PCI DSS 4.0.1 and the Illusion of Digital Skimming Security: What Needs to Change
by Source Defense The introduction of PCI DSS 4.0.1 marked an important step forward for the payments ecosystem. For the first time, the standard directly
Webinar Replay: Last Minute Change to SAQ-A for QSAs
Download the CoalFire whitepaper below
[Whitepaper] CoalFire Provides Guidance on PCI DSS 6.4.3 and 11.6.1
Guidance from CoalFire on the eSkimming Security requirements found in PCI DSS 4.0.
The most talked about and concerning new requirements in PCI DSS 4.0 fall under sections 6.4.3 and 11.6.1. For the first time, merchants are required to implement security controls to prevent eSkimming attacks. These new requirements require control of all scripts running on merchant eCommerce websites.
In this new whitepaper “A Holistic Approach to Protecting Credit Card Payment Flows,” CoalFire chimes in with background on the problem, guidance on scope, advice on how best to secure credit card data in eCommerce transactions, and a review of the Source Defense approach.
Other things you might be interested in
Same Playbook, Bigger Stage: A Global Skimming Campaign Adapts to Any Checkout
SAME PLAYBOOK, BIGGER STAGE: A GLOBAL SKIMMING CAMPAIGN ADAPTS TO ANY CHECKOUT Attackers are scaling up a tactic we highlighted last week in “A Global
A Global Skimming Campaign, Customized Site by Site
A GLOBAL SKIMMING CAMPAIGN, CUSTOMIZED SITE BY SITE Attackers launched a global digital skimming campaign that hit dozens of e-commerce websites worldwide, turning legitimate checkout
Another Attack, Same Lesson: Redirecting Payment Doesn’t Protect You
ANOTHER ATTACK, SAME LESSON: REDIRECTING PAYMENT DOESN’T PROTECT YOU Attackers found a clever way to steal payment data from PrestaShop stores by slipping a malicious