Blog

Blog

Bert Ransomware: What You Need To Know

What is the Bert ransomware?Bert is a recently-discovered strain of ransomware that encrypts victims' files and demands a payment for the decryption key.Why is it called Bert?I truly have no idea. Maybe whoever created Bert put all of their efforts into the coding of their ransomware, rather than thinking of its marketing. Or maybe they just really like the name "Bert."Or maybe the hacker who...
Blog

BEC Global Insights Report: May 2025

The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Blog

June 2025 Patch Tuesday Analysis

Today’s Patch Tuesday Alert addresses Microsoft’s June 2025 Security Updates. We are actively working on coverage for these vulnerabilities and expect to ship ASPL-1160 as soon as coverage is completed. In-The-Wild & Disclosed CVEsCVE-2025-33053A WebDAV code execution vulnerability, CVE-2025-33053 requires that a user open a malicious .URL file for compromise to...
Blog

Fortra Patch Priority Index for May 2025

Fortra's May 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google.Up first on the list are patches for Microsoft Edge (Chromium-based) and Google Chromium that resolve 6 issues including spoofing, out of bounds memory access, insufficient data validation, inappropriate implementation, use after free, and heap buffer overflow vulnerabilities.Next on the...
Blog

Top Five AI Threats to Watch Out for in H2 2025

AI threats can be plentiful and widespread. This blog breaks through the noise by identifying the top five riskiest AI threats to pay attention to this year. Fortra’s threat research breaks down what these threats are, how they are carried out by threat actors, and the risks they pose to all organizations regardless of size or industry.
Blog

What to Look for in a Vulnerability Management Solution

Click the infographic to view and download in full size One of the most fundamental — and often overlooked — processes of a strong security posture is vulnerability management (VM). VM is much more than just running a vulnerability scan; it’s at the core of all the layers that make up solid cybersecurity. Whether your organization has a simple...
Blog

Prescription For Disaster: Sensitive Patient Data Leaked in Ascension Breach

Ascension, one of the largest private healthcare companies in the United States, has confirmed that the personal data of some 437,329 patients has been exposed following an attack by cybercriminals. To the undoubted distress of Ascension's client base, the details of hundreds of thousands have fallen into the hands of hackers, opening up opportunities for fraud and identity theft. Breached...
Blog

What is CASB?

CASB definedA cloud access security broker (CASB), is cloud-delivered software or on-premises software and/or hardware that acts as an intermediary between users and cloud service providers. The ability of CASBs to address gaps in security extends across software-as-a-service (SaaS), platform-as-a-service (PaaS), and infrastructure-as-a-service (IaaS) environments. In addition to providing...
Blog

What is ZTNA?

Zero Trust NetworkingAs an increasing number of users access resources from anywhere, ZTNA solutions can help eliminate gaps in other secure remote access technologies and methods.Zero Trust Network Access (ZTNA) enforces granular, adaptive, and context-aware policies for providing secure and seamless Zero Trust access to private apps hosted across clouds and corporate data centers, from any...
Blog

What is User and Entity Behavior Analytics (UEBA)?

UEBA is a cybersecurity process that monitors normal usage behavior and flags deviations from established patterns. Because while a perpetrator can easily steal an employee’s username and password, it's much harder to imitate that person’s normal behavior on the network connecting to applications and data. UEBA helps detect intentional and unintentional insider threats, where an authorized user...
Blog

What is SaaS Security Posture Management (SSPM)?

A strong security posture keeps an organization prepared to predict, prevent, and mitigate security threats. While your security posture should include any technologies your organization builds, it also must account for all the tech tools in your ecosystem. The proliferation of SaaS applications in modern business has inspired an entirely new category of security: SaaS security posture management,...
Blog

What is Secure Access Service Edge (SASE)?

SASE definedAs defined by Gartner, SASE is a framework designed to integrate security and network connectivity technologies into a unified, cloud-delivered platform to enable the secure and fast adoption of cloud services. Through the convergence of networking and network security, SASE meets the challenges of digital business transformation, edge computing, and workforce mobility.As organizations...
Blog

What are Cloud Misconfigurations?

As we use more and more cloud applications, the more difficult it’s become to maintain and control our multi-cloud environments. Because of this increasing complexity, configuration errors are becoming more and more common — Gartner says that through 2025, 99% of cloud security failures will be caused by misconfiguration errors. To stay on top of your cloud application security and prevent...
Blog

What is a Secure Web Gateway? (SWG)

Secure Web Gateway definedOrganizations use a SWG to protect their employees. A secure web gateway (SWG) is a security solution that prevents unsecured internet traffic from entering an internal network of an organization. It is used by organizations to protect their employees and users from accessing and being infected by malicious web traffic, websites with vulnerabilities, internet-borne...