controlgap.com

Welcome to This Week’s [in]Security. Magecart, SHA-1, bad compliance culture. Visa Contactless on Android. Breached: PlanetDrugsDirect, P&N Bank, Formations House, Peekaboo Moments, 500K IoT devices, More ransomware. WeLeakInfo seized. Breach lawsuits. Equifax settlement. Dating sites violate GDPR. Facial surveillance. DNA privacy. No-tracking search. CCPA disclosure. Limiting CFAA.NIST conference and drafts. Free source analyzer. Exploit Proof of Concepts. Windows bad week. Oracle. Wordpress. Beware the patching hacker. Conversation hijacking. New Malware. Disruption for profit. Geo-fence warrants. Snowmageddon Newfoundland, 5G Security. Artificial Personas. AI liability? And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. Online Skimming and PCI. CheckPeople.com breach. Ransomware and Password Theft. DNA collection. Apple vs. FBI Round 2, NIST IoT, Password blocking. Correcting misinformation. Practical SHA-1 attack, Critical Firefox, Citrix ADC, WebEx, and CableHaunt. An ancient AV archive bug. ToTok controversy. Ontario Healthcare risks. Iranian malware and powergrids. Supply chain DoS. Tricky Phishing. Hacking laws with SQL. Ask Why! Another nuclear false alarm. Deepfakes and lies. Australian wildfires. Emoji liabilities. Measles deaths. Gaining Trust. Disturbing AI. And more.

Welcome to This Week’s [in]Security. This week: New Magecart tricks, Gas Pump skimmers rush to beat liability shift upgrades, ransomware shutters company, breached medical imaging system, Starbucks leaks API keys, Facebook health, Google drops insecure Xiaomi cameras, CCPA live, NY's SHEILD Act, Credential Stuffing, Suing cybercriminals, Iran hacks back, TikTok ban, absurd 11 calls, defamation settlements, various year-end reviews. And more.

Welcome to This Week’s [in]Security. A slow week in payments. Incidents at Wyze, Factual, Honda, Bank of England, and Synoptek. Wawa and LifeLabs sued. Top security screwups and threats of 2019. Bypassing 2FA. Disinformation and your brain. When is data publlic? Did location tracking just get worse? Government back-doors. Taxes and social media. Facial recognition and surveillance. Holiday phishing and scams. ToTok spyware. Cyberinsurance pull-back. Revenge porn law challenged. AI. Huawei and Google. Risks of DNA kits. Mushroom identification. And more.

Welcome to This Week’s [in]Security. This week: Payments: Scams, Magecart, Liability Shift. Breaches at Facebook, Zynga, Lifelabs, WaWa, Ring, and others. Ransomware now listed a potential breach. The terrifying truth of smart phone location data. What your car knows about you. Internet shutdowns. More big tech scrutiny. 911 v2.0. Passwords. IoT, Ring, DTEN. Nation state risks. What password strength meters get wrong. Closing the barn door. Spam scams. SIM swaps, when your number is spoofed. Porch pirates. Kids don't trust Alexa. And more.

Welcome to This Week’s [in]Security. This week: Major PCI announcements P2PEv3, CPoC reaction, SPoC update, DSS 4.0 questions, alignment. Updated web site. Holiday fraud warnings. Payment trends. Desjardins breach widens. More GDPR fines. Ransom/breach-ware is now a thing. Leaky buckets. Law enforcement and DNA-genealogy. Advertisers want to be exempt from privacy. CCPA, IoT laws, FUD and back-doors, more border risks, anti-trust. Credential protection, muting robocalls, cloud firewalls, awareness video, fraud analytics. Shadow IT. Power plants. More Intel hardware flaws. Hardware password manager FAIL. Creepy IoT-  don't ring, don't blink. Telcos and scammers. Bye, bye Windows 7. Lots of ransomware. Smart-meter scams.  AI's black-box problem. 737 Max fatality projections. Fluoride. Electric plane. New carbon capture. Breaking down plastic.  And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. This week: PCI Contactless Payments on COTS arrives, Magecart/skimming Smith & Wesson, Salesforce. Mega-breaches: TruDialog spills text messages, MixCloud. Others: HackerOne, BMW, Hyundai, Healthcare. Credential stealing Python. Breach fallout. Breaches climb after mandatory disclosure. Hiding breaches with NDAs. Facial recognition and biometrics. iOS & China. Federal Privacy Law. US bans on travelers up. Certbot helps Let's Encrypt. IoT defense. Hacked election machine? Cipher breaks - RSA and DLP 240 fall. (795 bits). Nation State attacks, espionage, targeting biometric data, bricking Android, ransomware. Arrests and charges. Scams. Security crystal ball. The Internet Of Bodies? Measles deaths and response. Fake CV leads to jail. And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. This week: New PCI FAQs, POS and restaurant breaches, Magecart. Breaches at Adobe, Palo Alto, and Vistaprint. Smartwatch exposure. Privacy laws and the future. Facebook and Twitter SDKs. Right to be forgotten. IoT encryption debate. RCS (SMS replacement) vulnerabilities, more ransomware, national security and Chinese tech. What is AI? Nukes and climate. DeepFake example . Electric seaplanes. And more.

Welcome to This Week’s [in]Security. This week: Evolving PCI. Online skimming/Magecart. A 1B record breach and an 11 breach week. Target sues over breach. Privacy regulations in conflict? Healthcare grab. Password ruling. More pressure for crypto-backdoors. New defensive tools. Five years to patch. VNC, RDP, and IoT - oh my. Replying to phone scammers. Busting scammers. 100K fake e-comm sites. Design error. Not so-smart homes. Lots of ransomware. Bluetooth scanners as burglary tool. Spammy banks. Internet islands. And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. This week: Compliance falters. Vote for 2020 PCI Sigs. PTS DTRs published. AI and fraud. Breaches  Sunshine Behavioral Health (93M), InfoTrax (1M).  Breaches and stock prices. Google has 50M health records. FB camera privacy. Canadian banks send data on 1M to US IRS. US-wide privacy. Privacy Shield concerns. Policy and Tech. Border searches of phones. Cellular location data. Caller ID spoofing and defense. BlueKeep patching fail and DoS. More firmware bugs. SIM swapping. How bad is it? And more.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.