Weekly [in]Security

WP_Query Object ( [query] => Array ( [post_type] => post [post_status] => publish [cat] => 216 [orderby] => date [order] => desc [posts_per_page] => 3 [paged] => 6 [ignore_sticky_posts] => 1 ) [query_vars] => Array ( [post_type] => post [post_status] => publish [cat] => 216 [orderby] => date [order] => DESC [posts_per_page] => 3 [paged] => 6 [ignore_sticky_posts] => 1 [error] => [m] => [p] => 0 [post_parent] => [subpost] => [subpost_id] => [attachment] => [attachment_id] => 0 [name] => [pagename] => [page_id] => 0 [second] => [minute] => [hour] => [day] => 0 [monthnum] => 0 [year] => 0 [w] => 0 [category_name] => weekly-insecurity [tag] => [tag_id] => [author] => [author_name] => [feed] => [tb] => [meta_key] => [meta_value] => [preview] => [s] => [sentence] => [title] => [fields] => [menu_order] => [embed] => [category__in] => Array ( ) [category__not_in] => Array ( ) [category__and] => Array ( ) [post__in] => Array ( ) [post__not_in] => Array ( ) [post_name__in] => Array ( ) [tag__in] => Array ( ) [tag__not_in] => Array ( ) [tag__and] => Array ( ) [tag_slug__in] => Array ( ) [tag_slug__and] => Array ( ) [post_parent__in] => Array ( ) [post_parent__not_in] => Array ( ) [author__in] => Array ( ) [author__not_in] => Array ( ) [update_post_term_cache] => 1 [suppress_filters] => [cache_results] => 1 [lazy_load_term_meta] => 1 [update_post_meta_cache] => 1 [nopaging] => [comments_per_page] => 50 [no_found_rows] => ) [tax_query] => WP_Tax_Query Object ( [queries] => Array ( [0] => Array ( [taxonomy] => category [terms] => Array ( [0] => 216 ) [field] => term_id [operator] => IN [include_children] => 1 ) ) [relation] => AND [table_aliases:protected] => Array ( [0] => wpcm_term_relationships ) [queried_terms] => Array ( [category] => Array ( [terms] => Array ( [0] => 216 ) [field] => term_id ) ) [primary_table] => wpcm_posts [primary_id_column] => ID ) [meta_query] => WP_Meta_Query Object ( [queries] => Array ( ) [relation] => [meta_table] => [meta_id_column] => [primary_table] => [primary_id_column] => [table_aliases:protected] => Array ( ) [clauses:protected] => Array ( ) [has_or_relation:protected] => ) [date_query] => [request] => SELECT SQL_CALC_FOUND_ROWS wpcm_posts.ID FROM wpcm_posts LEFT JOIN wpcm_term_relationships ON (wpcm_posts.ID = wpcm_term_relationships.object_id) WHERE 1=1 AND ( wpcm_term_relationships.term_taxonomy_id IN (216) ) AND wpcm_posts.post_type = 'post' AND ((wpcm_posts.post_status = 'publish')) GROUP BY wpcm_posts.ID ORDER BY wpcm_posts.menu_order, wpcm_posts.post_date DESC LIMIT 15, 3 [posts] => Array ( [0] => WP_Post Object ( [ID] => 2030 [post_author] => 2 [post_date] => 2019-07-02 03:22:20 [post_date_gmt] => 2019-07-02 03:22:20 [post_content] =>

Welcome to This Week’s [in]Security. This week: Major update on PCI SSF and SLC standards, Magecart, POS malware, ATM shimmers, 300M EA Games breach, Attunity AWS breach, Desjardins insider breach, cloud breaches at PCM, Fujitsu, Tata, NTT Data, Dimension Data, CSC and DXC, 10 years breached Equifax CIO jailed, everyone's spying: NSA, MySpace, and Spanish Scoer League, ballot security, NIST IoT, NTS (Secure Time), DoH, Huawei full of holes, NASA Pi hack, 10 years vulnerable, multiple nation-state hacks, more ransomware, multiple crypto-currency frauds and hacks, USB-sniffing dogs, Perception gaps, Boeing's terrible week, logic puzzles, the world's largest human Maple Leaf, and more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, Payments, PCI, and Card Brands.

