Minnesota regulators approve final permit for Enbridge Energy’s Line 3 crude oil pipeline, but the start date is not specified.

Minnesota regulators have approved the final permit for Enbridge Energy’s Line 3 crude oil pipeline replacement across northern Minnesota, giving the company the green light to begin construction on the $2.6bn project in the United States.

The Minnesota Pollution Control Agency granted a construction stormwater permit for the project, which was the last hurdle that Calgary, Alberta-based Enbridge needed to clear after years of reviews and court battles. The US Army Corps of Engineers and the independent Minnesota Public Utilities Commission (PUC) gave their final approvals last week.

The company and its supporters welcomed the decision, but opponents have vowed to keep up their fight.

“Construction can now begin,” Enbridge spokeswoman Juli Kellner said on Monday in a statement that did not specify when that would happen.

A sign listing emergency contacts for the companies on ‘Pipeline Alley’ (Enbridge, Kinder Morgan and Keyera Corp) are seen at an industrial zone dubbed ‘Refinery Row’ in Sherwood Park, near Edmonton, Alberta in 2016 [Chris Helgren/Reuters]

But Enbridge has signalled that the start could be imminent. The company notified landowners along the route via letters earlier in the month that it expected construction to “start on approximately November 30”. The company has previously said it expected the work to take about nine months.

“This is the culmination of six years of evidence and science-based review of the project,” Kellner said. “Line 3 is poised to provide significant economic benefits for counties, small businesses, Native American communities, and union members – bringing 4,200 family-sustaining, mostly local construction jobs, millions of dollars in local spending and additional tax revenues at a time when Northern Minnesota needs it most.”

But two tribes – the Red Lake and White Earth Bands of Chippewa – asked the PUC last week to stay its approval of the project, saying the influx of construction workers would put residents along the route at higher risk of COVID-19.

A consolidated appeal by environmental and tribal groups is also pending before the Minnesota Court of Appeals.

Opponents say the project threatens spills in pristine waters where Native Americans harvest wild rice and that the Canadian tar sands oil it plans to carry would aggravate climate change.

Enbridge said replacing the deteriorating pipeline, which was built in the 1960s and runs at only half its original capacity, is the best option for protecting the environment while meeting the region’s energy needs. The company said it has instituted strict coronavirus testing and screening protocols for workers to protect them and surrounding communities.

“Thousands of our friends and neighbours across Minnesota look forward to using their construction skills to protect our environment and communities by replacing an existing deteriorating pipeline,” said Joel Smith, president of the Minnesota and North Dakota council of the Laborers’ International Union of North America.

Line 3 begins in Alberta, Canada, and clips a corner of North Dakota before crossing Minnesota on its way to Enbridge’s terminal in Superior, Wisconsin.

The replacement segments in Canada, North Dakota and Wisconsin are already complete, leaving only the 542-kilometre (337-mile) stretch in Minnesota. Altogether Enbridge expects to spend $2.9bn on the US portion.

“This project has faced years of scrutiny and unprecedented obstruction from Democrats and their allies,” Republican Minnesota House Minority Leader Kurt Daudt said in a statement. But he added that the process “ultimately” worked.

China’s factory activity expanded at the fastest pace in more than three years in November, while growth in the services sector also hit a multi-year high, as the country’s economic recovery from the coronavirus pandemic stepped up.

Upbeat data released on Monday suggest the world’s second-largest economy is on track to become the first to completely shake off the drag from widespread industry shutdowns, with recent production data showing manufacturing now at pre-pandemic levels.

But companies are still not expanding their payrolls, the figures show, and some analysts point to rising debt levels among state-owned firms as another possible headwind for the economy.

China’s official manufacturing Purchasing Manager’s Index (PMI) rose to 52.1 in November from 51.4 in October, data from the National Bureau of Statistics showed. It was the highest PMI reading since September 2017 and remained above the 50-point mark that separates growth from contraction on a monthly basis. It was also higher than the 51.5 median forecast in a Reuters poll of analysts.

“The latest official PMI surveys show that the pace of economic growth picked up in November on the back of a broad-based improvement in both services and manufacturing,” Julian Evans-Pritchard, senior China economist at research firm Capital Economics, said in a note sent to Al Jazeera.

China’s blue-chip share index hit a 5-and-a-half-year high following the data release.

Acceleration

The robust headline PMI points to solid fourth-quarter growth, which analysts at Nomura expect to quicken to 5.7 percent compared with the same period last year, from 4.9 percent in the third quarter, an impressive turnaround from the deep contraction earlier this year.

China’s official Purchasing Managers’ Indices [Bloomberg]

The economy is expected to expand by about 2 percent for the full year, the weakest in more than 30 years but still much stronger than other major economies that are struggling to bring their coronavirus outbreaks under control.

The official PMI, which largely focuses on big and state-owned firms, showed the sub-index for new export orders stood at 51.5 in November, improving from 51.0 a month earlier. That bodes well for the export sector, which has benefitted from strong foreign demand for medical supplies and electronics products.

Also helping activity in November were aggressive e-commerce shopping promotions, which unleashed solid consumer demand and bolstered confidence for small and medium firms.

But a surging yuan and further lockdowns in many of its key trading partners could pressure Chinese exports, which have been surprisingly resilient so far.

More companies have reported the impact from currency fluctuations, compared with a month ago, said Zhao Qinghe, senior statistician at the NBS.

“Some firms have flagged that as the yuan continues to rise, corporate profits are under pressure and export orders are declining,” said Zhao.

He added that the recovery across the manufacturing industry remained uneven. For example, the PMI for the textile industry has stayed below the 50-point threshold, pointing to weak business activity.

Consumer comeback

In the services sector, activity expanded for the ninth straight month. The official non-manufacturing Purchasing Managers’ Index rose to 56.4, the fastest since June 2012 and up from 56.2 in October, as consumer confidence gathered pace amid few COVID-19 infections.

Railway and air transportation, telecommunication and satellite transmission services and the financial industry were among the best-performing sectors in November.

A sub-index for construction activity stood at 60.5 in November, improving from 59.8 in October, as China steps up infrastructure spending to revive its economy.

Monday’s data also showed that the labour market is still facing strains. Services firms reduced payrolls at a faster clip in November, while factories slashed staff for the seventh straight month, although at a slower pace.

“The continued recovery reduces the need for further monetary easing, but any shift to tightening is also unlikely given continued labour market pressure,” said Erin Xin, Greater China economist at HSBC.

Another factor that could prove problematic for China is rising levels of debt among regional governments and state-owned enterprises (SOEs).

“The recent wave of SOE debt defaults has contradicted the overall data improvement, including the latest PMI,” wrote Daiwa Capital Markets economists Kevin Lai and Eileen Lin in a research note sent to Al Jazeera.

“Many of these companies should have benefited from a nascent recovery since the economy reopened. However, most of these companies are owned and controlled by local governments,” they said.

“They have been allowed to raise more funds from the bond market and run bigger fiscal deficits when the pandemic began to hit the local economy. Hence, when domestic demand indicators turn better, it is usually a result of more debt-driven stimulus being injected into various industrial sectors.”

