8 min read
The DSS, MageCart, and the DOM – Part 1: The PCI DSS e-Commerce Rules
It turns out that how you implement e-commerce can have a huge impact on your compliance footprint (i.e., the number of PCI security controls...
15 min read
This Week's [in]Security - Issue 226
Welcome to This Week’s [in]Security. Union Pay and PCI, New FAQ, Magecart. UI Rant. New breaches, New Ransomware: Ports. Blood Services, gangs....
17 min read
This Week's [in]Security - Issue 225
Welcome to This Week’s [in]Security. Card Production, Data Removal, Digesting PCI, Issuers. Fingerprint cards. New breaches: Saudi Aramco, Mexican...
5 min read
Why do some Issuers believe they don’t need to be PCI DSS compliant?
Documents from the PCI Council, MasterCard, and Visa clearly indicate that Issuers are required to be PCI DSS compliant (see Learn More below). Yet...
6 min read
6 Ways to Deal with the Magnitude of PCI DSS
Are you new to PCI DSS? Perhaps you need to refresh your approach? If so, this article breaks down 6 strategies that will help you eat the proverbial...
17 min read
This Week's [in]Security - Issue 224
Welcome to This Week’s [in]Security. Major-events: REvil goes dark, Kaseya. New breaches: Guess. New Ransomware: EA, D-Box, Campbell Conroy & O'Neil,...
17 min read
This Week's [in]Security - Issue 223
Welcome to This Week’s [in]Security. Major incidents: Kaseya/REvil! New breaches: Morgan Stanley, CAN, Marsh McLennan, Mint Mobile, The GOP. New...
21 min read
This Week's [in]Security - Issue 222
Welcome to This Week’s [in]Security. DSSv4 RFC, PINv3 FAQ. New breaches: AIG, Raychat, LimeVPN. New Ransomware: Kaseya! Follow-ups & Fall-out:...
20 min read
This Week's [in]Security - Issue 221
Welcome to This Week’s [in]Security. DSSv4 RFC, HSM RFC, WFH, Sunsets, 3DS, ATM vuln & Shimming. New breaches: Mercedes-Benz, APNIC. New Ransomware:...