Skip to the main content.
Contact
Contact

9 min read

This Week’s [in]Security – Issue 109

This Week’s [in]Security – Issue 109

Welcome to This Week’s [in]Security. This week: PCI : Software Security Framework update, contactless hiccups, Breaches: Docker,, Pennsylvania PHI, Emcare, Atlanta Hawks , Bodybuilding.com, Wi-Fi hotspots db, $4.7M hard-drive, Facebook may now have to pay the piper, credit card updaters, creepy targeted ad tech, Qualcomm chips vulnerabilities, Internet Security Threat Report, cybersecurity “Exercise in a Box”, DoH is coming, Windows dropping password expiration, Microsoft Visual Studio malware, newer POODLE variants, analysis of CARBANAK malware, defeating facial recognition, another cryptocurrency scandal, Etherium’s blockchain bandit, spearphishng government money, Formjacking/Magecart, Algoma Public Health ransomware, risks of shadow IT, the hamburglar, Apple sued for $1B over racial recognition fraud, and more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

PCI Compliance and Payments

News and announcements relating to Payment Security, Payments, PCI, and Card Brands.

Breaches / Leaks

Covering breaches, leaks, data exposures, and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

The New Google .zip TLD: Examining Potential Cybersecurity Risks

The New Google .zip TLD: Examining Potential Cybersecurity Risks

On May 3rd Google introduced several new top-level domains (TLDs), including the .zip TLD which has generated warnings from the cybersecurity...

Read More
Control Gap Vulnerability Roundup: April 29th to May 5th

Control Gap Vulnerability Roundup: April 29th to May 5th

This week saw the publication of 294 new CVE IDs. Of those, 99 have not yet been assigned official CVSS scores, however, of the ones that were,...

Read More
Control Gap Vulnerability Roundup: April 22nd to April 28th

Control Gap Vulnerability Roundup: April 22nd to April 28th

This week saw the publication of 501 new CVE IDs. Of those, 430 have not yet been assigned official CVSS scores, however, of the ones that were,...

Read More