fbpx
 

Category: PCI (Payment Card Industry)

PCI Compliance Considerations for XP’s End

We have talked about the end of support for Microsoft XP at length and its implications for users in regards to security and licensing, but thought it would be important to also make our clients and friends aware of the potential for non-compliance with PCI-DSS for any organizations using Point-Of-Sale (POS) payment application environments.

Big Brother made me do it!

Our personal favorite hacker, Albert Gonzalez, said that the government knew about his theft of 130 million credit and debit card numbers from Office Max, TJX, Heartland Payment Systems and Dave & Busters. In fact, he filed a 25-page petition seeking to overturn his 20-year sentence. The Secret Service declined to give comment. Within 5 years, Gonzalez collected $2.8 million. Now, he is saying that it was all government sanctioned. By all means, let’s pass the buck.

How Data Loss Prevention Technology Can Help You

Data Loss Prevention (DLP) is one of the key IT security measures a company must undertake. DLP is one of the 20 Critical IT Security Controls that the nonprofit security training agency SAN recommends. A recent news item provides a great real life of how Nationwide Insurance used DLP technology to prevent an employee’s unlawful activities. Nationwide recently installed new monitoring software to prevent unlawful transmission of data by its employees. The software snagged Qiang “Michael” Bi, a 36-year old […]

Using Oracle Database Firewall

We’re all familiar with network firewalls, which prevent unauthorized access to your network from external sources. However, network firewalls don’t protect your databases from malicious attacks, which sometimes come disguised as privileged internal users. Web applications are a major source of data attacks, through stratagems such as SQL Injection, for example. Oracle’s Database Firewall (a product Oracle gained through its acquisition of Secerno, a British firm, in 2010) offers a solid defensive perimeter to monitor and enforce accepted behavior on […]

Oracle Advanced Security

Oracle Advanced Security (OAS) is an Option that you can purchase for your Oracle databases. What exactly can OAS do for you? There are two key things that you can do with OAS – encrypt what is called data “at rest” and data “in flight”. The data at test that OAS lets you protect is the data stored on your storage disks, whether they are in database storage or in backup storage. Since your database and backup data is stored […]

The Recent attacks on PayPal, Visa and MasterCard

One of the interesting fallouts from the Wikileaks revelations about U.S. and international diplomatic cables that revealed the inner machinations of foreign policy operatives, secrets is the attacks by Wikileaks supporters on various financial institutions that shut off the processing of monetary contributions to the Wikileaks organization. Of the three major financial giants impacted by the mass internet attacks, PayPal, Visa and MasterCard were the most affected entities. PayPal seems to have weathered the storm pretty well, but Visa and […]

In Archive