This Week's [in]Security - Issue 271

Welcome to This Week’s [in]Security. Non-Compliance Lesson, DSSv4 related, Skimmers, Other Payments. New breaches: 7 breachers per capita, Shields & Yuma Healthcare, Telegram, Palermo. Major outages. Privacy: Twitter, Bluetooth & Wi-Fi, Student spyware. Laws & Regs - Canada: CBSA phone searches, C-11, Crypto regs, Right to disconnect, cigarettes. US: right-to-repair, breach reporting. World: hacking-back, platform liability, message scanning. NSO in court, USB-C. Standards: HTTP RFCs, 5 NIST drafts. Defense - Cyber-skills, Tools & Techniques. Vulnerabilities - Zerodays, Follina, Apple CPUs, Dogwalk, DiagCab. Patching: Chrome, Gitlab. Other: Cloud middleware, U-Boot, Tesla, PyPl/keep. Crypto-research: SSH, Boomerang. Cybercrime - Trends: Follina, Conti, Symbiote, Cracked Ccleaner. Crime & Enforcement: Crypto-thefts, SSNDOB shutdown, 41 phishes. Nation States and mercenaries. Other Risks - General: AI, CitizenLab, Car insurance, Health, Safety, Environment, Disinformation, Economy. Russia v. Ukraine. Innovation and more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

• Control Gap's featured PCI FAQ's & articles (from time to time we will feature articles and FAQ's) :
  • Non-Compliance Lesson No. 4: Keep your head in the cloud when adopting new technologies https://www.controlgap.com/blog/non-compliance-lesson-no.-4-keep-your-head-in-the-cloud-when-adopting-new-technologies
• PCI Related:
  • PCI Acknowledges Danger in Client-Side Attacks, Signals Mitigation Needs to be a Priority https://sourcedefense.com/resources/pci-acknowledges-danger-in-client-side-attacks-signals-mitigation-needs-to-be-a-priority/
• Payment skimmers/malware/fraud:
  • Online gun shops in the US hacked to steal credit cards https://www.bleepingcomputer.com/news/security/online-gun-shops-in-the-us-hacked-to-steal-credit-cards/
• Other payment related:
  • Apple Complies With Dutch Regulators, Allows Other Payment Methods on Dating Apps https://www.pymnts.com/mobile-applications/2022/apple-complies-with-dutch-regulators-allows-other-payment-methods-on-dating-apps/

Breaches / Ransomware / Leaks

• New Breaches:
• Since 2004, The Average American Has Had At Least 7 Data Breaches https://packetstormsecurity.com/news/view/33551/Since-2004-The-Average-American-Has-Had-At-Least-7-Data-Breaches.html
• Shields Health Care Group data breach affects 2 million patients https://www.bleepingcomputer.com/news/security/shields-health-care-group-data-breach-affects-2-million-patients/
• Yuma Regional Medical Center notifying approximately 700,000 patients of ransomware attack https://www.databreaches.net/yuma-regional-medical-center-notifying-approximately-700000-patients-of-ransomware-attack/
• Telegram Reportedly Exposed User Data To Authorities https://www.databreaches.net/telegram-reportedly-exposed-user-data-to-authorities/
• Personal Information of Over 30,000 Students Exposed in Unprotected Database https://www.securityweek.com/personal-information-over-30000-students-exposed-unprotected-database
• Personal and sensitive files from Tehama County Social Services leaked on dark web. Have the victims been notified? https://www.databreaches.net/personal-and-sensitive-files-from-tehama-county-social-services-leaked-on-dark-web-have-the-victims-been-notified/
• Leaking Student Data From US Campus App Found - But is It Real? https://www.databreaches.net/leaking-student-data-from-us-campus-app-found-but-is-it-real/
• New Ransomware and "Incidents":
• Paying Ransomware Paints Bigger Bullseye on Target's Back https://threatpost.com/paying-ransomware-bullseye-back/179915/
• This is (One of Many Reasons) Why Districts Get Hit with Ransomware https://www.databreaches.net/this-is-one-of-many-reasons-why-districts-get-hit-with-ransomware/
• Vice Society ransomware claims attack on Italian city of Palermo https://www.bleepingcomputer.com/news/security/vice-society-ransomware-claims-attack-on-italian-city-of-palermo/
• Major outages/downs:
• AAE-1 & SMW5 cable cuts impact millions of users across multiple countries https://blog.cloudflare.com/aae-1-smw5-cable-cuts/

