Control Gap Vulnerability Roundup: August 6th to August 12th
This week saw the publication of 576 new CVE IDs. Of those, 80 have not yet been assigned official CVSS scores, however, of the ones that were,...
Welcome to This Week’s [in]Security. Community Meeting, Featured FAQs, PCI, MageCart, & JavaScript, Python PyPI library skimmer, Payment APIs. New Ransomware, Follow-ups & Fall-out. Privacy: Apple backdoor, Spotify, Facebook, Subscriptions. Laws & Regs: US: Repair, Stupid Patent, Copyright, Standards: 6 NIST announcements, Zero Trust, Cryptography, FIPS 198-1 HMAC, Retiring standards. Defense: Blackhat, Kubernetes, EU-Cybersecurity, Bitcoin monitoring, Vulnerabilities: Routers, IoT, Rust, HTTP/2, DNS, PwnedPiper, Blackhat, Hotels, VMWare. Cybercrime: Paragon, Pegasus, Word. Nation States: DeadRinger. Other Risks: Quantum simulation, Phishing AI, Handprints. Health, Safety & Environment: Covid-19: Spread, Curves, Waves, and Variants; Response; Immunity; Covid Compliance. And more.
News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.
Control Gap's featured PCI FAQ's & articles (from time to time we will feature articles and FAQ's) :
Control Gaps series on e-commerce security and compliance: The DSS, MageCart, and the DOM:
Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.
New Ransomware and "Incidents":
Follow-ups and fall-out:
Articles about privacy related news, risks, and trends.
News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.
US:
Standards News:
NIST Requests Public Comments on FIPS 198-1 and Special Publications on Hash Functions, Statistical Randomness Tests, and Block Cipher Modes of Operation through October 1st https://csrc.nist.gov/news/2021/call-for-comments-fips-198-1-hash-pubs-and-others
NIST Announcement of Proposal to Withdraw Special Publications: https://csrc.nist.gov/news/2021/proposal-to-withdraw-sp-800-15-sp-800-25-sp-800-32
Covering developments and opportunities that may help improve security.
Articles about newly discovered vulnerabilities and research.
News covering active trends, alerts, events.
Nation State Actors:
Articles covering other types of risks.
Health, Safety & Environment:
COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.
The spread, curves, spikes, waves, reinfection, and variant strains:
Guidance, Response, and Recovery:
Immunity and Vaccinations:
Masks, anti-maskers, distancing, compliance, and repercussions:
A variety of scientific, technical, historical, and more light-hearted news.
This week saw the publication of 576 new CVE IDs. Of those, 80 have not yet been assigned official CVSS scores, however, of the ones that were,...
Welcome to This Week’s [in]Security. PCI FAQs. Crypto-research: the PQC demo derby, more SIDH attacks. New breaches: Twillo, Cisco, Shanghai, ipay88,...
This week saw the publication of 449 new CVE IDs. Of those, 315 have not yet been assigned official CVSS scores, however, of the ones that were,...