Invalid sign-on attempts happen to everyone from time to time, but large numbers of invalid attempts could indicate a cyber attack in progress.

The data below is taken from the 2021 State of IBM i Security Study, which provides compelling insight into the security posture of 247 IBM i servers and partitions—systems that are often used for business-critical data, payment card data, and personally identifiable information (PII). The full study can be accessed here. ...

In the wrong hands, IBM i special authorities can do serious damage, but the latest research shows far too many users have more access and authority than they need. Learn the best practices and how you can implement them.

Password security issues are critical because they represent the most obvious—and most easily exploited—method to compromise your system. But an alarming number of users rely on the simplest passwords possible on IBM i.

The system security level (QSECURTY) sets the overall tone for your IBM i security posture. Read this blog post to learn how many organizations are following IBM's best practices.

Inactive user profiles pose a serious threat to more IBM i systems than you might expect. Get the latest data and learn how to protect your systems.

NVMe is a communications interface plus high-performance protocol for accessing non-volatile memory. Learn more here.

Your high availability solution is only as solid as your role swaps. You can’t be certain that your systems are switch-ready unless you test. Follow these steps to start testing your role swaps regularly.

Microsoft Exchange Server Remote Code Execution (RCE) VulnerabilityOn Tuesday, March 2nd, Microsoft released an out-of-band security update to mitigate four zero-day vulnerabilities that were observed being exploited in the wild against Microsoft Exchange Servers. A server-side request forgery (SSRF) being tracked as CVE-2021-26855 is the likely initial access for attackers. Exploitation of this...

Brazil is Latin America’s largest technology hub and has the eighth-largest economy by GDP. Getting to know the ins and outs of LGPD is essential for doing business there.

For comprehensive network mapping and monitoring, IT pros trust Intermapper. Learn the 4 ways Intermapper stands out from other solutions and download a free trial to see for yourself.

We are disclosing a vulnerability identified in NETSHIELD Corporation Nano 25. The engineers at NETSHIELD Corporation were prompt in their response when notified of the flaw and have provided a patch for the cyber security issue.NETSHIELD Corporation has released a patch for the affected Nano 25 version 10.2.18.Fortra VM will not include an explicit check for this vulnerability due to the...

Microsoft Defender Zero-Day Remote Code Execution (RCE) VulnerabilityOn Tuesday, January 12th, Microsoft released a patch for an RCE vulnerability present within their antivirus solutions, Windows Defender, System Center Endpoint Protection, and Security Essentials. his vulnerability is being tracked as CVE-2021-1647. Although an exploit has not been publicly released, this vulnerability is...

Win at Remediation with Quality over Quantity VM plan Managing Vulnerabilities Effectively Requires a Quality Over Quantity MindsetBusiness networks will always play host to a number of vulnerabilities. Factor in the current proliferation of endpoints and growing network complexity and you have a list of vulnerabilities that is growing exponentially. The number of reported vulnerabilities has...

Vulnerability management and threat assessment solutions provide the first line of defense in protecting assets across an organization, yet today’s widely deployed solutions are outdated in terms of providing an accurate real-time assessment of today’s complex hybrid-cloud environments. In addition, the majority of legacy solutions fail to prioritize the remediation of risky assets or even assets...

PM400 is dead, now what? Don’t worry! Fortra has a ready-made replacement in Performance Navigator. Read on to learn more.

Zyxel Hardcoded Backdoor Account VulnerabilityOn December 23rd, 2020, the Dutch security firm Eye disclosed a hardcoded backdoor account within the firmware 4.60 on Zyxel Firewalls and AP Controllers. The credentials for this account cannot be changed or altered unless the firmware is patched. These hardcoded credentials provide access to both SSH and web admin interfaces, where additional...

Businesses of all sizes have some form of data that a threat actor could exploit. It is even possible for a cyber-criminal to invade a company's available network with the sole purpose of causing web security testing issues. Whether it involves patient medical histories, credit card data, available consumer transaction histories, or trade secrets, if a company uses technology to transmit or store...

As a merchant, you are likely familiar with the strict Payment Card Industry Data Security Standard (PCI DSS) requirements set by the PCI Security Standards Council (SSC). Failure to adhere to PCI compliance standards creates vulnerabilities within your business’s network that could result in a loss of sensitive credit cardholder data from consumers and malicious intrusion into your business...

Do you own a business that stores, processes, or transmits sensitive data such as credit card information online? If so, you must comply with the Payment Card Industry Data Security Standards (PCI DSS), a set of 12 main regulations to protect customer data. The PCI Security Standards Council compiled the PCI DSS. The council’s members consist of major card companies, including MasterCard, Visa,...