With the latest attack on Magento-based web applications (JavaScript sniffing software), it is not the first time the platform has been exploited by malicious individuals. In a previous blog, we looked at some of the past attacks on Magento and offered some advice on what organisations can do to protect their online payment pages. Here, […]
Magento Attacks One trend we are seeing in the market at present is an increase in the use of JavaScript Sniffers (JS Sniffers). In short, these sniffers are a type of malicious code which is injected/placed into a website with the sole intention of stealing personal data, names, credentials etc. from customers using that website. […]
How can URM help you to achieve PCI compliance and what is our approach? In our previous blog, we looked at where your PCI compliance journey starts. The first step is understanding the flow of your payment card data – by that we mean where payment card information comes into your organisation, where it goes, […]
PCI DSS – The Payment Card Data Security Standard – What is it? So, let’s take a step back and define what is the Payment Card Industry Data Security is. Often referred to as PCI DSS or quite simply PCI, the Standard was developed by the founding payment brands of the PCI Security Standards Council (SSC), […]
The Payment Card Industry Security Standard Council (PCI SSC) has followed up the release of the PCI DSS v3.2.1 Standard on 17 May 2018 with updates to the supporting documents such as the self-assessment questionnaires (SAQ). Whilst the overall purpose of v3.2.1 was to provide ‘clarifications’ and not to introduce any new requirements to the […]
If you are a PCI DSS service provider, have you implemented your first quarterly review to confirm that personnel are following security policies and operational procedures? If you were not able to complete this review by 30 April 2018 you are, in effect, failing that control and potentially your certification. You will also need at […]
