news/view/32553/Leaked-Voting-Machine-BIOS-Passwords-May-Implicate-Q-Friendly-County-Clerk.html
• Black Hat: Novel DNS Hack Spills Confidential Corp Data https://threatpost.com/black-hat-novel-dns-hack/168636/
• New Glowworm Attack Recovers Device's Sound from Its LED Power Indicator https://thehackernews.com/2021/08/new-glowworm-attack-recovers-devices.html
• Analysis: Self-Driving Tractors at Risk of Being Hacked https://www.databreachtoday.com/interviews/analysis-self-driving-tractors-at-risk-being-hacked-i-4947

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

• Trends, Alerts, and Events (other than major breaches):

  • Cybercrime victims lose an estimated $318 billion annually https://www.comparitech.com/blog/vpn-privacy/cybercrime-cost/
  • Hackers Netting Average Of Nearly $10,000 For Stolen Network Access https://packetstormsecurity.com/news/view/32547/Hackers-Netting-Average-Of-Nearly-10-000-For-Stolen-Network-Access.html
  • Most supply chain attacks target supplier's code—ENISA https://www.trendmicro.com/en_us/research/21/h/most-supply-chain-attacks-target-suppliers-code-enisa.html
  • Criminals checking how clean their Bitcoins are? https://www.bbc.co.uk/news/technology-58176113
  • Using AI to Scale Spear Phishing https://www.schneier.com/blog/archives/2021/08/using-ai-to-scale-spear-phishing.html
  • Microsoft Details Year-Long Office 365 Phishing Campaign https://www.databreachtoday.com/microsoft-details-year-long-office-365-phishing-campaign-a-17292
  • Microsoft Exchange servers are getting hacked via ProxyShell exploits https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-servers-are-getting-hacked-via-proxyshell-exploits/
  • Android Malware ‘FlyTrap' Hijacks Facebook Accounts https://threatpost.com/android-malware-flytrap-facebook/168463/
  • WordPress Sites Abused in Aggah Spear-Phishing Campaign https://threatpost.com/aggah-wordpress-spearphishing/168657/
  • Hackers Spotted Using Morse Code in Phishing Attacks to Evade Detection https://thehackernews.com/2021/08/hackers-spotted-using-morse-code-in.html
  • Experts Shed Light On New Russian Malware-as-a-Service Written in Rust https://thehackernews.com/2021/08/experts-shed-light-on-new-russian.html
  • Synology NAS Devices Targeted by StealthWorker Botnet https://www.databreachtoday.com/synology-nas-devices-targeted-by-stealthworker-botnet-a-17261
  • Splunk spots malware targeting Windows Server on AWS to mine Monero https://www.theregister.com/2021/08/10/crypto_botnet_targets_windows_on_aws/

• The $610M Crypto heist turned bug bounty:

  • Hacker behind biggest cryptocurrency heist ever returns stolen funds https://www.bleepingcomputer.com/news/security/hacker-behind-biggest-cryptocurrency-heist-ever-returns-stolen-funds/
  • Poly Network Rewards Hacker With $500,000 Bug Bounty https://packetstormsecurity.com/news/view/32559/Poly-Network-Rewards-Hacker-With-500-000-Bug-Bounty.html
• UK security chiefs issue guidance to ministers over hackers on WhatsApp https://www.theguardian.com/technology/2021/aug/13/uk-security-chiefs-issue-guidance-after-hackers-target-ministers-on-whatsapp

• Nation State Actors:

  • How Chinese Hacking Groups Target Russia https://www.databreachtoday.com/how-chinese-hacking-groups-target-russia-a-17247
  • Chinese hackers disguised themselves as Iran to target Israel https://www.technologyreview.com/2021/08/10/1031622/chinese-hackers-false-flag-iran-israel-fireeye/
  • Huawei stole our tech and created a 'backdoor' to spy on Pakistan, claims IT biz https://www.theregister.com/2021/08/13/huawei_accused_of_trade_secret/

Other Security / Risk

Articles covering other types of risks.