Privacy

• Twitter Used Two-Factor Login Details for Ad Targeting https://www.schneier.com/blog/archives/2022/06/twitter-used-two-factor-login-details-for-ad-targeting.html
• Researchers Find Bluetooth Signals Can be Fingerprinted to Track Smartphones https://thehackernews.com/2022/06/researchers-find-bluetooth-signals-can.html
• Wi-Fi probing exposes smartphone users to tracking, info leaks https://www.bleepingcomputer.com/news/security/wifi-probing-exposes-smartphone-users-to-tracking-info-leaks/
• Mandatory Student Spyware Is Creating a Perfect Storm of Human Rights Abuses https://www.eff.org/deeplinks/2022/06/mandatory-student-spyware-creating-perfect-storm-human-rights-abuses
• 'A Mass Invasion of Privacy' but No Penalties for Tim Hortons https://ca.finance.yahoo.com/news/mass-invasion-privacy-no-penalties-151852739.html

Laws, Regulations, Platforms, Standards, and Public Policy

• Canada:
• The indefensible Liberal plan to search your phone on a whim https://nationalpost.com/opinion/sabrina-maddeaux-the-indefensible-liberal-plan-to-search-your-phone-on-a-whim
• Defending the Indefensible: If Bill C-11 Won't Pass Until the Fall, Why is the Government Cutting Off Debate and Review Now? https://www.michaelgeist.ca/2022/06/defending-the-indefensible-if-bill-c-11-wont-pass-until-the-fall-why-is-the-government-cutting-off-debate-and-review-now/
• The Bill C-11 Effect: "Any Video on TikTok That Uses Music Could be Subject to Regulation" https://www.michaelgeist.ca/2022/06/the-bill-c-11-effect/
• The Law Bytes Podcast, Episode 129: Farhan Mohamed and Jeff Elgie on Why Canadian Independent News Publishers Want the Government to Fix the Online News Act https://www.michaelgeist.ca/2022/06/law-bytes-podcast-episode-129/
• Why Heritage Minister Pablo Rodriguez's Bill C-11 Content Regulation Denials Ring Hollow https://www.michaelgeist.ca/2022/06/rodriguezcommittee/
• Today in Crypto: Bank of Canada Official Urges Regulation; Bitcoin, Ether Plunge on Inflation News https://www.pymnts.com/cryptocurrency/2022/today-in-crypto-bank-of-canada-official-urges-regulation-bitcoin-ether-plunge-on-inflation-news/
• Ontario's 'right to disconnect' law: Who qualifies and what are the loopholes? https://www.ctvnews.ca/business/ontario-s-right-to-disconnect-law-who-qualifies-and-what-are-the-loopholes-1.5936773
• Canada mulls putting warnings on each cigarette https://www.bbc.co.uk/news/world-us-canada-61767386
• US:
• When DRM Comes For Your Wheelchair https://www.eff.org/deeplinks/2022/06/when-drm-comes-your-wheelchair
• Regulatory Rumblings Force Companies to Rethink their Ransomware Policies https://www.pymnts.com/cryptocurrency/2022/regulatory-rumblings-force-companies-to-rethink-their-ransomware-policies/
• Pennsylvania lawmakers consider requiring government data breach notifications https://www.databreaches.net/pennsylvania-lawmakers-consider-requiring-government-data-breach-notifications/
• Google has more reasons why it doesn't like antitrust law that affects Google https://www.theregister.com/2022/06/08/google_antitrust_legislation/
• US gun control: Cross-party group of senators agree limited safety measures https://www.bbc.co.uk/news/world-us-canada-61777310
• World:
• Defensive Cyber Attacks Declared Legal by UK AG, Path Cleared to "Hack Back" When Critical Infrastructure & Services Attacked https://www.databreaches.net/defensive-cyber-attacks-declared-legal-by-uk-ag-path-cleared-to-hack-back-when-critical-infrastructure-services-attacked/
