Skip to the main content.
Contact
Contact

19 min read

This Week's [in]Security - Issue 287

This Week's [in]Security - Issue 287

Welcome to This Week’s [in]Security. PCI SAQ updates, PA-DSS retirement, Debit, Virtual cards! New breaches: CBSA, Fast Company, CIA. Ransomware, Outages, & Follow-ups. Privacy. Laws & Regs - Canada: C-11, Quebec. US: Incident reporting, CA, NY, Patent Trolls, World: Australia, DORA, Standards: TLP2.0. Events, Defensive tools & techniques. Vulnerabilities - Zerodays, Patching, Significant: App security and geography, Roundup, Exchange, WhatsApp, Sophos, BitBucket, IoT, supply chain, Research: Trojan Source Analysis. Exploitation time, Cryptography. Cybercrime - Trends: BEC, MFA fatigue, Open Source, Jobs, Domains, Hyperjacking. Crime & Enforcement, Nation States and mercenaries. Other Risks - AI, Disinformation, Health, Safety, Environment, Economy. Russia v. Ukraine. Innovation: DART. 6-qubits, and more. 

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

Other Security / Risk

Articles covering other types of risks.

Russia v. Ukraine

News and announcements relating to Russia's invasion of Ukraine.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

PCI Compliance V4.0: Is your Business Ready?

PCI Compliance V4.0: Is your Business Ready?

Control Gap's Robert Spivak had a follow up session with David Goodale from www.merchant-accounts.ca to talk about some of the major impacts that PCI...

Read More
Access Control Facades and Hardcoded Secrets: A Sage 300 Case Study (Part 3)

Access Control Facades and Hardcoded Secrets: A Sage 300 Case Study (Part 3)

This is a continuation of the Sage 300 case study series where we explore the process of discovering and developing exploits for six (6) different...

Read More
Access Control Facades and Hardcoded Secrets: A Sage 300 Case Study (Part 2)

Access Control Facades and Hardcoded Secrets: A Sage 300 Case Study (Part 2)

This is a continuation of the Sage 300 case study series where we explore the process of discovering and developing exploits for six (6) different...

Read More