Paul’s Security Weekly (Video)
Technology
Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) puts greater emphasis on application security than did previous versions of the standard. It also adds a new “customized approach” option that allows merchants and other entities to come up with their own ways to comply with requirements, and which also has implications for application security. Specifically, PCI DSS 4.0 requires that by March 31, 2025, more testing of public-facing applications related to payment processing or other activities be considered “in scope” for compliance. Generally, any system that touches payment-card data is in scope for PCI DSS compliance, whether or not the system or function is public-facing. We'll talk through what organizations should have gotten done by March 31, 2024, and what needs to happen by March 31, 2025.
Segment Resources: https://info.obsglobal.com/pci-4.0-resources
Show Notes: https://securityweekly.com/psw-825
Fried Squid, Flipper Zero BLM Spam, Apple Devices, Signal Vulns? & Android TV Devices - PSW #803
Meet the Cyber Mercenary who can Overthrow a Government - Chris Rock - PSW #803
Android TVs (Malware Included), Patch Netscaler, Fixing Legacy Auth, & GNOME Bugs! - PSW #802
Getting Started With Reverse Engineering Hardware - PSW #802
Fake Dead Grandma's, No Flipper Zero, Looney Tunables, & $20 Mil For Zero Days - PSW #801
Malware Trends - Anuj Soni - PSW #801
The Right Skills For The Job - Kayla Williams - PSW #800
Snowden Revelations, Cult of The Dead Cow Saves The Internet, & Stealing Your Pixels - PSW #800
Ncurses & Bad Things, LVFS is NOT a Backdoor, Physical Proximity, & Oh, Fortinet! - PSW #799
AI Attacks and LLM Security Matters - Nathan Hamiel - PSW #799
Cisco 0-Day, Chrome Vulnerability, MGM Shut Down, & More! - PSW #798
Ransomware Infection Vectors - Ryan Chapman - PSW #798
Interview with Dr. Gene Spafford - Eugene Spafford - PSW Vault
WinRAR Deets, A WIFI Worm, Inside McFlurries, & Jeff's Book Review - PSW #797
Incident Response: Clouds, SMBs, and more! - Amanda Berlin - PSW #797
Lora Projects, WinRAR, Kali Mobile, Benchmarks Vs. IRL, & VPN HYPE! - PSW #796
Managing Bug Bounty Programs At Scale - Dr. Jared DeMott - PSW #796
NIST CSF, JTAG vs (OG) Xbox, Tricked Ya, Intel's Security, & Josh Debates Jeff - PSW #795
Defending Public Infrastructure While At War - Antranig Vartanian - PSW #795
Evil Flippers, The Human-Brain-Machine, AMD CPUs, Hacking Teslas & Rubber Duckies - PSW #794
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Acquired