-
Read ArticleVerizon Releases 2019 Payment Security Report (PSR)
Verizon has released its 2019 Payment Security Report (PSR). For the first time they have worked with other entities as contributors and Schellman was one of the first five entities who contributed.
-
Read ArticleSchellman Becomes PCI Qualified PIN Assessor
Schellman & Company has become a Qualified PIN Assessor (QPA) for the PCI PIN Security Program.
-
Read ArticlePasswords: A Game of Pwns - A Hash of Kings
Apparently, someone put World Password Day (May 2) just before Star Wars Day (May 4) and while the most hotly anticipated final season on TV is airing (“Game of Thrones”). This seems...
-
Read ArticleThe 11 Biggest Issues IT Faces Today
From securing IoT to retraining IT talent to finding new revenue streams, CIOs have more than their share of concerns keeping them up at night. Each year we talk with tech leaders...
-
Read ArticleSupply and Demand (for security)
2018 was the year that raised the alarm in earnest about potential vulnerabilities in the supply chain for enterprise computing systems.But with such diverse networks and widespread...
-
Read ArticleEFAIL - They weren't kidding about the pretty good part
-
Read ArticleSchellman Joins PCI 3DS Assessors
Schellman & Company, LLC, a leading provider of attestation and compliance services, has become an assessor in the PCI Security Standards Council’s new 3-D Secure (3DS) program, and can...
-
Read ArticlePayment Security Insights
There are some important PCI DSS deadlines coming up. Let’s start with the SSL/early TLS migration. Why is it important for organizations to migrate away from SSL/TLS?
-
Read ArticleMalware in 2017: The More Things Change
This article discusses ransomware and looks briefly at malware affecting point-of-sale (POS) systems, considering attack vectors and relevant defenses. It also touches on some of the...
-
Read ArticleRansomware Eating the NHS
On Friday, May 12, a number of National Health Service (NHS) facilities in the UK reported that their computers suffered a ransomware attack, and started causing a significant impact on...
-
Read ArticleNew Strain of Linux Malware Could Get Serious
A new strain of malware targeting Linux systems, dubbed "Linux/Shishiga," could morph into a dangerous security threat.
-
Read ArticleNew Strain of Linux Malware Could Get Serious
A new strain of malware targeting Linux systems, dubbed "Linux/Shishiga," could morph into a dangerous security threat.
-
Read ArticleThe Dyn Outage and Mirai Botnet: Using Yesterday’s Vulnerabilities to Attack Tomorrow’s Devices Today
On October 21st, Dyn, a provider of domain name services (DNS), an essential function of the Internet that translates names like www.schellmanco.com to its numerical IP address, went...
-
Read ArticleHappy birthday to… wait, who’s this guy?
Originally published by the Cloud Security Alliance: blog.cloudsecurityalliance.org How many arbitrary people do you have to get into a room before two of them share the same birthday?...
-
Read ArticleTo the Man Who Has But a Rowhammer
In 2014, researchers with Carnegie Mellon University and Intel discovered a potential attack against computer memory, one that attacked the electrical properties of the hardware rather...
-
Read Article5 Questions with Community Speaker - Jacob Ansari
Originally published at blog.pcisecuritystandards.org In this post, we get insights from Jacob Ansari, Manager at Schellman & Company, LLC He will present“Hunting Paper Tigers: A...
-
Read ArticleA Game of Pwns: A Storm of (Pas)swords
Despite their perpetual status as old news, passwords and their security weaknesses continue to make headlines and disrupt security in ever-expanding ways, and the usual advice about better...
-
Read ArticleInfosec Trends in 2016
A new year invariably brings new resolutions, reflections, and predictions, and we are no different in our look at information security for 2016. Here are some things to consider and our predictions.
-
Read ArticleBetween SSL-cylla and Charib-TLS
(Odysseus in Front of Scylla and Charybdis, Henry Fuseli Source: Wikipedia) Securing encrypted Internet traffic transmissions, such as those between web browsers and web servers, is decidedly not...
-
Read ArticlePCI SSC Updates Deadline to Remove SSL 3.0 and Early TLS
Today, the PCI SSC announced an update to the deadlines to remove insecure cryptographic protocols, namely SSL and early TLS (i.e., TLS 1.0). The original publication required disabling these...
-
Loading More...
Welcome to our Hub
