CVE-2015-8620
Malicious input can come from unexpected places.
0 Comments Click here to read/write comments
Topics: Security Blog, Uncategorized
Okay, so I am a merchant who has just received notification from my acquiring bank that I need to provide them with my compliance state for the Payment Card Data Security Standard (PCI DSS). Where do I start? My bank has pointed me to the Payment Card Industry Security Standards Committee (PCI SSC) website.
0 Comments Click here to read/write comments
Topics: Uncategorized, Cyber Security Blog
CREST, CSA and AISP work together to introduce penetration testing certifications in Singapore
0 Comments Click here to read/write comments
Topics: News, Uncategorized
SHA-1: 1E6CF952D9F0D507A6AA98AD2B3327B83702BC17
0 Comments Click here to read/write comments
Topics: Security Blog, Uncategorized
Finding WordPress plugin vulnerabilities is like shooting fish in a barrel.
0 Comments Click here to read/write comments
Topics: Security Blog, Uncategorized
People and Passwords
Passwords, passwords, passwords. I talk about them, I think about them; I go crazy over them!
0 Comments Click here to read/write comments
Topics: Security Blog, Uncategorized
PCI-DSS is a mostly technical set of controls that are applicable to any organisation which stores, processes or transmits credit card data or anything that could affect the security of the card data. It is written by the PCI security standards council (PCI-SSC), mandated by the card brands (Visa, MasterCard, etc.) and enforced by the banks.
0 Comments Click here to read/write comments
Topics: Security Blog, Uncategorized
Reading through the British Army Military Doctrine manual the other day (as you do!) the concept of Fighting Power in the context of cyber warfare got me thinking. How could a traditional approach from a historically renowned army be applied to the cyber world? Cyber, or the internet - if we remove the hyped buzz word - has been described as the fifth military domain after land, sea, air and space, and is certainly at the forefront of the attacks reported in the media these days.
0 Comments Click here to read/write comments
Topics: Security Blog, Uncategorized
Cyber security breaches can cause lasting reputational damage for companies who fall victim, and potential legal action by customers too. To add to this there is now the confirmed risk of enforcement action by the US Federal Trade Commission (FTC).
In a ruling by the US Court of Appeal for the Third Circuit, poor cybersecurity is to be classed as a form of 'unfair competition', which places it within the remit of the FTC to regulate. This interpretation was challenged by the hotel group Wyndham Worldwide, which was on the receiving end of an FTC lawsuit that had begun in June 2012. The District Court sided with the FTC, and now the Court of Appeal has concurred. The original lawsuit continues, but Wyndham have suffered a serious setback.
0 Comments Click here to read/write comments
Topics: Uncategorized, Cyber Security Blog