This Week's [in]Security - Issue 210 | insecurity | Control Gap

Welcome to This Week’s [in]Security. PCI 3DS, New e-skimmers, Card breaches. EU's SCA. Big-Hacks: Facebook, Linkedin. New breaches: Clubhouse, Q Link Wireless. New Ransomware. Follow-ups & Fall-out. Privacy: Big Brother? Xcinex Venue. Laws & Regs: Bans, Breach law, Facial recognition, NIST & Hippa. Defense: Tools, Simplification, Resilience. Vulnerabilities: Cisco zeroday, Pwn2Own, SAP, Zoom, Carbon Black, Domain Time II, Moodle, medical devices, 802.11bf sensing. Cybercrime: Trends. Gigaset, Nation States. Cyber-war? Other Risks. Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants. The Good, Bad, and Ugly (Behaviour). And more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

• What is the PCI 3DS (3D Secure) Core Security Standard? https://pcissc.secure.force.com/faq/articles/Frequently_Asked_Question/What-is-the-PCI-3DS-3D-Secure-Core-Security-Standard
• New FAQ#1493 on 3DS https://pcissc.secure.force.com/faq/articles/Frequently_Asked_Question/What-is-the-PCI-3DS-3D-Secure-Core-Security-Standard
• Updated index of PCI FAQ's https://controlgap.com/index-pci-frequently-asked-questions/
• VISA: Hackers increasingly using web shells to steal credit cards https://www.bleepingcomputer.com/news/security/visa-hackers-increasingly-using-web-shells-to-steal-credit-cards/
• 623M Payment Cards Stolen from Swarmshop Cybercrime Forum https://threatpost.com/623m-payment-cards-stolen-from-cybercrime-forum/165336/
• 330k Payment Cards and $38m in Gift Cards Stolen and Sold, Reportedly From Cardpool.com, in Online Gift Shop Incident https://www.databreaches.net/330k-payment-cards-and-38m-in-gift-cards-exposed-in-online-gift-shop-leak/, and https://www.databreachtoday.com/stolen-cards-reportedly-from-cardpoolcom-sold-on-darknet-a-16349
• Deep Dive: How Merchants Can Navigate The Ins And Outs Of the EU's Strong Customer Authentication (SCA) Compliance requirements https://www.pymnts.com/authentication/2021/merchants-psd2-sca-compliance/

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

• Major incidents:

  • Facebook downplays 'old' breach exposing info on 533 million users https://www.cbc.ca/news/business/facebook-breach-1.5977829
  • Facebook attributes 533 million users' data leak to "scraping" not hacking https://www.bleepingcomputer.com/news/security/facebook-attributes-533-million-users-data-leak-to-scraping-not-hacking/
  • Facebook data leak now under EU data regulator investigation https://www.bleepingcomputer.com/news/security/facebook-data-leak-now-under-eu-data-regulator-investigation/
  • Another 500 million accounts have leaked online, and LinkedIn’s in the hot seat https://www.theverge.com/2021/4/8/22374464/linkedin-data-leak-500-million-accounts-scraped-microsoft and https://threatpost.com/data-500m-linkedin-users-online/165329/

• New Breaches:

  • Clubhouse CEO Denies Report Of Data Leak For 1.3 Million Users https://www.pymnts.com/news/security-and-risk/2021/clubhouse-ceo-denies-report-of-data-leak-for-1-3-million-users/
  • Clubhouse data leak: 1.3 million scraped user records leaked online for free https://www.databreaches.net/clubhouse-data-leak-1-3-million-scraped-user-records-leaked-online-for-free/
  • Personal data of 1.3 million Clubhouse users has reportedly leaked online days after LinkedIn and Facebook also suffered data breaches https://www.businessinsider.com/clubhouse-data-leak-1-million-users-2021-4
  • Br: Leak exposes 1.7 TB of customer data from Brazilian fintech iugu https://www.databreaches.net/br-leak-exposes-1-7-tb-of-customer-data-from-brazilian-fintech-iugu/
  • No password required: Mobile carrier Q Link Wireless exposes data for millions of accounts https://arstechnica.com/information-technology/2021/04/no-password-required-mobile-carrier-exposes-data-for-millions-of-accounts/
  • World's largest pathologists association discloses credit card incident https://www.bleepingcomputer.com/news/security/worlds-largest-pathologists-association-discloses-credit-card-incident/
  • University of California Victim of Nationwide Hack Attack https://www.securityweek.com/university-california-victim-nationwide-hack-attack
  • 310,000 Records Compromised In University Of Colorado Data Breach, Including Social Security Numbers & University Financial Information https://www.databreaches.net/310000-records-compromised-in-university-of-colorado-data-breach-including-social-security-numbers-university-financial-information/
  • De: Another data breach in COVID-19 test centers https://www.databreaches.net/de-another-data-breach-in-covid-19-test-centers/
  • Statement From Atlantic Media on Unauthorized Access of Its Servers https://www.databreaches.net/statement-from-atlantic-media-on-unauthorized-access-of-its-servers/

