15 min read
This Week's [in]Security - Issue 236
Welcome to This Week’s [in]Security. PCI and payments: PTSv6.1, Interac & SecureKey, Non-compliance! Supply-Chain Backdoors: Big-Hacks: Syniverse...
1 min read
Non-Compliance Lesson No. 1: Wait until your assessment to validate scope
PCI DSS can be hard and not preparing for it just makes things harder. Following this advice is guaranteed to make it both more exciting and painful.
15 min read
This Week's [in]Security - Issue 235
Welcome to This Week’s [in]Security. PCI and payments: Remote Assessment, PA-DSS/SSF transition. CPE Maintenance, P2PE v3.1, PIN Program, Technical...
18 min read
This Week's [in]Security - Issue 234
Welcome to This Week’s [in]Security. PCI and payments: Remote assessments, magecart. New breaches: Thai visitors, Event Builder, Exchange. New...
11 min read
Quantum Cryptography for Risk Managers or Shor, Grover, and the Crypto-Apocalypse
According to some, quantum cryptography will revolutionize cryptography, kill our current ciphers, and reveal all our secrets. But if you're a risk...
15 min read
This Week's [in]Security - Issue 233
Welcome to This Week’s [in]Security. PCI and payments: Crypto-agility. New breaches: Wearable aggregator megabreach, Epik, Walgreens, Indonesian...
5 min read
Why Organizations Need to Become Crypto-Agile and What that Means
Cryptographic change is a reality. Since 2006, we have seen the sunset of WEP, SSLv2, RSA-1024, SSLv3 and early TLS. We know that Triple DES and...
12 min read
This Week's [in]Security - Issue 232
Welcome to This Week’s [in]Security. PCI and payments: Back-to-Basics. Dotty's & NRS. New breaches: Fortinet, UN, Tesla, Israel, Morocco, Singapore,...
17 min read
This Week's [in]Security - Issue 231
Welcome to This Week’s [in]Security. PCI: 8-digit BINS, Back-to-basics, Controlling Scope, POS breach. New breaches, New Ransomware: food,...