PCI – Payment Card Industry v3.2¹ is now in effect As of April 2016 published date. So what has changed? What else do merchant vendors and providers have to do to keep “DSS Compliant” status. Remember our post on December 2015² ? It noted that SSL technology for Internet commerce is not good enough … Read more
What can we use that is good for us that is not being done today? Remember that the hacker is designing new threats every day trying to reverse engineer the technology you are using and trying to attack and defeat your defenses with these new methods. So why am i bringing up a Higgins … Read more
Ok, as I read the latest 2600 magazine on my tablet (article “Parse Database Injection”). I was going to write about the article as it is pretty interesting to me. April 4, 2016 edition so it is not online yet. But as I read more I realized only a few people will understand what I am … Read more
Have you heard this claim before? Working on just PCI compliance is not enough! What about the 109 pages of compliance checks in V3.1 of the PCI DSS Standards(Payment Card Industry – Data Security Standard)¹ document is lacking in Cybersecurity? There are 12 sections in the document: Firewall installation and configuration, roles of network admins, paperwork and … Read more
What do I mean by “In Time” ? it means that at some point when a system has old code on it a new attack will have been developed by enterprising hackers both good and bad hackers. At that point your system is easily hacked, the more time you leave it unpatched the more likely … Read more