This Week's [in]Security - Issue 268

Written by CG Blogger | May 22, 2022 3:00:00 PM

Welcome to This Week’s [in]Security. PCI and payments: e-com skimmers. New breaches: Malaysia. Kubernetes, TrustStamp. New Ransomware: Countries, Nikkei. Major outages. Follow-ups & Fall-out. Privacy: You for sale, ID.me. Laws & Regs - Canada: Huawei ban, C-11. US: CFAA abuse, AML settlement. World: cybersecurity reporting, platform liability, Standards: NIST 800-140C/D. Defense - Training & events: Tools: Supply chain framework, Browser password vaults. Vulnerabilities - Advisories: Initial access, CISA Vmware & A/D. Zerodays: what APTs know, Mac, iOS. Patching: partial protection, NVIDIA. Other: Spies in the workforce, e-voting, OAuth, SQL persistence, WordPress, Russian CA? Vulnerability research: Bluetooth relay attack, Tesla. Crypto-research: Post-quantum, Telegram. Cybercrime: MSP attacks. FaceStealer, MSSQL brute force, chatbots, exotic languages. Crime & Enforcement, Nation States & mercenaries. Other Risks: Cyber-insurance, Facebook e-com, CitizenLab on Bing. Health, Safety, & Environment. Disinformation, Economy. Russia v. Ukraine. Innovation and more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

Payment skimmers/malware/fraud:

Skimming for Sale: Commodity Skimming and Magecart Trends in Q1 2022 https://www.riskiq.com/blog/external-threat-management/magecart-skimming-trends/

Other payment related:

China reveals its top five sources of online fraud https://www.theregister.com/2022/05/17/china_internet_fraud_sources/

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

New Breaches:

Data leak containing info of 22.5 million Malaysians not from NRD, says Hamzah https://www.databreaches.net/data-leak-containing-info-of-22-5-million-malaysians-not-from-nrd-says-hamzah/
380K Kubernetes API Servers Exposed to Public Internet https://threatpost.com/380k-kubernetes-api-servers-exposed-to-public-internet/179679/
Strapi Exposed Data, Password Reset To Unprivileged Users https://packetstormsecurity.com/news/view/33476/Strapi-Exposed-Data-Password-Reset-To-Unprivileged-Users.html
Trust Stamp, a facial recognition company with a $7.2 million ICE contract, had dozens of peoples' data exposed in breach https://www.databreaches.net/trust-stamp-a-facial-recognition-company-with-a-7-2-million-ice-contract-had-dozens-of-peoples-data-exposed-in-breach/
Update: More than 90,000 South Australian public servants now involved in payroll data breach https://www.databreaches.net/update-more-than-90000-south-australian-public-servants-now-involved-in-payroll-data-breach/
Ca: Big data breach confirmed at Arnprior Regional Health https://www.databreaches.net/ca-big-data-breach-confirmed-at-arnprior-regional-health/
Ca: Elgin data breach ‘devastating' for victims; county not transparent about incident – Cavoukian https://www.databreaches.net/ca-elgin-data-breach-devastating-for-victims-county-not-transparent-about-incident-cavoukian/
UK: Cornwall Council Data Breach https://www.databreaches.net/uk-cornwall-council-data-breach/

New Ransomware and "Incidents":

Greenland hit by cyber attack, finds its health service crippled https://www.databreaches.net/greenland-hit-by-cyber-attack-finds-its-health-service-crippled/
Exploratory study into ransomware attacks in Dutch government services and companies https://www.databreaches.net/exploratory-study-into-ransomware-attacks-in-dutch-government-services-and-companies/
Media giant Nikkei's Asian unit hit by ransomware attack https://www.bleepingcomputer.com/news/security/media-giant-nikkei-s-asian-unit-hit-by-ransomware-attack/
Ransomware attack exposes data of 500,000 Chicago students https://www.bleepingcomputer.com/news/security/ransomware-attack-exposes-data-of-500-000-chicago-students/

Major outages/downs:

Microsoft detects massive surge in Linux XorDDoS malware activity https://www.bleepingcomputer.com/news/security/microsoft-detects-massive-surge-in-linux-xorddos-malware-activity/

Follow-ups and fall-out:

Read Novel (unverified) - 22,424,472 breached accounts https://haveibeenpwned.com/PwnedWebsites#ReadNovel

Privacy

Articles about privacy related news, risks, and trends.

