This Week's [in]Security - Issue 187

Welcome to This Week’s [in]Security. New breaches. Mega-breaches. New Ransomware. Facial Recognition. Surveillance Capitalism. NIST. Cybersecurity Awareness. No More FLASH. Supply Chain Security. Password Security. Ender's Game. MITRE Shield. e-voting. Windows 0-day. NSA Backdoors. Intel Firmware Signing Key. URLS. No MFA. DRM. Wordpress. IOT & ICS. BYOD. Nation States. Chekhov's Gun. Duct Cleaning. Legal actions. Unredacted. Election Security and Disinformation. AI fallibility. Health, Safety & Environment. Nurses. Covid-19: Spread, Curves, Spikes, Waves, & reinfections. Contact Tracing. Disinformation. And more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud.

• PCI 3DS v2.0 How to Fight Against 'Authorized Payment Fraud' https://www.databreachtoday.com/how-to-fight-against-authorized-payment-fraud-a-15250
• Don’t Even Try Paying Cash in China https://www.nytimes.com/2020/10/27/technology/alipay-china.html
• Fraud: Prevention tips from Visa https://www.mobilepaymentstoday.com/articles/fraud-tips-from-visa-on-how-to-prevent-it/
• What's the germiest surface in a supermarket? You might be surprised https://www.cbc.ca/news/marketplace/marketplace-supermarket-germs-1.5778492

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

• New breaches:

  • Reincubate - 68,744,762 breached accounts https://haveibeenpwned.com/PwnedWebsites#Reincubate
  • Massive Nitro credential breach impacts Microsoft, Google, Apple, more https://www.bleepingcomputer.com/news/security/massive-nitro-data-breach-impacts-microsoft-google-apple-more/
  • Home Depot Confirms Data Breach in Order Confirmation SNAFU https://threatpost.com/home-depot-data-breach-order-confirmation/160728/
  • Hackers rummaged about in Finnish psychotherapy clinic – now patients extorted with public data dump threats https://www.theregister.com/2020/10/26/finland_psychotherapy_clinic_ransom_attack/
  • Personal data of 1.1 million RedMart user accounts stolen in Lazada breach and put up for sale https://www.databreaches.net/personal-data-of-1-1-million-redmart-user-accounts-stolen-in-lazada-breach-and-put-up-for-sale/
  • Swedish Authorities, Banks Hit by Security Data Leak https://www.securityweek.com/swedish-authorities-banks-hit-security-data-leak-report
  • Law Firm Says Google Employee Information Compromised in Data Breach https://www.securityweek.com/law-firm-says-google-employee-information-compromised-data-breach
  • Has Guilford Technical Community College notified more than 43,000 students of data breach? https://www.databreaches.net/update-has-guilford-technical-community-college-notified-more-than-43000-students-of-data-breach/
  • Eatigo reports data breach, personal data from customer accounts listed for sale online https://www.databreaches.net/eatigo-reports-data-breach-personal-data-from-customer-accounts-listed-for-sale-online/
  • StarTribune - 2,192,857 breached accounts https://haveibeenpwned.com/PwnedWebsites#StarTribune
  • Promofarma - 1,277,761 breached accounts https://haveibeenpwned.com/PwnedWebsites#Promofarma
  • Data breach involving personal information reported at Rady Children’s Hospital https://www.databreaches.net/data-breach-involving-personal-information-reported-at-rady-childrens-hospital/
  • Trump site hacked https://www.forbes.com/sites/rachelsandler/2020/10/27/trump-campaign-website-hacked-in-cryptocurrency-scam/, https://techcrunch.com/2020/10/27/trumps-campaign-website-hacked-by-cryptocurrency-scammers/, https://www.nbcnews.com/politics/2020-election/trump-campaign-website-hacked-n1245038, https://arstechnica.com/tech-policy/2020/10/trumps-website-defaced-with-claim-that-trump-admin-created-coronavirus/, and https://www.theregister.com/2020/10/28/trump_website_hacked/
  • Compromised CMS Credentials Likely Used to Hack Trump Campaign Website https://www.securityweek.com/compromised-cms-credentials-likely-used-hack-trump-campaign-website
  • New seller (?) offers 17 previously non-public databases for sale https://www.databreaches.net/new-seller-offers-17-previously-non-public-databases-for-sale/

• New Ransomware:

  • French IT Services Firm Confirms Ryuk Ransomware Attack https://www.databreachtoday.com/french-services-firm-confirms-ryuk-ransomware-attack-a-15252
  • Steelcase furniture giant hit by Ryuk ransomware attack https://www.databreaches.net/steelcase-furniture-giant-hit-by-ryuk-ransomware-attack/
  • NY State confirms cyberattack at St. Lawrence County hospitals https://www.databreaches.net/ny-state-confirms-cyberattack-at-st-lawrence-county-hospitals/

