![This Week's [in]Security - Issue 270](https://www.controlgap.com/hubfs/delicate-arch-starscape-33688.jpg)
Welcome to This Week’s [in]Security. PCI and payments: Payments: New breaches: Pegasus Airlines, ACY Securities, Elasticsearch Buckets. New Ransomware, Follow-ups & Fall-out: largest breaches. Privacy: Consumer Trust, Tim Hortons. Laws & Regs - Canada: C-18, C-11. US: ethical hacking, privacy bill, right to repair. World: Crypto-AML. Defense - Tools & Techniques, Vulnerabilities, Advisories: CISA & FDA. Zerodays, dangerous Follina/MSDT, Confluence, Horde, ICS Doh! Patching. Other: Bulletproof TLS, MySQL, web-scraping. Vulnerability research: remote touchscreen control. Crypto-research: Quantum, AES. Cybercrime: Trends: WordPress Plugins, scams. Crime & Enforcement: Disrupting DDoS. Nation States and mercenaries. Other. Other Risks: General: bias, scammers. Health, Safety, Environment, Disinformation, Economy. Russia v. Ukraine. Innovation and more.
News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.
Other payment related:
Contactless Card Shipments Broke Through the 2 Billion Barrier for the First Time in 2021 https://www.digitaltransactions.net/contactless-card-shipments-broke-through-the-2-billion-barrier-for-the-first-time-in-2021/
Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.
New Breaches:
Pegasus Airlines data breach exposes 6.5TB of flight and crew data https://www.databreaches.net/pegasus-airlines-data-breach-exposes-6-5tb-of-flight-and-crew-data/
AU: Researcher finds ACY Securities leaking 60 GB of User Data https://www.databreaches.net/au-researcher-finds-acy-securities-leaking-60-gb-of-user-data/
Adecco - 4,284,538 breached accounts https://haveibeenpwned.com/PwnedWebsites#Adecco
12K Misconfigured Elasticsearch Buckets Ravaged by Extortionists https://www.darkreading.com/cloud/12k-misconfigured-elasticsearch-buckets-extortionists
Icare sends private details of 193,000 workers to wrong employers https://www.databreaches.net/icare-sends-private-details-of-193000-workers-to-wrong-employers/
Novartis says no sensitive data was compromised in cyberattack https://www.databreaches.net/novartis-says-no-sensitive-data-was-compromised-in-cyberattack/
Data breach at Australian pension provider Spirit Super impacts 50k victims following phishing attack https://www.databreaches.net/data-breach-at-australian-pension-provider-spirit-super-impacts-50k-victims-following-phishing-attack/
Health P.E.I. alerts public of privacy breach after laptop stolen https://www.databreaches.net/health-p-e-i-alerts-public-of-privacy-breach-after-laptop-stolen/
New Ransomware and "Incidents":
Ransomware attack sends New Jersey county back to 1977 https://www.databreaches.net/ransomware-attack-sends-new-jersey-county-back-to-1977/
Follow-ups and fall-out:
Visual Capitalist: Visualizing The 50 Biggest Data Breaches From 2004–2021 https://www.visualcapitalist.com/cp/visualizing-the-50-biggest-data-breaches-from-2004-2021/
Are victims of Netgain ransomware incident first being notified now? https://www.databreaches.net/are-victims-of-netgain-ransomware-incident-first-being-notified-now/
Articles about privacy related news, risks, and trends.
23% of Consumers Say Theft of Personal Data Is No 1 Issue That Would Reduce Trust in Online Merchants https://www.pymnts.com/news/ecommerce/2022/23-pct-consumers-say-theft-of-personal-data-would-reduce-trust-in-online-merchants/
Canadian government slams Tim Hortons for using its app to spy on customers https://www.theverge.com/2022/6/2/23151517/canada-privacy-commission-tim-hortons-app-data-location-tracking-investigation-results
Was Tim Hortons' app improperly tracking users? Privacy commissioner to decide https://globalnews.ca/news/8884583/tim-hortons-app-privacy-commissioner-decision/
Your Tim Hortons Coffee App Knew Where You Were at All Times https://www.wired.com/story/tim-hortons-coffee-app-location-data-tracking
San Francisco Police Nailed for Violating Public Records Laws Regarding Face Recognition and Fusion Center Documents https://www.eff.org/deeplinks/2022/06/san-francisco-police-nailed-violating-public-records-laws-regarding-face
News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.
