9 min read
This Week's [in]Security - Issue 207
Welcome to This Week’s [in]Security. Magecart exfiltration. More FPE Weakness. Big-Hacks: Exchange Hack. F5 Attacks. SolarWinds. New breaches:...
FPE
8 min read
This Week’s [in]Security – Issue 104
Welcome to This Week’s [in]Security. This week: NIST FPE update may render some deployed solutions weak, NIST formalizes TDES sunset, Magecart...
4 min read
NIST Update to Format Preserving Encryption Standard affects PCI Use Cases
Last month NIST announced they were seeking feedback on a proposed updated guidance for FPE. More formally this is SP 800-38G rev 1 "Recommendation...
7 min read
This Week’s [in]Security – Issue 101
Welcome to This Week’s [in]Security. This week: detailed alert on trending e-commerce attack methods, PCI glossary for small business, PCI seeks...
2 min read
7 Things You Can Do To Deal With The Recent Format Preserving Encryption (FPE) Compromise
Barely a year after NIST approved Format-Preserving Encryption (FPE) based on AES they've issued a news release that one of the approved modes has...
3 min read
Must Format Preserving Encryption (FPE) be distinguishable from cardholder data for PCI?
Previously we looked at Format Preserving Encryption (FPE) its characteristics and suitability for application in solutions intended for PCI DSS. ...
4 min read
What is Format Preserving Encryption and is it suitable for PCI DSS?
Format Preserving Encryption or FPE is recent technology that is beginning to show up in payment solutions with the promise of simplifying PCI DSS...