The PCI Security Standards Council (PCI SSC) has published a new, optional, Software-based PIN Entry on COTS (SPoC)™ Annex for Unsupported Operating Systems (“Unsupported OS Annex”) version 1.0. The purpose of this Annex is to provide additional security and testing requirements to allow solution providers to develop SPoC solutions that merchants can use on commercial off-the-shelf (COTS) devices with unsupported operating systems. The Unsupported OS Annex incorporates stakeholder feedback and comments received via a…

Because every organization has different security needs and requirements, there is no one-size-fits-all approach. Image: Yuichiro Chino/Moment/Getty Images For most organizations, securing operations, networks, infrastructure, applications and data remains a major challenge. As the headlines regularly prove, a determined attacker can break through even the best defenses.  To give themselves an edge, many organizations set up threat intelligence programs. These programs help cyber security teams and business leaders evaluate their overall risk posture, uncover where…

My previous post walked through deploying an SDDC in Google Cloud VMware Engine. This post will show the process of connecting a VPC to your Google Cloud VMware Engine environment, and we will use Terraform to do the vast majority of the work. The diagram below shows the basic concept of what I will be covering in this post. Once connected, you will be able to communicate from your VPC to your SDDC and vice versa….

The United States Postal Service (USPS) is reportedly using the facial recognition technology Clearview AI to spy on American citizens.  According to interviews and documents reviewed by Yahoo News, the use of the technology by the USPS Inspection Service is part of a program that tracks citizens’ social media activity and shares the information with law enforcement agencies.  Under the Service’s Internet Covert Operations Program (iCOP), analysts use Clearview’s collection of images scraped from public websites to “identify…

Supermodel turned cook and TV personality Chrissy Teigen has lost contracts with three major American retailers over previous cyber-bullying. A decade ago, Teigen bullied non-binary teenage reality TV star Courtney Stodden over their marriage to the then 51-year-old actor Doug Hutchinson. In an interview with The Daily Beast, Stodden said they received a lot of hateful comments online but Teigen’s, which were made via the social media platform Twitter, were among the worst. Stodden said: “She wouldn’t just…

Firefox developers understand web browser security is at a premium, so they’ve started rolling out a new site isolation feature. Jack Wallen shows you how to enable Fission. Image: Mozilla The Mozilla developers are doing everything they can to prevent Firefox from fading into the sunset, a browser forgotten and unused. That’s a good thing because Firefox is an important browser that has brought about game-changing features over the years. One thing (at least I…

In the wake of the Schrems II decision[1], and even more in the light of Friday’s Facebook ruling[2], the question on everyone’s mind is how to truly protect personal data from the prying eyes of national security agencies around the world. Despite detailed guidelines[3] issued in November 2020, in the absence of new definitive guidelines for transferring data across European borders[4], many are starting to wonder whether data localisation is the magic bullet to protect…