• Platform Liability Trends Around the Globe: Moving Forward https://www.eff.org/deeplinks/2022/05/platform-liability-trends-around-globe-conclusions-and-recommendations-moving
• The EU's New Message-Scanning Regulation Must Be Stopped https://www.eff.org/deeplinks/2022/06/eus-new-message-scanning-regulation-must-be-stopped
• Spanish Court Calls CEO Of Israel's NSO Group To Testify In Spying Case https://packetstormsecurity.com/news/view/33532/Spanish-Court-Calls-CEO-Of-Israels-NSO-Group-To-Testify-In-Spying-Case.html
• Speech-Related Offenses Should be Excluded from the Proposed UN Cybercrime Treaty https://www.eff.org/deeplinks/2022/06/speech-related-offenses-should-be-excluded-proposed-un-cybercrime-treaty
• E.U. Rule Requires New Devices to Have USB-C Charging Ports by 2026 https://www.nytimes.com/2022/06/07/technology/eu-tablets-phones-usbc-chargers.html
• USB-C will be mandatory for phones sold in the EU 'by autumn 2024' https://www.theverge.com/2022/6/7/23156361/european-union-usb-c-wired-charging-iphone-lightning-ewaste
• Standards News:
• HTTP RFCs have evolved: A Cloudflare view of HTTP usage trends https://blog.cloudflare.com/cloudflare-view-http3-usage/
• Announcement of Proposal to Withdraw NIST Special Publication 800-107 Revision 1 open for public comment through July 30 https://csrc.nist.gov/News/2022/proposal-to-withdraw-sp-800-107-rev-1
• NIST is releasing the final public draft of a major revision to Special Publication (SP) 800-160 Volume 1, Engineering Trustworthy Secure Systems open for public comment through July 8 https://csrc.nist.gov/publications/detail/sp/800-160/vol-1-rev-1/draft
• NIST Releases Draft IR 8409: Measuring the Common Vulnerability Scoring System Base Score Equation open for public comment through July 29 https://csrc.nist.gov/publications/detail/nistir/8409/draft
• NIST Requests Public Comments on FIPS 180-4, Secure Hash Standard (SHS) - sunsetting SHA-1 - open for public comment through September 9 https://csrc.nist.gov/news/2022/public-comments-requested-on-fips-180-4-shs
• Using Business Impact Analysis to Inform Risk Prioritization and Response: NIST IR 8286D open for public comment through July 18 https://csrc.nist.gov/publications/detail/nistir/8286d/draft

Defense / Techniques / Solutions

• General:
• Cybersecurity Courses Ramp Up Amid Shortage of Professionals https://www.securityweek.com/cybersecurity-courses-ramp-amid-shortage-professionals
• 4 Ways to Close the OT Cybersecurity Talent Gap https://www.securityweek.com/4-ways-close-ot-cybersecurity-talent-gap
• Five Eyes alliance's top cop says techies are the future of law enforcement https://www.theregister.com/2022/06/09/five_eyes_chair_tech_talk/
• Methods, Techniques, Tools, and Products:
• Bringing External Attack Surface Management to the Masses with Bit Discovery https://www.tenable.com/blog/bringing-external-attack-surface-management-to-the-masses-with-bit-discovery
• Introducing Qualys VMDR 2.0 https://blog.qualys.com/product-tech/2022/06/06/introducing-qualys-vmdr-2-0
• Microsoft Defender now isolates hacked, unmanaged Windows devices https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-now-isolates-hacked-unmanaged-windows-devices/
• MongoDB queryable structured encryption https://www.wired.com/story/mongodb-queryable-encryption-databases/

