[in]security blog

This Week's [in]Security - Issue 240 | insecurity | Control Gap

Written by CG Blogger | Nov 8, 2021 2:07:00 AM

Welcome to This Week’s [in]Security. PCI and payments: Non-Compliance Lesson #2, Big FAQ update, PAX/WorldPay/FBI update, magecart. New breaches: Waiting for QC, Shooting the messenger, Surveillance, VPN users. New Ransomware: Evolving tricks, NL Health. Follow-ups & Fall-out: Missouri. Privacy: Phone metadata, tappigraphy, Data Privacy Protocol, 1B deleted facial images. Laws & Regs - Canada: Bill C-10, Ontario utility data, Citizen Lab. US: FISA, LEA requests, Spyware sanctions, Bounties. World: Threatening open source, Toothless fines? Standards: EU-US. Cyber labelling, Critical Infrastructure. Defense: Pwn2Own & SANS CTF, Simulation Game. Cloud VA, Security MVP, Bloom Filter Searching, ZeroTrust. Vulnerabilities, Zerodays: Other Vulnerabilities: CISA 300 patch list, APIs, More on Trojan Source, Web Assembly, Github & NPM supply-chain - coa, rc, Cisco SSH key, non-enterprise IoT. Cybercrime: Trends: Rootkits, password spraying, GitLab, Office & Exchange. Nation States. Crime: Anti-ransomware actions, SIM & BEC arrests, Squid-scam, fraud. Other Risks: Trolls, Ethical AI, Skynet? buzzwords, meta-FOMO, Open Source Risks, Cert meltdowns, Yahoo leaves China, economy. Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants; Response; Treatments; Immunity; Covid Compliance. And more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

Other Security / Risk

Articles covering other types of risks.

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.