Blog
Blog

BEC Global Insights Report: July 2025

By John Farina on Fri, 08/15/2025
The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Blog

What Is Offensive Security?

Fri, 08/15/2025
Defining Offensive SecurityOffensive security is a proactive process that is imperative in modern cybersecurity. The threat landscape is in constant growth and evolution, meaning penetration testing, red teaming, and vulnerability management have become vital. An offensive security approach exposes and closes security gaps before a breach ever occurs. An ethical hacker will employ offensive...
data_breach_costs_drop_for_first_time
Blog

Data Breach Costs Drop for First Time in 5 Years. But Is That the Full Story?

By Katrina Thompson on Thu, 08/14/2025
For the first time in five years, data breach costs are on the decline. This represents faster containment, largely powered by AI. Cybersecurity at large deserves a great pat on the back.But attackers hate being outpaced, and their AI attack rates show it. Despite GenAI only being publicly released (unleashed?) less than 3 years ago, AI-powered attacks now account for 16% of all cyber strikes. To...
medusa-locker-pentesters
Blog

The MedusaLocker ransomware gang is hiring penetration testers

By Graham Cluley on Wed, 08/13/2025
MedusaLocker, the ransomware-as-a-service (RaaS) group that has been active since 2019 is openly recruiting for penetration testers to help it compromise more businesses. As Security Affairs reports, MedusaLocker has posted a job advert on its dark web leak site, which pointedly invites pentesters who already have direct access to corporate networks to make contact."If you don't have access,...
Data Loss Prevention
Red Teaming
Penetration Testing
Patch Tuesday Analysis
Vulnerability Research

August 2025 Patch Tuesday Analysis

By Tyler Reguly on Tue, 08/12/2025
Today’s Patch Tuesday Alert addresses Microsoft’s August 2025 Security Updates. We are actively working on coverage for these vulnerabilities and expect to ship ASPL-1169 as soon as coverage is completed.In-The-Wild & Disclosed CVEsCVE-2025-53779A vulnerability in Windows Server 2025 allows authorized users with access to the msds-groupMSAMembership and msds...
Threat Research & Intelligence
Vulnerability Management
strengthening_federal_cybersecurity_end-to-end_solutions_for_government_agencies
Blog

Strengthening Federal Cybersecurity: End-to-End Solutions for Government Agencies

By Katrina Thompson on Mon, 08/11/2025
Over the next year, domestic and foreign adversaries almost certainly will continue to threaten the integrity of US critical infrastructure,” states the Homeland Threat Assessment 2025. “We are particularly concerned about the credible threat from nation-state cyber actors to US critical infrastructure.” In light of these and other severe threats to U.S. federal agencies, the issue of federal...
financial-compliance-roadmap-for-banks-blog-1200x678-2
Blog

Top Cybersecurity Regulations for Financial Services: Compliance Roadmap for Banks

By Katrina Thompson on Thu, 08/07/2025
What Is Banking Regulatory Compliance?Banking regulatory compliance encompasses adhering to the policies put in place to ensure the stability and integrity of financial systems. These requirements are enacted by government institutions, or governing bodies of financial institutions themselves.Stable economies depend on trustworthy and resilient financial systems. Banking regulations exist to...
Compliance
bankruptcy
Blog

Ransomware plunges insurance company into bankruptcy

By Graham Cluley on Wed, 08/06/2025
A company, which offered insurance and repair services to cell phone owners across Germany, and generated revenues of up to 70 million Euros (US $80 million) has collapsed following a ransomware attack. Einhaus Gruppe, located in Hamm, Nordrhein-Westfalen, was founded in 2003 and had over 5000 sales partners across Germany. And yet, despite the company's success, an attack by the Royal ransomware...
Fortra Patch Priority Index
Blog