Bugs / Design Flaws / Vulnerabilities / Research

• Zero-day and other recent vulnerability news:
• Microsoft won't say if it will patch critical Windows "Follina/MSDT" vulnerability under exploit https://arstechnica.com/information-technology/2022/06/microsoft-wont-say-if-it-will-patch-critical-windows-vulnerability-under-exploit/
• MIT Researchers Discover New Flaw in Apple M1 CPUs That Can't Be Patched https://thehackernews.com/2022/06/mit-researchers-discover-new-flaw-in.html
• Researchers Warn of Unpatched "DogWalk" Microsoft Windows Vulnerability https://thehackernews.com/2022/06/researchers-warn-of-unpatched-dogwalk.html
• Two-year-old Windows DIAGCAB zero-day gets unofficial patches https://www.bleepingcomputer.com/news/security/two-year-old-windows-diagcab-zero-day-gets-unofficial-patches/
• Patching:
• Chrome 102 Update Patches High-Severity Vulnerabilities https://www.securityweek.com/chrome-102-update-patches-high-severity-vulnerabilities
• Critical Account Takeover Vulnerability Patched in GitLab Enterprise Edition https://www.securityweek.com/critical-account-takeover-vulnerability-patched-gitlab-enterprise-edition
• Other Vulnerabilities:
• Aurora pays $6 mn bug bounty to ethical hacker https://www.databreaches.net/aurora-pays-6-mn-bug-bounty-to-ethical-hacker/
• U.S. Water Utilities Prime Cyberattack Target, Experts https://threatpost.com/water-cyberattack-target/179935/
• OMIGOD: Cloud providers still using secret middleware https://www.theregister.com/2022/06/11/in-brief-security/
• Critical U-Boot Vulnerability Allows Rooting of Embedded Systems https://www.securityweek.com/critical-u-boot-vulnerability-allows-rooting-embedded-systems
• Vulnerabilities in HID Mercury Access Controllers Allow Hackers to Unlock Doors https://www.securityweek.com/vulnerabilities-hid-mercury-access-controllers-allow-hackers-unlock-doors
• Hackers Can Steal Your Tesla by Creating Their Own Personal Keys https://www.wired.com/story/tesla-hack-personal-nfc-key-card/
• PyPI package 'keep' mistakenly included a password stealer https://www.bleepingcomputer.com/news/security/pypi-package-keep-mistakenly-included-a-password-stealer/
• Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw https://threatpost.com/public-exploits-atlassian-confluence-flaw/179887/
• Cryptography and Cryptographic Research:
• Practical Privacy-Preserving Authentication for SSH https://eprint.iacr.org/2022/740
• Revisiting Related-Key Boomerang attacks on AES using computer-aided tool https://eprint.iacr.org/2022/725
• Truncated Boomerang Attacks and Application to AES-based Ciphers https://eprint.iacr.org/2022/701
• Snowball: Another View on Side-Channel Key Recovery Tools https://eprint.iacr.org/2022/728
• Secure Search on Multi-key Homomorphically Encrypted Data with Finite Fields https://eprint.iacr.org/2022/738

