SecurityMetrics Blog

Where Did that Request Come From? CVE-2020-11682 (CSRF)

What is CSRF? Cross site request forgery, commonly referred to as CSRF (pronounced sea-surf), is an attack in which a user who is authenticated to...
View Post

COVID-19 Cyber Attacks Security Update Center

COVID-19 Cyber Attacks Security Update Center. Your data security and compliance expert amid unprecedented challenges We recognize that businesses...

5 Blogs to Help You Survive PCI DSS and Prevent Security...

Here are 5 Blogs to Help You Survive PCI DSS and Prevent Security Breaches This Year. We cover formjacking, penetration tests, PCI DSS checklists,...

Remote PCI DSS Audits During COVID-19: FAQs

The COVID-19 crisis has presented a variety of challenges to merchants and service providers around the world. We’ve received many questions about...

How to Maintain Security When Employees Work Remotely

Maintain security when employees work remotely Helping employees work from home securely is important for all businesses, but with this post we...

Update: COVID-19 Cybersecurity and Threats

As plans to reopen economies move forward around the world, the entire cybersecurity industry–including the SecurityMetrics Security Operations...

COVID-19 Cyber Attacks: Threat Report and Best Practices

Advanced persistent threats (APTs) and COVID-19 Cyber Attacks: The SecurityMetrics Security Operations Center (SOC) is actively monitoring the...

Authorization Bypass: A Cautionary Tale CVE (2020-11679,...

Attackers: Known or Unknown? That is the question. Far too often I come across applications where developers have made every attempt to secure...

Jen Stone: Principal Security Analyst

Jen Stone is a Principal Security Analyst for SecurityMetrics. In her 4 years at SecurityMetrics, she has completed over 80 security assessments...

Penetration Testing FAQs

Whether your business needs a penetration test for an industry compliance requirement, or because of a security incident, the process can seem...

Update: COVID-19 Cyber Threats and Attacks

Current COVID-19 Cyber Threats The UN Agency WHO has reported a 500% increase in cyber security incidents over the same period last year. As our...

How to Become PCI Compliant: The 2020 Guide to PCI DSS Compliance

Payment Card Industry (PCI) compliance is required for any organization that takes payment cards. The PCI Data Security Standard (PCI DSS)...

Implementing a PCI-Compliant Remote Workforce Setup

In order to protect the health of employees from the coronavirus (COVID-19) pandemic and to minimize the risk of financial losses due to...

SecurityMetrics Podcast: The Latest in Cybersecurity and...

A cybersecurity podcast for both IT professionals and security novices We are excited to announce the launch of a new project we’ve had in the...

BlogEngine.NET Directory Traversal + Remote Code execution

A remote code execution (RCE) vulnerability, CVE-2019-10719, was discovered in BlogEngine 3.3.7 and earlier. Leveraging a path traversal in...

Need help securing your business?

Request a quote!

We are excited to work with you.

*Required

Thank you!

Your request has been submitted.