Seeking to end the rift in the Gulf region, Kushner will meet Qatari emir and Saudi crown prince, according to US media reports.

White House senior adviser Jared Kushner and his team will travel to Saudi Arabia and Qatar this week for talks aimed at resolving the dispute between the neighbouring Gulf countries, according to United States media reports.

A senior official in the administration of President Donald Trump told Reuters news agency on Sunday that Kushner is to meet Saudi Crown Prince Mohammed bin Salman (MBS) in the Saudi city of Neom, and the emir of Qatar Sheikh Tamim bin Hamad Al Thani in that country in the coming days.

Kushner is eager to persuade the Saudi and Qatari leaders to reconcile and reach an agreement on a number of issues, Axios reported, citing US officials.

Saudi Arabia, the United Arab Emirates (UAE), Bahrain and Egypt cut diplomatic ties and imposed a land, sea and air blockade on Qatar in 2017, accusing Doha of “supporting terrorism” and issuing a list of 13 demands.

Qatar rejected the allegations and the demands and accused the blockading countries of attacking its sovereignty.

US National Security Adviser Robert O’Brien earlier this month stated that resolving the Gulf crisis was a priority for the administration and that there was a possibility it could happen before Trump leaves office in January.

A senior Saudi official last month signalled that there had been some progress in attempts to resolve the more than three-year dispute, saying that Riyadh was “committed to finding a solution”.

“We continue to be willing to engage with our Qatari brothers, and we hope that they are as committed to that engagement,” said Prince Faisal bin Farhan.

“But we do need to address the legitimate security concerns of the quartet and I think there is a path toward that” with a solution “in the relatively near future,” he said.

Earlier this month, Qatar’s Foreign Minister Sheikh Mohammed bin Abdulrahman Al Thani said there were no winners in the Gulf crisis and that Doha was hopeful it will end “at any moment”.

White House senior adviser Jared Kushner (left) meets Saudi Crown Prince Mohammed Bin Salman (right) during his visit to Riyadh, Saudi Arabia [File: Saudi Press Agency via Reuters]

The United States’ Middle East envoys Avi Berkowitz and Brian Hook will join Kushner, as well as Adam Boehler, chief executive of the US International Development Finance Corporation, Reuters and Axios reported.

Kushner and his team have helped negotiate normalisation deals between Israel and Bahrain, the United Arab Emirates and Sudan since August. Officials said they would like to advance more such agreements before US President-elect Joe Biden takes office on January 20, US media reported.

US officials believe enticing Saudi Arabia into a deal with Israel would prompt other Arab nations to follow suit. But the Saudis do not appear to be on the brink of reaching such a landmark deal and officials in recent weeks have been focusing on other countries, with concern about Iran’s regional influence a uniting factor.

Kushner’s trip comes after the killing on Friday of Mohsen Fakhrizadeh in Tehran by unidentified assailants. Western and Israeli governments believe Fakhrizadeh was the architect of a secret Iranian nuclear weapons programme.

Days before the killing, Israeli Prime Minister Benjamin Netanyahu travelled to Saudi Arabia and met MBS, an Israeli official said, in what was the first publicly confirmed visit by an Israeli leader. Israeli media said they were joined by US Secretary of State Mike Pompeo.

The historic meeting underlined how opposition to Tehran is bringing about a strategic realignment of countries in the Middle East.

MBS and Netanyahu fear Biden will adopt policies on Iran similar to those adopted during Barack Obama’s US presidency, which strained Washington’s ties with its traditional allies in the Middle East.

Biden has said he will rejoin the international nuclear pact with Iran that Trump quit in 2018 – and work with allies to strengthen its terms – if Tehran first resumes strict compliance.

The official said Kushner met at the White House last week with the Kuwaiti foreign minister, Sheikh Ahmad Nasser Al-Mohammad Al-Sabah. Kuwait is seen as critical in any effort to resolve a three-year rift between Qatar and the blockading countries.

Republican lawsuit sought to invalidate mail-in ballots in Pennsylvania, where President-elect Biden won by 81,000 votes.

The US state of Pennsylvania’s supreme court has dismissed another legal challenge to the election by supporters of President Donald Trump, further reducing his already near-impossible odds of overturning the results.

A Republican lawsuit sought to invalidate mail-in ballots in the battleground state – which President-elect Joe Biden won by about 81,000 votes – or to throw out all votes and allow the state’s legislature to decide the winner.

The court dismissed both claims on Saturday in a unanimous decision, calling the second one an “extraordinary proposition that the court disenfranchise all 6.9 million Pennsylvanians who voted in the general election”.

The lawsuit argued that a Pennsylvania law from 2019 allowing universal mail-in voting was unconstitutional.

The judges said their November 21 challenge to the law was filed too late, coming more than a year after it was enacted and with the election results “becoming seemingly apparent”.

The number of ballots that our Campaign is challenging in the Pennsylvania case is FAR LARGER than the 81,000 vote margin. It’s not even close. Fraud and illegality ARE a big part of the case. Documents being completed. We will appeal!

— Donald J. Trump (@realDonaldTrump) November 28, 2020

Pennsylvania officially certified Biden’s victory there on November 24. The lawsuit had also sought to stop certification.

Saturday’s decision follows a long line of similar ones, including a ruling the day before in which a federal appeals court flatly dismissed Trump’s claim that the election was unfair and refused to freeze Biden’s win in Pennsylvania.

Trump has refused to give up on his claims of fraud in the November 3 election despite repeated court defeats, tweeting conspiracy theories and vowing to continue his legal fight.

On Thursday, he said for the first time that he would leave the White House if Biden is officially confirmed the winner by the Electoral College on December 14.

But on Friday he tweeted that “Biden can only enter the White House as president if he can prove that his ridiculous ‘80,000,000 votes’ were not fraudulently or illegally obtained”.

Biden, who is to be sworn in on January 20, won 306 votes in the Electoral College to Trump’s 232.

The president-elect has said Americans “won’t stand” for attempts to derail the vote outcome.

Runoff races for Sao Paulo and Rio de Janeiro, Brazil’s two most-populous cities, will be among those held on Sunday.

Brazilians are preparing to head to the polls for municipal election runoffs on Sunday, as COVID-19 infections continue to surge in the South American country.

Voters will cast their ballots in mayoral and city council races in 57 Brazilian municipalities, including Sao Paulo and Rio de Janeiro, the country’s two most-populous cities, where mayoral races remain undecided.

Brazil’s first round of voting on November 15 involved some 500,000 city council candidates and 19,000 mayoral candidates in more than 5,570 municipalities.

The vote was the first time Brazilians had gone to the ballot box since far-right President Jair Bolsonaro was elected in 2018.

A man registers to vote during the municipal elections at a polling station in Rio de Janeiro [Silvia Izquierdo/AP]

Bolsonaro-backed candidates performed poorly in the first round, with only nine of nearly 60 candidates backed by the president advancing to the next round, according to a tally by Estado de S Paulo newspaper.

Bolsonaro, who has resisted COVID-19 restrictions and been antagonistic towards local leaders who have imposed lockdowns to prevent the spread of the virus, won Sao Paulo and Rio de Janeiro easily in 2018.

