controlgap.com

Welcome to This Week’s [in]Security. DSSv4 RFC, PINv3 FAQ. New breaches: AIG, Raychat, LimeVPN. New Ransomware: Kaseya! Follow-ups & Fall-out: Linkedin Scraping, Microsoft, Capital One. Privacy: Inuit, Used IoT, Facial Recognition, Laws & Regs - Canada: C-10, New Ontario Privacy Law, Cyberlaw. US: Census Privacy, Secret Orders, Crypto proposal, Legal search. The world, Standards: NIST. Defense: Vulnerabilities: ZeroDay: WD My Book, PrintNightmare. Netgear, Adobe, ICS, Edge, Powershell, KVM breakout, Cloud Hijack. Cybercrime - Trends: Nation States. Crime. Other Risks: cyber-insurance, Stunt driving, Residential Schools, Win11. Health, Safety & Environment: Cholera, Malaria, sleep apnoea, back pain, heatwave, accessible EVs? Covid-19: Spread, Curves, Waves, and Variants, Response, Immunity, Learned, Impact, And more.

Welcome to This Week’s [in]Security. DSSv4 RFC, HSM RFC, WFH, Sunsets, 3DS, ATM vuln & Shimming. New breaches: Mercedes-Benz, APNIC. New Ransomware: FCUK. Follow-ups & Fall-out: Regulation & Breaches, SolarWinds, Colonial Pipeline. Privacy: Medical Data, Doorbells, Cookies/FLOC. Laws & Regs - Canada, US, The world, Standards. Defense: Webinars, Webinars. Einstein, D3FEND. Vulnerabilities: Stale Dependencies, Letting one slip by, DNS, BIOS, Vmware, Linux, SonicWall, Cybercrime - Trends: My Book, USB, Nation States. Crime. Most-Wanted. Other Risks: Job loss, Water Supplies, AI, Chips, Remote working, e-Proctoring, McAfee, Windows 11. Health, Safety & Environment: 751 more children, Condo Collapse. Covid-19: Spread, Curves, Waves, and Variants, Response, Immunity, Learned, Covid Compliance. And more.

Welcome to This Week’s [in]Security. DSSv4 timelines. Magecart. New breaches: CVS, Carnival Cruises, Wegmans. New Ransomware: G7 vs. Russia, Bitcoin?, ICS Software, Nukes, source released. Major outages: Puerto Rico, Follow-ups & Fall-out: Avaddon quits, 5B records, Lessons learned, US fines. Privacy: Trusting VPN providers, Pseudonymity, Phones, Cartoon App. Laws & Regs - Canada: Copyright. US: Web Scraping, DPA, Facial recognition, Section 230, Massachusetts and Google app installation. The world: Crypto-wars, USA-EU, Compelling Passwords, Apple-EU. Standards: NIST & NSA. Defense: MFA list, Supply chain, ScriptWatch, Free book. Vulnerabilities: Chrome & Apple ZD, Utility Sector, Cisco, Linux, Defibrillators, Peleton. FPE weaker, 2G/GPRS backdoor. Cybercrime - Trends: Vigilante malware? PDFs, SEO poison, Google Docs, Fake cryptocurrency devices, Ransomware ops, Nation States. Crime. Other Risks: Undersea cables, email risks, BadBots, Win10 EOS, Mainframes. Health, Safety & Environment: Bio-labs, Makeup, Pollution, More mRNA, Smart meters, Tesla crashes, Extremism. Covid-19: Spread, Curves, Waves, and Variants. Response, Vaccine passports, Borders, Immunity, Delta & Gamma, Canada, Learned, Covid Ugly. And more.

Welcome to This Week’s [in]Security. e-commerce security: PCI, Magecart, & the DOM part 1. New breaches: Windows passwords, Pipeline#2, VW, EA games, Mc Donalds, Self-breached? New Ransomware: Exit plans & Lawyers. Major outages: Failing Fastly. Follow-ups & Fall-out: Infographic & analysis, Recouped Bitcoins, Humana suit, JBL meat pays out, MoviePass. Privacy: Cookie banners, Forget my face, Floc, Bitcoin Anon, Apple, WhatsApp. Laws & Regs - Canada: RCMP, More C-10. US: Tiktok, HIPPA, Disclosure, Hacking back. The world: Antitrust, Misuse. Standards: NIST OSCAL, drafts, extensions. Defense: Software Design, Supply Chain, Deepfakes, Slander, HIBP, Fellowships. Vulnerabilities: MS, IE RIP, Chrome, Intel, Adobe, Polkit, ALPACA, Bloodhound, Weapons, Quantum. Cybercrime - Trends: 5 Attacks, Nation States. The An0m sting, Crime. Misconduct, Tricky. Other Risks: Health, Safety & Environment: Alzheimer's, CO2. Covid-19: Spread, Curves, Waves, and Variants. Response, Immunity, Donating Vaccines, Learned, Impact, Covid Ugly. And more.

Welcome to This Week’s [in]Security. PCI & Mobile, Fraud. New breaches: Pizza, Deleted Buckets, Olympics. New Ransomware: Food Supply Chain, Transportation, Obstructing Justice. Follow-ups & Fall-out: Policy, Pipeline, Azusa, Accellion. Privacy: Sidewalk Mesh, WhatsApp caves, TikTok & biometrics. Laws & Regs - Canada: C-10. US: Breach liability, Ransomware. The world: EU filters, India. Standards: Post-quantum, Biometrics. Defense: Cyber & the Board, Computing Reserve. Webinars, Browser, Teams. Vulnerabilities: Home grown, Git & POCs, CodeSys, OpenPGP. Cybercrime - Trends: vCenter, WordPress. Nation States. Crime. Other Risks: Residential School Deaths. Health, Safety & Environment: Flu, Ordinance, Bears, Zombie Fires. Covid-19: Spread, Curves, Waves, and Variants. Response. Immunity. Learned. Covid Compliance. And more.