Your data's auctioned off up to 987 times a day, NGO reports https://www.theregister.com/2022/05/18/advertisers_broadcast_pii_more_than/
Senators Urge FTC to Probe ID.me Over Selfie Data https://krebsonsecurity.com/2022/05/senators-urge-ftc-to-probe-id-me-over-selfie-data/
Senators Urge FTC to Investigate ID.me's Facial Recognition Claims https://epic.org/senators-urge-ftc-to-investigate-id-mes-facial-recognition-claims/
New Surveillance Transparency Report Documents an Urgent Need for Change https://www.eff.org/deeplinks/2022/05/new-surveillance-transparency-report-documents-urgent-need-change
Teen who tracks Elon Musk's jet says he's discovered Mark Zuckerberg's new aircraft https://www.businessinsider.com/elon-musk-jet-tracking-teen-claims-discovered-mark-zuckerberg-plane-2022-5

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

Canada:

Canada to formally ban China's Huawei from 5G networks https://globalnews.ca/news/8849160/huawei-canada-ban-decision-5g/
CRTC Chair Confirms Bill C-11 Captures User Content, Will Take Years to Implement https://www.michaelgeist.ca/2022/05/crtc-chair-confirms/
Is There Anything Less Convincing than CRTC Chair Ian Scott's Empty Assurances on Bill C-11 User Content Regulation? https://www.michaelgeist.ca/2022/05/is-there-anything-less-convincing-than-crtc-chair-ian-scotts-empty-assurances-on-bill-c-11-user-content-regulation/
No Comment: Government Moves to End Debate on Online News Bill Despite a No-Show from Canadian Heritage Minister Pablo Rodriguez https://www.michaelgeist.ca/2022/05/no-comment-government/

Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act https://www.databreaches.net/department-of-justice-announces-new-policy-for-charging-cases-under-the-computer-fraud-and-abuse-act/
US won't prosecute ‘good faith' security researchers under CFAA https://www.theregister.com/2022/05/20/cfaa_rule_change/
Connecticut Enacts Privacy Law https://epic.org/connecticut-enacts-privacy-law/
DOJ's New CFAA Policy is a Good Start But Does Not Go Far Enough to Protect Security Researchers https://www.databreaches.net/dojs-new-cfaa-policy-is-a-good-start-but-does-not-go-far-enough-to-protect-security-researchers/
A Tesla driver who had his car on Autopilot in a fatal crash faces manslaughter charges, report says https://www.businessinsider.com/driver-who-had-tesla-on-autopilot-in-crash-manslaughter-trial-2022-5
Wells Fargo to Pay $7M to Settle SEC AML Allegations https://www.pymnts.com/aml/2022/wells-fargo-to-pay-7m-to-settle-sec-aml-allegations/

World:

Europe moves closer to stricter cybersecurity standards, reporting regs https://www.theregister.com/2022/05/17/europe_nis2_cybersecurity_regulations/
Platform Liability Trends Around the Globe: From Safe Harbors to Increased Responsibility https://www.eff.org/deeplinks/2022/05/platform-liability-trends-around-globe-safe-harbors-increased-responsibility
India slightly softens infosec incident reporting and data retention rules https://www.theregister.com/2022/05/20/cert_in_rules_faq/

Standards News:

NIST Revises Special Publications 800-140C and 800-140D for the CMVP Approved Security Functions and Approved Sensitive Security Parameter Generation and Establishment Methods https://csrc.nist.gov/publications/detail/sp/800-140c/rev-1/final