But the two candidates he backed in those cities this time around did not advance to the runoffs.

On Saturday, Brazil registered 51,922 new cases of COVID-19 and 587 additional deaths linked to the virus, bringing its totals since the pandemic began to more than 6.2 million cases and more than 172,500 deaths.

Brazil has the third-highest tallies of COVID-19 cases and deaths in the world, after India and the United States, according to Johns Hopkins University.

On Friday, Guilherme Boulos, a rising star of the Brazilian left who is running to be mayor of Sao Paulo, tested positive for COVID-19.

The diagnosis forced Boulos to cancel his final debate against centrist incumbent Mayor Bruno Covas, who contracted the virus himself in June.

Boulos’s campaign said he is asymptomatic but “will observe the quarantine protocol for the necessary period”.

Muhyiddin Yassin promises to hold polls after he averts showdown by winning parliamentary support for his administration’s budget.

Malaysia will hold a general election when the novel coronavirus pandemic is over, Prime Minister Muhyiddin Yassin said on Saturday, shortly after he averted a showdown by winning parliamentary support for his administration’s budget.

Parliament passed the largest-ever budget by a voice vote on Thursday despite weeks of threats by the opposition and some of Muhyiddin’s allies to derail the government’s 2021 spending plan, which could have triggered a crisis.

“God willing, when COVID-19 is over, we will hold a general election,” Muhyiddin said in a speech at a virtual annual general meeting of his Bersatu party.

“We will return the mandate to the people and leave it to them to choose which government they want.”

Muhyiddin’s eight-month-old administration has clung on with a two-seat majority in Parliament, managing to fend off a leadership challenge from opposition leader Anwar Ibrahim and contain growing dissent in the United Malays National Organisation (UMNO), the largest bloc in his coalition.

Muhyiddin said he met UMNO President Ahmad Zahid Hamidi this week and they agreed to mend ties between their parties and avoid competing against each other when an election is called.

“I know the people are fed up with the unending politicking. The people want political leaders to help them, not constantly fight for power,” Muhyiddin said.

Malaysia is facing a new wave of coronavirus infections, with cumulative cases rising more than four-fold since September to more than 60,000 as of Friday.

More than 90,000 COVID-19 patients are in hospitals across the United States, which continues to see rising infections.

The number of COVID-19 patients being treated in hospitals across the United States reached 90,000 on Friday, Reuters News Agency reported, as people travelled to attend Thanksgiving holiday gatherings this week.

The rate of hospitalisations is now at the highest since the pandemic began, the news agency said, pushing some medical facilities beyond their capacity and drawing alarm from public health experts and state officials.

Rural regions in New Mexico, which has put a lockdown in place to try to stem the spread of the novel coronavirus, are among the hardest-hit areas of the country. On Friday, 880 people were hospitalised across the US state.

A hospital in Curry County, which borders the sparsely populated Texas Panhandle, was the latest to reach capacity in its intensive care unit earlier this week, according to the county’s Facebook page.

“This is the reality we face when COVID-19 is allowed to spread unchecked,” New Mexico Governor Michelle Lujan Grisham tweeted on Friday, referencing the situation in Curry County and urging people to stay home to prevent the spread of the virus.

“ICUs at capacity, not enough health care workers available,” she wrote.

This is the reality we face when COVID-19 is allowed to spread unchecked – ICUs at capacity, not enough health care workers available.

Protect yourself and your fellow New Mexicans by protecting our hospitals and health care staff – stay home.https://t.co/pbt5NJcskU

— Michelle Lujan Grisham (@GovMLG) November 27, 2020

COVID-19 infection rates have been going up for weeks across the US, and public health officials have warned the situation could worsen as people who mingled with friends and relatives during Thanksgiving gradually develop symptoms.

The country has reported more than 13.04 million cases of COVID-19 to date, according to a tally from Johns Hopkins University, as well as more than 264,000 deaths linked to the virus.

Many health experts and politicians pleaded with Americans to refrain from gathering for Thanksgiving this year, as socialising between households could accelerate the rate of community transmission and push an already strained healthcare system to the brink.

Some abided by the public health guidance, but a day before the holiday, typically one of the busiest travel days of the year in the US, more than 1.07 million people passed through US airports, the Transportation Security Administration (TSA) said.

That was the most of any single day since the start of the pandemic.

Nearly six million Americans travelled by air from Friday to Wednesday, the TSA also said – less than half what was reported during the same period last year.

Black Friday shopping

State governors have also urged people to stay home on Black Friday, a traditionally busy holiday shopping day.

“Remember, skip the crowds and shop from home this Black Friday. Our local shops have curbside pickup options and need our support,” Kentucky Governor Andy Beshear wrote in a tweet on Friday.

Remember, skip the crowds and shop from home this Black Friday. Our local shops have curbside pickup options and need our support. Shop local and shop safely. #HealthyatHome. https://t.co/fklE3qOuak

— Governor Andy Beshear (@GovAndyBeshear) November 27, 2020

In an effort to mitigate a COVID-19 wave during the US winter, more than 20 states have issued new restrictions, including mask mandates and limiting the capacity of bars, restaurants and houses of worship.

In New York state, the US Supreme Court ruled against Governor Andrew Cuomo’s limits on religious gatherings on Wednesday, voting in favour of an injunction request by a Roman Catholic Diocese and Orthodox Jewish congregations to block the capacity restrictions.

It remains unclear if curbs in other states would be challenged following the Supreme Court ruling.

A cyberespionage group with suspected ties to the Kazakh and Lebanese governments has unleashed a new wave of attacks against a multitude of industries with a retooled version of a 13-year-old backdoor Trojan.

Check Point Research called out hackers affiliated with a group named Dark Caracal in a new report published yesterday for their efforts to deploy “dozens of digitally signed variants” of the Bandook Windows Trojan over the past year, thus once again “reigniting interest in this old malware family.”

The different verticals singled out by the threat actor include government, financial, energy, food industry, healthcare, education, IT, and legal institutions located in Chile, Cyprus, Germany, Indonesia, Italy, Singapore, Switzerland, Turkey, and the US.

The unusually large variety of targeted markets and locations “reinforces a previous hypothesis that the malware is not developed in-house and used by a single entity, but is part of an offensive infrastructure sold by a third party to governments and threat actors worldwide, to facilitate offensive cyber operations,” the researchers said.

Dark Caracal’s extensive use of Bandook RAT to execute espionage on a global scale was first documented by the Electronic Frontier Foundation (EFF) and Lookout in early 2018, with the group attributed to the theft of enterprise intellectual property and personally identifiable information from thousands of victims spanning over 21 countries.

The prolific group, which has operated at least since 2012, has been linked to the Lebanese General Directorate of General Security (GDGS), deeming it a nation-state level advanced persistent threat.

The concurrent use of the same malware infrastructure by different groups for seemingly unrelated campaigns led the EFF and Lookout to surmise that the APT actor “either uses or manages the infrastructure found to be hosting a number of widespread, global cyberespionage campaigns.”