• Follow-ups and fall-out:

  • Adult toy almost shipped to 9-year-old after Girl Guides of Canada security breach https://beta-ctvnews-ca.cdn.ampproject.org/c/s/beta.ctvnews.ca/local/ottawa/2020/10/26/1_5161620.html
  • Aetna Fined $1 Million After 3 Data Breaches https://www.databreachtoday.com/aetna-fined-1-million-after-3-data-breaches-a-15264
  • Marriott Gets Data Breach Fine Lowered To $23.8 Million https://packetstormsecurity.com/news/view/31714/Marriott-Gets-Data-Breach-Fine-Lowered-To-23.8-Million.html
  • KR: Court orders online mall to compensate 2,400 customers for data leak https://www.databreaches.net/kr-court-orders-online-mall-to-compensate-2400-customers-for-data-leak/

Privacy

Articles about privacy related news, risks, and trends.

• Facial Recognition:

  • Surveillance company harassed female employees using its own facial recognition technology https://www.theverge.com/2020/10/26/21535089/surveillance-company-verkada-harassed-female-employees
  • EPIC Seeks Documents About ICE's Use of Clearview, Other Facial Recognition Services https://epic.org/2020/10/epic-seeks-documents-about-ice.html
  • Privacy investigation finds 5 million shoppers' images collected at malls across Canada https://www.ctvnews.ca/canada/privacy-investigation-finds-5-million-shoppers-images-collected-at-malls-across-canada-1.5166162
• Canada's COVID-19 Alert app updated to include more precise exposure information https://www.cbc.ca/news/canada/federal-covid-app-updated-1.5783751
• Can we stop megacorps from using and abusing our data? That ship has sailed, ex-NSA lawyer argues https://www.theregister.com/2020/10/29/cyber_privacy_april_falcon_doss_interview/
• Why Getting Paid for Your Data Is a Bad Deal https://www.eff.org/deeplinks/2020/10/why-getting-paid-your-data-bad-deal
• All the Ways Slack Tracks You—and How to Stop It https://www.wired.com/story/all-the-ways-slack-tracks-you-and-how-to-stop-it
• Experian Told To Stop Sharing Data Without Consent https://www.bbc.com/news/technology-54706066
• IMSI-Catchers from Canada https://www.schneier.com/blog/archives/2020/10/imsi-catchers-from-canada.html
• Canadian class-action suit against Facebook alleges misuse of personal information https://www.ctvnews.ca/sci-tech/canadian-class-action-suit-against-facebook-alleges-misuse-of-personal-information-1.5163949

Laws, Regulations, Standards, and Public Policy

News about laws, regulations, and standards affecting security, privacy, technology, and public interest.

• Canada:

  • Canadian News Media Lobby Group Calls for Creation of Government Digital Media Regulatory Agency https://www.michaelgeist.ca/2020/10/canadian-news-media-lobby-group-calls-for-creation-of-government-digital-media-regulatory-agency/
  • Where is Canada’s News Media Lobby Promoting Its Link Licensing Plan for Facebook? On Facebook https://www.michaelgeist.ca/2020/10/where-is-canadas-news-media-lobby-promoting-its-link-licensing-plan-for-facebook-on-facebook/
  • Heritage Minister Steven Guilbeault’s “Get Money from Web Giants” Internet Regulation Bill: An Unauthorized Backgrounder https://www.michaelgeist.ca/2020/11/heritage-minister-steven-guilbeaults-get-money-from-web-giants-internet-regulation-bill-an-unauthorized-backgrounder/

• US:

  • Social media devastation if 'Section 230' repealed https://www.businessinsider.com/congress-section-230-repeal-crush-social-media-facebook-twitter-google-2020-10
  • Mark Zuckerberg just told Congress to upend the internet https://www.theverge.com/2020/10/29/21537040/facebook-mark-zuckerberg-section-230-hearing-reform-pact-act-big-tech
  • Consumer Groups Urge Limits to FCC Robocall Exemptions https://epic.org/2020/10/consumer-groups-urge-limits-to.html

• New NIST:

