Blog Posts Tagged with "PCI"

Ffc4103a877b409fd8d6da8f854f617e

Webcast: Enterprise Security Trends To Watch For In 2015

February 12, 2015 Added by:InfosecIsland News

Please join Virtustream and SecurityWeek on Wednesday, Feb. 18th at 1PM ET for a live webcast on enterprise security trends.

Comments  (4)

Af7244bb99debb4a1152fa49a993a05c

New PoS Malware Used to Target Interactive Kiosks

November 27, 2014 Added by:Eduard Kovacs

A new piece of malware designed to steal data from point-of-sale (PoS) terminals has been found on electronic kiosks, including on public transport ticket vending machines, IntelCrawler reported on Wednesday.

Comments  (2)

0356a83ecb15c8e33b00560d7bebe47f

What to Expect When You're NOT Expecting: 7 Steps of a Professional Forensic Investigator

October 02, 2013 Added by:Stephen Marchewitz

A brief understanding of the process, time and overall cost of a Card Holder Data. All information contained in this article is for the purposes of awareness and education. If you have experienced a breach, contact a PFI company immediately.

Comments  (0)

0356a83ecb15c8e33b00560d7bebe47f

Passing the New Guidelines on PCI Risk Assessments

March 07, 2013 Added by:Stephen Marchewitz

While PCI DSS compliance has been a requirement for several years now, it’s been fairly subjective as to what a compliant program looks like and how an organization actually goes about it. While that can still look to be the case, here are a few things to consider.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Third Party Service Providers and PCI Compliance

September 25, 2012 Added by:PCI Guru

If a third party is providing your organization a service that has access to your cardholder data environment (CDE) or the third party could come into contact you’re your cardholder data (CHD), then that third party must ensure that the service complies with all relevant PCI requirements...

Comments  (3)

Fc152e73692bc3c934d248f639d9e963

Pre-Authorization Data: The Definitive Answer

September 03, 2012 Added by:PCI Guru

Just to be clear, I have never argued that pre-authorization data was not to be secured with the same diligence as post-authorization data. I just could not find anything in the PCI DSS that explicitly called out the coverage of pre-authorization data.

Comments  (0)

37d5f81e2277051bc17116221040d51c

Wanna Buy Some Dumps?

July 07, 2012 Added by:Robert Siciliano

“Dumps” are batches of stolen credit card numbers. This example of a criminal’s sales pitch for stolen dumps came to me through a comment on a blog post I wrote about credit card security. Go figure. If you scan the following message line by line, you’ll see there’s a great deal of thought put into the pitch...

Comments  (13)

Fc152e73692bc3c934d248f639d9e963

More on PCI Scoping

June 22, 2012 Added by:PCI Guru

“At least annually and prior to the annual assessment, the assessed entity should confirm the accuracy of their PCI DSS scope by identifying all locations and flows of cardholder data and ensuring they are included in the PCI DSS scope"...

Comments  (1)

9f19bdb2d175ba86949c352b0cb85572

Close Encounters of the Third (Party) Kind...

June 06, 2012 Added by:Neira Jones

There are numerous third parties and cloud providers around. A few have already achieved a dominant position, but a recent article highlighted that "others have opportunities to get into the act by offering more security and protection". So there you are, security can be a unique selling proposition...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Building an AppSec Training Program for Development Teams

March 07, 2012 Added by:Fergal Glynn

A holistic application security approach that includes integrating developer training with static analysis and advanced remediation techniques will help reduce overall risk across your enterprise application portfolio and will strengthen your security program...

Comments  (0)

Ebe141392ea3ebf96ba918c780ea1ebe

Remember, Security Predictions Make...

February 15, 2012 Added by:Wendy Nather

Security predictions can be a great way of starting conversations if you look at them the right way. If you look at them the wrong way, they're great for raising a huge chorus of "Nuh-UH!" or even "You're kidding, right? Call the coroner..."

Comments  (0)

F29746c6cb299c1755e4087e6126a816

Cyber Crime Creates More Victims Per Hour than Babies Born

December 10, 2011 Added by:Kelly Colgan

As more shoppers turn to their laptop, iPads and mobile phones to get items crossed off their list, thieves are on the prowl to hack into systems to obtain customer information – email addresses, passwords, credit card data, PayPal account info, etc...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Controls Have to be Executed Perfectly Every Day

December 04, 2011 Added by:PCI Guru

Security is not perfect, and controls have to be executed perfectly every day, every year - else that is where things always go awry. If you execute controls consistently, your organization should be very difficult to compromise and the bad guys will find an easier target...

Comments  (0)

D15e0b682a84587af9af463961d00f22

e-Commerce Risks for Cyber Monday and the Holidays

November 28, 2011 Added by:John Nicholson

To deal with the potential volume, they can turn to cloud-based services to add capacity and prevent the site from crashing, but as we'll discuss below, the availability commitments made by many cloud services create their own risks...

Comments  (0)

6648b1abd4a9b964566c3690613f20a6

Affiliate Marketing Scam

November 21, 2011 Added by:Mark Baldwin

Just about every adult website has an affiliate program and it is not uncommon for scammers to look for ways to take advantage of these programs. I was recently informed by a large payment gateway operator of a scam that is currently in operation. Here is how it works...

Comments  (2)

37d5f81e2277051bc17116221040d51c

The Evolution of Online Fraud Prevention

October 27, 2011 Added by:Robert Siciliano

When merchants moved from catalogs to websites, IP addresses were used to track transactions. But bad guys figured out how to spoof them. Now we have a number of new technologies designed to fight credit card fraud. The most effective and widely implemented is device reputation...

Comments  (0)

Page « < 1 - 2 - 3 - 4 > »