This Week's [in]Security - Issue 214
Welcome to This Week’s [in]Security. DSS v4.0 Summary, and Secure Payment Terminal Software. New breaches: Cookies, FermiLab, Glovo, Telestra,...
Welcome to This Week’s [in]Security. PCI: SLC v1.1, Sunsetting P2PE v2 and PA-DSS. MasterCard resources. Control Gap SSA & SSLC. Magecart mobile, Carders. New breaches: Japanese Dating & government, Canada Post, Nukes, Dominos India, Hospitals, Compound redaction leak, New Ransomware: RCMP, Defensive shutdown. Privacy: Facial Recognition, Hiding controls. Laws & Regs - Canada: C-10 impact. US: Breach law. The world: Mass Surveillance, Data residency. Standards: NIST: Cloud, IoT/MuD. USB-C upgrade. Defense: Webinars, Webinars. Pipeline response, Cyber budgets, Unknown-unknowns, FBI supporting HIBP. Vulnerabilities: HPE, Certified PDFs, Bluetooth, Chrome & Edge, VMware, Siemens PLC, SonicWall, Trend Micro, New Rowhammer research. Feistel Randomness. Cybercrime - Trends: Low-tech, Solarwinds APT, Fake reviews, Spam, Nation States. RSA 2011 Hack, Turnabout? Crime. Skimmer, Drugs, Cops lift palm-print from social media, Bitcoin, Other Risks: Aircraft interceptions, Supply chain, Cloud risk/incentive, Non-replicable science, Orwell, Proctored Exam Pilot, Get cracking? Disinformation. Health, Safety & Environment: Food poisoning, Longevity, Flu, Space debris, Solar flares. Covid-19: Spread, Curves, Waves, and Variants. Response. Immunity. Impact. Covid Ugly. Covid Compliance. And more.
This week's cover image from the Unity Portal Project - credit VILNIUS TECH LinkMenų fabrikas (see Science and Tech).
News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.
MasterCard ran a QSA webinar last week and highlighted some of their PCI360 resources https://www.mastercard.com/globalrisk/en/resources/pci360.html:
Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.
New Breaches:
New Ransomware and "Incidents":
Articles about privacy related news, risks, and trends.
News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.
Canada:
US:
World:
Standards News:
Covering developments and opportunities that may help improve security.
Articles about newly discovered vulnerabilities and research.
News covering active trends, alerts, events.
Trends, Alerts, and Events (other than major breaches):
Nation State Actors:
Crime & Arrests, etc.:
Articles covering other types of risks.
The Belarus airline interception:
Health, Safety & Environment:
COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.
The spread, curves, spikes, waves, reinfection, and variant strains:
Guidance, Response, and Recovery:
Immunity and Vaccinations:
Impact:
More of the good, the bad, and the ugly:
Masks, anti-maskers, distancing, compliance, and repercussions:
A variety of scientific, technical, historical, and more light-hearted news.
Welcome to This Week’s [in]Security. DSS v4.0 Summary, and Secure Payment Terminal Software. New breaches: Cookies, FermiLab, Glovo, Telestra,...
Welcome to This Week’s [in]Security. Magecart. New breaches: New Ransomware. Spotify. NIST. Attack the AI. Lego? Free book. Patching! Open Source....
1 min read
Welcome to This Week’s [in]Security. PCI and payments: Remote Assessment, PA-DSS/SSF transition. CPE Maintenance, P2PE v3.1, PIN Program, Technical...