• New Ransomware and "Incidents":

  • How do we stamp out the ransomware business model? Ban insurance payouts for one, says ex-GCHQ director https://www.theregister.com/2021/04/09/ban_cyber_insurance_payouts/
  • Ransomware shuts down production at two manufacturing plants https://arstechnica.com/information-technology/2021/04/ransomware-shuts-down-production-at-two-manufacturing-plants/
  • Durham regional government in Ontario victim of third-party cyberattack https://www.itworldcanada.com/article/ontario-regional-government-victim-of-third-party-cyber-attack/445791
  • National College of Ireland hit by ransomware attack https://www.databreaches.net/national-college-of-ireland-hit-by-ransomware-attack/

• Follow-ups and fall-out:

  • Crisis Communications: How to Handle Breach Response https://www.databreachtoday.com/interviews/crisis-communications-how-to-handle-breach-response-i-4868
  • Chinese Hackers Selling Intimate Stolen Camera Footage https://threatpost.com/chinese-hackers-intimate-camera-footage/165281/
  • Proctor-U (after suffering a breach last August) agrees to security audit thanks to inquiries by Senator Wyden https://www.databreaches.net/proctor-u-agrees-to-security-audit-thanks-to-inquiries-by-senator-wyden/
  • In Wake of Breaches, Accellion Faces at Least 14 Lawsuits https://www.databreachtoday.com/in-wake-breaches-accellion-faces-at-least-14-lawsuits-a-16360

Privacy

Articles about privacy related news, risks, and trends.

• The UK government is collecting data about people’s race, health, and biometrics in a mysterious database https://www.independent.co.uk/life-style/gadgets-and-tech/home-office-database-race-health-biometrics-b1828041.html
• Your 'smart home' is watching – and possibly sharing your data with the police (US) https://www.theguardian.com/commentisfree/2021/apr/05/tech-police-surveillance-smart-home-devices
• People are frightened by ‘dystopian’ gadget that counts people in living room to charge per viewer for streaming https://www.independent.co.uk/life-style/gadgets-and-tech/pay-per-viewer-streaming-xcinex-venue-b1827537.html
• Why You Should Never Use Google Chrome On Your iPhone, iPad Or Mac https://www.forbes.com/sites/zakdoffman/2021/04/10/why-you-should-never-use-google-chrome-on-your-apple-iphone-ipad-imac-or-macbook/

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

• US:

  • US blacklists seven Chinese supercomputer groups https://www.bbc.co.uk/news/business-56685136
  • Victory for Fair Use: The Supreme Court Reverses the Federal Circuit in Oracle v. Google https://www.eff.org/deeplinks/2021/04/victory-fair-use-supreme-court-reverses-federal-circuit-oracle-v-google
  • Maine Enacts NAIC-Inspired Cybersecurity Law https://www.databreaches.net/maine-enacts-naic-inspired-cybersecurity-law/
  • Utah is the 2nd State to Create a Safe Harbor for Companies Facing Data Breach Litigation https://www.databreaches.net/utah-is-the-2nd-state-to-create-a-safe-harbor-for-companies-facing-data-breach-litigation/
  • Virginia to Ban Local Police from Using Facial Recognition https://epic.org/2021/04/virginia-to-ban-local-police-f.html

• World:

  • China fines Alibaba $2.8 billion after antitrust investigation https://www.theverge.com/2021/4/10/22377500/china-fines-alibaba-2-8-billion-anitrust

• Standards News:

  • NIST and HIPAA: Is There a Password Connection? https://thehackernews.com/2021/04/nist-and-hipaa-is-there-password.html

