Resources

Blog

BEC Global Insights Report: September 2024

The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Blog

BEC Global Insights Report: August 2024

The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
News Article

How to Fortify Defenses Before Threats Materialize

Cyber threats are becoming more sophisticated and frequent, yet many organizations still face challenges due to limited resources. In ITSecurityWire, Fortra's Chris Reffkin highlights prioritizing remediation, closing the skills gap, and ongoing improvement.
Guide

Avoid These Common Ransomware Prevention Oversights

Most breaches and data losses are caused by simple "honest" mistakes that inadvertently create security weaknesses for attackers to target. In fact 68% of data breaches originate from some type of non-malicious human element*. When it comes to ransomware prevention, if you focus too intently on your defensive cybersecurity tactics, you may be overlooking some fundamental security measures, like...
Blog

Managing the Rising Tide of CVEs

If you are watching recent security stats, you’ll likely spot an alarming trend.Common Vulnerabilities and Exposures (CVEs) are on the rise and expected to increase by 25% in 2024, reaching 2,900 CVEs per month¹. It’s not a huge surprise that the number of known vulnerabilities is growing, given the proliferation of systems and software. Unfortunately, average time to remediation is increasing as...
Blog

3 Components of a Proactive Security Strategy 

Your organization might have many cybersecurity defenses in place, but defenses alone are not enough to protect you from today’s multi-faceted cyberattacks. Proactively adding a layer of offensive security assessment and testing helps you pinpoint your system weaknesses before they are exploited. Proactive security measures help you stay ahead of attackers by:Identifying vulnerabilities and...
Blog

Major Launches Announced on Release Day 2024.2

About Fortra’s Release Day Each quarter, we at Fortra get to roll out the fruits of our labors for the past few months. We showcase new features, updates, and even products. This Release Day features several groundbreaking projects. We’ve broken into the XDR arena and are thrilled to introduce you to our new offering. We’ve issued major releases for over a half-dozen of our flagship products....
On-Demand Webinar

How Fortra Enables Your Zero Trust Strategy

The concept of using a Zero Trust architecture in cybersecurity has been around for more than a decade, and its fundamental principle of “never trust, always verify” sounds straightforward enough. However, there’s a lot of noise around Zero Trust, often generated by vendors promising that their solution is that magic silver bullet to all of your Zero Trust problems. This can muddy the waters and...
Blog

How to Recover After Failing a Cybersecurity Audit

While it’s important to adhere to compliance regulations, blunders do happen. What does it mean when these blunders lead to you failing a cybersecurity audit, and how can you recover? Consequences of Failing a Cybersecurity Audit Failing a cybersecurity audit can mean several things. First, there’s the up-front legal fines that come with falling on the wrong side of compliance. Here are a few...