This Week’s [in]Security – Issue 121

Welcome to This Week’s [in]Security. This week: what's the minimum for PCI, PCI-NIST mapping, more Magecart, payment card fraud on ApplePay and Interac, lifetime breach protection, changing SINs, breached: Amadeus airline services, AavGo hotel services, Bulgaria, Sprint/Samsung, Lenovo storage, 62 US colleges, Desjardins followup, 220M+ more compromised credentials, Equifax nears $700M settlement, mass Slack reset, Kazakhstan intercepting HTTPS, more motherborad vulnerabilities, NIST on TLS certificates, Master keys for GrandCrab ransomware, Russia's FSB exposed through 3rd party, Face morphing app controversy, literally a killer app, $45B lost to cyber attacks, LinkedIn phishing, mass shooting common factors, safer programming languages, cyberlaws in conflict, AirDropped terrorism, swarming Area 51, the Moon landing, and more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, Payments, PCI, and Card Brands.

Breaches / Leaks

Covering breaches, leaks, data exposures, and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.