15 min read

This Week's [in]Security - Issue 275

CG Blogger : Jul 10, 2022 12:00:00 AM

[in]security

Welcome to This Week’s [in]Security. PCI and payments: Payments: Liability shift. New in breaches: China 1B PII, Airports, Marriott, 2022 so far. New in Ransomware: AstraLocker, Hive, Hospitals, Major outages: Canada Rogers Internet & phones. Follow-ups & Fall-out. Privacy: Police spyware & surveillance, ICE. Laws & Regs - Canada: ArriveCan, CBSA, employee misconduct. US: TikTok, Facebook, archive.org. World: abuse images, data transfers, cyber-insurance. Standards: Post-quantum cryptography (PQC), PSD3 APIs. Defense - Training & events: Linkedin. Tools & Techniques, Securing Usernames, Apple Lockdown mode, Vulnerabilities - Advisories: IP Theft, Zerodays, Fixes and ZD, Chrome. Patching: OpenSSL, Cisco & Fortinet, NTLM Relay. Other: Warshipping, IDEs, macro non-blocking, Routers, Drones. Crypto-research. Cybercrime - Trends: NPM libraries, Follina. Web3, Twitter spam. Crime & Enforcement: WireCard, $620M crypto heist. Nation States and mercenaries. Other Risks - General: 5g, EVs, COBOL, Acronyms, AI Bias, Disinformation, Health, Safety, Environment, Economy. Russia v. Ukraine. Innovation and more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

Other payment related:

Liability Shift Claims Solicited And Other Digital Transactions News briefs from 7/5/2022 https://www.digitaltransactions.net/liability-shift-claims-solicited-and-other-digital-transactions-news-briefs-from-7-5-2022/

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

New Breaches:

How data on a billion people may have leaked from a Chinese police dashboard https://www.theregister.com/2022/07/10/stolen_shanghai_police_data/
Cloud Misconfig Exposes 3TB of Sensitive Airport Data in Amazon S3 Bucket: 'Lives at Stake' https://www.darkreading.com/application-security/cloud-misconfig-exposes-3tb-sensitive-airport-data-amazon-s3-bucket
Mangatoon data breach exposes data from 23 million accounts https://www.bleepingcomputer.com/news/security/mangatoon-data-breach-exposes-data-from-23-million-accounts/
The Marriott hotel chain has been hit by another data breach https://www.theverge.com/2022/7/6/23196805/marriott-hotels-maryland-data-breach-credit-cards
Jp: Information of 111,191 patients and 715 employees at Kokikai Yasue Hospital leaked https://www.databreaches.net/jp-information-of-111191-patients-and-715-employees-at-kokikai-yasue-hospital-leaked/
UK: Thousands of students have data leaked on dark web by Vice Society https://www.databreaches.net/uk-thousands-of-students-have-data-leaked-on-dark-web-by-vice-society/
VCU Health identifies and addresses a 16-year privacy breach https://www.databreaches.net/vcu-health-identifies-and-addresses-a-16-year-privacy-breach/
The Worst Hacks and Breaches of 2022 So Far https://www.wired.com/story/worst-hacks-breaches-2022/

New Ransomware and "Incidents":

AstraLocker ransomware shuts down and releases decryptors https://www.bleepingcomputer.com/news/security/astralocker-ransomware-shuts-down-and-releases-decryptors/
Hive ransomware gang rapidly evolves with complex encryption, Rust code https://www.theregister.com/2022/07/06/hive-ransomware-rust-microsoft/
North Korea is targeting hospitals with ransomware, U.S. agencies warn https://www.databreaches.net/north-korea-is-targeting-hospitals-with-ransomware-u-s-agencies-warn/
Quantum ransomware attack affects 657 healthcare orgs https://www.bleepingcomputer.com/news/security/quantum-ransomware-attack-affects-657-healthcare-orgs/
A community health provider in Vermont and an addiction rehab organization in Pennsylvania fall prey to BlackByte https://www.databreaches.net/a-community-health-provider-in-vermont-and-an-addiction-rehab-organization-in-pennsylvania-fall-prey-to-blackbyte/
Ca: College of the Desert victimized once again by ransomware; most online services currently down https://www.databreaches.net/ca-college-of-the-desert-victimized-once-again-by-ransomware-most-online-services-currently-down/
IT services giant SHI hit by "professional malware attack" https://www.bleepingcomputer.com/news/security/it-services-giant-shi-hit-by-professional-malware-attack/
SiegedSec continues #OpJane efforts https://www.databreaches.net/siegedsec-continues-opjane-efforts/