Hacking / Malware / Cybercrime / Exploitation

• Trends, Alerts, and Events (other than major breaches):
• 'Follina' Vulnerability Exploited to Deliver Qbot, AsyncRAT, Other Malware https://www.securityweek.com/follina-vulnerability-exploited-deliver-qbot-asyncrat-other-malware
• Qbot malware now uses Windows MSDT zero-day in phishing attacks https://www.databreaches.net/qbot-malware-now-uses-windows-msdt-zero-day-in-phishing-attacks/
• Conti's Attack Against Costa Rica Sparks a New Ransomware Era https://www.wired.com/story/costa-rica-ransomware-conti/
• How Phishing Groups Are Exploiting the Trend Toward Online Surfing at the Kitchen Table https://www.digitaltransactions.net/how-phishing-groups-are-exploiting-the-trend-toward-online-surfing-at-the-kitchen-table/
• Novel techniques in never-before-seen Linux backdoor make it ultra stealthy https://arstechnica.com/information-technology/2022/06/novel-techniques-in-never-before-seen-linux-backdoor-make-it-ultra-stealthy/
• Symbiote: A Stealthy Linux Malware Targeting Latin American Financial Sector https://thehackernews.com/2022/06/symbiote-stealthy-linux-malware.html
• 10 Most Prolific Banking Trojans Targeting Hundreds of Financial Apps with Over a Billion Users https://thehackernews.com/2022/06/10-most-prolific-banking-trojans.html
• Emotet Banking Trojan Resurfaces, Skating Past Email Security https://www.darkreading.com/threat-intelligence/emotet-banking-trojan-resurfaces-email-security
• Hello XD ransomware now drops a backdoor while encrypting https://www.bleepingcomputer.com/news/security/hello-xd-ransomware-now-drops-a-backdoor-while-encrypting/
• New SVCReady malware loads from Word doc properties https://www.bleepingcomputer.com/news/security/new-svcready-malware-loads-from-word-doc-properties/
• Poisoned CCleaner search results spread information-stealing malware https://www.bleepingcomputer.com/news/security/poisoned-ccleaner-search-results-spread-information-stealing-malware/
• Closing the Door: DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme https://www.trendmicro.com/en_us/research/22/f/closing-the-door-deadbolt-ransomware-locks-out-vendors-with-mult.html
• Crime & Arrests, etc.:
• Maiar Exchange Taken Offline After Hacker Steals $113m https://packetstormsecurity.com/news/view/33537/Maiar-Exchange-Taken-Offline-After-Hacker-Steals-113m.html
• Osmosis Blockchain Taken Offline After Hacker Steals $5m https://packetstormsecurity.com/news/view/33536/Osmosis-Blockchain-Taken-Offline-After-Hacker-Steals-5m.html
• Feds seize SSNDOB marketplace that listed personal data of 24 million people https://arstechnica.com/tech-policy/2022/06/feds-seize-ssndob-marketplace-that-listed-personal-data-of-24-million-people/
• Microsoft seizes 41 domains tied to 'Iranian phishing ring' https://www.theregister.com/2022/06/07/microsoft_bohrium_domains/
• SSNDOB Marketplace, A Series Of Websites That Listed More Than 20 Million Social Security Numbers For Sale, Seized And Dismantled In International Operation https://www.databreaches.net/ssndob-marketplace-a-series-of-websites-that-listed-more-than-20-million-social-security-numbers-for-sale-seized-and-dismantled-in-international-operation/
• Vietnam arrests Taiwanese national amid banking security breach https://www.databreaches.net/vietnam-arrests-taiwanese-national-amid-banking-security-breach/
• Accused Capital One Hacker Stands Trial for Fraud and Identity Theft https://www.nytimes.com/2022/06/08/technology/capital-one-hacker-trial.html
• Long Story on the Accused CIA Vault 7 Leaker https://www.schneier.com/blog/archives/2022/06/long-story-on-the-accused-cia-vault-7-leaker.html
• Two men arrested after trying to pull ATM out of Brandon store by truck: police https://globalnews.ca/news/8902158/brandon-manitoba-atm-theft-attempt/
• Nation State Actors:
• Follina Exploited by State-Sponsored Hackers https://threatpost.com/follina-exploited-by-state-sponsored-hackers/179890/
• SCOTUS To Biden: Is NSO Group A Foreign Agent? https://packetstormsecurity.com/news/view/33527/SCOTUS-To-Biden-Is-NSO-Group-A-Foreign-Agent.html
• Chinese hacking group Aoqin Dragon quietly spied orgs for a decade https://www.bleepingcomputer.com/news/security/chinese-hacking-group-aoqin-dragon-quietly-spied-orgs-for-a-decade/
• Chinese hackers exploited years-old software flaws to break into telecom giants https://www.technologyreview.com/2022/06/08/1053375/chinese-hackers-exploited-years-old-software-flaws-to-break-into-telecom-giants/
• How China Hacked US Phone Networks https://www.wired.com/story/china-hacking-phone-network-security-roundup/
• Iranian hackers target energy sector with new DNS backdoor https://www.bleepingcomputer.com/news/security/iranian-hackers-target-energy-sector-with-new-dns-backdoor/
• Other:

