Blog

Featured
What Changed with 4.0.1
A Guide to New Requirements in PCI DSS 4.0.1
Get the 2026 SecurityMetrics PCI Guide
Read now
trending_flat
Clouds with sun rays behind and text that reads 'The Manufactured Mystery of Mythos'.
The Manufactured Mystery of Mythos
Read now
trending_flat
Multiple black fingerprints on white background with one fingerprint highlighted in blue at center.
SecurityMetrics Uncovers a Near 700 Site Global Skimming Operation
Read now
trending_flat
Latest
search
Search...
Select Category
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Promotion of the 2018 PCI Guide and SecurityMetrics 2018 guide to PCI DSS compliance.
What's Inside Our 2018 PCI Guide
PCI Trends

We’ve officially launched our 2018 Guide to Payment Card Industry Data Security Standard (PCI DSS) Compliance.

Text reading Merchant Resources from the PCI Council with a laptop icon showing a play button.
Resources from the PCI Council: Payment Data Security Essentials
PCI Trends

The PCI SSC recently announced the release of a “Payment Data Essentials."

Stack of report documents with the cover titled 'REPORT CVE Disclosure' in blue text.
WiKID 2FA Enterprise Server Cross-Site Scripting
Data Security

A stored and reflected cross-site scripting vulnerability, CVE-2019-17114, was identified on WiKID Systems 2FA Enterprise Server version 4.2.0-b2047 and earlier.

GDPR: Happiness being found when achieving compliance
SecurityMetrics Workforce Security and Compliance Training
Training

SecurityMetrics Workforce Security and Compliance Training FAQs.

SecurityMetrics Summit 2021 logo above a misty mountain peak with cloudy sky.
SecurityMetrics Summit 2021
SMB

SecurityMetrics Summit is a virtual data security and compliance conference designed to help businesses close compliance gaps and prevent data breaches.

Three stacked report documents titled REPORT CVE Disclosure with digital circuit lines in the background.
Zyxel Devices Vulnerable to Cross-Site Scripting on Login page
Data Security

A reflected Cross Scripting vulnerability, CVE-2019-9955, was identified on several Zyxel devices, specifically on pages that use the mp_idx parameter.

Aerial view of a circular road interchange with cars driving around it, overlaid with white abstract lines.
SecurityMetrics Pulse: Remote Location Cybersecurity
Pulse

Your corporate network has many attack surfaces, and when you add in extended network offices, branches, and other remote locations, security begins to depend heavily on visibility.

Two computer screens showing document upload with up arrow and download with down arrow icons.
Remote PCI DSS Audits During COVID-19: FAQs
PCI Trends

The COVID-19 crisis has presented a variety of challenges to merchants and service providers around the world. We’ve received many questions about the impact of COVID-19 on PCI DSS audits, as well as PCI compliance in general.

Illustration of laptop screen with binary code and magnifying glass highlighting part of the code.
SecurityMetrics Forensic Research: iFrame Payment Gateway Now Targeted
Ecommerce Security

Hosted payment processors take on the complexity of compliance and merchants can tend to their business.

Abstract balance scale with six small blue circular shapes on one side and one large blue circle on the other.
PCI Programs: How Acquirers Balance Value and Simplicity for Merchants
PCI Partner

At SecurityMetrics, our mission is to help businesses close security and compliance gaps and prevent data breaches.

Bookshelf with a plant and books including a 2019 PCI DSS Compliance guide by SecurityMetrics.
SecurityMetrics 2019 PCI Compliance Guide
PCI Trends

Compliance with any mandate takes time and planning. But, thousands of customers and readers use PCI Compliance Guide to make the PCI compliance process faster and simpler, as well as better maintain compliance.

Stack of report documents with the top one titled REPORT CVE Disclosure in blue text.
WiKID Systems 2FA Enterprise Server SQL injection
Data Security

A SQL Injection vulnerability, CVE-2019-16917, was identified on WiKID Systems 2FA Enterprise Server through version 4.2.0-b2047.

