SecurityMetrics Blog

Where Did that Request Come From? CVE-2020-11682 (CSRF)

What is CSRF? Cross site request forgery, commonly referred to as CSRF (pronounced sea-surf), is an attack in which a user who is authenticated to...
View Post

Authorization Bypass: A Cautionary Tale CVE (2020-11679,...

Attackers: Known or Unknown? That is the question. Far too often I come across applications where developers have made every attempt to secure...

Jen Stone: Principal Security Analyst

Jen Stone is a Principal Security Analyst for SecurityMetrics. In her 4 years at SecurityMetrics, she has completed over 80 security assessments...

Penetration Testing FAQs

Whether your business needs a penetration test for an industry compliance requirement, or because of a security incident, the process can seem...

COVID-19 Cyber Attacks Security Update Center

COVID-19 Cyber Attacks Security Update Center. Your data security and compliance expert amid unprecedented challenges We recognize that businesses...

Update: COVID-19 Cyber Threats and Attacks

Current COVID-19 Cyber Threats The UN Agency WHO has reported a 500% increase in cyber security incidents over the same period last year. As our...

How to Become PCI Compliant: The 2020 Guide to PCI DSS Compliance

Payment Card Industry (PCI) compliance is required for any organization that takes payment cards. The PCI Data Security Standard (PCI DSS)...

Implementing a PCI-Compliant Remote Workforce Setup

In order to protect the health of employees from the coronavirus (COVID-19) pandemic and to minimize the risk of financial losses due to...

SecurityMetrics Podcast: The Latest in Cybersecurity and...

A cybersecurity podcast for both IT professionals and security novices We are excited to announce the launch of a new project we’ve had in the...

BlogEngine.NET Directory Traversal + Remote Code execution

A remote code execution (RCE) vulnerability, CVE-2019-10719, was discovered in BlogEngine 3.3.7 and earlier. Leveraging a path traversal in...

Something from Nothing; a Pentest Story

While performing an external network layer penetration test I encountered a host that presented a single page that was essentially blank...

COVID-19 Cyber Attacks: Threat Report and Best Practices

Advanced persistent threats (APTs) and COVID-19 Cyber Attacks: The SecurityMetrics Security Operations Center (SOC) is actively monitoring the...

Top 15 ASV Scan Vulnerabilities and How to Fix Them

Vulnerability scans are automatic. They’re nonintrusive, similar to a security professional checking whether or not your front door is unlocked...

SecurityMetrics COVID-19 Coronavirus Update

For the last twenty years, SecurityMetrics’ mission has been to help customers close security gaps and prevent data compromise. With the upheaval...

2020 Data Breach Predictions and What We Learned from...

2019 Data Breach Predictions and Findings Prediction: Large-scale social media attacks leading to massive personal data losses. Findings: We saw a...

Need help securing your business?

Request a quote!

We are excited to work with you.

*Required

Thank you!

Your request has been submitted.