Now the same group is back at it with a new strain of Bandook, with added efforts to thwart detection and analysis, per Check Point Research.

A Three-Stage Infection Chain

The infection chain is a three-stage process that begins with a lure Microsoft Word document (e.g. “Certified documents.docx”) delivered inside a ZIP file that, when opened, downloads malicious macros, which subsequently proceeds to drop and execute a second-stage PowerShell script encrypted inside the original Word document.

In the last phase of the attack, this PowerShell script is used to download encoded executable parts from cloud storage services like Dropbox or Bitbucket in order to assemble the Bandook loader, which then takes the responsibility of injecting the RAT into a new Internet Explorer process.

The Bandook RAT — commercially available starting in 2007 — comes with all the capabilities typically associated with backdoors in that it establishes contact with a remotely-controlled server to receive additional commands ranging from capturing screenshots to carrying out various file-related operations.

But according to the cybersecurity firm, the new variant of Bandook is a slimmed-down version of the malware with support for only 11 commands, while prior versions were known to feature as many as 120 commands, suggesting the operators’ desire to reduce the malware’s footprint and evade detection against high-profile targets.

That’s not all. Not only valid certificates issued by Certum were used to sign this trimmed version of the malware executable, Check Point researchers uncovered two more samples — full-fledged digitally-signed and unsigned variants — which they believe are operated and sold by a single entity.

“Although not as capable, nor as practiced in operational security like some other offensive security companies, the group behind the infrastructure in these attacks seems to improve over time, adding several layers of security, valid certificates and other techniques, to hinder detection and analysis of its operations,” the researchers concluded.

The alleged victim, identified as Michel, says he was jumped on by police at his music studio.

French President Emmanuel Macron was “very shocked” by images purporting to show a Black music producer being beaten up and racially abused by Paris police, BFM TV reported, quoting comments given to it by the presidency.

French authorities are investigating allegations that the music producer was physically assaulted and racially abused during a police check after CCTV footage of the incident was released.

The beating inside the entrance of a building was captured on closed-circuit television and mobile phone footage which circulated online and was headline news on French TV channels.

Interior minister Gerald Darmanin told France 2 television on Thursday the officers would be sanctioned if the alleged wrongdoing was confirmed.

Michel, victim of racist police violence in Paris, stresses that if it was not for CCTV capturing the incident, he would be locked up right now and the police’s lies about him would have been accepted and spread far & wide. How many other victims have not had this ‘luck’? https://t.co/jMG1fM3bfH

— Fabien Goa (@FabienGoa) November 27, 2020

The alleged victim, who has only given his identity as Michel, told reporters he was jumped on by police at his music studio in Paris’s 17th arrondissement (district) on November 21.

He said he had been walking in the street without a face mask – against French COVID-19 health protocols – and, upon seeing a police car, went into his nearby studio to avoid getting a fine. However, he said, the police followed him inside and began to assault and racially abuse him.

Speaking to reporters on Thursday, he said: “I did nothing to deserve this … I’m lucky, unlike many others, because I have this video to protect me.”

A video of the incident shared by the online news site Loopsider has been shared more than 70,000 times.

Waqas Tufail, senior lecturer in criminology, tweeted: “Yet more police brutality in France Black music producer Michel was beaten and racially abused for over 15 minutes by a group of police officers who did not know they were being filmed. Under proposed new legislation, it will be a criminal offence to film police officers.”

Ça s’est passé samedi à Paris. 15 minutes de coups et d’insultes racistes.

La folle scène de violences policières que nous révélons est tout simplement inouie et édifiante.

Il faut la regarder jusqu’au bout pour mesurer toute l’ampleur du problème. pic.twitter.com/vV00dOtmsg

— Loopsider (@Loopsidernews) November 26, 2020

UNRWA received lowest level of contributions since 2012, at a time when pandemic is exacerbating the needs of refugees.

The United Nations agency for Palestinian refugees said that, for the first time in its history, it has run out of money until the end of the year.

The UN Relief and Works Agency for Palestine Refugees in the Near East (UNRWA) relies on funds from UN member states and the European Union, but said it has been chronically underfunded for years.

Philip Lazzarini, UNRWA commissioner-general, said at a news conference in Gaza on Thursday that the agency was on the “edge of a cliff”.

“But I still believe we can avoid falling. We can avoid falling if the solidarity of the international community is expressed now,” he added.

The agency said earlier this month it needed to raise $70m by the end of November or it will not be able to pay the full salaries of thousands of employees through the end of the year.

UNRWA had notified its entire workforce of 28,000 people that it will be forced to defer their salaries for the rest of the year.

Lazzarini said UNRWA had received this year the lowest level of contributions since 2012, at a time when the needs of refugees are compounded by the effects of the COVID-19 pandemic.

UNRWA is also warning the health system in Gaza is about to collapse due to the coronavirus pandemic.

A boy and Palestinian employees of UNRWA take part in a protest against planned salary cuts [Mohammed Salem/Reuters]

The agency said most of the workers affected are refugees themselves and the cuts will affect employees in countries across the Middle East.

UNRWA was established to aid the 700,000 Palestinians who fled or were forced from their homes during the war surrounding Israel’s establishment in 1948.

It provides education, healthcare, food and other assistance to some 5.5 million refugees and their descendants in the occupied West Bank and the besieged Gaza Strip, as well as Jordan, Syria and Lebanon.

The agency’s finances have also been ravaged by a decision by United States President Donald Trump’s administration to slash hundreds of millions of dollars of aid, as well as a crisis in confidence after its previous commissioner-general was accused of abusing his authority.

Three Nigerian citizens suspected of being members of an organized cybercrime group behind distributing malware, carrying out phishing campaigns, and extensive Business Email Compromise (BEC) scams have been arrested in the city of Lagos, Interpol reported yesterday.

The investigation, dubbed “Operation Falcon,” was jointly undertaken by the international police organization along with Singapore-based cybersecurity firm Group-IB and the Nigeria Police Force, the principal law enforcement agency in the country.

About 50,000 targeted victims of the criminal schemes have been identified so far, as the probe continues to track down other suspected gang members and the monetization methods employed by the group.

Group-IB’s participation in the year-long operation came as part of Interpol’s Project Gateway, which provides a framework for agreements with selected private sector partners and receives threat intel directly.

“The suspects are alleged to have developed phishing links, domains, and mass mailing campaigns in which they impersonated representatives of organizations,” Interpol said. “They then used these campaigns to disseminate 26 malware programmes, spyware and remote access tools, including AgentTesla, Loki, Azorult, Spartan and the nanocore and Remcos Remote Access Trojans.”

In addition to perpetrating BEC campaigns and sending out emails containing malware-laced email attachments, the attacks have been used to infiltrate and monitor the systems of victim organizations and individuals, leading to the compromise of at least 500,000 government and private sector companies in more than 150 countries since 2017.

According to Group-IB, the three individuals — identified only by their initials OC, IO, and OI — are believed to be members of a gang which it has been tracking under the moniker TMT, a prolific cybercrime crew that it says is divided into multiple smaller subgroups based on an analysis of the attackers’ infrastructure and techniques.

