15 min read
This Week's [in]Security - Issue 233
Welcome to This Week’s [in]Security. PCI and payments: Crypto-agility. New breaches: Wearable aggregator megabreach, Epik, Walgreens, Indonesian...
5 min read
Why Organizations Need to Become Crypto-Agile and What that Means
Cryptographic change is a reality. Since 2006, we have seen the sunset of WEP, SSLv2, RSA-1024, SSLv3 and early TLS. We know that Triple DES and...
12 min read
This Week's [in]Security - Issue 232
Welcome to This Week’s [in]Security. PCI and payments: Back-to-Basics. Dotty's & NRS. New breaches: Fortinet, UN, Tesla, Israel, Morocco, Singapore,...
17 min read
This Week's [in]Security - Issue 231
Welcome to This Week’s [in]Security. PCI: 8-digit BINS, Back-to-basics, Controlling Scope, POS breach. New breaches, New Ransomware: food,...
3 min read
Why did my PCI DSS Scope Explode?
It can be extremely frustrating for a compliance team to realize that additional systems are in-scope. It means additional and unexpected security...
12 min read
This Week's [in]Security - Issue 230
Welcome to This Week’s [in]Security. SSF faqs, firewalls, Storing CVV. New breaches: Microsoft Power Apps: IndiaMart, Imavex. New Ransomware:...
4 min read
Don’t Tie Yourself in Knots Thinking you can Store Payment Card Verification Codes/Values
Card Not Present Security Codes/Values are the 3 and 4 digit printed numbers on your payment cards used to verify card-not-present transactions. PCI...
13 min read
This Week's [in]Security - Issue 229
Welcome to This Week’s [in]Security. Big-Hacks: T-Mobile. New breaches: Terrorist Watchlist, US census, Baby monitors and cams, Chase, HVAC as a...
2 min read
Our Offensive Security Hiring Process
Control Gap is expanding our Offensive Security team and looking for talented individuals. To ensure that we have the right team, we needed a better...