I recently had a discussion with a potential customer on why they should work with ZZ Servers instead of one of the now hundreds of other hosting providers offering PCI “compliant” hosting services. After spending the last 5 years doing PCI Level 1 validations I have run into many areas that hosting providers just do… Read more »
Posts Tagged: Security
Any merchant who accepts credit cards and has a merchant account must validate compliance. It does not matter if you use a 3rd party processor or if you outsource all of your credit card processing. It’s the ownership of the merchant account that defines if you must validate compliance. The only to avoid PCI compliance… Read more »
In an ongoing saga, one of the most popular web hosting message boards www.webhostingtalk.com has been dealt another serious blow to it’s security. Late last month, Webhostingtalk was hacked in a deliberate, sophisticated and calculated manner. The attacker was able to circumvent their security measures and access via a backdoor protected by a firewall to… Read more »
As of October 1, 2008 the PCI Data Security Standard version 1.2 became active. There are a number of changes to PCI DSS since version 1.1. Version 1.2 removes much of the ambiguity from earlier versions and provides additional details on items such as the use wireless devices.
One of the most valuable commodities in this day and age is your own personal information. The more we make purchases over the Internet or over the phone, in other words: not in person, the more important that information becomes. However, as security breaches receive more coverage and are more well known to the public,… Read more »
A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly… Read more »