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Methods, Techniques, Tools, and Products:
- MITRE Creates Framework for Supply Chain Security https://www.darkreading.com/application-security/mitre-creates-framework-for-supply-chain-security
- Use Your Browser Internal Password Vault... or Not?, (Tue, May 17th) https://isc.sans.edu/diary/rss/28658
- Closing the Gap Between Application Security and Observability https://threatpost.com/gap-application-security-and-observability/179684/
- Downloading Pwned Passwords Hashes with the HIBP Downloader https://www.troyhunt.com/downloading-pwned-passwords-hashes-with-the-hibp-downloader/
- Microsoft Defender for Endpoint gets new troubleshooting mode https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-for-endpoint-gets-new-troubleshooting-mode/
- In hot pursuit of ‘cryware': Defending hot wallets from attacks https://www.microsoft.com/security/blog/2022/05/17/in-hot-pursuit-of-cryware-defending-hot-wallets-from-attacks/

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Advisories:

Alert (AA22-137A): Weak Security Controls and Practices Routinely Exploited for Initial Access https://www.databreaches.net/alert-aa22-137a-weak-security-controls-and-practices-routinely-exploited-for-initial-access/
Cybersecurity agencies reveal top initial access attack vectors https://www.bleepingcomputer.com/news/security/cybersecurity-agencies-reveal-top-initial-access-attack-vectors/
CISA warns admins to patch actively exploited VMware, Zyxel bugs https://www.bleepingcomputer.com/news/security/cisa-warns-admins-to-patch-actively-exploited-vmware-zyxel-bugs/
CISA: Hackers Will Quickly Start Exploiting Newly Patched VMware Vulnerabilities https://www.securityweek.com/cisa-hackers-will-quickly-start-exploiting-newly-patched-vmware-vulnerabilities
CISA warns not to install May Windows updates on domain controllers https://www.bleepingcomputer.com/news/security/cisa-warns-not-to-install-may-windows-updates-on-domain-controllers/

Zero-day news:

APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days https://threatpost.com/apts-overwhelmingly-share-known-vulnerabilities-rather-than-attack-o-days/179657/
Apple emergency update fixes zero-day used to hack Macs, Watches https://www.bleepingcomputer.com/news/security/apple-emergency-update-fixes-zero-day-used-to-hack-macs-watches/
Cisco urges admins to patch IOS XR zero-day exploited in attacks https://www.bleepingcomputer.com/news/security/cisco-urges-admins-to-patch-ios-xr-zero-day-exploited-in-attacks/

Patching:

Partial Patching Still Provides Strong Protection Against APTs https://www.darkreading.com/application-security/reactive-patching-is-not-significantly-riskier-than-planned-updates-study-shows
Microsoft emergency updates fix Windows AD authentication issues https://www.bleepingcomputer.com/news/microsoft/microsoft-emergency-updates-fix-windows-ad-authentication-issues/
NVIDIA fixes ten vulnerabilities in Windows GPU display drivers https://www.bleepingcomputer.com/news/security/nvidia-fixes-ten-vulnerabilities-in-windows-gpu-display-drivers/

Other Vulnerabilities:

North Korean IT Workers Are Infiltrating Tech Companies https://www.wired.com/story/north-korea-it-workers-security-roundup
A PDF File Is Not Paper, So PDF Ballots Cannot Be Verified https://freedom-to-tinker.com/2022/05/19/a-pdf-file-is-not-paper-so-pdf-ballots-cannot-be-verified/
High-Severity Bug Reported in Google's OAuth Client Library for Java https://thehackernews.com/2022/05/high-severity-bug-reported-in-googles.html
Hackers Gain Fileless Persistence on Targeted SQL Servers Using a Built-in Utility https://thehackernews.com/2022/05/hackers-gain-fileless-persistence-on.html
Backdoor baked into premium school management plugin for WordPress https://www.bleepingcomputer.com/news/security/backdoor-baked-into-premium-school-management-plugin-for-wordpress/
Critical Jupiter WordPress plugin flaws let hackers take over sites https://www.bleepingcomputer.com/news/security/critical-jupiter-wordpress-plugin-flaws-let-hackers-take-over-sites/
Why is my Honeypot a Russian Certificate Authority?, (Mon, May 16th) https://isc.sans.edu/diary/rss/28652

Research on new vulnerabilities:

New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars https://thehackernews.com/2022/05/new-bluetooth-hack-could-let-attackers.html
Researchers Devise New Type of Bluetooth LE Relay Attacks https://www.securityweek.com/researchers-devise-new-type-bluetooth-le-relay-attacks
Pentester pops open Tesla Model 3 using low-cost Bluetooth module https://www.theregister.com/2022/05/17/ble_vulnerability_lets_attackers_steal/

