News and Information RSS Feed News and Information: cyber security
Critical Java SE “Psychic Signature” Vulnerability; Essent Products Unaffected
4/27/2022
A vulnerability in Oracle Java SE versions 15 through 18 that the Common Vulnerabilities and Exposures organization described as “easily exploitable” allows attackers to forge security certificates, digital signatures, two-factor authentication messages, and authorization credentials.
Magento Payment Card Skimming Vulnerability Requires Immediate Action
2/14/2022
All versions of Magento 1.x software and plugins are being actively exploited by cybercriminals to skim credit card numbers and personal information from site users.
Apache Log4j 2 Vulnerability: Essent and its Products and Services Unaffected
12/14/2021
You should bring this Support Notice to the attention of your Information Technology (IT) department or webmaster.
HTTPS or Bust: Google Continues Squeezing Out the Unencrypted Web
3/11/2020
Understanding the California Consumer Privacy Act (CCPA), aka ‘GDPR-Lite’
11/12/2019
Once it takes effect on Jan. 1, 2020, the CCPA will become the strictest consumer privacy protection law in the United States.
The Case for Complying With GDPR
5/21/2019
It’s the rising demand for consumer protections that needs your attention, if not necessarily the GDPR itself.
Latest Google Chrome Browser Makes HTTPS the Expectation
7/30/2018
Payment Card Tokenization: Reducing Risk and Responsibility of PCI Compliance
3/28/2018
With Tokenization, even if a credit card thief wanted to get into your system, and did get into your system, there would be nothing to take but the worthless tokens.
FAQ: PCI Mandate to Retire TLS 1.0, SSL
9/4/2017
The Payment Card Industry (PCI) Security Standards Council is strengthening its encryption standards to discontinue use of Transport Layer Security (TLS) 1.0 and Secure Socket Layers (SSL) in secure credit card transactions.
October is Cyber Security Awareness Month
10/7/2015
October is National Cyber Security Awareness Month as designated by the U.S. Department of Homeland Security. But, as a practical matter, every month should be Cyber Security Awareness Month.
SSL 3.0 Disabled for Essent Products and Services
11/25/2014
SSL 3.0 is disabled for Essent software products and services as of Monday, Nov. 24, 2014due to the universal Internet vulnerability known as POODLE.
Essent Customers Safe from “Bash Shellshock Bug”
9/25/2014
Essent was aware of this problem from its announcement and immediately took action to verify none of our offerings or Facility Management Support (FMS) service subscribers were vulnerable. Essent software products and services do not use Bash.
Android Web Browser Exposed to Widespread Vulnerability
9/22/2014
About 75 percent of Android smartphones contain a vulnerability that lets malicious websites steal users’ data, according to multiple published reports.