Canada:
Google warns every MP, senator not to fast track Canadian online news bill https://globalnews.ca/news/8887074/canada-news-bill-c-18-google-letters/
Bill C-11 and User Content at the Heritage Committee: The Gaslighting Continues https://www.michaelgeist.ca/2022/05/bill-c-11-and-user-content/
Bell on Bill C-11: Limit Consumer Choice, Weaken Competition, and Legislate Access to Cheap U.S. Content https://www.michaelgeist.ca/2022/06/bell-on-bill-c-11/
US:
The United States Department of Justice Will no Longer Prosecute Ethical Hackers https://blog.isc2.org/isc2_blog/2022/06/us-will-no-longer-prosecute-ethical-hackers.html
US Online Privacy Bill Gets Bipartisan Support https://www.pymnts.com/news/regulation/2022/us-online-privacy-bill-gets-bipartisan-support/
New York state passes first-ever ‘right to repair' law for electronics https://www.theverge.com/2022/6/3/23153504/right-to-repair-new-york-state-law-ifixit-repairability-diy
New York lawmakers pass a moratorium on Bitcoin mining https://www.theverge.com/2022/6/3/23151622/new-york-bitcoin-mining-moratorium-bill-state-senate
California Privacy Bill Draft Sidesteps Key Personal Data Collection Issues https://www.pymnts.com/news/regulation/2022/california-privacy-bill-draft-sidesteps-key-personal-data-collection-issues/
A victim of the April 12 Brooklyn subway shooting victim is suing the gunmaker Glock https://www.businessinsider.com/brooklyn-subway-shooting-victim-is-suing-the-gunmaker-glock-2022-6
Buffalo shooting: Suspect charged with domestic terrorism https://www.bbc.co.uk/news/world-us-canada-61669403
Covering developments and opportunities that may help improve security.
General:
Microsoft collaborates with Tenable to support federal cybersecurity efforts https://www.microsoft.com/security/blog/2022/06/02/microsoft-collaborates-with-tenable-to-support-federal-cybersecurity-efforts/
Methods, Techniques, Tools, and Products:
Psychological Experiment Reveals The Best Ways to Get People to Cooperate With You https://www.sciencealert.com/psychological-experiment-reveals-the-best-ways-to-get-people-to-cooperate-with-you
Aligning Your Password Policy enforcement with NIST Guidelines https://www.bleepingcomputer.com/news/security/aligning-your-password-policy-enforcement-with-nist-guidelines/
Social Engineering Kill–Chain: Predicting, Minimizing & Disrupting Attack Verticals https://ahead.feedly.com/posts/social-engineering-kill-chain-predicting-minimizing-and-disrupting-attack-verticals
Microsoft: Windows Autopatch now available for public preview https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-autopatch-now-available-for-public-preview/
Windows 11 'Restore Apps' feature will make it easier to set up new PCs https://www.bleepingcomputer.com/news/microsoft/windows-11-restore-apps-feature-will-make-it-easier-to-set-up-new-pcs/
Welcoming the Indonesian Government to Have I Been Pwned https://www.troyhunt.com/welcoming-the-indonesian-government-to-have-i-been-pwned/
Articles about newly discovered vulnerabilities and research.
