controlgap.com

[in]security, breaches, McDonalds, github, Zenga, NFT

This Week's [in]Security - Issue 263 | insecurity | Control Gap

Apr 17, 2022 12:00:00 AM

Welcome to This Week’s [in]Security. PCI and payments: PCI related: New breaches: disclosures, source code, Queen's University, McDonalds. New Ransomware: persistence, Zenga, Snap-On Tools, Nordex. Follow-ups & Fall-out: GitHub oauth, T-Mobile, Rideau Hall, hospital lawsuits. Privacy: Webex, De-anonymizing Bitcoin, Data brokers. Laws & Regs - Canada: Harms, Online News. US: Facial Recognition. Defense - Training & events: PCI, IEEE, NICE. FSP, Certs. Tools: SLSA, Autopatch, Purple. Vulnerabilities, Advisories: CISA. Zerodays: Microsoft, Nginx. Patching: Chrome, Vmware, Cisco, Windows, Struts. Other: 80%, ICS, Cloud, NFT. Vulnerability research: FrozenHeart/Zero Knowledge, Hospital bots. Crypto-research: QIST & quantum attacks. Cybercrime: Trends: payment apps, customer support, fake jobs, botnets, text scams. Crime & Enforcement: Ottawa, RaidForums, unethical. Nation States and mercenaries. Other. Other Risks: General: Trusting AI, Governance, Self-drive & cops, Snake -oil. Health, Safety, Economy. Russia v. Ukraine. Innovation and more.

CG Blogger