This Week’s [in]Security – Issue 101

Posted on 04 Mar 2019.

Welcome to This Week’s [in]Security. This week: detailed alert on trending e-commerce attack methods, PCI glossary for small business, PCI seeks input on SPoC MSR, large surveillance db leak, watchlists exposed, many NIST announcements, FPE update, patent on opting-in, fix-it-already project, fighting fake news with MetaFact, fighting trolls in the midterms, USB-C Thunderbolt risks, a slew of bugs, SuperMicro vulnerabilities used to pwnd IBM cloud servers, Comcast and Kanye West have nothings in common, financial group undermining TLS 1.3, Quadriga's empty cold-wallets, Marriott's GDPR liability, moderator PTSD, carbon sequestering, the solar system gets bigger, and more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, Payments, PCI, and Card Brands.

Breaches / Leaks

Covering breaches, leaks, data exposures, and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.