Blog

Blog

Beyond Good and Eval()

By Cybersecurity Experts at Fortra on Wed, 10/16/2024

Explore the threat of webshells—malicious scripts attackers use to control compromised web servers. Discover the different types of webshells and how they exploit vulnerabilities.

Blog

Why We Can’t Take Supply Chain Attacks Seriously Enough

By Theo Zafirakos on Wed, 10/16/2024

Research suggests that 98% of organizations are currently doing business with a third party that’s been breached. Learn about the main types of supply chain attacks today and the simplest steps to stay safe.

Blog

Patch Tuesday Update October 2024

By Tyler Reguly on Wed, 10/09/2024

Blog

Patch Tuesday Update - October 2024

Tue, 10/08/2024

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.52.0 and FVM Agent 2.13 releases. Microsoft addressed 117 vulnerabilities in this release, including 3 rated as Critical and 43 Remote Code Execution vulnerabilities. This release also includes fixes for two vulnerabilities that have been exploited in the wild. CVE-2024-43572 Microsoft Management Console Remote Code...

Blog

BEC Global Insights Report: September 2024

By John Farina on Tue, 10/08/2024

The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.

Blog

Fortra Insights: Customer Cybersecurity Challenges and Plans for 2025

By Lisa Lombardo on Thu, 10/03/2024

Fortra’s cybersecurity experts share insights into their customers’ top concerns and strategies for 2025. This article uncovers how businesses prepare to navigate the evolving cybersecurity landscape, from static budgets to compliance pressures and modern threats.

Blog

Election Integrity at Risk: Safeguarding 2024’s Global Polls from Cyber Attacks

By Antonio Sanchez on Tue, 10/01/2024

As the world prepares for the 2024 election cycle, cybersecurity, disinformation, and AI-driven manipulation are emerging as major threats to democratic processes. From deepfakes to foreign influence campaigns, the risks to election integrity are growing. Individuals, businesses, and governments must unite to protect global elections from these evolving challenges.

Blog

Are Younger Generations Losing Faith in Cybersecurity? The Oh, Behave! Report Investigates

By Antonio Sanchez on Fri, 09/27/2024

Times have changed since the happy-go-lucky internet days of the dot-com boom. Find out just how much, what that means, and what cybersecurity practitioners can do about it.

Blog

BEC Global Insights Report: August 2024

By John Farina on Thu, 09/26/2024

Blog

Fortra VM 7.0.3 Release

Thu, 09/19/2024

The Fortra VM 7.0.3 release is now live.  In this release there is a new Standard Scan feature. New Standard Scan Fortra VM Release 7.0.3 introduces a new Standard Scan option. This Standard Scan feature provides an initial preset option that pre-selects the most widely used VM scan settings. Standard mode allows users to get a scan up and running in just a few clicks, without having to go...

Blog

Patch Tuesday Update September 2024

By Tyler Reguly on Thu, 09/12/2024

Today, we get four vulnerabilities that have seen active exploitation, one of which has also been publicly disclosed.

Vulnerability Research

Patch Tuesday Update - September 2024

By Mieng Lim on Tue, 09/10/2024

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.50.0 and FVM Agent 2.11 releases.Microsoft addressed 79 vulnerabilities in this release, including 7 rated as Critical and 23 Remote Code Execution vulnerabilities.This release also includes fixes for four vulnerabilities that have been exploited in the wild.CVE-2024-38217 and CVE-2024-38226 are Security Feature Bypass...

Blog

Is Your Data REALLY Safe on the IBM i (AS/400)?

By Tom Huntington on Thu, 08/29/2024

Discover the three things you can do, starting today, to ensure your data is properly secured on your IBM i (AS/400).

Blog

The Password Atmosphere – Problem, or Progress?

By Lisa Lombardo on Mon, 08/26/2024

Password security has evolved from simple physical protections to complex, multi-factor authentication systems. Experts suggest that while traditional passwords are becoming outdated, combining them with new technologies like biometrics and passkeys offers stronger security. Future trends point towards more user-friendly yet robust methods to safeguard digital access.

Blog

What Is the NIST Risk Management Framework (RMF)?

By Antonio Sanchez on Mon, 08/26/2024

The NIST Risk Management Framework, or RMF, is a voluntary 7-step process used to manage information security and privacy risks. By following the NIST RMF, organizations can successfully implement their own risk management programs, maintain compliance, and address the weaknesses that present the greatest danger to their enterprise.

Blog

My Takeaways from Black Hat USA 2024

By Antonio Sanchez on Mon, 08/19/2024

The importance of resilience and business continuity dominated conversations at Black Hat USA 2024. In this blog, security expert Antonio Sanchez shares his take on this year’s event.

Blog

89% of Security Awareness Programs Are Focused on Social Engineering in 2024

By Antonio Sanchez on Thu, 08/15/2024

Cybersecurity experts from over 70 countries share their insights, candor, and challenges when it comes to raising the level of cybersecurity awareness in their organizations. Learn how Fortra’s Terranova Security can help.

Blog

Patch Tuesday Update August 2024

By Tyler Reguly on Thu, 08/15/2024

The three CVSS 9.8 vulnerabilities included in this month’s patch drop are likely to be the first thing that catches anyone’s attention this month. All three are remote, unauthenticated code execution, the very type of vulnerability where we previously would have used the word, “wormable.”

Vulnerability Research

Patch Tuesday Update - August 2024

By Mieng Lim on Tue, 08/13/2024

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.48.0 and FVM Agent 2.10 releases.Microsoft addressed 86 vulnerabilities in this release, including 7 rated as Critical and 28 Remote Code Execution vulnerabilities.This release also includes fixes for six vulnerabilities that have been exploited in the wild.Microsoft Project Remote Code Execution Vulnerability (CVE-2024-38189...

Blog

Report Reveals Highest Cost of Data Breach Spike Since Pandemic

By Antonio Sanchez on Thu, 08/08/2024

IBM recently released their 2024 Cost of a Data Breach Report, highlighting some of the surprising cost increases and the reasons behind them.

Beyond Good and Eval()

Why We Can’t Take Supply Chain Attacks Seriously Enough

Patch Tuesday Update October 2024

Patch Tuesday Update - October 2024

BEC Global Insights Report: September 2024

Fortra Insights: Customer Cybersecurity Challenges and Plans for 2025

Election Integrity at Risk: Safeguarding 2024’s Global Polls from Cyber Attacks

Are Younger Generations Losing Faith in Cybersecurity? The Oh, Behave! Report Investigates

BEC Global Insights Report: August 2024

Fortra VM 7.0.3 Release

Patch Tuesday Update September 2024

Patch Tuesday Update - September 2024

Is Your Data REALLY Safe on the IBM i (AS/400)?

The Password Atmosphere – Problem, or Progress?

What Is the NIST Risk Management Framework (RMF)?

My Takeaways from Black Hat USA 2024

89% of Security Awareness Programs Are Focused on Social Engineering in 2024

Patch Tuesday Update August 2024

Patch Tuesday Update - August 2024

Report Reveals Highest Cost of Data Breach Spike Since Pandemic

Privacy Policy

Cookie Policy

Accessibility

Impressum