Major outages/downs:
Rogers Communications suffered a major outage Friday morning, across Canada mobile phones, internet, home phones, and TV were down. The outage affected emergency services, 911, police, hospitals, courts, border services, debit and credit transactions, retailers, and more:

911 services, Interac, eTransfer and more affected in B.C. due to Rogers outage https://globalnews.ca/news/8976311/rogers-outage-friday-bc-service-911-issues/
A list of services in the Toronto area impacted by the mass Rogers outage https://globalnews.ca/news/8976009/rogers-outage-toronto-area-services-affected/
Massive Rogers outage continues, snarling numerous services across Canada https://www.cbc.ca/news/business/rogers-outage-cell-mobile-wifi-1.6514373
Massive Rogers outage disrupts mobile service, payments in Canada https://www.bleepingcomputer.com/news/technology/massive-rogers-outage-disrupts-mobile-service-payments-in-canada/
Rogers users report mass outage impacting phones, internet, Interac https://globalnews.ca/news/8975789/rogers-outage-today-phone-internet-interac/
People flock to cafés scouring for internet during massive Rogers outage https://toronto.ctvnews.ca/people-flock-to-caf%C3%A9s-scouring-for-internet-during-massive-rogers-outage-1.5979904
Rogers says service is back for most customers after outage https://toronto.ctvnews.ca/rogers-says-service-is-back-for-most-customers-after-outage-1.5980914
Cloudflare’s view of the Rogers Communications outage in Canada https://blog.cloudflare.com/cloudflares-view-of-the-rogers-communications-outage-in-canada/
Canada's internet outage caused by 'maintenance' https://www.bbc.co.uk/news/world-us-canada-62110358
Peel police warn public of scam centered on Rogers outage compensation https://globalnews.ca/news/8979434/rogers-outage-compensation-sms-scam-peel-region/
Rogers CEO apologizes, says ‘maintenance upgrade' behind major outage https://globalnews.ca/news/8978590/rogers-communications-network-outage-explanation-ceo/
Rogers warns customers about scam text messages offering 'credits' following nationwide outage https://www.cp24.com/mobile/news/rogers-warns-customers-about-scam-text-messages-offering-credits-following-nationwide-outage-1.5981773
Rogers outage shows need for Plan B when wireless, internet services fail, analysts say https://www.cbc.ca/news/business/rogers-outage-no-plan-b-1.6515664

Follow-ups and fall-out:

Hungarian authority fines data controller EUR 7,500 data breach and rules free online services not suitable for high-risk processing https://www.databreaches.net/hungarian-authority-fines-data-controller-eur-7500-data-breach-and-rules-free-online-services-not-suitable-for-high-risk-processing/
Capital Economics - 263,829 breached accounts https://haveibeenpwned.com/PwnedWebsites#CapialEconomics
Claire's data breach $350K class action settlement https://www.databreaches.net/claires-data-breach-350k-class-action-settlement/

Privacy

Articles about privacy related news, risks, and trends.

The Guardian: ‘Asleep at the wheel’: Canada police’s spyware admission raises alarm. https://www.theguardian.com/world/2022/jul/07/canada-police-spyware-admission-surveillance-experts
San Francisco Coalition Fights SFPD's Proposal to Co-Opt Private Surveillance Cameras https://www.eff.org/deeplinks/2022/07/san-francisco-coalition-fights-sfpds-proposal-co-opt-private-surveillance-cameras
Ubiquitous Surveillance by ICE https://www.schneier.com/blog/archives/2022/07/ubiquitous-surveillance-by-ice.html

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

Canada:

