Skip to the main content.
Contact
Contact

19 min read

This Week's [in]Security - Issue 287

This Week's [in]Security - Issue 287

Welcome to This Week’s [in]Security. PCI SAQ updates, PA-DSS retirement, Debit, Virtual cards! New breaches: CBSA, Fast Company, CIA. Ransomware, Outages, & Follow-ups. Privacy. Laws & Regs - Canada: C-11, Quebec. US: Incident reporting, CA, NY, Patent Trolls, World: Australia, DORA, Standards: TLP2.0. Events, Defensive tools & techniques. Vulnerabilities - Zerodays, Patching, Significant: App security and geography, Roundup, Exchange, WhatsApp, Sophos, BitBucket, IoT, supply chain, Research: Trojan Source Analysis. Exploitation time, Cryptography. Cybercrime - Trends: BEC, MFA fatigue, Open Source, Jobs, Domains, Hyperjacking. Crime & Enforcement, Nation States and mercenaries. Other Risks - AI, Disinformation, Health, Safety, Environment, Economy. Russia v. Ukraine. Innovation: DART. 6-qubits, and more. 

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

Other Security / Risk

Articles covering other types of risks.

Russia v. Ukraine

News and announcements relating to Russia's invasion of Ukraine.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.

The Art of Reading a PCI Attestation of Compliance (AoC)

The Art of Reading a PCI Attestation of Compliance (AoC)

PCI Attestations of Compliance (AoCs) provide organizations with a tool that helps with the all-important aspects of third-party due diligence.  Yet...

Read More
Control Gap Vulnerability Roundup: March 4th to March 10th

Control Gap Vulnerability Roundup: March 4th to March 10th

This week saw the publication of 493 new CVE IDs. Of those, 58 have not yet been assigned official CVSS scores, however, of the ones that were,...

Read More
Control Gap Vulnerability Roundup: February 25th to March 3rd

Control Gap Vulnerability Roundup: February 25th to March 3rd

This week saw the publication of 442 new CVE IDs. Of those, 258 have not yet been assigned official CVSS scores, however, of the ones that were,...

Read More