Cryptography and Cryptographic Research:

Protecting data now as the quantum era approaches https://www.theregister.com/2022/05/20/quantum-security-qusecure/
The NSA Says that There are No Known Flaws in NIST's Quantum-Resistant Algorithms https://www.schneier.com/blog/archives/2022/05/the-nsa-says-that-there-are-no-known-flaws-in-nists-quantum-resistant-algorithms.html
On the Cryptographic Fragility of the Telegram Ecosystem, by Theo von Arx and Kenneth G. Paterson https://eprint.iacr.org/2022/595

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

Trends, Alerts, and Events (other than major breaches):

Attacks on Managed Service Providers Expected to Increase https://www.schneier.com/blog/archives/2022/05/attacks-on-managed-service-providers-expected-to-increase.html
This Russian botnet does far more than DDoS attacks - and on a massive scale https://www.zdnet.com/article/russian-fronton-botnet-spreads-misinformation-on-a-massive-scale
2 vulnerabilities with 9.8 severity ratings are under exploit. A 3rd looms https://arstechnica.com/information-technology/2022/05/2-vulnerabilities-with-9-8-severity-ratings-are-under-exploit-a-3rd-looms/
6 Scary Tactics Used in Mobile App Attacks https://www.darkreading.com/application-security/6-scary-tactics-used-in-mobile-app-attacks
Global Food Supply Chain At Risk From Malicious Hackers https://packetstormsecurity.com/news/view/33477/Global-Food-Supply-Chain-At-Risk-From-Malicious-Hackers.html
Phishing Attacks for Initial Access Surged 54% in Q1 https://www.darkreading.com/risk/phishing-attacks-for-initial-access-surged-q1
iPhone Malware that Operates Even When the Phone Is Turned Off https://www.schneier.com/blog/archives/2022/05/iphone-malware-that-operates-even-when-the-phone-is-turned-off.html
Over 200 Apps on Play Store Caught Spying on Android Users Using Facestealer https://thehackernews.com/2022/05/over-200-apps-on-play-store-caught.html
PDF smuggles Microsoft Word doc to drop Snake Keylogger malware https://www.bleepingcomputer.com/news/security/pdf-smuggles-microsoft-word-doc-to-drop-snake-keylogger-malware/
Microsoft warns of brute-force attacks targeting MSSQL servers https://www.bleepingcomputer.com/news/security/microsoft-warns-of-brute-force-attacks-targeting-mssql-servers/
Phishing websites now use chatbots to steal your credentials https://www.bleepingcomputer.com/news/security/phishing-websites-now-use-chatbots-to-steal-your-credentials/
Researchers Uncover Rust Supply Chain Attack Targeting Cloud CI Pipelines https://thehackernews.com/2022/05/researchers-uncover-rust-supply-chain.html
UpdateAgent Returns with New macOS Malware Dropper Written in Swift https://thehackernews.com/2022/05/updateagent-returns-with-new-macos.html
When Your Smart ID Card Reader Comes With Malware https://krebsonsecurity.com/2022/05/when-your-smart-id-card-reader-comes-with-malware/
Conti ransomware shuts down operation, rebrands into smaller units https://www.bleepingcomputer.com/news/security/conti-ransomware-shuts-down-operation-rebrands-into-smaller-units/
Lazarus hackers target VMware servers with Log4Shell exploits https://www.bleepingcomputer.com/news/security/lazarus-hackers-target-vmware-servers-with-log4shell-exploits/

Crime & Arrests, etc.:

Venezuelan cardiologist charged with 'designing and selling ransomware' https://www.theregister.com/2022/05/17/zagala_venezuelan_cardiologist_ransomware_charges/
US Recovers $15 Million From Ad Fraud Group https://www.securityweek.com/us-recovers-15-million-ad-fraud-group

Nation State Actors:

Cytrox's Predator Spyware Targeted Android Users with Zero-Day Exploits https://thehackernews.com/2022/05/cytroxs-predator-spyware-target-android.html
Spyware Vendors Target Android With Zero-Day Exploits https://www.wired.com/story/android-spyware-cytrox-predator-google-tag
Mandiant Quietly Investigating Suspected Russian Intrusions https://www.databreaches.net/mandiant-quietly-investigating-suspected-russian-intrusions/
Other:

Other Security / Risk

Articles covering other types of risks.