  • SP 800-209 Security Guidelines for Storage Infrastructure https://csrc.nist.gov/publications/detail/sp/800-209/final
  • SP 800-53B Control Baselines for Information Systems and Organizations https://csrc.nist.gov/publications/detail/sp/800-53b/final
  • SP 800-208 Recommendation for Stateful Hash-Based Signature Schemes: https://csrc.nist.gov/publications/detail/sp/800-208/final
• UK to ban sale of carrier-locked phones from December 2021 https://www.theverge.com/2020/10/27/21535957/uk-ofcom-locked-carrier-phone-ban-ee-vodafone-tesco-mobile
• German Authority Opens Probe Into Amazon, Apple Over Alleged Anticompetition https://www.pymnts.com/antitrust/2020/german-authority-opens-probe-into-amazon-apple-over-alleged-anticompetition/

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

• The Legal Risks of Security Research https://www.schneier.com/blog/archives/2020/10/the-legal-risks-of-security-research.html
• National Cybersecurity Awareness Week November 9-14 https://content.govdelivery.com/accounts/USNIST/bulletins/2a84aae
• New Windows 10 update permanently removes Adobe Flash https://www.zdnet.com/article/new-windows-10-update-permanently-removes-adobe-flash/
• Microsoft IE Browser Death March Hastens https://threatpost.com/ie-browser-death-march/160571/
• Supply Chain The Challenges of Supply Chain Security https://www.eetimes.com/quantifying-complexity-the-challenges-of-supply-chain-security/
• How to plan a password security project https://www.theregister.com/2020/10/30/plan_a_password_security_project/
• Microsoft Introduces New Password Spray Detection for Azure https://www.securityweek.com/microsoft-introduces-new-password-spray-detection-azure
• Bug Bounty Hunters Earned Over $4M for XSS Flaws Reported via HackerOne in 2020 https://www.securityweek.com/bug-bounty-hunters-earned-over-4m-xss-flaws-reported-hackerone-2020
• Let's Encrypt issues new Root and Intermediate Certificates https://scotthelme.co.uk/lets-encrypts-new-root-and-intermediate-certificates/
• On Friday the US starts Ender's hacking game: All local teens can compete for scholarships in cybersecurity https://www.theregister.com/2020/10/30/cyberstart_hacking_challenge/
• MITRE Shield Matrix Highlights Deception & Concealment Technology https://www.darkreading.com/threat-intelligence/mitre-shield-matrix-highlights-deception-and-concealment-technology/a/d-id/1339139
• Incremental Cryptography Revisited https://eprint.iacr.org/2020/1360
• Google Boots 21 Bogus Gaming Apps from Play Marketplace https://threatpost.com/google-boots-apps-from-play/160585/
• Zoom finally adds end-to-end encryption for all, for free – though there are caveats https://www.theregister.com/2020/10/27/zoom_endtoend_encryption/
• Protecting the Privacy of Voters: New Definitions of Ballot Secrecy for E-Voting https://eprint.iacr.org/2020/1332
• Confronting Misinformation https://www.scientificamerican.com/article/confronting-misinformation1/
• Bulletproof TLS Newsletter #70 Chrome developers want to eliminate mixed content, Open SSL 3.0, and more https://www.feistyduck.com/bulletproof-tls-newsletter/issue_70_chrome_developers_want_to_eliminate_mixed_content

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

• Rising Ransomware Breaches Underscore Cybersecurity Failures https://www.darkreading.com/attacks-breaches/rising-ransomware-breaches-underscore-cybersecurity-failures/d/d-id/1339340
• Google discloses Windows zero-day exploited in the wild https://www.zdnet.com/article/google-discloses-windows-zero-day-exploited-in-the-wild/
• The NSA is Refusing to Disclose its Policy on Backdooring Commercial Products https://www.schneier.com/blog/archives/2020/10/the-nsa-is-refusing-to-disclose-its-policy-on-backdooring-commercial-products.html and https://www.theregister.com/2020/10/28/nsa_backdoor_wyden/
• Agencies Urged to Patch Netlogon Flaw Before Election https://www.databreachtoday.com/agencies-urged-to-patch-netlogon-flaw-before-election-a-15279
• Researchers Extract Secret Key Used To Encrypt Intel CPU Code https://arstechnica.com/gadgets/2020/10/in-a-first-researchers-extract-secret-key-used-to-encrypt-intel-cpu-code/
• (San-serif as a risk) Humans are Bad at URLs and Fonts Don’t Matter https://www.troyhunt.com/humans-are-bad-at-urls-and-fonts-dont-matter/
• Majority of Microsoft 365 Admins Don’t Enable MFA https://threatpost.com/microsoft-365-admins-mfa/160592/
• Google Mending Another Crack in Widevine https://krebsonsecurity.com/2020/10/google-mending-another-crack-in-widevine/
• WordPress Patches 3-Year-Old High-Severity RCE Bug https://threatpost.com/wordpress-patches-rce-bug/160812/
• NVIDIA Patches Critical Information Disclosure Bug https://packetstormsecurity.com/news/view/31715/NVIDIA-Patches-Critical-Information-Disclosure-Bug.html
• Link Previews in Chat Apps Pose Privacy, Security Issues https://www.securityweek.com/link-previews-chat-apps-pose-privacy-security-issues-researchers