Other Security / Risk

• General:
• Artificial General Intelligence Is Not as Imminent as You Might Think https://www.scientificamerican.com/article/artificial-general-intelligence-is-not-as-imminent-as-you-might-think1/
• Did an AI Really Invent Its Own 'Secret Language'? Here's What We Know https://www.sciencealert.com/did-an-ai-really-invent-its-own-secret-language-here-s-what-we-know
• CitizenLab June Newsletter https://mailchi.mp/citizenlab.ca/bing-censorship-the-future-of-democracy-and-digital-transnational-repression
• AlphaBay Is Taking Over the Dark Web-Again https://www.wired.com/story/alphabay-dark-web-market-ranking/
• Could rampant carjackings and auto theft lead to an increase in insurance premiums? https://toronto.ctvnews.ca/could-rampant-carjackings-and-auto-theft-lead-to-an-increase-in-insurance-premiums-1.5937046
• Why Netflix isn't the Only One Bummed About Password Sharing https://www.bleepingcomputer.com/news/security/why-netflix-isnt-the-only-one-bummed-about-password-sharing/
• KrebsOnSecurity in New Netflix Series on Cybercrime https://krebsonsecurity.com/2022/06/krebsonsecurity-in-new-netflix-series-on-cybercrime/
• How a Saxophonist Tricked the KGB by Encrypting Secrets in Music https://www.wired.com/story/merryl-goldberg-music-encryption-ussr-phantom-orchestra/
• How Margaret Thatcher's secret Brahms phone was invented https://www.bbc.co.uk/news/world-61712621
• Health:
• Going all the way: Scientists prove that inhaled vaccines offer better protection and immunity than nasal sprays https://scienmag.com/going-all-the-way-scientists-prove-that-inhaled-vaccines-offer-better-protection-and-immunity-than-nasal-sprays/
• Scientists discover new molecule that kills hard-to-treat cancers https://scienmag.com/scientists-discover-new-molecule-that-kills-hard-to-treat-cancers/
• Better Face Masks Are Possible: Here Are Some Winning Designs https://www.scientificamerican.com/article/better-face-masks-are-possible-here-are-some-winning-designs/
• Canadian heading WHO's fight against monkeypox https://globalnews.ca/news/8914346/monkeypox-who-canada/
• Mask mandates will lift on Toronto transit, but mayor hopes riders still use them https://toronto.ctvnews.ca/mask-mandates-will-lift-on-toronto-transit-but-mayor-hopes-riders-still-use-them-1.5939769
• Where should I wear a mask now that the mandate is lifted? The new head of Ontario's science table shares his advice https://toronto.ctvnews.ca/where-should-i-wear-a-mask-now-that-the-mandate-is-lifted-the-new-head-of-ontario-s-science-table-shares-his-advice-1.5942881
• Most comprehensive analysis of COVID-19 data reveals previously unattributed deaths https://scienmag.com/most-comprehensive-analysis-of-covid-19-data-reveals-previously-unattributed-deaths/
• Popular US warm-weather tourist destinations including Miami, Honolulu, and San Juan are becoming coronavirus hotspots https://www.businessinsider.com/popular-tourist-destinations-miami-honolulu-san-juan-covid-hotspots-2022-6
• How to Compare COVID Deaths for Vaccinated and Unvaccinated People https://www.scientificamerican.com/article/how-to-compare-covid-deaths-for-vaccinated-and-unvaccinated-people/