Advisories:
CISA Alert (AA22-152A): Karakurt Data Extortion Group https://www.databreaches.net/cisa-alert-aa22-152a-karakurt-data-extortion-group/
CISA Warns of Critical Vulnerabilities in Illumina Genetic Analysis Devices https://www.securityweek.com/cisa-warns-critical-vulnerabilities-illumina-genetic-analysis-devices
Zero-day and other recent vulnerability news:
“Follina” – Critical Zero-Day Exploit for Microsoft Products https://www.controlgap.com/blog/microsoft-ms-msdt-execution-follina-critical-zero-day-exploit-for-microsoft-products
Clever — and Exploitable — Windows Zero-Day in MSDT https://www.schneier.com/blog/archives/2022/06/clever-and-exploitable-windows-zero-day.html
Code execution 0-day in Windows has been under active exploit for 7 weeks https://arstechnica.com/information-technology/2022/05/code-execution-0day-in-windows-has-been-under-active-exploit-for-7-weeks/
CVE-2022-30190: Zero Click Zero Day in Microsoft Support Diagnostic Tool Exploited in the Wild https://www.tenable.com/blog/cve-2022-30190-zero-click-zero-day-in-msdt-exploited-in-the-wild
Windows MSDT zero-day now exploited by Chinese APT hackers https://www.bleepingcomputer.com/news/security/windows-msdt-zero-day-now-exploited-by-chinese-apt-hackers/
An actively exploited Microsoft 0-day flaw still doesn't have a patch https://arstechnica.com/information-technology/2022/06/an-actively-exploited-microsoft-0day-flaw-still-doesnt-have-a-patch/
Microsoft shares mitigation for Office Follina/MSDT zero-day exploited in attacks https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-mitigation-for-office-zero-day-exploited-in-attacks/
Windows MSDT zero-day vulnerability gets free unofficial patch https://www.bleepingcomputer.com/news/security/windows-msdt-zero-day-vulnerability-gets-free-unofficial-patch/
Atlassian Releases Patch for Confluence Zero-Day Flaw Exploited in the Wild https://thehackernews.com/2022/06/atlassian-releases-patch-for-confluence.html
Atlassian: Unpatched years-old flaw under attack right now to hijack Confluence https://www.theregister.com/2022/06/03/atlassian_confluence_critical_flaw_attacked/
CVE-2022-26134: Zero-Day Vulnerability in Atlassian Confluence Server and Data Center Exploited in the Wild https://www.tenable.com/blog/cve-2022-26134-zero-day-vulnerability-in-atlassian-confluence-server-and-data-center-exploited
Hacker free-for-all hammers servers not patched against Atlassian 0-day https://arstechnica.com/information-technology/2022/06/hacker-free-for-all-hammers-servers-not-patched-against-atlassian-0-day/
New Unpatched Horde Webmail Bug Lets Hackers Take Over Server by Sending Email https://thehackernews.com/2022/06/new-unpatched-horde-webmail-bug-lets.html
Vendor Refuses to Remove Backdoor Account That Can Facilitate Attacks on Industrial Firms https://www.securityweek.com/vendor-refuses-remove-backdoor-account-can-facilitate-attacks-industrial-firms
Patching:
You Need to Update iOS, Chrome, Windows, and Zoom ASAP https://www.wired.com/story/ios-chrome-android-windows-update-may-2022
GitLab Issues Security Patch for Critical Account Takeover Vulnerability https://thehackernews.com/2022/06/gitlab-issues-security-patch-for.html
Other Vulnerabilities:
Australian digital driving licenses can be defaced in minutes https://www.theregister.com/2022/05/30/nsw_digital_drivers_licenses_hackable/
Weekly Update 298, Ausie Drivers licenses and we all got pwned at MGM https://www.troyhunt.com/weekly-update-298/
Bulletproof TLS#89 WordPress certificate transparency compromises, TLS security in IoT, EU vs end-to-end encryption, CAB code signing rules https://www.feistyduck.com/bulletproof-tls-newsletter/issue_89_certificate_transparency_data_is_used_to_compromise_wordpress_before_installation
Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones https://thehackernews.com/2022/06/critical-unisoc-chip-vulnerability.html
Scanning Finds Over 3.6 Million Internet-Accessible MySQL Servers https://www.securityweek.com/scanning-finds-over-36-million-internet-accessible-mysql-servers
Cyber Agency: Voting Software Vulnerable in Some States https://www.securityweek.com/cyber-agency-voting-software-vulnerable-some-states
Security and Human Behavior (SHB) 2022 https://www.schneier.com/blog/archives/2022/05/security-and-human-behavior-shb-2022.html
A new framework for web scraping data to ensure its validity for use in marketing studies https://scienmag.com/a-new-framework-for-web-scraping-data-to-ensure-its-validity-for-use-in-marketing-studies/
Research on new vulnerabilities:
What Counts as “Good Faith Security Research?” https://krebsonsecurity.com/2022/06/what-counts-as-good-faith-security-research/
Remotely Controlling Touchscreens https://www.schneier.com/blog/archives/2022/06/remotely-controlling-touchscreens.html
Sandbox Evasion... With Just a Filename!, (Fri, Jun 3rd) https://isc.sans.edu/diary/rss/28708
Cryptography and Cryptographic Research:
Quantum Analysis of AES https://eprint.iacr.org/2022/683
Yet Another Algebraic Cryptanalysis of Small Scale Variants of AES https://eprint.iacr.org/2022/695
On the Quantum Security of OCB https://eprint.iacr.org/2022/699
Canadian company Xanadu achieves 'big leap forward' in quantum computer race https://www.theglobeandmail.com/business/article-canadian-company-xanadu-achieves-big-leap-forward-in-quantum-computer/
News covering active trends, alerts, events.
