We are strongly encouraging all SecurityMetrics clients that use Kaseya VSA software in their environment to follow the recommended guidance provided by CISA and the FBI provided below.
Join Heff this week as he dives into the Western Digital hard drive vulnerability, the recent bad news from Microsoft, and breach #2 of this year for LinkedIn.
The SecurityMetrics Threat Intelligence Center has observed a disturbing trend in data breach responses over the past few months of businesses downplaying the severity of data breaches using a variety of tactics and techniques.
Join Heff and Forrest as they cover the plethora of breaches (such as Volkswagen and Fujifilm) in the news this week!
PCI DSS compliance is not only a great tool for protecting payment data, but overall data security.
Tune in this week as Heff and Forrest discuss Amazon Sidewalk and their short notice to allow users to opt of of their wireless sharing.
Third-party security risk management (TPRM) is the process of analyzing and addressing risks associated with outsourcing to third-party vendors or service providers.
Card data discovery is an important part of payment data security and complying with PCI DSS requirement 3. If you are going to store credit card data, you’ll need to know where it is captured, where it is stored, where it is transmitted, and where it is received.
Specific HITRUST requirements are available through HITRUST’s MyCSF portal and will include various implementations of foundational security measures and controls depending on your organization and the type of HITRUST assessment you are performing.
Watch this week as Heff and Forrest dive into the latest on the HUGE US Colonial Pipeline breach, the recent D.C. police ransomware, and the recent change in malware as a service.
The year 2020 was surprising in many ways and the digital forensics industry offered some surprises as well as some more predictable outcomes.
In this shorter, quicker version of SecurityMetrics News, Heff and Forrest bring you your threat intelligence digest. They discuss the recent Ivanti breach, Apple ransomware, SonicWall's 3 zero days, and more.
The NIST cybersecurity framework can help guide small-to-medium sized organizations improve their cybersecurity posture.
Host and Principal Security Analyst Jen Stone (MCIS, CISSP, CISA, QSA) brings on guests with unique viewpoints that are important to the entire security and payments ecosystem.
Properly identifying and addressing attack surfaces requires scoping, specialization, and the help of security professionals.
Heff and Forrest analyze the recent court order allowing the FBI to remotely hack hundreds of private computers.
The PCI Guide includes interactive and printable IT checklists for every requirement, stories and tips from our security analysts (QSAs), forensic data breach research data, as well as the latest updates on PCI DSS compliance.
Heff and Forrest analyze prominent data breaches in the news, including the PHP Git Server, SITA, and Hobby Lobby.
VPNs are a popular tool that helps businesses make sure outside users are authorized and that transmitted data is encrypted.
Heff and Forrest analyze recent cybersecurity news, including the Verkada Security Camera Breach, WeLeakInfo Breach, updates on the Microsoft Exchange Server, and an examination of hacker group FIN8.
Directive to patch Microsoft Exchange server zero-days immediately SEO Cyberattack: hackers use strategy to push malicious web pages up the rankings Are password managers safe? Experts compare LastPass vs. 1Password
Data privacy and protection (DPP) laws aren’t entirely new to the security and compliance landscape, but the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) are prompting many organizations to take a more formal approach to DPP.
Heff and Forrest analyze recent cybersecurity news, including supercookies, how to delete recordings from Siri, Alexa, and Google Home, morse code phishing attacks, and updates on the SolarWinds attack.
.svg)
