Fortra’s Alexis Ober was featured in The Hacker News article, “Smishing Triad Linked to 194,000 Malicious Domains in Global Phishing Operation.” The piece explores an ongoing large-scale campaign attributed to a China-linked threat group known as Smishing Triad. Alexis shared insights on how these attackers are evolving to exploit brokerage accounts and manipulate markets through “ramp and dump”...

Tyler Reguly, Senior Manager of Security R&D at Fortra, was featured in a CSO article examining how security teams can adapt to the surge in vulnerabilities. He explains why public data remains a valuable tool for guiding risk-based strategies.Originally published in ​CSO.​Excerpt: ​“The reality is that public sources of intelligence are critical to managing your vulnerabilities,” Reguly argues. ...

John Wilson, Senior Fellow of Threat Research at Fortra, dives into the state of DMARC adoption across the top 10 million domains. He explains how SPF, DKIM, and DMARC work together to prevent email spoofing, the dangers of misconfigurations like “+all,” and why few organizations enforce strong DMARC policies even years after the standard’s introduction. Wilson shares key research findings, real...

In a new IT Security Wire podcast, Cary Hudgins discusses what he sees as the most devastating and prevalent emerging threats facing enterprises today.

Tyler Reguly was quoted in a CSO article on Microsoft’s August Patch Tuesday updates.

Fortra’s latest research uncovers a new wave of executive phishing attacks leveraging QR codes, carried out by the Phishing-as-a-Service (PhaaS) group Tycoon2fa.

Rohit Dhamankar, Fortra’s vice president of product strategy, sits down with CyberRisk TV at Black Hat 2025 to examine how offensive security is shifting from periodic pen tests to continuous, AI-assisted approaches that provide measurable proof of defensive effectiveness.

Business email compromise (BEC) scams are on the rise, and Fortra's latest research is helping organizations stay informed. Newsbreak recently featured our June 2025 findings.

Fortra Intelligence & Research Experts (FIRE) are calling attention to a phishing campaign that impersonates well-known companies like Nvidia, Glassdoor, and Red Bull to lure job seekers into handing over personal data.

In Unite.AI, Fortra's Rohit Dhamankar explores how asymmetric innovation is driving the next major shift in email security, with AI-generated social engineering attacks that exploit trust instead of code.

Fortra's John Wilson was quoted in the Q1 2025 APWG Phishing Activity Trends Report for his insights on how business email compromise (BEC) scammers are increasingly using Cloudflare to register malicious domains.

The Register reports that ransomware group SafePay claimed responsibility for a multi-day outage at Ingram Micro, one of the world’s largest tech distributors.

Fortra’s Tyler Reguly offered insights on steps companies can take to reduce risk and pointed out a gap in Microsoft’s guidance that could lead to confusion.

A new article in AI Journal explores how phishing attacks are becoming harder to detect and how AI is helping organizations respond.

Microsoft’s June Patch Tuesday brings attention to several critical threats, including four unpatched vulnerabilities in Microsoft Office. In a new CSO article, Fortra’s Tyler Reguly weighs in on what these issues mean for security teams and how to prioritize the most urgent threats.

Tyler Reguly, Associate Director of Security R&D at Fortra, was quoted in a new Computerworld article on Microsoft’s out-of-band updates for a serious Windows 11 startup issue.

William Snowden was recently featured on Vizo Financial’s Financial Minds: Meet the Experts podcast to talk about the importance of vulnerability scanning and penetration testing for credit unions.

A recent phishing campaign analyzed by Fortra’s Suspicious Email Analysis team used a unique mix of methods to bypass detection and reach inboxes.

Fortra threat researchers recently uncovered a stealthy phishing campaign and a growing phishing-as-a-service (PhaaS) operation.

In this article for Unite.AI, Alexis Ober outlines how attackers are leveraging Vishing-as-a-Service to industrialize social engineering and what organizations can do to stay ahead.