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

• Microsoft releases a cyberattack simulator - Shall we play a game? https://www.bleepingcomputer.com/news/security/microsoft-releases-a-cyberattack-simulator-shall-we-play-a-game/
• CISA releases tool to review Microsoft 365 post-compromise activity https://www.bleepingcomputer.com/news/security/cisa-releases-tool-to-review-microsoft-365-post-compromise-activity/
• Threat matrix for storage services https://www.microsoft.com/security/blog/2021/04/08/threat-matrix-for-storage/
• Our Brain Typically Overlooks This Brilliant Problem-Solving Strategy https://www.scientificamerican.com/article/our-brain-typically-overlooks-this-brilliant-problem-solving-strategy/
• Resilience against replay attacks in computer systems https://scienmag.com/resilience-against-replay-attacks-in-computer-systems/
• Google Chrome blocks port 10080 to stop NAT Slipstreaming attacks https://www.bleepingcomputer.com/news/security/google-chrome-blocks-port-10080-to-stop-nat-slipstreaming-attacks/
• How to Fix Your Phone if It Gets Water Damage (Hint, Rice Won't Help) https://www.sciencealert.com/rice-wont-help-repair-your-water-damaged-phone-here-s-what-to-do
• Welcoming the Ukrainian Government to Have I Been Pwned https://www.troyhunt.com/welcoming-the-ukrainian-government-to-have-i-been-pwned/

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

• Zero-Day Bug Impacts Problem-Plagued Cisco SOHO Routers https://threatpost.com/zero-day-bug-soho-routers/165321/
• $200,000 Awarded for Zero-Click Zoom Exploit at Pwn2Own https://www.securityweek.com/200000-awarded-zero-click-zoom-exploit-pwn2own
• Pwn2Own 2021 Participants Earn Over $1.2 Million for Their Exploits https://www.securityweek.com/pwn2own-2021-participants-earn-over-12-million-their-exploits
• Zoom Joins Microsoft Teams on List of Enterprise Tools Hacked at Pwn2Own https://www.darkreading.com/threat-intelligence/zoom-joins-microsoft-teams-on-list-of-enterprise-tools-hacked-at-pwn2own/d/d-id/1340626
• Attackers Target Unpatched SAP Applications https://www.databreachtoday.com/attackers-target-unpatched-sap-applications-a-16356
• SAP: It takes exploit devs about 72 hours to turn one of our security patches into a weapon against customers https://www.theregister.com/2021/04/06/sap_patch_attacks/
• Critical Zoom vulnerability triggers remote code execution without user input https://www.zdnet.com/article/critical-zoom-vulnerability-triggers-remote-code-execution-without-user-input
• VMware Patches Critical Flaw in Carbon Black Cloud Workload https://www.securityweek.com/vmware-patches-critical-flaw-carbon-black-cloud-workload
• Vulnerability in 'Domain Time II' Could Lead to Server, Network Compromise https://www.securityweek.com/vulnerability-domain-time-ii-could-lead-server-network-compromise
• Vulnerability: Est. Millions of Users of Popular Educational Platform Exposed to Account Takeover Threats And More https://www.databreaches.net/vulnerability-est-millions-of-users-of-popular-educational-platform-exposed-to-account-takeover-threats-and-more/
• FDA's Kevin Fu on Threat Modeling for Medical Devices https://www.databreachtoday.com/interviews/fdas-kevin-fu-on-threat-modeling-for-medical-devices-i-4869
• Wi-Fi Devices as Physical Object Sensors https://www.schneier.com/blog/archives/2021/04/wi-fi-devices-as-physical-object-sensors.html
• How to Backdoor a Cipher, by Raluca Posteuca and Tomer Ashur https://eprint.iacr.org/2021/442

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

• Trends, Alerts, and Events (other than major breaches):