• IoT and ICS:

  • Flaws in Winston Privacy Devices Can Expose Networks to Remote Attacks https://www.securityweek.com/flaws-winston-privacy-devices-can-expose-networks-remote-attacks
  • Lax Security Exposes over 100 Smart-Irrigation Systems to Attack Across the Globe https://threatpost.com/lax-security-smart-irrigation-attack/160625/ and https://www.databreaches.net/more-than-100-irrigation-systems-left-exposed-online-without-a-password/
  • Hackers Can Open Doors by Exploiting Vulnerabilities in Hörmann Device https://www.securityweek.com/hackers-can-open-doors-exploiting-vulnerabilities-h%C3%B6rmann-device
• When BYOD Also Means Bring-Your-Own-Cyber Risk https://www.pymnts.com/news/b2b-payments/2020/eclypsium-byod-remote-work-cyber-risk/
• What are the different types of Vulnerabilities? https://www.packetlabs.net/types-of-vulnerabilities/

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

• Trends, Alerts, and Events:

  • Hackers are on the hunt for Oracle servers vulnerable to potent exploit https://arstechnica.com/information-technology/2020/10/hackers-are-on-the-hunt-for-oracle-servers-vulnerable-to-potent-exploit/
  • ‘Copyright Violation’ Notices Lead to Facebook 2FA Bypass https://threatpost.com/copyright-violation-facebook-2fa-bypass/160690/
  • Beware a New Google Drive Scam Landing in Inboxes https://www.wired.com/story/beware-a-new-google-drive-scam-landing-in-inboxes

• Nation State Actors:

  • US Cyber Command exposes new Russian malware https://www.zdnet.com/article/us-cyber-command-exposes-new-russian-malware
  • Russian Turla hackers breach European government organization https://www.databreaches.net/russian-turla-hackers-breach-european-government-organization/
  • Researcher Uncover Two Espionage Backdoors in Ransomware https://www.trendmicro.com/en_us/research/20/j/this-week-in-security-news-oct-30.html
  • Russian Espionage Group Updates Custom Malware Suite https://threatpost.com/russian-espionage-custom-malware/160673/
  • The Russian Hackers Playing 'Chekhov's Gun' With US Cyber-Targets https://www.wired.com/story/berserk-bear-russia-infrastructure-hacking
  • Russian hacker group reportedly targeted state Democratic parties in repeat of 2016 attacks https://www.theverge.com/2020/10/30/21541822/russian-hackers-elections-democrats-clinton-emails-fancy-bear
  • Feds Release More Details on Emails Allegedly Sent By Iran https://www.databreachtoday.com/feds-release-more-details-on-emails-allegedly-sent-by-iran-a-15286

• Crime:

  • How does an illicit cybercrime market evolve: A longitudinal study https://www.lightbluetouchpaper.org/2020/10/28/how-does-an-illicit-cybercrime-market-evolve-a-longitudinal-study/
  • Nando’s Credential Stuffing Hackers Feast on Customer Accounts https://threatpost.com/nandos-hackers-customer-accounts/160527/
  • BBB warns of furnace and duct cleaning scams, unethical practices as winter approaches https://globalnews.ca/news/7430564/furnace-scams-canada-better-business-bureau/
  • Hacker steals $24 million from cryptocurrency service 'Harvest Finance' https://www.zdnet.com/article/hacker-steals-24-million-from-cryptocurrency-service-harvest-finance
  • Software engineer leaked UK missile system secrets and refused to hand cops his passwords https://www.theregister.com/2020/10/28/simon_finch_official_secrets_passwords_trial/
  • FTC: Social Media Fraud Scams On The Rise https://www.pymnts.com/news/security-and-risk/2020/ftc-social-media-fraud-scams-on-the-rise/
  • B.C. casino violated reporting laws after investigator warned Lottery Corp. https://globalnews.ca/news/7426840/river-rock-cullen-commission-violations/

Other Security / Risk

Articles covering other types of risks.

