Welcome to This Week’s [in]Security. This week: detailed alert on trending e-commerce attack methods, PCI glossary for small business, PCI seeks input on SPoC MSR, large surveillance db leak, watchlists exposed, many NIST announcements, FPE update, patent on opting-in, fix-it-already project, fighting fake news with MetaFact, fighting trolls in the midterms, USB-C Thunderbolt risks, a slew of bugs, SuperMicro vulnerabilities used to pwnd IBM cloud servers, Comcast and Kanye West have nothings in common, financial group undermining TLS 1.3, Quadriga's empty cold-wallets, Marriott's GDPR liability, moderator PTSD, carbon sequestering, the solar system gets bigger, and more.
Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.
PCI Compliance and Payments
News and announcements relating to Payment Security, Payments, PCI, and Card Brands.
Breaches / Leaks
Covering breaches, leaks, data exposures, and their fallout.
Articles about privacy related news, risks, and trends.
Laws & Regulations / Standards
News about laws, regulations, and standards affecting security, privacy, technology, and public interest.
Defense / Techniques / Solutions
Covering developments and opportunities that may help improve security.
Bugs / Design Flaws / Vulnerabilities / Research
Articles about newly discovered vulnerabilities and research.
Hacking / Malware / Cybercrime / Exploitation
News covering active trends and events.
Other Security / Risk
Articles covering other types of risks.
Off-Topic / Science & Tech / Lighter Side
A variety of scientific, technical, historical, and more light-hearted news.