  • Voice-Changing Software Found on APT Attackers' Server https://www.darkreading.com/threat-intelligence/voice-changing-software-found-on-apt-attackers-server/d/d-id/1340618
  • Windows and Linux devices are under attack by a new cryptomining worm https://arstechnica.com/gadgets/2021/04/windows-and-linux-devices-are-under-attack-by-a-new-cryptomining-worm/
  • Gigaset Android Update Server Hacked to Install Malware on Users' Devices https://thehackernews.com/2021/04/gigaset-android-update-server-hacked-to.html
  • Alert — There's A New Malware Out There Snatching Users' Passwords https://thehackernews.com/2021/04/alert-theres-new-malware-out-there.html
  • Attackers deliver legal threats, IcedID malware via contact forms https://www.bleepingcomputer.com/news/security/attackers-deliver-legal-threats-icedid-malware-via-contact-forms/
  • Attackers Using Malicious Doc Builder Called 'EtterSilent' https://www.databreachtoday.com/attackers-using-malicious-doc-builder-called-ettersilent-a-16362
  • Hackers Exploit Unpatched VPNs to Install Ransomware on Industrial Targets https://thehackernews.com/2021/04/hackers-exploit-unpatched-vpns-to.html
  • Microsoft Office 365 phishing evades detection with HTML Lego pieces https://www.bleepingcomputer.com/news/security/microsoft-office-365-phishing-evades-detection-with-html-lego-pieces/
  • Phone cloning scam preying on rideshare drivers https://www.schneier.com/blog/archives/2021/04/phone-cloning-scam.html
  • Tech support scammers lure victims with fake antivirus billing emails https://www.bleepingcomputer.com/news/security/tech-support-scammers-lure-victims-with-fake-antivirus-billing-emails/
  • Imposters steal restaurants’ names in delivery app deception https://www.theverge.com/2021/4/8/22374341/imposter-restaurants-doordash-grubhub-ghost-kitchen-wagyumafia-blowfish-sushi

• Nation State Actors:

  • Crossing the Line: When Cyberattacks Become Acts of War https://threatpost.com/crossing-line-cyberattack-act-war/165290/
  • Iran Calls Natanz Atomic Site Blackout 'Nuclear Terrorism' https://www.securityweek.com/iran-calls-natanz-atomic-site-blackout-nuclear-terrorism
  • North Korean hackers use new Vyveva malware to attack freighters https://www.bleepingcomputer.com/news/security/north-korean-hackers-use-new-vyveva-malware-to-attack-freighters/
  • Researchers uncover a new Iranian malware used in recent cyberattacks https://thehackernews.com/2021/04/researchers-uncover-new-iranian-malware.html

• Crime & Arrests, etc.:

  • Man jailed for trying to buy chemical weapon online able to kill ‘hundreds’ of people https://www.zdnet.com/article/man-jailed-for-trying-to-buy-chemical-weapon-able-to-kill-hundreds-in-the-dark-web
  • Dark web hitman identified through crypto-analysis https://www.databreaches.net/dark-web-hitman-identified-through-crypto-analysis/
  • FBI arrests man for plan to kill “70% of Internet” in AWS bomb attack https://www.bleepingcomputer.com/news/security/fbi-arrests-man-for-plan-to-kill-70-percent-of-internet-in-aws-bomb-attack/
  • Dutch man gets two years in prison for hijacking 13,762 online store accounts https://www.databreaches.net/dutch-man-gets-two-years-in-prison-for-hijacking-13762-online-store-accounts/
  • California man indicted for stealing Shopify customer data https://www.theverge.com/2021/4/7/22371779/shopify-data-breach-california-tassilo-heinrich-indicted-wire-fraud
  • UPDATE: (US) Trillium Health IT specialist pleads guilty to stealing personal info from colleagues’ computers https://www.databreaches.net/update-trillium-health-it-specialist-pleads-guilty-to-stealing-personal-info-from-colleagues-computers/

Other Security / Risk

Articles covering other types of risks.

• US spies peer into the future - and it doesn't look good https://www.bbc.co.uk/news/world-us-canada-56683852
• Russia May Have Found a New Way to Censor the Internet https://www.wired.com/story/russia-may-have-found-new-way-to-censor-internet
• Russia’s Twitter throttling may give censors never-before-seen capabilities https://arstechnica.com/gadgets/2021/04/russias-twitter-throttling-may-give-censors-never-before-seen-capabilities/
• Students of color are getting flagged to their teachers because testing software can’t see them https://www.theverge.com/2021/4/8/22374386/proctorio-racial-bias-issues-opencv-facial-detection-schools-tests-remote-learning
• Toronto man has limit on line of credit slashed by $12,000 without being notified by bank https://toronto.ctvnews.ca/toronto-man-has-limit-on-line-of-credit-slashed-by-12-000-without-being-notified-by-bank-1.5377075
• The truth about doublespeak: Is it lying or just being persuasive? https://scienmag.com/the-truth-about-doublespeak-is-it-lying-or-just-being-persuasive/

