Resources

Blog

Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)

By Ricardo Narvaja on Mon, 09/09/2024

In this blog post, I will explain a vulnerability in the Microsoft Windows Desktop Windows Manager (DWM) Core library that I analyzed when the exploit for Core Impact was being developed. This vulnerability allows an unprivileged attacker to execute code as a DWM user with Integrity System privileges (CVE-2024-30051).Since there was not enough public information at the time to develop the exploit,...

News Article

Techopedia: FishXProxy: Dark Web’s Next-Gen ‘Ultimate Phishing Toolkit’ Alarms Experts

By Michael Tyler on Fri, 08/02/2024

In this Techopedia article, Michael Tyler discusses new phishing malware kit FishXProxy.

Guide

Guide to Creating a Proactive Cybersecurity Strategy

Cyber attacks are common, with 89% of companies experiencing an attack in the last 12 months*. It’s time to stop asking if attacks will occur and start asking if you can stop attacks from being successful. One of the best ways to answer this question is by employing a proactive security program. Using assessment and testing to harden your cybersecurity measures, proactive security: Uncovers...

News Article

Cyber Defense Magazine: New Phishing Campaign Using AI Generated Emails, Human Live Chat to Target Social Media Business Accounts

By Michael Tyler on Fri, 06/28/2024

In this Cyber Defense Magazine article, Michael Tyler, Sr. Director of Security Operations at Fortra, discusses a sophisticated phishing campaign targeting Meta business accounts. He explains the tactics behind the campaign and shares tips to protect against it.

News Article

Best Life: How to Identify Phishing Emails

Fri, 06/14/2024

Struggling to identify phishing emails? Theo Zafirakos shared valuable tips on how to spot email scams and stay safe.

Guide

How to Use Upskilling and Reskilling to Scale Your Cybersecurity Team

The cybersecurity skills shortage is not just an ongoing inconvenience—it is a serious vulnerability that can be exploited by attackers. But how can organizations go about patching this gap while the talent gap endures? The answer lies in leveraging the resources you already have on hand: your existing workforce. How do you transform your existing personnel to meet today’s cybersecurity demands?...

News Article

The Register: Prolific Phishing-Made-Easy Emporium LabHost Knocked Offline in Cyber-Cop Op

Tue, 05/07/2024

Global Police Operation has taken down a major PhaaS provider, LabHost. Fortra provided details on the platform’s North American and international subscription packages.

News Article

The Hacker News: Global Police Operation Disrupts 'LabHost' Phishing Service

Tue, 05/07/2024

One of the largest Phishing-as-a-Service (PhaaS) providers, LabHost was disrupted with over 30 people arrested worldwide.

News Article

BleepingComputer: LabHost Phishing Service With 40,000 Domains Disrupted, 37 Arrested

Tue, 05/07/2024

A major phishing service with over 40,000 domains was disrupted in a year-long global law enforcement operation.

News Article

ConsumerAffairs: Verizon Is the Target of Massive Phishing Attempt

By John Wilson on Tue, 05/07/2024

Recently, Fortra has observed phishing campaigns targeting Verizon customers. John Wilson spoke with ConsumerAffairs and shared tips on how to stay safe.

News Article

FOX59 News: Major Phishing Attempt Targeting Verizon Customers

Tue, 05/07/2024

Fortra is warning Verizon customers to be on the lookout for a phishing campaign.

News Article

Yahoo Tech: Major Phishing Attempt Targeting Verizon Customers

Tue, 05/07/2024

Verizon consumers are being targeted in a phishing campaign. Scammers have found ways to bypass traditional email security gateways and land in inboxes instead of junk folders.

News Article

Help Net Security: Cybercriminal Adoption of Browser Fingerprinting

Wed, 04/17/2024

Browser fingerprinting has been used by legitimate organizations to uniquely identify web browsers for nearly 15 years. In this article, Kevin Cryan explains browser fingerprinting and how cybercriminals exploit it.

News Article

The AI Journal: From Criminal Pastime to Cybersecurity Tool

Thu, 03/14/2024

Ethical hacking has become one of the most powerful tools for preventing cyber threats. Kyle Gaertner spoke with The AI Journal about the tool's importance.

News Article

IT Nerd: Phishing-as-a-Service group LabHost Targeting Canadian Banks

Mon, 03/04/2024

Fortra is tracking activity connected with the Phishing-as-a-Service group Labhost as threat actors target Canadian banks. Originally published in IT Nerd. Excerpt: “Throughout 2022 and 2023, Fortra has observed phishing attacks connected with Phishing-as-a-Service groups growing as threat actors use the tools provided through membership services to launch a variety of campaigns. The...

News Article

IT Nerd: Tips to Safeguard Against Tax Vishing Scams

By John Wilson on Fri, 03/01/2024

Tax-related phishing and vishing scams are rising during tax season. John Wilson shares valuable tips on how to spot those scams and stay safe.

Blog

Going Phishing Isn't Seasonal–Get the Latest Results from 2023's Tournament

By Monica Delyani on Fri, 02/23/2024

Preview the latest global phishing benchmarking results and expert security awareness recommendations from Fortra's Terranova Security 2023 Gone Phishing Tournament.

News Article

CSO Online: 8 Things That Should Be in a Company BEC Policy Document

By Chris Reffkin on Tue, 02/20/2024

Organizations should consider creating business email compromise policies to minimize risks as BEC attacks increase and become more sophisticated. Chris Reffkin spoke to CSO Online about the best practices of a BEC policy guide.

News Article

Cyber Defense Magazine: AI Is Revolutionizing Phishing for Both Sides

By Antonio Sanchez on Fri, 02/16/2024

AI is changing the game of phishing and making attacks sharper than ever. Combining AI capabilities with the human mind might be the secret to staying on top of the game.

Guide

Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)

Techopedia: FishXProxy: Dark Web’s Next-Gen ‘Ultimate Phishing Toolkit’ Alarms Experts

Guide to Creating a Proactive Cybersecurity Strategy

Cyber Defense Magazine: New Phishing Campaign Using AI Generated Emails, Human Live Chat to Target Social Media Business Accounts

Best Life: How to Identify Phishing Emails

How to Use Upskilling and Reskilling to Scale Your Cybersecurity Team

The Register: Prolific Phishing-Made-Easy Emporium LabHost Knocked Offline in Cyber-Cop Op

The Hacker News: Global Police Operation Disrupts 'LabHost' Phishing Service

BleepingComputer: LabHost Phishing Service With 40,000 Domains Disrupted, 37 Arrested

ConsumerAffairs: Verizon Is the Target of Massive Phishing Attempt

FOX59 News: Major Phishing Attempt Targeting Verizon Customers

Yahoo Tech: Major Phishing Attempt Targeting Verizon Customers

Help Net Security: Cybercriminal Adoption of Browser Fingerprinting

The AI Journal: From Criminal Pastime to Cybersecurity Tool

IT Nerd: Phishing-as-a-Service group LabHost Targeting Canadian Banks

IT Nerd: Tips to Safeguard Against Tax Vishing Scams

Going Phishing Isn't Seasonal–Get the Latest Results from 2023's Tournament

CSO Online: 8 Things That Should Be in a Company BEC Policy Document

Cyber Defense Magazine: AI Is Revolutionizing Phishing for Both Sides

2024 Fortra State of Cybersecurity Survey Results Guide

Contact Information

Privacy Policy

Cookie Policy

Impressum