General:

Cyber Insurers Raise Rates Amid a Surge in Costly Hacks https://www.wsj.com/articles/cyber-insurers-raise-rates-amid-a-surge-in-costly-hacks-11652866200
Facebook rated least safe e-commerce option in government rankings https://www.theregister.com/2022/05/17/facebook_rated_least_safe_ecommerce/
Bada Bing, Bada Boom: Microsoft Bing's Chinese Political Censorship of Autosuggestions in North America https://citizenlab.ca/2022/05/bada-bing-bada-boom-microsoft-bings-chinese-political-censorship-autosuggestions-north-america/

Health:

Monkeypox has Canadian researchers scrambling. Why, and how contagious is it? https://globalnews.ca/news/8847914/monkeypox-virus-outbreak-canada-explained/
Monkeypox: Here are the treatments and what to do when infected https://globalnews.ca/news/8853838/monkeypox-treatments-vaccine-explainer/
Adenovirus leading hypothesis for severe hepatitis in children, CDC says https://globalnews.ca/news/8852295/adenovirus-leading-hypothesis-severe-hepatitis-children-cdc/
Fraser Valley turkeys to be put down as another case of ‘bird flu' confirmed in B.C. https://globalnews.ca/news/8852632/birds-put-down-bc-farm-avian-flu/
Omicron COVID-19 variant likely to re-infect ‘over and over again,' experts say https://globalnews.ca/news/8861413/covid-reinfection-canada/
BA.2.20 in Ontario doesn't warrant significant concern, experts say https://toronto.ctvnews.ca/ba-2-20-in-ontario-doesn-t-warrant-significant-concern-experts-say-1.5913049

Safety:

Giant Tonga Volcanic Eruption Was as Powerful as Krakatau in 1883, Scientists Reveal https://www.sciencealert.com/record-shattering-atmospheric-waves-burst-from-the-tonga-volcano-along-with-the-tsunamis

Environment:

Over 500 animals and birds lost or possibly extinct, new study shows https://globalnews.ca/news/8861771/animals-birds-lost-extinct-study/
Water Levels in Lake Mead Reach Record Lows https://www.theatlantic.com/photo/2022/05/photos-water-levels-in-lake-mead-record-lows/629900/
'Reef Balls' Gain Traction for Shoreline Protection https://www.scientificamerican.com/article/reef-balls-gain-traction-for-shoreline-protection/
New Kind of 'Solar' Cell Shows We Can Generate Electricity Even at Night https://www.sciencealert.com/engineers-measure-the-potential-of-a-new-kind-of-solar-cell-fueled-by-the-night

Disinformation and misinformation

Why is climate 'doomism' going viral – and who's fighting it? https://www.bbc.co.uk/news/blogs-trending-61495035
University of Toronto Magazine/CitizenLab: The Extremism Machine https://magazine.utoronto.ca/research-ideas/culture-society/extremism-machine-online-disinformation-citizen-lab/
Economy:
Average gas price tops $2 a litre in Canada for the 1st time https://globalnews.ca/news/8841248/record-high-gas-prices-2-dollars/
AI Can Predict People's Race From X-Ray Images, And Scientists Are Concerned https://www.sciencealert.com/ai-can-predict-people-s-race-from-medical-images-and-scientists-are-concerned
Podcast Episode: An AI Hammer in Search of a Nail https://www.eff.org/deeplinks/2022/05/podcast-episode-ai-hammer-search-nail

Russia v. Ukraine

News and announcements relating to Russia's invasion of Ukraine.

