Resources

News Article

VM Blog: Expert Insights on National Insider Threat Awareness Month

Insider threats—whether intentional or accidental—can have devastating effects on businesses of all sizes. Antonio Sanchez of Fortra, along with other industry experts, shares key insights into the evolving landscape of insider threats and offers strategies for mitigating these risks.
Live Event
Join us as we proudly sponsor the VMUG UserCon on October 24th! Swing by for a chat about MFT and see how we can help with your IT problems. Haven’t secured your spot yet? It’s free! ...
Blog

CVE-2024-6769: Poisoning the Activation Cache to Elevate From Medium to High Integrity

This blog is about two chained bugs: Stage one is a DLL Hijacking bug caused by the remapping of ROOT drive and stage two is an Activation Cache Poisoning bug managed by the CSRSS server.The first stage was presented in detail at Ekoparty 2023 in the presentation called "I'm High" by Nicolás Economou from BlueFrost Security. He explained how to exploit the vulnerability which, at the time, had not...
Blog

BEC Global Insights Report: August 2024

The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Live Event
Despite being around for 20 years and at the forefront of protecting organisations’ sensitive data, Data Loss Prevention programs still struggle to keep pace with ever-changing organisational requirements. Before you know it, your two most precious resources—time and money—are down the drain. To make matters worse, at the same time, the risk to data security just keeps getting...
Live Event
Despite being around for 20 years and at the forefront of protecting organisations’ sensitive data, Data Loss Prevention programs still struggle to keep pace with ever-changing organisational requirements. Before you know it, your two most precious resources—time and money—are down the drain. To make matters worse, at the same time, the risk to data security just keeps getting...
On-Demand Webinar

Gaining a Competitive Edge with Outsourced Red Team Tooling from Outflank

With a dynamic threat landscape and increasingly advanced defenses, red teaming is more challenging than ever. As a result, many teams have found themselves spending more time creating tools that require constant modifications, diverting valuable resources away from actual engagements.Outsourcing these tasks can not only save time, it can also provide access to experts that are dedicated to...
Live Webinar
Understanding your organization's document lifecycle is the first step in implementing a document management strategy that can bolster your security and compliance efforts. Join our webinar on October 29th to learn more.
Blog

3 Ways Malware Can Reach Your IFS

It's true that IBM i can't be infected by a PC virus. It's also true that the IFS can act as a host and spread malicious programs throughout your environment.
Guide

Decoding the Attacker Mindset: Pen Testing Revelations

Cybersecurity isn't just about defense—it's about understanding the offense. With penetration testing, organizations can learn to think like an attacker and develop more proactive strategies that anticipate attacks. In this guide, explore 5 scenarios that provide insight into the methods and techniques deployed in real-world pen testing engagements, including: Using a password spray attack to...