Vulnerability Research
Patch Tuesday Update - August 2023
Tue, 08/08/2023
Today’s Microsoft Security Update includes the Microsoft Patch Tuesday checks in the NIRV 4.26.0 and Fortra VM Agent 1.63.0 releases.Microsoft included fixes for 74 vulnerabilities in this release, including 6 rated as Critical.Microsoft also released 2 security advisories this month with improvements related to defense in depth for Microsoft Office and the Memory Integrity System Readiness Scan...
Blog
Zero Trust 101: A Guide to Zero Trust Security
Fri, 08/04/2023
Discover the benefits of removing implicit trust and enable your organization to continuously authenticate and authorize data access from anyone, anywhere, always.
Blog
INFOGRAPHIC: How to Protect Your Data from Email Phishing Attacks
Wed, 08/02/2023
Responding to a sender, clicking on a link, or downloading a file that may not be trustworthy can lead to data corruption, leaked confidential information, and infected devices or networks. View this infographic to see tips for protecting against phishing attacks.
Blog
Cybersecurity Threats Facing Energy and Utilities: What You Need to Know
Tue, 08/01/2023
Utility sectors have a unique set of challenges that make securing them a job for the experts. That’s where Fortra steps in.
Blog
Inside the fight against hackers who disrupted hospitals and jeopardized lives
By Vanessa Ho on Mon, 07/31/2023
Blog
A First-Hand Account of How Email Security Has Changed – And Where It Is Today
By Antonio Sanchez on Fri, 07/28/2023
A 20-year veteran of the industry shares his first-hand account of how email – and email security – has changed over the years and where it is now.
Blog
Evolve Your Security Strategy to Prepare for DORA
By Antonio Sanchez on Thu, 07/27/2023
Although the DORA compliance deadline is further away, financial institutions regulated by the Act should start preparing their journey now, before the last minute panic keeps knocking on your door. Antonio Sanchez breaks down the five DORA pillars and highlights what it takes to evolve your security effort.
Blog
Top 10 Takeaways: Verizon 2023 Data Breach Investigations Report
By Antonio Sanchez on Thu, 07/27/2023
We’ve summarized the Verizon 2023 DBIR into top points. Find out which attack methods hackers leveraged to drive breaches and how Fortra can help you stay safe.
Blog
Understanding CVE 2023-30990: The Vulnerability Exploiting the DDM
By Amneris Teruel on Tue, 07/25/2023
Discover CVE-2023-30990 - Unauthenticated RCE in IBM i DDM Service. Learn what this vulnerability is, how it impacts the IBM i, and how you can prevent as well as assess your exposure to it.
Blog
Patch Tuesday Update - July 2023
Tue, 07/11/2023
Today’s Microsoft Security Update addressed 130 vulnerabilities, including 9 that are rated as Critical. This is double the number fixed from last month, June 2023.Microsoft included two security advisories this month, ADV230001 and ADV230002.The ADV230001 security advisory addresses some drivers that were certified by the Microsoft’s Windows Hardware Developer Program (MWHDP) that have been used...
Blog
Remote Code Execution Vulnerability in IBM i CVE-2023-30990
Fri, 07/07/2023
Fortra’s Vulnerability Research Team (VRT) has provided a scan check for CVE-2023-30990 - Unauthenticated RCE in IBM i DDM Service in Fortra VM.Per an IBM security bulletin, IBM i is vulnerable to a remote attacker executing arbitrary unauthenticated CL commands as a QUSER, a workstation user role without special authorities, due to weak error handling in the DDM architecture.IBM i DDM...
Blog
Supply Chain Risk
By Antonio Sanchez on Thu, 07/06/2023
The supply chains of today’s global economy rely heavily on technology and information systems to deliver finished goods and services to the end user. However, for all the benefits of a hyperconnected economy this introduces, supply chains also carry with them a high degree of risk.
Blog
Cyber Insurance - Assessing Risks and Securing Your Future
By Antonio Sanchez on Thu, 06/29/2023
Cyber insurance is not the most glittering side of cybersecurity, but it has certainly earned its place in today's security debate.
According to Statista, as of 2021, an average of 48 percent of organizations in selected countries worldwide had cyber insurance, with numbers being slightly higher for countries such as the U.S. (50 percent), Sweden (55 percent), and Austria (66 percent). Current...
Blog
Infosecurity Europe 2023 – That’s a Wrap!
By Nick Hogg on Tue, 06/27/2023
Infosecurity Europe has closed its doors for another year. The aftermath of these events can be a strange time; still reeling from the chaos of the show floor and nursing feet unaccustomed to such intense use, it’s often difficult to make sense of everything we’ve learned.
Blog
Reflections on Day One of Infosecurity Europe 2023
By Josh Davies on Thu, 06/22/2023
Josh Davies, Principal Technical Manager at Fortra, reflects on everything he’s learned at day one of Infosecurity Europe 2023.
Blog
Fostering a Top-Notch Customer Experience
Tue, 06/20/2023
As VP of Customer Operations, Amy Vogsland is all about customer experience. She leads a global department of 100 people who have exquisite attention to detail on all matters related to accounts, renewals, invoicing, and licensing.
Blog
Low Code vs. No Code Automation
By EJ Stanley on Wed, 06/14/2023
All automation tools are not created equal. Some require great technical skills to build and manage automation, leaving many business users unable to reap the benefits of this advanced technology. However, there are tools and solutions that enable anybody to set up automated workflows that boost productivity and save time. These no-code and low-code tools bring automation to everyone—no matter...
Blog
The Benefits of Automating IBM i Spool File Conversion and Delivery
By Greg J. Schmidt on Wed, 06/14/2023
Discover how automating your IBM i spool file management and delivery can make your data more accessible to users and easier to deliver for administrators.
Vulnerability Research
Patch Tuesday Update - June 2023
Tue, 06/13/2023
Today’s Microsoft Security Update addressed 78 vulnerabilities, including 6 that are rated as Critical. None of the vulnerabilities included in the Patch Tuesday release appear to be currently exploited in the wild.Of note, Microsoft SharePoint Server Elevation of Privilege Vulnerability (CVE-2023-29357) appears to allow an attacker to bypass authentication using a spoofed JWT authentication token...