NIST, Revil, [in]security, Pegasus, FIPS, blackcat This Week's [in]Security - Issue 252 | insecurity | Control Gap Jan 30, 2022 12:00:00 AM Welcome to This Week’s [in]Security. PCI updates: MPoC. Skimmers, Payments. New breaches, New Ransomware: insiders, Canada FA. Major outages: Record DDoS, Andorra, Tonga. Privacy: tracking censorship, FloC & Topics. Laws & Regs - Canada: CitizenLab on LawBytes. US: China Unicom ban, zero trust, too many laws, Google lawsuit, Cyber-insurance and ransomware, Metaverse-law. World: GDPR, autonomous car liability, China's Internet. Standards: FIPS, NIST, NICE. Defense: EU incident framework, source backup, test people too. Vulnerabilities, Zerodays: Centos 8 (EOL), Apple. Other Vulnerabilities: Disclosure, Polkit/PwnKit, Datacenter remote management, Cameras, mobile protocols. Patching: Windows, QNAP & the forced patch. The Quantum Apocalypse? Cybercrime: Trends: alerts, Revil, BlackCat, Oauth and MFA, BRATA, Dark Herring, BotenaGo/IoT exploit source, DazzleSpy, new tricks. Nation States: Pegasus, APTs. Crime & Enforcement; QR fraud, ID Theft, Rug-Pulls, Swatting. Other Risks: 2M certificates revoked, copywrongs, air tags, gaslighting, unrealestate, cloud costs, following the disinformation money. Russia-Ukraine, Belarus Rail, Health, Safety & Environment: snow, Bitcoin, Winter Olympics, nuclear. Covid-19: Spread, Curves, Waves, and Variants; Response; Treatments; Immunity; Learned; Innovation and more. CG Blogger Read More
