Welcome to This Week’s [in]Security. Updated FAQs for v4, In-app browsers, improved Rubber Duck USB attack tool! New breaches: response backfires, healthcare, Microsoft. New Ransomware: preparedness, wrong victim, dog-pile. Outages. Follow-ups. Privacy: data brokers, health apps. Laws & Regs - Canada: AI & Data Act, spyware, ArriveCan. US: ransom bans. World: Trans-Atlantic, EU ID. NIST Key Derivation, AI bias. Defense - Cybersecurity Career Awareness, OpenSSF, harder kernels, searches, exploitability, SSDs. Vulnerabilities - advisories, zerodays, patching; Significant: roundup, bootloaders, zoom, CPUs, resonance; disclosure timelines, iOS VPNs, bitlocker. Research & Crypto-research: block ciphers, more PQC. Cybercrime - SMS & Signal, cookies & MFA, browser extensions, NPM & PyPi. Crime & Enforcement. Nation States and mercenaries. Other Risks - cyber-insurance, medical photos, AI, Disinformation, Health, Safety, Environment, Economy. Russia v. Ukraine. Innovation and more.
News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.
Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.
Articles about privacy related news, risks, and trends.
News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.
Covering developments and opportunities that may help improve security.
Articles about newly discovered vulnerabilities and research.
News covering active trends, alerts, events.
Articles covering other types of risks.
News and announcements relating to Russia's invasion of Ukraine.
A variety of scientific, technical, historical, and more light-hearted news.