This Week’s [in]Security – Issue 113

Posted on 25 May 2019.

Welcome to This Week’s [in]Security. This week: PCI feedback underway on P2PE v3, SSF update, Magecart now with IFRAMES, 885M title insurance records exposed, AT&T's un-breach, breaches of Instagram and Truecaller data, breaches at HCL, Peel Region and the Game Golf app, 3B fake Facebook accounts removed, 2FA stops bot attacks, tracking your mobile device, NIST key management update, right to repair in Canada, the squeeky breach headline gets the fix, 4 windows zero-days published, Windows RDS worm code, Industrial sites aren't ready for it, 12K Mongo db's gone, Baltimore hit, virus-day-off, China: Huawei and drones, interesting new tech, rare-earth-metals mega-find, and more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, Payments, PCI, and Card Brands.

Breaches / Leaks

Covering breaches, leaks, data exposures, and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.