Breaches / Leaks

Covering breaches, leaks, data exposures, and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

_______________________________________________________________

Becoming PCI Compliant can be difficult, so why not let Control Gap guide you. We are the largest dedicated PCI compliance company in Canada. Contact us today and learn more about how we can help you: Get PCI Compliant. Stay PCI Compliant.

[post_title] => This Week’s [in]Security – Issue 118 [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => this-weeks-insecurity-issue-118 [to_ping] => [pinged] => https://business.financialpost.com/news/fp-street/td-bank-internal-files-found-online-in-keys-to-the-kingdom-cloud-data-exposure [post_modified] => 2019-07-02 03:22:22 [post_modified_gmt] => 2019-07-02 03:22:22 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=2030 [menu_order] => 31 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [1] => WP_Post Object ( [ID] => 2029 [post_author] => 2 [post_date] => 2019-06-24 02:14:46 [post_date_gmt] => 2019-06-24 02:14:46 [post_content] =>

Welcome to This Week’s [in]Security. This week: PCI PINv3 key blocks, PFI program updates, payment terminal inspections, Desjardin insider theft, DHS breach, prosecutors expose underage victims, pre-owned Nest Cam's pwned, AMCA breach leads to bankruptcy, a web hosting company has been charged along with the operators of a massive child-porn operation, Knowledge-Based-Authentication (KBA) is now officially dead, $1.5T lost in a decade of US breaches, a batch of NIST drafts for comment over the last few weeks, Big Data, surveillance, and drone privacy, US and APTs hacking the grids, Facebook-coin, quantum safe crypto, Mongo encrypts, Google goes with commutative encryption, TV-AV, the impending worm, QuadrigaCX crypto-fraud, do we really need digital license plates, C programmers being bitten by undefined behavior, a real life Iron-Man suit, and more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, Payments, PCI, and Card Brands.

Breaches / Leaks

Covering breaches, leaks, data exposures, and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

_______________________________________________________________

Becoming PCI Compliant can be difficult, so why not let Control Gap guide you. We are the largest dedicated PCI compliance company in Canada. Contact us today and learn more about how we can help you: Get PCI Compliant. Stay PCI Compliant.

[post_title] => This Week’s [in]Security – Issue 117 [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => this-weeks-insecurity-issue-117 [to_ping] => [pinged] => https://events.pcisecuritystandards.org/vancouver-2019/ [post_modified] => 2019-06-24 02:14:48 [post_modified_gmt] => 2019-06-24 02:14:48 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=2029 [menu_order] => 32 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [2] => WP_Post Object ( [ID] => 2031 [post_author] => 2 [post_date] => 2019-06-17 11:27:30 [post_date_gmt] => 2019-06-17 11:27:30 [post_content] =>

Welcome to This Week’s [in]Security. This week: Thinking ahead to PCI DSS 4.0, HSM vulnerabilities, breaches at 4 universities,TechData, Symantec and Evernote breaches, what Equifax broke, Canada investigates US boarder services breach, AMCA lawsuits, Ring Doorbell surveillance network, permission for facial recognition, false compliance claims punished, incomprehensible privacy policies, NIST updates, hacking back law revisited, Return of Data, radiation hardening, finessing windows updates, RAMBleed steals 2048 bit private key, multiple IoT problems, Gmail calendar exploitation, more flawed 2FA keys, Intel NUC firmware vulnerability, a tale of two newly exploited cities, Citizenlab's stalker-ware report, the future of HaveIBeenPwned, Cyber-security and Real Estate, Zuckerberg deep fake, risks to the planet, and more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, Payments, PCI, and Card Brands.

Breaches / Leaks

Covering breaches, leaks, data exposures, and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

_______________________________________________________________

Becoming PCI Compliant can be difficult, so why not let Control Gap guide you. We are the largest dedicated PCI compliance company in Canada. Contact us today and learn more about how we can help you: Get PCI Compliant. Stay PCI Compliant.

