John Wilson, Senior Fellow of Threat Research at Fortra, dives into the state of DMARC adoption across the top 10 million domains. He explains how SPF, DKIM, and DMARC work together to prevent email spoofing, the dangers of misconfigurations like “+all,” and why few organizations enforce strong DMARC policies even years after the standard’s introduction. Wilson shares key research findings, real...

Microsoft’s September 2025 Patch Tuesday addressed 81 vulnerabilities, with elevation of privilege flaws making up nearly half of the total. In coverage by Dark Reading, Fortra’s Tyler Reguly questioned Microsoft’s use of CVE identifiers, noting that the approach could significantly expand how many CVEs are issued each year.Originally published in ​Dark Reading.​Excerpt: ​"CVEs mean that a...

ESET researchers have uncovered PromptLock, an early proof-of-concept ransomware that leverages a large language model to generate attack scripts.

In a new IT Security Wire podcast, Cary Hudgins discusses what he sees as the most devastating and prevalent emerging threats facing enterprises today.

Tyler Reguly was quoted in a CSO article on Microsoft’s August Patch Tuesday updates.

In this podcast, Josh Davies from Fortra and Alan Rodger of Bloor Research discuss how data security is evolving, the risks posed by high-profile breaches, and the role of AI in modern protection strategies.

AI agents are changing the face of reconnaissance, using public sources to build detailed organizational profiles in minutes.

Fortra’s latest research uncovers a new wave of executive phishing attacks leveraging QR codes, carried out by the Phishing-as-a-Service (PhaaS) group Tycoon2fa.

Rohit Dhamankar, Fortra’s vice president of product strategy, sits down with CyberRisk TV at Black Hat 2025 to examine how offensive security is shifting from periodic pen tests to continuous, AI-assisted approaches that provide measurable proof of defensive effectiveness.

Cyber Security News recently featured Fortra’s work applying large language models (LLMs) to offensive security research.

Tyler Reguly, Associate Director of Security R&D at Fortra, was quoted in Dark Reading on Microsoft’s August Patch Tuesday update.

Fortra’s John Wilson was recently featured in a TechNewsWorld article examining why the United States remains a top target for dark web threats.

Business email compromise (BEC) scams are on the rise, and Fortra's latest research is helping organizations stay informed. Newsbreak recently featured our June 2025 findings.

Fortra Intelligence & Research Experts (FIRE) are calling attention to a phishing campaign that impersonates well-known companies like Nvidia, Glassdoor, and Red Bull to lure job seekers into handing over personal data.

In Unite.AI, Fortra's Rohit Dhamankar explores how asymmetric innovation is driving the next major shift in email security, with AI-generated social engineering attacks that exploit trust instead of code.

Fortra's John Wilson was quoted in the Q1 2025 APWG Phishing Activity Trends Report for his insights on how business email compromise (BEC) scammers are increasingly using Cloudflare to register malicious domains.

The Register reports that ransomware group SafePay claimed responsibility for a multi-day outage at Ingram Micro, one of the world’s largest tech distributors.

Fortra’s Tyler Reguly offered insights on steps companies can take to reduce risk and pointed out a gap in Microsoft’s guidance that could lead to confusion.

Chris Reffkin, Fortra’s Chief Security and Risk Officer, was featured in InformationWeek discussing how CIOs can manage regulatory compliance challenges.