The war:

Mariupol defenders begin surrender as Ukraine declares them ‘heroes' https://globalnews.ca/news/8841178/mariupol-surrender-ukraine-russia-war/
Mariupol: Russia declares complete victory at Azovstal plant https://www.bbc.co.uk/news/world-europe-61529877
Ukraine rules out ceasefire as Russia intensifies push for Donbas region https://globalnews.ca/news/8861459/ukraine-rules-out-ceasefire-russia-donbas-region/
A Whole Age of Warfare Sank With the Moskva https://www.theatlantic.com/ideas/archive/2022/05/ukraine-russia-moskva-military-marine-corps/629930/
Russian soldier pleads guilty in 1st war crimes trial over Ukraine invasion https://globalnews.ca/news/8844452/russia-soldier-war-crime-trial-guilty-ukraine/

Reaction and response:

Zelensky: Only diplomacy can end Ukraine war https://www.bbc.co.uk/news/world-europe-61535353
Putin said he invaded Ukraine to stop NATO expanding. He is achieving the opposite. https://www.businessinsider.com/putin-said-invaded-ukraine-stop-nato-expanding-has-achieved-opposite-2022-5
Finland, Sweden apply to join NATO in ‘historic moment' amid Russia's Ukraine war https://globalnews.ca/news/8844419/finland-sweden-nato-application-russia-ukraine-war/
Finland's parliament votes overwhelmingly for the country to join NATO after Russia's invasion of Ukraine https://www.businessinsider.com/finland-parliament-votes-overwhelmingly-to-join-nato-2022-5
Map shows how Russia's border with NATO would more than double with Finland and Sweden as members https://www.businessinsider.com/map-how-russias-nato-border-expands-with-finaland-sweden-members-2022-5
Russia orders CBC out of Moscow after Canada bans RT https://globalnews.ca/news/8844837/russia-cbc-moscow-bureau-closed/

Sanctions & economic Impact:

EU reveals its plans to stop using Russian gas https://www.bbc.co.uk/news/science-environment-61497315
Russia cuts off gas supply to neighbouring Finland over payment dispute https://globalnews.ca/news/8853454/russia-cuts-off-gas-exports-to-finland/
Information, Disinformation, and Propaganda:
Pro-Russian Hackers Spread Hoaxes to Divide Ukraine, Allies https://www.securityweek.com/pro-russian-hackers-spread-hoaxes-divide-ukraine-allies

Cyber-attacks and the potential for cyber-war:

Cyberattacks quietly launched by Russia before its invasion of Ukraine may have been more damaging than intended https://www.databreaches.net/cyberattacks-quietly-launched-by-russia-before-its-invasion-of-ukraine-may-have-been-more-damaging-than-intended/
Ukraine supporters in Germany targeted with PowerShell RAT malware https://www.bleepingcomputer.com/news/security/ukraine-supporters-in-germany-targeted-with-powershell-rat-malware/
Russian Sberbank says it's facing massive waves of DDoS attacks https://www.bleepingcomputer.com/news/security/russian-sberbank-says-it-s-facing-massive-waves-of-ddos-attacks/

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

Innovations & Inventions:

Scientists Just Measured a Mechanical Quantum System Without Destroying It https://www.sciencealert.com/scientists-just-measured-a-mechanical-quantum-system-without-destroying-it

Quatum Innovation.

Boeing's Starliner successfully docks to the International Space Station for the first time https://www.theverge.com/2022/5/20/23132777/boeing-cst-100-starliner-nasa-iss-docking-success-oft-2
Spinlaunch Hurled a Test Rocket Into the air. See What it Looked Like From the Payload's Point of View https://www.universetoday.com/155992/spinlaunch-hurled-a-test-rocket-into-the-air-see-what-it-looked-like-from-the-payloads-point-of-view/

Other:

The Onion on Google Map Surveillance https://www.schneier.com/blog/archives/2022/05/the-onion-on-google-map-surveillance.html
Plants can grow in lunar regolith, but they're not happy about it https://www.universetoday.com/155984/plants-can-grow-in-lunar-regolith-but-theyre-not-happy-about-it/
Over 1,000 New Asteroids Discovered Hidden in Hubble Archives https://www.sciencealert.com/over-1-000-new-asteroids-discovered-hiding-in-old-hubble-images
NASA engineers trying to figure out strange readings from aging interstellar spacecraft https://www.theverge.com/2022/5/20/23132419/nasa-jpl-voyager-1-spacecraft-data-readings-interstellar-space

View full post