This Week’s [in]Security – Issue 115 | insecurity | Control Gap
Welcome to This Week’s [in]Security. This week: a quiet week for PCI, RDP MFA bypass, make SSNs public, AMCA (Quest, LabCorp, OPKO) breach, Data...
Welcome to This Week’s [in]Security. This week: a quiet week for PCI, RDP MFA bypass, make SSNs public, AMCA (Quest, LabCorp, OPKO) breach, Data...
NIST recently published a document "Transitioning the Use of Cryptographic Algorithms and Key Lengths" which formalizes the sunset of Triple DES by...
Last month NIST announced they were seeking feedback on a proposed updated guidance for FPE. More formally this is SP 800-38G rev 1 "Recommendation...
Big changes are coming to payment security in 2019. PCI is launching a grand experiment in payment security - Software PIN on COTS (SPoC) - a subset...
To accept credit cards in Canada, businesses need to be PCI compliant. Becoming PCI compliant can be difficult in the first place and keeping up...
PCI Rules Aren't the Only Ones You Need to Comply With Most organizations concerned with payment compliance are focused on the PCI Data Security...
Executives and managers in organizations preparing for their first onsite PCI security assessment may feel confident that having passed a SOX audit...
PCI DSS v3.2 is due for an update this year - but what will that look like? In this article, we peer into our crystal ball to make some predictions...
PCI DSS is all about scope. Getting scope right or wrong is perhaps the single most critical factor determining the ultimate success or failure of an...