Your organization might have many cybersecurity defenses in place, but defenses alone are not enough to protect you from today’s multi-faceted cyberattacks. Proactively adding a layer of offensive security assessment and testing helps you pinpoint your system weaknesses before they are exploited. Proactive security measures help you stay ahead of attackers by:Identifying vulnerabilities and...

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.46.0 and FVM Agent 2.9 releases.Microsoft addressed 142 vulnerabilities in this release, including 5 rated as critical, and 59 remote code execution vulnerabilities.This release represents a huge increase in the number of CVEs, as opposed to last month’s count.Notable Vulnerabilities from this patch Tuesday release:CVE-2024...

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.44.0 and FVM Agent 2.8 releases.Microsoft addressed 51 vulnerabilities in this release, including 1 rated as Critical and 18 Remote Code Execution vulnerabilities.CVE/AdvisoryTitleTagMicrosoft Severity RatingBase ScoreMicrosoft ImpactExploitedPublicly DisclosedCVE-2024-30069Windows Remote Access Connection Manager Information...

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.42.0 and FVM Agent 2.7 releases.Microsoft addressed 61 vulnerabilities in this release, including 1 rated as Critical and 27 Remote Code Execution vulnerabilities.This release also includes fixes for CVE-2024-30040 and CVE-2024-30051 which are known to have been exploited in the wild.Windows MSHTML Platform Security Feature...

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.40.0 and FVM Agent 2.6 releases.Microsoft addressed 150 vulnerabilities in this release, including 3 rated as Critical and 67 Remote Code Execution vulnerabilities.This release also includes a fix for the Proxy Driver Spoofing Vulnerability (CVE-2024-26234) that has been exploited in the wild.CVE/AdvisoryTitleTagMicrosoft...

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.38.0 and FVM Agent 2.5 releases.Microsoft addressed 60 vulnerabilities in this release, including 2 rated as Critical and 18 Remote Code Execution vulnerabilities.CVE/AdvisoryTitleTagMicrosoft Severity RatingBase ScoreMicrosoft ImpactExploitedPublicly DisclosedCVE-2024-20671Microsoft Defender Security Feature Bypass...

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.36.0 and Fortra VM Agent 2.4 releases.Microsoft addressed 73 vulnerabilities in this release, including 5 rated as Critical and 30 Remote Code Execution vulnerabilities.This release also includes fixes for CVE-2024-21351 and CVE-2024-21412 that have been exploited in the wild.Internet Shortcut Files Security Feature Bypass...

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.34.0 and Agent 2.3 releases.Microsoft addressed 49 vulnerabilities in this release, including 2 rated as Critical and 12 Remote Code Execution vulnerabilities.CVE/AdvisoryTitleTagMicrosoft Severity RatingBase ScoreMicrosoft ImpactExploitedPublicly DisclosedCVE-2024-20666BitLocker Security Feature Bypass VulnerabilityWindows...

This past November, the European Union Agency for Cybersecurity (ENISA) released its NIS Investments Report 2023, a rundown of how critical EU operators have been investing in cybersecurity pursuant to the NIS Directive. It not only covers how dollars have been spent, but suggest how they ought to be going forward. One particular point of emphasis? Vulnerability management. Vulnerability...

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.32.0 and Agent 2.2 releases.Microsoft addressed 33 vulnerabilities in this release, including 4 rated as Critical and 8 Remote Code Execution vulnerabilities.CVE/AdvisoryTitleTagMicrosoft Severity RatingBase ScoreMicrosoft ImpactExploitedPublicly DisclosedCVE-2023-36696Windows Cloud Files Mini Filter Driver Elevation of...

“Vulnerability Management” can be a security term that carries a lot of unnecessary weight. The irony is that the right vulnerability management (VM) solutions can actually take the weight off – your security team, your organization, and your other assets. Understanding how means debunking some of the more popular myths around this topic and discovering the truth behind one of security’s most...

Fortra VM will include these Microsoft Patch Tuesday checks in the NIRV 4.31.0 and Agent 2.1 releases. Microsoft addressed 58 vulnerabilities in this release, including 3 rated as Critical and 15 Remote Code Execution vulnerabilities. This release includes three vulnerabilities that have been exploited in the wild along with three vulnerabilities that have been publicly disclosed before Patch...

Vulnerability Management may not be the most glamorous aspect of cybersecurity. But just like car insurance, brushing your teeth, and yearly physicals – it is absolutely vital to catching problems before it’s too late. It’s no secret that many companies struggle for resources, especially their security departments. And some unfortunately decide to skip security fundamentals that don’t include...

The Fortra VM 6.5.7 release is now live. In this release, there are multiple enhancements to the PCI Self Service UI and an overall Visual UI Enhancement. PCI Self Service EnhancementsNew Roles – Designated PCI User and Admin roles have been added for the PCI Scan Administration and Management section. Dispute Digest – An option to designate a specific user preference is available so users have...

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.29.0 and Agent 2.0 releases.Microsoft addressed 104 vulnerabilities in this October 2023 release, including 12 rated as Critical and 45 Remote Code Execution vulnerabilities.Three of the CVEs included in this month's release are also being exploited in the wild.HTTP/2 Rapid Reset Attack (CVE-2023-44487)This vulnerability in...

Online banking is nearly universal in 2023. No more long lines at the credit union, late-night ATM trips, or waiting for a check to be cashed. Digital banking has revolutionized the financial industry and the way we do business as a whole.However, it has also indelibly increased the risk of cyberattacks, social engineering scams, and online compromise to the financial community.Here are some of...

Today’s Microsoft Security Update includes Microsoft Patch Tuesday checks in the NIRV 4.28.0 and Fortra VM Agent 1.64.0 releases.Microsoft addressed 59 vulnerabilities in this release, including five rated as Critical.This release also includes three republished non-Microsoft CVEs to address issues in Microsoft Edge (Chromium-based), Visual Studio Code, and 3D Viewer.Two of the CVEs fixed in this...

Today’s Microsoft Security Update includes the Microsoft Patch Tuesday checks in the NIRV 4.26.0 and Fortra VM Agent 1.63.0 releases.Microsoft included fixes for 74 vulnerabilities in this release, including 6 rated as Critical.Microsoft also released 2 security advisories this month with improvements related to defense in depth for Microsoft Office and the Memory Integrity System Readiness Scan...

Today’s Microsoft Security Update addressed 130 vulnerabilities, including 9 that are rated as Critical. This is double the number fixed from last month, June 2023.Microsoft included two security advisories this month, ADV230001 and ADV230002.The ADV230001 security advisory addresses some drivers that were certified by the Microsoft’s Windows Hardware Developer Program (MWHDP) that have been used...

Fortra’s Vulnerability Research Team (VRT) has provided a scan check for CVE-2023-30990 - Unauthenticated RCE in IBM i DDM Service in Fortra VM.Per an IBM security bulletin, IBM i is vulnerable to a remote attacker executing arbitrary unauthenticated CL commands as a QUSER, a workstation user role without special authorities, due to weak error handling in the DDM architecture.IBM i DDM...