This Week's [in]Security - Issue 193
Welcome to This Week’s [in]Security. Magecart. Payment Terminal Vulnerabilities. New Breaches. Chinese Communists. Ottawa. New Ransomware: planes,...
Welcome to This Week’s [in]Security. Community Meeting, Featured FAQs, PCI, MageCart, & JavaScript, Python PyPI library skimmer, Payment APIs. New Ransomware, Follow-ups & Fall-out. Privacy: Apple backdoor, Spotify, Facebook, Subscriptions. Laws & Regs: US: Repair, Stupid Patent, Copyright, Standards: 6 NIST announcements, Zero Trust, Cryptography, FIPS 198-1 HMAC, Retiring standards. Defense: Blackhat, Kubernetes, EU-Cybersecurity, Bitcoin monitoring, Vulnerabilities: Routers, IoT, Rust, HTTP/2, DNS, PwnedPiper, Blackhat, Hotels, VMWare. Cybercrime: Paragon, Pegasus, Word. Nation States: DeadRinger. Other Risks: Quantum simulation, Phishing AI, Handprints. Health, Safety & Environment: Covid-19: Spread, Curves, Waves, and Variants; Response; Immunity; Covid Compliance. And more.
News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.
Control Gap's featured PCI FAQ's & articles (from time to time we will feature articles and FAQ's) :
Control Gaps series on e-commerce security and compliance: The DSS, MageCart, and the DOM:
Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.
New Ransomware and "Incidents":
Follow-ups and fall-out:
Articles about privacy related news, risks, and trends.
News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.
US:
Standards News:
NIST Requests Public Comments on FIPS 198-1 and Special Publications on Hash Functions, Statistical Randomness Tests, and Block Cipher Modes of Operation through October 1st https://csrc.nist.gov/news/2021/call-for-comments-fips-198-1-hash-pubs-and-others
NIST Announcement of Proposal to Withdraw Special Publications: https://csrc.nist.gov/news/2021/proposal-to-withdraw-sp-800-15-sp-800-25-sp-800-32
Covering developments and opportunities that may help improve security.
Articles about newly discovered vulnerabilities and research.
News covering active trends, alerts, events.
Nation State Actors:
Articles covering other types of risks.
Health, Safety & Environment:
COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.
The spread, curves, spikes, waves, reinfection, and variant strains:
Guidance, Response, and Recovery:
Immunity and Vaccinations:
Masks, anti-maskers, distancing, compliance, and repercussions:
A variety of scientific, technical, historical, and more light-hearted news.
Welcome to This Week’s [in]Security. Magecart. Payment Terminal Vulnerabilities. New Breaches. Chinese Communists. Ottawa. New Ransomware: planes,...
1 min read
Welcome to This Week’s [in]Security. e-commerce security: PCI, Magecart, & the DOM part 1. New breaches: Windows passwords, Pipeline#2, VW, EA...
1 min read
Welcome to This Week’s [in]Security. Card Production, Data Removal, Digesting PCI, Issuers. Fingerprint cards. New breaches: Saudi Aramco, Mexican...