PCI DSS – WindowsTechs.com

Does anyone know what and how to fix these PCI noncompliant issues that Clover security scanned? I have no idea what any even mean [closed]

Posted on April 24, 2024 by John Mariner

Email I use is webmail from siteground, also use gmail. I can not make any sense of it.

Continue reading Does anyone know what and how to fix these PCI noncompliant issues that Clover security scanned? I have no idea what any even mean [closed]→

PCI DSS non-compliance – who was on the receiving end of fines? [closed]

Posted on March 22, 2024 by bukwyrm

AviD’s Law of Compliance: "PCI compliance reduces the risk of the penalties of non-compliance"
Has anybody here ever been fined for non-compliance or has first-hand experience with a finee? As in: non-compliance not as an aggrava… Continue reading PCI DSS non-compliance – who was on the receiving end of fines? [closed]→

Three security data predictions for 2024

Posted on December 6, 2023 by Help Net Security

How do companies protect their digital environments in a world where everything is growing more complex, quickly – data, customer expectations, cyber threats and more? It’s difficult: Adversaries are adopting and using AI and even generative AI-based t… Continue reading Three security data predictions for 2024→

Why is the absence of a Content-Type header with a HTTP 204 response considered a security vulnerability and what should we do about it?

Posted on November 21, 2023 by Dantre

We have recently developed a web application with a RESTful API backend. This web app need to have a certain security certification (something called PCI-DSS), and thus it is being scanned occasionally to identify potential vulnerabilities… Continue reading Why is the absence of a Content-Type header with a HTTP 204 response considered a security vulnerability and what should we do about it?→

Can CVV be input in a standard web site? The site doesn’t store it

Posted on November 8, 2023 by Emmanuel Gleizer

On my website, payments are done using a PCI-compliant 3rd partner. If the client agrees, I store a TOKEN of the card (returned by the PCI partner).
I want to make a new payment with CVV for the stored token.
Can I display on my website th… Continue reading Can CVV be input in a standard web site? The site doesn’t store it→

PCI DSS Compliance for E-commerce: Ensuring the Security of Cardholder Data

Posted on October 23, 2023 by Owais Sultan

By Owais Sultan
PCI DSS compliance in e-commerce safeguards cardholder data, fortifying trust in online transactions with robust security measures. Protecting…
This is a post from HackRead.com Read the original post: PCI DSS Compliance for E-comm… Continue reading PCI DSS Compliance for E-commerce: Ensuring the Security of Cardholder Data→

Unmasking the limitations of yearly penetration tests

Posted on October 12, 2023 by Mirko Zorz

In this Help Net Security interview, Charles d’Hondt, Head of Operations, Ambionics Security, talks about the necessity of implementing continuous penetration testing because yearly ones are not enough. They leave blind spots and cannot match the… Continue reading Unmasking the limitations of yearly penetration tests→

interchangeable IDs for login under PCI DSS like Facebook and Twitter

Posted on September 16, 2023 by Hamza Mohamed

Is using multiple interchangeable IDs a PCI DSS complaint? Facebook and Twitter uses the same method for sign in.
multiple interchangeable IDs such as sign in with email or mobile or username.

Continue reading interchangeable IDs for login under PCI DSS like Facebook and Twitter→

PCI DSS 4.0 – Are SSH tunnels and gateways doomed?

Posted on August 23, 2023 by round.robin

I won’t lie, I am not a security expert and I am likely one of them guys in them companies whom working life proficiency is to slowly become little annoying. I work for a company complying with PCI DSS standard and the company slowly start… Continue reading PCI DSS 4.0 – Are SSH tunnels and gateways doomed?→