Cybersecurity Insights

Benjamin Hosack

Benj Hosack is a Director and co-Founder of Foregenix Limited. Foregenix is a specialist information security business delivering services in Forensics, PCI DSS, PCI P2PE, PA-DSS and information security solutions within the Payment Card Industry. Our technologies are designed to simplify security and PCI Compliance. Specialties: Cardholder Data Discovery - defining and reducing PCI DSS Scope / PA-DSS / PCI DSS / P2PE / Account Data Compromise Investigations. We are specialists in the Payment Card Industry and work with all types of companies in the payment chain (Acquiring banks, Processors, hosting providers, web designers, merchants, systems integrators etc).
Find me on:

Recent Posts

Benjamin Hosack

760,935 Websites Compromised in a Year

24/04/16 11:26

According to a recent study conducted by Google in collaboration with UC Berkeley, 760,935 websites were compromised between July 2014 and June 2015.  A considerable number of hacked websites, downtime and onward infections of the websites’ visitors. 

Read More
Benjamin Hosack

Malware Alert: New POS Malware - TinyPOS

01/04/16 07:00

In the UK we don’t often come across brand new POS malware, presumably as we are in a Chip & PIN market, so the “return” for attackers on deploying such technology is limited. Last week though, we did come across what appears to be a new sample that we’re calling TinyPOS.

Read More
Benjamin Hosack

Foregenix certifies the world's first PCI P2PE v2 Application

25/03/16 14:36

Foregenix has certified the world's first PCI P2PE version 2 application for Optomany.

Foregenix is the global leader in assisting and certifying over 40% of the PCI P2PE solutions and over 80% of the PCI P2PE Payment Applications globally.

Working with Optomany, Foregenix assessed all aspects of the axept® application including development practices, encryption key management and the handling of sensitive cardholder and authentication data, resulting in an Attestation of Validation (AOV) from Foregenix and the Payment Card Industry (PCI) Security Standards Council confirming validation with the new internationally-recognised standard.

Read More
Benjamin Hosack

PHP Extract Backdoor Resurgence

16/03/16 16:07

When a site gets compromised, the attacker will usually leave a piece of software behind that will allow them easy access to the website the next time that they visit. This type of malware is called a Backdoor and it usually allows an attacker to bypass normal authentication controls to control the website.

Read More
Benjamin Hosack

Creditcall Achieves PCI P2PE Certification for ChipDNA

15/12/15 15:07

With 2015 drawing to a close and many businesses seeing their payment card transaction volumes growing with the festive holidays approaching, it is with great pleasure that we can congratulate Creditcall on achieving PCI P2PE compliance for the ChipDNA solution. With a PCI P2PE compliant ChipDNA solution, Creditcall clients will be able to focus on their business knowing that their Creditcall’s ChipDNA solution is taking care of the security of their transactions.

As of this morning (15th December 2015), there are:
Read More

Benjamin Hosack

Benj Hosack is a Director and co-Founder of Foregenix Limited. Foregenix is a specialist information security business delivering services in Forensics, PCI DSS, PCI P2PE, PA-DSS and information security solutions within the Payment Card Industry. Our technologies are designed to simplify security and PCI Compliance. Specialties: Cardholder Data Discovery - defining and reducing PCI DSS Scope / PA-DSS / PCI DSS / P2PE / Account Data Compromise Investigations. We are specialists in the Payment Card Industry and work with all types of companies in the payment chain (Acquiring banks, Processors, hosting providers, web designers, merchants, systems integrators etc).
Find me on:

Recent Posts

Benjamin Hosack

760,935 Websites Compromised in a Year

24/04/16 11:26

According to a recent study conducted by Google in collaboration with UC Berkeley, 760,935 websites were compromised between July 2014 and June 2015.  A considerable number of hacked websites, downtime and onward infections of the websites’ visitors. 

Read More
Benjamin Hosack

Malware Alert: New POS Malware - TinyPOS

01/04/16 07:00

In the UK we don’t often come across brand new POS malware, presumably as we are in a Chip & PIN market, so the “return” for attackers on deploying such technology is limited. Last week though, we did come across what appears to be a new sample that we’re calling TinyPOS.

Read More
Benjamin Hosack

Foregenix certifies the world's first PCI P2PE v2 Application

25/03/16 14:36

Foregenix has certified the world's first PCI P2PE version 2 application for Optomany.

Foregenix is the global leader in assisting and certifying over 40% of the PCI P2PE solutions and over 80% of the PCI P2PE Payment Applications globally.

Working with Optomany, Foregenix assessed all aspects of the axept® application including development practices, encryption key management and the handling of sensitive cardholder and authentication data, resulting in an Attestation of Validation (AOV) from Foregenix and the Payment Card Industry (PCI) Security Standards Council confirming validation with the new internationally-recognised standard.

Read More
Benjamin Hosack

PHP Extract Backdoor Resurgence

16/03/16 16:07

When a site gets compromised, the attacker will usually leave a piece of software behind that will allow them easy access to the website the next time that they visit. This type of malware is called a Backdoor and it usually allows an attacker to bypass normal authentication controls to control the website.

Read More
Benjamin Hosack

Creditcall Achieves PCI P2PE Certification for ChipDNA

15/12/15 15:07

With 2015 drawing to a close and many businesses seeing their payment card transaction volumes growing with the festive holidays approaching, it is with great pleasure that we can congratulate Creditcall on achieving PCI P2PE compliance for the ChipDNA solution. With a PCI P2PE compliant ChipDNA solution, Creditcall clients will be able to focus on their business knowing that their Creditcall’s ChipDNA solution is taking care of the security of their transactions.

As of this morning (15th December 2015), there are:
Read More