SecurityMetrics Blog

WiKID Systems 2FA Enterprise Server CSRF

Multiple Cross-Site Request Forgery issues, CVE-2019-17118, were identified on WiKID Systems 2FA Enterprise Server through version 4.2.0-b2053....
View Post

WiKID Systems 2FA Enterprise Server SQL injection

A SQL Injection vulnerability, CVE-2019-16917, was identified on WiKID Systems 2FA Enterprise Server through version 4.2.0-b2047. The uid and...

New (And Old) Apache Struts Flaw: CVE-2016-1000031

Apache Struts developers released another security announcement on November 5, 2018 -- two and a half months after their last big security...

HIPAA Compliance: Storage in the Cloud

HIPAA Compliance in “the cloud” Cloud data storage is a common and convenient option for healthcare organizations. According to Acumen Research...

SecurityMetrics 2019 PCI Compliance Guide

Compliance with any mandate takes time and planning. But, thousands of customers and readers use PCI Compliance Guide to make the PCI compliance...

What is the HIPAA Privacy Rule?

The HIPAA Privacy Rule establishes standards to protect an individual’s medical records and other protected health information (PHI). It concerns...

HITRUST vs. HIPAA

The difference: HITRUST vs. HIPAA HITRUST is a compliance framework created by a private alliance of security industry experts and includes many...

What is HITRUST Compliance?

What is HITRUST? HITRUST stands for the Health Information Trust Alliance. It was founded in 2007 and uses the “HITRUST approach” to help...

SecurityMetrics Guide to PCI DSS Compliance

The SecurityMetrics Guide to PCI DSS Compliance will help you understand current PCI requirements and trends, so that you can better protect data...

How to Manage a Healthcare Data Breach

Protect your organization after a healthcare data breach Data breaches can be devastating. Even entities with strict data security and IT policies...

Securing Mobile Devices with Mobile Encryption

Say you have a tablet that has sensitive information on it, such as card data, personal information, etc. If that tablet is stolen, all that data...

SecurityMetrics GSA Schedule 70 Contract Holder; HACS...

As a GSA Schedule 70 contract holder, SecurityMetrics’ contract–number 47QTCA19D008S–can be found in the GSA elibrary schedule 70, under HACS...

Security Trends: Data Breach Statistics from 2018 and...

Data Breach Statistics from 2018 and Predictions for 2019. How did our predictions from 2018 turn out and what you can do in 2019 to avoid a data breach.

Blogengine.net Directory Traversal & Listing; Login Page...

A directory traversal, CVE-2019-10717, was identified on BlogEngine.NET applications versions 3.3.7 and earlier through the /api/filemanager...

BlogEngine.NET XML External Entity Attacks

An Out-of-band XML External Entity attack, CVE-2019-10718, exists on BlogEngine.NET versions 3.3.7 and earlier through the /pingback.axd endpoint....

Need help securing your business?

Request a quote!