controlgap.com

Welcome to This Week’s [in]Security. Trending: Coronavirus Spread and the P-word, Closures and bans, Countermeasures and responses, Vaccines, Impacts, Regulations, Cybercriminals, Profiteers, Snake-oil, and hoarding. PCI: PTS v3 extension, DSS futures, P2PE Errata. Breaches: UK, Netherlands, Whisper app, Melbourne Polytechnic, O2 partner. The EARN IT Act war on crypto. Right-to-repair. Password rotation. Free container ebook. Emergency Fix for Critical Windows SMB bug. Intel LVI chip flaw. Flawed mobile voting. Botnet takedown. IQY file malware. Mind control. And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. Trending: Corona virus updates - individual guidance, spread, responses, security. PCI and COVID19. PCI SPOC update RFC. New breach guidance. Breach news on planes, trains, electric automobiles, spacecraft, phones, schools, and cruise lines. 200M property records. 25GB security data. PEI hit by breach-ware. Failure to test leads to breach. Geofence suspect. Facial recognition. Student privacy. Ex-marketer privacy advocate. Copyright vs GDPR. Cyber-law casebook. NIST updates. Software ingredients lists. CPU Vulnerabilities. Password reuse and credential stuffing. Failure to patch. The big Let's Encrypt revoke. Quantum enhanced weakness. SIM swapping threat. 1.2M Microsoft enterprise non-MFA accounts compromised. Homographs: tricky lookalike Domain Names. New ransomware. Election security. Crypto AG update. Mumps. Security dilemmas. And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. Trending: Coronavirus impact update: spread, defense, and impact. More crypto-wars fallout: Crypto AG criminal investigation. Throwing out Huawei and ZTE. Deepfakes and Payment Fraud. Samsung, Straffic 48M records, Hong Kong and Rotherwood Healthcare breaches. Clearview and DISA breach followups. Ransomware frees accused. Lifelabs blocking regulator. Desjardins' $108M breach cost. Shunning breached companies. SimpleTax buyer renegs on privacy. Alexa's listening. Sidewalk Labs privacy. Formalizing right to be forgotten. $200M FTC fine over cellphone location data.FB vs analytics firm. NY cybersecurity enforcement. NSA metadata collection. NIST Cyber security roadmap. Encrypted DNS update. Cloud risk mitigation. Preventing leaks. IOT class actions. TLS cert and signature changes. Memory encryption. Cybersecurity Humble Bundle . Ransomware gets to the backups. Zyxel zero-day hits more products. AWS firewall bypass. Ancient Tomcat bug found. IoT vacuum sucks camera data too. 2FA and unpatched phones. 2FA malware. Attacking healthcare for profit. PayPal abuse. RSA conference. DDoS as a smokescreen. Russian provocations. And more.

