The PCI Security Standards Council (PCI SSC) has published a minor revision to the PCI Data Security Standard (PCI DSS) many businesses use to safeguard payment card data. The latest version 3.2.1 replaces the previous version 3.2 to mainly account for migrations to newer and more secure versions of Secure Socket Layer (SSL) and early Transport Layer Security (TLS), given previous migration deadlines have passed.
In an effort to protect patient safety and promote public health, the US Food and Drug Administration (FDA) released a new Medical Device Safety Action Plan.
The Center for Internet Security (CIS) has released its next revision (Version 7) of the top 20 Critical Security Controls.
The PCI Security Standards Council (PCI SSC) announced a new PCI Security Standard for software-based PIN entry on commercial off-the-shelf devices (COTS), to include smartphones and tablets.
The Wi-Fi Alliance introduced a new WiFi protocol and standard WPA3 that will enhance Wi-Fi network security protections and simplify Wi-Fi security configuration for users and service providers. The Wi-Fi Alliance organization sets the…
The Open Web Application Security Project (OWASP) released the OWASP Top 10 – 2017 this past month. The new standard includes the ten most critical web application security risks, the first update since the 2013 version.
In the wake of Apple's most recent and embarassing blunder regarding the macOS High Sierra root login flaw, I felt it was a good time to revisit Apple Mac hardening guidelines that can help users and IT admins better secure Apple's OS, to include macOS and OS X.
You may have wondered what application containers are, let alone how to secure them. The National Institute of Standards and Technology (NIST) sets out to explain the benefits and security concerns with application container technologies in the latest Special Publication (SP 800-190) Application Container Security Guide.
The NIST standard, SP 800-177 Revision 1, Trustworthy Email (Draft) was released last month and offers up-to-date security guidance to include SPF, DKIM, DMARC, and email digital signatures and encryption (via S/MIME), among others.
In case you missed it, the National Institute of Standards and Technologies (NIST) published a new guideline "An Introduction to Information Security" for individuals looking to get a better understanding of introductory information security best practices.