Blog

Properly identifying and addressing attack surfaces requires scoping, specialization, and the help of security professionals.

Heff and Forrest analyze the recent court order allowing the FBI to remotely hack hundreds of private computers.

The PCI Guide includes interactive and printable IT checklists for every requirement, stories and tips from our security analysts (QSAs), forensic data breach research data, as well as the latest updates on PCI DSS compliance.

Heff and Forrest analyze prominent data breaches in the news, including the PHP Git Server, SITA, and Hobby Lobby.

VPNs are a popular tool that helps businesses make sure outside users are authorized and that transmitted data is encrypted.

Heff and Forrest analyze recent cybersecurity news, including the Verkada Security Camera Breach, WeLeakInfo Breach, updates on the Microsoft Exchange Server, and an examination of hacker group FIN8.

Directive to patch Microsoft Exchange server zero-days immediately SEO Cyberattack: hackers use strategy to push malicious web pages up the rankings Are password managers safe? Experts compare LastPass vs. 1Password

Data privacy and protection (DPP) laws aren’t entirely new to the security and compliance landscape, but the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) are prompting many organizations to take a more formal approach to DPP.

Heff and Forrest analyze recent cybersecurity news, including supercookies, how to delete recordings from Siri, Alexa, and Google Home, morse code phishing attacks, and updates on the SolarWinds attack.

Your corporate network has many attack surfaces, and when you add in extended network offices, branches, and other remote locations, security begins to depend heavily on visibility.

Heff and Forrest analyze recent cybersecurity news, including the recent Sudo vulnerability, Emotet and Netwalker Takedown, and Bonobos data breach.

How to prepare for cybersecurity in 2021. We outline the top five blogs to help you train employees, understand the threat landscape, avoid malware, and support compliance efforts as you head into 2021.

Ransomware attacks are a type of malware. Malware means “malicious software” or “malicious executable.” On the evil scale, ransomware is near the top. It’s nasty stuff that you don’t want any part of.

PCI PIN refers to the security requirements and assessment for merchants that accept, process or transmit payment card personal identification numbers (PIN).

Heff and Forrest analyze recent cybersecurity news, including the recent Microsoft source code leak, the T-Mobile breach, Whirlpool ransomware attack, updates on the alarming Solarwinds breach, and a review of all the nasty breaches recorded in 2020.

At SecurityMetrics, our mission remains to help you close data security and compliance gaps to avoid data breaches.

In this SecurityMetrics News episode, Heff and Forrest analyze recent cybersecurity news, including the unprecedented SolarWinds security breach and the FireEye compromise.

The SolarWinds breach affects SolarWinds’ Orion products and is rapidly evolving. SecurityMetrics does NOT use SolarWinds Orion’s Network Management System tools (NMS) products.

Network security is more crucial than ever for healthcare providers.

The FBI reports that phishing, spoofing, and texting scams have gone up 400 percent since the beginning of the COVID pandemic.

At SecurityMetrics, our mission is to help businesses close security and compliance gaps and prevent data breaches.

Should you pay ransomware? No.

Prevent IoT Ransomware: Threat Report and Best Practices from the SecurityMetrics SOC. The Internet of Things, also known as IoT, refers to physical objects that are connected to and send data across the Internet.