Canada will keep ArriveCan for its data on COVID-19-positive travellers: sources https://www.ctvnews.ca/politics/feds-intend-to-keep-arrivecan-for-its-data-on-covid-19-positive-travellers-sources-1.5977612
The Law Bytes Podcast, Episode 133: Michael Nesbitt on How the Senate Pushed Back Against a Government Bill on Searching Digital Devices at the Border https://www.michaelgeist.ca/2022/07/law-bytes-podcast-episode-133/
The Freedom of Expression Wake Up Call: Why the CRTC's Radio-Canada Ruling Eviscerates the Defence of Bill C-11 https://www.michaelgeist.ca/2022/07/the-freedom-of-expression-wake-up-call-why-the-crtcs-radio-canada-ruling-eviscerates-the-defence-of-bill-c-11/
Ca: How the Ontario ourt bolstered an insurer's exclusion for privacy breach in a case of employee misconduct https://www.databreaches.net/ca-how-the-court-bolstered-an-insurers-exclusion-for-privacy-breach/

Lawmakers Ask F.T.C. Chair to Investigate TikTok's Data Practices https://www.nytimes.com/2022/07/05/business/lawmakers-tiktok-national-security.html
Families sue TikTok after girls died while trying ‘blackout challenge' https://www.theguardian.com/technology/2022/jul/05/tiktok-girls-dead-blackout-challenge
An Air Force vet who worked at Facebook is suing the company saying it accessed deleted user data and shared it with law enforcement https://www.businessinsider.com/ex-facebook-staffer-airforce-vet-accessed-deleted-user-data-lawsuit-2022-7
Internet Archive Seeks Summary Judgment in Federal Lawsuit Filed By Publishing Companies https://www.eff.org/press/releases/internet-archive-seeks-summary-judgment-federal-lawsuit-filed-publishing-companies

World:

UK could force messaging apps to adopt new technology to tackle abuse images https://www.theguardian.com/technology/2022/jul/06/uk-could-force-messaging-apps-to-scan-for-child-sexual-abuse-images
EFF Statement on EU Parliament's Adoption of Digital Services Act and Digital Markets Act https://www.eff.org/press/releases/eff-statement-eu-parliaments-formal-approval-digital-services-act-and-digital-markets
Irish Privacy Regulator Closer to Blocking Meta Data Transfers https://www.pymnts.com/meta/2022/irish-privacy-regulator-closer-to-blocking-meta-data-transfers/
Graff paid £6m ransom fee to Conti, now sues Travelers for refusing to reimburse https://www.databreaches.net/graff-paid-6m-ransom-fee-to-conti-now-sues-travelers-for-refusing-to-reimburse/
Decision on sale of UK's biggest chip maker to Chinese-owned firm delayed https://www.theguardian.com/business/2022/jul/06/decision-on-sale-of-uk-biggest-chip-maker-newport-wafer-fab-chinese-owned-firm-delayed-security-legislation

Standards News:

NIST Announces First Four Quantum-Resistant Cryptographic Algorithms: CRYSTALS-Kyber, FALCON, SPHINCS+, public-key algorithms yet to be decided https://www.schneier.com/blog/archives/2022/07/nist-announces-first-four-quantum-resistant-cryptographic-algorithms.html
NIST Selects Four Post-Quantum Cryptographic Algorithms for Standardization After the Third Round of the PQC Process https://csrc.nist.gov/News/2022/pqc-candidates-to-be-standardized-and-round-4
NIST's pleasant post-quantum surprise https://blog.cloudflare.com/nist-post-quantum-surprise/
Actual quantum computers don't exist yet. The cryptography to defeat them may already be here https://www.theregister.com/2022/07/05/nist_quantum_resistant_algorithms/
PSD3 Set to Mandate API Standardization https://www.pymnts.com/api/2022/psd3-set-to-mandate-api-standardization/

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Educational events, webinars, courses, etc:

Optimizing Your LinkedIn Profile for Your Cybersecurity Career July 20, 2022 | 2:00-3:00 PM ET https://content.govdelivery.com/accounts/USNIST/bulletins/31f428a

General:
Methods, Techniques, Tools, and Products:

End-to-end encryption's central role in modern self-defense https://arstechnica.com/information-technology/2022/07/end-to-end-encryptions-central-role-in-modern-self-defense/
How to protect against username enumeration on log in, registration, and password reset forms https://www.controlgap.com/blog/how-to-protect-against-username-enumeration-from-forms
Germany unveils plan to tackle cyberattacks on satellites https://www.theregister.com/2022/07/05/bsi_satellite_baseline/
Apple’s Lockdown Mode https://www.schneier.com/blog/archives/2022/07/apples-lockdown-mode.html
Microsoft Azure now has confidential VMs with ephemeral storage https://www.bleepingcomputer.com/news/microsoft/microsoft-azure-now-has-confidential-vms-with-ephemeral-storage/
Alibaba affiliate Ant Group open sources its privacy software and a 'Secure Processing Unit' https://www.theregister.com/2022/07/05/ant_group_open_source/
Researchers Share Techniques to Uncover Anonymized Ransomware Sites on Dark Web https://thehackernews.com/2022/07/researchers-share-techniques-to-uncover.html
The End of False Positives for Web and API Security Scanning? https://thehackernews.com/2022/07/the-end-of-false-positives-for-web-and.html
SANS Institute spells out security in multiple languages https://www.theregister.com/2022/07/07/sans_institute_spells_out_security/
Welcoming the Polish Government to Have I Been Pwned https://www.troyhunt.com/welcoming-the-polish-government-to-have-i-been-pwned/

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Advisories:

FBI and MI5: ‘The Chinese government is set on stealing your technology' https://www.theverge.com/2022/7/7/23198045/fbi-mi5-chinese-government-spying-warning

Zero-day and other recent vulnerability news:

Google: Half Of Zero-Day Exploits Linked To Poor Software Fixes https://packetstormsecurity.com/news/view/33605/Google-Half-Of-Zero-Day-Exploits-Linked-To-Poor-Software-Fixes.html
Google updates Chrome to squash actively exploited WebRTC Zero Day https://www.theregister.com/2022/07/05/chrome_webrtc_zero_day/
Update Google Chrome Browser to Patch New Zero-Day Exploit Detected in the Wild https://thehackernews.com/2022/07/update-google-chrome-browser-to-patch.html

Patching:

OpenSSL Patches Remote Code Execution Vulnerability https://www.securityweek.com/openssl-patches-remote-code-execution-vulnerability
Cisco and Fortinet Release Security Patches for Multiple Products https://thehackernews.com/2022/07/cisco-and-fortinet-release-security.html
Microsoft quietly fixes ShadowCoerce Windows NTLM Relay bug https://www.bleepingcomputer.com/news/microsoft/microsoft-quietly-fixes-shadowcoerce-windows-ntlm-relay-bug/
Django fixes SQL Injection vulnerability in new releases https://www.bleepingcomputer.com/news/security/django-fixes-sql-injection-vulnerability-in-new-releases/
Microsoft fixes bug crashing Office apps when opening cloud documents https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-crashing-office-apps-when-opening-cloud-documents/

Other Vulnerabilities:

I Built a Cheap 'Warshipping' Device in Just 3 Hours — and So Can You https://www.darkreading.com/edge-articles/i-built-a-cheap-warshipping-device-in-just-three-hours-and-so-can-you
Online programming IDEs can be used to launch remote cyberattacks https://www.bleepingcomputer.com/news/security/online-programming-ides-can-be-used-to-launch-remote-cyberattacks/
Microsoft rolls back default macro blocks in Office without telling anyone https://www.theregister.com/2022/07/08/office_macro_block_rollback/
10 Vulnerabilities Found in Widely Used Robustel Industrial Routers https://www.securityweek.com/10-vulnerabilities-found-widely-used-robustel-industrial-routers
Hack Allows Drone Takeover Via ExpressLRS Protocol https://packetstormsecurity.com/news/view/33615/Hack-Allows-Drone-Takeover-Via-ExpressLRS-Protocol.html
Security advisory accidentally exposes vulnerable systems https://www.bleepingcomputer.com/news/security/security-advisory-accidentally-exposes-vulnerable-systems/
Pentester says he broke into datacenter via hidden route running behind toilets https://www.databreaches.net/pentester-says-he-broke-into-datacenter-via-hidden-route-running-behind-toilets/
Buggy 'Log in With Google' API Implementation Opens Crypto Wallets to Account Takeover https://www.darkreading.com/application-security/cryptocurrency-api-vulnerability-opens-wallets-to-account-takeovers

Cryptography and Cryptographic Research:

Security Analysis of RSA-BSSA https://eprint.iacr.org/2022/895
Post-Quantum Insecurity from LWE https://eprint.iacr.org/2022/869
Towards Leakage-Resistant Post-Quantum CCA-Secure Public Key Encryption https://eprint.iacr.org/2022/873
Deep Learning based Cryptanalysis of Lightweight Block Ciphers, Revisited https://eprint.iacr.org/2022/886