Some of their mass email phishing campaigns took the form of purchasing orders, product inquiries, and even COVID-19 aid impersonating legitimate companies, with the operators leveraging Gammadyne Mailer and Turbo-Mailer to send out phishing emails. The group also relied on MailChimp to track whether a recipient opened the message.

The ultimate goal of the attacks, Group-IB noted, was to steal authentication data from browsers, email, and FTP clients from companies located in the US, the UK, Singapore, Japan, Nigeria, among others.

“This group was running a well-established criminal business model,” Interpol’s Cybercrime Director Craig Jones noted. “From infiltration to cashing in, they used a multitude of tools and techniques to generate maximum profits.”

Many of us here would love to turn hacking into a full-time career. To make that dream come true, you need to master your subject and earn some key certifications.

To speed up this process, you might want to take a little guidance from the experts.

Featuring 98 hours of content from top instructors, The Ultimate 2020 White Hat Hacker Certification Bundle is the ultimate launchpad for your career. It provides an incredible introduction to white hat hacking and helps you become a CompTIA-certified professional.

The courses in this bundle are separately worth $1,345, but The Hacker News has put together a special deal for readers.

Special Offer — For a limited time, you can pick up all 10 courses for just $39.90 with this bundle. That’s a 97% saving on the full price!

According to industry experts, there will be 3.5 million unfilled cybersecurity jobs by next year. If you want to take advantage of this gold rush, now is an excellent time to start studying.

Perfect for beginners and improvers alike, this bundle helps you master the fundamentals of cybersecurity and white hat hacking.

Through concise video lessons, you learn about Darknet, malware, exploit kits, phishing, zero-day vulnerabilities, identity theft, and countless other threats. You also learn how to set up defenses, run your own attacks, and automate pentesting.

Just as importantly, the training helps you work towards two industry certifications: CompTIA PenTest+ and CySA+ Cybersecurity Analyst.

Order today to get lifetime access to all the courses at 97% off the full price.

Court hands down dozens of life sentences for some of the nearly 500 defendants, including army commanders and pilots.

A Turkish court is handing down verdicts for hundreds of people accused of plotting to overthrow President Recep Tayyip Erdogan in a failed coup attempt four years ago, with dozens of them handed life sentences.

Nearly 500 defendants, including army commanders and pilots, are accused of carrying out the attempt to overthrow the government on July 15, 2016, from an airbase near the capital Ankara, the state-owned Anadolu news agency reported on Thursday.

More than 250 people were killed in the attempt as rogue soldiers commandeered warplanes, helicopters and tanks in a bid to take control of key state institutions.

The trial was the highest-profile of dozens of court cases targeting thousands of people accused of involvement in the coup attempt, which Ankara blamed on the supporters of the United States-based Muslim preacher and businessman, Fethullah Gulen.

Anadolu and other agencies said at least 25 F-16 pilots were given aggravated life sentences – the most severe punishment in Turkish courts – meaning there is no possibility of parole.

Former air force commander Akin Ozturk and others at the Akinci airbase near Ankara were accused of directing the coup and bombing government buildings, including Parliament, and attempting to kill Erdogan.

Turkey’s then-military chief and now defence minister Hulusi Akar and other commanders were held captive for several hours at the base on the night of the coup.

Four ringleaders, dubbed “civilian imams” over ties to Gulen’s network, were given 79 aggravated life sentences for charges of attempting to assassinate the president, murder, and seeking to overthrow the constitutional order, Anadolu said.

Al Jazeera’s Sinem Koseoglu, reporting from Istanbul, said there were 10 civilians in this trial.

“They were present at Akinci airbase where the F-16 that killed the civilians took off from. Prosecutors said these civilians were civil imam at Gulen movement. They claim they were taking orders from Gulen and passing the order to the military personnel,” she said.

Gulen, 79, who was once an ally of Erdogan and has denied any role in the coup, was one of the six defendants being tried in absentia.

A total of 475 people were on trial, 365 of them in custody.

Crackdown

Turkey, a NATO member and candidate for European Union membership, declared a state of emergency after the failed coup and carried out a large-scale crackdown which alarmed Ankara’s Western allies.

Some 292,000 people have been detained over alleged links to Gulen, nearly 100,000 of them jailed pending trial, Anadolu cited interior minister Suleyman Soylu as saying.

Some 150,000 civil servants were sacked or suspended after the coup, with some 20,000 expelled from the military. Courts have handed down more than 2,500 life sentences.

Four years on, police operations targeting suspects accused of links to Gulen continue on a regular basis. There have been 289 trials into the failed overthrow and 10 continue, Anadolu reported.

The government has said the crackdown was needed given the security challenges which Turkey has faced to root out a network of Gulen supporters deeply embedded in the state apparatus.

The S&P 500 index and the Dow walked back from record closing highs, pulled lower by cyclicals and small caps that drove the rally earlier in the week.

The S&P 500 index closed lower on Wednesday as mounting United States layoffs in the wake of new mandated lockdowns to contain surging COVID-19 infections dampened investors’ appetite for risk.

The index and the Dow Jones Industrial Average retreated from record closing highs, pulled lower by cyclicals and small caps that drove the rally earlier in the week.

Pandemic-resilient tech and tech-adjacent market leaders helped keep the Nasdaq afloat.

“It’s a growth day, flipping back the other way away from value,” said Tim Ghriskey, chief investment strategist at Inverness Counsel in New York. “It’s this ongoing struggle between the virus and the vaccine.”

“There’s a reality setting in that while the vaccine will start being distributed fairly quickly, the virus isn’t going away quickly and therefore the timeline for economic improvement is getting pushed out.”

A wide range of data released in advance of Thursday’s Thanksgiving holiday was dominated by a second consecutive week of unexpected jobless claims increases, suggesting that new restrictions to combat spiking coronavirus cases could hobble the struggling labour market’s recovery.

“The economic data is not good, and we know it won’t be good for some time given this new wave of the virus,” Ghriskey added.

The market appeared to be replaying the previous two weeks, which began with rallies driven by promising vaccine news but pivoted back to stay-at-home plays on near-term pandemic realities and the lack of new fiscal stimulus measures.

Still, the vaccine developments and removal of uncertainties surrounding the US presidential election have driven Wall Street indexes to record closing highs, and put the S&P 500 on course for its best November ever.

Market participants believe US stocks have more room to climb. A recent Reuters news agency poll showed analysts believe the S&P 500 will gain 9 percent between now and the end of 2021. The index has surged about 66 percent since the coronavirus-led crash in March and is up about 12 percent so far this year.

The Dow Jones Industrial Average fell 173.77 points, or 0.58 percent, to 29,872.47; the S&P 500 lost 5.76 points, or 0.16 percent, to 3,629.65; and the Nasdaq Composite Index added 57.08 points, or 0.47 percent, at 12,094.40.

Of the 11 major sectors of the S&P 500, seven ended the session in the red, with energy suffering the largest percentage loss.

The economically sensitive banking sector lost ground, with the S&P 500 Banks index shedding 0.7 percent.

Tesla Inc, which surpassed $500bn in market capitalization on Tuesday, extended its gain by 3.4 percent even after the electric-car maker recalled about 9,500 vehicles.

