Contact
Contact

15 min read

This Week’s [in]Security – Issue 164

Featured Image

Welcome to This Week’s [in]Security. Covid19 passes 5M infected and nearly 100K US dead. Brazil, Russia. Leaked data on China's infections. Failed herd immunity. Misinformation. Distancing gimmicks. Isolation fatigue. New and updated PCI FAQs. PCI GEAR. Magecart evading scans. Verizon's annual breach report (DBIR). Breach notice speak. 116M+ breached records. COVID related breaches. Contact tracing APIs and apps. Deleting yourself from the Internet. Apple v FBI again. Security and memory safety. Dark Web checkup. Quantum computing update. COVID related fraud. Not invented here risk. Negative interest rates. Disturbing AI. Incels. Dust bowl 2.0. Hurricanes. The South Atlantic Anomaly. Recycling munitions. And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

New - Emerging Issues and Trending Stories

Coronavirus updates. We recently change the way we report COVID articles to you so it is less overwhelming. Many COVID articles will appear within our normal blog section headings each with a sub-group dedicated to COVID-19. For example:

  • Facts about its spread, direct impact, and how people react will continue under Trending.
  • Regulations and restrictions to counter the virus will be under Regulations.
  • Privacy Implications, PCI/Payments, Cybercrime under their respective sections
  • Treatments, Vaccines, Innovations, Coping methods under Defense
  • Information on how/why it spreads, improvements understanding it, etc. under Vulnerabilities
  • Economic impact and articles that don't fit into the other categories will be under Other Risk.
  • Breaches (and Ransomware) under Breaches.

Our first regular reports on coronavirus can be found at https://controlgap.com/blog/this-weeks-insecurity-issue-147. And our first use of the trending topic section can be found https://controlgap.com/blog/this-weeks-insecurity-issue-149.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud.

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws & Regulations / Standards

News about laws, regulations, and standards affecting security, privacy,  technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends and events.

Other Security / Risk

Articles covering other types of risks.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

This Week's [in]Security - Issue 271

Welcome to This Week’s [in]Security. Non-Compliance Lesson, DSSv4 related, Skimmers, Other Payments. New breaches: 7 breachers per capita, Shields &...

Read More

Non-Compliance Lesson No. 4: Keep your head in the cloud when adopting new technologies

PCI DSS can be hard and not preparing for it just makes things harder. Following this advice is guaranteed to make it both more exciting and painful.

Read More

“Follina” – Critical Zero-Day Exploit for Microsoft Products

Background

Over the past holiday weekend, a tweet from Tokyo-based security researcher “nao_sec” first identified an interesting upload to antivirus...

Read More