controlgap.com

Welcome to This Week’s [in]Security. This week: PCI's new Software Security Standard and PCI's new Software Security Framework, huge collection of compromised emails and passwords, using GDPR to go after tech companies, warrant needed to compel biometric access, hack a Telsa for profit, airline PNRs at risk, more IoT problems, even more Magecart, Payroll diversion BEC, $1.7M average breach cost, big game ransomware, DNA accuracy, proof AI can't solve everything, and three technologies to fight climate change.

Welcome to This Week’s [in]Security. This week: card-not-present fraud on the rise, 200M Chinese resumes exposed by data scrapper and several smaller breaches, more magecart, driving and droning under the influence, lawsuit over vulnerabilities harming Jeep resales, nation state ransomware not covered starts a potential landmark insurance case, a commercial quantum computer, Ring's an IoT mess, Unicode Zero-Width-Spaces break URL safety checks, 51% - taking over the blockchain for profit, new DUI police powers, filter bubbles, and two very different different redaction problems.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. This week: PCI updates on 3DS SDK's and TLS 1.3, the first breaches of 2019, update on Marriott/Starwood, all US states now have breach laws, Canada mandates spam call blocking, funding open source bug bounties, the power of fuzzing, more IoT exploitation, AI's learn to cheat, 2019 predictions,  pene-enclaves, and Krakatoa.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

From all of us at Control Gap on New Year's eve, our very best wishes for you all in 2019!

Welcome to This Week’s [in]Security. This week: 2018 in retrospect, 2019 predictions, dynamic security codes (dCVV2), smaller breaches, tougher Canadian privacy rules start New Year's day, new OWASP IoT Top 10, How Facebook tracks non-users, tattoos as intellectual property, hand/vein pattern biometric falls, DLP with Office-365, cyber-criminals now using BGP hacking, Twitter SMS password bypass bug, crashing Alexa, proving anything with statistics, and Annie the CPR girl.

Welcome to This Week’s [in]Security. T'was the night before Christmas, this week: Facebook tops the naughty list again, vulnerable MPOS readers, a look back at two notable payment card breaches, more e-commerce breaches, the Drones of Gatwick, US Senate releases two reports on Russian social media interference, security and good system/software inventories, CSO & CISOs still lacking corporate visibility, possible Twitter breach, creepy gifts, fake faces move beyond the uncanny valley, video conferencing vulnerabilities, planet tipping, really really far out, and revenge with side of glitter.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. This week: UK has experienced 41 breaches a day, Google+ (again), Facebook photo faux-pas, a medical record dump, Equifax breach report, and follow-on for Starwood and TicketMaster.  Canadian payment study out, a massive bomb hoax, wrong thinking, cyber-security scores, another country fines Facebook, more on encryption back-doors, half of cloud db's are not encrypted, and criminals building their own guns.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. This week: Beyond "locks and bars" secure e-shopping. Vote for PCI 2019 special interest groups. More fallout and huge liability from Marriott's Starwood breach. New breaches at 1-800-FLOWERS, Quora, Fallout76, and BeatStars. Facebook harvested call and text logs without permission. Republican's hacked in mid-terms.  Magecart gangs go after admin credentials. Exploiting typo links in Tweets.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. This week: PCI Telephony updates. Record setting post-GDPR breach at Starward/Marriot. Breaches at Dell, Atrium Health, Sky Brasil, Dunkin Donuts, Sotheby's Home, Data & Leads, and an unidentified ElasticSearch server.  Uber fined.  Back-dooring Oz. Nosy CRA workers. Criminal volunteers on open-source project and Trojans code to steal crypto-wallets. And, Faking DNA evidence.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. This week: Uses for cash in cashless society. Breaches at USPS, Adapt, Amazon, Vision Direct, Instagram, FIESP, and Knuddles. Legal cannabis risks.  IoT creepiness ratings.  Free book. More Facebook. MFA. Broadband router security standards. Mainframes. Outed hackers. Snowden's legacy. Voting machines. Law firms. Deep fryer [un]safety. Linguistic lie detectors.

Now here's this week’s selection of news, opinions, and research. Quickly skim annotated links organized by topic: compliance and payment security, breaches, regulation, bugs, privacy, hacking/malware, other security & risk, and more. We hope you enjoy and find them useful.

Welcome to This Week’s [in]Security. This week: PCI compliance rates falling, DNA site breach of credentials, Jira AWS leak, IoT security regulation, problems with corporate auditing, DHS creates CISA, more Facebook fallout continues, new FACEbook security bug, ironic GPDR plugin compromised, Meltdown and Spectre-palooza, ATM hacking, a plague of  Magecart compromises,  new AWS security controls, browser add-ons and content security policies (CSP), swatter gets over 20 years, and ballot design issues.