• Health, Safety & Environment:

  • Aluminum is intricately associated with the neuropathology of familial Alzheimer’s disease https://scienmag.com/aluminum-is-intricately-associated-with-the-neuropathology-of-familial-alzheimers-disease/
  • How tech companies are ignoring the pandemic’s mental health crisis https://www.theverge.com/2021/4/9/22375409/mental-health-crisis-tech-companies-self-harm-platform-policy
  • Airplane takes off a metric ton heavier than expected after computer error weighs adults as children https://www.theverge.com/2021/4/9/22375136/airplane-flight-takes-off-heavier-than-expected-miss-ms-children
  • Boeing's infamous 737 Max plane has a new issue, and 16 airlines are being told to ground planes (BA) https://www.businessinsider.com/boeing-737-max-new-electrical-issue-southwest-american-airlines-2021-4
  • Crate escape: Search for Irishmen who airmailed Brian Robson home https://www.bbc.co.uk/news/uk-northern-ireland-56648439
  • Verizon is recalling 2.5 million hotspots that could overheat and cause burn or fire damage https://www.theverge.com/2021/4/8/22374252/verizon-recall-hotspots-overheat-burn-fire-damage
  • St. Vincent’s La Soufriere volcano blows in ‘explosive eruption’ https://globalnews.ca/news/7747964/la-soufriere-volcano-eruption-st-vincent/
  • Luxury ships from the Royal Caribbean and Carnival Cruise lines sail to the rescue and evacuate islanders in the path of a volcano eruption https://www.businessinsider.com/luxury-cruise-ships-sail-rescue-evacuate-saint-vincent-volcano-eruption-2021-4
  • SpaceX and OneWeb satellites nearly crashed into each other in orbit, according to reports https://www.businessinsider.com/spacex-oneweb-satellites-almost-colllided-in-orbit-2021-4
  • The water fight over the shrinking Colorado River https://www.bbc.co.uk/news/world-us-canada-56608180
  • 7 years ago, Formula E became automakers' EV testing grounds. Here's how it's helping innovate road cars. https://www.businessinsider.com/what-is-formula-e-car-ev-electric-vehicles-jaguar-porsche-2021-4

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

• The spread, curves, spikes, waves, reinfection, and variant strains:

  • You Probably Have an Asymptomatic Infection Right Now https://www.theatlantic.com/science/archive/2021/04/why-coronavirus-can-infect-us-without-making-us-sick/618530/
  • Toronto baby ends up in hospital, entire family contracts COVID-19 after daycare exposure https://toronto.ctvnews.ca/toronto-baby-ends-up-in-hospital-entire-family-contracts-covid-19-after-daycare-exposure-1.5378438
  • Two staff members at Toronto vaccine clinics test positive for COVID-19 https://www.cp24.com/news/two-staff-members-at-toronto-vaccine-clinics-test-positive-for-covid-19-1.5381508
  • Hasidic, Devout, and Mad as Hell About COVID-19 https://www.theatlantic.com/politics/archive/2021/04/pandemic-covid-hasidic-jews-yiddish/618539/
  • How the ‘Eek’ variant could offer long-term clues on adapting COVID-19 vaccines https://globalnews.ca/news/7742782/eek-covid-variant-japan-vaccine/

• Guidance, Response, and Recovery:

  • Princess Cruises is turning its ships into 'offices at sea' with WiFi as fast as land (CCL) https://www.businessinsider.com/princess-cruises-ships-into-offices-at-sea-faster-wifi-2021-4
  • Full list of Ontario neighbourhoods where the COVID-19 vaccine will be available to those 18+ https://toronto.ctvnews.ca/full-list-of-ontario-neighbourhoods-where-the-covid-19-vaccine-will-be-available-to-those-18-1.5379755
  • Ontario issues emergency alert on new stay-at-home order to curb COVID-19 https://toronto.ctvnews.ca/ontario-issues-emergency-alert-on-new-stay-at-home-order-to-curb-covid-19-1.5378993
  • 700,000 N95 masks shipped out of Brockville’s 3M plant to fight COVID-19 https://globalnews.ca/news/7743672/covid-n95-masks-brockville-3m-plant/
  • Ontario doctor encourages people to get outdoors as stay-at-home order begins https://toronto.ctvnews.ca/ontario-doctor-encourages-people-to-get-outdoors-as-stay-at-home-order-begins-1.5379678
  • Ontario hospitals told to ‘ramp down’ all elective, non-emergency surgeries due to COVID-19 https://globalnews.ca/news/7747921/ontario-hospitals-ramp-down-non-elective-surgeries-covid/
  • SickKids Hospital preparing ICU unit for adult patients as GTA hospital capacity continues to be strained https://toronto.ctvnews.ca/sickkids-hospital-preparing-icu-unit-for-adult-patients-as-gta-hospital-capacity-continues-to-be-strained-1.5378033
  • Coronavirus: Anti-vaccine posters pop up on mailboxes in Kingston suburb https://globalnews.ca/news/7741769/coronavirus-anti-vaccine-posters-kingston-suburb/
  • New York City Kills COVID Rule That Led to Repeated School Closings Despite No Evidence of Outbreaks http://feeds.propublica.org/link/9499/14402305/new-york-city-kills-covid-rule-that-led-to-repeated-school-closings-despite-no-evidence-of-outbreaks
  • Kingston Police gave out over 30 lockdown violation-related tickets by Saturday evening https://globalnews.ca/news/7751147/kingston-police-gave-out-over-30-lockdown-violation-related-tickets-by-saturday-evening/
  • Modelling suggests Hamilton may need three months of COVID-19 lockdown measures https://globalnews.ca/news/7741067/modelling-hamilton-covid-lockdown-measures/
  • Silver linings to New Zealand lockdown https://scienmag.com/silver-linings-to-new-zealand-lockdown/

• Treatments, Testing, Triage, Trials, and things we Learned:

  • Average age drops for Montreal hospital patients with COVID-19 https://globalnews.ca/news/7745226/montreal-covid-19-younger-patients/
  • Japanese doctors perform world's first living donor lung transplant to a Covid-19 patient https://www.cnn.com/2021/04/09/asia/japan-lung-transplant-covid-intl-hnk/index.html
  • Canadian researchers want to shift away from health risk and age-based vaccine rollout https://www.ctvnews.ca/health/coronavirus/canadian-researchers-want-to-shift-away-from-health-risk-and-age-based-vaccine-rollout-1.5382332
  • Canadian scientists develop rapid COVID-19 antibody test using firefly enzyme https://www.cbc.ca/news/thenational/canadian-scientists-develop-rapid-covid-19-antibody-test-using-firefly-enzyme-1.5976237
  • Canada’s Vaccine Mess https://www.theatlantic.com/international/archive/2021/04/canada-vaccine-rollout-problems/618516/

• With new supply Ontario should change its COVID-19 vaccination plan, experts say https://globalnews.ca/news/7742660/ontario-covid-vaccine-supply-plan-changes-experts/

  • Canada could give 75% of adults first vaccine jab by mid-June, NACI says https://globalnews.ca/news/7742924/covid-coronavirus-vaccine-canada-mid-june-naci/
  • Johnson & Johnson vaccine under review in Europe after blood clot reports https://globalnews.ca/news/7748206/johnson-and-johnson-covid-vaccine-ema/
  • People who got the Moderna COVID-19 vaccine say they have more side effects https://www.theverge.com/2021/4/7/22371665/covid-vaccine-side-effects-moderna-pfizer
  • Pfizer’s COVID-19 shot less effective against South African variant: study https://globalnews.ca/news/7750779/south-african-variant-pfizer-covid-19-vaccine/
  • Why rare blood clots could be a side effect of AstraZeneca COVID-19 vaccine https://globalnews.ca/news/7744684/astrazeneca-covid-19-vaccine-rare-blood-clots-side-effect/
  • A Better Solution Than Laminating Your Vaccine Card https://www.theatlantic.com/health/archive/2021/04/vaccine-passport-inevitable/618564/
  • How US history explains vaccine passport scepticism https://www.bbc.co.uk/news/world-us-canada-56680309
  • The Futility of Vaccine Passports https://www.theatlantic.com/international/archive/2021/04/vaccine-passports-dont-solve-our-pandemic-problems/618521/
  • So you’re vaccinated — what are you waiting for? https://www.theverge.com/22370176/covid-19-vaccinated-people-cdc-guidance-herd-immunity
  • 6 Months After Surviving COVID, 1 in 3 Have Neurological or Psychiatric Problems https://www.sciencealert.com/study-suggests-1-in-3-covid-19-survivors-suffer-mental-or-neurological-problems
  • Facebook: 25 Pct Of SMBs Closed Around The World https://www.pymnts.com/economy/2021/facebook-25-pct-of-smbs-closed-around-the-world/
  • More than 50% of British Columbians are $200 per month away from financial insolvency: survey https://globalnews.ca/news/7746314/bc-debt-reaches-five-year-high/
  • US restaurants face ketchup packet shortage amid Covid pandemic https://www.bbc.co.uk/news/world-us-canada-56657822

