Data Breach

18 Jan

Don’t be Next – Securing Usernames and Passwords with Tokenization

Yahoo- 1 Billion, Myspace– 427 Million, Oracle’s Micros- 330 Million, Ashley Madison– 300 Million, LinkedIn- 167 Million, Dropbox- 68 million: these are the amounts of exposed usernames, passwords, and numerous pieces of valuable PII breached in 2016. What’s incredible is that this list is just the tip of the iceberg,

28 Apr

Were the Panama Papers Revealed by A Whistleblower, Hacktivist, or Thief? Should it Matter to Security Professionals?

The Panama Papers have the world’s full attention. The pundits conjecture that the Prime Minister of Iceland stepping down from power due to revealed financial improprieties is just the tip of the proverbial iceberg of a global financial scandal. Is this finally a case of a heroic insider at a

15 Feb

TLS 1.0 Is Going Away – How Does That Impact JavaScript Browser-Based Encryption?

In the early days of the Internet, before e-commerce was a major force, the simple browsers made use of an equally simple security protocol called Transport Layer Security (TLS version 1.0) based on the Secure Socket Layer (SSL) protocol. TLS 1.0 was intentionally modified to make it easy for multiple

27 Jan

Gone Phishing – Malware Wants your PII Part 2

  Part 2 of 2 In our last blog installment, we discussed the rash of data breaches that are hitting all industries, aimed at stealing very valuable Personally Identifiable Information (PII). The current generation of malware attacks faster and is nearly undetectable, deploys more insidious ransomware, and contains far more

25 Aug

Are Global Card Brands Stacking the Deck with EMVco?

The card brands have something up their sleeve with the EMVco network tokenization standards. According to the April 2015 PCI document “Tokenization Product Security Guidelines” EMVco has set proprietary standards on network tokenization. These new suggested proprietary standards obviously benefit the card brands and are intended to create additional barriers

13 Aug

A Data Breach Class Action Lawsuit Will Cripple Retailers

Recent federal court rulings are showing more favor for victims of data breaches, giving precedent to class-action lawsuits against the businesses who are breached. The U.S. Court of Appeals for the Seventh Circuit recently ruled that victims of data stolen during a security breach at Neiman Marcus stores have standing—a