controlgap.com

According to some, quantum cryptography will revolutionize cryptography, kill our current ciphers, and reveal all our secrets. But if you're a risk manager, you're likely turned-off by claims of an impending crypto-apocalypse. You want to get past the hyperbole to something you can work with. You will want to know how likely this is, how to sort out facts from spin, what kinds of resources are available, how long you've got to prepare, and what preparation and planning do you need to do. You need to understand that quantum isn't just one thing, one risk, or the only risk. Join us as we break it all down for you.

Cryptographic change is a reality. Since 2006, we have seen the sunset of WEP, SSLv2, RSA-1024, SSLv3 and early TLS. We know that Triple DES and other 64-bit blocked ciphers are on the way out. RSA will likely follow, and our current pre-quantum public key cryptosystems will eventually become deprecated. These changes have impact and require widespread coordination. Old software and hardware will need to be upgraded or replaced. It will require time, effort, money, and pro-active management. Simply reacting will be risky, painful, and expensive. Industry needs to learn from past changes so that organizations can be ready. Most importantly, we need to do better than we have done in the past. But how?

Welcome to This Week’s [in]Security. Card Production, Data Removal, Digesting PCI, Issuers. Fingerprint cards. New breaches: Saudi Aramco, Mexican voters, S3 service provider bucket, Denials and False breaches. New Ransomware: trains, suppliers, Major outages: Akamai. Follow-ups & Fall-out: Named and Shamed, Insurance restrictions, Audi, Kaseya, Privacy: Data brokers. Laws & Regs: Right to be Forgotten. Pipelines, Right-to-repair, Web-scraping. India's platforms, EU Crypto. Cybersecurity Career Awareness, AES Review, Lightweight Crypto Final, NIST. Defense: Backups, browsers, trackers, Tools, Russia's Firewall. Vulnerabilities: Print Drivers, SeriousSAM/HiveNightmare, PetitPotam, Linux "Sequoia", Telegram. Cybercrime: Pegasus Spyware, Trends: NPM Password Thief, MosaicLoader, Discord, Nation States: China, Crime. Homoglyphs, DNA, Swatter, Twitter, flattened-miners, ID Theft Scumbags. Other Risks: AI, Disinformation for Hire, Cloud ICS, Expired Domains, MLB Sign stealing. Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants; Response; Treatments; Immunity; Covid Ugly; Covid Compliance. And more.

Welcome to This Week’s [in]Security. PCI 3DS Updates. New breaches: ParkMobile, Codecov, Upstox, ClubHouse. New Ransomware: Follow-ups & Fall-out: Facebook. Breach spin and Greed. Privacy. Laws & Regs: Class Actions, Breach Notification, LEA requests. BYOD. IOT. Defense: Anti-Caller ID Spoofing, Rockets, Code, Coders, Free Course, Cyber Careers, Power Grid, FLoC off, OSCAL. Vulnerabilities: Browser ZeroDays, Faster Bug Disclosure, DNS, NAME:WRECKIoT, Un-awareness, Dependencies, Pwn2Own, Kubernetes, Juniper, Zoom, Crypto. Cybercrime: FBI Patching. Trends. Nation States. Crime. Other Risks. Child Abuse Images. Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants. The Good, Bad, and Ugly (Behaviour). And more.

Welcome to This Week’s [in]Security. Twitter Hack/Breach. Facebook Ad boycott. Covid-19: Spread, Curves, Spikes & Waves. Lockdown, Reopening, & The New Normal. More of the Good, Bad, and Ugly. Key Block Implementation Delay. Those lying No-logging VPN services. CCPA lawsuit. Data Exfiltration vs. Data at Rest Controls? Confidential Computing. Mozilla VPN. Anti-voice-assistant snooping tech. Free anti-ransomware tool. Stopping web-trackers. DNS. SAP Recon. Smartphone Knock Codes (Patterns) CIA hackers. Mandated malware? Iran oops. Counterfeit Network Gear. Enigma. Step inside someone else's YouTube bubble if you dare. And more.