[post_title] => This Week’s [in]Security – Issue 116 [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => this-weeks-insecurity-issue-116 [to_ping] => [pinged] => https://controlgap.com/blog/this-weeks-insecurity-issue-113/ [post_modified] => 2019-06-17 11:27:32 [post_modified_gmt] => 2019-06-17 11:27:32 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=2031 [menu_order] => 34 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) ) [post_count] => 3 [current_post] => -1 [in_the_loop] => [post] => WP_Post Object ( [ID] => 2030 [post_author] => 2 [post_date] => 2019-07-02 03:22:20 [post_date_gmt] => 2019-07-02 03:22:20 [post_content] =>

Welcome to This Week’s [in]Security. This week: Major update on PCI SSF and SLC standards, Magecart, POS malware, ATM shimmers, 300M EA Games breach, Attunity AWS breach, Desjardins insider breach, cloud breaches at PCM, Fujitsu, Tata, NTT Data, Dimension Data, CSC and DXC, 10 years breached Equifax CIO jailed, everyone's spying: NSA, MySpace, and Spanish Scoer League, ballot security, NIST IoT, NTS (Secure Time), DoH, Huawei full of holes, NASA Pi hack, 10 years vulnerable, multiple nation-state hacks, more ransomware, multiple crypto-currency frauds and hacks, USB-sniffing dogs, Perception gaps, Boeing's terrible week, logic puzzles, the world's largest human Maple Leaf, and more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, Payments, PCI, and Card Brands.

Breaches / Leaks

Covering breaches, leaks, data exposures, and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

_______________________________________________________________

Becoming PCI Compliant can be difficult, so why not let Control Gap guide you. We are the largest dedicated PCI compliance company in Canada. Contact us today and learn more about how we can help you: Get PCI Compliant. Stay PCI Compliant.

