DNS hijacking cyber attacks on domains worldwide

Security researchers from FireEye have identified a wave of DNS hijacking attacks on domains owned by government, telecom and internet infrastructure organizations around the globe. The analysis suggests the bad actors behind the cyber attacks are of Iranian origin or sponsorship.

Continue Reading →

PCI DSS 3.2.1 release

The PCI Security Standards Council (PCI SSC) has published a minor revision to the PCI Data Security Standard (PCI DSS) many businesses use to safeguard payment card data. The latest version 3.2.1 replaces the previous version 3.2 to mainly account for migrations to newer and more secure versions of Secure Socket Layer (SSL) and early Transport Layer Security (TLS), given previous migration deadlines have passed.

Continue Reading →

New Email Security Guidelines To Combat Phishing Threats

The NIST standard, SP 800-177 Revision 1, Trustworthy Email (Draft) was released last month and offers up-to-date security guidance to include SPF, DKIM, DMARC, and email digital signatures and encryption (via S/MIME), among others.

Continue Reading →