controlgap.com

Welcome to This Week’s [in]Security. Online Skimming and PCI. CheckPeople.com breach. Ransomware and Password Theft. DNA collection. Apple vs. FBI Round 2, NIST IoT, Password blocking. Correcting misinformation. Practical SHA-1 attack, Critical Firefox, Citrix ADC, WebEx, and CableHaunt. An ancient AV archive bug. ToTok controversy. Ontario Healthcare risks. Iranian malware and powergrids. Supply chain DoS. Tricky Phishing. Hacking laws with SQL. Ask Why! Another nuclear false alarm. Deepfakes and lies. Australian wildfires. Emoji liabilities. Measles deaths. Gaining Trust. Disturbing AI. And more.

Welcome to This Week’s [in]Security. This week: Major update on PCI SSF and SLC standards, Magecart, POS malware, ATM shimmers, 300M EA Games breach, Attunity AWS breach, Desjardins insider breach, cloud breaches at PCM, Fujitsu, Tata, NTT Data, Dimension Data, CSC and DXC, 10 years breached Equifax CIO jailed, everyone's spying: NSA, MySpace, and Spanish Scoer League, ballot security, NIST IoT, NTS (Secure Time), DoH, Huawei full of holes, NASA Pi hack, 10 years vulnerable, multiple nation-state hacks, more ransomware, multiple crypto-currency frauds and hacks, USB-sniffing dogs, Perception gaps, Boeing's terrible week, logic puzzles, the world's largest human Maple Leaf, and more.

Welcome to This Week’s [in]Security. This week: PCI DSS 4.0 begins its journey, debates on cashless and contactless payments, 2018 data breaches up by over 4x , policy and cyber risk disclosure, breach followups, another mega breach of contact information, what's Facebook up to, more undisclosed microphones, NIST updates, NSA's reverse engineering tool opens up, Equifax fumbles again, a new class of firmware attacks, more IoT, several zero-days in the wild, bots, big data, echo chambers, behavior prediction, and more.

Welcome to This Week’s [in]Security. This week: PCI compliance rates falling, DNA site breach of credentials, Jira AWS leak, IoT security regulation, problems with corporate auditing, DHS creates CISA, more Facebook fallout continues, new FACEbook security bug, ironic GPDR plugin compromised, Meltdown and Spectre-palooza, ATM hacking, a plague of  Magecart compromises,  new AWS security controls, browser add-ons and content security policies (CSP), swatter gets over 20 years, and ballot design issues.

Welcome to This Week’s [in]Security. This week: breaches at FIFA, AMEX, Bankers Life, Ontario Cannabis Store/Canada Post, and HSBC,  warning about un-certified payment terminals, SEC has a new set of teeth, Stat's Canada data grab update, Consumer's Reports looks at IoT security, new laws in New Hampshire and Ohio, jailing CEOs, SSD encryption failure, more Magecart and other supply side scripting attacks, election security, and Remembrance Day.

Welcome to This Week’s [in]Security. This week: a £120K USB stick, Google+ shuts down after breach, a very rare public admission of non-compliance with PCI, Facebook's troubles continue, outlawing weak passwords, controversial and conflicting stories about Chinese spy chips,  shaming bad IoT, distrusting AIs, and creepy elevators.