Welcome to This Week’s [in]Security. This week: PCI DSS 4 Comment Period. New PCI Contactless on COTS standard. EMVco and 3D Secure. A PCI Horror Story. Magecart. Carders. Breaches at top domain registrars, UniCredit (3rd times a charm), Bed Bath& Beyond, Desjardins breach numbers grow. Hall of shame - bank asking for other bank passwords. FB agrees to fine. Several articles on the ups and downs of facial recognition. Textalyzers?! ISPs called out for encrypted DNS lies. Bye, bye Flash!, Small quantum key distribution chip. Experimenting with post-quantum TLS. Delegated TLS credentials. ECC crypto timing attack. General attack on fingerprint readers.Random fail. SMS and Whatsapp hacking. FB sues NSO group. BlueKeep in the wild. Brain hacks. Amazon account fraud using non-Amazon devices. And more.
Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.
News and announcements relating to Payment Security, Payments, PCI, and Card Brands.
Covering breaches, leaks, data exposures, and their fallout.
Articles about privacy related news, risks, and trends.
News about laws, regulations, and standards affecting security, privacy, technology, and public interest.
Covering developments and opportunities that may help improve security.
Articles about newly discovered vulnerabilities and research.
News covering active trends and events.
Articles covering other types of risks.
A variety of scientific, technical, historical, and more light-hearted news.