• Ontario reports lowest COVID test positivity rate in nearly 6 months https://toronto.ctvnews.ca/ontario-reports-lowest-covid-test-positivity-rate-in-nearly-6-months-1.5937975
• Study shows people with a high omega-3 DHA level in their blood are at 49% lower risk of Alzheimer's https://scienmag.com/study-shows-people-with-a-high-omega-3-dha-level-in-their-blood-are-at-49-lower-risk-of-alzheimers/
• Pfizer COVID-19 vaccine appears effective for kids under 5: U.S. health officials https://globalnews.ca/news/8915625/pfizer-covid-vaccine-kids-us/
• We Can't Keep Getting The Same Formula in COVID-19 Booster Shots, Says Immunologist https://www.sciencealert.com/we-can-t-keep-getting-the-same-formula-in-our-covid-19-booster-shots-says-immunologist
• Updated Moderna COVID-19 vaccine boosts Omicron protection, company says https://globalnews.ca/news/8905089/moderna-covid-19-vaccine-omicron-booster/
• Women Often 'Feel The Cold' More Than Men. This Could Be Why https://www.sciencealert.com/women-often-feel-the-cold-more-than-men-here-s-why-that-is
• Safety:
• How Safe Are Systems Like Tesla's Autopilot? No One Knows. https://www.nytimes.com/2022/06/08/technology/tesla-autopilot-safety-data.html
• Toronto Police: How to deactivate Apple air tags from getting your car stolen https://www.youtube.com/watch?v=frO0Cp3MkeM
• Woman pushed onto Toronto subway tracks was standing too close to platform edge, TTC says in response to lawsuit https://toronto.ctvnews.ca/woman-pushed-onto-toronto-subway-tracks-was-standing-too-close-to-platform-edge-ttc-says-1.5938625
• Your Resistance Pauses Axon's Dangerous Drone Tasers https://www.eff.org/deeplinks/2022/06/your-resistance-pauses-axons-dangerous-drone-tasers
• Iran removes nuclear watchdog's cameras after criticism https://www.bbc.co.uk/news/world-middle-east-61719196
• Astronomers Just Practiced What Would Happen if a Potentially Dangerous Asteroid was Detected https://www.universetoday.com/156118/astronomers-just-practiced-what-would-happen-if-a-potentially-dangerous-asteroid-was-detected/
• Environment:
• Climate change a bigger threat than war, Fiji tells security summit https://www.bbc.co.uk/news/world-asia-61774473
• Microplastics found in fresh Antarctic snow https://www.bbc.co.uk/news/science-environment-61739159
• 'Superworms' Eat--and Survive on--Polystyrene https://www.scientificamerican.com/article/superworms-eat-and-survive-on-polystyrene/
• Japan Is Dropping a Gargantuan Turbine Into The Ocean to Harness 'Limitless' Energy https://www.sciencealert.com/japan-s-dropping-a-kaiju-sized-turbine-into-the-ocean-to-fish-for-limitless-energy
• Huge deep-water area off N.S. declared a marine refuge https://www.cbc.ca/news/canada/nova-scotia/huge-area-off-ns-declared-marine-refuge-1.6481700
• Disinformation and misinformation
• Economy:
• Is cyberinsurance for cyberattacks becoming harder to find and more costly? https://www.databreaches.net/is-cyberinsurance-for-cyberattacks-becoming-harder-to-find-and-more-costly/
• How 'Trustless' Is Bitcoin, Really? https://www.nytimes.com/2022/06/06/science/bitcoin-nakamoto-blackburn-crypto.html

