Blog
Blog

SEO Poisoning Marketplace Topping Search Results, Impersonating Top Financial Institutions

By Kyle Skwirsk on Mon, 01/26/2026
Introduction to the HaxorSEO MarketplaceFortra Intelligence and Research Experts (FIRE) have uncovered a group of active malicious threat actors operating since 2020. The group refers to themselves as Haxor, a slang word for hackers, and their marketplace as HxSEO, or HaxorSEO. HxSEO has established its primary base of operations and marketplace on Telegram and WhatsApp. HxSEO stands out for...
Blog

Artificial Intelligence for Post-Exploitation

By Steve Salinas on Fri, 01/23/2026
Post-exploitation tasks frequently require manual analysis, such as relying on an operators’ expertise to scan a target environment for sensitive information that could support in the pursuit of an objective. For example, searching file shares and internal applications for sensitive information of credentials. These tasks are often time consuming, but can be dramatically improved with the...
Blog

Fortra Secure Email Gateway 6.2: A Major Leap Forward in Threat Detection and Security

By Cybersecurity Experts at Fortra on Thu, 01/22/2026
The 6.2 release of Fortra’s Secure Email Gateway marks a significant milestone in email security. This major update introduces cutting-edge enhancements powered by the Fortra Threat Brain, designed to deliver superior protection against phishing, malware, and spam.What's New in Version 6.2?At the heart of this release is the Fortra Threat Brain, a sophisticated intelligence engine that aggregates...
Fortra Patch Priority Index
Blog

Fortra Patch Priority Index for December 2025

By Lane Thames on Wed, 01/21/2026
Fortra's December 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google.Up first on the list are patches for Microsoft Edge (Chromium-based) that resolve 13 type confusion, inappropriate implementation, and use after free vulnerabilities.Next on the list are patches for Microsoft Office, Word, Access, Outlook and Excel. These patches resolve 13 remote...
phishing-hook
Blog

BEC Global Insights Report: December 2025

By JT Newby on Fri, 01/16/2026
This report from Fortra Intelligence & Research Experts (FIRE) outlines key BEC trends for December 2025 based on active defense engagements. Findings include a 1% increase in overall attack volume compared to November, with gift cards as the leading cash-out method (52.8%) and Apple Store cards being most requested (50%).
Blog

WEF: AI Overtakes Ransomware as Fastest-Growing Cyber Risk

By Graham Cluley on Thu, 01/15/2026
We can no longer say that artificial intelligence is a "future risk", lurking somewhere on a speculative threat horizon. The truth is that it is a fast-growing cybersecurity risk that organizations are facing today.That's not just my opinion, that's also the message that comes loud and clear from the World Economic Forum's newly-published "Global Cybersecurity Outlook 2026." As the report bluntly...
Fortra Blog
Blog

6 Areas Turning Cyber Compliance from Checkboxes to Proof

By Heather Wiederhoeft on Wed, 01/14/2026
A new year often brings a wave of updated cybersecurity compliance requirements. In 2026, regulators are raising the bar. “Check-the-box” compliance that may once have been sufficient to pass audits is no longer enough. Today’s mandates increasingly demand evidence: proof that controls are operating as designed, faster incident reporting, and broader disclosure obligations across vendors, systems,...
Compliance
Patch Tuesday Analysis
Blog

January 2026 Patch Tuesday Analysis

By Tyler Reguly on Tue, 01/13/2026
Today’s Patch Tuesday Alert addresses Microsoft’s January 2026 Security Updates. The FIRE team is actively working on coverage for these vulnerabilities and expect to ship that coverage as soon as it is completed.In-The-Wild & Disclosed CVEsCVE-2026-20805A vulnerability in the Desktop Windows Manager could lead to the disclosure of user-mode memory. Microsoft has...
Threat Research & Intelligence
Vulnerability Management
Fortra Blog
Blog