• More of the good, the bad, and the ugly:

  • Online Scammers Have a New Offer for You: Vaccine Cards https://www.nytimes.com/2021/04/08/technology/vaccine-card-scam.html
  • The FBI Wants People to Watch Out for These COVID-19 Vaccine Scams https://www.mentalfloss.com/article/645213/fbi-warns-about-covid-19-vaccine-scams

• Masks, anti-maskers, distancing, compliance, and repercussions:

  • How to Debunk Misinformation about COVID, Vaccines and Masks https://www.scientificamerican.com/article/how-to-debunk-misinformation-about-covid-vaccines-and-masks/
  • Covid-19: The disinformation tactics used by China https://www.bbc.co.uk/news/world-asia-china-56513257
  • Edmonton pub closes amid threats after defying COVID-19 restrictions https://globalnews.ca/news/7751758/edmonton-crown-and-anchor-covid-19-restrictions/
  • Fencing goes up around GraceLife Church west of Edmonton as AHS ‘physically closes’ facility https://globalnews.ca/news/7742895/edmonton-area-gracelife-church-closure-covid-19/
  • Facebook, eBay, and other online marketplaces are working to clamp down on sales of doctored COVID-19 vaccine cards (FB, EBAY, TWTR, SHOP) https://www.businessinsider.com/facebook-ebay-shopify-fake-vaccine-cards-coronavirus-sold-online-2021-4

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

• New Type of Battery Can Charge 10x Faster Than Lithium-Ion Models https://www.sciencealert.com/new-type-of-battery-can-charge-10-times-faster-than-current-lithium-ion-batteries
• Elon Musk shares video of his Neuralink monkey playing video games with its mind https://www.independent.co.uk/life-style/gadgets-and-tech/elon-musk-monkey-neuralink-video-b1828913.html
• The 'Iron Man' body armour many of us may soon be wearing https://www.bbc.co.uk/news/business-56660644
• Human Taste Buds Can Tell The Difference Between Normal And 'Heavy' Water (Don't drink too much) https://www.sciencealert.com/there-s-one-kind-of-water-that-doesn-t-taste-like-water-scientists-confirm
• How to Survive a Killer Asteroid https://www.wired.com/story/how-to-survive-a-killer-asteroid/
• Browse the web like it's the 90s with this free service https://www.bleepingcomputer.com/news/software/browse-the-web-like-its-the-90s-with-this-free-service/
• AI meme generation using GPT-3 … Being vaccinated does NOT mean… https://aiweirdness.com/post/647999037326360576
• Physics Mystery Behind “Coffee Ring” Formation Uncovered https://scitechdaily.com/physics-mystery-behind-coffee-ring-formation-uncovered/
• Muons: 'Strong' evidence found for a new force of nature - https://www.bbc.co.uk/news/56643677
• Yuri Gagarin: Sixty years since the first man went into space https://www.bbc.co.uk/news/science-environment-56690949
• In a Comprehensive Test, The 'Impossible' EM Drive Has Failed to Produce Thrust… Again https://www.sciencealert.com/in-a-comprehensive-test-the-impossible-em-drive-has-again-failed-to-produce-thrust
• How Direct Fusion Drive Works: Fusion & Interstellar Space Travel https://www.popularmechanics.com/space/solar-system/a36037178/direct-fusion-drive-space-travel-neptune/
• Newly Discovered Region of The Milky Way Is Filled With Stars Ready to Blow Up https://www.sciencealert.com/astronomers-discovered-a-new-region-of-the-milky-way-and-it-s-already-about-to-explode