Blog

ailock-ransomware
Blog

AiLock ransomware: What you need to know

By Graham Cluley on Wed, 07/09/2025
What is AiLock?AiLock is a ransomware-as-a-service (RaaS) operation that first came to light in March 2025. Security researchers at Zscaler noted that they had identified a cybercriminal group extorting ransoms from organisations through threats.I'm guessing the threat was the usual story of "We've stolen your data and encrypted the files on your systems - pay up or we'll dump the information on...
Email Security & Anti-Phishing
Data Loss Prevention
Patch Tuesday Analysis
Blog

July 2025 Patch Tuesday Analysis

By Tyler Reguly on Tue, 07/08/2025
Today’s Patch Tuesday Alert addresses Microsoft’s July 2025 Security Updates. We are actively working on coverage for these vulnerabilities and expect to ship ASPL-1164 as soon as coverage is completed. In-The-Wild & Disclosed CVEsCVE-2025-49719The only publicly disclosed vulnerability this month is an information disclosure in Microsoft SQL Server. Successful exploitation of this vulnerability...
Threat Research & Intelligence
Vulnerability Management
Financial compliance
Blog

Navigating the Complex World of Financial Services Compliance

Mon, 07/07/2025
Financial services compliance requirements exist for a critical reason: the industry is a top target for cyberattacks. These regulations are designed to enforce a baseline standard of protection, safeguarding organizations and their customers against escalating threats.However, there is one thing you must understand — being compliant does not mean you’re secure.According to Verizon’s 2025 Data...
Staying-Ahead-of-Cloud-Threats-Monitoring-Incident-Response-and-Compliance
Blog

Staying Ahead of Cloud Threats: Monitoring, Incident Response, and Compliance

By Cybersecurity Experts at Fortra on Mon, 07/07/2025
The cloud threat landscape in 2025 is marked by speed, scale, and staggering complexity. This year's Top Threats to Cloud Computing Deep Dive 2025 from the CSA reads like a breach compendium: Toyota's misconfigured GitHub repos, the Snowflake supply chain incident, and a ransomware attack linked to CrowdStrike Falcon deployments all illustrate the evolving attack surface and the tremendous...
Vulnerability Management
File Integrity Monitoring (FIM)
Blog

BEC Global Insights Report: June 2025

By John Farina on Fri, 07/04/2025
The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Fortra Patch Priority Index
Blog

Fortra Patch Priority Index for June 2025

By Lane Thames on Thu, 07/03/2025
Fortra’s June 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.Up first on the list are patches for Microsoft Edge (Chromium-based) that resolves 2 issues, including out of bounds read/write and use after free vulnerabilities.Next on the list are patches for Microsoft Office, Word, Excel, PowerPoint, and Outlook. These patches resolve 14 remote code execution...
Vulnerability Management
swiss-data
Blog

Swiss government warns attackers have stolen sensitive data, after ransomware attack

By Graham Cluley on Wed, 07/02/2025
The Swiss government has issued a warning after a third-party service provider suffered a ransomware attack, which saw sensitive information stolen from its systems and leaked onto the dark web. Radix a non-profit health foundation, works with various federal administrations across Switzerland in areas such as promoting good nutrition, healthy exercise, and helping individuals deal with addiction,...
Email Security & Anti-Phishing
Data Loss Prevention
compliance-breakdowns-making-sure-they-only-happen-once
Blog

Compliance Breakdowns: Making Sure They Only Happen Once

By Chris Reffkin on Tue, 07/01/2025
Cross-functional alignment is one of the most effective tools a CIO has for maintaining compliance in a fragmented regulatory environment. However, while many understand that disparate teams working together is “what it’s all about,” many CIOs may not yet realize that it’s their responsibility to take point for the process.Or, that a successful compliance outlook doesn’t mean perfection – it means...
Compliance
Safepay
Blog

SafePay Ransomware: What You Need To Know

By Graham Cluley on Fri, 06/27/2025
What is the SafePay ransomware?SafePay is a relatively new ransomware threat that was first observed around September 2024. Like other ransomware, SafePay encrypts victims' files so they cannot be accessed, and then demands the payment of a cryptocurrency ransom for their recovery. As part of a "double extortion" tactic, the hackers behind SafePay also steal data from affected organisations and...
Vulnerability Management
File Integrity Monitoring (FIM)
iris-report
Blog

Cyberattacks Surge 650%: Insights from the IRIS Report

By Meriam Senouci on Tue, 06/24/2025
The latest Information Risk Insight Study (IRIS) highlights a 650% rise in significant cyber incidents over 15 years, with ransomware and infrastructure attacks on the rise. This blog explores key findings and shows how Fortra helps organizations respond to today’s evolving risks.
Blog

What Can You Monitor on Your Campus Network?

Tue, 06/24/2025
The better question is, what can't you monitor on campus? Intermapper provides education network monitoring for anything on your campus with an IP address. Check out the infographic to see examples of the possibilities. ...
bert-ransomware
Blog

Bert Ransomware: What You Need To Know

By Graham Cluley on Fri, 06/13/2025
What is the Bert ransomware?Bert is a recently-discovered strain of ransomware that encrypts victims' files and demands a payment for the decryption key.Why is it called Bert?I truly have no idea. Maybe whoever created Bert put all of their efforts into the coding of their ransomware, rather than thinking of its marketing. Or maybe they just really like the name "Bert."Or maybe the hacker who...
Blog

BEC Global Insights Report: May 2025

By John Farina on Thu, 06/12/2025
The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Patch Tuesday Analysis
Blog

June 2025 Patch Tuesday Analysis

By Tyler Reguly on Tue, 06/10/2025
Today’s Patch Tuesday Alert addresses Microsoft’s June 2025 Security Updates. We are actively working on coverage for these vulnerabilities and expect to ship ASPL-1160 as soon as coverage is completed. In-The-Wild & Disclosed CVEsCVE-2025-33053A WebDAV code execution vulnerability, CVE-2025-33053 requires that a user open a malicious .URL file for compromise to...
Threat Research & Intelligence
Vulnerability Management
Fortra Patch Priority Index
Blog

Fortra Patch Priority Index for May 2025

By Lane Thames on Wed, 06/04/2025
Fortra's May 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google.Up first on the list are patches for Microsoft Edge (Chromium-based) and Google Chromium that resolve 6 issues including spoofing, out of bounds memory access, insufficient data validation, inappropriate implementation, use after free, and heap buffer overflow vulnerabilities.Next on the...
Vulnerability Management