33 matches found
CTEM for Financial Services: Protect What Matters Most
Financial institutions process trillions of dollars in transactions every day. One exploited vulnerability can freeze operations, trigger regulatory penalties, and erode customer trust overnight. Traditional vulnerability management, which scans, scores, and queues patches, cannot keep pace with...
PCI: endpoint: pci-epf-vntb: Remove duplicate resource teardown
...
PCI: endpoint: Avoid creating sub-groups asynchronously
...
CVE-2025-13371 Money Space <= 2.13.9 - Unauthenticated Sensitive Information Exposure
The MoneySpace plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.13.9. This is due to the plugin storing full payment card details PAN, card holder name, expiry month/year, and CVV in WordPress postmeta using base64encode, and then...
CVE-2023-54235
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroyworkonstack race The following debug object splat was observed in testing: ODEBUG: free active active state 0 object: 0000000097d23782 object type: workstruct hint: doestatemachinework+0x0/0x510 WARNING: CPU: ...
Weak Enforcement and Low Compliance in PCI~DSS: A Comparative Security Study
Although credit and debit card data continue to be a prime target for attackers, organizational adherence to the Payment Card Industry Data Security Standard PCI DSS remains surprisingly low. Despite prior work showing that PCI DSS can reduce card fraud, only 32.4% of organizations were fully...
Imperva Enhances Client-Side Protection to Help You Stay Ahead of PCI-DSS Compliance
When the latest PCI DSS 4.0 requirements came into full effect in March 2025, organizations processing cardholder data faced new obligations to protect payment pages from client-side risks. Requirements such as 6.4.3 script inventory, authorization, and integrity monitoring and 11.6.1 detection o...
Introducing Enhanced User Interface for Qualys PCI DSS 4.0 ASV Compliant Solution
We’re excited to introduce the new Qualys PCI ASV user interface, built to deliver a smarter, faster, and more intuitive experience. The redesigned PCI ASV UI helps you simplify PCI DSS 4.0 compliance, save time, and reduce audit-related stress. This major update improves usability, streamlines...
PCI: pnv_php: Fix surprise plug detection and recovery
...
Wazuh for Regulatory Compliance
Organizations handling various forms of sensitive data or personally identifiable information PII require adherence to regulatory compliance standards and frameworks. These compliance standards also apply to organizations operating in regulated sectors such as healthcare, finance, government...
Data Breach Reporting for regulatory requirements with Microsoft Data Security Investigations
Seventy-four percent of organizations surveyed experienced at least one data security incident with their business data exposed in the previous year as reported in Microsoft’s Data Security Index: Trends, insights, and strategies to secure data report. Despite the best people, process and...
PCI DSS 4.0: Get Audit-Ready for the New Requirements
The Payment Card Industry Data Security Standard PCI DSS originated in 2004 and is managed by the PCI Security Standards Council to ensure security for the global payment industry. This mandate applies to all entities worldwide that store, process, or transmit payment cardholder data or sensitive...
PCI DSS 4.0: How to Ensure Full Compliance with New Requirements
The Payment Card Industry Data Security Standard PCI DSS is one of the oldest mainstream requirements for compliance, originating in 2004. The PCI Security Standards Council manages the standard to ensure security for the global payment system. It globally applies to all entities that store,...
Why PCI DSS 4.0 Should Be on Your Radar in 2023
Protecting customer data is critical for any business accepting online payment information. The Payment Card Industry Data Security Standard PCI DSS, created by leading credit card companies, establishes best practices for protecting consumers' information. By adhering to these standards,...
A Bridge Over the Chasm: A Primer on the Release of PCI 4.0
The Payment Card Industry PCI Security Standards Council SSC has just released version 4.0 of the Data Security Standard DSS. Developing DSS 4.0 took almost four years and included several rounds of Request for Comments RFC from Participating Organizations and other interested parties. This new...
PCI DSS compliance: why it’s important and how to adhere
PCI DSS is short for Payment Card Industry Data Security Standard. Every party involved in accepting credit card payments is expected to comply with the PCI DSS. The PCI Standard is mandated by the card brands, but administered by the Payment Card Industry Security Standards Council PCI SSC. The...
Attention Payment Application Developers: Begin Your Transition from the PA-DSS to the PCI SSF Today
The Payment Card Industry PCI Council plans to formally retire the Payment Application Data Security Standard PA-DSS in October 2022 and replace it with the PCI Software Security Framework SSF. For vendors, the new framework expands program eligibility with improved support for evolving...
Cybercriminals Fill Up on Gas Pump Transaction Scams Ahead of Oct. Deadline
Gas stations are gearing up for a major change in credit-card fraud liability in October, when they will find themselves on the hook for card-skimming attacks at the pump. In the meantime though, cybercriminals will be targeting pay-at-the-pump point-of-sale mechanisms with a vengeance, researche...
The Comprehensive Compliance Guide (Get Assessment Templates)
Complying with cyber regulations forms a significant portion of the CISO's responsibility. Compliance is, in fact, one of the major drivers in the purchase and implementation of new security products. But regulations come in multiple different colors and shapes – some are tailored to a specific...
Tips to Accelerating PCI Data Security Standard Projects with Deep Security as a Service
Does your organization need to meet PCI DSS requirements? Are you struggling with multiple security tools? Or stretching your already overstretched team to prepare for an audit? Time to hit the accelerator with Trend Micro! If your applications deal with credit or payment card data, you need to g...