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

Trends, Alerts, and Events (other than major breaches):

Typo-squatting NPM software supply chain attack uncovered https://www.theregister.com/2022/07/06/npm_supply_chain_attack/
Over 1,200 NPM Packages Found Involved in "CuteBoi" Cryptomining Campaign https://thehackernews.com/2022/07/over-1200-npm-packages-found-involved.html
Hackers Exploiting Follina Bug to Deploy Rozena Backdoor https://thehackernews.com/2022/07/hackers-exploiting-follina-bug-to.html
U.S. Healthcare Orgs Targeted with Maui Ransomware https://threatpost.com/healthcare-maui-ransomware/180154/
Web3 projects have lost more than $2 billion to hacks this year https://www.theverge.com/2022/7/7/23199148/web3-lost-2-billion-hacks-flash-loan-certik-cryptocurrency
Hackers Abusing BRc4 Red Team Penetration Tool in Attacks to Evade Detection https://thehackernews.com/2022/07/hackers-abusing-brc4-red-team.html
New 'HavanaCrypt' Ransomware Distributed as Fake Google Software Update https://www.securityweek.com/new-havanacrypt-ransomware-distributed-fake-google-software-update
Ransomware gangs, APT groups ditch Cobalt Strike for Brute Ratel https://www.bleepingcomputer.com/news/security/ransomware-gangs-apt-groups-ditch-cobalt-strike-for-brute-ratel/
Researchers Detail Techniques LockBit Ransomware Using to Infect its Targets https://thehackernews.com/2022/07/researchers-detail-techniques-lockbit.html
Researchers Warn of New OrBit Linux Malware That Hijacks Execution Flow https://thehackernews.com/2022/07/researchers-warn-of-new-orbit-linux.html
Twitter Says it Removes 1 Million Spam Accounts a Day https://www.securityweek.com/twitter-says-it-removes-1-million-spam-accounts-day
An ISP Scam Targeted Low-Income People Seeking Government Aid https://www.wired.com/story/fake-isp-scam-targeted-low-income-victims/
British Army to Investigate Crypto Scam Hack on its Twitter, Social Media—Possessed NFT Appears https://www.databreaches.net/british-army-to-investigate-crypto-scam-hack-on-its-twitter-social-media-possessed-nft-appears/

Crime & Arrests, etc.:

Report Alleges Wirecard Forged Client Data to Obtain €900M SoftBank Investment https://www.pymnts.com/news/security-and-risk/2022/report-alleges-wirecard-forged-client-data-to-obtain-e900m-softbank-investment/
Hackers pulled off a $620 million crypto heist by tricking an engineer into applying for a fake job and opening an offer letter containing spyware, report says https://www.businessinsider.com/axie-infinity-crypto-hack-fake-job-offer-letter-spyware-phishing-2022-7
Ukrainian Authorities Arrested Phishing Gang That Stole 100 Million UAH https://thehackernews.com/2022/07/ukrainian-authorities-arrested-phishing.html
Kingston police make arrest in ‘grandparent scam' https://globalnews.ca/news/8975799/kingston-police-arrest-grandparent-scam/

Nation State Actors:

Near-undetectable malware linked to Russia's Cozy Bear https://www.theregister.com/2022/07/06/brc4_state_sponsored_apt29/
Chinese hackers targeting Russian government, telecoms: report https://www.databreaches.net/chinese-hackers-targeting-russian-government-telecoms-report/
Predatory Sparrow: Who are the hackers who say they started a fire in Iran? https://www.bbc.co.uk/news/technology-62072480
Bitter APT Hackers Continue to Target Bangladesh Military Entities https://thehackernews.com/2022/07/bitter-apt-hackers-continue-to-target.html
Other:
Experts Uncover 350 Browser Extension Variants Used in ABCsoup Adware Campaign https://thehackernews.com/2022/07/experts-uncover-350-browser-extension.html

Other Security / Risk

Articles covering other types of risks.

General:

Private 5G Network Security Expectations Part 2 https://www.trendmicro.com/en_us/research/22/g/private-5g-network-security-part-2.html
How to Keep EVs From Taking Down the Electrical Grid https://www.darkreading.com/attacks-breaches/how-to-keep-evs-from-taking-down-the-electrical-grid
Why Developers Hate Changing Language Versions https://thehackernews.com/2022/07/why-developers-hate-changing-language.html
The Latin of Software Code Is Thriving https://www.nytimes.com/2022/07/06/technology/cobol-jobs.html
What Do All of Those Cloud Cybersecurity Acronyms Mean? https://www.darkreading.com/edge-ask-the-experts/what-do-all-those-cloud-cybersecurity-acronyms-mean-

Artifical Intelligence and Machine Learning:

Bias in Artificial Intelligence: Can AI be Trusted? https://www.securityweek.com/bias-artificial-intelligence-can-ai-be-trusted

Disinformation and misinformation

Facts Alone Are No Longer Convincing. Research Suggests You Should Include Personal Experience https://www.sciencealert.com/facts-are-no-longer-convincing-research-suggests-you-should-say-this-instead
Fake news — what makes it so fascinating to the brain? https://scienmag.com/fake-news-what-makes-it-so-fascinating-to-the-brain/
Disinformation Has Become Another Untouchable Problem in Washington https://www.nytimes.com/2022/07/06/business/disinformation-board-dc.html

Health:

The WHO Is About to Decide if Monkeypox Has Become a 'Global Public Health Emergency' https://www.sciencealert.com/the-who-is-about-to-decide-if-monkeypox-has-become-a-global-public-health-emergency
The Omicron BA.5 subvariant is now the dominant COVID-19 strain in the US, and it's driving a wave of summertime infections https://www.businessinsider.com/omicron-ba5-subvariant-becomes-dominant-strain-in-the-us-2022-7
You can now get COVID again within 4 weeks due to the new Omicron BA.5 variant, health expert says https://www.businessinsider.com/covid-variant-omicron-ba5-reinfection-contagious-health-experts-2022-7
17M Canadians got Omicron in 5 months, new federal report says https://globalnews.ca/news/8971767/canada-omicron-covid-19-federal-report/
COVID-19 hospitalizations up sharply in Ontario, positivity rate at highest level since early May https://toronto.ctvnews.ca/covid-19-hospitalizations-up-sharply-in-ontario-positivity-rate-at-highest-level-since-early-may-1.5978858
COVID-19: How protective are 3 vaccine doses at this point? https://www.cbc.ca/news/thenational/covid-19-how-protective-are-3-vaccine-doses-at-this-point-1.6510524
Study shows increase in COVID-19 vaccine acceptance around the world https://scienmag.com/study-shows-increase-in-covid-19-vaccine-acceptance-around-the-world/

Safety:

Two new fatal Tesla crashes are being examined by US investigators https://www.theverge.com/2022/7/7/23198997/tesla-fatal-crashes-california-florida-autopilot-nhtsa
The TikTok ‘blackout challenge' has now allegedly killed seven kids https://www.theverge.com/2022/7/7/23199058/tiktok-lawsuits-blackout-challenge-children-death
Woman lit on fire aboard Toronto transit bus dies of injuries: police https://globalnews.ca/news/8969610/kipling-ttc-bus-woman-fire-dies-injuries/
Woman taken to hospital after another apparent random attack at Toronto transit station https://toronto.ctvnews.ca/woman-taken-to-hospital-after-another-apparent-random-attack-at-toronto-transit-station-1.5978195
Man who helped save driver from burning car on Ontario highway said rescue happened in 'the nick of time' https://toronto.ctvnews.ca/man-who-helped-save-driver-from-burning-car-on-ontario-highway-said-rescue-happened-in-the-nick-of-time-1.5977824
Intense video shows worker dangling from crane at Toronto construction site https://toronto.ctvnews.ca/intense-video-shows-worker-dangling-from-crane-at-toronto-construction-site-1.5976503
Formula One driver survives horrific crash thanks to halo cockpit requirement https://www.theverge.com/2022/7/4/23194215/formula-one-zhou-guanyu-halo-crash-survive
Driver of $460,000 Lamborghini busted going nearly triple speed limit https://toronto.ctvnews.ca/driver-of-460-000-lamborghini-busted-going-nearly-triple-speed-limit-1.5974957
Astronomers Just Detected an Asteroid That's Passing Extremely Close to Earth Today https://www.sciencealert.com/astronomers-just-detected-an-asteroid-that-s-passing-extremely-close-to-earth-today

Environment:

