This Week’s [in]Security – Issue 92

31 Dec 2018.

From all of us at Control Gap on New Year's eve, our very best wishes for you all in 2019!

Welcome to This Week’s [in]Security. This week: 2018 in retrospect, 2019 predictions, dynamic security codes (dCVV2), smaller breaches, tougher Canadian privacy rules start New Year's day, new OWASP IoT Top 10, How Facebook tracks non-users, tattoos as intellectual property, hand/vein pattern biometric falls, DLP with Office-365, cyber-criminals now using BGP hacking, Twitter SMS password bypass bug, crashing Alexa, proving anything with statistics, and Annie the CPR girl.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, Payments, PCI, and Card Brands.

Breaches / Leaks

Covering breaches, leaks, data exposures, and their fallout.


Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.