Welcome to This Week’s [in]Security. PCI: SLC v1.1, Sunsetting P2PE v2 and PA-DSS. MasterCard resources. Control Gap SSA & SSLC. Magecart mobile, Carders. New breaches: Japanese Dating & government, Canada Post, Nukes, Dominos India, Hospitals, Compound redaction leak, New Ransomware: RCMP, Defensive shutdown. Privacy: Facial Recognition, Hiding controls. Laws & Regs - Canada: C-10 impact. US: Breach law. The world: Mass Surveillance, Data residency. Standards: NIST: Cloud, IoT/MuD. USB-C upgrade. Defense: Webinars, Webinars. Pipeline response, Cyber budgets, Unknown-unknowns, FBI supporting HIBP.

Welcome to This Week’s [in]Security. PCI WFH FAQs, Standard updates, Mercari breach, Hashes Unsafe. New breaches: 23 Android Apps, Air India, Daily Quiz. New Ransomware: Banning payouts, Double Encryption. Follow-ups & Fall-out: SolarWinds, Codecov, Water Plant. Privacy: Apple, Cams, Health tools. Laws & Regs - Canada: C-10, Vaccine Patents. US: Pipeline Bills, IRS Crypto, Lawsuit backfires, Snapchat suit, Tesla review. UK, EU, HK: Facebook probe, WhatsApp, Sanctions, Crypto wars, USK MSP regs. Standards: Data Classification. Defense: ZeroDays, Phone numbers, Passwords, Simuland, Russian Keyboards, Explorer RIP. Vulnerabilities: Android, Windows RCE, Tool Abuse, Planes, (no trains), Automobiles. Cybercrime - Trends: Apple, Stuffing, Bizarro, Lazy Ransomware? Nation States. Crime. The2011 RSA Hack. Other Risks: Stress, Critical Infrastructure, Gig risgs, Busted for weak Wi-Fi? Just daft. Health, Safety & Environment: Covid-19: Spread, Curves, Waves, and Variants. Response. Immunity. Learned. Covid Ugly. Covid Compliance. And more.

Welcome to This Week’s [in]Security. Magecart and more. Card Breaches. New breaches: Veterans, Durham, Chicago, New Ransomware: Colonial Pipeline, Darkside Shuttered, Insurance Irony, Ugliness & Triple Extortion, Bans, Deterrents. Follow-ups & Fall-out: Rapid-7, SolarWinds, HIBP. Privacy: Laws & Regs - Canada: C-10. US: Cyber EO, Forensic Transparency, Stupid Patent. UK, EU, HK: Facebook vs. EU, VPNs. Standards: NIST Crypto Update, IoT Confidence. Defense: Webinars, Webinars. Demystify Cyber, killing CAPTCHA, Passwordless GIT. Vulnerabilities: Acrobat, Wi-Fi's old flaws, e-Voting, Browser Scheme Flooding, Declassified Crypto. Cybercrime - Trends: Tor, Backdoored tools, Canada. Crime. Other Risks: DNA, Chips, Huawei. Health, Safety & Environment: Ventilation, Killer Asteroids, Chernobyl, Bitcoin impact, Batteries, Resignation backlog, Credit Confusion. Covid-19: Response. Immunity. Learned. Scientific Dogma. Impact. Covid Compliance. And more.

Welcome to This Week’s [in]Security. DSS v4.0 Summary, and Secure Payment Terminal Software. New breaches: Cookies, FermiLab, Glovo, Telestra, Twillo, Peleton, … New Ransomware: Pipeline Hack, Scripps, SmileDirect, Pirate, DDoS. Follow-ups & Fall-out: Apple, Ostriches, Lawyers, Therapy, and Disputes. Privacy: Facebook, Google, and EU Cloud. Laws & Regs - Canada: C-10. US: Scraping, CryptoEx, CFAA and the Cloud, Deplatforming, Astroturfing the FTC, Fines. Standards: Healthcare, Space-cyber. Defense: Kids, Buffs, Bounty, Containers, Tools, Doxing. Vulnerabilities: DNS, Spectre. Drone v. Telsla. Cybercrime - Trends: Nation States. Crime: Defogging BitCoin. Other Risks: Password Day, Missiles, TLDs. Exploit Ban, Tabs. Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants. Response. Immunity. Impact. Covid Compliance. And more.

Welcome to This Week’s [in]Security. PCI Secure Software Update, Community meeting. e_Skimmer. Supply-Chain Backdoors: New breaches: New Ransomware: Follow-ups & Fall-out: Privacy: less FLoC, US poll, Windows. Laws & Regs - Canada: C-10. US: Breaches. UK, EU, HK: Apple, Google. Standards: IoT, 4 NIST, PQ-crypto. Defense: Webinars, Webinars. Cyber-kids, Ransomware taskforce, Defender uploads, HIBP & Emotet. Vulnerabilities: macOS, Unethical patching, BigF5, NTLM, Cellebrite, Cisco, Medical & Industrial IoT, AD, AI Hackers. Cybercrime - Trends: Malvertising notifications, OpenBullet, Linux backdoor, Passwordstate, Sharepoint. Citizenlab & NSO Group. Nation States. Crime: Bitcoin laundering. Other Risks: Supply chain, Schneier, Smishing. eVoting, Health, Safety & Environment. bees, Quakes, Death from above, EV blues, cars. Covid-19: Spread, Curves, Waves, and Variants. Response. Immunity. Learned. Impact. Covid Compliance. And more.