Human Error Meets Data Exposure: The Breach Vector No One Talks About

By Megan Freshley on Tue, 01/13/2026
Human error now plays a role in 95 percent of data breaches, making it more critical than ever for security teams to treat it as the substantial threat it is. In some cases, employees intentionally expose sensitive data for personal gain. But the most pervasive insider threats aren’t malicious — they’re accidental. This challenges the notion that an organization can become invulnerable if only it...
Security Awareness Training
Data Loss Prevention
Data Protection
Blog

The Autonomy Paradox: Why Smarter AI Agents Are Harder to Secure

By Dr. Reza Alavi on Mon, 01/05/2026
Agentic AI systems are designed for autonomy, but autonomy changes everything. These aren’t traditional vulnerabilities or software bugs; they’re design-level weaknesses where decision logic, data context, and control boundaries collide. And after a year of watching real agents drift, loop, and improvise in production, one thing’s clear: intelligence without constraint isn’t progress, it’s risk...
Blog

The Real Cost of Data Sprawl: Why Discovery Isn’t Enough

By Heather Wiederhoeft on Sun, 01/04/2026
Data sprawl, the uncontrolled proliferation of data across cloud platforms, collaboration tools, and devices, is creating unprecedented challenges for organizations. As organizations generate and store ever-increasing volumes of unstructured data, every new file, workspace, or database adds complexity, multiplies exposure points, and increases the likelihood of sensitive information slipping...
Blog

Getting to know Errol Weiss: CSO at Health-ISAC

By Joe Pettit on Fri, 01/02/2026
We recently sat down with Errol Weiss, Chief Security Officer (CSO) at Health-ISAC to better understand the challenges, excitements, and concerns facing executive-level security leaders: in healthcare and across the board. We discussed subjects including prescriptively preventing burnout, the largely untapped value in sharing threat intelligence, and closing the security loop so CISOs can sleep at...
Blog

Fortra’s Top 10 Standout Moments of 2025

By John Grancarich on Tue, 12/30/2025
This year, Fortra has been pushing the security envelope on a number of different fronts, and we’re excited to stay on the forefront of cyber change.On that note, here are Fortra’s top ten highlights of 2025. Running these down at year’s end keeps us honest. It shows both our customers and us how far we’ve come, and the exciting places we’re heading toward.1. Acquiring Lookout Cloud SecurityFortra...
Blog

CMMC Compliance: What You Need to Know Heading Into 2026

By Nick Fortune on Sun, 12/28/2025
Now that CMMC 2.0 enforcement is finally underway, the whole topic of the U.S.’s Cybersecurity Maturity Model Certification needs to be revisited. Version 2.0 was simplified and finalized in 2024; however, its official start date was November 10, 2025. Consequently, defense contractors and hopefuls will have to officially clear this latest set of hoops to earn government contracts with the U.S....
Blog

The Supply Chain Vulnerability

By Blessing Monsi on Tue, 12/23/2025
Learn how Python pickle serialization exposes AI/ML pipelines to supply chain attacks. Discover exploitation methods and actionable steps to secure your models.
Virtual environment
Blog

Staying Compliant While Using AI: What CISOs Need to Know

By Gina Cardelli on Mon, 12/22/2025
AI adoption is broad but maturity and security controls are lagging. This means that many organizations are using AI without having established governance boundaries or hardened production-scale controls. Treat AI systems as first-class assets in the risk register; apply the same governance, access controls, monitoring, auditability, and incident readiness as other critical systems. Here's how.
Blog

Velociraptor DFIR Tool Abused in WSUS RCE CVE-2025-59287

By Ben Lee on Thu, 12/18/2025
Below we describe post compromise activity taken by a threat actor following exploitation of the Windows Server Update Service (WSUS) remote code execution vulnerability CVE-2025-59287. In this breach, we have observed the threat actor using several common, typically benign tools to achieve their goals and attempt to mask their actions.The threat actor downloaded Velociraptor, a digital forensics...
Blog

Mind the Gaps: Incremental Steps Toward Real Security

By Lynn Penick on Wed, 12/17/2025
Lynn Penick explores how small, disciplined steps can significantly improve cybersecurity maturity and prevent catastrophic breaches. Using the Louvre Museum heist as an example, it emphasizes that security failures often stem from simple oversights — like weak passwords — rather than sophisticated attacks.