Resources

News Article

Dark Reading: Novel Exploit Chain Enables Windows UAC Bypass

​​Fortra's security research team has identified a novel exploit chain, tracked as CVE-2024-6769, which allows attackers to bypass Windows User Access Control (UAC) and escalate privileges to gain full system control.
News Article

​​CSO: Microsoft privilege escalation issue forces the debate: ‘When is something a security hole?’​

​​CSO covered Fortra’s disclosure of a Microsoft privilege escalation issue that allows attackers to bypass UAC prompts. Fortra's Tyler Reguly explained that this bypass removes key security checks, posing a risk. Microsoft disagrees, calling it a convenience issue, but the debate continues.​
Blog

CVE-2024-6769: Poisoning the Activation Cache to Elevate From Medium to High Integrity

This blog is about two chained bugs: Stage one is a DLL Hijacking bug caused by the remapping of ROOT drive and stage two is an Activation Cache Poisoning bug managed by the CSRSS server.The first stage was presented in detail at Ekoparty 2023 in the presentation called "I'm High" by Nicolás Economou from BlueFrost Security. He explained how to exploit the vulnerability which, at the time, had not...
Guide

Decoding the Attacker Mindset: Pen Testing Revelations

Cybersecurity isn't just about defense—it's about understanding the offense. With penetration testing, organizations can learn to think like an attacker and develop more proactive strategies that anticipate attacks. In this guide, explore 5 scenarios that provide insight into the methods and techniques deployed in real-world pen testing engagements, including: Using a password spray attack to...
Guide

Fortra's Complete Guide to Layered Offensive Security

Most organizations have a decent understanding of the types of defensive security tactics they need to employ to thwart cyberattacks. But offensive security techniques are just as important for detecting existing vulnerabilities that a threat actor has yet to discover and exploit. Learn how to approach offensive security from the ground up, including the value of using a layered security...
Datasheet

Offensive Security - Elite Bundle

Fortra Vulnerability Management (formerly Frontline VM™), Core Impact, and Cobalt Strike are three powerful security tools that evaluate the security of their environments in order to better identify security vulnerabilities and predict their potential impact. Though they all share the same goal of proactively assessing risk, they are still distinct tools with distinguishing features that...
Datasheet

Offensive Security - Essentials Bundle

Fortra Vulnerability Management (formerly Frontline VM™) and Core Impact are two robust security tools designed to evaluate business critical networks and infrastructure for security vulnerabilities.Though both tools work to identify and prioritize security weaknesses, each offers unique strengths and distinct features. Fortra VM is a SaaS vulnerability management solution, mostly used for...
Datasheet

Offensive Security - Advanced Bundle

Core Impact and Cobalt Strike are two powerful tools that help organizations assess the security of their environments. Though they share the same goal of providing insights to help bolster security efforts, they are otherwise distinct tools with unique features.Core Impact is a penetration testing tool, primarily used for exploitation and lateral movements in various environments. Cobalt Strike,...
Blog

Six Strategies to Ensure You Give the Right Access to the Right People at the Right Time

Part 2 of the Improving Your Security-Efficiency Balance Series: One of the primary challenges organizations wrestle with in identity governance is how to achieve the right balance in their company between security and efficiency. In Part 1 of the Improving Your Security-Efficiency Balance Series, we examined the unique balancing act organizations face when it comes to user access. In this blog...
Article

Sudo or SuDon't: Manage Your Privileged Command Execution and Sudo Policies

System admins need root level authority at all times, system operations staff needs periodic database and application account authority, and security admins needing to protect the environment are some of the few of the challenges of managing privilege in the enterprise server infrastructure. Read this article to learn more about Sudo alternatives.