• Another Redaction Fail - Reverse-Engineering the Redactions in the Ghislaine Maxwell Deposition using the index https://www.schneier.com/blog/archives/2020/10/reverse-engineering-the-redactions-in-the-ghislaine-maxwell-deposition.html
• Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo https://krebsonsecurity.com/2020/10/security-blueprints-of-many-companies-leaked-in-hack-of-swedish-firm-gunnebo/
• US election 2020: How US and China's break-up could affect the world https://www.bbc.co.uk/news/election-us-2020-54713752

• Election Security and Disinformation:

  • In Election Hacking, Perception May be as Good as the Real Thing https://www.securityweek.com/election-hacking-perception-may-be-good-real-thing and https://www.nytimes.com/2020/10/28/us/politics/2020-election-hacking.html
  • Here are all the steps social media made to combat misinformation. Will it be enough? https://www.theguardian.com/technology/2020/oct/29/here-are-all-the-steps-social-media-made-to-combat-misinformation-will-it-be-enough
  • Facebook Removes Trump and Biden Ads, Saying They Could Mislead Voters https://www.nytimes.com/2020/10/27/technology/facebook-removes-trump-and-biden-ads-saying-they-could-mislead-voters.html
  • Disinformation Moves From Social Networks to Texts https://www.nytimes.com/2020/10/28/technology/disinformation-moves-from-social-networks-to-texts.html
  • How election interference, voter fraud misinformation could discourage voting in U.S. election https://globalnews.ca/news/7427794/us-election-voter-fraud-mail-in-ballot-misinformation/
  • Misinformation Overwhelms Local Election Officials https://www.nytimes.com/2020/10/29/technology/misinformation-local-election-officials.html
  • Amazon appears to have donated $40,000 to a top source of vaccine misinformation https://www.businessinsider.com/amazon-reportedly-donated-40000-to-top-vaccine-misinformation-source-2020-10
  • The Year in Misinformation, So Far https://www.nytimes.com/2020/10/27/technology/the-year-in-misinformation-so-far.html
  • Phishing Scam Costs Wisconsin GOP $2.3 Million https://www.databreachtoday.com/phishing-scam-costs-wisconsin-gop-23-million-a-15275
  • Post-Election Cyber Disruptions: What to Expect https://www.databreachtoday.com/interviews/post-election-cyber-disruptions-what-to-expect-i-4786
  • Hacker Changed Florida Governor's Address In Voter Registration Database https://www.cnet.com/news/hacker-changed-florida-governors-address-in-voter-registration-database/
  • Some Ballot Requests May Be Affected by County Cyber Attack https://www.securityweek.com/some-ballot-requests-may-be-affected-county-cyber-attack

• AI fallibility:

  • A self-driving race car drove straight into a wall off the starting line in the world's first autonomous racing series https://www.businessinsider.com/self-driving-roborace-race-car-drove-straight-into-wall-2020-10

• Health, Safety & Environment:

  • To Avoid an 'Era of Pandemics,' We Must Protect Nature https://www.sciencealert.com/to-avoid-an-era-of-pandemics-we-must-protection-nature-un-warns
  • Defunding police not the way to reform mental health response in Ottawa https://globalnews.ca/news/7425678/ottawa-police-chief-mental-health-strategy/
  • Two ‘murder hornet’ queens captured in Washington state sting https://globalnews.ca/news/7429274/murder-hornet-queen-nest/ and https://www.cbc.ca/news/canada/british-columbia/85-live-murder-hornets-captured-from-tree-near-canada-u-s-border-1.5777629
  • Vaping epidemic puts adolescents at risk for potentially fatal lung disease https://scienmag.com/vaping-epidemic-puts-adolescents-at-risk-for-potentially-fatal-lung-disease/
  • Nova Scotia veterinarians report significant spike in cases of dogs consuming cannabis https://globalnews.ca/news/7426857/nova-scotia-veterinarians-report-significant-spike-in-cases-of-dogs-consuming-cannabis/
  • 7 People Killed by Musical Instruments https://www.mentalfloss.com/article/633891/people-killed-musical-instruments
  • Light pollution's wasted energy seen from space https://www.bbc.co.uk/news/science-environment-54721921
• Ontarians can switch hydro bills from time-of-use to tiered pricing — but should they? https://globalnews.ca/news/7432282/ontario-hydro-rates-tiered-vs-time-of-use-pricing/

• Other risks relating to COVID and the new normal:

  • 1500 Nurses dead from Covid https://www.ctvnews.ca/health/coronavirus/1-500-nurses-dead-from-covid-19-across-44-countries-international-council-of-nurses-1.5165352
  • Officials Warn of Cyberattacks on Hospitals as Virus Cases Spike https://www.nytimes.com/2020/10/28/us/hospitals-cyberattacks-coronavirus.html
  • Psychologists Found The Personality Trait That Makes It Hardest to Endure Lockdown https://www.sciencealert.com/psychologists-identify-the-personality-types-most-likely-to-break-out-in-lockdown
  • Cheaper to prevent pandemics than 'cure' them https://www.bbc.co.uk/news/science-environment-54721687
  • Dow plummets 500 points as spiking virus cases prompt more lockdowns https://markets.businessinsider.com/news/stocks/stock-market-news-today-europe-virus-lockdowns-economy-dow-sp500-2020-10-1029734444 and https://www.bbc.co.uk/news/business-54694956
  • 5,500 fewer students enrolled to TDSB schools this fall https://globalnews.ca/news/7423386/tdsb-fewer-students-enrolled-this-fall/
  • The Pandemic Could End Waiting in Line https://www.theatlantic.com/technology/archive/2020/10/the-pandemic-could-end-waiting-in-line/616873/
  • Did you receive double CERB payments? The CRA wants its money back https://globalnews.ca/news/7424806/cra-double-payments-cerb/
  • Boeing to cut 20% of workforce by end of 2021 https://www.bbc.co.uk/news/business-54716296
  • Falling Commercial Real Estate Prices Threaten Bank Losses https://www.pymnts.com/real-estate/2020/falling-commercial-real-estate-prices-threaten-bank-losses/
  • HBC sues landlord of Yorkdale, Square One alleging failure to run ‘first class’ malls https://globalnews.ca/news/7426627/coronavirus-hudsons-bay-yorkdale-square-one-oxford/
  • Will the second wave of COVID-19 raise life insurance premiums? https://globalnews.ca/news/7427366/canada-life-insurance-premiums-covid-19/
  • COVID-19 a “golden opportunity” for terror organisations to intensify their propaganda https://scienmag.com/covid-19-a-golden-opportunity-for-terror-organisations-to-intensify-their-propaganda/

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

• The spread, curves, spikes, and waves - now reinfection:

  • Global coronavirus case total rises by record 500,000 cases in one day https://globalnews.ca/news/7430930/coronavirus-cases-half-million/
  • Canada shatters daily case record with over 3,400 more coronavirus infections https://globalnews.ca/news/7433933/coronavirus-canada-update-oct-30/
  • Doug Ford says Ontario’s coronavirus numbers ‘moving in right direction’ https://globalnews.ca/news/7427873/doug-ford-ontario-coronavirus-numbers-right-direction/
  • Ford says plan to ease COVID-19 restrictions coming for hot spots https://globalnews.ca/news/7433172/coronavirus-ford-covid-19-restrictions-hot-spots/
  • Premier Doug Ford’s Etobicoke constituency office declares COVID-19 outbreak https://globalnews.ca/news/7432290/premier-etobicoke-constituency-office-covid-19-outbreak/
  • Ontario reports 834 new coronavirus cases, 5 more deaths https://globalnews.ca/news/7426845/ontario-coronavirus-cases-october-28-covid19/
  • Quebec reports 929 new coronavirus cases, 17 more deaths https://globalnews.ca/news/7426915/quebec-coronavirus-covid-19-october-28/
  • Close to 17 percent of patients recovered from COVID-19 could still carry virus https://scienmag.com/close-to-17-percent-of-patients-recovered-from-covid-19-could-still-carry-virus/
  • Canadians interacting and travelling much less during pandemic, cellphone data study shows https://www.cbc.ca/news/canada/toronto/covid-ont-mobility-1.5779204
  • 16 B.C. firefighters test positive for COVID-19 following deployment to California https://globalnews.ca/news/7428530/coronavirus-16-b-c-firefighters-test-positive/
  • Restaurant says group with Niagara MP Oosterhoff ignored posted COVID-19 rules https://globalnews.ca/news/7424690/coronavirus-restaurant-oosterhoff-group-photo/
  • At least 44 people test positive for coronavirus after wedding events in Vaughan https://globalnews.ca/news/7428843/coronavirus-wedding-avani-event-centre-vaughan/
  • A Long Island wedding and birthday party infected 56 with the coronavirus https://www.washingtonpost.com/nation/2020/10/29/long-island-coronavirus-superspreader-party/
  • 1 infected camper likely led to 115 coronavirus cases at an overnight camp https://www.businessinsider.com/115-students-staff-at-wisconsin-camp-got-covid-cdc-2020-10
  • Fox News staffers are 'in a panic' about election night coverage after top hosts were exposed to a COVID-19 https://www.businessinsider.com/fox-news-panic-election-night-coverage-coronavirus-exposure-quarantine-2020-10
  • Covid spreading faster in England than 'worst-case scenario' https://www.bbc.co.uk/news/health-54750775
  • What will the England lockdown achieve? https://www.bbc.co.uk/news/health-54766526
  • Australia records zero Covid-19 cases for first time in five months https://www.bbc.co.uk/news/world-australia-54768038

