Welcome to This Week’s [in]Security. This week: PCI's new Software Security Standard and PCI's new Software Security Framework, huge collection of compromised emails and passwords, using GDPR to go after tech companies, warrant needed to compel biometric access, hack a Telsa for profit, airline PNRs at risk, more IoT problems, even more Magecart, Payroll diversion BEC, $1.7M average breach cost, big game ransomware, DNA accuracy, proof AI can't solve everything, and three technologies to fight climate change.
Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.
News and announcements relating to Payment Security, Payments, PCI, and Card Brands.
PCI just released the new Software Security Framework (SSF) including security standards for software and software life cycle. This is the first step in the implementation of the program and the eventual replacement of the PA-DSS. https://blog.pcisecuritystandards.org/just-published-new-pci-software-security-standards
Covering breaches, leaks, data exposures, and their fallout.
Articles about privacy related news, risks, and trends.
News about laws, regulations, and standards affecting security, privacy, technology, and public interest.
Covering developments and opportunities that may help improve security.
Articles about newly discovered vulnerabilities and research.
News covering active trends and events.
Articles covering other types of risks.
A variety of scientific, technical, historical, and more light-hearted news.