The company also plans to start manufacturing electric vehicle chargers in China starting next year, according to documents it submitted to Shanghai authorities.

Declining issues outnumbered advancers on the New York Stock Exchange by a 1.24-to-1 ratio; on Nasdaq, a 1.01-to-1 ratio favoured decliners.

The S&P 500 posted 15 new 52-week highs and no new lows; the Nasdaq recorded 120 new highs and eight new lows.

Volume on US exchanges was 10.76 billion shares, compared with the 11.17 billion average over the last 20 trading days.

Two popular Android apps from Chinese tech giant Baidu have been removed from the Google Play Store in October after they were caught collecting sensitive user details.

The two apps in question—Baidu Maps and Baidu Search Box—were found to collect device identifiers, such as the International Mobile Subscriber Identity (IMSI) number or MAC address, without users’ knowledge, thus making them potentially trackable online.

The discovery was made by network security firm Palo Alto Networks, who notified both Baidu and Google of their findings, after which the search company pulled the apps on October 28, citing “unspecified violations.”

As of writing, a compliant version of Baidu Search Box has been restored to the Play Store on November 19, while Baidu Maps remains unavailable until the unresolved issues highlighted by Google are fixed.

A separate app named Homestyler was also found to collect private information from users’ Android devices.

According to Palo Alto researchers, the full list of data collected by the apps include:

• Phone model
• Screen resolution
• Phone MAC address
• Carrier (Telecom Provider)
• Network (Wi-Fi, 2G, 3G, 4G, 5G)
• Android ID
• IMSI number
• International Mobile Equipment Identity (IMEI) number

Using a machine learning-based algorithm designed to detect anomalous spyware traffic, the origin of the data leak was traced to Baidu’s Push SDK as well as ShareSDK from the Chinese vendor MobTech, the latter of which supports 37,500 apps, including more than 40 social media platforms.

While Google has taken steps to secure the Play store and stop the malicious activity, bad actors are still finding ways to infiltrate the app marketplace and leverage the platform for their gain.

Indeed, an academic study published by researchers from NortonLifeLock earlier this month found the Play Store to be the primary source of malware installs (about 67.5%) on Android devices based on an analysis of app installations on 12 million handsets over a four-month period between June and September 2019, fueled in part due to the wide popularity of the platform.

However, its vector detection ratio — the ratio of unwanted apps installed through that vector overall apps installed through that vector — was found to be only 0.6% when compared to alternative third-party app stores (3.2%).

“Thus, the Play market defenses against unwanted apps work, but still significant amounts of unwanted apps are able to bypass them, making it the main distribution vector for unwanted apps,” the researchers said.

If anything, the incident is yet another reminder that no app, even if developed by a legitimate third-party, can be taken for granted.

This also means the usual safeguards such as scrutinizing app reviews, developer details, and the list of requested permissions may not offer enough protection, thus making it difficult to ascertain if a permission is misused by cybercriminals to steal private data.

“In mobile devices, it is typical to ask a user to grant a list of permissions upon installation of an application or to prompt a user to allow or deny a permission while the application is running,” Palo Alto researchers concluded.

“Disallowing permissions can often result in a non-working application, which leads to a bad user experience and might tempt a user to click on ‘allow’ just to be able to use an application. Even if a certain permission is granted, it is often up to the app developers whether it is used in accordance with the official guidelines.”

cPanel, a provider of popular administrative tools to manage web hosting, has patched a security vulnerability that could have allowed remote attackers with access to valid credentials to bypass two-factor authentication (2FA) protection on an account.

The issue, tracked as “SEC-575” and discovered by researchers from Digital Defense, has been remedied by the company in versions 11.92.0.2, 11.90.0.17, and 11.86.0.32 of the software.

cPanel and WHM (Web Host Manager) offers a Linux-based control panel for users to handle website and server management, including tasks such as adding sub-domains and performing system and control panel maintenance. To date, over 70 million domains have been launched on servers using cPanel’s software suite.

The issue stemmed from a lack of rate-limiting during 2FA during logins, thus making it possible for a malicious party to repeatedly submit 2FA codes using a brute-force approach and circumvent the authentication check.

Digital Defense researchers said an attack of this kind could be accomplished in minutes.

“The two-factor authentication cPanel Security Policy did not prevent an attacker from repeatedly submitting two-factor authentication codes,” cPanel said in its advisory. “This allowed an attacker to bypass the two-factor authentication check using brute-force techniques.”

The company has now addressed the flaw by adding a rate limit check to its cPHulk brute-force protection service, causing a failed validation of the 2FA code to be treated as a failed login.

This is not the first time the absence of rate-limiting has posed a serious security concern.

Back in July, video conferencing app Zoom fixed a security loophole that could have allowed potential attackers to crack the numeric passcode used to secure private meetings on the platform and snoop on participants.

It’s recommended that cPanel customers apply the patches to mitigate the risk associated with the flaw.

Judicial investigator asks MPs to probe current and ex-ministers dating back to 2013, when 3,000 tonnes of ammonium nitrate arrived at Beirut port.

Beirut, Lebanon – Lebanon’s top investigator has asked Parliament to investigate 10 former ministers he suspects are responsible for the conditions that led to the devastating August 4 explosion that killed nearly 200 people, according to a judicial source.

In a letter to Parliament, Judicial Investigator Fadi Sawan has asked the members of Parliament to probe all current and former ministers of finance, justice and public works dating back to September 2013, when a cargo ship loaded with about 3,000 tonnes of ammonium nitrate arrived at capital the Beirut’s port.

The highly explosive chemicals were left at the port’s Hangar 12 for nearly seven years until they exploded on August 4, destroying large parts of the city, injuring more than 6,500 people, in addition to those killed, and rendering thousands homeless.

So far, about 25 people have been arrested and 33 charged in the blast probe. Nearly 50 more, including current and former ministers and heads of security agencies, have been heard as witnesses.

“Investigations [Sawan] conducted with current and former ministers raised suspicions on the responsibility of these ministers and their failure to address the presence of ammonium nitrate in the port and deal with it responsibly despite the danger,” the source told Al Jazeera.

The ministers mentioned in Sawan’s letter include current and former justice ministers Marie-Claude Najem, Albert Sarhan and Salim Jreissati; current and former finance ministers Ghazi Wazni and Ali Hasan Khalil; and current and former public works ministers Michel Najjar, Youssef Fenianos, Ghazi Zeaiter and Ghazi Aridi.

“Each of these ministers was aware of the presence of ammonium in the port, whether through written correspondence that reached them or from the port administration or through reports of the security services located in the port, but they did not take decisive decisions in this regard,” the source said.

Political immunity

Sawan’s decision to ask the parliament to investigate ministers is based on an interpretation of political immunity that puts ministers and heads of state out of his jurisdiction.

He believes a specialised body – known as the Supreme Court for the Trial of Presidents and Ministers and composed of seven members of Parliament and eight judges – can investigate ministers and ultimately hold them to account.

The body has never held a minister accountable, partially due to the high bar set for beginning any proceedings: The consent of two-thirds of Lebanon’s 128-member legislature.