• Contact Tracing:

  • NHS Covid-19 app confuses users https://www.independent.co.uk/life-style/gadgets-and-tech/nhs-covid19-app-why-does-coronavirus-contacttracing-tool-keep-giving-me-two-notifications-at-same-time-b1374355.html

• Guidance, Response and Recovery:

  • Canadians are feeling pandemic fatigue. Experts say ‘greater good’ message isn’t enough https://globalnews.ca/news/7424561/coronavirus-canada-pandemic-fatigue/
  • Over 10,000 people in Canada have died from coronavirus https://globalnews.ca/news/7421380/canada-coronavirus-10k-death-toll/
  • The WHO warns that getting COVID-19 under control may require tougher lockdowns and sacrifice https://www.businessinsider.com/who-covid-lockdowns-restrictions-covid19-personal-sacrifice-cases-surge-2020-10
  • France, Germany face new round of coronavirus lockdowns as cases surge https://globalnews.ca/news/7429087/europe-us-coronavirus-lockdown/
  • France lockdown: What went wrong and what can Canada learn? https://globalnews.ca/news/7429339/coronavirus-france-lockdown-canada/
  • Belgium announces return to national lockdown https://www.bbc.co.uk/news/world-europe-54752194 __Merkel warns of 'long, hard winter' as lockdowns return https://www.bbc.co.uk/news/world-europe-54728893
  • How the Czech Republic's response went wrong https://www.bbc.co.uk/news/world-europe-54639351
  • Excess deaths’ likely to spike along with coronavirus 2nd wave https://globalnews.ca/news/7426785/excess-deaths-spiking-coronavirus-second-wave-canada/
  • Normality is three years out https://www.businessinsider.com/nicholas-christakis-apollos-arrow-qa-covid-changes-society-2020-10 https://globalnews.ca/news/7432304/businesses-masks-gowns-coronavirus-first-wave/
  • ‘Rewarding’: Businesses that pivoted to make masks, gowns reflect after first wave of COVID-19

• Treatments, Testing, Triage, and Trials:

  • Getting a flu shot could reduce your risk of getting COVID-19 https://www.businessinsider.com/flu-shots-linked-lower-risk-covid-19-study-2020-10
  • Demand for flu shot up 500% at Ontario pharmacies compared to 2019 https://globalnews.ca/news/7434935/demand-up-500-per-cent-ontario-pharmacies-flu-shot/
  • Many of us aren’t washing our hands like we used to: germ expert https://globalnews.ca/news/7432594/washing-hands/
  • No vaccine results in October https://www.businessinsider.com/business-insiders-biggest-healthcare-stories-for-october-28-2020-10
  • Legal ramifications of exposing someone to COVID-19 murky https://globalnews.ca/news/7427742/legal-ramifications-exposing-someone-covid-19-coronavirus-winnipeg-lawyer/
  • N.B. company says its rapid-test technology for sewage can help detect COVID-19 early https://globalnews.ca/news/7424344/n-b-company-rapid-test-detect-covid-19-early/
  • CRISPR screen identifies genes, drug targets to protect against SARS-CoV-2 infection https://scienmag.com/crispr-screen-identifies-genes-drug-targets-to-protect-against-sars-cov-2-infection/
  • The US will spend $375 million on 300,000 vials of Eli Lilly's experimental COVID-19 antibody therapy https://www.businessinsider.com/eli-lilly-covid-antibody-treatment-covid19-therapy-bamlanivimab-fda-approval-2020-10
  • Pfizer Vaccine Data Delayed; Fed Halts Clinical Trial https://www.pymnts.com/coronavirus/2020/pfizer-vaccine-data-delayed-fed-halts-clinical-trial/
  • Gilead sold $873 million worth of its antiviral COVID-19 treatment https://www.businessinsider.com/gilead-sold-873-million-worth-of-covid-19-antiviral-veklury-2020-10

• Things we learned:

