Blog
Your Taxes Are Done but the Scammers Aren’t
By Meriam Senouci on Wed, 04/16/2025
This blog conducts a deep dive into a recent and widespread tax scam identified through Fortra’s threat research. It offers the reader a detailed analysis into the email lure and provides insights with predictions into how these scammers can continue targeting victims even after the tax deadline has passed.
Blog
What Are the Cyber Kill Chain Stages? Stage Five: Installation
By Meriam Senouci on Wed, 04/16/2025
The fifth stage of the cyber kill chain is one of the hardest to detect. Find out how attackers install sneaky backdoors and secretly secure control of your systems.
Blog
RansomHouse Ransomware: What You Need To Know
By Graham Cluley on Tue, 04/15/2025
What is RansomHouse?RansomHouse is a cybercrime operation that follows a Ransomware-as-a-Service (RaaS) business model, where affiliates (who do not require technical skills of their own) use the ransomware operator's infrastructure to extort money from victims. So they are a bog-standard ransomware gang?Not quite. Many ransomware operations encrypt and steal your data, demanding a ransom for a...
Blog
What Are the Cyber Kill Chain Stages? Stage Four: Exploitation
By Meriam Senouci on Thu, 04/10/2025
The exploitation phase of the cyber kill chain is when attackers leverage vulnerabilities to execute malicious code and gain unauthorized access. This blog explores common exploitation techniques, real-world examples, and practical mitigation strategies to protect your organization.
Blog
What Are the Cyber Kill Chain Stages? Stage Three: Delivery
By Meriam Senouci on Thu, 04/10/2025
This blog delves into the delivery stage of the cyber kill chain, where attackers transition from preparation to launching their payloads. It highlights common attack methods, proactive security measures, and how Fortra helps mitigate these cyber threats.
Vulnerability Research
Patch Tuesday Update - December 2024
By Mieng Lim on Wed, 04/09/2025
Fortra Vulnerability Management will include the Microsoft Patch Tuesday checks in the NIRV 4.56.0 and FVM Agent 2.17.Microsoft addressed 70 vulnerabilities this release, including 16 rated as Critical.CVE-2024-49138 - Microsoft has disclosed an actively exploited vulnerability that allows attackers to gain SYSTEM privileges on Windows devices. No further information is provided from Microsoft on...
Blog
What Are the Cyber Kill Chain Stages? Stage Two: Weaponization
By Meriam Senouci on Mon, 04/07/2025
Weaponization is the second phase of the cyber kill chain where attackers create malicious payloads to exploit vulnerabilities. This blog covers the types of weaponization, prevention strategies, and how Fortra can help protect your organization.
Blog
What Are the Cyber Kill Chain Stages? Stage One: Reconnaissance
By Meriam Senouci on Thu, 04/03/2025
Despite an evolving threat landscape, today’s attackers still rely heavily on the cyber kill chain to do their dirty work. Understanding the reconnaissance phase will help you know where these attacks begin and how to stop them at their onset.
Blog
Bi-weekly Cyber Landscape Reviews - March 25th 2025
By Meriam Senouci on Wed, 04/02/2025
A bi-weekly summary of the latest news, trends, and shifts within the cybersecurity threat landscape.
Blog
What Is Network Infrastructure?
By Kevin Jackson on Mon, 03/10/2025
Discover the definition of network infrastructure, what it consists of, and what you can do to monitor and manage it.
Blog
BEC Global Insights Report: February 2025
By John Farina on Fri, 03/07/2025
The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Blog
BEC Global Insights Report: March 2025
By John Farina on Fri, 03/07/2025
The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Blog
Tripwire Patch Priority Index for February 2025
By Lane Thames on Wed, 03/05/2025
Tripwire's February 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.Up first on the list are patches for Microsoft Edge (Chromium-based) that resolve 4 remote code execution and 2 spoofing vulnerabilities.Next on the list are patches for Microsoft Office and Excel. These patches resolve 8 issues such as remote code execution and information disclosure...
Blog
Bi-weekly Cyber Landscape Reviews - March 3rd 2025
By Meriam Senouci on Mon, 03/03/2025
A bi-weekly summary of the latest news, trends, and shifts within the cybersecurity threat landscape.
Blog
Learn About the EU’s DORA Financial Regulation
By Meriam Senouci on Thu, 02/20/2025
Find out how DORA’s financial security requirements apply to businesses operating in the EU, and how Fortra can help! Read more
Blog
Bi-weekly Cyber Landscape Reviews - Feb 14th 2025
By Meriam Senouci on Fri, 02/14/2025
A bi-weekly summary of the latest news, trends, and shifts within the cybersecurity threat landscape.
Blog
Patch Tuesday Update February 2025
By Tyler Reguly on Thu, 02/13/2025
After dumping patches on us last month, Microsoft must have felt sorry for us this month because, size-wise, we’re only getting 38% of the updates we had last month.
Blog
Cybersecurity Trends to Watch in 2025 from Fortra’s Annual Cybersecurity Survey
By Meriam Senouci on Wed, 02/12/2025
The shift is underway: the biggest cybersecurity trends of 2025 revolve around social engineering, phishing, and things that have been directly impacted by evolving technologies.
Blog
Optimize Your PCI DSS 4.0 Compliance with Fortra Managed WAF
By Cybersecurity Experts at Fortra on Tue, 02/11/2025
If your organization accepts credit cards online, you likely know about PCI compliance. You also may be aware of PCI DSS 4.0, which introduces new requirements that must be met by March 31, 2025. A web application firewall (WAF) with client-side protection is an excellent solution for meeting the web application requirements, particularly PCI DSS 4.0 Requirements 6.4.2, 6.4.3, and 11.6.1.Why is...