Author: Kevin Bocek

Kevin Bocek, VP of Security Strategy & Threat Intelligence at Venafi commented on the OnStar hack can remotely unlock cars and start engines, GM claims to have a fix. Kevin Bocek, VP of Security Strategy & Threat Intelligence at Venafi : “Just in time for Black Hat and DEF CON, it’s not shocking to see ethical hackers showing us how vulnerable automobiles and other IoT devices are. According to Frost & Sullivan research, cars have about 16 hack points. As automakers add more and more wireless connectivity and entertainment features to vehicles, vulnerabilities increase tenfold for hackers. Today’s car has about 100…

PCI DSS v3.0 will be retired. Many companies are still unaware that they have a sunset date of 30 June 2016 for PCI DSS 3.1 compliance, any new projects must not use  SSL and early TLS as security controls to protect payment data. Please find comment below from Kevin Bocek, Vice President Security, Strategy and Intelligence at Venafi. Kevin Bocek, Vice President Security, Strategy and Intelligence at Venafi :  “In April 2015, PCI DSS version 3.1 was published to address vulnerabilities within the Secure Sockets Layer (SSL) encryption protocol that can put payment data at risk. Basically, TLS is dead. Long live Transport Layer Security (TLS). Starting today,…

In light of the news that Israeli-based security researchers have devised a way to steal encryption keys stored on a PC using an AM radio antenna, please find comment below from Kevin Bocek, Vice President of Security Strategy and Threat Intelligence at Venafi. Kevin Bocek, Vice President of Security Strategy and Threat Intelligence at Venafi “Cybercriminals are always looking to attack businesses and governments with increased ferocity to steal intellectual property and other valuable data. Attackers have identified that cryptographic keys and digital certificates, both critical in the implementation of HTTPS and secure web browsing, provide the perfect recipe to gain trusted status in order…