PCI Council Releases Revised PA-DSS Eligibility Criteria
On June 29, 2011 the PCI Security Council released a checklist outlining the types of payment applications that are eligible for PA-DSS validation:
Author Archives: HALOCK Security Labs
Understanding Data Tokenization
Data Tokenization Considerations
PCI Compliance for Requirement 8.5.5 – How to Check for Inactive User Accounts?
$865,000 fine for HIPAA violations is latest from HHS OCR
Early July sees the latest fines imposed by Health & Human Services Office for Civil Rights for HIPAA violations.
Summary of Recent Data Breaches
So many recent data breaches – its becoming hard to keep up. Here’s a quick summary of some data breaches. There are many more where this came from, and the full list of known breaches can be found at these sites:
The Shifting Sands of Information Security
We are currently seeing a convergence of forces and circumstances that are causing significant shifts in the way we think about information security and risk management “best practices”.
CVE-2011-5251 – VBULLETIN – MULTIPLE OPEN REDIRECT
PCI Council Releases New Guidance for Virtualization
The PCI Security Standards Council recently released new supplemental guidance (PDF) regarding PCI compliance considerations for the use of virtualization technologies.
Free Intro to PCI Training Available
In case you weren’t able to attend today’s webinar, Introduction to the Payment Card Industry Data Security Standard, we’ve posted a recording of the entire session on Halock’s YouTube channel. The full 6-part series is embedded below for your convenience.
National Vulnerability Database (NVD) National Checklist Program Repository
National Vulnerability Database (NVD) National Checklist Program Repository. While working with our clients to establish appropriate system hardening standards for PCI compliance, we are often asked to provide resources and guidance that can be referenced as additional system and operating system types are deployed. The following NIST resource can be most helpful in this regard.