This Week’s [in]Security – Issue 127

Welcome to This Week’s [in]Security. This week: new PCI FAQ on PIN, EMV reduces fraud by 97%. Facebook: another massive leak, changing facial recognition, and dating privacy worries. Breaches at Yves Rocher, Teletext Holidays ,DK-Lok. 19M Canadaian impacted by breaches. Google/YouTube fined $170M. Hidden pages bypassing GDPR. DHS-FBI watchlist unconstitutional. New DOD contractor security standards. NIST cyber resilience. Frank Abagnale on privacy. Deflecting an Asteroid. Twitter stops SMS. QR code insecurity. GPS trackers with the worst default password. Deep fake voice fraud score $243K. NTSB and Tesla's Auto-pilot. Refrigerated food and power failures. US electric grid attacked. Going blind from junk food. Declassification by tweet. Tracing disinformation. US reverses two bans on foreigners. And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, Payments, PCI, and Card Brands.

Breaches / Leaks

Covering breaches, leaks, data exposures, and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.