Welcome to This Week’s [in]Security. This week: PCI more on Key Blocks and some case studies. Breeches: Hy-Vee, Choice Hotels, State Farm, dating apps. Followups on Capital One, Equifax, AMCA, and First America. What may be the first mega breach of biometric data. Privacy commissioner on what to do if breached. Regaining trust. Facebook had people listening in on messenger calls too. NIST and cyberbudgets for small companies. Facebook biometric lawsuit. DEFCON is done and there are lots of new vulnerabilities and defensive techniques. Cybersecurity as practiced by experts and regular people. Google phasing out android passwords. Protecting 100M Lines of code. Escape room recruiting. Instagram 'fake' buttons. A skimmer detector. Ancient and horrible Windows CTF vulnerability. Browsers dropping XSS protections. EV certs. No honor among thieves. Sonic-Attack. Vanity plate risks. Brexit shortages. Stopping mass shooters and more.
Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.
PCI Compliance and Payments
News and announcements relating to Payment Security, Payments, PCI, and Card Brands.