Resources

Blog

Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)

By Ricardo Narvaja on Mon, 09/09/2024

In this blog post, I will explain a vulnerability in the Microsoft Windows Desktop Windows Manager (DWM) Core library that I analyzed when the exploit for Core Impact was being developed. This vulnerability allows an unprivileged attacker to execute code as a DWM user with Integrity System privileges (CVE-2024-30051).Since there was not enough public information at the time to develop the exploit,...

Blog

Going Phishing Isn't Seasonal–Get the Latest Results from 2023's Tournament

By Monica Delyani on Fri, 02/23/2024

Preview the latest global phishing benchmarking results and expert security awareness recommendations from Fortra's Terranova Security 2023 Gone Phishing Tournament.

Blog

Untrustworthy Email in Inboxes Reaches All-Time High

Thu, 06/01/2023

In Q1, the volume of emails classified as malicious or do not engage reached nearly a quarter of all reported emails. This is the highest combined volume of these categories since Fortra’s PhishLabs has documented this data point. Of those classified as malicious, threats considered email impersonation or, those lacking known signatures, made up a significant 98.7%. Every quarter, PhishLabs...

Blog

Six Strategies to Ensure You Give the Right Access to the Right People at the Right Time

Mon, 08/31/2020

Part 2 of the Improving Your Security-Efficiency Balance Series: One of the primary challenges organizations wrestle with in identity governance is how to achieve the right balance in their company between security and efficiency. In Part 1 of the Improving Your Security-Efficiency Balance Series, we examined the unique balancing act organizations face when it comes to user access. In this blog...

Blog

Penetration Testing for Regulatory Compliance

By Bob Erdman on Wed, 06/10/2020

Blog

How To Manage the Pen Testing Skills Shortage

By Bob Erdman on Wed, 05/27/2020

Blog

Silencing the Bells: How a SIEM Can Prevent Alert Fatigue

By Bob Erdman on Tue, 07/30/2019

Find out how Security Information and Event Management (SIEM) solutions can streamline security and prevent alert fatigue.

Blog

Staying Ahead of the Curve: Implementing Privileged Access Management Solutions

Fri, 03/22/2019

Find out why Privileged Access Management (PAM) has become such a priority, and why your organization should stay ahead of the curve and adopt a PAM solution.

Blog

A Precarious Balance: Privileged Users and The Cloud

By Bob Erdman on Tue, 11/20/2018

When it comes to privileged users, do we maintain security at the cost of productivity, or do we increase productivity at the cost of security?

Blog

Cloud Watching: Ensuring Security in Every Cloud Environment

By Bob Erdman on Fri, 11/02/2018

Read on to learn about the different types of cloud environments, and the biggest security obstacle each presents.

Blog

The Shared Responsibility of Cloud Security

By Bob Erdman on Fri, 10/26/2018

The agreement that cloud security is a shared responsibility between cloud providers and cloud users has now firmly taken hold. How those responsibilities shake out, however, is an ongoing conversation.

Blog

A SIEM that Speaks IBM i

Tue, 07/03/2018

Organizations of all sizes can benefit from capturing, logging, and responding to security events in real time, but one important operating system is often overlooked: IBM i.

Blog

Are Employees Undermining Your Data Breach Defenses from the Inside?

Fri, 06/29/2018

The latest Verizon Data Breach Report provides a deeper understanding of the internal threats today's organizations face.

Blog

Where to Find Work Orders When the System Goes Down

By Tom Huntington on Thu, 02/15/2018

Paper work orders are a thing of the past. But system failure could deliver a nasty surprise to manufacturers and distributors who don’t have HA in play. Read on for more.

Blog

When Security Becomes a DevOps Blind Spot

By Bob Erdman on Mon, 02/05/2018

One question is often left unasked in DevOps strategy meetings: what about security?

Blog

How DR Compliance Requirements Impact HA Decisions

By Tom Huntington on Wed, 03/01/2017

Disaster recovery requirements are part of the geographic and industry regulations that affect our organizations. Having the right solutions in place can help to avoid penalties and make audits go smoothly. Read on to create a complete compliance toolkit.

Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)

Going Phishing Isn't Seasonal–Get the Latest Results from 2023's Tournament

Untrustworthy Email in Inboxes Reaches All-Time High

Six Strategies to Ensure You Give the Right Access to the Right People at the Right Time

Penetration Testing for Regulatory Compliance

How To Manage the Pen Testing Skills Shortage

Silencing the Bells: How a SIEM Can Prevent Alert Fatigue

Staying Ahead of the Curve: Implementing Privileged Access Management Solutions

A Precarious Balance: Privileged Users and The Cloud

Cloud Watching: Ensuring Security in Every Cloud Environment

The Shared Responsibility of Cloud Security

A SIEM that Speaks IBM i

Are Employees Undermining Your Data Breach Defenses from the Inside?

Where to Find Work Orders When the System Goes Down

When Security Becomes a DevOps Blind Spot

How DR Compliance Requirements Impact HA Decisions

Contact Information

Privacy Policy

Cookie Policy

Impressum