Information Security in Today's Digital Culture
Header
wrongway

Most penetration testers are focused on one thing and one thing only: compromising the client. Heck, that’s what they are being paid for, right? That doesn’t even make my top four goals. I see a penetration test as a building block for a larger security program. My goals are simple: Geoff WilsonGeoff Wilson currently serves …
Read more

On October 1, 2015 Visa, MasterCard, Amex, and Discover will be instituting a liability shift for fraudulent transactions. If either the merchant or the issuer (the customer’s bank who issued the credit/debit card) are not EMV-compliant and the other is EMV-compliant, then the party with the lesser technology will bear the liability for card-present transactions …
Read more

In light of the recent Target event, there has been an uptick in activity around malware that specifically targets Point of Sale systems. The most common ones that seem to be referenced are the following: BlackPOS: Affects Windows-based Point of Sale systems. The attack essentially sits in between the card reader and the POS application. …
Read more

Not to make light of the gravity of the event, but here we go again – Consumers are subjected to another round of warnings about yet another credit card information breach! Unfortunately, these data breach warnings are in danger of becoming as common as the daily weather report. This time the source of the breach, …
Read more

Implementing tokenization is much more about understanding how your organization interacts with payments than it is simply rolling out a device that will tokenize payment card data. Many tokenization solutions in the market today are a “silver bullet” and can remove your environment from PCI scope. Beware though, most solutions address only one piece of …
Read more