controlgap.com

Posts about:

Skimmers

NIST, [in]security, Skimmers, Log4J, Zabbix, SCADA

This Week's [in]Security - Issue 256 | insecurity | Control Gap

CG Blogger
Read More
COVID-19, Ransomware, NIST, [in]security, Magento, Skimmers, IRS

This Week's [in]Security - Issue 255 | insecurity | Control Gap

CG Blogger
Read More
IoT, NIST, [in]security, Magento, Skimmers, Cybercrime, Crypto

This Week's [in]Security - Issue 244 | insecurity | Control Gap

Welcome to This Week’s [in]Security. PCI and payments: Participating brands FAQ, and 8 updates. Magecart/skimmers, Brazil, Square. New breaches: Panasonic, Planned Parenthood. New Ransomware: Critical Infrastructure, Rideau Hall. Major outages, Follow-ups & Fall-out: Gravatar HIPB. Privacy: De-anonymization. Laws & Regs - Canada: health data, Huawei. US: FBI access, TSA, SEC, Biometrics. World: Product Security, Algorithm Transparency. Standards: NIST IoT, CISA mobile. Defense: Spam calls, AI understanding, Facial fuzz, attack maps, DRP, Old tech, Faraday cages. Vulnerabilities, Zerodays: Windows. Other Vulnerabilities: Printers, Routers, NSS Crypto, XS-Leaks, Passwords, zoom, Azure Sphere, Cloud Honeypot, CISA Hitachi & Zoho, Verizon. Cryptography HKDFs, PQC signatures & performance, Quantum Computing. Cybercrime: Trends, NABs, Trojans, AT&T, WRITE, Excel Addins. Nation States: diplomats, air-gaps, fake recruiters. Crime & Enforcement. Other Risks: Cyber-insurance exclusions, long game, China, misinformation, Meta/FB, amplification, shopping bots, Edge, Food, Hype? Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants; Response; Immunity; Learned; And more.

CG Blogger
Read More
COVID-19, [in]security, Skimmers, Crypto

This Week's [in]Security - Issue 241 | insecurity | Control Gap

Welcome to This Week’s [in]Security. PCI and payments: CHD Truncation rules, Holiday warnings, Costco skimmer, Contactless. New breaches: Indian Securities, Robinhood. New Ransomware: WordPress Plugin, MediaMarkt, Ronmor, Queensland. Major outages: DDoS, Citrix, Google, Follow-ups & Fall-out: ICS & OT incident costs, NL Health, SolarWinds, Maxim Health, TTC. Privacy: Microsoft, Meta/FaceBook, PrivacyRaven, Rollercoaster. Laws & Regs - Canada: 5G. US: Crypto sanctions. Hack-back, NSO suit. World: No-hack pact. Defense: Webinars, Webinars. New certifications, Playbooks, Trojan Source, ClusterFuzzLite. Vulnerabilities, Zerodays: Other Vulnerabilities: Beg Bounties, AMD, Palo Alto, AWS, Siemens, BusyBox, Patch Tuesday, Zoho. Legacy MacOS, Web Cache Poisoning, Cybercrime: Trends: FBI email takeover, Initial Access Brokers, techniques, phones, gmail, HTML smuggling. Nation States: US accused, Iran, Korea. Crime: Big ransomware crackdown, Pegasus arrest, DNA and faces. Other Risks: Shadow IT, Azure mistakes, IT/OT, QRL-jacking, Biometrics, Pets, Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants; Response; Immunity; And more.

CG Blogger
Read More
COVID-19, [in]security, Skimmers, ATM, WordPress

This Week's [in]Security - Issue 237 | insecurity | Control Gap

Welcome to This Week’s [in]Security. PCI and payments: Global Community Forum, Technical FAQs, ATM skimmers. New breaches: Brazil's Hariexpress, Missouri Teachers, Verizon/Visible, Student SSNs from 1957, Acer, Thingiverse & 3D Printers, Playbook, Accenture. New Ransomware: Payouts surge, Water plants, Olympus, Banks. Analysis. Major outages: MS DDoS, Snapchat. Follow-ups & Fall-out: Privacy: Client-side scanning backdoors, Facebook AI, Android, Gaggle, 7-11, Real faces. Laws & Regs - Canada, US: Border warrants, TSA cyber regs, Whistleblowers, Fake reviews, Responsible disclosure, lawsuits, World: privacy, anti-ransomware, domain registration, biometrics, DDoS. Standards: IETF & Cloudflare. Defense: credentials revoked, tools, techniques, products, zero-trust. Vulnerabilities, Zerodays: iOS, Windows. Other Vulnerabilities: infrastructure, certificates, WordPress, Open/Libre Office, IPTV Rickroll, NFT, password research. Cybercrime: Trends: Stealing OTP, Aircraft maintenance, HTTP probes, Ad injector, Nation States. Crime. Other Risks: critical thinking, plain speech, complexity. more FB AI failure, great resignation, crypto. Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants; Response; Immunity; Covid Compliance. And more.