Trends, Alerts, and Events (other than major breaches):
Apple blocked 1.6 millions apps from defrauding users in 2021 https://www.bleepingcomputer.com/news/security/apple-blocked-16-millions-apps-from-defrauding-users-in-2021/
Wray: FBI Blocked Planned Cyberattack on Children's Hospital https://www.securityweek.com/wray-fbi-blocked-planned-cyberattack-childrens-hospital
YODA Tool Found ~47,000 Malicious WordPress Plugins Installed in Over 24,000 Sites https://thehackernews.com/2022/06/yoda-tool-found-47000-malicious.html
SideWinder Hackers Launched Over a 1,000 Cyber Attacks Over the Past 2 Years https://thehackernews.com/2022/05/sidewinder-hackers-launched-over-1000.html
SideWinder hackers plant fake Android VPN app in Google Play Store https://www.bleepingcomputer.com/news/security/sidewinder-hackers-plant-fake-android-vpn-app-in-google-play-store/
SMSFactory Android malware sneakily subscribes to premium services https://www.bleepingcomputer.com/news/security/smsfactory-android-malware-sneakily-subscribes-to-premium-services/
Telegram's blogging platform abused in phishing attacks https://www.bleepingcomputer.com/news/security/telegram-s-blogging-platform-abused-in-phishing-attacks/
WatchDog hacking group launches new Docker cryptojacking campaign https://www.bleepingcomputer.com/news/security/watchdog-hacking-group-launches-new-docker-cryptojacking-campaign/
Ransomware attacks need less than four days to encrypt systems https://www.bleepingcomputer.com/news/security/ransomware-attacks-need-less-than-four-days-to-encrypt-systems/
Ransomware gang now hacks corporate websites to show ransom notes https://www.bleepingcomputer.com/news/security/ransomware-gang-now-hacks-corporate-websites-to-show-ransom-notes/
Hackers steal WhatsApp accounts using call forwarding trick https://www.bleepingcomputer.com/news/security/hackers-steal-whatsapp-accounts-using-call-forwarding-trick/
Microsoft disrupts Bohrium hackers' spear-phishing operation https://www.bleepingcomputer.com/news/security/microsoft-disrupts-bohrium-hackers-spear-phishing-operation/
New XLoader Botnet Version Using Probability Theory to Hide its C&C Servers https://thehackernews.com/2022/06/new-xloader-botnet-version-using.html
Costa Rica May Be Pawn in Conti Ransomware Group's Bid to Rebrand, Evade Sanctions https://krebsonsecurity.com/2022/05/costa-rica-may-be-pawn-in-conti-ransomware-groups-bid-to-rebrand-evade-sanctions/
Conti spotted working on exploits for Intel Management Engine flaws https://www.theregister.com/2022/06/02/conti_rasomware_intel_firmware/
Cybercriminals Expand Attack Radius and Ransomware Pain Points https://threatpost.com/criminals-expand-attack-radius/179832/
Exposing POLONIUM activity and infrastructure targeting Israeli organizations https://www.microsoft.com/security/blog/2022/06/02/exposing-polonium-activity-and-infrastructure-targeting-israeli-organizations/
FBI warns of Ukrainian charities impersonated to steal donations https://www.bleepingcomputer.com/news/security/fbi-warns-of-ukrainian-charities-impersonated-to-steal-donations/
Crypto scams conned thousands of people out of over $1 billion since 2021, the most of any type of currency, according to new FTC report https://www.businessinsider.com/crypto-scams-conned-thousands-collective-1-billion-ftc-2022-6
Crime & Arrests, etc.:
'Clipminer' Malware Actors Steal $1.7 Million Using Clipboard Hijacking https://www.darkreading.com/application-security/clipminer-malware-actors-steal-17-million-clipboard-hijacking
3 men wanted after ATM stolen from Toronto business https://globalnews.ca/news/8886284/atm-stolen-jane-street-lambton-avenue/
Europol Announces Takedown of FluBot Mobile Spyware https://www.securityweek.com/europol-announces-takedown-flubot-mobile-spyware
FBI seizes domains used to sell stolen data, DDoS services https://www.bleepingcomputer.com/news/security/fbi-seizes-domains-used-to-sell-stolen-data-ddos-services/
Interpol Nabs 3 Nigerian Scammers Behind Malware-based Attacks https://thehackernews.com/2022/05/interpol-nabs-3-nigerian-scammers.html
Nation State Actors:
Dutch Used Pegasus Spyware on Most-Wanted Criminal: Report https://www.securityweek.com/dutch-used-pegasus-spyware-most-wanted-criminal-report
