Blog
Patch Tuesday Update - October 2024
Tue, 10/08/2024
Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.52.0 and FVM Agent 2.13 releases.
Microsoft addressed 117 vulnerabilities in this release, including 3 rated as Critical and 43 Remote Code Execution vulnerabilities.
This release also includes fixes for two vulnerabilities that have been exploited in the wild.
CVE-2024-43572 Microsoft Management Console Remote Code...
Blog
BEC Global Insights Report: September 2024
By John Farina on Tue, 10/08/2024
The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Blog
Fortra Insights: Customer Cybersecurity Challenges and Plans for 2025
By Lisa Lombardo on Thu, 10/03/2024
Fortra’s cybersecurity experts share insights into their customers’ top concerns and strategies for 2025. This article uncovers how businesses prepare to navigate the evolving cybersecurity landscape, from static budgets to compliance pressures and modern threats.
Blog
Election Integrity at Risk: Safeguarding 2024’s Global Polls from Cyber Attacks
By Antonio Sanchez on Tue, 10/01/2024
As the world prepares for the 2024 election cycle, cybersecurity, disinformation, and AI-driven manipulation are emerging as major threats to democratic processes. From deepfakes to foreign influence campaigns, the risks to election integrity are growing. Individuals, businesses, and governments must unite to protect global elections from these evolving challenges.
Blog
Are Younger Generations Losing Faith in Cybersecurity? The Oh, Behave! Report Investigates
By Antonio Sanchez on Fri, 09/27/2024
Times have changed since the happy-go-lucky internet days of the dot-com boom. Find out just how much, what that means, and what cybersecurity practitioners can do about it.
Blog
BEC Global Insights Report: August 2024
By John Farina on Thu, 09/26/2024
The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Blog
3 Ways Malware Can Reach Your IFS
By Sandi Moore on Tue, 09/24/2024
It's true that IBM i can't be infected by a PC virus. It's also true that the IFS can act as a host and spread malicious programs throughout your environment.
Blog
Fortra VM 7.0.3 Release
Thu, 09/19/2024
The Fortra VM 7.0.3 release is now live. In this release there is a new Standard Scan feature.
New Standard Scan
Fortra VM Release 7.0.3 introduces a new Standard Scan option. This Standard Scan feature provides an initial preset option that pre-selects the most widely used VM scan settings. Standard mode allows users to get a scan up and running in just a few clicks, without having to go...
Blog
Patch Tuesday Update September 2024
By Tyler Reguly on Thu, 09/12/2024
Today, we get four vulnerabilities that have seen active exploitation, one of which has also been publicly disclosed.
Vulnerability Research
Patch Tuesday Update - September 2024
By Mieng Lim on Tue, 09/10/2024
Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.50.0 and FVM Agent 2.11 releases.Microsoft addressed 79 vulnerabilities in this release, including 7 rated as Critical and 23 Remote Code Execution vulnerabilities.This release also includes fixes for four vulnerabilities that have been exploited in the wild.CVE-2024-38217 and CVE-2024-38226 are Security Feature Bypass...
Blog
Malware, Ransomware, and Viruses vs Your IBM i Server
By Sandi Moore on Tue, 09/03/2024
Many of us have heard that you can’t get a virus on this platform, but the reality is that the integrated file system (IFS) is a tree-like structure. This structure can house Word documents, PDFs, MP3s, JPEG images, and these files can be just as infected on the IBM i server as they can on any Windows work station or server.
Blog
Is Your Data REALLY Safe on the IBM i (AS/400)?
By Tom Huntington on Thu, 08/29/2024
Discover the three things you can do, starting today, to ensure your data is properly secured on your IBM i (AS/400).
Blog
The Password Atmosphere – Problem, or Progress?
By Lisa Lombardo on Mon, 08/26/2024
Password security has evolved from simple physical protections to complex, multi-factor authentication systems. Experts suggest that while traditional passwords are becoming outdated, combining them with new technologies like biometrics and passkeys offers stronger security. Future trends point towards more user-friendly yet robust methods to safeguard digital access.
Blog
What Is the NIST Risk Management Framework (RMF)?
By Antonio Sanchez on Mon, 08/26/2024
The NIST Risk Management Framework, or RMF, is a voluntary 7-step process used to manage information security and privacy risks. By following the NIST RMF, organizations can successfully implement their own risk management programs, maintain compliance, and address the weaknesses that present the greatest danger to their enterprise.
Blog
My Takeaways from Black Hat USA 2024
By Antonio Sanchez on Mon, 08/19/2024
The importance of resilience and business continuity dominated conversations at Black Hat USA 2024. In this blog, security expert Antonio Sanchez shares his take on this year’s event.
Blog
89% of Security Awareness Programs Are Focused on Social Engineering in 2024
By Antonio Sanchez on Thu, 08/15/2024
Cybersecurity experts from over 70 countries share their insights, candor, and challenges when it comes to raising the level of cybersecurity awareness in their organizations. Learn how Fortra’s Terranova Security can help.
Blog
Patch Tuesday Update August 2024
By Tyler Reguly on Thu, 08/15/2024
The three CVSS 9.8 vulnerabilities included in this month’s patch drop are likely to be the first thing that catches anyone’s attention this month. All three are remote, unauthenticated code execution, the very type of vulnerability where we previously would have used the word, “wormable.”
Vulnerability Research
Patch Tuesday Update - August 2024
By Mieng Lim on Tue, 08/13/2024
Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.48.0 and FVM Agent 2.10 releases.Microsoft addressed 86 vulnerabilities in this release, including 7 rated as Critical and 28 Remote Code Execution vulnerabilities.This release also includes fixes for six vulnerabilities that have been exploited in the wild.Microsoft Project Remote Code Execution Vulnerability (CVE-2024-38189...
Blog
Report Reveals Highest Cost of Data Breach Spike Since Pandemic
By Antonio Sanchez on Thu, 08/08/2024
IBM recently released their 2024 Cost of a Data Breach Report, highlighting some of the surprising cost increases and the reasons behind them.