This Week's [in]Security - Issue 252

30 Jan 2022.

Welcome to This Week’s [in]Security. PCI updates: MPoC. Skimmers, Payments. New breaches, New Ransomware: insiders, Canada FA. Major outages: Record DDoS, Andorra, Tonga. Privacy: tracking censorship, FloC & Topics. Laws & Regs - Canada: CitizenLab on LawBytes. US: China Unicom ban, zero trust, too many laws, Google lawsuit, Cyber-insurance and ransomware, Metaverse-law. World: GDPR, autonomous car liability, China's Internet. Standards: FIPS, NIST, NICE. Defense: EU incident framework, source backup, test people too. Vulnerabilities, Zerodays: Centos 8 (EOL), Apple. Other Vulnerabilities: Disclosure, Polkit/PwnKit, Datacenter remote management, Cameras, mobile protocols. Patching: Windows, QNAP & the forced patch. The Quantum Apocalypse? Cybercrime: Trends: alerts, Revil, BlackCat, Oauth and MFA, BRATA, Dark Herring, BotenaGo/IoT exploit source, DazzleSpy, new tricks. Nation States: Pegasus, APTs. Crime & Enforcement; QR fraud, ID Theft, Rug-Pulls, Swatting. Other Risks: 2M certificates revoked, copywrongs, air tags, gaslighting, unrealestate, cloud costs, following the disinformation money. Russia-Ukraine, Belarus Rail, Health, Safety & Environment: snow, Bitcoin, Winter Olympics, nuclear. Covid-19: Spread, Curves, Waves, and Variants; Response; Treatments; Immunity; Learned; Innovation and more.

PCI Compliance and Payments

News and announcements relating to Payment Security, PCI, Card Brands, Payments, Payment Malware and Fraud, and Payment Related Compliance.

Breaches / Ransomware / Leaks

Covering breaches, leaks, data exposures, ransomware (as potential breach), and their fallout.

Privacy

Articles about privacy related news, risks, and trends.

Laws, Regulations, Platforms, Standards, and Public Policy

News about laws, regulations, platform rules, and standards affecting security, privacy, technology, and public interest.

Defense / Techniques / Solutions

Covering developments and opportunities that may help improve security.

Bugs / Design Flaws / Vulnerabilities / Research

Articles about newly discovered vulnerabilities and research.

Hacking / Malware / Cybercrime / Exploitation

News covering active trends, alerts, events.

Other Security / Risk

Articles covering other types of risks.

COVID-19 updates.

COVID related articles. We have been following coronavirus risks since https://controlgap.com/blog/this-weeks-insecurity-issue-147.

Off-Topic / Science & Tech / Lighter Side

A variety of scientific, technical, historical, and more light-hearted news.