Blog

Blog

BEC Global Insights Report: September 2024

The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Blog

CVE-2024-6769: Poisoning the Activation Cache to Elevate From Medium to High Integrity

This blog is about two chained bugs: Stage one is a DLL Hijacking bug caused by the remapping of ROOT drive and stage two is an Activation Cache Poisoning bug managed by the CSRSS server.The first stage was presented in detail at Ekoparty 2023 in the presentation called "I'm High" by Nicolás Economou from BlueFrost Security. He explained how to exploit the vulnerability which, at the time, had not...
Blog

BEC Global Insights Report: August 2024

The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Blog

3 Ways Malware Can Reach Your IFS

It's true that IBM i can't be infected by a PC virus. It's also true that the IFS can act as a host and spread malicious programs throughout your environment.
Blog

Using Reviews to Choose RPA Software

Analyze RPA reviews with a more critical eye to better understand how a robotic process automation vendor can meet your organization’s needs.
Blog

Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)

In this blog post, I will explain a vulnerability in the Microsoft Windows Desktop Windows Manager (DWM) Core library that I analyzed when the exploit for Core Impact was being developed. This vulnerability allows an unprivileged attacker to execute code as a DWM user with Integrity System privileges (CVE-2024-30051).Since there was not enough public information at the time to develop the exploit,...
Blog

Malware, Ransomware, and Viruses vs Your IBM i Server

Many of us have heard that you can’t get a virus on this platform, but the reality is that the integrated file system (IFS) is a tree-like structure. This structure can house Word documents, PDFs, MP3s, JPEG images, and these files can be just as infected on the IBM i server as they can on any Windows work station or server.
Blog

Introduction to Advanced Web UI Automation

Learn web browser automation best practices using Fortra's Automate. Easily build out automations for web processes involving browsers and portals to eliminate manual tasks.
Blog

The Password Atmosphere – Problem, or Progress?

Password security has evolved from simple physical protections to complex, multi-factor authentication systems. Experts suggest that while traditional passwords are becoming outdated, combining them with new technologies like biometrics and passkeys offers stronger security. Future trends point towards more user-friendly yet robust methods to safeguard digital access.
Blog

What Is the NIST Risk Management Framework (RMF)?

The NIST Risk Management Framework, or RMF, is a voluntary 7-step process used to manage information security and privacy risks. By following the NIST RMF, organizations can successfully implement their own risk management programs, maintain compliance, and address the weaknesses that present the greatest danger to their enterprise.