  • Even Vampire Bats Socially Distance Themselves When They Feel Sick https://www.sciencealert.com/vampire-bats-social-distance-when-they-feel-sick
  • 1st Canadian dog to test positive for COVID-19 https://www.cbc.ca/news/canada/hamilton/maci-covid-first-dog-niagara-1.5778180
  • Scientists Identify The 5 Symptoms That May Predict a Long-Term Case of Coronavirus https://www.sciencealert.com/multiple-symptoms-early-in-infection-has-been-linked-to-covid-long-haulers
  • Covid: Antibodies 'fall rapidly after infection' - https://www.bbc.co.uk/news/health-54696873
  • New research shows SARS-CoV-2 spike proteins disrupt the blood-brain barrier https://scienmag.com/new-research-shows-sars-cov-2-spike-proteins-disrupt-the-blood-brain-barrier/
  • Scientists map structure of potent antibody against coronavirus https://scienmag.com/scientists-map-structure-of-potent-antibody-against-coronavirus/
  • Neutrons chart atomic map of COVID-19’s viral replication mechanism https://scienmag.com/neutrons-chart-atomic-map-of-covid-19s-viral-replication-mechanism/
  • Lung scans for stroke patients could provide earlier COVID-19 detection https://scienmag.com/lung-scans-for-stroke-patients-could-provide-earlier-covid-19-detection/
  • Famous Alien-Hunting Drake Equation Inspires New Way to Predict COVID-19 Spread https://www.sciencealert.com/the-famous-alien-hunting-equation-has-been-tweaked-to-predict-coronavius-spread
  • Why are some COVID-19 infected people asymptomatic? https://scienmag.com/why-are-some-covid-19-infected-people-asymptomatic/

• Disinformation:

  • U.S. election: How COVID-19 misinformation is being weaponized in politics https://globalnews.ca/news/7430296/u-s-election-covid-19-misinformation-weaponized-politics-coronavirus/

• Masks, anti-maskers, distancing, compliance, and repercussions:

  • B.C.’s top doctor toughens tone on masks in public: ‘It is now the expectation’ https://globalnews.ca/news/7423664/coronavirus-bc-masks-in-public/
  • City of Regina steps up mandatory mask enforcement on buses https://globalnews.ca/news/7426399/regina-mandatory-mask-transit/
  • Russia enacted a national mask mandate https://www.businessinsider.com/russia-issues-national-mask-mandate-covid-19-not-us-2020-10
  • 5 science-backed reasons you should keep your mask on at all times during the pandemic — even at dinner https://www.businessinsider.com/fauci-5-reasons-to-wear-a-mask-during-the-pandemic-2020-10
  • This Four-Layer Face Mask Has a Two-Speed Fan Inside https://www.mentalfloss.com/article/634942/four-layer-face-mask-has-two-speed-fan-inside
  • Toronto teacher could face $1K fine after allegedly not using PPE https://globalnews.ca/news/7427299/toronto-school-employee-charged-covid19-ppe/
  • Chicago - A guard asked two sisters to put on a mask. They stabbed him 27 times instead, prosecutors say. https://www.washingtonpost.com/nation/2020/10/28/sisters-stabbing-mask-security-guard-chicago/
  • A British student was fined $8,600 for breaking COVID-19 quarantine https://www.businessinsider.com/uk-student-fined-breaking-quarantine-posted-instagram-2020-10

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

• Study finds 5 distinct dog types from 11,000 years ago https://scienmag.com/study-finds-5-distinct-dog-types-from-11000-years-ago/ and https://www.bbc.co.uk/news/science-environment-54690458
• Antarctica yields oldest fossils of giant birds with 21-foot wingspans https://scienmag.com/antarctica-yields-oldest-fossils-of-giant-birds-with-21-foot-wingspans/
• Faces to Names initiative tells stories of 28 Guelph soldiers who died in WWII https://globalnews.ca/news/7433240/faces-to-names-guelph-soldiers/
• New sulfur dioxide conversion method may transform current industrial techniques https://scienmag.com/new-sulfur-dioxide-conversion-method-may-transform-current-industrial-techniques/
• Hyundai made a walking car (no, really) https://www.zdnet.com/article/hyundai-made-a-walking-car-no-really/
• Flying car takes off https://www.ctvnews.ca/sci-tech/uplifting-developments-inch-flying-cars-closer-to-reality-1.5167340
• Canadian satellites to help combat threat of collisions in Earth orbit https://www.cbc.ca/news/technology/northstar-satellites-1.5782085
• NASA Announces the Discovery of Water in the Sunlit Parts of the Moon https://www.universetoday.com/148625/nasa-announces-the-discovery-of-water-in-the-sunlit-parts-of-the-moon/
• NASA's Leaking Asteroid Sample Is Finally Secure! Now to Get It Back to Earth https://www.sciencealert.com/nasa-secured-the-precious-asteroid-sample-320-million-km-away-and-it-s-coming-home
• 'Weird' Molecule Detected on Titan Has Never Been Found in Any Atmosphere https://www.sciencealert.com/scientists-have-just-found-a-really-bizarre-molecule-in-titan-s-atmosphere
• In the Hunt for Planet Nine, Astronomers Bring New Digital Darkroom Search Technique https://www.scientificamerican.com/article/in-the-hunt-for-planet-nine-astronomers-eye-a-new-search-technique/