The World Is Turning Back to Coal https://www.theatlantic.com/science/archive/2022/07/us-carbon-emissions-russian-invasion/661493/
Dead solar panels are about to become a lot more valuable https://www.theverge.com/2022/7/8/23200153/solar-panel-value-recycling-renewable-energy
How nuclear war would affect earth today https://scienmag.com/how-nuclear-war-would-affect-earth-today/
Economy:
Bank of Canada will hike interest rate by 0.75% this week, economists predict https://globalnews.ca/news/8979531/bank-of-canada-interest-rate-hike-july-2022/
Average New Car Payment Hits Record $45,844, Driven by Supply Chain Snarls https://www.pymnts.com/economy/2022/average-new-car-payment-hits-record-45844-driven-by-supply-chain-snarls/
Crypto Lender Vauld Suspends Withdrawals as Customers Yanked $200M https://www.pymnts.com/cryptocurrency/2022/crypto-lender-vauld-suspends-withdrawals-as-customers-yanked-200m/
Cryptocurrency broker Voyager Digital files for bankruptcy protection https://www.theguardian.com/technology/2022/jul/06/cryptocurrency-broker-voyager-digital-files-for-bankruptcy-protection

Russia v. Ukraine

News and announcements relating to Russia's invasion of Ukraine.

The war:

Ukraine-Russia war: Civilians flee frontline city as Russians advance https://www.bbc.co.uk/news/world-europe-62061695
Ukraine war: 21,000 alleged war crimes being investigated, prosecutor says https://www.bbc.co.uk/news/world-europe-62073669
Global in Ukraine: Russian commander gave order to ‘shoot the civilians,' captured soldier says https://globalnews.ca/news/8961032/russian-commander-gave-order-shoot-civilians/
Ukraine reports heavy Russian missile strikes in east and south https://www.bbc.co.uk/news/world-europe-62106446
Russian army taking pause in Ukraine to regroup for renewed assault, analysts predict https://globalnews.ca/news/8972817/russia-ukraine-pause-renewed-assault/

Reaction and response:

Aircraft leasing company with 34 jets being held hostage by Putin sinks to $1.6 billion loss https://www.businessinsider.com/company-with-jets-held-hostage-putin-sinks-16-billion-loss-2022-7
Let's Use Chicago Rules to Beat Russia https://www.theatlantic.com/ideas/archive/2022/07/madrid-nato-summit-2022-russia-ukraine/661494/

Sanctions & economic Impact:

Russia orders block on Caspian oil pipeline that could pull 1 million barrels a day from Europe's supply https://markets.businessinsider.com/news/commodities/russia-suspends-caspian-oil-pipeline-eu-supply-risk-energy-2022-7
Entire industries in Germany could collapse due to Russian natural-gas supply cuts: union head https://www.businessinsider.com/germany-faces-entire-industries-collapse-russia-natural-gas-supply-cuts-2022-7
Information, Disinformation, and Propaganda:

Cyber-attacks and the potential for cyber-war:

TrickBot Gang Shifted its Focus on "Systematically" Targeting Ukraine https://thehackernews.com/2022/07/trickbot-malware-shifted-its-focus-on.html

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

Innovations & Inventions:

Animals Have Been Cloned From Freeze-Dried Skin Cells in a Scientific First https://www.sciencealert.com/scientists-have-cloned-mice-from-freeze-dried-skin-cells
Meta open sources early-stage AI translation tool that works across 200 languages https://www.theverge.com/2022/7/6/23194241/meta-facebook-ai-universal-translation-project-no-language-left-behind-open-source-model

Other:

Admit It, Squirrels Are Just Tree Rats https://www.theatlantic.com/science/archive/2022/07/squirrel-vs-rat-rodent-differences/661526/
LHC Scientists Find Three Exotic Particles — and Start Hunting for More https://www.universetoday.com/156579/lhc-scientists-find-three-exotic-particles-and-start-hunting-for-more/
SpaceX Shares an Image of the Super Heavy Booster Bristling With 33 Newly Installed Raptor Engines https://www.universetoday.com/156583/spacex-shares-an-image-of-the-super-heavy-booster-bristling-with-33-newly-installed-raptor-engines/
Faster-Than-Light Travel Could Work Within Einstein's Physics, Astrophysicist Shows https://www.sciencealert.com/faster-than-light-travel-could-work-within-einstein-s-physics-astrophysicist-shows