Welcome to This Week’s [in]Security. This week: PCI: SSF FAQ document, Contactless COTS comment period, CPEs. Breaches: QuickBit, Robinhood. Breach followups: Citrix, Facebook, Equifax, AMCA. 2019 Breach Cost Study. Netflix film on Cambridge Analytica. Anonymization fails, changing the the encryption backdoor debate, fooling an anti-malware 'AI', weak AES keys, election security, Observatory for Internet Abuse, detecting fake images, the Cybersecurity Visuals Challenge, payroll phishing, a new look a the climate change problem, and more.
Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.
This Week [in]Security will be on hiatus next week, issue 123 will return in two weeks.
PCI Compliance and Payments
News and announcements relating to Payment Security, Payments, PCI, and Card Brands.
Breaches / Leaks
Covering breaches, leaks, data exposures, and their fallout.
Articles about privacy related news, risks, and trends.
Laws & Regulations / Standards
News about laws, regulations, and standards affecting security, privacy, technology, and public interest.
Defense / Techniques / Solutions
Covering developments and opportunities that may help improve security.
Bugs / Design Flaws / Vulnerabilities / Research
Articles about newly discovered vulnerabilities and research.
Hacking / Malware / Cybercrime / Exploitation
News covering active trends and events.
Other Security / Risk
Articles covering other types of risks.
Off-Topic / Science & Tech / Lighter Side
A variety of scientific, technical, historical, and more light-hearted news.