[post_title] => This Week’s [in]Security – Issue 118 [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => this-weeks-insecurity-issue-118 [to_ping] => [pinged] => https://business.financialpost.com/news/fp-street/td-bank-internal-files-found-online-in-keys-to-the-kingdom-cloud-data-exposure [post_modified] => 2019-07-02 03:22:22 [post_modified_gmt] => 2019-07-02 03:22:22 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=2030 [menu_order] => 31 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [comment_count] => 0 [current_comment] => -1 [found_posts] => 133 [max_num_pages] => 45 [max_num_comment_pages] => 0 [is_single] => [is_preview] => [is_page] => [is_archive] => 1 [is_date] => [is_year] => [is_month] => [is_day] => [is_time] => [is_author] => [is_category] => 1 [is_tag] => [is_tax] => [is_search] => [is_feed] => [is_comment_feed] => [is_trackback] => [is_home] => [is_privacy_policy] => [is_404] => [is_embed] => [is_paged] => 1 [is_admin] => [is_attachment] => [is_singular] => [is_robots] => [is_posts_page] => [is_post_type_archive] => [query_vars_hash:WP_Query:private] => c2a9dc3fec23a02d8a0dccd6d17b1d47 [query_vars_changed:WP_Query:private] => 1 [thumbnails_cached] => [stopwords:WP_Query:private] => [compat_fields:WP_Query:private] => Array ( [0] => query_vars_hash [1] => query_vars_changed ) [compat_methods:WP_Query:private] => Array ( [0] => init_query_flags [1] => parse_tax_query ) )
WP_Query Object ( [query] => Array ( [post_type] => post [post_status] => publish [cat] => 216 [orderby] => date [order] => desc [posts_per_page] => 3 [paged] => 6 [ignore_sticky_posts] => 1 ) [query_vars] => Array ( [post_type] => post [post_status] => publish [cat] => 216 [orderby] => date [order] => DESC [posts_per_page] => 3 [paged] => 6 [ignore_sticky_posts] => 1 [error] => [m] => [p] => 0 [post_parent] => [subpost] => [subpost_id] => [attachment] => [attachment_id] => 0 [name] => [pagename] => [page_id] => 0 [second] => [minute] => [hour] => [day] => 0 [monthnum] => 0 [year] => 0 [w] => 0 [category_name] => weekly-insecurity [tag] => [tag_id] => [author] => [author_name] => [feed] => [tb] => [meta_key] => [meta_value] => [preview] => [s] => [sentence] => [title] => [fields] => [menu_order] => [embed] => [category__in] => Array ( ) [category__not_in] => Array ( ) [category__and] => Array ( ) [post__in] => Array ( ) [post__not_in] => Array ( ) [post_name__in] => Array ( ) [tag__in] => Array ( ) [tag__not_in] => Array ( ) [tag__and] => Array ( ) [tag_slug__in] => Array ( ) [tag_slug__and] => Array ( ) [post_parent__in] => Array ( ) [post_parent__not_in] => Array ( ) [author__in] => Array ( ) [author__not_in] => Array ( ) [update_post_term_cache] => 1 [suppress_filters] => [cache_results] => 1 [lazy_load_term_meta] => 1 [update_post_meta_cache] => 1 [nopaging] => [comments_per_page] => 50 [no_found_rows] => ) [tax_query] => WP_Tax_Query Object ( [queries] => Array ( [0] => Array ( [taxonomy] => category [terms] => Array ( [0] => 216 ) [field] => term_id [operator] => IN [include_children] => 1 ) ) [relation] => AND [table_aliases:protected] => Array ( [0] => wpcm_term_relationships ) [queried_terms] => Array ( [category] => Array ( [terms] => Array ( [0] => 216 ) [field] => term_id ) ) [primary_table] => wpcm_posts [primary_id_column] => ID ) [meta_query] => WP_Meta_Query Object ( [queries] => Array ( ) [relation] => [meta_table] => [meta_id_column] => [primary_table] => [primary_id_column] => [table_aliases:protected] => Array ( ) [clauses:protected] => Array ( ) [has_or_relation:protected] => ) [date_query] => [request] => SELECT SQL_CALC_FOUND_ROWS wpcm_posts.ID FROM wpcm_posts LEFT JOIN wpcm_term_relationships ON (wpcm_posts.ID = wpcm_term_relationships.object_id) WHERE 1=1 AND ( wpcm_term_relationships.term_taxonomy_id IN (216) ) AND wpcm_posts.post_type = 'post' AND ((wpcm_posts.post_status = 'publish')) GROUP BY wpcm_posts.ID ORDER BY wpcm_posts.menu_order, wpcm_posts.post_date DESC LIMIT 15, 3 [posts] => Array ( [0] => WP_Post Object ( [ID] => 2030 [post_author] => 2 [post_date] => 2019-07-02 03:22:20 [post_date_gmt] => 2019-07-02 03:22:20 [post_content] =>

Welcome to This Week’s [in]Security. This week: Major update on PCI SSF and SLC standards, Magecart, POS malware, ATM shimmers, 300M EA Games breach, Attunity AWS breach, Desjardins insider breach, cloud breaches at PCM, Fujitsu, Tata, NTT Data, Dimension Data, CSC and DXC, 10 years breached Equifax CIO jailed, everyone's spying: NSA, MySpace, and Spanish Scoer League, ballot security, NIST IoT, NTS (Secure Time), DoH, Huawei full of holes, NASA Pi hack, 10 years vulnerable, multiple nation-state hacks, more ransomware, multiple crypto-currency frauds and hacks, USB-sniffing dogs, Perception gaps, Boeing's terrible week, logic puzzles, the world's largest human Maple Leaf, and more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, Payments, PCI, and Card Brands.

Breaches / Leaks

Covering breaches, leaks, data exposures, and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

_______________________________________________________________

Becoming PCI Compliant can be difficult, so why not let Control Gap guide you. We are the largest dedicated PCI compliance company in Canada. Contact us today and learn more about how we can help you: Get PCI Compliant. Stay PCI Compliant.

