Blog

Blog

Patch Management: Is Your Incident Response Plan Ready for 2025?

By Antonio Sanchez on Mon, 12/16/2024

New incident response plans must anticipate more than just cyberattacks. Patch management needs to be an integral part of IR planning in 2025. Read why.

Blog

Patch Tuesday Update December 2024

By Tyler Reguly on Thu, 12/12/2024

While not the smallest December Patch Tuesday we’ve ever had, there are only 72 CVEs this month, with only one that has been publicly disclosed and exploited and one that scores above a CVSS 9.0.

Blog

BEC Global Insights Report: November 2024

By John Farina on Mon, 12/09/2024

The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.

Blog

Everything You Need to Know About Network Probes

By Kevin Jackson on Wed, 12/04/2024

What are probes, how do they work, and why are they so essential to network monitoring?

Blog

The Repercussions of Zero Trust Adoption in Federal Agencies

By John Grancarich on Mon, 12/02/2024

It’s no secret that the public sector continues to push towards zero trust adoption, and for good reason. Fortra’s John Grancarich shares his thoughts on what this means for government collaboration at large and the future of the threat landscape.

Blog

Cloudflare’s pages.dev and workers.dev Domains Increasingly Abused for Phishing

By Meriam Senouci on Mon, 12/02/2024

IntroductionFortra has observed a rising trend in legitimate service abuse, with a significant volume of attacks targeting Cloudflare Pages. Workers.dev is a domain used by Cloudflare Workers’ deployment services, while Pages.dev is used by Cloudflare’s Pages platform that facilitates the development of web pages and sites. Fortra’s Suspicious Email Analysis (SEA) team has identified different...

Blog

What’s On the Security Horizon for 2025? Fortra’s Experts Predict

By John Wilson on Wed, 11/27/2024

From customers probing about vendors’ supply chain practices to attackers threatening victims with personal health information, the cybersecurity landscape is increasingly pushing its way out of the shadows and into the limelight — for better or worse. See what these Fortra experts have to say on the trends facing the industry in 2025.

Blog

Malware on IBM i: Powertech Antivirus Success Stories

By Sandi Moore on Mon, 11/25/2024

Discover these real stories of how Powertech Antivirus for IBM i's anti ransomware technology has neutralized the threat of malware on IBM i servers.

Blog

Even More Personalization: The Future of Phishing

By Antonio Sanchez on Fri, 11/15/2024

Thanks to new technologies, phishing threat actors have access to even more ways to gain our trust. The future of phishing is granular personalization, and that future starts now.

Blog

Patch Tuesday Update November 2024

By Tyler Reguly on Thu, 11/14/2024

The very first thing we need to talk about today is Microsoft’s adoption of CSAF, Common Security Advisory Framework, which they announced in a blog post.

Blog

What Good Cyber Hygiene Says to Attackers About Your Enterprise

By Antonio Sanchez on Wed, 11/13/2024

Vulnerability Research

Patch Tuesday Update - November 2024

By Mieng Lim on Tue, 11/12/2024

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.54.0 and FVM Agent 2.15 releases.Microsoft addressed 89 vulnerabilities in this release, including 4 rated as Critical and 51 Remote Code Execution vulnerabilities.This release also includes fixes for two vulnerabilities that have been publicly disclosed and exploited in the wild.CVE-2024-43451 NTLM Hash Disclosure Spoofing...

Blog

Tales from the Trenches: How Did You Know It Was a Scam?

By Bob Erdman on Mon, 11/11/2024

Find out how the experts handle their own inbox perils, and what we can learn from the best.

Blog

BEC Global Insights Report: October 2024

By John Farina on Thu, 11/07/2024

Blog

What Is Proactive Monitoring? A Complete Guide

By Kevin Jackson on Wed, 11/06/2024

Discover the definition of proactive monitoring, examples of proactive monitoring and early indicators of issues, proactive monitoring best practices, and how to implement proactive monitoring.

Blog

Where’s the Tipping Point? 6 Signs It’s Time for an MSSP

Wed, 10/30/2024

Explore six signs it’s time for your business to partner with a Managed Security Service Provider (MSSP). From rising security incidents to compliance demands and cost savings, learn how Fortra’s Alert Logic can strengthen your defenses with expert threat intelligence and 24/7 protection.

Blog

Lean into Security: Take the Next Step toward Securing Your Organization

By Antonio Sanchez on Mon, 10/28/2024

Elevating your organization’s security maturity level requires a forward-leaning approach to cybersecurity leadership. This article discusses key security fundamentals, advanced strategies, and steps to assess and build a robust security maturity model that supports business goals.

Blog

Fortra Pledges to be Secure by Design

By Anthony Israel-Davis on Mon, 10/28/2024

Fortra recently signed CISA’s Secure by Design Pledge. Learn what this means to our customers regarding our approach to software development.

Blog

Beyond Good and Eval()

By Cybersecurity Experts at Fortra on Wed, 10/16/2024

Explore the threat of webshells—malicious scripts attackers use to control compromised web servers. Discover the different types of webshells and how they exploit vulnerabilities.

Blog

Why We Can’t Take Supply Chain Attacks Seriously Enough

By Theo Zafirakos on Wed, 10/16/2024

Research suggests that 98% of organizations are currently doing business with a third party that’s been breached. Learn about the main types of supply chain attacks today and the simplest steps to stay safe.

Patch Management: Is Your Incident Response Plan Ready for 2025?

Patch Tuesday Update December 2024

BEC Global Insights Report: November 2024

Everything You Need to Know About Network Probes

The Repercussions of Zero Trust Adoption in Federal Agencies

Cloudflare’s pages.dev and workers.dev Domains Increasingly Abused for Phishing

What’s On the Security Horizon for 2025? Fortra’s Experts Predict

Malware on IBM i: Powertech Antivirus Success Stories

Even More Personalization: The Future of Phishing

Patch Tuesday Update November 2024

What Good Cyber Hygiene Says to Attackers About Your Enterprise

Patch Tuesday Update - November 2024

Tales from the Trenches: How Did You Know It Was a Scam?

BEC Global Insights Report: October 2024

What Is Proactive Monitoring? A Complete Guide

Where’s the Tipping Point? 6 Signs It’s Time for an MSSP

Lean into Security: Take the Next Step toward Securing Your Organization

Fortra Pledges to be Secure by Design

Beyond Good and Eval()

Why We Can’t Take Supply Chain Attacks Seriously Enough

Privacy Policy

Cookie Policy

Accessibility

Impressum