Blog

Blog

Patch Tuesday Update September 2024

By Tyler Reguly on Thu, 09/12/2024

Today, we get four vulnerabilities that have seen active exploitation, one of which has also been publicly disclosed.

Blog

Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)

By Ricardo Narvaja on Mon, 09/09/2024

In this blog post, I will explain a vulnerability in the Microsoft Windows Desktop Windows Manager (DWM) Core library that I analyzed when the exploit for Core Impact was being developed. This vulnerability allows an unprivileged attacker to execute code as a DWM user with Integrity System privileges (CVE-2024-30051).Since there was not enough public information at the time to develop the exploit,...

Blog

Malware, Ransomware, and Viruses vs Your IBM i Server

By Sandi Moore on Tue, 09/03/2024

Many of us have heard that you can’t get a virus on this platform, but the reality is that the integrated file system (IFS) is a tree-like structure. This structure can house Word documents, PDFs, MP3s, JPEG images, and these files can be just as infected on the IBM i server as they can on any Windows work station or server.

Blog

Patch Tuesday Update August 2024

By Tyler Reguly on Thu, 08/15/2024

The three CVSS 9.8 vulnerabilities included in this month’s patch drop are likely to be the first thing that catches anyone’s attention this month. All three are remote, unauthenticated code execution, the very type of vulnerability where we previously would have used the word, “wormable.”

Blog

Open-Source IT Tools: Advantages, Disadvantages, and How Halcyon Compares

By Mike Davison on Mon, 08/05/2024

Discover the advantages and disadvantages of open-source IT tools and how Halcyon's offerings for Linux, Windows, AIX, and IBM i multi-platform environments compares.

Blog

6 Pro Tips from the 2024 State of IBM i Security Study

Mon, 05/06/2024

If you're responsible for IBM i security, you don't want to miss the top 6 expert tips pulled from the 2024 State of IBM i Security Study!

Blog

Going Phishing Isn't Seasonal–Get the Latest Results from 2023's Tournament

By Monica Delyani on Fri, 02/23/2024

Preview the latest global phishing benchmarking results and expert security awareness recommendations from Fortra's Terranova Security 2023 Gone Phishing Tournament.

Blog

Compliance Mandates Apply to IBM i Too

By Amy Williams on Tue, 02/20/2024

The most overlooked aspects of IBM i compliance with PCI-DSS, SOX, HIPAA, and other standards, how to configure them correctly, and what Fortra can do to help.

Blog

Is the AS/400 Dead?

By Tom Huntington on Mon, 02/19/2024

Many IT professionals still use the term AS/400. But can a platform that was introduced in 1988 still be relevant today? The answers typically surprise people.

Blog

How to Succeed at IBM i Security

Mon, 02/19/2024

Find out where security plans are running off course and how you can make a completely attainable plan to succeed.

Blog

You’ve Upgraded Your Hardware. Now It’s Time to Upgrade Your Security Posture

By Amy Williams on Wed, 09/20/2023

If you have recently upgraded your hardware, our this is a great opportunity to establish IBM i security best practices for your organization now and into the future — and our free Security Scan will help you do just that. The Security Scan takes an inventory of your current security settings and uses the results to demonstrate your data’s degree of vulnerability and pinpoint specific weaknesses.

Blog

Cobalt Strike and Outflank Security Tooling: Friends in Evasive Places

Wed, 08/09/2023

Blog

Evolve Your Security Strategy to Prepare for DORA

By Antonio Sanchez on Thu, 07/27/2023

Although the DORA compliance deadline is further away, financial institutions regulated by the Act should start preparing their journey now, before the last minute panic keeps knocking on your door. Antonio Sanchez breaks down the five DORA pillars and highlights what it takes to evolve your security effort.

Blog

Understanding CVE 2023-30990: The Vulnerability Exploiting the DDM

By Amneris Teruel on Tue, 07/25/2023

Discover CVE-2023-30990 - Unauthenticated RCE in IBM i DDM Service. Learn what this vulnerability is, how it impacts the IBM i, and how you can prevent as well as assess your exposure to it.

Blog

A Day in the Life of a SOC Team

Thu, 04/06/2023

Managed detection and response (MDR) would be nothing without a SOC (security operations center). These are the people who make Alert Logic's MDR services so dependable. It’s time you met them.

Blog

An IBM i Hacking Tale

By Pablo Zurro on Thu, 04/06/2023

Discover how penetration testing can be used on IBM i systems to find hidden vulnerabilities in your security. This post breaks down Core Impact's IBM i pen testing process from discovery to privilege escalation.

Blog

3 Tips to Strengthen AWS Container Security

Thu, 04/06/2023

Containers are fundamental to swift, reliable AWS deployment. So, how can you strengthen AWS container security?

Blog

How to Meet Cyber Insurance Requirements for IBM i

Thu, 03/02/2023

Discover what cyber insurance is, the solutions you may need to qualify or lower premiums, and what Fortra offers to assist your IBM i organization with becoming cyber insured.

Blog

What is DORA and How Can You Achieve Compliance?

Tue, 02/28/2023

When searching online for the new EU Regulation for strengthening the cybersecurity of financial entities and their third-party IT providers, called Digital Operational Resilience Act or DORA, it is almost certain that you will stumble upon Dora the Explorer, the famous kids’ animation.

Blog

How to Recognize and Respond to Emerging Social Media Cybersecurity Threats

Wed, 12/07/2022

Facebook. Twitter. Instagram. LinkedIn. YouTube. Pinterest. Mastodon. The list goes on. Whether you love or loathe social media, these platforms have become integral to how we communicate as individuals and businesses. Cybercriminals have also taken note, embracing these communication channels wholeheartedly to reach vast audiences quickly,...

Patch Tuesday Update September 2024

Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)

Malware, Ransomware, and Viruses vs Your IBM i Server

Patch Tuesday Update August 2024

Open-Source IT Tools: Advantages, Disadvantages, and How Halcyon Compares

6 Pro Tips from the 2024 State of IBM i Security Study

Going Phishing Isn't Seasonal–Get the Latest Results from 2023's Tournament

Compliance Mandates Apply to IBM i Too

Is the AS/400 Dead?

How to Succeed at IBM i Security

You’ve Upgraded Your Hardware. Now It’s Time to Upgrade Your Security Posture

Cobalt Strike and Outflank Security Tooling: Friends in Evasive Places

Evolve Your Security Strategy to Prepare for DORA

Understanding CVE 2023-30990: The Vulnerability Exploiting the DDM

A Day in the Life of a SOC Team

An IBM i Hacking Tale

3 Tips to Strengthen AWS Container Security

How to Meet Cyber Insurance Requirements for IBM i

What is DORA and How Can You Achieve Compliance?

How to Recognize and Respond to Emerging Social Media Cybersecurity Threats

Contact Information

Privacy Policy

Cookie Policy

Impressum