This post covers the General Data Protection Regulation (GDPR) and the California Consumer Protection Act (CCPA), as well as fees for data breaches, changes in privacy attitudes, and the future of the standards.
Ecommerce business owners using Magento 1x need to be aware. All Magento 1 shops are at the end of life. What does that mean?
From COVID-related challenges to firewall configuration to e-commerce web skimming, SecurityMetrics Cybersecurity Conference and Summit 2020 provided cybersecurity content and sessions for everyone in the data security and compliance industry.
The global pandemic has created more opportunities for ransomware threat actors to create mayhem and chaos across the threat landscape.
Whether you’re a small business owner or the CISO at a large enterprise, finding good cybersecurity conferences is a necessary task to continue security education and explore the latest technology and innovative solutions.
The online payments ecosystem is plagued by formjacking attacks that siphon credit card data and other protected information from shopping cart pages.
In 2020, we hosted the first annual SecurityMetrics Summit; a virtual data security and compliance conference on September 23rd and 24th.
A business continuity plan (BCP) provides a way for organizations to deal with the business impact of any disruptive event and carry on with business.
The COVID-19 crisis has presented a variety of challenges to merchants and service providers around the world. We’ve received many questions about the impact of COVID-19 on PCI DSS audits, as well as PCI compliance in general.
Helping employees work from home securely is important for all businesses, but with this post we especially want to support SMBs and those companies without large staff or in-house security professionals.
As plans to reopen economies move forward around the world, the entire cybersecurity industry–including the SecurityMetrics Security Operations Center (SOC)–is being challenged in new and unexpected ways.
What is CSRF? Cross site request forgery, commonly referred to as CSRF (pronounced sea-surf), is an attack in which a user who is authenticated to an application is tricked into unintentionally performing a state-changing action.
Attackers: Known or Unknown? That is the question.
We outline the penetration testing process in detail and answer some of the most frequently asked questions related to this important security test.
Current COVID-19 Cyber Threats The UN Agency WHO has reported a 500% increase in cyber security incidents over the same period last year.
The SecurityMetrics Podcast is a weekly podcast with regular host and Principal Security Analyst Jen Stone (MCIS, CISSP, CISA, QSA), along with a variety of experts in the data security and compliance space.
Amid the chaos and uncertainty, SecurityMetrics remains steadfast in our mission to help you close compliance gaps and prevent data breaches. We stand ready to help with your security concerns, education, and content needs at this time.
We caution all SecurityMetrics customers, merchants, and businesses to remain extra vigilant around cyber threat actors who are exploiting this global crisis to their advantage.
Vulnerability scans search your network and provide a logged summary of alerts you can review and act on. Here are the top 15 ASV scan vulnerabilities and how to fix them.
With the upheaval and uncertainty many are experiencing around the world during the COVID-19 pandemic, we are more committed than ever to our mission.
To protect the health of employees from the coronavirus (COVID-19) pandemic and to minimize the risk of financial losses due to productivity concerns, many companies are making plans to allow for employees to work from home.
While the PCI v4 standard is not expected to be finalized and released until the end of 2020 or the beginning of 2021, the PCI Security Standards Council has made some information available to the general public on what some of the changes might be.
MITREid Connect Cross-site Scripting Vulnerability: CVE-2020-5497 Here's the situation: I was performing a penetration test that integrated with MITREid Connect for authorization.
It’s important to note that the number of victims in each reported breach is not cumulative, these are each individual incidences, bringing the total between these three breaches to upwards of 1.4 billion victims.
.svg)
