controlgap.com

Welcome to This Week’s [in]Security. This week: Payments: Scams, Magecart, Liability Shift. Breaches at Facebook, Zynga, Lifelabs, WaWa, Ring, and others. Ransomware now listed a potential breach. The terrifying truth of smart phone location data. What your car knows about you. Internet shutdowns. More big tech scrutiny. 911 v2.0. Passwords. IoT, Ring, DTEN. Nation state risks. What password strength meters get wrong. Closing the barn door. Spam scams. SIM swaps, when your number is spoofed. Porch pirates. Kids don't trust Alexa. And more.

Welcome to This Week’s [in]Security. This week: Major PCI announcements P2PEv3, CPoC reaction, SPoC update, DSS 4.0 questions, alignment. Updated web site. Holiday fraud warnings. Payment trends. Desjardins breach widens. More GDPR fines. Ransom/breach-ware is now a thing. Leaky buckets. Law enforcement and DNA-genealogy. Advertisers want to be exempt from privacy. CCPA, IoT laws, FUD and back-doors, more border risks, anti-trust. Credential protection, muting robocalls, cloud firewalls, awareness video, fraud analytics. Shadow IT. Power plants. More Intel hardware flaws. Hardware password manager FAIL. Creepy IoT-  don't ring, don't blink. Telcos and scammers. Bye, bye Windows 7. Lots of ransomware. Smart-meter scams.  AI's black-box problem. 737 Max fatality projections. Fluoride. Electric plane. New carbon capture. Breaking down plastic.  And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. This week: PCI Contactless Payments on COTS arrives, Magecart/skimming Smith & Wesson, Salesforce. Mega-breaches: TruDialog spills text messages, MixCloud. Others: HackerOne, BMW, Hyundai, Healthcare. Credential stealing Python. Breach fallout. Breaches climb after mandatory disclosure. Hiding breaches with NDAs. Facial recognition and biometrics. iOS & China. Federal Privacy Law. US bans on travelers up. Certbot helps Let's Encrypt. IoT defense. Hacked election machine? Cipher breaks - RSA and DLP 240 fall. (795 bits). Nation State attacks, espionage, targeting biometric data, bricking Android, ransomware. Arrests and charges. Scams. Security crystal ball. The Internet Of Bodies? Measles deaths and response. Fake CV leads to jail. And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. This week: New PCI FAQs, POS and restaurant breaches, Magecart. Breaches at Adobe, Palo Alto, and Vistaprint. Smartwatch exposure. Privacy laws and the future. Facebook and Twitter SDKs. Right to be forgotten. IoT encryption debate. RCS (SMS replacement) vulnerabilities, more ransomware, national security and Chinese tech. What is AI? Nukes and climate. DeepFake example . Electric seaplanes. And more.

Welcome to This Week’s [in]Security. This week: Evolving PCI. Online skimming/Magecart. A 1B record breach and an 11 breach week. Target sues over breach. Privacy regulations in conflict? Healthcare grab. Password ruling. More pressure for crypto-backdoors. New defensive tools. Five years to patch. VNC, RDP, and IoT - oh my. Replying to phone scammers. Busting scammers. 100K fake e-comm sites. Design error. Not so-smart homes. Lots of ransomware. Bluetooth scanners as burglary tool. Spammy banks. Internet islands. And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. This week: Compliance falters. Vote for 2020 PCI Sigs. PTS DTRs published. AI and fraud. Breaches  Sunshine Behavioral Health (93M), InfoTrax (1M).  Breaches and stock prices. Google has 50M health records. FB camera privacy. Canadian banks send data on 1M to US IRS. US-wide privacy. Privacy Shield concerns. Policy and Tech. Border searches of phones. Cellular location data. Caller ID spoofing and defense. BlueKeep patching fail and DoS. More firmware bugs. SIM swapping. How bad is it? And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. This week: PCI DSS 4 Comment Period. New PCI Contactless on COTS standard. EMVco and 3D Secure. A PCI Horror Story. Magecart. Carders. Breaches at top domain registrars, UniCredit (3rd times a charm), Bed Bath& Beyond, Desjardins breach numbers grow. Hall of shame - bank asking for other bank passwords. FB agrees to fine. Several articles on the ups and downs of facial recognition. Textalyzers?! ISPs called out for encrypted DNS lies. Bye, bye Flash!, Small quantum key distribution chip. Experimenting with post-quantum TLS. Delegated TLS credentials. ECC crypto timing attack. General attack on fingerprint readers.Random fail. SMS and Whatsapp hacking. FB sues NSO group. BlueKeep in the wild. Brain hacks. Amazon account fraud using non-Amazon devices. And more.

Welcome to This Week’s [in]Security. This week: Evolving PCI. PCI SSF transition. Online EMV SRC. Windows 7 EOS. EOL OS's getting worse. Magecart. Penny wise-pound foolish. VPN and AV breaches. US Military PII breach. Social media portability. The CASE Act. Robot voyeurs. Alex and Google Home privacy again. SQL magic password malware. Cyber Insurance fail. AES benefits. Quantum shade. Problem visibility and executives. Attribution and nested APTs. The end is near for Windows 7. Facebook probed by most states. Facebook and elections. Is minimal security too expensive? Green tech. Women setting records. Iot again. TikTok and National Security. Data over sound. Halloween! Carbon Capture. And more.

Control Gap is having their team building event this month at the Rec Room. We’re all learning and having fun as a team.