Viewing posts tagged pci
texas-considers-requiring-pci-compliance
Posted by: admin 15 years, 10 months ago
In an interesting twist in the continuing PCI story, the Texas legislature may mandate PCI compliance:
According to the language of the bill, "A business that, in the regular course of business, collects, maintains, or stores sensitive personal information in connection with an access device must comply with payment card industry data security standards." The bill would allow a financial institution in the state to request a breached entity to provide certification of its compliance with PCI specified controls. HB 3222 would require the certification to be issued by a PCI-approved auditor no earlier than 90-days before the breach.It sounds like retailers would have to be audited every 90 days! Is this bill the work of the financial institutions or the auditors?
the-express-scripts-bounty
Posted by: admin 15 years, 10 months ago
Now this could be interesting. Express Scripts is offering $1,000,000 reward for information leading to the arrest and conviction of the attacker trying to blackmail them. That is a lot of Ameros.
tjx-5-takeaways
Posted by: admin 15 years, 10 months ago
Computerworld has a summary commemorating the one-year anniversary of the TJX breach. I agree with the article. The PCI Standard is a work in progress; Bad guys are hard to catch; etc.
top-9-reasons-to-embrace-two-factor-authentication
Posted by: admin 15 years, 10 months ago
Passwords have been around forever and it's starting to show. The next level of authentication security is two-factor authentication. Your ATM card is an example of two-factor authentication: you need both possession of the card and knowledge of the PIN to get cash. There are a number of factors that are pushing two-factor authentication toward a tipping point.
how-to-secure-vnc-remote-access-with-two-factor
Posted by: admin 15 years, 10 months ago
I've written another how-to for Howtoforge. This article describes how to combine WiKID and NoMachine's NX products to secure VNC. It should be noted that NoMachine offers a lot more functionality and speed than just tunneling VNC through SSH. It is incredibly fast and allows for remote X and RPD in addition to VNC. They have a version that is free for two concurrent connections.
Recent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)