In this blog post, I will explain a vulnerability in the Microsoft Windows Desktop Windows Manager (DWM) Core library that I analyzed when the exploit for Core Impact was being developed. This vulnerability allows an unprivileged attacker to execute code as a DWM user with Integrity System privileges (CVE-2024-30051).Since there was not enough public information at the time to develop the exploit,...

Discover the three things you can do, starting today, to ensure your data is properly secured on your IBM i (AS/400).

Discover the advantages and disadvantages of open-source IT tools and how Halcyon's offerings for Linux, Windows, AIX, and IBM i multi-platform environments compares.

If you're responsible for IBM i security, you don't want to miss the top 6 expert tips pulled from the 2024 State of IBM i Security Study!

Preview the latest global phishing benchmarking results and expert security awareness recommendations from Fortra's Terranova Security 2023 Gone Phishing Tournament.

The most overlooked aspects of IBM i compliance with PCI-DSS, SOX, HIPAA, and other standards, how to configure them correctly, and what Fortra can do to help.

Many IT professionals still use the term AS/400. But can a platform that was introduced in 1988 still be relevant today? The answers typically surprise people.

If you have recently upgraded your hardware, our this is a great opportunity to establish IBM i security best practices for your organization now and into the future — and our free Security Scan will help you do just that. The Security Scan takes an inventory of your current security settings and uses the results to demonstrate your data’s degree of vulnerability and pinpoint specific weaknesses.

Discover CVE-2023-30990 - Unauthenticated RCE in IBM i DDM Service. Learn what this vulnerability is, how it impacts the IBM i, and how you can prevent as well as assess your exposure to it.