[post_title] => This Week’s [in]Security – Issue 118 [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => this-weeks-insecurity-issue-118 [to_ping] => [pinged] => https://business.financialpost.com/news/fp-street/td-bank-internal-files-found-online-in-keys-to-the-kingdom-cloud-data-exposure [post_modified] => 2019-07-02 03:22:22 [post_modified_gmt] => 2019-07-02 03:22:22 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=2030 [menu_order] => 31 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [1] => WP_Post Object ( [ID] => 2029 [post_author] => 2 [post_date] => 2019-06-24 02:14:46 [post_date_gmt] => 2019-06-24 02:14:46 [post_content] =>

Welcome to This Week’s [in]Security. This week: PCI PINv3 key blocks, PFI program updates, payment terminal inspections, Desjardin insider theft, DHS breach, prosecutors expose underage victims, pre-owned Nest Cam's pwned, AMCA breach leads to bankruptcy, a web hosting company has been charged along with the operators of a massive child-porn operation, Knowledge-Based-Authentication (KBA) is now officially dead, $1.5T lost in a decade of US breaches, a batch of NIST drafts for comment over the last few weeks, Big Data, surveillance, and drone privacy, US and APTs hacking the grids, Facebook-coin, quantum safe crypto, Mongo encrypts, Google goes with commutative encryption, TV-AV, the impending worm, QuadrigaCX crypto-fraud, do we really need digital license plates, C programmers being bitten by undefined behavior, a real life Iron-Man suit, and more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, Payments, PCI, and Card Brands.

Breaches / Leaks

Covering breaches, leaks, data exposures, and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

_______________________________________________________________

Becoming PCI Compliant can be difficult, so why not let Control Gap guide you. We are the largest dedicated PCI compliance company in Canada. Contact us today and learn more about how we can help you: Get PCI Compliant. Stay PCI Compliant.

[post_title] => This Week’s [in]Security – Issue 117 [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => this-weeks-insecurity-issue-117 [to_ping] => [pinged] => https://events.pcisecuritystandards.org/vancouver-2019/ [post_modified] => 2019-06-24 02:14:48 [post_modified_gmt] => 2019-06-24 02:14:48 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=2029 [menu_order] => 32 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [2] => WP_Post Object ( [ID] => 2031 [post_author] => 2 [post_date] => 2019-06-17 11:27:30 [post_date_gmt] => 2019-06-17 11:27:30 [post_content] =>

Welcome to This Week’s [in]Security. This week: Thinking ahead to PCI DSS 4.0, HSM vulnerabilities, breaches at 4 universities,TechData, Symantec and Evernote breaches, what Equifax broke, Canada investigates US boarder services breach, AMCA lawsuits, Ring Doorbell surveillance network, permission for facial recognition, false compliance claims punished, incomprehensible privacy policies, NIST updates, hacking back law revisited, Return of Data, radiation hardening, finessing windows updates, RAMBleed steals 2048 bit private key, multiple IoT problems, Gmail calendar exploitation, more flawed 2FA keys, Intel NUC firmware vulnerability, a tale of two newly exploited cities, Citizenlab's stalker-ware report, the future of HaveIBeenPwned, Cyber-security and Real Estate, Zuckerberg deep fake, risks to the planet, and more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, Payments, PCI, and Card Brands.

Breaches / Leaks

Covering breaches, leaks, data exposures, and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

_______________________________________________________________

Becoming PCI Compliant can be difficult, so why not let Control Gap guide you. We are the largest dedicated PCI compliance company in Canada. Contact us today and learn more about how we can help you: Get PCI Compliant. Stay PCI Compliant.

[post_title] => This Week’s [in]Security – Issue 116 [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => this-weeks-insecurity-issue-116 [to_ping] => [pinged] => https://controlgap.com/blog/this-weeks-insecurity-issue-113/ [post_modified] => 2019-06-17 11:27:32 [post_modified_gmt] => 2019-06-17 11:27:32 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=2031 [menu_order] => 34 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) ) [post_count] => 3 [current_post] => -1 [in_the_loop] => [post] => WP_Post Object ( [ID] => 2030 [post_author] => 2 [post_date] => 2019-07-02 03:22:20 [post_date_gmt] => 2019-07-02 03:22:20 [post_content] =>

Welcome to This Week’s [in]Security. This week: Major update on PCI SSF and SLC standards, Magecart, POS malware, ATM shimmers, 300M EA Games breach, Attunity AWS breach, Desjardins insider breach, cloud breaches at PCM, Fujitsu, Tata, NTT Data, Dimension Data, CSC and DXC, 10 years breached Equifax CIO jailed, everyone's spying: NSA, MySpace, and Spanish Scoer League, ballot security, NIST IoT, NTS (Secure Time), DoH, Huawei full of holes, NASA Pi hack, 10 years vulnerable, multiple nation-state hacks, more ransomware, multiple crypto-currency frauds and hacks, USB-sniffing dogs, Perception gaps, Boeing's terrible week, logic puzzles, the world's largest human Maple Leaf, and more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, Payments, PCI, and Card Brands.

