4 min read
Addressing Log4Shell
The Log4Jshell vulnerability has sparked an Internet firestorm and may potentially be one of the most devastating bugs in years. But why? Log4shell...
16 min read
This Week's [in]Security - Issue 245
Welcome to This Week’s [in]Security. Log4J/Log4shell! PCI and payments: PCI updates: PIN, SSF. Non-Compliance Lesson No.3. Magecart, Supply-Chain...
2 min read
Non-Compliance Lesson No. 3: Don't upgrade or patch your old stuff
PCI DSS can be hard and not preparing for it just makes things harder. Following this advice is guaranteed to make it both more exciting and painful....
18 min read
This Week's [in]Security - Issue 244
Welcome to This Week’s [in]Security. PCI and payments: Participating brands FAQ, and 8 updates. Magecart/skimmers, Brazil, Square. New breaches:...
14 min read
This Week's [in]Security - Issue 243
Welcome to This Week’s [in]Security. PCI and payments: magecart, old school jackpot, processors, transit. Big-Hacks: 1M GoDaddy WordPress sites...
18 min read
This Week's [in]Security - Issue 242
Welcome to This Week’s [in]Security. PCI and payments: Magecart, Jackpot. New breaches: IAB's, Indian Securities Depository, Stripchat, RobinHood,...
15 min read
This Week's [in]Security - Issue 241
Welcome to This Week’s [in]Security. PCI and payments: CHD Truncation rules, Holiday warnings, Costco skimmer, Contactless. New breaches: Indian...
17 min read
This Week's [in]Security - Issue 240
Welcome to This Week’s [in]Security. PCI and payments: Non-Compliance Lesson #2, Big FAQ update, PAX/WorldPay/FBI update, magecart. New breaches:...
2 min read
Non-Compliance Lesson No. 2: Outsource your payments/security and don't read the fine print
PCI DSS can be hard and not preparing for it just makes things harder. Following this advice is guaranteed to make it both more exciting and painful....