January 28, 2012 - Everybody knows that PCI only applies to card transactions on the five major card brands (Amex, Discover, JCB, MasterCard, and Visa), right? Well, maybe not. There might be situations where PayPal transaction could be included in your PCI (continue reading...) Read more
January 25, 2012 - SANS reports that Symantec has just released a document describing vulnerabilities for pcAnywhere users. You can click here to get details and a link to the document. I know many campuses use pcAnywhere, and if (continue reading...) Read more
January 18, 2012 - I was reading the latest news about City College of San Francisco administrators urging students and staff not to use (continue reading...) Read more
January 13, 2012 - I saw an article in today's San Francisco Chronicle describing how the computers at City College may have been infected with a number of viruses. The situation is not good. The devices were sending personal data to addresses (continue reading...) Read more
January 13, 2012 - The Treasury Institute has posted the agenda for the 2012 PCI Workshop on its website. You can click here to view the agenda and/or register. Once again we will begin Monday afternoon with a series of briefings (continue reading...) Read more
January 11, 2012 - George Fried,an, CEO of Stratfor, came forth with a public statement explaining what happened in the attacks against his company last December. He admitted fault, took responsibility and accused Anonymous of censorship that doesn't come openly from governments, but rather (continue reading...) Read more
January 3, 2012 - I am finalizing the agenda for the upcoming PCI Workshop. I have some interesting schools presenting, and I'm really happy to announce that I have managed to wrangle Mike Dahn as our guest speaker. Mike is a (continue reading...) Read more
December 21, 2011 - This is a good time to say "thank you," and wish a Happy Holiday and peaceful new year to everyone (both of you) who follows this blog. This has been an interesting year in PCI (we got version 2 (continue reading...) Read more
December 16, 2011 - According to the excellent Krebs on Security website, the Manhattan police have released indictments on 55 people who were part of the gang responsible for a string of identity thefts in New York. The details are disturbing for (continue reading...) Read more
December 12, 2011 - The PCI Council held an "Open Mic" session today for Participating Organizations this morning. Here are some of the highlights. A major focus was soliciting feedback on the both PCI DSS and PA-DSS. Each PO (continue reading...) Read more
December 7, 2011 - This morning I saw an interesting list of the Top 25 Influencers in Security You Should be Following put out by Tripwire. It is not a complete list, but it has some really good names there. I (continue reading...) Read more
December 6, 2011 - The PCI Council will hold two Open Mic sessions, December 12 and 14th. If your institution is a Participating Organization, you should have received an email invitation with instructions on how to register for a session. Since the (continue reading...) Read more
December 2, 2011 - In this week’s blog we continue our channel recognition momentum, showcase an outstanding new SMB tool, talk about the short quarter, and provide resources to learn more about McAfee’s acquisition of Nitro Security, a new certification service, where to find (continue reading...) Read more
December 2, 2011 - Have you received any of those "Your ACH has failed" or "NACHA Transaction Alert" emails in the past few weeks. I have, and I deleted them immediately. I did that because they are spam.If you received these (continue reading...) Read more
December 2, 2011 - Just because you are a Higher Ed institution does not mean the bad guys have not targeted you. Unfortunately, the University of California Riverside just found that out. In a news release the school advises that campus (continue reading...) Read more
November 21, 2011 - The votes are in, and the three Special Interest Groups for 2012 are:CloudeCommerce SecurityRisk Assessment.The selection of eCommerce Security is very good news for all Higher Ed institutions (see previous post here). I ranked the eCommerce (continue reading...) Read more
November 10, 2011 - Steam, the online empire of computer game behemoth Valve Corporation, has issued details of the hack it suffered last weekend. If you're a Steam user, find out what you should be doing next... (continue reading...) Read more
November 1, 2011 - Hard as it may be to believe, PCI 2.0 is no longer all that "new." In fact, starting today, (continue reading...) Read more
October 31, 2011 - Are you looking at tokenization as a way to reduce your PCI scope? My guess is that you or at least some of your campus merchants are, and therefore you will want to be as up-to-date as you can (continue reading...) Read more
October 28, 2011 - 0 false 18 pt 18 pt 0 0 (continue reading...) Read more