Skip to the main content.
Contact
Contact

15 min read

This Week's [in]Security - Issue 285

Welcome to This Week’s [in]Security. The PCI Community meeting, mobile app, training, collaboration, and updates. Uber breached again and this time its huge. FishPig/WordPress backdoor magecart skimmer. Significant vulnerabilities: Spell-Jacking, Tesla relay, and Teams. Twitter Whistleblower. Bell Canada ransomwared. Downs, Breach follow-ups. Privacy: US Customs data collection, eSIMs, Police DNA. Laws & Regs - Canada: Bill C-11 again, PIPEDA. US: China tech ban, vendor guarantees, liability. World: Tech fines. Standards. Defense - Training & events. Tools & Techniques. Zerodays, patching cloud, less open source. Crypto-research. Cybercrime - Trends, Crime & Enforcement, Nation States and mercenaries. Other Risks - Internet voting, great resignation data theft, AI, disinformation, health, safety, environment, economy. Russia v. Ukraine. Innovation and more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

Other Security / Risk

Articles covering other types of risks.

Russia v. Ukraine

News and announcements relating to Russia's invasion of Ukraine.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

Control Gap Vulnerability Roundup: August 13th to August 19th

Control Gap Vulnerability Roundup: September 17th to September 23rd

This week saw the publication of 587 new CVE IDs. Of those, 126 have not yet been assigned official CVSS scores, however, of the ones that were,...

Read More

1 min read

This Week's [in]Security - Issue 286

Welcome to This Week’s [in]Security. Credit Card skimming & fraud surge: Magento, Linkedin Smartlinks, Google Tags, smartphone 2fa bypass, fake...

Read More
Control Gap Vulnerability Roundup: August 13th to August 19th

Control Gap Vulnerability Roundup: September 10th to September 16th

This week saw the publication of 655 new CVE IDs. Of those, 239 have not yet been assigned official CVSS scores, however, of the ones that were,...

Read More