Blog

Blog

Patch Tuesday Update November 2024

By Tyler Reguly on Thu, 11/14/2024

The very first thing we need to talk about today is Microsoft’s adoption of CSAF, Common Security Advisory Framework, which they announced in a blog post.

Blog

What Good Cyber Hygiene Says to Attackers About Your Enterprise

By Antonio Sanchez on Wed, 11/13/2024

Vulnerability Research

Patch Tuesday Update - November 2024

By Mieng Lim on Tue, 11/12/2024

Fortra VM will include the Microsoft Patch Tuesday checks in the NIRV 4.54.0 and FVM Agent 2.15 releases.Microsoft addressed 89 vulnerabilities in this release, including 4 rated as Critical and 51 Remote Code Execution vulnerabilities.This release also includes fixes for two vulnerabilities that have been publicly disclosed and exploited in the wild.CVE-2024-43451 NTLM Hash Disclosure Spoofing...

Blog

Tales from the Trenches: How Did You Know It Was a Scam?

By Bob Erdman on Mon, 11/11/2024

Find out how the experts handle their own inbox perils, and what we can learn from the best.

Blog

The Role of a Chief Information Security Officer in Today’s Information Landscape

Mon, 11/11/2024

The Chief Information Security Officer oversees infosec strategy and implements policies to safeguard enterprise assets from internal and external threats. Learn more about the requirements of a CISO, including the differences between CISOs, CSOs, and CIOs, in this blog.

Blog

Friday Five: Election Consequences, New Workplace Threats, & More

By Robbie Araiza on Fri, 11/08/2024

As President-elect Donald Trump is set to take office in January, learn what he has in store for cyber policy, along with new threats organizations need to watch for, new TSA-proposed regulations, and more in this week's Friday Five.

Blog

BEC Global Insights Report: October 2024

By John Farina on Thu, 11/07/2024

The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.

Blog

What Is Proactive Monitoring? A Complete Guide

By Kevin Jackson on Wed, 11/06/2024

Discover the definition of proactive monitoring, examples of proactive monitoring and early indicators of issues, proactive monitoring best practices, and how to implement proactive monitoring.

Blog

Automated Data Classification: What It Is and How It Works

Mon, 11/04/2024

Automated data classification uses technology and algorithms to categorize and sort data automatically based on predefined criteria. The technology scans various data sets and accurately labels them according to their sensitivity and importance.This is a significant improvement over manual classification, as it is more efficient, less time-consuming,...

Blog

Friday Five: The Next Wave of Regulatory Compliance, Election Scams, & More

By Robbie Araiza on Fri, 11/01/2024

CISA Sees Elimination of 'Bad Practices' as Next Secure-by-Design Step by Matt BrackenThe Cybersecurity and Infrastructure Security Agency (CISA) has made significant strides in its secure-by-design initiative, gaining 230 software vendors' commitments to strengthen security features like multi-factor authentication and reducing default passwords. By shifting security responsibilities to software...

Blog

Where’s the Tipping Point? 6 Signs It’s Time for an MSSP

Wed, 10/30/2024

Explore six signs it’s time for your business to partner with a Managed Security Service Provider (MSSP). From rising security incidents to compliance demands and cost savings, learn how Fortra’s Alert Logic can strengthen your defenses with expert threat intelligence and 24/7 protection.

Blog

Lean into Security: Take the Next Step toward Securing Your Organization

By Antonio Sanchez on Mon, 10/28/2024

Elevating your organization’s security maturity level requires a forward-leaning approach to cybersecurity leadership. This article discusses key security fundamentals, advanced strategies, and steps to assess and build a robust security maturity model that supports business goals.

Blog

Fortra Pledges to be Secure by Design

By Anthony Israel-Davis on Mon, 10/28/2024

Fortra recently signed CISA’s Secure by Design Pledge. Learn what this means to our customers regarding our approach to software development.

Blog

Friday Five: Real-Life Cyber Consequences, New Ransomware Stats, & More

By Robbie Araiza on Fri, 10/25/2024

As ransomware operators continue to expand the impact of their malware, CISA is proposing new requirements to help protect sensitive data, while the SEC is coming down on organizations that downplayed a historical breach. Learn all about these stories and more in this week's Friday Five.CISA Proposes New Security Requirements to Protect GOVT, Personal Data by BILL TOULASCISA has proposed security...

Blog

What Is Portion Marking? A Guide to Information Security Compliance

Fri, 10/25/2024

Portion marking is a document handling method for labeling the classification or sensitivity level of each part in classified or sensitive documents. Individual sections, such as paragraphs, headings, subheadings, figures, tables, etc., are marked to specify their classification level.These markings help ensure that each part of the document is handled, stored, and redacted or declassified...

Blog

Understanding the Zero Trust Security Model to Safeguard Digital Infrastructure

Wed, 10/23/2024

Is your organization prepared for the evolving cybersecurity landscape? The Zero Trust model, developed by Forrester Research, is transforming how businesses protect their networks

Blog

Beyond Good and Eval()

By Cybersecurity Experts at Fortra on Wed, 10/16/2024

Explore the threat of webshells—malicious scripts attackers use to control compromised web servers. Discover the different types of webshells and how they exploit vulnerabilities.

Blog

Why We Can’t Take Supply Chain Attacks Seriously Enough

By Theo Zafirakos on Wed, 10/16/2024

Research suggests that 98% of organizations are currently doing business with a third party that’s been breached. Learn about the main types of supply chain attacks today and the simplest steps to stay safe.

Blog

Secure Access Service Edge (SASE): Moving Beyond Traditional IT Architecture

Tue, 10/15/2024

Learn about Secure Access Service Edge (SASE), its components, and how it enhances network security and performance in a cloud-based service in this week's blog.

Blog

Friday Five: The Vulnerable Healthcare Industry, Workplace Cyber Threats, & More

By Robbie Araiza on Fri, 10/11/2024

HEALTHCARE'S GRIM CYBER PROGNOSIS REQUIRES SECURITY BOOSTER BY ROBERT LEMOSThe healthcare sector is increasingly vulnerable to cyberattacks, particularly ransomware, with 66% of organizations experiencing attacks in the past year, up from 60%. Emerging threats like the Trinity ransomware group are raising alarms, with cyberattacks like theirs disrupting services, exposing sensitive patient data,...

Patch Tuesday Update November 2024

What Good Cyber Hygiene Says to Attackers About Your Enterprise

Patch Tuesday Update - November 2024

Tales from the Trenches: How Did You Know It Was a Scam?

The Role of a Chief Information Security Officer in Today’s Information Landscape

Friday Five: Election Consequences, New Workplace Threats, & More

BEC Global Insights Report: October 2024

What Is Proactive Monitoring? A Complete Guide

Automated Data Classification: What It Is and How It Works

Friday Five: The Next Wave of Regulatory Compliance, Election Scams, & More

Where’s the Tipping Point? 6 Signs It’s Time for an MSSP

Lean into Security: Take the Next Step toward Securing Your Organization

Fortra Pledges to be Secure by Design

Friday Five: Real-Life Cyber Consequences, New Ransomware Stats, & More

What Is Portion Marking? A Guide to Information Security Compliance

Understanding the Zero Trust Security Model to Safeguard Digital Infrastructure

Beyond Good and Eval()

Why We Can’t Take Supply Chain Attacks Seriously Enough

Secure Access Service Edge (SASE): Moving Beyond Traditional IT Architecture

Friday Five: The Vulnerable Healthcare Industry, Workplace Cyber Threats, & More

Privacy Policy

Cookie Policy

Terms of Service

Accessibility

Impressum