Stack of documents with the cover titled REPORT CVE Disclosure in blue text and lines.
WiKID Systems 2FA Enterprise Server CSRF
Data Security

Multiple Cross-Site Request Forgery issues, CVE-2019-17118, were identified on WiKID Systems 2FA Enterprise Server through version 4.2.0-b2053.

Circular flow chart with arrows and icons of magnifying glass, bidirectional arrows, key, clock, and check mark.
What is a Business Continuity Plan?
Forensics

A business continuity plan (BCP) provides a way for organizations to deal with the business impact of any disruptive event and carry on with business.

Central building connecting to eight smaller shops arranged in a circle via lines.
What is Network Security?
Data Security

Network security consists of the policies, procedures, programs, hardware, software, and people you use to protect your corporate network.

Bar graphs from a 2015 study with text '61% Store Unencrypted Credit Cards.'
Sensitive Data Discovery Alert: 61% Don't Protect Customer Cards
Data Discovery

Payment card data can easily leak due to poor processes or misconfigured software.

Image of connecting to a WiFi network and checking the 'Remember this network' box.
PCI Requirements - You're Not Done Yet!
PCI

PCI compliance isn’t an event. It’s an ongoing process!

Illustration of a shop with an umbrella and an open sign.
PCI – You Don't Have to be Perfect
PCI

These service guarantees exist to address the financial hardships your business might endure in the aftermath of a compromise.

Text 'PCI 3.0' in yellow on a white background.
PCI 3.0: What You Need to Know
PCI Trends

This blog covers the important changes from PCI DSS version 2.0 and 3.0.

Illustration of a hand holding a tablet.
Stop Looking for a Mobile Phone Security Standard
PCI

If businesses are determined to provide mobile solutions, it is their responsibility to educate themselves, ensure the security of the solution, and know the risk they’re taking upon themselves.

Gray background with 'Shellshock' in yellow letters.
Shellshock: Be Wary, But Don't Panic
Data Security

Shellshock, also known as the Bash Bug, is a software vulnerability that could make your systems vulnerable.

Illustration of a credit card with the name 'Mrs. Brown.'
Plug-and-Play POS: Can It Ever Be Secure?
Data Security

The plug-and-play mindset is ruining Point-of-Sale (POS) security.

Image of a poodle with pink lettering.
SSL 3.0: POODLE Vulnerability Update
Data Security

If you have any questions, please contact SecurityMetrics support, 801.705.5700.

Illustration of an animal on a black background.
Nature's 7 Hacker Defense Mechanisms
Forensics

Find out how to use nature's defense mechanisms to protect your business.

Stay up to date
Subscribe to our blog.
Subscribe Now
Data Security
Vulnerability ScanningPenetration TestingSecurity TrainingPANscan®SecurityMetrics VisionSecurityMetrics MobileCIS Controls AssessmentConsultingResellerForensic/Incident ResponseData and Network SecurityData Security AcademyWebpage Integrity Monitoring (WIM)Shopping Cart InspectShopping Cart Monitor (PCI 6.4.3 & 11.6.1)SecurityMetrics Pulse
Compliance
GDPR CompliancePCI CompliancePCI DSS AuditPCI Level 4 ProgramPA-DSS/SSF AuditP2PE AuditPIN Security AssessmentPCI PoliciesPCI TrainingHIPAA ComplianceHIPAA PoliciesHIPAA TrainingHealth Network ProgramHITRUST
CMMC Compliance
Company Info
About UsBlogGlossaryMedia RelationsCareersTerms of UsePrivacyAbuseDo Not Sell My Information
Contact
Contact UsReport a Vulnerability
YT Logo Mono Light SmallSecurityMetrics podcast logoLinkedIn logoFacebook logo
© 2026 SecurityMetrics, Inc. All rights reserved.
Privacy PolicyTerms and Conditions
Your IP Address is:
YouTube logoSecurityMetrics podcast logoLinkedIn logoFacebook logo
Subscribe to our blog
Subscribe Now
YT Logo Mono Light SmallSecurityMetrics podcast logoLinkedIn logoFacebook logo
© 2001–2026 SecurityMetrics, Inc.
All rights reserved.
Privacy Policy
|
Terms and Conditions
|
About us