controlgap.com

Welcome to This Week’s [in]Security. DSSv4 timelines. Magecart. New breaches: CVS, Carnival Cruises, Wegmans. New Ransomware: G7 vs. Russia, Bitcoin?, ICS Software, Nukes, source released. Major outages: Puerto Rico, Follow-ups & Fall-out: Avaddon quits, 5B records, Lessons learned, US fines. Privacy: Trusting VPN providers, Pseudonymity, Phones, Cartoon App. Laws & Regs - Canada: Copyright. US: Web Scraping, DPA, Facial recognition, Section 230, Massachusetts and Google app installation. The world: Crypto-wars, USA-EU, Compelling Passwords, Apple-EU. Standards: NIST & NSA. Defense: MFA list, Supply chain, ScriptWatch, Free book. Vulnerabilities: Chrome & Apple ZD, Utility Sector, Cisco, Linux, Defibrillators, Peleton. FPE weaker, 2G/GPRS backdoor. Cybercrime - Trends: Vigilante malware? PDFs, SEO poison, Google Docs, Fake cryptocurrency devices, Ransomware ops, Nation States. Crime. Other Risks: Undersea cables, email risks, BadBots, Win10 EOS, Mainframes. Health, Safety & Environment: Bio-labs, Makeup, Pollution, More mRNA, Smart meters, Tesla crashes, Extremism. Covid-19: Spread, Curves, Waves, and Variants. Response, Vaccine passports, Borders, Immunity, Delta & Gamma, Canada, Learned, Covid Ugly. And more.

Welcome to This Week’s [in]Security. PCI WFH FAQs, Standard updates, Mercari breach, Hashes Unsafe. New breaches: 23 Android Apps, Air India, Daily Quiz. New Ransomware: Banning payouts, Double Encryption. Follow-ups & Fall-out: SolarWinds, Codecov, Water Plant. Privacy: Apple, Cams, Health tools. Laws & Regs - Canada: C-10, Vaccine Patents. US: Pipeline Bills, IRS Crypto, Lawsuit backfires, Snapchat suit, Tesla review. UK, EU, HK: Facebook probe, WhatsApp, Sanctions, Crypto wars, USK MSP regs. Standards: Data Classification. Defense: ZeroDays, Phone numbers, Passwords, Simuland, Russian Keyboards, Explorer RIP. Vulnerabilities: Android, Windows RCE, Tool Abuse, Planes, (no trains), Automobiles. Cybercrime - Trends: Apple, Stuffing, Bizarro, Lazy Ransomware? Nation States. Crime. The2011 RSA Hack. Other Risks: Stress, Critical Infrastructure, Gig risgs, Busted for weak Wi-Fi? Just daft. Health, Safety & Environment: Covid-19: Spread, Curves, Waves, and Variants. Response. Immunity. Learned. Covid Ugly. Covid Compliance. And more.

Welcome to This Week’s [in]Security. Magecart? New breaches. New Ransomware. Facial Recognition. Facebook vs. NYU. COVID Alert App. Crypto-wars. NIST. Password Usability. Fast Fuzzing. Shodan Alternative. Adversarial ML. NSA top 25 Vulns. FPE weakness? Oracle megapatch. Chrome. Cisco DDoS. Magento. Power Grid. Phishing. Overlays. Trump's Password. Robinhood. Nation States. Legal actions. Election Security and Disinformation. AI fallibility. Health, Safety & Environment. Twinkies. Covid-19: Spread, Curves, Spikes, Waves, & reinfections. Contact Tracing. And more.

Welcome to This Week’s [in]Security. P2PE Key Block Deadlines. PCI Case Studies. ATM Alerts. NIST. 250M+ in New breaches: Mega breach, Social Data, Experian, Freepik, Cense AI, RMC. New Ransomware. Carnival. Facial Recognition. Privacy Shield. Windows. Google. Alexa. Cisco. SpiKey. IoT. email encryption. Zip Crypto. Zip Crypto. Supply Chains. Fake Recruiters. Spear Vishing. HTML Smuggling. 2xHurricanes. Blackouts. AI Dogfight. Covid-19: Spread, Curves, Spikes & Waves. Disinformation. And more.

Welcome to This Week’s [in]Security. Twitter Hack Week 2. Fallout from US Unrest. Covid-19: Spread, Curves, Spikes & Waves. Lockdown, Reopening, & The New Normal. Vaccine Progress. More of the Good, Bad, and Ugly. Inside a Carding Forum. New ATM Jackpotting Attack. New breaches: CouchSurfing 17M. Promo.com 14M, Dave.com 3M, Universities/Blackbaud, Instacart. Family Tree Maker. GEDmatch DNA. 407 ETR. Ransomware: Garamin. Contact tracing app problems. Plaid Class Action. PACT At. Post-quantum Crypto Update. ML & the CFAA. MS TLS sunset. Ontario. Code Freezer. Quantum Internet. Cyber-skills. Anti-Facial Recognition. BadPower attack. PDF Shadow Attack. Alexa Naughtiness. Adobe patches. Inecure apps. Botnet Vigilante. Twilio and DeepSource Code Compromised. Meow DB Attack. Unexpected Packages. FBI and NSA warnings. Biases & Risk. Supply Chain Risk. AI Parody. And more.

Welcome to This Week’s [in]Security. Fallout from US Unrest. Facebook Ad boycott. Covid-19: Spread & Curve. Lockdown, Reopening, & The New Normal. More of the Good, Bad, and Ugly. Mostly Magento. COVID Breach Bubble. Darkweb trove on 14M exposed. 132M records from 14 sites. More Blueleaks? Evolution of ransomware. Mac ransomware. A privacy friendly search? SSN lock fail. Naughty FB apps. Crypto-wars. Geofencing Warrants. SIM swap lawsuit. Ad blocker benefits. HTTP/3. Securing IoT. Palo Alto severity 10 bug. F5 Compromise. Massive password study. Kill 2G. Netgear routers. Too many tools. EncroChat. Nortel hack? Bossware. Unemployment. Security through inefficiency! Facial False Positives. AI bias. Fake Social Media Accounts. H1N1 (G4). Wiki-washing. And more.

Welcome to This Week’s [in]Security. This week: PCI PINv3 key blocks, PFI program updates, payment terminal inspections, Desjardin insider theft, DHS breach, prosecutors expose underage victims, pre-owned Nest Cam's pwned, AMCA breach leads to bankruptcy, a web hosting company has been charged along with the operators of a massive child-porn operation, Knowledge-Based-Authentication (KBA) is now officially dead, $1.5T lost in a decade of US breaches, a batch of NIST drafts for comment over the last few weeks, Big Data, surveillance, and drone privacy, US and APTs hacking the grids, Facebook-coin, quantum safe crypto, Mongo encrypts, Google goes with commutative encryption, TV-AV, the impending worm, QuadrigaCX crypto-fraud, do we really need digital license plates, C programmers being bitten by undefined behavior, a real life Iron-Man suit, and more.

Welcome to This Week’s [in]Security. This week: a quiet week for PCI, RDP MFA bypass, make SSNs public, AMCA (Quest, LabCorp, OPKO) breach, Data Protection Authority exposure, privacy and politics in Canada, 33% of breaches caused by 6% of bugs, impersonating doctors, rescuing vulnerable crypto-currency, Baltimore and Norsk Hydro, how Apple finds offline things and more.