• Apple's Photo Scanning Controversy continues:

  • Apple admits announcement of new photo scanning feature was ‘jumbled pretty badly' https://www.independent.co.uk/life-style/gadgets-and-tech/apple-iphone-scanning-csam-b1902258.html
  • Here's why Apple's new child safety features are so controversial https://www.theverge.com/22617554/apple-csam-child-safety-features-jen-king-riana-pfefferkorn-interview-decoder
  • If You Build It, They Will Come: Apple Has Opened the Backdoor to Increased Surveillance and Censorship Around the World https://www.eff.org/deeplinks/2021/08/if-you-build-it-they-will-come-apple-has-opened-backdoor-increased-surveillance
  • Action on sexual abuse images is overdue, but Apple's proposals bring other dangers | Ross Anderson https://www.theguardian.com/commentisfree/2021/aug/14/sexual-abuse-images-apple-tech-giant-iphones-us-surveillance
  • Apple employees fear that repressive governments could exploit a new feature that scans iPhones for child sex abuse images, a report says https://www.businessinsider.com/apple-employees-worry-scan-iphones-child-sex-abuse-images-exploited-2021-8
  • Apple says its iCloud scanning will rely on multiple child safety groups to address privacy fears https://www.theverge.com/2021/8/13/22623859/apple-icloud-photos-csam-scanning-security-multiple-jurisdictions-safeguard
• Data Shows Employees Tried 65 Million Times To Export Source Code In Q2 https://www.pymnts.com/news/security-and-risk/2021/data-shows-employees-tried-65-million-times-export-source-code-q2/
• Users Can Be Just As Dangerous As Hackers https://thehackernews.com/2021/08/users-can-be-just-as-dangerous-as.html
• ENISA says System Failure is on the Rise https://www.trendmicro.com/en_us/research/21/h/enisa-says-system-failure-is-on-the-rise.html

• Why No HTTPS? The 2021 Version https://www.troyhunt.com/why-no-https-the-2021-version/

  • The Pitfalls of Poor Software Implementation https://blog.isc2.org/isc2_blog/2021/08/the-pitfalls-of-poor-software-implementation.html
  • Facebook shut down German research on Instagram algorithm, researchers say https://www.theverge.com/2021/8/13/22623354/facebook-instagram-algorithm-watch-research-legal-threat
  • Politics and Security Don't Mix https://www.securityweek.com/politics-and-security-dont-mix

• ‘Likes' and ‘shares' teach people to express more outrage online https://scienmag.com/likes-and-shares-teach-people-to-express-more-outrage-online/

  • Black Hat: Scaling Automated Disinformation for Misery and Profit https://threatpost.com/scaling-automated-disinformation/168484/
  • Two essays on bias and stupidity and how smart people can get tripped up https://psyche.co/ideas/why-some-of-the-smartest-people-can-be-so-very-stupid and https://www.newyorker.com/tech/frontal-cortex/why-smart-people-are-stupid
  • OpenAI can translate English into code with its new machine learning software Codex https://www.theverge.com/2021/8/10/22618128/openai-codex-natural-language-into-code-api-beta-access
  • SpaceX to launch billboard satellite that plays ads and hopes ‘people don't do something inappropriate' https://www.independent.co.uk/life-style/gadgets-and-tech/spacex-satellite-ads-elon-musk-spacex-gec-b1899373.html
  • What to Do When Schools Use Canvas or Blackboard Logs to Allege Cheating https://www.eff.org/deeplinks/2021/08/what-do-when-schools-use-canvas-or-blackboard-logs-allege-cheating

• Health, Safety & Environment:

