Apache Log4j2 Security AdvisoryDigital Defense by Fortra's Vulnerability Research Team (VRT) is aware of a recently disclosed security issue related to the open-source Apache “Log4j2” utility (CVE-2021-44228). Log4j is a logging framework found in Java software. The flaw is tied to a failure by certain features in the Java Naming and Directory Interface (JNDI) which is used in configuration, log...

Keeping your organization protected from web application vulnerabilities doesn't have to be complicated. There are some best secure coding practices that you can follow to ensure that you're protecting your customers and preventing cyber criminals from damaging your company. ...

Addressing an organization’s data security challenges requires some heavy lifting – no question about it. Rather than cobble together a piecemeal solution strategy, rely on trusted, integrated, and scalable data security solutions.

In this blog, Steph Charbonneau, Senior Director of Industry Strategy at Fortra, talks you through some of the most valuable aspects of data protection and how to measure success of your organizational programs.

In the modern world, cybersecurity is no longer a fringe concern reserved for larger organizations. Companies of all sizes in every industry are on high alert, given cyber attacks know no bounds. As attack vectors expand and vulnerabilities increase, vulnerability management has risen to the forefront of security solutions to help organizations shore up network and application security...

Credit Union Cybersecurity Pain PointsAccording to Federal Reserve Chairman Jerome Powell, cyberattacks are one of the greatest risks to our global financial system. These risks have only increased as online financial transactions rise. For credit union cybersecurity, this means the effort required to protect member data is increasing and growing even more challenging.Direct attacks on credit...

Headlines are screaming with ransomware attacks and the ever-increasing payout demands. In May, Colonial Pipeline fell under a substantial ransomware attack that shut down production along the East coast, affecting oil prices worldwide. Colonial Pipeline disclosed they paid out $4.4 Million in Bitcoin to restore files because they could not recover quickly enough otherwise.Ransomware’s Terrifying...

If you find yourself concerned about your organization’s current cybersecurity efforts, you’re not alone. According to Yahoo.com, nearly four out of five executives lack confidence in their current cybersecurity posture. In response, 91% of these companies are increasing their cybersecurity spending in 2021.If upping your IT budget is not one of your top priorities, it’s crucial to consider the...

In the last decade, there have been 633 automotive cybersecurity incidents. Yet, this year at Black Hat, the automobile industry was able to breathe a momentary sigh of relief when a connected vehicle was presented as a hacking challenge, and no one succeeded. This stood in stark contrast to 2015 when researchers demonstrated the real danger of automotive cyber-attacks by hijacking a jeep remotely...

As the years go by, cyber attackers have regularly shifted their targets. In doing so, they have honed their craft to carry out attacks in a much more sophisticated manner. Unfortunately, this has transitioned focus from relatively smaller scams targeting individuals, to full scale heists on institutions in the hopes of a much larger payout. Financial institutions are at the top of the list, being...

The COVID-19 pandemic left its indelible mark across our society. Our work, recreation, healthcare, and even grocery shopping became remote, digital, and reliant on the internet. The eruption of new apps and Internet of Things (IoT) devices proved a tempting target for cyber attackers; that brought security issues new and old to the fore.IoT Devices are EverywhereIoT device use was expanding even...

Productive cybersecurity conversations are more critical than ever as vulnerabilities continue to grow every year. Support from business leaders, including the board and C-suite, is essential to building organizational awareness and cultivating cross-divisional partnerships. Unfortunately, communicating about cybersecurity can be a challenge for many IT professionals. Sometimes stakeholders lack...

Preventable AttacksAnother day, another data breach. Cybercrime is on the rise, and the only way to stop a cyberattack is to think like an attacker. In many cases, the bad actor’s first step is scanning the victim’s systems for vulnerabilities that allow them to gain a foothold. According to Forrester’s State of Application Security, 39% of external attacks exploited holes found in web...

Boost Your Security Posture Without Breaking Your BudgetHeadlines scream about a new cyberattack every few days, and organizations worldwide scramble to buff their cybersecurity posture. Welcome to the era of high-stakes hacking, and high-profile breaches. No one wants to be the next big news story, but robust cybersecurity comes at a price.You can do everything with a big enough budget. But that...

CTOs and IT managers are no strangers to risk assessment and the urgent need to keep security frameworks up-to-date and effective. But in recent years, the surge in cloud and hybrid solutions has greatly complicated matters. Additionally, the COVID-19 pandemic brought a frantic shift to remote work, resulting in more scattered and ad-hoc hardware outside of corporate control, among other changes...