Other:
Legit or Not? The Underground Company That Hacks iPhones For Ordinary Consumers https://packetstormsecurity.com/news/view/33508/The-Underground-Company-That-Hacks-iPhones-For-Ordinary-Consumers.html
What if ransomware evolved to hit IoT in the enterprise? https://www.theregister.com/2022/06/01/ransomware_iot_devices/
Articles covering other types of risks.
General:
In bias we trust? https://scienmag.com/in-bias-we-trust/
Good Luck Not Accidentally Hiring a North Korean Scammer https://www.wired.com/story/north-korean-it-scammer-alert
Transitioning to a Risk-based Approach to Cybersecurity https://blog.qualys.com/qualys-insights/2022/05/31/transitioning-to-a-risk-based-approach-to-cybersecurity
The Murena One shows exactly how hard it is to de-Google your smartphone https://www.theverge.com/2022/5/31/23144917/murena-one-smartphone-degoogle-android
Indian authorities issue conflicting advice about biometric ID card security https://www.theregister.com/2022/05/30/indian_authorities_conflicting_aadhaar_advice/
Podcast Episode: Wordle and the Web We Need https://www.eff.org/deeplinks/2022/05/podcast-episode-wordle-and-web-we-need
Schneier talk from 2020 The Story of the Internet and How it Broke Bad: A Call for Public-Interest Technologists https://www.schneier.com/blog/archives/2022/06/me-on-public-interest-tech.html
A Chinese space center found a mysterious jamming device outside its base just weeks before a crewed rocket launch https://www.businessinsider.com/chinese-space-center-jammer-base-weeks-before-launch-2022-5
Health:
Scientists May Have Found a Way to Inject Oxygen Into The Bloodstream Intravenously https://www.sciencealert.com/experimental-device-could-intravenously-deliver-oxygen-to-the-bloodstream
Woman receives 3D-printed ear made from her own cells https://www.theverge.com/2022/6/2/23151690/3d-printed-ear-transplant
US, Canadian regulators tie hepatitis cases to strawberries https://www.cp24.com/mobile/news/us-canadian-regulators-tie-hepatitis-cases-to-strawberries-1.5925124
Neural 'Poisonous Flowers' Could Be The Source of Alzheimer's Plaque, Says Study https://www.sciencealert.com/here-s-where-alzheimer-s-plaques-might-really-come-from
Proteins Involved in Alzheimer's Can 'Overcook' Cells Through Heat, Study Finds https://www.sciencealert.com/study-shows-how-alzheimer-s-causes-cells-to-overheat-and-fry-like-eggs
Monkeypox warnings 'went ignored,' and now world must brace for more outbreaks: scientists https://www.cbc.ca/news/health/monkeypox-warnings-ignored-outbreaks-1.6472148
Compared to COVID-19 PCR testing, dogs can detect infections with high sensitivity (97%), though lower specificity (91%) – even when patients are asymptomatic https://scienmag.com/compared-to-covid-19-pcr-testing-dogs-can-detect-infections-with-high-sensitivity-97-though-lower-specificity-91-even-when-patients-are-asymptomatic/
Mouth-to-mouth resuscitation during COVID-19 – study shows using a face mask works https://scienmag.com/mouth-to-mouth-resuscitation-during-covid-19-study-shows-using-a-face-mask-works/
Why Omicron Is About To Make Americans Act Immorally, Inappropriately https://www.forbes.com/sites/robertpearl/2022/05/31/why-omicron-is-about-to-make-americans-act-immorally-inappropriately/
COVID-19 border measures to stay until at least end of June: PHAC https://globalnews.ca/news/8882250/covid-19-border-measures-canada-phac/
Safety:
'Heart-stopping' video captures GO train nearly hitting 3 young people in Toronto https://www.cbc.ca/news/canada/toronto/go-train-nearly-hitting-three-young-people-milton-1.6470572
Over 750 Tesla owners in the U.S. have complained about cars braking for no reason https://globalnews.ca/news/8891636/over-750-tesla-car-complaints-in-u-s/
Canada's tornado warnings falling well short of targets, analysis finds https://www.cbc.ca/news/canada/saskatchewan/tornado-warning-accuracy-targets-1.6473664
The 'Wall of Wind' Can Blow Away Buildings at Category 5 Hurricane Strength https://www.scientificamerican.com/article/the-lsquo-wall-of-wind-rsquo-can-blow-away-buildings-at-category-5-hurricane-strength/
