Blog
Your Taxes Are Done but the Scammers Aren’t
By Meriam Senouci on Wed, 04/16/2025
This blog conducts a deep dive into a recent and widespread tax scam identified through Fortra’s threat research. It offers the reader a detailed analysis into the email lure and provides insights with predictions into how these scammers can continue targeting victims even after the tax deadline has passed.
Blog
What Are the Cyber Kill Chain Stages? Stage Five: Installation
By Meriam Senouci on Wed, 04/16/2025
The fifth stage of the cyber kill chain is one of the hardest to detect. Find out how attackers install sneaky backdoors and secretly secure control of your systems.
Blog
RansomHouse Ransomware: What You Need To Know
By Graham Cluley on Tue, 04/15/2025
What is RansomHouse?RansomHouse is a cybercrime operation that follows a Ransomware-as-a-Service (RaaS) business model, where affiliates (who do not require technical skills of their own) use the ransomware operator's infrastructure to extort money from victims. So they are a bog-standard ransomware gang?Not quite. Many ransomware operations encrypt and steal your data, demanding a ransom for a...
Blog
What Are the Cyber Kill Chain Stages? Stage Four: Exploitation
By Meriam Senouci on Thu, 04/10/2025
The exploitation phase of the cyber kill chain is when attackers leverage vulnerabilities to execute malicious code and gain unauthorized access. This blog explores common exploitation techniques, real-world examples, and practical mitigation strategies to protect your organization.
Blog
What Are the Cyber Kill Chain Stages? Stage Three: Delivery
By Meriam Senouci on Thu, 04/10/2025
This blog delves into the delivery stage of the cyber kill chain, where attackers transition from preparation to launching their payloads. It highlights common attack methods, proactive security measures, and how Fortra helps mitigate these cyber threats.
Vulnerability Research
Patch Tuesday Update - December 2024
By Mieng Lim on Wed, 04/09/2025
Fortra Vulnerability Management will include the Microsoft Patch Tuesday checks in the NIRV 4.56.0 and FVM Agent 2.17.Microsoft addressed 70 vulnerabilities this release, including 16 rated as Critical.CVE-2024-49138 - Microsoft has disclosed an actively exploited vulnerability that allows attackers to gain SYSTEM privileges on Windows devices. No further information is provided from Microsoft on...
Blog
What Are the Cyber Kill Chain Stages? Stage Two: Weaponization
By Meriam Senouci on Mon, 04/07/2025
Weaponization is the second phase of the cyber kill chain where attackers create malicious payloads to exploit vulnerabilities. This blog covers the types of weaponization, prevention strategies, and how Fortra can help protect your organization.
Blog
Data Anonymization: Techniques For Protecting Privacy in Data Sets
Mon, 04/07/2025
Data anonymization removes or encodes personally identifiable information in data sets, ensuring individuals described remain anonymous.
Blog
Cloud Data Loss Prevention (DLP): Strategies for Enhanced Security
By Robbie Araiza on Mon, 04/07/2025
Cloud DLP is a security strategy that monitors, detects, and prevents the loss or leakage of sensitive data in cloud environments.
Blog
What Are the Cyber Kill Chain Stages? Stage One: Reconnaissance
By Meriam Senouci on Thu, 04/03/2025
Despite an evolving threat landscape, today’s attackers still rely heavily on the cyber kill chain to do their dirty work. Understanding the reconnaissance phase will help you know where these attacks begin and how to stop them at their onset.
Blog
Bi-weekly Cyber Landscape Reviews - March 25th 2025
By Meriam Senouci on Wed, 04/02/2025
A bi-weekly summary of the latest news, trends, and shifts within the cybersecurity threat landscape.
Blog
How to Optimize Your Data: Techniques for Better Storage and Analysis
Tue, 04/01/2025
Data optimization transforms, restructures, and improves data for efficient processing, storage, and access.
Blog
Automated Threat Hunting: How to Stay Ahead of Cyber Threats
By Robbie Araiza on Mon, 03/31/2025
Automated threat hunting refers to the process of using AI, ML, and tools to identify potential cybersecurity threats proactively.
Blog
Cloud Workload Security: Best Practices for Safeguarding Applications
Mon, 03/24/2025
The cloud has become the de facto platform for app deployment, making cloud resources a target for malicious agents and a priority for data protection. Maintaining a secure cloud environment is essential for fostering and upholding customer trust, a cornerstone of a positive business reputation. Therefore, as organizations increasingly rely on cloud computing, it is imperative they understand the...
Blog
Data Visibility: What It Is And Why It Matters For Your Business
By Robbie Araiza on Mon, 03/24/2025
Data visibility refers to the ability to accurately and holistically see, access, and analyze data within a business or organization in real time.
Blog
Cloud Data Protection Strategies: Keeping Sensitive Information Secure
Mon, 03/17/2025
Learn about key risks to cloud data, including breaches, loss, compliance issues, misconfigurations, and how to reduce these security threats.
Blog
What Is Security Architecture? Key Types and Examples
By Robbie Araiza on Mon, 03/17/2025
Security architecture in cybersecurity entails creating systems, processes, and strategies to defend digital infrastructure and data against threats.
Blog
What Is Network Infrastructure?
By Kevin Jackson on Mon, 03/10/2025
Discover the definition of network infrastructure, what it consists of, and what you can do to monitor and manage it.
Blog
BEC Global Insights Report: February 2025
By John Farina on Fri, 03/07/2025
The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.