CG Blogger
Read More
COVID-19, Ransomware, NIST, [in]security, Skimmers, zeroday

This Week's [in]Security - Issue 210 | insecurity | Control Gap

Welcome to This Week’s [in]Security. PCI 3DS, New e-skimmers, Card breaches. EU's SCA. Big-Hacks: Facebook, Linkedin. New breaches: Clubhouse, Q Link Wireless. New Ransomware. Follow-ups & Fall-out. Privacy: Big Brother? Xcinex Venue. Laws & Regs: Bans, Breach law, Facial recognition, NIST & Hippa. Defense: Tools, Simplification, Resilience. Vulnerabilities: Cisco zeroday, Pwn2Own, SAP, Zoom, Carbon Black, Domain Time II, Moodle, medical devices, 802.11bf sensing. Cybercrime: Trends. Gigaset, Nation States. Cyber-war? Other Risks. Health, Safety & Environment. Covid-19: Spread, Curves, Waves, and Variants. The Good, Bad, and Ugly (Behaviour). And more.

CG Blogger
Read More
COVID-19, NIST, [in]security, Skimmers, pin, Solarwinds

This Week's [in]Security - Issue 203 | insecurity | Control Gap

Welcome to This Week’s [in]Security. Texas Disaster. News/Link Taxing. More SolarWinds. SLC Update. PINs vs. Passwords. Skimmers. New breaches: CRA lockout. New Ransomware. Location. Tracker Pixels. NIST. Zero-Day. Routers. OpenSSL. Big Mac Attack. Trends. Buy-to-infect. Scams & Fraud. Nation States. Arrests, etc. AI. Misinformation. CRISPR. Quantum Fail. Serial Killers. Health, Safety & Environment. H5N8. Covid-19: Spread, Curves, Spikes, Waves, & reinfections. New Variants. Impact. Immunity, Vaccines, and Vaccination. Disinformation. The Good, Bad, and Ugly (Behaviour). And more.

CG Blogger
Read More
COVID-19, NIST, [in]security, Skimmers, zeroday, HSM

This Week's [in]Security - Issue 202 | insecurity | Control Gap

Welcome to This Week’s [in]Security. PCI HSM Update RFC. Vampire Skimmer. New breaches: New Ransomware. Encryption and Breaches. SolarWinds. NIST. Zero Days. Defender. Drivers. TCP Stacks. SAP. SonicWall. WordPress. SuperMicro. Trends. Water Plant Hack. Nation States. Supply-Chain Attack. Arrests, etc. SIM Swappers. AI Manipulators. Ambivalence. Health, Safety & Environment. Covid-19: Spread, Curves, Spikes, Waves, & reinfections. New Variants. Immunity, Vaccines, and Vaccination. The Good, Bad, and Ugly (Behaviour). And more.

CG Blogger
Read More
COVID-19, Phishing, [in]security, Skimmers, SANS, ATM

This Week's [in]Security - Issue 176 | insecurity | Control Gap

Welcome to This Week’s [in]Security. Magecart. ATM Skimming. New breaches: Military, health, SANS. New Ransomware. Facial Recognition. Shame. Robocall honeypot. Disinformation. 0-days. LTE break. Adobe. Citrix. Struts. Motherboards. Wordpress. Cryptanalysis. CRA Credential Stuffing. Linux Malware. BEC. TOR. Phishing. Data Ubiquity. Security Bias. Jobs. Quantum. FireFox. Covid-19: Spread, Curves, Spikes & Waves. Vaccine Progress. And more.

CG Blogger
Read More
MFA, [in]security, Skimmers, Magecart

This Week's [in]Security - Issue 169 | insecurity | Control Gap

Welcome to This Week’s [in]Security. Fallout from US Unrest. Covid-19: Spread & Curve. Lockdown, Reopening, & The New Normal. More of the Good, Bad, and Ugly. PCI SPOC v1.1. POS ransomware. Smile and say Magecart. e-Skimmers and IFRAMES. Breaches: BlueLeaks, Twitter, e-learning, Brazil, Preen.me, Contact tracing app problems. Tim's Privacy Violation. New nosier Edge. Tech Fines. More crypto-wars. Taxing Links? One year certificates. Crims lock in with MFA. Insecurity included. PDF Safety. Banking backdoor. All your base printer are belong to us? Denial. AI is gullible, biased, misunderstood, and misapplied. Unintended Cyber-consequences. And more.

CG Blogger
Read More