Blog

school-hacking-image
Blog

From mischief to malware: ICO warns schools about student hackers

By Graham Cluley on Wed, 09/17/2025
Curiosity killed the cat and in today's classrooms it seems it is also crashing the school server, pinching teachers' passwords, and rewriting the lunch menu for a laugh.Recent data released by the UK's Information Commissioner's Office (ICO), highlights that the same curiosity for technology that can lead a young person into a career in cybersecurity can also lead them into trouble.According to...
To Patch or Not to Patch? How to Manage your CVEs in the Real World
Blog

To Patch or Not to Patch? How to Manage your CVEs in the Real World

By Katrina Thompson on Tue, 09/16/2025
When you consider the cost of patching vulnerabilities, it begs the question: Is all this really necessary?Turns out, it may not be.At least, not in the way we’ve been used to doing it. With expertise in everything from MITRE ATT&CK to vulnerability exposure research, Fortra’s Tyler Reguly, Associate Director R&D, weighs in with what over two decades of experience has taught him about managing...
Threat Research & Intelligence
Data Loss Prevention
Vulnerability Management
nist_sp_800-171_revision_3_what_it_means_and_how_defense_contractors_can_prepare
Blog

NIST SP 800-171 Revision 3: What It Means and How Defense Contractors Can Prepare

By Katrina Thompson on Fri, 09/12/2025
These days, defense contractors need to stay nimble where compliance is concerned. As technological threats advance, the need for clarity, specificity, and simplicity increases, leading to changes in the regulations that govern contractor cybersecurity. A recently released US Department of Defense (DoD) memo has spurred rumblings that the underlying NIST framework on which the DoD-mandated CMMC ...
Blog

XMRig Targets Financial Industry

By Israel Cerda on Thu, 09/11/2025
Executive SummaryThe Fortra Intelligence and Research (FIRE) team has discovered and aided in the mitigation of a malware campaign delivering an open-source cryptocurrency miner, known as XMRig. This campaign stands out to security researchers because cryptojacking or malicious cryptocurrency mining operations rarely target enterprise environments with these methods, and more frequently focus on...
from_inbox_to_infrastructure_ais_role_in_modern_cyber_threats
Blog

From Inbox to Infrastructure: AI’s Role in Modern Cyber Threats

By Kirsten Doyle on Thu, 09/11/2025
AI is no longer science fiction. It is in the inbox. It is in the network. It is in every attack and every defense. Cyber attackers are learning fast. They use AI to scan, craft, and exploit. They automate what used to take hours. They personalize at scale. And defenders are racing to keep pace, building AI-driven tools to stop what attackers create. “Threat actors are constantly innovating and...
kingpin
Blog

US charges suspected ransomware kingpin, and offers $10 million bounty for his capture

By Graham Cluley on Wed, 09/10/2025
A US federal court has unssealed charges against a Ukrainian national who authorities allege was a key figure behind several strains of ransomware, including LockerGoga, MegaCortex, and Nefilim. Volodymyr Viktorovich Tymoshchuk (who is also said to use the aliases "deadforz", "Boba", "msfv", and "farnetwork") has been charged for his alleged role in a series of ransomware attacks that extorted...
Patch Tuesday Analysis
Blog

September 2025 Patch Tuesday Analysis

By Tyler Reguly on Tue, 09/09/2025
Today’s Patch Tuesday Alert addresses Microsoft’s September 2025 Security Updates. We are actively working on coverage for these vulnerabilities and expect to ship that coverage as soon as it is completed.In-The-Wild & Disclosed CVEsCVE-2025-55234From the advisory, “Microsoft is releasing this CVE to provide customers with audit capabilities to help them to assess...
Vulnerability Management
Blog

How to Automate Vulnerability Management: Benefits, Best Practices, and FAQs

Mon, 09/08/2025
What Is Vulnerability Management Automation? At its core, vulnerability management (VM) is the continuous process of scanning an organization’s digital environment for exploitable weaknesses that could serve as entry points for cyberattacks, reporting and evaluating the findings, and remediating systems to remove detected weaknesses. For vulnerability...
Vulnerability Management
the_critical_role_of_offensive_security_in_cyber_defense
Blog

Breaking the Chain - The Critical Role of Offensive Security in Cyber Defense

By Katrina Thompson on Mon, 09/08/2025
Offensive security practices—particularly penetration testing and red teaming—help organizations proactively disrupt the cyber attack chain. By simulating real-world attacks, offensive security identifies weak points across the kill chain stages (reconnaissance, weaponization, delivery, exploitation, installation, command & control, and actions on objectives) before threat actors can exploit them...
Beyond Red vs. Blue: Bring on the Purple Team
Blog

Beyond Red vs. Blue: Bring on the Purple Team

By Katrina Thompson on Fri, 09/05/2025
What Is a Purple Team?In cybersecurity, a purple team is a group that combines offensive red team capabilities with defensive blue team insights to provide a truly collaborative, well-balanced security posture. “Purple teaming” is more than a work group; it should be a philosophy.If you’re familiar with offensive security, red and blue team structures are well known. To review:Red Teams: Perform...
Red Teaming
Phantom Scam
Blog

