On March 31st, 2024, The Payments Card Industry Standards Security Council (PCI SSC) officially retired version 3.2.1 of the PCI Data Security Standard (PCI DSS) with the publication of its new sets of protocols and security standards for v4.0. With the continued rise in cyber threats against financial services and institutions, PCI DSS v4.0 supersedes version 3.2.1 to tackle evolving threats and technologies, facilitating enhanced approaches to counteract emerging types of cyber attacks.

In this mad, mad world of breaches, organizations are scrambling to keep their heads above water. It's like trying to navigate a minefield while blindfolded and riding a unicycle — one wrong move, and everything goes up in flames. So, how do you know your security controls are up to the task of defending your organization? This is where red teaming comes in.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Here we are again…. At least wasn’t directly them.

As a powerful and widely adopted open-source platform, the complexity of Kubernetes is not to be underestimated. Managing a Kubernetes environment requires a deep understanding of how its various components interact, especially when it comes to observability and security. This blog post will delve into the intricacies of golden signals in Kubernetes, their connection to security issues, and how they can be leveraged to safeguard a Kubernetes environment against common attack chains.

According to the CrowdStrike 2024 Global Threat Report, the fastest recorded eCrime breakout time was just 2 minutes and 7 seconds in 2023. This underscores the need to equip security analysts with modern tools that level the playing field and enable them to work more efficiently and effectively.

Written by Jaye Tillson, Field CTO, Distinguished Technologist, HPE Aruba Networking The retail industry is undergoing a digital revolution. From online shopping with one-click purchases to in-store kiosks offering personalized recommendations and mobile point-of-sale systems allowing for seamless checkout. As a result of this interconnectedness, customer data is flowing across a complex and ever-expanding network, which is beneficial for convenience and customer experience.

Imagine that you have a snack you want to eat while watching a movie on a Friday night. You look in your kitchen, only to find the snack missing. Whether a roommate hid the snack or ate it, you no longer have access to it, disrupting your evening plans. This destructive behavior interrupts your weekend objectives, but it’s pretty low stakes overall.

As regulation and reporting requirements become increasingly stringent, it’s more important than ever for organizations to have powerful, streamlined access to Web3 accounting and financial data. To meet the growing demand in this space, Fireblocks has teamed up with TRES Finance to offer customers the ability to completely automate Web3 accounting, taxes, and auditing.

Read also: Alleged boss of cybercrime gang responsible for Twilio, LastPass, DoorDash breaches arrested, former employee gets prison sentence for wiping 180 virtual servers, and more.

In June 2010, Trustwave acquired Breach Security, which brought with it the popular Open-Source Web Application Firewall ModSecurity for Apache. At that time, Trustwave relicensed the code under the Apache license. This relicensing allowed more public participation in the project, and 2012 saw the release of an IIS port from Microsoft and a port for Nginx.