Welcome to This Week’s [in]Security. PCI and payments: Non-Compliance Lesson #2, Big FAQ update, PAX/WorldPay/FBI update, magecart. New breaches: Waiting for QC, Shooting the messenger, Surveillance, VPN users. New Ransomware: Evolving tricks, NL Health. Follow-ups & Fall-out: Missouri. Privacy: Phone metadata, tappigraphy, Data Privacy Protocol, 1B deleted facial images. Laws & Regs - Canada: Bill C-10, Ontario utility data, Citizen Lab. US: FISA, LEA requests, Spyware sanctions, Bounties. World: Threatening open source, Toothless fines? Standards: EU-US. Cyber labelling, Critical Infrastructure. Defense: Pwn2Own & SANS CTF, Simulation Game. Cloud VA, Security MVP, Bloom Filter Searching, ZeroTrust. Vulnerabilities, Zerodays: Other Vulnerabilities: CISA 300 patch list, APIs, More on Trojan Source, Web Assembly, Github & NPM supply-chain - coa, rc, Cisco SSH key, non-enterprise IoT. Cybercrime: Trends: Rootkits, password spraying, GitLab, Office & Exchange. Nation States. Crime: Anti-ransomware actions, SIM & BEC arrests, Squid-scam, fraud. Other Risks: Trolls, Ethical AI, Skynet? buzzwords, meta-FOMO, Open Source Risks, Cert meltdowns, Yahoo leaves China, economy. Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants; Response; Treatments; Immunity; Covid Compliance. And more.
News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.
A new batch of PCI FAQ’s most relating to the Secure Software standards:
Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.
New Breaches:
New Ransomware and "Incidents":
Follow-ups and fall-out:
Articles about privacy related news, risks, and trends.
News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.
Canada:
US:
World:
Standards News:
Covering developments and opportunities that may help improve security.
Articles about newly discovered vulnerabilities and research.
Zero-day news:
Other Vulnerabilities:
News covering active trends, alerts, events.
Trends, Alerts, and Events (other than major breaches):
Nation State Actors:
Crime & Arrests, etc.:
Articles covering other types of risks.
Health, Safety & Environment:
COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.
The spread, curves, spikes, waves, reinfection, and variant strains:
Guidance, Response, and Recovery:
Treatments, Testing, Triage, Trials, and things we Learned:
Immunity and Vaccinations:
Masks, anti-maskers, distancing, compliance, and repercussions:
A variety of scientific, technical, historical, and more light-hearted news.