In the first and second parts of this red team penetration testing blog, I described how armed with minimal knowledge of a company, I was able to root the entire domain. Anything goes in red team penetration testing, and I went all the way. After a few days of...
Recently the PCI Security Standards Council held their North American Community Meeting. This annual meeting brings together assessors, payment professionals, card brands, Council members, Acquirers, and other interested parties to discuss the state of our beloved...
The Payment Card Industry (PCI) Security Standards Council (SSC) recently announced the forthcoming release of PCI DSS 3.2. The release of PCI DSS version 3.2 will supersede the scheduled change for November 2016, and will be the only update to the DSS in 2016. The...