‘Large bang' heard in London's Trafalgar Square as police detonate suspicious vehicle https://globalnews.ca/news/8893924/london-trafalgar-square-explosion/
Handgun sales exploding across B.C.'s Lower Mainland, gun store owner says https://globalnews.ca/news/8886298/handgun-sales-bc-gun-store-owner/
N.S. mass shooting probe hears of higher police education standards in other systems https://globalnews.ca/news/8886439/ns-shooting-inquiry-police-education/
Oklahoma hospital shooting: Four killed and multiple injured https://www.bbc.co.uk/news/world-us-canada-61669873
US shootings: Firm unveils plans for Taser-armed drones https://www.bbc.co.uk/news/world-us-canada-61685117
Environment:
Plastic Recycling Doesn’t Work and Will Never Work https://www.theatlantic.com/ideas/archive/2022/05/single-use-plastic-chemical-recycling-disposal/661141/
CO2 Levels Are Now Comparable to What They Were 4 Million Years Ago, Says NOAA https://www.sciencealert.com/co2-levels-are-now-comparable-to-what-they-were-4-million-years-ago-says-noaa
Economy:
Canada leaning toward new era of 1970s-style stagflation, economists say https://globalnews.ca/news/8886286/canada-1970s-stagflation-unemployment/
Remote, hybrid work dividing Canadian employees as many required on-site https://globalnews.ca/news/8897956/remote-hybrid-work-divisions-canada/
News and announcements relating to Russia's invasion of Ukraine.
The war:
Russian missiles hit Kyiv as Putin warns West on weapons aid to Ukraine https://globalnews.ca/news/8895061/russian-strikes-kyiv-ukraine-war/
Ukraine war: Zelensky says Russia controls a fifth of Ukrainian territory https://www.bbc.co.uk/news/world-europe-61675915
Hundreds of Russian soldiers have deserted or refused to fight in Ukraine, compounding major losses in the war, report says https://www.businessinsider.com/hundreds-of-russian-soldiers-fled-refused-to-fight-ukraine-report-2022-6
Biden says the US will give Ukraine more advanced rocket systems but won't enable the country to 'strike beyond its borders' https://www.businessinsider.com/biden-us-give-ukraine-more-advanced-rocket-systems-2022-6
Reaction and response:
Ukrainian refugees arrive in Gimli https://globalnews.ca/news/8894679/ukrainian-refugees-arrive-in-gimli/
US task force KleptoCapture targets a man providing superyachts to Russian oligarchs, report says https://www.businessinsider.com/kleptocapture-man-who-provides-superyachts-to-oligarchs-russia-2022-6
Sanctions & economic Impact:
Russia's last-minute bond payment to avoid default still wasn't enough, triggering a failure-to-pay event, credit panel rules https://markets.businessinsider.com/news/bonds/russia-default-moscow-failure-to-pay-event-credit-panel-rules-2022-6
Germany is on the brink of recession due to energy security, and other parts of Europe could be close behind https://www.businessinsider.com/european-countries-facing-economic-turmoil-recessions-russia-cuts-gas-supply-2022-6
Russia is cutting off Denmark's supplies of natural gas as its invasion of Ukraine causes huge changes in global energy flows https://www.businessinsider.com/russia-denmark-natural-gas-supplies-gazprom-ukraine-war-putin-rubles-2022-6
Russia says it's cutting off its natural-gas supply to the Netherlands as the Dutch refuse to pay in rubles. Denmark could be next. https://www.businessinsider.com/russia-gazprom-cuts-natural-gas-supply-netherlands-denmark-ruble-payment-2022-5
Russia's Gazprom says it's cutting off some natural gas to Germany after Shell refused to pay for it in rubles https://www.businessinsider.com/russia-cut-natural-gas-to-germany-shell-refused-ruble-payment-2022-6
Russia could be suspended from OPEC's oil-output agreement. 4 experts lay out what that could mean for the price of oil and the wider energy market. https://markets.businessinsider.com/news/commodities/russia-opec-exclusion-production-quota-agreement-oil-price-supply-experts-2022-6
Cyber-attacks and the potential for cyber-war:
The Limits of Cyber Operations in Wartime https://www.schneier.com/blog/archives/2022/05/the-limits-of-cyber-operations-in-wartime.html
A variety of scientific, technical, historical, and more light-hearted news.