  • New Canadian Moderna plant welcomed by public health experts but more details needed https://globalnews.ca/news/8101592/moderna-vaccine-plant-announcement/
  • What will a COVID-19-era Canadian federal election look like? What voters need to know https://globalnews.ca/news/8057455/canada-election-2021-covid/
  • Guinea reports first-ever case of rare and deadly Marburg virus https://globalnews.ca/news/8100286/marburg-virus-guinea-west-africa-who/
  • Dehumidifiers sold at Costco and other stores are being recalled after causing $17 million in property damage https://www.businessinsider.com/dehumidifiers-recall-costco-honeywell-whirlpool-danby-17-million-fire-damage-2021-8
  • Ontario issues warning about frozen mango products linked to Hepatitis A https://toronto.ctvnews.ca/ontario-issues-warning-about-frozen-mango-products-linked-to-hepatitis-a-1.5546046
  • When Your Yard Can Kill You (Wildfires) https://www.theatlantic.com/politics/archive/2021/08/california-defensible-space-fire-laws/619685/
  • Florida mom shot, killed by toddler during work Zoom call https://globalnews.ca/news/8109852/mom-shot-killed-toddler-zoom-call-florida/
  • Indian rocket suffers catastrophic failure during launch, Earth-watching satellite lost https://www.space.com/india-rocket-launch-fails-eos-03-satellite-lost
  • We're probably safe from an impact by the asteroid Bennu for another 300 years https://www.syfy.com/syfywire/were-probably-safe-from-an-impact-by-the-asteroid-bennu-for-another-300-years
  • July was Earth's hottest month in recorded history https://www.businessinsider.com/july-was-earths-hottest-month-in-recorded-history-2021-8
  • Earth Is Warmer Than It's Been in 125,000 Years https://www.scientificamerican.com/article/earth-is-warmer-than-its-been-in-125-000-years/
  • It's Grim https://www.theatlantic.com/science/archive/2021/08/latest-ipcc-report-catastrophe/619698/
  • Electric Cars for Everyone? Not Unless They Get Cheaper. https://www.nytimes.com/2021/08/09/business/energy-environment/biden-electric-cars-cost.html
  • Project Arrow, Canada's zero-emissions concept car, gets $5M in federal funding https://www.cbc.ca/news/canada/windsor/fedev-ontario-5million-project-arrow-1.6137307
  • An 82-year-old engineer designed a machine that extracts water from the air to make drinking water https://www.businessinsider.com/tech-technology-news-innovator-water-scarcity-drought-solution-shortage-science-2021-8
  • The Loneliest Whale: Documentary Chronicles a Search for the 52 Hertz Whale https://www.mentalfloss.com/article/648247/52-hertz-loneliest-whale-documentary
  • The record number of workers quitting is now in its third month, and it looks here to stay https://www.businessinsider.com/record-number-workers-quitting-in-third-month-here-to-stay-2021-8
  • Google may cut pay of staff who work from home https://www.bbc.co.uk/news/business-58171716

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

• The spread, curves, spikes, waves, reinfection, and variant strains:

  • AstraZeneca Scientist Says Delta Variant Makes Herd Immunity Impossible. Here's Why https://www.sciencealert.com/delta-variant-means-we-can-rule-out-herd-immunity-says-astra-zeneca-developer
  • As the Lambda COVID-19 variant dominates South America, should Canadians be concerned? https://globalnews.ca/news/8103716/lambda-covid-variant-south-america-canada/
  • 27 people aboard Carnival cruise test positive for COVID-19 https://globalnews.ca/news/8109462/carnival-cruise-covid-19-positive-belize/
  • People are starting to shun restaurants as the Delta variant spreads - especially in states where the virus risk is high https://www.businessinsider.com/people-are-shunning-restaurants-in-high-risk-states-for-covid-2021-8
  • U.S. COVID-19 cases, hospitalizations hit 6-month high amid Delta variant surge https://globalnews.ca/news/8098157/delta-variant-u-s-covid-19-6-month-high/
  • Florida and Texas are seeing more kids under 18 hospitalized with COVID-19 than any other state. Mask mandates in schools are banned. https://www.businessinsider.com/under-18-hospitalized-covid-19-florida-texas-2021-8
  • Three Florida teachers die of Covid, says union https://www.bbc.co.uk/news/world-us-canada-58204206
  • Ontario reports 511 new COVID-19 cases and no new deaths on Sunday https://www.cbc.ca/news/canada/toronto/covid-19-ontario-august-15-2021-update-1.6141648

• Guidance, Response, and Recovery:

  • Take a look at the 6-mile lines going into Canada, where drivers are waiting up to 7 hours to enter after the US travel ban lifted https://www.businessinsider.com/pictures-long-lines-to-canada-border-reopens-travel-ban-lifts-2021-8
  • Vaccine passports for foreign travel expected this fall https://www.ctvnews.ca/health/coronavirus/vaccine-passports-for-foreign-travel-expected-this-fall-1.5543267
  • Mixed doses a travel concern for Canadians as feds bring in vaccine passport https://globalnews.ca/news/8107524/covid-vaccine-mixed-dose-travel-passport-canada/
  • Provinces divided on making use of COVID-19 vaccine passports. Here's why https://globalnews.ca/news/8105184/covid-vaccine-passport-provinces-plan/
  • Ontario business groups call for COVID-19 vaccine certificate system to avoid lockdown https://globalnews.ca/news/8098274/ontario-business-groups-call-for-covid-vaccine-certificate-system/
  • No proof of vaccine required at TIFF; masks, testing for media, talent mandatory https://toronto.ctvnews.ca/no-proof-of-vaccine-required-at-tiff-masks-testing-for-media-talent-mandatory-1.5544575
  • Ontario now has separate self-isolation rules for vaccinated individuals. Here's what you need to know https://toronto.ctvnews.ca/ontario-now-has-separate-self-isolation-rules-for-vaccinated-individuals-here-s-what-you-need-to-know-1.5542728
  • Head of Ont. science table says he won't support further easing of COVID-19 restrictions due to fourth wave https://toronto.ctvnews.ca/head-of-ont-science-table-says-he-won-t-support-further-easing-of-covid-19-restrictions-due-to-fourth-wave-1.5542780

