Resources

Live Webinar
Join GoAnywhere’s leadership team for a packed hour covering:Preview of GoAnywhere 2025 releasesWhat’s new in GoAnywhere from the second half of this yearA look at Fortra Threat Brain (a multi-vector hub of verified threat intelligence)Answers to your most common GoAnywhere questions ...
Live Webinar
The popularity of cloud-based file sharing services such as AWS, Dropbox, and OneDrive is undeniable. However, these user-friendly solutions come with some critical security drawbacks.Join Scott Messick, Lead Solutions Engineer, Fortra Dec. 12, as he discusses the pros and cons of cloud file sharing and introduce the advantages secure, managed file transfer (MFT) offers for...
Blog

How to Proactively Harden Your Environment Against Compromised Credentials

How many user accounts do you have? Emails, social media, online shopping, streaming services—and that doesn’t even begin to account for professional logins. By the time you add them all up, it’s likely one hundred or more unique accounts.According to NordPass, the average user maintains an average of 168 logins for personal purposes, and no less than 87 for the workplace. This is an extraordinary...
Live Event
Join us as we proudly sponsor the VMUG UserCon on November 13th! Swing by for a chat about MFT and see how we can help with your IT problems. Haven’t secured your spot yet? It’s free! ...
News Article

Dark Reading: Novel Exploit Chain Enables Windows UAC Bypass

​​Fortra's security research team has identified a novel exploit chain, tracked as CVE-2024-6769, which allows attackers to bypass Windows User Access Control (UAC) and escalate privileges to gain full system control.
News Article

​​CSO: Microsoft privilege escalation issue forces the debate: ‘When is something a security hole?’​

​​CSO covered Fortra’s disclosure of a Microsoft privilege escalation issue that allows attackers to bypass UAC prompts. Fortra's Tyler Reguly explained that this bypass removes key security checks, posing a risk. Microsoft disagrees, calling it a convenience issue, but the debate continues.​
Blog

BEC Global Insights Report: September 2024

The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Live Event
Join us as we proudly sponsor the VMUG UserCon on October 24th! Swing by for a chat about MFT and see how we can help with your IT problems. Haven’t secured your spot yet? It’s free! ...
Blog

CVE-2024-6769: Poisoning the Activation Cache to Elevate From Medium to High Integrity

This blog is about two chained bugs: Stage one is a DLL Hijacking bug caused by the remapping of ROOT drive and stage two is an Activation Cache Poisoning bug managed by the CSRSS server.The first stage was presented in detail at Ekoparty 2023 in the presentation called "I'm High" by Nicolás Economou from BlueFrost Security. He explained how to exploit the vulnerability which, at the time, had not...
Blog

BEC Global Insights Report: August 2024

The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Guide

Decoding the Attacker Mindset: Pen Testing Revelations

Cybersecurity isn't just about defense—it's about understanding the offense. With penetration testing, organizations can learn to think like an attacker and develop more proactive strategies that anticipate attacks. In this guide, explore 5 scenarios that provide insight into the methods and techniques deployed in real-world pen testing engagements, including: Using a password spray attack to...
Blog

Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)

In this blog post, I will explain a vulnerability in the Microsoft Windows Desktop Windows Manager (DWM) Core library that I analyzed when the exploit for Core Impact was being developed. This vulnerability allows an unprivileged attacker to execute code as a DWM user with Integrity System privileges (CVE-2024-30051).Since there was not enough public information at the time to develop the exploit,...
News Article

How to Fortify Defenses Before Threats Materialize

Cyber threats are becoming more sophisticated and frequent, yet many organizations still face challenges due to limited resources. In ITSecurityWire, Fortra's Chris Reffkin highlights prioritizing remediation, closing the skills gap, and ongoing improvement.
Blog

What Is the NIST Risk Management Framework (RMF)?

The NIST Risk Management Framework, or RMF, is a voluntary 7-step process used to manage information security and privacy risks. By following the NIST RMF, organizations can successfully implement their own risk management programs, maintain compliance, and address the weaknesses that present the greatest danger to their enterprise.
Datasheet

Fortra’s Email Security Bundles Datasheet

Fortra Email Security makes it easy to deploy interoperable layers of defense that span the entire threat lifecycle from pre-delivery staging to post-delivery via an integrated solution that automates phish reporting, triage, and remediation.