Welcome to This Week’s [in]Security. Trending: Coronavirus updates. PCI Updates: Large Organizations Guidance, Mandatory FAQs, QSA qualifications. European Cybersecurity Center. Crypto-Credit Card. Breaches: MGM (10M), Tetrad (120M), Japanese Defense, US DISA, Canadian Government, Quebec, and 9 more. Gas Pipeline ransomware. Unencrypted laptops. Citrix fallout. Insider risk. Google sued over student data. Ring Door Bells Privacy and Law Enforcement. Law Enforcement and facial recognition. FitBit sale. Policy vs Technology essay. UK privacy protections under Google. Nexus Passes up in Smoke. Wells Fargo $3B fine. Huawei ban upheld. Rethinking IoT. Passphrases. Phishing. Oversharing tool. Election Security. Vulnerabilities 22K in 2019, Cisco, AWS, PHP, Medical devices and satellites. Trojans in Neural Nets. 55M credentials stuffed. Extortion by Google ban. VPN hacks. Assange extradition case. Tainted Wallets and crypto karma. Cybersecurity vacancies. Tech waste. Auditor oversight. RSA sale. And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. Trending: Huawei and Crypto AG, Coronavirus, and Election insecurity. Breaches: 2 mega breaches - 440M+ records, , 9 smaller breaches, and plastic surgery photos, 15B records breached in 2019, China breached Equifax. More ransomware Evolution, Avast and Facebook Investigations. Bad Chrome, Police AI and facial recognition. US Data Protection, UK Content regulation, CCPA changes, Robocall revenge app, Signal, Fighting disinformation, Protecting data lakes, How not to get hacked, Upcoming conferences. Chinese IoT firmware backdoor, Shadow IT, Patch Tuesday problems, Rapid rise in Mac malware, Hacking fallout, CRA Scammer arrest, FBI cyber-crime warnings, The journalism attack-surface, Looking back on predictions for 2020, Healthcare cyber-insecurity. AI hilarity. And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. Recent Wawa breach hit 30M cards. PCI and NIST updates. Wuhan coronavirus updates and other diseases. The new ransomware. Breaches at Sprint, NEC, Trello, the UN, PIH, SpiceJet, and Cineplanet. The briefest leak. Equifax's $1B security bill. Collating Hacked Data. Modern Mass Surveillance. Privacy violations by Avast and Ring (nicky nicy nine trackers?). Facebook OS? Facial recognition and smart camera networks. Tool shows what third party sites tell Facebook. Data Privacy Day. $550M Facebook fine. Warrantless search law. Do PCI and CCPA align? War on encryption. Banning ransomware payouts? IoT Security Regs. NIST updates.Fighting ransomware. Firmware attacks and patches. Attacking factories. Airport insecurity. Sonos blinked. Hunting down ransom groups. NFL social media hijack. Sim Swapping Uping cyber-prosecutions. Fake news is very potent. Tech pushing Opiods. Audio deepfakes. Drones Border Security. And more.

Welcome to This Week’s [in]Security. Magecart, SHA-1, bad compliance culture. Visa Contactless on Android. Breached: PlanetDrugsDirect, P&N Bank, Formations House, Peekaboo Moments, 500K IoT devices, More ransomware. WeLeakInfo seized. Breach lawsuits. Equifax settlement. Dating sites violate GDPR. Facial surveillance. DNA privacy. No-tracking search. CCPA disclosure. Limiting CFAA.NIST conference and drafts. Free source analyzer. Exploit Proof of Concepts. Windows bad week. Oracle. Wordpress. Beware the patching hacker. Conversation hijacking. New Malware. Disruption for profit. Geo-fence warrants. Snowmageddon Newfoundland, 5G Security. Artificial Personas. AI liability? And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. Online Skimming and PCI. CheckPeople.com breach. Ransomware and Password Theft. DNA collection. Apple vs. FBI Round 2, NIST IoT, Password blocking. Correcting misinformation. Practical SHA-1 attack, Critical Firefox, Citrix ADC, WebEx, and CableHaunt. An ancient AV archive bug. ToTok controversy. Ontario Healthcare risks. Iranian malware and powergrids. Supply chain DoS. Tricky Phishing. Hacking laws with SQL. Ask Why! Another nuclear false alarm. Deepfakes and lies. Australian wildfires. Emoji liabilities. Measles deaths. Gaining Trust. Disturbing AI. And more.

Welcome to This Week’s [in]Security. This week: New Magecart tricks, Gas Pump skimmers rush to beat liability shift upgrades, ransomware shutters company, breached medical imaging system, Starbucks leaks API keys, Facebook health, Google drops insecure Xiaomi cameras, CCPA live, NY's SHEILD Act, Credential Stuffing, Suing cybercriminals, Iran hacks back, TikTok ban, absurd 11 calls, defamation settlements, various year-end reviews. And more.

Welcome to This Week’s [in]Security. A slow week in payments. Incidents at Wyze, Factual, Honda, Bank of England, and Synoptek. Wawa and LifeLabs sued. Top security screwups and threats of 2019. Bypassing 2FA. Disinformation and your brain. When is data publlic? Did location tracking just get worse? Government back-doors. Taxes and social media. Facial recognition and surveillance. Holiday phishing and scams. ToTok spyware. Cyberinsurance pull-back. Revenge porn law challenged. AI. Huawei and Google. Risks of DNA kits. Mushroom identification. And more.