Resources

Blog

Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)

By Ricardo Narvaja on Mon, 09/09/2024

In this blog post, I will explain a vulnerability in the Microsoft Windows Desktop Windows Manager (DWM) Core library that I analyzed when the exploit for Core Impact was being developed. This vulnerability allows an unprivileged attacker to execute code as a DWM user with Integrity System privileges (CVE-2024-30051).Since there was not enough public information at the time to develop the exploit,...

Blog

Going Phishing Isn't Seasonal–Get the Latest Results from 2023's Tournament

By Monica Delyani on Fri, 02/23/2024

Preview the latest global phishing benchmarking results and expert security awareness recommendations from Fortra's Terranova Security 2023 Gone Phishing Tournament.

Blog

Untrustworthy Email in Inboxes Reaches All-Time High

Thu, 06/01/2023

In Q1, the volume of emails classified as malicious or do not engage reached nearly a quarter of all reported emails. This is the highest combined volume of these categories since Fortra’s PhishLabs has documented this data point. Of those classified as malicious, threats considered email impersonation or, those lacking known signatures, made up a significant 98.7%. Every quarter, PhishLabs...

Blog

Six Strategies to Ensure You Give the Right Access to the Right People at the Right Time

Mon, 08/31/2020

Part 2 of the Improving Your Security-Efficiency Balance Series: One of the primary challenges organizations wrestle with in identity governance is how to achieve the right balance in their company between security and efficiency. In Part 1 of the Improving Your Security-Efficiency Balance Series, we examined the unique balancing act organizations face when it comes to user access. In this blog...

Blog

Penetration Testing for Regulatory Compliance

By Bob Erdman on Wed, 06/10/2020

Blog

How To Manage the Pen Testing Skills Shortage

By Bob Erdman on Wed, 05/27/2020

Blog

Silencing the Bells: How a SIEM Can Prevent Alert Fatigue

By Bob Erdman on Tue, 07/30/2019

Find out how Security Information and Event Management (SIEM) solutions can streamline security and prevent alert fatigue.

Blog

Staying Ahead of the Curve: Implementing Privileged Access Management Solutions

Fri, 03/22/2019

Find out why Privileged Access Management (PAM) has become such a priority, and why your organization should stay ahead of the curve and adopt a PAM solution.

Blog

A Precarious Balance: Privileged Users and The Cloud

By Bob Erdman on Tue, 11/20/2018

When it comes to privileged users, do we maintain security at the cost of productivity, or do we increase productivity at the cost of security?

Blog

Cloud Watching: Ensuring Security in Every Cloud Environment

By Bob Erdman on Fri, 11/02/2018

Read on to learn about the different types of cloud environments, and the biggest security obstacle each presents.

Blog

The Shared Responsibility of Cloud Security

By Bob Erdman on Fri, 10/26/2018

The agreement that cloud security is a shared responsibility between cloud providers and cloud users has now firmly taken hold. How those responsibilities shake out, however, is an ongoing conversation.

Blog

A SIEM that Speaks IBM i

Tue, 07/03/2018

Organizations of all sizes can benefit from capturing, logging, and responding to security events in real time, but one important operating system is often overlooked: IBM i.

Blog

Are Employees Undermining Your Data Breach Defenses from the Inside?

Fri, 06/29/2018

The latest Verizon Data Breach Report provides a deeper understanding of the internal threats today's organizations face.

Blog

When Security Becomes a DevOps Blind Spot

By Bob Erdman on Mon, 02/05/2018

One question is often left unasked in DevOps strategy meetings: what about security?

Blog

How to Get Started with NIST 800-171 Compliance

By Kevin Jackson on Fri, 09/22/2017

Are you ready to report your NIST 800-171 compliance status by the end of the year? If you do business with the federal government, you need to comply with SP NIST 800-171 by the end of the year. Now is the time to implement your compliance plan.

Blog

The Benefits of a Self-Healing Network

By Kevin Jackson on Tue, 08/29/2017

Self-healing networks can make your life easier, save you time (and your organization money), and help eliminate downtime through real-time monitoring and automation.

Blog

Speedy Network Remediation with Intermapper and Automate

By Kevin Jackson on Thu, 03/30/2017

Learn how to cut your remediation time from hours to minutes thanks to a seamless interface between two Fortra products, Intermapper and Automate.

Blog

The Top 11 Network Automation Examples

By Kevin Jackson on Mon, 03/27/2017

As your network grows in size and complexity, automation can free up network administrators from repetitive, manual tasks to focus on more strategic, fulfilling projects.

Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)

Going Phishing Isn't Seasonal–Get the Latest Results from 2023's Tournament

Untrustworthy Email in Inboxes Reaches All-Time High

Six Strategies to Ensure You Give the Right Access to the Right People at the Right Time

Penetration Testing for Regulatory Compliance

How To Manage the Pen Testing Skills Shortage

Silencing the Bells: How a SIEM Can Prevent Alert Fatigue

Staying Ahead of the Curve: Implementing Privileged Access Management Solutions

A Precarious Balance: Privileged Users and The Cloud

Cloud Watching: Ensuring Security in Every Cloud Environment

The Shared Responsibility of Cloud Security

A SIEM that Speaks IBM i

Are Employees Undermining Your Data Breach Defenses from the Inside?

When Security Becomes a DevOps Blind Spot

How to Get Started with NIST 800-171 Compliance

The Benefits of a Self-Healing Network

Speedy Network Remediation with Intermapper and Automate

The Top 11 Network Automation Examples

Contact Information

Privacy Policy

Cookie Policy

Impressum