This Week’s [in]Security – Issue 132

Posted on 14 Oct 2019.

Welcome to This Week’s [in]Security. This week: Millions of Magecart skimmers. Payments and disabilities. Anti-fraud scanner. Breaches and leaks: Russian ISP, New Zealand, Alberta Health, TransUnion. Face recognition, the war on encryption, FBI abused access to NSA data, high res selfies and stalkers. CA Deep-fake law, NY SHIELD Act, US-UK CLOUD Act, DMCA challenges. NIST key management and lightweight crypto updates. NIST and FIPS-140-3 (not a typo). SIN/SSN Alternatives. Ignorance of the Law. Ransomeware keys. Prioritizing patching. Copy and paste coding fails. More on bypassing 2FA. VoIP espionage. Sowing division. Quantum update. Sketchy SSD encryption. Free cryptography CPEs. Breaking encryption via the RNG. Canadian banks and 2FA. Vaping and cancer. And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, Payments, PCI, and Card Brands.

Breaches / Leaks

Covering breaches, leaks, data exposures, and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.