Fortra Patch Priority Index for July 2025

By Lane Thames on Wed, 08/06/2025
Fortra's July 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google.Up first on the list are patches for Chromium and Microsoft Edge (Chromium-based) that resolve type confusion, information disclosure, and remote code execution vulnerabilities.Next on the list are patches for Microsoft Office, Word, Excel, PowerPoint, and Teams. These patches resolve...
Vulnerability Management
cybersecurity_regulatory_landscape_in_portugal_a_primer_for_business
Blog

Cybersecurity Regulatory Landscape in Portugal: A Primer for Business

By Kirsten Doyle on Mon, 08/04/2025
The digital world has become a battleground of code and consequence. Cybersecurity no longer hides behind the IT desk. It stands center stage, an operational, legal, and existential concern. In Portugal, as across Europe, the rules are tightening, and the margin for error is shrinking. For global businesses, understanding Portugal’s cybersecurity laws is not a footnote. It’s the headline.The Core...
Compliance
file_integrity_monitoring_in_2025_more_than_just_a_tripwire
Blog

File Integrity Monitoring in 2025: More Than Just a Tripwire

By Chris Hudson on Thu, 07/31/2025
It’s been over a decade that I’ve worked primarily in the world of File Integrity Monitoring and Secure Configuration Management, helping to ensure that hundreds of different companies are able to detect unauthorized or unexpected changes to their configurations.Security has changed a lot over that period, and yet there’s been some surprisingly consistent experiences in the field that I will often...
File Integrity Monitoring (FIM)
Security Configuration Management (SCM)
how_do_you_determine_what_vulnerabilities_to_fix_first
Blog

How Do You Determine What Vulnerabilities to Fix First?

By David Henderson on Tue, 07/29/2025
Security teams don’t suffer from a lack of data. They suffer from a lack of clarity. Every scan, every alert, every dashboard shouts for attention. The result? A wall of red. Thousands of vulnerabilities. Hundreds marked critical. Dozens hitting the same system. Teams are left staring at the mess, asking the only question that matters: Which one do we fix first? That question doesn’t get enough...
Vulnerability Management
cybersecurity_regulatory_landscape_in_chile_a_primer_for_businesses
Blog

Cybersecurity Regulatory Landscape in Chile: A Primer for Businesses  

By Kirsten Doyle on Sun, 07/27/2025
Countries don’t restrict cyber threats; they cross borders in milliseconds, exploiting gaps in governance, visibility, and readiness. As the global cost of digital failure surges, so does the urgency to confront what can no longer be delegated or denied. In Latin America, one country is stepping out in front. Chile isn’t sitting around waiting for disaster to strike; it’s building a legal firewall...
Compliance
Blog

What is SNMP? How SNMP Works

By Kevin Jackson on Wed, 07/23/2025
SNMP is one of the most widely accepted protocols for network monitoring. Here’s a quick summary of what is SNMP, how it works, and why it matters to network professionals.
Monitoring
phobos
Blog

Free decryptor for victims of Phobos ransomware released

By Graham Cluley on Wed, 07/23/2025
There is good news for any organisation which has been hit by the Phobos ransomware. Japanese police have released a free decryptor capable of recovering files encrypted by both the notorious Phobos ransomware, and its offshoot 8Base. What is Phobos Ransomware?Phobos first emerged in late 2018, as a ransomware-as-a-service (RaaS) operation, working with affiliates to demand payment from victims...
stop_cyber_threats_before_they_cost_you_protecting_financial_services_with_fortra
Blog

Stop Cyber Threats Before They Cost You: Protecting Financial Services with Fortra

By Katrina Thompson on Tue, 07/22/2025
Two in three financial institutions faced cyberattacks in 2024, and that trend shows little sign of letting up. Because of their valuable data – hooked conveniently to direct financial information – FinServ organizations are perennial targets for hungry attackers. But this isn’t news to anybody. Financial institutions understand the threats, and for the most part, they are some of the most...
Email Security & Anti-Phishing
Brand Protection
Compliance
Data Loss Prevention
Vulnerability Management
File Integrity Monitoring (FIM)
Penetration Testing