Chris Reffkin, Chief Security & Risk Officer at Fortra, authored an article for Manufacturing.net that outlines how technology and security leaders should react in the critical early moments of a ransomware attack. He explains why containment must remain the top priority, how leaders should communicate clearly and quickly with executives, and how to assess the impact with support from legal and incident response teams.

Ricardo Narvaja’s vulnerability research is featured in Cyber Security News, examining CVE-2026-2636, a denial-of-service flaw in Windows’ Common Log File System driver. The vulnerability allows a low-privileged user to trigger an unrecoverable Blue Screen of Death through a simple proof of concept requiring only two API calls. 

Software and cloud vulnerabilities continue to grow in volume and complexity. In IT Security Wire, Tyler Reguly outlines how organizations can move beyond patching everything and instead focus on prioritization, stakeholder alignment, and asset visibility to reduce fatigue and improve outcomes.

Fortra is featured in the Q4 2025 APWG Phishing Activity Trends Report for its analysis of Business Email Compromise activity and attacker behavior. Fortra examined thousands of BEC attacks during the quarter and identified a 136 percent increase in wire transfer attempts. The average request amount rose to 50,297 dollars. The report also highlights Scripted Sparrow, a threat group that has become...

CSO reported on Microsoft’s February 2026 Patch Tuesday release, which addressed 60 vulnerabilities, including six that are new and actively exploited.

Josh Davies was featured in a recent The Register article examining the risks behind the viral AI caricature trend.

Tyler Reguly, Associate Director of Security R&D at Fortra, was quoted in a CSO article examining Microsoft’s January 2026 Patch Tuesday, which includes an actively exploited zero-day and several critical vulnerabilities affecting Windows, Office, and SharePoint.

In Security Boulevard, Tyler Reguly explains why the goal of patching every vulnerability is not just unrealistic but counterproductive. Drawing on more than two decades in vulnerability management, he argues that security teams need to stop chasing raw CVE counts and instead focus on risk, context, and asset intelligence to decide what truly matters.Originally published in ​Security Boulevard....

Tyler Reguly, Senior Manager of Security R&D at Fortra, was featured in a CSO article examining how security teams can adapt to the surge in vulnerabilities. He explains why public data remains a valuable tool for guiding risk-based strategies.Originally published in ​CSO.​Excerpt: ​“The reality is that public sources of intelligence are critical to managing your vulnerabilities,” Reguly argues. ...

John Wilson, Senior Fellow of Threat Research at Fortra, dives into the state of DMARC adoption across the top 10 million domains. He explains how SPF, DKIM, and DMARC work together to prevent email spoofing, the dangers of misconfigurations like “+all,” and why few organizations enforce strong DMARC policies even years after the standard’s introduction. Wilson shares key research findings, real...

In a new IT Security Wire podcast, Cary Hudgins discusses what he sees as the most devastating and prevalent emerging threats facing enterprises today.

Tyler Reguly was quoted in a CSO article on Microsoft’s August Patch Tuesday updates.

Rohit Dhamankar, Fortra’s vice president of product strategy, sits down with CyberRisk TV at Black Hat 2025 to examine how offensive security is shifting from periodic pen tests to continuous, AI-assisted approaches that provide measurable proof of defensive effectiveness.

Business email compromise (BEC) scams are on the rise, and Fortra's latest research is helping organizations stay informed. Newsbreak recently featured our June 2025 findings.

In Unite.AI, Fortra's Rohit Dhamankar explores how asymmetric innovation is driving the next major shift in email security, with AI-generated social engineering attacks that exploit trust instead of code.

Fortra's John Wilson was quoted in the Q1 2025 APWG Phishing Activity Trends Report for his insights on how business email compromise (BEC) scammers are increasingly using Cloudflare to register malicious domains.

Fortra’s Tyler Reguly offered insights on steps companies can take to reduce risk and pointed out a gap in Microsoft’s guidance that could lead to confusion.

A new article in AI Journal explores how phishing attacks are becoming harder to detect and how AI is helping organizations respond.

Microsoft’s June Patch Tuesday brings attention to several critical threats, including four unpatched vulnerabilities in Microsoft Office. In a new CSO article, Fortra’s Tyler Reguly weighs in on what these issues mean for security teams and how to prioritize the most urgent threats.

Tyler Reguly, Associate Director of Security R&D at Fortra, was quoted in a new Computerworld article on Microsoft’s out-of-band updates for a serious Windows 11 startup issue.