controlgap.com

Welcome to This Week’s [in]Security. Log4J/Log4shell! PCI and payments: PCI updates: PIN, SSF. Non-Compliance Lesson No.3. Magecart, Supply-Chain Backdoors: New breaches: Kafka. Volvo. New Ransomware: Follow-the-money, Cybercommand, Utilities, Healthcare, SPAR stores. Major outages: Amazon. Follow-ups & Fall-out. Privacy: Tor, surveillance capitalism, facial recognition. Alexa can you keep a secret? Laws & Regs - Canada: website blocking, JusTech. US: Copyright takedowns. World: Espionage tools, Botnet lawsuit, Assange. Cybercriminal Court? Standards: Cyber-resilience. testing. IPv6 transition. Defense: Cyber & the board, AI, Smishing, pirates. Vulnerabilities, Zerodays. Other Vulnerabilities: HTTP-no- S, Home grown, Chrome, Win/URI, WD SanDisk, SonicWall, MikroTik, Bluetooth, factoring. Cybercrime: Trends, Phising. WordPress, npm. Moobot. Nation States. Crime & Enforcement. Other Risks: AWS, Quantum, BurnOut, Tor, Kids, Cryptominers, AirTag abuse. Health, Safety & Environment. CO2 capture, batteries, nukes. Covid-19: Spread, Curves, Waves, and Variants; Response; Immunity; Impact; Covid Compliance. And more.

Welcome to This Week’s [in]Security. PCI and payments: Magecart, Jackpot. New breaches: IAB's, Indian Securities Depository, Stripchat, RobinHood, RedDoorz, IDC, Ducks Unlimited, GitHub/Firefox-Linux. New Ransomware, holidays, trends, analysis, response. Major outages: Google, Tesla. Follow-ups & Fall-out: FBI emails. Privacy: CitzenLab reports, Amazon, phones, Microsoft(?) Camera detectors. Laws & Regs - Canada: C-10. digital IDs. US: attack reporting, hack-back, NSO, Right to repair, Ohio v. FaceBook. World: No-Hack pact, UK Cloud providers, lawsuits. Standards: Patch Management, password rules. Defense: Cell-spam, smartphones, Duck-Duck, SugarCoat, Deepfakes, rookies, misconfigurations. Vulnerabilities, Zerodays: FatPipe, Windows. Mac. Other Vulnerabilities: Canadian passwords, Chips & firmware, ICS, IoT, GitHub/NPM, Azure AD, Chrome, Windows, Apple patch lag, LibreCAD, Blacksmith/Rowhammer, ETW attack, TOR fingerprints. Cybercrime: Trends, Nation States: Belarus, Iran, North Korea. Crime: crypto-klepto, mixers, Revil, election hacking. Other Risks: Quantum update, supply chains, dystopia & harassment, insiders, Chatbots, NFTs. Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants; Response; Immunity; Learned; Covid Ugly; And more.

Welcome to This Week’s [in]Security. PCI and payments: CHD Truncation rules, Holiday warnings, Costco skimmer, Contactless. New breaches: Indian Securities, Robinhood. New Ransomware: WordPress Plugin, MediaMarkt, Ronmor, Queensland. Major outages: DDoS, Citrix, Google, Follow-ups & Fall-out: ICS & OT incident costs, NL Health, SolarWinds, Maxim Health, TTC. Privacy: Microsoft, Meta/FaceBook, PrivacyRaven, Rollercoaster. Laws & Regs - Canada: 5G. US: Crypto sanctions. Hack-back, NSO suit. World: No-hack pact. Defense: Webinars, Webinars. New certifications, Playbooks, Trojan Source, ClusterFuzzLite. Vulnerabilities, Zerodays: Other Vulnerabilities: Beg Bounties, AMD, Palo Alto, AWS, Siemens, BusyBox, Patch Tuesday, Zoho. Legacy MacOS, Web Cache Poisoning, Cybercrime: Trends: FBI email takeover, Initial Access Brokers, techniques, phones, gmail, HTML smuggling. Nation States: US accused, Iran, Korea. Crime: Big ransomware crackdown, Pegasus arrest, DNA and faces. Other Risks: Shadow IT, Azure mistakes, IT/OT, QRL-jacking, Biometrics, Pets, Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants; Response; Immunity; And more.