Russia v. Ukraine

• The war:
• Ukraine war: Evidence shows widespread use of cluster munitions in Kharkiv https://www.bbc.co.uk/news/world-europe-61778433
• Ukraine war: Another Russian general killed by Ukrainian forces - reports https://www.bbc.co.uk/news/world-europe-61702862
• A Ukrainian teen and his father piloted their own drone to help the military pinpoint Russian tanks and trucks https://www.businessinsider.com/ukrainian-teen-drone-helped-military-target-russian-forces-2022-6
• Is Russia exporting grain from Ukraine? https://www.bbc.co.uk/news/world-europe-61736179
• Putin is 'preparing to starve much of the developing world' to win Russia's war in Ukraine, Yale historian says https://www.businessinsider.com/putin-preparing-to-starve-developing-world-ukraine-war-yale-historian-2022-6
• A cholera outbreak could kill thousands of Ukrainians in Russian-occupied Mariupol, mayor warns https://www.businessinsider.com/ukraine-cholera-outbreak-could-kill-thousands-in-occupied-mariupol-2022-6
• Ukraine war: Britons Aiden Aslin and Shaun Pinner sentenced to death https://www.bbc.co.uk/news/uk-61745556
• Reaction and response:
• Sanctions & economic Impact:
• Russia's war on Ukraine has cost global companies $59 billion in losses amid sanctions and hasty exits https://markets.businessinsider.com/news/stocks/russia-war-sanctions-business-losses-corporations-ukraine-ibm-microsoft-2022-6
• Information, Disinformation, and Propaganda:
• Russian Ministry Website Appears Hacked https://packetstormsecurity.com/news/view/33523/Russian-Ministry-Website-Appears-Hacked.html
• Cyber-attacks and the potential for cyber-war:
• Ukraine's secret cyber-defense that blunts Russian attacks: Excellent backups https://www.theregister.com/2022/06/08/silverados_alperovitch_viasat_attack/
• Russia Says West Risks Direct Military Clash Over Cyber Attacks https://packetstormsecurity.com/news/view/33543/Russia-Says-West-Risks-Direct-Military-Clash-Over-Cyber-Attacks.html
• Russia, China warn US its cyber support of Ukraine has consequences https://www.theregister.com/2022/06/10/russia_china_usa_ukraine_cyberdefense/

Off-Topic / Science & Tech / Lighter Side

• Innovations & Inventions:
• A US Supercomputer Just Broke The Exascale Barrier, Ranking Fastest in The World https://www.sciencealert.com/us-supercomputer-is-ranked-fastest-in-the-world-after-breaking-exascale-barrier
• Breaking the quadratic barrier: Quantum cryptanalysis of Milenage, telecommunications' cryptographic backbone https://eprint.iacr.org/2022/733
• Electricity and data over-the-air: The simultaneous transmission of 5G and power https://scienmag.com/electricity-and-data-over-the-air-the-simultaneous-transmission-of-5g-and-power/
• Can they make graphite from coal? OHIO researchers start by finding new carbon solid https://scienmag.com/can-they-make-graphite-from-coal-ohio-researchers-start-by-finding-new-carbon-solid/
• Hopes for a new generation of electric hydrofoils - a tech with Canadian roots https://www.cbc.ca/radio/quirks/hopes-for-a-new-generation-of-electric-hydrofoils-a-tech-with-canadian-roots-1.6484335
• The World's Largest Liquid-Mirror Telescope Comes Online https://www.universetoday.com/156246/the-worlds-largest-liquid-mirror-telescope-comes-online/
• Google Cloud employee calculates pi to 100 trillion digits https://www.theverge.com/2022/6/10/23161647/google-cloud-processing-pi-calculation-100-trillion
• Other:
• Antarctica: Southern Ocean floor mapped in greatest ever detail https://www.bbc.co.uk/news/science-environment-61723806
• The Length of a Day Oscillates Every 6 Years, And We May Finally Know Why https://www.sciencealert.com/an-oscillating-inner-core-could-be-changing-the-length-of-earth-s-days
• Earth's Magnetic Poles Probably Won't Flip After All, Scientists Predict https://www.sciencealert.com/a-9-000-year-old-timeline-of-our-planet-s-magnetic-field-shows-why-we-shouldn-t-panic
• Researchers Discovered a New Kind of Higgs Relative in The Unlikeliest of Places https://www.sciencealert.com/researchers-have-discovered-a-new-kind-of-higgs-relative-sitting-on-the-tabletop
• James Webb Space Telescope hit by tiny meteoroid https://www.bbc.co.uk/news/science-environment-61744257
• Hubble Pins Down the Mass of a Potential Free-Floating Black Hole That's 5,000 Light-Years Away https://www.universetoday.com/156261/hubble-pins-down-the-mass-of-a-potential-free-floating-black-hole-thats-5000-light-years-away/