Welcome to BlogNotions' IT Security Blog

The BlogNotions IT Security Blog delivers a diverse series of perspectives provided by thought leaders in the security industry. Presented by NetLine, this forum delivers compelling updates on the latest technology and software, best practices for safeguarding data, recommendations for choosing various solutions, and much more. Here you can find helpful information, ask questions, and collaborate freely.

Is All Good News REALLY Good News?

Have you noticed that there has not been too much (well, really any) bad press around the PCI ecosystem lately? Perhaps everything is great! Doesn’t seem like we’ve had the same string of retail breaches that we saw in 2014 (which lead to this piece of research), even though 2016 was bad (good?) in general for […]

Continue Reading

The PCI Council’s Revenue Generation Capability

The other day I was thinking about all the programs that the Council currently maintains and I wondered if it was possible to see how much money the Council actually brings in every year. I mean, every year seems to see more programs with more fee collection opportunities for the Council, but had anyone ever […]

Continue Reading

Security and Usability

I’ve become very focused on the nexus between security and usability. I was interviewed for an article in The Guardian last year. “Security needs to learn from design by doing focus groups, having conversations and putting itself in the perspective of the people who will use this system,” he said, adding that it isn’t the […]

Continue Reading

More Printer Security Talk

If you don’t have the context, read my previous post on comparing printers to VoIP—i.e., it’s another computer on our network. Now that you are in the right mindset, look around your office and see if you see a printer sitting somewhere. It might even do copies, scanning, and faxing. Super fancy ones might even […]

Continue Reading

That Printer is gonna GIT ya!

Of all of the devices we have out there on our networks, is it going to be printers, cameras, and thermostats that cause our undoing? “Wait… did you say, PRINTERS!?! Are you off your rocker, Brando?” Do Not Turn The Copier Off, by Michael Pereckas That was one of the key warnings that came from […]

Continue Reading

More EMV Bypass Fun

Stay Classy, San Diego! So I’m sitting here in San Diego, which we all know is German for… never mind. As I pay for my lunch, I present my chip card and there is some kind of error. I know I entered my PIN correctly, but it immediately came back as failed. The bartender taught […]

Continue Reading

Can You Afford to be this Slow?

In April, 2014, CVE-2014-0160 was released, better known as the Heartbleed bug. Heartbleed is devastating – it can reveal sensitive information not just of the user, but anything on the machine. In practice it has been used to export private keys for TLS/SSL certificates. These stolen private keys can then be used to impersonate a […]

Continue Reading

PCI Compliance, Version 3.2 Now Available!

Well folks, it’s finally here. What started as an experiment back in April has finally come to fruition. I’m happy to announce that PCI Compliance, Version 3.2 is NOW AVAILABLE! If you order via the CreateSpace bookstore, please use coupon code 4JRH748R for $2 off through the RSA Conference. You can also order it via […]

Continue Reading

Welcome Back

After a long hiatus, Security Musings is returning to its roots. This blog is going to be equal parts education and entertainment – you’ll learn some things, and you’ll learn some things that make me angry. I won’t follow a set frequency although I intend to post at least twice a month. The look and […]

Continue Reading

Are you using frameworks properly?

The concept of frameworks gets bantered about frequently. So much that often the actual substance in focus is less framework and more… well, I don’t know. Let’s call it an attempt to define how people should get things done. The confusion over frameworks gets us into trouble. The Straight Talk Framework is a system for success. […]

Continue Reading