Elias Hankash, a former member of Parliament and member of the Supreme Court who resigned in the wake of the Beirut blast, told Al Jazeera the court “will be unable to do anything because ministers are picked by this parliament, and MPs won’t be holding people representing them or their allies accountable”.

He says ministers should be tried in regular courts – a stance also taken by the Beirut Bar Association, which is representing hundreds of blast victims.

The families of many victims, in addition to local and international rights groups, have expressed fears the Lebanese investigation will not hold all those responsible for the blast to account and have instead called for an international probe.

Meanwhile, the parliament’s secretary-general, Adnan Daher, told Al Jazeera on Wednesday morning he had not yet received Sawan’s letter.

But the judicial source said the letter will go to the justice ministry first, as per the process, and then sent to Parliament, and that it should arrive shortly.

The outgoing administration of US President Donald Trump issued a new temporary rule that could require tourist and business travellers from two dozen countries – most in Africa – to pay a bond of as much as $15,000 to visit the United States.

The US State Department on Monday said the temporary final rule, which takes effect December 24 and runs through June 24, targets countries whose nationals have higher rates of overstaying B-2 visas for tourists and B-1 visas for business travellers.

The Trump administration said the six-month pilot programme aims to test the feasibility of collecting such bonds and will serve as a diplomatic deterrence to overstaying the visas.

“The Pilot Program is designed to apply to nationals of specified countries with high overstay rates to serve as a diplomatic tool to encourage foreign governments to take all appropriate actions to ensure their nationals timely depart the United States after making temporary visits,” according to the State Department document.

A protester holds a sign outside the US Supreme Court, while the court justices consider the legality of President Donald Trump’s latest travel ban targeting people from Muslim-majority countries, in Washington, DC, US [File: Yuri Gripas/Reuters]

Trump, who lost a re-election bid earlier this month, made restricting immigration a focus of his four-year term in office. President-elect Joe Biden, a Democrat, has pledged to reverse many of the Republican president’s immigration policies, but untangling hundreds of changes could take months or years.

Biden’s transition team did not immediately respond to a Reuters request for comment related to the visa bond requirement.

But in earlier comments, Biden has said that “on day one” he would revoke Trump’s travel restrictions – often known as the “Muslim Ban” – which affects nationals from Iran, Libya, Somalia, Syria, Yemen, as well as citizens from Venezuela, North Korea, Nigeria, Sudan and Myanmar.

Mock-ups of banned Muslim travellers’ passports are placed outside the US Supreme Court during a protest in Washington, DC, US [File: Yuri Gripas/Reuters]

Trump signed the travel ban by way of executive order in 2017, in a move that drew widespread outrage from activists and rights groups who accused the Trump administration of discrimination and racism.

This latest visa bond rule will allow US consular officers to require tourist and business travellers from countries whose nationals had an “overstay rate” of 10 percent or higher in 2019 to pay a refundable bond of $5,000, $10,000 or $15,000.

Twenty-four countries meet that criterion, including 15 African countries. While those nations had higher rates of overstays, they sent relatively few travellers to the US.

Historically, US consular officers have been discouraged from requiring travellers to the US to post a bond, with State Department guidance saying processing of the bonds would be “cumbersome”, the temporary rule said.

According to the document, countries whose tourist and business travellers could be subject to the bond requirement include those from Afghanistan, Iran, Syria, Yemen, Libya, Mauritania, Eritrea and Sudan. Other countries include Angola, Bhutan, Burkina Faso, Burundi, Cabo Verde, Chad, Democratic Republic of the Congo, Djibouti, as well as Gambia, Guinea-Bissau, Laos, Liberia, Myanmar (Burma), Papua New Guinea, and Sao Tome and Principe.

An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar.

According to a new analysis published by Intezer today and shared with The Hacker News, the trojan masquerades as HTTPd, a commonly used program on Linux servers, and is a new version of the malware belonging to a threat actor tracked as Stantinko.

Back in 2017, ESET researchers detailed a massive adware botnet that works by tricking users looking for pirated software into downloading malicious executables disguised as torrents to install rogue browser extensions that perform ad injection and click fraud.

The covert campaign, which controls a vast army of half a million bots, has since received a substantial upgrade in the form of a crypto-mining module with an aim to profit from computers under their control.

Although Stantinko has been traditionally a Windows malware, the expansion in their toolset to target Linux didn’t go unnoticed, with ESET observing a Linux trojan proxy deployed via malicious binaries on compromised servers.

Intezer’s latest research offers fresh insight into this Linux proxy, specifically a newer version (v2.17) of the same malware (v1.2) called “httpd,” with one sample of the malware uploaded to VirusTotal on November 7 from Russia.

Upon execution, “httpd” validates a configuration file located in “etc/pd.d/proxy.conf” that’s delivered along with the malware, following it up by creating a socket and a listener to accept connections from what the researchers believe are other infected systems.

An HTTP Post request from an infected client paves the way for the proxy to pass on the request to an attacker-controlled server, which then responds with an appropriate payload that’s forwarded by the proxy back to the client.

In the event a non-infected client sends an HTTP Get request to the compromised server, an HTTP 301 redirect to a preconfigured URL specified in the configuration file is sent back.

Stating that the new version of the malware only functions as a proxy, Intezer researchers said the new variant shares several function names with the old version and that some hardcoded paths bear similarities to previous Stantinko campaigns.

“Stantinko is the latest malware targeting Linux servers to fly under the radar, alongside threats such as ​Doki​, ​IPStorm​ and ​RansomEXX​,” the firm said. “We think this malware is part of a broader campaign that takes advantage of compromised Linux servers.”

VMware has released temporary workarounds to address a critical vulnerability in its products that could be exploited by an attacker to take control of an affected system.

“A malicious actor with network access to the administrative configurator on port 8443 and a valid password for the configurator admin account can execute commands with unrestricted privileges on the underlying operating system,” the virtualization software and services firm noted in its advisory.

Tracked as CVE-2020-4006, the command injection vulnerability has a CVSS score of 9.1 out of 10 and impacts VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector.

While the company said patches for the flaw are “forthcoming,” it didn’t specify an exact date by when it’s expected to be released. It’s unclear if the vulnerability is under active attack.

The complete list of products affected are as follows:

• VMware Workspace One Access (versions 20.01 and 20.10 for Linux and Windows)
• VMware Workspace One Access Connector (versions 20.10, 20.01.0.0, and 20.01.0.1 for Windows)
• VMware Identity Manager (versions 3.3.1, 3.3.2, and 3.3.3 for Linux and Windows)
• VMware Identity Manager Connector (versions 3.3.1, 3.3.2 for Linux and 3.3.1, 3.3.2, 3.3.3 for Windows)
• VMware Cloud Foundation (versions 4.x for Linux and Windows)
• vRealize Suite Lifecycle Manager (versions 8.x for Linux and Windows)

VMware said the workaround applies only to the administrative configurator service hosted on port 8443.

“Configurator-managed setting changes will not be possible while the workaround is in place,” the company said. “If changes are required please revert the workaround following the instructions below, make the required changes and disable again until patches are available.”

