Security News

PCI Pal and Oracle collaborate to add security and compliance options for CNP payments
2020-11-20 00:15

PCI Pal announced a new collaboration with Oracle to offer its contact center customers additional security and compliance options for Cardholder Not Present payments. Bringing together Oracle's market-leading Enterprise Session Border Controller with PCI Pal's proven PCI compliance solutions, Oracle customers can ensure that their voice interactions and sensitive cardholder data are secure.

Only 27.9% of organizations able to maintain compliance with the PCI DSS
2020-10-08 04:00

With many companies struggling to retain qualified CISOs or security managers, the lack of long-term security thinking is severely impacting sustained compliance within the Payment Card Industry Data Security Standard. Additional findings shine a spotlight on security testing where only 51.9 percent of organizations successfully test security systems and processes as well as unmonitored system access and where approximately two-thirds of all businesses track and monitor access to business critical systems adequately.

Speech Recognition capability provides added secure payment option for PCI Pal customers
2020-09-09 00:30

PCI Pal announced the addition of Speech Recognition capability for both its Agent Assist and IVR Payment solutions. With this new feature, PCI Pal users now have the option of allowing callers to securely speak their sensitive card details while PCI Pal processes the data and prevents it from entering the company's environment.

PCI Pal forms Advisory Committee, confirms Neira Jones as inaugural member
2020-09-02 23:00

PCI Pal has announced the formation of the company's first Advisory Committee. Neira Jones is confirmed as the inaugural Advisory Committee member.

NeuVector now offers extensive compliance reporting and enforcement for PCI DSS, GDPR
2020-08-17 23:30

The enterprise-trusted, build-to-production container security solution now includes extensive compliance reporting and enforcement for PCI DSS, GDPR, and other industry and government standards, as well as new workflows specifically designed to make it easy for DevOps teams to track critical vulnerabilities and to ensure - and prove - compliance. With a single click, DevOps teams can enable NeuVector's pre-configured compliance templates to identify any potential industry compliance issues and generate audit reports for PCI DSS, GDPR, and other stringent - and often changing - data security regulations.

PCI Pal’s Agent Assist solution is now compliant with key Avaya Contact Center solutions
2020-07-03 00:15

PCI Pal, the global provider of secure payment solutions, announced that its Agent Assist solution is now compliant with key Avaya Contact Center solutions, enabling enterprises to integrate telephone payment security into their existing telephony systems to help achieve PCI DSS compliance for telephone and digital payments. "Compliance testing our Agent Assist application with Avaya Aura Experience Portal helps give customers looking to incorporate a PCI Compliant payment card security solution into their existing telephony and contact center infrastructure a number of benefits," said Darren Gill, Chief Revenue Officer, PCI Pal.

Magento 1 reaches EOL: Merchants urged to upgrade or risk breaches, falling out of PCI DSS compliance
2020-06-29 11:09

When Adobe released security updates for Magento last week, it warned that the Magento 1.x branch is reaching end-of-life and support on June 30, 2020, and that those were the final security patches available for Magento Commerce 1.14 and Magento Open Source 1. "If you have a store that continues to run on Magento 1 after June 30, please be aware that from that date forward you have increased responsibility for maintaining your site's security and PCI DSS compliance," Adobe warned.

PCI SSC updates standard for payment devices to protect cardholder data
2020-06-18 04:30

The PCI Security Standards Council has updated the standard for payment devices to enable stronger protections for cardholder data. The PCI PIN Transaction Security Point-of-Interaction Modular Security Requirements 6.0 enhances security controls to defend against physical tampering and the insertion of malware that can compromise card data during payment transactions.

AIC and Parade launch the PCI Express Gen 4 appliance for composable GPU, AI, HPC workloads
2020-06-17 23:30

AIC and Parade Technologies jointly announced the two companies will align on PCI Express Gen 4 retimer technologies to enable the launch of a pioneering PCI Express Gen 4 appliance ideal for composable GPU, AI, HPC workloads. AIC's server hardware, supporting multiple PCI Express Gen 4 slots in a single rackmount chassis, is a flexible and compact extension box accommodating accelerators such as GPUs, NIC, FPGA and NVMe drives.

Week in review: SMBGhost exploit, OneDrive security, PCI compliance misconceptions
2020-06-14 13:45

Organizations are creating the perfect storm by not implementing security basicsEuropean organizations have a false sense of security when it comes to protecting themselves, with only 68% seeing themselves as vulnerable, down from 86% in 2018, according to Thales. Average cost of DNS attacks hovering around $924,00079% of organizations experienced DNS attacks, with the average cost of each attack hovering around $924,000, according to EfficientIP. PoC RCE exploit for SMBGhost Windows flaw releasedA security researcher has published a PoC RCE exploit for SMBGhost, a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions.