controlgap.com

Posts about:

NSA

NIST, [in]security, PCI 4.0, NSA, Crypto-Taxes, CRTC, NICE

This Week's [in]Security - Issue 257 | insecurity | Control Gap

Mar 6, 2022 12:00:00 AM

Welcome to This Week’s [in]Security. PCI and payments: PCI updates: DSSv4 timelines. Training & events. New breaches: Conti Malware Group, Samsung, Nvidia, Robinhood, Lawyers. New Ransomware: Hive Decryption, Toyota, AON. Major outages: Semiconductors. Follow-ups & Fall-out. Privacy: DNA testing, AirTags. Laws & Regs - Canada: Lawful Access, Privacy Reform, CRTC. US: Cybersecurity law, SEC, Web-Scraping. World: Telcos, Crypto-Taxes. Standards: NSA, NIST. Defense. Vulnerabilities, Zerodays: Firefox, Other Vulnerabilities: Password Cracking, Credentials in Code, Linux, Samsung, Stalkerware, Medical IoT, Echo, Patching: CISA. Crypto-research: PQC-Hybrid. Cybercrime: Trends: APIs, DDoS, NVIDIA certs, Sharkbot, SockDetour, Teabot. Nation States and mercenaries: Europe, China, Iran. Crime & Enforcement. Other Risks: Bulletproof TLS, Shadow IT. Democracy. Health, Safety & Environment. The Russia v. Ukraine war. Innovation and more.

Note: the volume and variety of Ukraine related articles makes it difficult to report these under specific sections, we will be reporting these in a dedicated section below.

CG Blogger

MFA, NIST, [in]security, NSA, Crypto

This Week's [in]Security - Issue 220 | insecurity | Control Gap

Jun 20, 2021 12:00:00 AM

Welcome to This Week’s [in]Security. DSSv4 timelines. Magecart. New breaches: CVS, Carnival Cruises, Wegmans. New Ransomware: G7 vs. Russia, Bitcoin?, ICS Software, Nukes, source released. Major outages: Puerto Rico, Follow-ups & Fall-out: Avaddon quits, 5B records, Lessons learned, US fines. Privacy: Trusting VPN providers, Pseudonymity, Phones, Cartoon App. Laws & Regs - Canada: Copyright. US: Web Scraping, DPA, Facial recognition, Section 230, Massachusetts and Google app installation. The world: Crypto-wars, USA-EU, Compelling Passwords, Apple-EU. Standards: NIST & NSA. Defense: MFA list, Supply chain, ScriptWatch, Free book. Vulnerabilities: Chrome & Apple ZD, Utility Sector, Cisco, Linux, Defibrillators, Peleton. FPE weaker, 2G/GPRS backdoor. Cybercrime - Trends: Vigilante malware? PDFs, SEO poison, Google Docs, Fake cryptocurrency devices, Ransomware ops, Nation States. Crime. Other Risks: Undersea cables, email risks, BadBots, Win10 EOS, Mainframes. Health, Safety & Environment: Bio-labs, Makeup, Pollution, More mRNA, Smart meters, Tesla crashes, Extremism. Covid-19: Spread, Curves, Waves, and Variants. Response, Vaccine passports, Borders, Immunity, Delta & Gamma, Canada, Learned, Covid Ugly. And more.

CG Blogger

Cybersecurity, IoT, NIST, [in]security, NSA

This Week’s [in]Security – Issue 102 | insecurity | Control Gap

Mar 11, 2019 12:00:00 AM

Welcome to This Week’s [in]Security. This week: PCI DSS 4.0 begins its journey, debates on cashless and contactless payments, 2018 data breaches up by over 4x , policy and cyber risk disclosure, breach followups, another mega breach of contact information, what's Facebook up to, more undisclosed microphones, NIST updates, NSA's reverse engineering tool opens up, Equifax fumbles again, a new class of firmware attacks, more IoT, several zero-days in the wild, bots, big data, echo chambers, behavior prediction, and more.

CG Blogger