The advisory comes days after VMware addressed a critical flaw in ESXi, Workstation, and Fusion hypervisors that could be exploited by a malicious actor with local administrative privileges on a virtual machine to execute code and escalate their privileges on the affected system (CVE-2020-4004 and CVE-2020-4005).

The vulnerability was discovered by Qihoo 360 Vulcan Team at the 2020 Tianfu Cup Pwn Contest held earlier this month in China.

Sputnik V vaccine is 95 percent effective according to second interim analysis of clinical trial data, developers say.

Russia’s two-shot Sputnik V COVID-19 vaccine will cost less than $20 per person on international markets and will be free of charge for Russian citizens, according to a statement on the official Sputnik V Twitter account.

Kirill Dmitriev, head of Russia’s RDIF sovereign wealth fund, told the Reuters news agency Sputnik V earlier on Tuesday that it would be priced significantly lower than rivals with similar efficacy levels.

He was speaking after RDIF and the Gamaleya National Center said new clinical trial data based on 39 confirmed cases and 18,794 patients who got both shots had shown that Sputnik V was 91.4 percent effective on day 28 and more than 95 percent effective on day 42.

The announcements come as several drugmakers unveil positive interim data in a scientific race to curb the global pandemic.

British drugs group AstraZeneca and the University of Oxford, which has pledged it will not make a profit on the vaccine during the pandemic, has reached agreements with governments and international health organisations that put its cost at about $2.50 a dose.

Pfizer’s vaccine costs about $20 a dose, while Moderna’s is $15-25, based on agreements the companies have struck to supply their vaccines to the US government.

The Russian drug is named Sputnik V after the Soviet-era satellite that triggered the space race, a nod to the project’s geopolitical importance for Russian President Vladimir Putin.

RDIF has said as of November 11, no serious side effects had been reported during the Sputnik V phase three trial.

Some volunteers had short-term minor adverse effects such as pain at the injection site and flu-like symptoms including fever, weakness, fatigue, and headaches, it said.

Nurses from the profession’s largest union in the United States have warned of dire stresses on the healthcare system as the country sees a new surge in COVID-19 cases and hospitalisations.

In a news conference on Monday, members of the National Nurses United, which represents 170,000 registered nurses across the US, detailed harrowing accounts of hospital understaffing, a lack of personal protective equipment (PPE) and an inadequate response from local and federal authorities.

On Saturday, the US surpassed 12 million confirmed coronavirus cases. More than 247,000 people have died in the country after contracting COVID-19, according to a Johns Hopkins University tally.

Despite a lull in hospitalisations in the middle of the year, the numbers of patients currently hospitalised has more than doubled as the US enters its colder months. As of Friday, more than 83,000 patients in the US were hospitalised with COVID-19, according to the COVID Tracking Project.

Officials in some areas have warned hospitals could face stresses worse than they did during the first major outbreak earlier in the year. Data from the Health and Human Services Department released last week showed that 18 percent of hospitals across all 50 states, Washington, DC and Puerto Rico report being “critically” short on staff. North Dakota is the worst hit, with 51 percent of hospitals reporting shortages. Seven other states are above the 30 percent mark.

“Nearly one year into this pandemic, our hospitals are still not prepared,” said Jean Ross, the president of the union and a registered nurse in Minnesota. She said a survey of nurses conducted by the organisation found that 80 percent of hospitals in the US have not done adequate planning for a surge in cases.

“Our government and healthcare employers have not implemented what is needed since the pandemic started,” she said. “We are still fighting for safe staffing and optimal PPE”, as well as proper “infection control” measures.

‘We need PPE’

Marissa Lee, a labour and delivery nurse in Kissimmee, Florida, said most nurses at the hospital where she works, the Osceola Regional Medical Center, only receive optimal PPE that provides “airborne and droplet precaution” when they are working directly with patients who are known to be infected with COVID-19. Otherwise, she said, they receive less protective surgical masks.

“We need PPE … PPE is the key word to everything we’re speaking about here,” said Lee, who added that staffing levels have become “unsafe” with personnel regularly shifted to departments outside of their expertise. The hospital administration did not immediately respond to a request for comment.

Many people have not heeded health officials warnings and are travelling for the Thanksgiving holiday [Matt Slocum/AP Photo]

Consuelo Vargas, an emergency room nurse in Chicago, Illinois, which has seen record daily cases this month, described PPE shortages at the public John H Stroger Jr Hospital of Cook County. She also described a shortage of staff amid an influx of patients forced to use the emergency room for primary care after losing their employer-provided insurance amid the pandemic.

She added the hospital has not been properly separating infected individuals from the population.

“Last last week, I reached a point where I was numb. I didn’t feel tired. I didn’t feel happy. I didn’t feel angry,” she said. “I didn’t feel frustrated and I didn’t feel sad. I literally felt nothing. And that is a scary place for nurses to be.”

Vargas called for more transparency from both hospital administrations and the government, while urging Americans to take precautions to prevent the further spread of the virus.

A spokeswoman for Cook County Health, Deborah Song, in a statement to Al Jazeera, said the management has “prioritised the health and safety of our workers and our patients”, including working to “secure sufficient and optimal personal protective equipment, educate staff and build surge plans, including staffing at all levels”.

However, she acknowledged hospital staffing has been a “challenge across the country” as surges occur in different areas at different times.

“We do not have the resources to pay the exorbitant rates or bonuses that other hospitals can afford or to contract with agencies to keep staff in waiting until they are needed,” she said. “As such, should staffing be challenged beyond what we can afford, we will likely be faced with further reducing services to shift staff to areas of need. This is the unfortunate reality of this pandemic.”

‘We need change’

Both nurses and hospital administrations have stressed the need for more precautions to bring the numbers of patients down and reduce stresses on the healthcare system.

US health officials have warned against travelling and gathering for the upcoming Thanksgiving holiday on Thursday, but millions of Americans have not heeded that call. The Transportation Security Administration said that more than three million people were screened at airports on Friday, Saturday and Sunday, the highest traffic since March.

“I know the holidays season is upon us. Are you willing to give up one holiday season for 10 more?” said Vargas. “Think of everything you want to accomplish in your life, the places you want to go, the things you want to do, the people you want to spend time with? Are you willing to give all that up?”

Healthcare workers process people waiting in line at a United Memorial Medical Center COVID-19 testing site in Houston [David J Phillip/AP Photo]

Christina Hanson, a nurse in Marquette, Michigan, a state that has also seen record case numbers this month, called on state officials across the country, many of whom have been resistant to imposing restrictions or mandates for masks in public, to “meet us where we are”.

She thanked the governor of Michigan, Gretchen Whitmer, who has imposed restrictions aimed at limiting the virus while weathering derision from President Donald Trump, whose administration has been wary of statewide or national mandates.

“We shoulder a level of concern and anxiety that we will contract this virus ourselves and spread it to our loved ones,” Hanson said. “Nurses are tough, but a strong and dedicated as our nurses are. What we are doing is not sustainable. We see the cases climbing across the country and are anxious for what’s to come. We need change.”