FBI warns seniors are being targeted in three-phase Phantom Hacker scams

By Graham Cluley on Wed, 09/03/2025
The FBI’s Internet Crime Complaint Center (IC3) says that the elderly are more at risk from falling victim to online fraud and internet scammers than ever before. In fact, according to the IC3's latest published annual report, seniors suffered a staggering US $4.885 billion dollars worth of losses last year - a 43% increase from 2023. With an average...
Fortra Patch Priority Index
Blog

Fortra Patch Priority Index for August 2025

By Lane Thames on Wed, 09/03/2025
Fortra's August 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google.First on the list are patches for Chromium and Microsoft Edge (Chromium-based) that resolve use-after-free and inappropriate implementation vulnerabilities.Next on the list are patches for Microsoft Office, Word, Excel, PowerPoint, and Visio. These patches resolve 15 issues, including...
Vulnerability Management
machines_catch_yesterdays_scams_humans_stop_tomorrows
Blog

Machines Catch Yesterday’s Scams, Humans Stop Tomorrow’s

By Kirsten Doyle on Tue, 09/02/2025
Email is still the front door for attackers. And the door is wide open. Scammers now use the same tools defenders do. A bad actor with access to a large language model can generate flawless English, craft convincing requests, and sound exactly like a colleague or supplier. The result: emails that slip past traditional filters with ease. “By the time blocking rules and security have been built up...
Email Security & Anti-Phishing
credit_union_security_your_compliance_roadmap
Blog

Credit Union Security: Your Compliance Roadmap

By Katrina Thompson on Mon, 09/01/2025
Cybersecurity for Credit UnionsCredit union cybersecurity compliance is the practice of adhering to a set of mandates and regulations that ensure the confidentiality and integrity of digitized member data.Last year (September 1, 2023 – August 31, 2024) the National Credit Union Administration (NCUA) reported 1,072 cyberattacks among the 4,411 federally registered credit unions in the U.S. That...
Cybersecurity Regulatory Landscape in Switzerland A Primer for Business
Blog

Cybersecurity Regulatory Landscape in Switzerland: A Primer for Business 

By Kirsten Doyle on Thu, 08/28/2025
Switzerland is famous for being neutral, discreet, and self-contained. And while that reputation holds in the digital world, too, in the immortal words of Bob Dylan, “the times they are a changin.” To stay in business, even Switzerland must meet data privacy standards set outside of its borders. Cyber threats are growing in volume and sophistication, and regulations need to adapt accordingly. For...
cephalus
Blog

Cephalus ransomware: What you need to know

By Graham Cluley on Wed, 08/27/2025
What is Cephalus?Cephalus is a relatively new ransomware operation that emerged in mid-2025, and has already been linked to a wave of high-profile data leaks. Like many other ransomware attacks, Cephalus not only encrypts but also steals sensitive data - with victims named-and-shamed on a dedicated leak site hosted on the dark web.Where does it get the name Cephalus from?Cephalus is a character...
The Impact of CMMC 3.0 on Government Contractors
Blog

The Impact of CMMC 3.0 on Government Contractors

By Katrina Thompson on Tue, 08/26/2025
With 55% of government contractors expecting their next job to include a CMMC requirement, adhering to the latest, most updated version of “CMMC 3.0" is imperative. According to a recent US Department of Defense (DoD) memo, such an update may be on the horizon.Here are the facts, and what they could mean for certification hopefuls.What is CMMC 3.0?First, let’s get a few things straight. The CMMC 2...
ransomware_pivot_from_hospital_to_high_street
Blog

Ransomware Pivot: From Hospitals to High Street

By Katrina Thompson on Mon, 08/25/2025
Last year, headline news of staggering ransomware attacks was inescapable. But according to new research by Comparitech, those numbers may be slowing down.By studying 211 ransomware attacks on the healthcare sector in H1 2025, the firm noted only a 4% increase year-over-year. While this still represents a modest improvement, figures for other “easier/more lucrative” industries were much higher,...
Cybersecurity Regulatory Landscape in Japan A Primer for Business
Blog

Cybersecurity Regulatory Landscape in Japan: A Primer for Business

By Kirsten Doyle on Fri, 08/22/2025
Cybersecurity in Japan has always had a cultural element, infused with precision, preparation, responsibility, and accountability. Today, it’s also a matter of national security and global trust. As threats intensify and alliances shift, Japan has responded with structured policy and determination. For companies operating in or with ties to Japan, cybersecurity compliance is part of the operating...
Compliance
Understanding the NIS2 Directive: What It Means for Business
Blog

Understanding the NIS2 Directive: What It Means for Business

By Katrina Thompson on Thu, 08/21/2025
What is the NIS2 Directive?The NIS2 (Network and Information Security 2) Directive is the European Union’s updated, overarching cybersecurity legislation governing cybersecurity in 18 critical sectors.NIS2 requires each EU Member State to adopt a national cybersecurity strategy, ensure the proper critical entities comply, and include risk management measures such as:Supply chain...
Compliance