EMV and PCI compliance

tonyz March 26, 2015 security compliance 1 Comment

Good Security means doing good basic IT.

And sometimes it also means keeping up with new compliance initiatives by industry or government.

This year October 1, 2015 there is a new Payment Card Industry(PCI) rule going into effect. On October 1st the liability of a security breach will go to the merchant not the bank or processor.

Here is an article that discusses certain aspects of the http://news.investors.com/technology/032015-744412-latest-point-of-sale-endpoint-security-tackles-expensive-breaches.htm Point Of Sale system.

EMV (the Europay MasterCard Visa credit card standard) will come to the US by October 1st as well. And if you will get new machines anyway get ones which have point-to-point encryption.

Read More At Investor’s Business Daily: http://news.investors.com/technology/032015-744412-latest-point-of-sale-endpoint-security-tackles-expensive-breaches.htm#ixzz3VXDtRj9y
Follow us: @IBDinvestors on Twitter | InvestorsBusinessDaily on Facebook

cardpresentvulnerabilities

Image from visa.com

the problems in most small merchants are basic in nature. the PCI Industry has created a standard:

which is located in the following location: https://www.pcisecuritystandards.org/

Insecure remote access used by attackers
Weak or Default passwords and setting commonly used
Lack of network segmentation
Malware deployed to capture t card data.
Absence of antivirus tools to detect malware

If you add a firewall and Intrusion Prevention Systems you will protect yourself even further.

http://oversitesentry.com/cyberwar-you-aint-seen-nothin-yet/

Then add the Polliwall, now it will be almost impossible for the standard criminals to take your systems. None of us can defend against the nation states, but if we can defend against everyone else then we have created the defensive system for 2015.

1 Comment

Pingback:Oct: Swipe&Sign + Breach = Merchant Liable Not CC companies | Oversite Sentry

Leave a Reply

You must be logged in to post a comment.

Thousands WordPress Sites Hacked April 10, 2024
BleepingComputer has the story WordPress sites have been hacked and then when you visit the site the following image comes and asks you to click a button which then leads you to enter information so the hacker can steal your crypto money. If you click on these buttons and then connect to your crypto wallets […]
My AI Chatbot Got Hacked Now What? March 14, 2024
Horizon3 has a post discussing Nextchat open source chatbot… https://www.horizon3.ai/attack-research/attack-blogs/nextchat-an-ai-chatbot-that-lets-you-talk-to-anyone-you-want-to/ Here is an interesting sentence: “From our research, the most widely deployed standalone Gen AI chatbot is NextChat, a.k.a ChatGPT-Next-Web. This is a GitHub project with 63K+ stars and 52K+ forks. The Shodan query title:NextChat,"ChatGPT Next Web" pulls up 7500+ exposed instances, mostly in China […]

Thousands WordPress Sites Hacked April 10, 2024
BleepingComputer has the story WordPress sites have been hacked and then when you visit the site the following image comes and asks you to click a button which then leads you to enter information so the hacker can steal your crypto money. If you click on these buttons and then connect to your crypto wallets […]
My AI Chatbot Got Hacked Now What? March 14, 2024
Horizon3 has a post discussing Nextchat open source chatbot… https://www.horizon3.ai/attack-research/attack-blogs/nextchat-an-ai-chatbot-that-lets-you-talk-to-anyone-you-want-to/ Here is an interesting sentence: “From our research, the most widely deployed standalone Gen AI chatbot is NextChat, a.k.a ChatGPT-Next-Web. This is a GitHub project with 63K+ stars and 52K+ forks. The Shodan query title:NextChat,"ChatGPT Next Web" pulls up 7500+ exposed instances, mostly in China […]

Thousands WordPress Sites Hacked April 10, 2024
BleepingComputer has the story WordPress sites have been hacked and then when you visit the site the following image comes and asks you to click a button which then leads you to enter information so the hacker can steal your crypto money. If you click on these buttons and then connect to your crypto wallets […]
My AI Chatbot Got Hacked Now What? March 14, 2024
Horizon3 has a post discussing Nextchat open source chatbot… https://www.horizon3.ai/attack-research/attack-blogs/nextchat-an-ai-chatbot-that-lets-you-talk-to-anyone-you-want-to/ Here is an interesting sentence: “From our research, the most widely deployed standalone Gen AI chatbot is NextChat, a.k.a ChatGPT-Next-Web. This is a GitHub project with 63K+ stars and 52K+ forks. The Shodan query title:NextChat,"ChatGPT Next Web" pulls up 7500+ exposed instances, mostly in China […]

Thousands WordPress Sites Hacked April 10, 2024
BleepingComputer has the story WordPress sites have been hacked and then when you visit the site the following image comes and asks you to click a button which then leads you to enter information so the hacker can steal your crypto money. If you click on these buttons and then connect to your crypto wallets […]
My AI Chatbot Got Hacked Now What? March 14, 2024
Horizon3 has a post discussing Nextchat open source chatbot… https://www.horizon3.ai/attack-research/attack-blogs/nextchat-an-ai-chatbot-that-lets-you-talk-to-anyone-you-want-to/ Here is an interesting sentence: “From our research, the most widely deployed standalone Gen AI chatbot is NextChat, a.k.a ChatGPT-Next-Web. This is a GitHub project with 63K+ stars and 52K+ forks. The Shodan query title:NextChat,"ChatGPT Next Web" pulls up 7500+ exposed instances, mostly in China […]