The post AlmaLinux Beta Released appeared first on VeriTeknik.

• After PCI-DSS v3.2, the SCC has announced v3.2.1. This update does not add new requirements, yet it contains updated dates and some technical clarification. PCI-DSS v3.2 will be valid through 31 December 2018 and retired at 1 January 2019.
• PCI-DSS v.3.2.1 updates will not affect PA-DSS. PA-DSS will remain at v3.2.
• PCI-HSM v1.x will expire at April 2019. Therefore it is best to use a device compatible with PCI-HSMv2.x at any PCI audit after April 2018. It would be wise to take the changes between PCI-HSM v1.x and v2.x (such as Key Lengths, usage of TR-31…) into account and revise your algorithms accordingly.
• For the list of PCI-HSM expiry dates, see PTS Device Testing and Approval Program Guide (https://www.pcisecuritystandards.org/documents/PTS_Program_Guide_v1-8.pdf) Appendix A.12.
• With PCI-DSS v3.1, mechanisms using SSL/early TLS are forced to be removed from the system at 30 June 2016. The industry’s response was that the date was too early, therefore the dates shifted from 30 June 2016 to 30 June 2018. As of 30 June 2018, you shouldn’t be using SSL/early TLS in your cryptographic algorithms.
• Since vulnerabilities and exploits due to the usage of SSL/early TLS are usually based on browsers (such as POODLE, BEAST), proving that there’s no such threat for them, POS POI devices can continue to use SSL/early TLS. Even if this is allowed, weak cipher usage (ex. RC4, MD5) is not allowed for these devices either.
• We’ve seen that for some of our customers the term SSL/early TLS is not clear enough. Safe TLS versions are TLS v1.1 and above. It should be noted that the recommended versions are TLS v1.2 and above.
• For further information about SSL/early TLS, please see PCI SSC’s relevant article: https://www.pcisecuritystandards.org/documents/Migrating-from-SSL-Early-TLS-Info-Supp-v1_1.pdf

The post Reminder About PCI-DSS and PCI-HSM appeared first on VeriTeknik.

Afcea is the abbreviation for Armed Forces Communications and Electronics Association. The professional association connects people, ideas and solutions globally. VeriTeknik’s main business areas involving Network Security, cryptology and secure communications are essential parts of the defense industry, besides VeriTeknik’s experience and knowledge on the HSM devices and network security will help development of national devices.

At a Glance

Veriteknik provides support to the development of Turkey in the Defense Industry, Fintech Solutions and IT sectors. Therefore, AFCEA and Veriteknik’s partnership is the key role to expand our technologies to a global scope.

AFCEA is a professional association that connects people, ideas and solutions globally. Because we are developing networking and educational opportunities and providing them in an ethical forum. This enables military, government, industry and academia to align technology and strategy to meet the needs of those who serve.

The post VeriTeknik, now a member of AFCEA! appeared first on VeriTeknik.

The post VeriTeknik to have the first PCI-DSS v3.1 certified DC in Turkey appeared first on VeriTeknik.

Our partners gain advantage on our knowledge of PCI-DSS auditing, BDDK and GİB regulations.

The post Preferred External Service Provider for Payment Services and Electronic Coin Institutions appeared first on VeriTeknik.

In order to identify your server as vulnerable, please try the command below on your cli:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If you get “vulnerable” line upon pressing enter, you should update your server as soon as possible

The post #ShellShock, update your servers appeared first on VeriTeknik.

You can read the full article from this link.

The post Barracuda Acquires C2C Systems appeared first on VeriTeknik.

Barracuda Networks was founded in 2002 and is the first product in 2003, the Barracuda Email Security Gateway has been released. Barracuda Networks, Inc. offers industry-leading solutions designed to solve mainstream IT problems – efficiently and cost effectively – while maintaining a level of customer support and satisfaction second to none. Our products span three distinct markets, including: 1) content security, 2) networking and application delivery, as well as 3) data storage, protection and disaster recovery.

The post VeriTeknik became a Distributor for Barracuda Networks in EMEA Region appeared first on VeriTeknik.

The post VeriTeknik signed Microsoft Service Provider Agreement appeared first on VeriTeknik.