Innovations & Inventions:
1.1 quintillion operations per second: US has world's fastest supercomputer https://arstechnica.com/information-technology/2022/05/1-1-quintillion-operations-per-second-us-has-worlds-fastest-supercomputer/
Other:
Historic Second World War Mosquito, a plywood fighter-bomber, is landing in Kelowna for D-Day anniversary https://globalnews.ca/news/8888273/ww2-historic-plane-kelowna-d-day/
AI versus corporate logos https://www.aiweirdness.com/ai-versus-your-corporate-logo/
Creepy Optical Illusion Makes It Look Like a Black Hole Is Coming to Get You https://www.sciencealert.com/new-optical-illusion-makes-you-feel-like-you-re-falling-into-a-black-hole
The Weather Myth: Lost Women of Science Podcast, Season 2, Bonus Episode https://www.scientificamerican.com/article/the-weather-myth-lost-women-of-science-podcast-season-2-bonus-episode/
Tired Adults May Learn Language like Children Do https://www.scientificamerican.com/article/tired-adults-may-learn-language-like-children-do/
Chinese astronauts arrive at Tiangong space station to prepare for its completion https://www.theverge.com/2022/6/5/23155224/chinese-astronauts-arrive-tiangong-space-station-oversee-completion-tianhe
'Unsustainable': How Satellite Swarms Pose a Rising Threat to Astronomy https://www.scientificamerican.com/article/lsquo-unsustainable-rsquo-how-satellite-swarms-pose-a-rising-threat-to-astronomy/
Killer Asteroids Are Hiding in Plain Sight. A New Tool Helps Spot Them. https://www.nytimes.com/2022/05/31/science/asteroids-algorithm-planetary-defense.html
A Pulsar has Been Found Turning so Slowly Astronomers Didn't Even Think it was Possible: Once Every 76 Seconds https://www.universetoday.com/156096/a-pulsar-has-been-found-turning-so-slowly-astronomers-didnt-even-think-it-was-possible-once-every-76-seconds/
The secret of the bulge: A gorgeous partially digested galaxy in the Milky Way's core https://www.syfy.com/syfy-wire/bad-astronomy-liller-1-looks-like-a-globular-cluster-but-may-once-have-been-a-galaxy
Are supermassive black holes killing their host galaxies? https://www.syfy.com/syfy-wire/bad-astronomy-astronomers-link-supermassive-black-holes-reduced-star-birth
Ben Rediboim: May 24, 2023 10:00:00 AM
On May 3rd Google introduced several new top-level domains (TLDs), including the .zip TLD which has generated warnings from the cybersecurity...
Zach Matthews: May 12, 2023 2:30:00 PM
This week saw the publication of 294 new CVE IDs. Of those, 99 have not yet been assigned official CVSS scores, however, of the ones that were,...
Zach Matthews: May 2, 2023 12:30:35 PM
This week saw the publication of 501 new CVE IDs. Of those, 430 have not yet been assigned official CVSS scores, however, of the ones that were,...
CG Blogger