Blog

Blog

Australia Passes Privacy Amendment Bill 2024: First Wave of New Reforms

Wed, 12/18/2024

On 28 November 2024, the Australian government passed the Privacy and Other Legislation Amendment Bill 2024 (Cth), putting a major point in the column of Australian privacy rights. The Bill was signed into law just days after the Australian Senate approved another landmark piece of privacy legislation, the Cyber Security Act 2024 (Cth). Both received Royal Assent on 29 November 2024 and are now...

Blog

Patch Management: Is Your Incident Response Plan Ready for 2025?

By Antonio Sanchez on Mon, 12/16/2024

New incident response plans must anticipate more than just cyberattacks. Patch management needs to be an integral part of IR planning in 2025. Read why.

Blog

Patch Tuesday Update December 2024

By Tyler Reguly on Thu, 12/12/2024

While not the smallest December Patch Tuesday we’ve ever had, there are only 72 CVEs this month, with only one that has been publicly disclosed and exploited and one that scores above a CVSS 9.0.

Blog

BEC Global Insights Report: November 2024

By John Farina on Mon, 12/09/2024

The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.

Blog

What Are Government Security Classifications (GSC)?

Mon, 12/09/2024

GSC is a policy system used by the UK government and public sector organizations to classify information and data assets. This system helps manage and protect information from threats and breaches by providing guidelines on handling specific types of information.The GSC utilizes three classification tiers: OFFICIAL, SECRET, and TOP SECRET, each representing a different level of sensitivity...

Blog

Everything You Need to Know About Network Probes

By Kevin Jackson on Wed, 12/04/2024

What are probes, how do they work, and why are they so essential to network monitoring?

Blog

The Repercussions of Zero Trust Adoption in Federal Agencies

By John Grancarich on Mon, 12/02/2024

It’s no secret that the public sector continues to push towards zero trust adoption, and for good reason. Fortra’s John Grancarich shares his thoughts on what this means for government collaboration at large and the future of the threat landscape.

Blog

Cloudflare’s pages.dev and workers.dev Domains Increasingly Abused for Phishing

By Meriam Senouci on Mon, 12/02/2024

IntroductionFortra has observed a rising trend in legitimate service abuse, with a significant volume of attacks targeting Cloudflare Pages. Workers.dev is a domain used by Cloudflare Workers’ deployment services, while Pages.dev is used by Cloudflare’s Pages platform that facilitates the development of web pages and sites. Fortra’s Suspicious Email Analysis (SEA) team has identified different...

Blog

What’s On the Security Horizon for 2025? Fortra’s Experts Predict

By John Wilson on Wed, 11/27/2024

From customers probing about vendors’ supply chain practices to attackers threatening victims with personal health information, the cybersecurity landscape is increasingly pushing its way out of the shadows and into the limelight — for better or worse. See what these Fortra experts have to say on the trends facing the industry in 2025.

Blog

What Are Data Mining Risks? How to Protect Against and Mitigate Them

Mon, 11/18/2024

Data mining risks refer to the potential pitfalls and negative consequences associated with the data mining process. Learn more about data mining risks and how to protect yourself from them in this new blog

Blog

Even More Personalization: The Future of Phishing

By Antonio Sanchez on Fri, 11/15/2024

Thanks to new technologies, phishing threat actors have access to even more ways to gain our trust. The future of phishing is granular personalization, and that future starts now.

Blog

XDR vs MDR: What You Need to Know

By XDR vs MDR: What You Need to Know on Thu, 11/14/2024

Understand the differences between XDR and MDR in cybersecurity, their key features, and how they address unique security needs in this blog.

Blog

Patch Tuesday Update November 2024

By Tyler Reguly on Thu, 11/14/2024

The very first thing we need to talk about today is Microsoft’s adoption of CSAF, Common Security Advisory Framework, which they announced in a blog post.

Blog

What Good Cyber Hygiene Says to Attackers About Your Enterprise

By Antonio Sanchez on Wed, 11/13/2024

Vulnerability Research

Patch Tuesday Update - November 2024

By Mieng Lim on Tue, 11/12/2024

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.54.0 and FVM Agent 2.15 releases.Microsoft addressed 89 vulnerabilities in this release, including 4 rated as Critical and 51 Remote Code Execution vulnerabilities.This release also includes fixes for two vulnerabilities that have been publicly disclosed and exploited in the wild.CVE-2024-43451 NTLM Hash Disclosure Spoofing...

Blog

Tales from the Trenches: How Did You Know It Was a Scam?

By Bob Erdman on Mon, 11/11/2024

Find out how the experts handle their own inbox perils, and what we can learn from the best.

Blog

The Role of a Chief Information Security Officer in Today’s Information Landscape

Mon, 11/11/2024

The Chief Information Security Officer oversees infosec strategy and implements policies to safeguard enterprise assets from internal and external threats. Learn more about the requirements of a CISO, including the differences between CISOs, CSOs, and CIOs, in this blog.

Blog

Friday Five: Election Consequences, New Workplace Threats, & More

By Robbie Araiza on Fri, 11/08/2024

As President-elect Donald Trump is set to take office in January, learn what he has in store for cyber policy, along with new threats organizations need to watch for, new TSA-proposed regulations, and more in this week's Friday Five.

Blog

BEC Global Insights Report: October 2024

By John Farina on Thu, 11/07/2024

Blog

What Is Proactive Monitoring? A Complete Guide

By Kevin Jackson on Wed, 11/06/2024

Discover the definition of proactive monitoring, examples of proactive monitoring and early indicators of issues, proactive monitoring best practices, and how to implement proactive monitoring.

Australia Passes Privacy Amendment Bill 2024: First Wave of New Reforms

Patch Management: Is Your Incident Response Plan Ready for 2025?

Patch Tuesday Update December 2024

BEC Global Insights Report: November 2024

What Are Government Security Classifications (GSC)?

Everything You Need to Know About Network Probes

The Repercussions of Zero Trust Adoption in Federal Agencies

Cloudflare’s pages.dev and workers.dev Domains Increasingly Abused for Phishing

What’s On the Security Horizon for 2025? Fortra’s Experts Predict

What Are Data Mining Risks? How to Protect Against and Mitigate Them

Even More Personalization: The Future of Phishing

XDR vs MDR: What You Need to Know

Patch Tuesday Update November 2024

What Good Cyber Hygiene Says to Attackers About Your Enterprise

Patch Tuesday Update - November 2024

Tales from the Trenches: How Did You Know It Was a Scam?

The Role of a Chief Information Security Officer in Today’s Information Landscape

Friday Five: Election Consequences, New Workplace Threats, & More

BEC Global Insights Report: October 2024

What Is Proactive Monitoring? A Complete Guide

Privacy Policy

Cookie Policy

Terms of Service

Accessibility

Impressum