Breaches / Leaks

Covering breaches, leaks, data exposures, and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

_______________________________________________________________

Becoming PCI Compliant can be difficult, so why not let Control Gap guide you. We are the largest dedicated PCI compliance company in Canada. Contact us today and learn more about how we can help you: Get PCI Compliant. Stay PCI Compliant.

[post_title] => This Week’s [in]Security – Issue 118 [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => this-weeks-insecurity-issue-118 [to_ping] => [pinged] => https://business.financialpost.com/news/fp-street/td-bank-internal-files-found-online-in-keys-to-the-kingdom-cloud-data-exposure [post_modified] => 2019-07-02 03:22:22 [post_modified_gmt] => 2019-07-02 03:22:22 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=2030 [menu_order] => 31 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [comment_count] => 0 [current_comment] => -1 [found_posts] => 133 [max_num_pages] => 45 [max_num_comment_pages] => 0 [is_single] => [is_preview] => [is_page] => [is_archive] => 1 [is_date] => [is_year] => [is_month] => [is_day] => [is_time] => [is_author] => [is_category] => 1 [is_tag] => [is_tax] => [is_search] => [is_feed] => [is_comment_feed] => [is_trackback] => [is_home] => [is_privacy_policy] => [is_404] => [is_embed] => [is_paged] => 1 [is_admin] => [is_attachment] => [is_singular] => [is_robots] => [is_posts_page] => [is_post_type_archive] => [query_vars_hash:WP_Query:private] => c2a9dc3fec23a02d8a0dccd6d17b1d47 [query_vars_changed:WP_Query:private] => 1 [thumbnails_cached] => [stopwords:WP_Query:private] => [compat_fields:WP_Query:private] => Array ( [0] => query_vars_hash [1] => query_vars_changed ) [compat_methods:WP_Query:private] => Array ( [0] => init_query_flags [1] => parse_tax_query ) )
This Week’s [in]Security – Issue 118
July 2 2019

Welcome to This Week’s [in]Security. This week: Major update on PCI SSF and SLC standards, Magecart, POS malware, ATM shimmers, 300M EA Games breach, Attunity AWS breach, Desjardins insider breach, cloud breaches at PCM, Fujitsu, Tata, NTT Data, Dimension Data, CSC and DXC, 10 years breached Equifax CIO jailed, everyone’s spying: NSA, MySpace, and Spanish

Read More
This Week’s [in]Security – Issue 117
June 24 2019

Welcome to This Week’s [in]Security. This week: PCI PINv3 key blocks, PFI program updates, payment terminal inspections, Desjardin insider theft, DHS breach, prosecutors expose underage victims, pre-owned Nest Cam’s pwned, AMCA breach leads to bankruptcy, a web hosting company has been charged along with the operators of a massive child-porn operation, Knowledge-Based-Authentication (KBA) is now

Read More
This Week’s [in]Security – Issue 116
June 17 2019

Welcome to This Week’s [in]Security. This week: Thinking ahead to PCI DSS 4.0, HSM vulnerabilities, breaches at 4 universities,TechData, Symantec and Evernote breaches, what Equifax broke, Canada investigates US boarder services breach, AMCA lawsuits, Ring Doorbell surveillance network, permission for facial recognition, false compliance claims punished, incomprehensible privacy policies, NIST updates, hacking back law revisited,

Read More

e-newsletter

Want important PCI information delivered to you? Sign-up to our e-newsletter and be the first one to know about industry news and trend, offers and promotions.

×

Contact

×

PCI Pilot™ is coming soon!

Our highly-anticipated online tool will be launching very soon to make your PCI SAQ process quick and seamless.

Sign-up today and be among the first to know when PCI Pilot™ is live!