News and Information RSS Feed News and Information: cybersecurity
Critical Java SE “Psychic Signature” Vulnerability; Essent Products Unaffected
A vulnerability in Oracle Java SE versions 15 through 18 that the Common Vulnerabilities and Exposures organization described as “easily exploitable” allows attackers to forge security certificates, digital signatures, two-factor authentication messages, and authorization credentials.
Magento Payment Card Skimming Vulnerability Requires Immediate Action
All versions of Magento 1.x software and plugins are being actively exploited by cybercriminals to skim credit card numbers and personal information from site users.
Apache Log4j 2 Vulnerability: Essent and its Products and Services Unaffected
You should bring this Support Notice to the attention of your Information Technology (IT) department or webmaster.
HTTPS or Bust: Google Continues Squeezing Out the Unencrypted Web
Understanding the California Consumer Privacy Act (CCPA), aka ‘GDPR-Lite’
Once it takes effect on Jan. 1, 2020, the CCPA will become the strictest consumer privacy protection law in the United States.
The Case for Complying With GDPR
It’s the rising demand for consumer protections that needs your attention, if not necessarily the GDPR itself.
Latest Google Chrome Browser Makes HTTPS the Expectation
Payment Card Tokenization: Reducing Risk and Responsibility of PCI Compliance
With Tokenization, even if a credit card thief wanted to get into your system, and did get into your system, there would be nothing to take but the worthless tokens.
FAQ: PCI Mandate to Retire TLS 1.0, SSL
The Payment Card Industry (PCI) Security Standards Council is strengthening its encryption standards to discontinue use of Transport Layer Security (TLS) 1.0 and Secure Socket Layers (SSL) in secure credit card transactions.
October is Cyber Security Awareness Month
October is National Cyber Security Awareness Month as designated by the U.S. Department of Homeland Security. But, as a practical matter, every month should be Cyber Security Awareness Month.
Essent and its Products and Services Unaffected by VENOM Vulnerability
A critical security vulnerability known as Virtualized Environment Neglected Operations Manipulation (VENOM) allows attackers to access virtual machines.
Essent Directs Customers with Websites to Update SSL Certificates Using SHA1 Encryption to SHA256
Effective with Chrome 39, HTTPS pages for websites that use SHA1 SSL Certificates will be marked as insecure. SHA1 must now be considered obsolete and unsupported.
Essent Continues Improving Cybersecurity for Promotional Products Software
The security team continues to remain vigilant in identifying, understanding and minimizing vulnerabilities.
Computer Security Day: Official or Not, it’s a Worthy Observance
Essent Supports NRF Call to Standardize Data Breach Notification
Data breach notification is currently governed by varying legislation in 47 states and 4 federal jurisdictions.
powered by Essent® • SiteBuilder Pro