Blog
Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)
By Ricardo Narvaja on Mon, 09/09/2024
In this blog post, I will explain a vulnerability in the Microsoft Windows Desktop Windows Manager (DWM) Core library that I analyzed when the exploit for Core Impact was being developed. This vulnerability allows an unprivileged attacker to execute code as a DWM user with Integrity System privileges (CVE-2024-30051).Since there was not enough public information at the time to develop the exploit,...
Guide
Guide to Creating a Proactive Cybersecurity Strategy
Cyber attacks are common, with 89% of companies experiencing an attack in the last 12 months*. It’s time to stop asking if attacks will occur and start asking if you can stop attacks from being successful. One of the best ways to answer this question is by employing a proactive security program. Using assessment and testing to harden your cybersecurity measures, proactive security: Uncovers...
Guide
How to Use Upskilling and Reskilling to Scale Your Cybersecurity Team
The cybersecurity skills shortage is not just an ongoing inconvenience—it is a serious vulnerability that can be exploited by attackers. But how can organizations go about patching this gap while the talent gap endures? The answer lies in leveraging the resources you already have on hand: your existing workforce. How do you transform your existing personnel to meet today’s cybersecurity demands?...
News Article
The AI Journal: From Criminal Pastime to Cybersecurity Tool
Thu, 03/14/2024
Ethical hacking has become one of the most powerful tools for preventing cyber threats. Kyle Gaertner spoke with The AI Journal about the tool's importance.
Guide
Fortra's Complete Guide to Layered Offensive Security
Most organizations have a decent understanding of the types of defensive security tactics they need to employ to thwart cyberattacks. But offensive security techniques are just as important for detecting existing vulnerabilities that a threat actor has yet to discover and exploit.
Learn how to approach offensive security from the ground up, including the value of using a layered security...
Datasheet
How Fortra Supports the Zero Trust Journey
What Zero Trust means, tips for getting started, and how Fortra solutions support your Zero Trust security journey.
Datasheet
Advanced Red Team Bundle
Core Impact, Cobalt Strike, and Outflank Security Tooling (OST) are three powerful security solutions that use the same techniques as today’s threat actors in order to safely evaluate organizational infrastructures and provide guidance on closing security gaps, enhancing defenses, and creating more resilient security strategies.
Core Impact is an automated penetration testing tool, typically...
On-Demand Webinar
Fortra’s Penetration Testing Solution for Offensive Security
By Nick Hogg
Cybersecurity is no longer a one-dimensional, defensive only mind-set. Attacks have become multi-pronged and organizational security solutions also need to act offensively. Proactive, layered offensive security should include multiple security solutions, including penetration testing, to uncover security risks before they’re exploited.
Fortra’s Core Impact enables security teams to go on the...
On-Demand Webinar
Fortra’s Vulnerability Management Solutions for Proactive Security
By Nick Hogg
Cybersecurity needs have grown well beyond antiviruses and firewalls. Proactive, offensive security measures are crucial to help avoid the damaging effects of an attack, including customer and credibility loss, compliance penalties, and expensive corrective security actions.
Fortra Vulnerability Manager, formerly Frontline VM, and beSTORM Dynamic Application Black Box Fuzzer can save your team...
On-Demand Webinar
Automating Your Microsoft Applications with RPA
Thu, 12/10/2020
If your business relies on Microsoft applications like Excel, Word, SharePoint, Active Directory, and others, you could be saving hours by automating. Watch this webinar to learn how to easily automate your Microsoft applications with robotic process automation.
Blog
Six Strategies to Ensure You Give the Right Access to the Right People at the Right Time
Mon, 08/31/2020
Part 2 of the Improving Your Security-Efficiency Balance Series:
One of the primary challenges organizations wrestle with in identity governance is how to achieve the right balance in their company between security and efficiency. In Part 1 of the Improving Your Security-Efficiency Balance Series, we examined the unique balancing act organizations face when it comes to user access. In this blog...
Article
RPA Use Case: Automating CRM Reports
Thu, 12/12/2019
Text
Reporting is a vital part of any business. Without data pulled from critical business systems, people can’t make informed decisions that help grow their business. RPA plays a key role in helping businesses retrieve time lost to pulling and parsing data. There...
On-Demand Webinar
The Rise of Insider Threats and How to Prevent Them
By Bob Erdman
Watch this webinar to get actionable advice on how to keep insider threats out of your organization. Learn about important, achievable strategies
Blog
Silencing the Bells: How a SIEM Can Prevent Alert Fatigue
By Bob Erdman on Tue, 07/30/2019
Find out how Security Information and Event Management (SIEM) solutions can streamline security and prevent alert fatigue.