This Week’s [in]Security – Issue 146

Posted on 19 Jan 2020.

Welcome to This Week’s [in]Security. Magecart, SHA-1, bad compliance culture. Visa Contactless on Android. Breached: PlanetDrugsDirect, P&N Bank, Formations House, Peekaboo Moments, 500K IoT devices, More ransomware. WeLeakInfo seized. Breach lawsuits. Equifax settlement. Dating sites violate GDPR. Facial surveillance. DNA privacy. No-tracking search. CCPA disclosure. Limiting CFAA.NIST conference and drafts. Free source analyzer. Exploit Proof of Concepts. Windows bad week. Oracle. Wordpress. Beware the patching hacker. Conversation hijacking. New Malware. Disruption for profit. Geo-fence warrants. Snowmageddon Newfoundland, 5G Security. Artificial Personas. AI liability? And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud.

Breaches / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.