• Treatments, Testing, Triage, Trials, and things we Learned:

  • Dogs to sniff out COVID-19 in Vancouver hospitals https://globalnews.ca/news/8107205/covid-sniffer-dogs/

• Immunity and Vaccinations:

  • Why Is It Taking So Long to Get Vaccines for Kids? https://www.theatlantic.com/health/archive/2021/08/covid-vaccination-timeline-children/619729/
  • Pfizer's 3rd COVID-19 shot has similar side effects to 2nd, Israeli survey finds https://globalnews.ca/news/8096515/israeli-survey-3rd-pfizer-shot-side-effects/
  • 'We are not anti-vaxxers': Concerns over side-effects, research among main reasons some Canadians are not getting COVID-19 vaccine https://www.ctvnews.ca/health/coronavirus/we-are-not-anti-vaxxers-concerns-over-side-effects-research-among-main-reasons-some-canadians-are-not-getting-covid-19-vaccine-1.5545896
  • How one woman overcame her vaccine hesitancy: 'You call them anti-vaxxers - I believe a lot of them are just afraid' https://www.businessinsider.com/woman-overcame-vaccine-hesitancy-fears-facts-2021-8
  • Vaccine Refusers Risk Compassion Fatigue https://www.theatlantic.com/ideas/archive/2021/08/health-care-workers-compassion-fatigue-vaccine-refusers/619716/
  • Stop making excuses for vaccine resisters https://www.businessinsider.com/ceo-new-york-healthcare-system-stop-making-excuses-vaccine-resisters-2021-8
  • COVID-19 vaccine will be required among U.S. military forces by Sept. 15: Pentagon https://globalnews.ca/news/8098039/covid-19-vaccine-u-s-military-pentagon/
  • Things we learned:

• More of the good, the bad, and the ugly:

  • Facebook removes anti-vax influencer campaign https://www.bbc.co.uk/news/blogs-trending-58167339

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

• A Common North American Plant Was Just Discovered to Be Secretly Carnivorous https://www.sciencealert.com/a-new-carnivorous-plant-has-been-discovered-in-north-america
• Orange you glad I have another optical illusion to confuse your brain? https://www.syfy.com/syfywire/orange-you-glad-i-have-another-optical-illusion-to-confuse-your-brain
• ‘Ten years ago this was science fiction': the rise of weedkilling robots https://www.theguardian.com/environment/2021/aug/14/weedkilling-robots-farming-pesticide-use-sustainable
• Scientists Discover How to Make Glass So Hard, It Can Even Scratch Diamond https://www.sciencealert.com/this-record-new-type-of-glass-is-so-hard-it-can-even-scratch-diamond
• NASA's new space suits are delayed, making a 2024 Moon landing ‘not feasible' https://www.theverge.com/2021/8/10/22618275/nasa-spacesuits-delay-inspector-general-report-2024-artemis
• Avoiding the Great Filter. How Long Until We're Living Across the Solar System? https://www.universetoday.com/152113/avoiding-the-great-filter-how-long-until-were-living-across-the-solar-system/
• Neptune at Opposition: Don't Miss Your Chance to See the Solar System's Most Remote Planet https://www.mentalfloss.com/article/649196/how-to-see-neptune-opposition-september-2021
• Astronomers Find a Nearby Star That a Spitting Image of a Young Sun https://www.universetoday.com/152146/astronomers-find-a-nearby-star-that-a-spitting-image-of-a-young-sun/
• Confirmed! A tiny nearby exoplanet with only 40% of Earth's mass https://www.syfy.com/syfywire/confirmed-a-tiny-nearby-exoplanet-with-only-40-of-earths-mass
• Astronomers Identify Supernova Shrapnel Flung So Fast, It's Going to Leave Our Galaxy https://www.sciencealert.com/shrapnel-from-a-supernova-has-been-spotted-zooming-out-of-the-milky-way