A look back at Log4j shows fast reaction, slow remediation

A look back at Log4j shows fast reaction, slow remediation

It’s perhaps no surprise that when somebody comes up with a great fix in life, few people actually use it—many a Scrub Daddy, Squatty Potty, and Rapid Ramen Cooker stay sealed and unopened, despite being upgrades to their predecessors. In the security space, better versions of products are released all the time, at high speeds,…

PCI ASV Program

This article is meant to call out some of the items some companies or people might not understand about the ASV program. Most of the content is directly from the program guide that can be found on the PCI Councils website. This is in no way a full description of the program guide or a…

What’s New in PCI DSS v4.0?

What’s New in PCI DSS v4.0?

The PCI Security Standards Council (PCI SSC) issued version 4.0 of the PCI Data Security Standard (PCI DSS) on March 31, 2022. The PCI DSS is a global standard that establishes a baseline of technical and operational standards for protecting account data. PCI DSS v4.0 replaces PCI DSS version 3.2.1 to address emerging threats and…

|

Apple Patches Another High Severity Zero-Day Flaw Exploited in the Wild

Apple has released an urgent update to address a critical zero-day vulnerability that is being exploited in the wild. The vulnerability is tracked as CVE-2021-30807 and affects iOS, iPadOS, and macOS devices. This vulnerability exists due to a memory corruption issue in the IOMobileFrameBuffer component, a kernel extension for managing the screen framebuffer. It allows…

Deep Work: Dive into Focused Success in a Distracted World

Deep Work: Dive into Focused Success in a Distracted World

In our constantly connected world, staying focused can feel like a superpower. Cal Newport’s “Deep Work” dives into the concept of deep work: the ability to concentrate without distraction on cognitively demanding tasks. Newport argues that deep work is a critical skill for achieving professional success and personal fulfillment in today’s information overload. Summary The…

Understanding PCI Compliance

Understanding PCI Compliance

Before I begin I want to clarify one important item, only your processor(s), acquiring bank(s), and/or card brand(s) can give you a definitive answer regarding your merchant level. I originally published this article in 2020 but I have updated with the latest level information and included UnionPay. Compliance with PCI DSS is crucial for any…