Resources

Blog

Querying Excel as a Database

Learn how to query data in Microsoft Excel using SQL and discover how to use Excel automation for quick data analysis.
News Article

Dark Reading: Novel Exploit Chain Enables Windows UAC Bypass

​​Fortra's security research team has identified a novel exploit chain, tracked as CVE-2024-6769, which allows attackers to bypass Windows User Access Control (UAC) and escalate privileges to gain full system control.
News Article

​​CSO: Microsoft privilege escalation issue forces the debate: ‘When is something a security hole?’​

​​CSO covered Fortra’s disclosure of a Microsoft privilege escalation issue that allows attackers to bypass UAC prompts. Fortra's Tyler Reguly explained that this bypass removes key security checks, posing a risk. Microsoft disagrees, calling it a convenience issue, but the debate continues.​
News Article

CyberTech Insights: The Cybersecurity Gap: Why Even the Best-Trained Teams Still Vulnerable to Attacks

In a new article for CyberTech Insights, John Grancarich, Fortra's Chief Strategy Officer, explores why security awareness training matters more than ever. Drawing from personal experiences with cyber extortion and phishing, John highlights how continuous practice can better prepare us for real-world risks.Originally published in CyberTech Insights.Excerpt:“We’re not going to get any less busy, so...
News Article

VM Blog: Expert Insights on National Insider Threat Awareness Month

Insider threats—whether intentional or accidental—can have devastating effects on businesses of all sizes. Antonio Sanchez of Fortra, along with other industry experts, shares key insights into the evolving landscape of insider threats and offers strategies for mitigating these risks.
Blog

CVE-2024-6769: Poisoning the Activation Cache to Elevate From Medium to High Integrity

This blog is about two chained bugs: Stage one is a DLL Hijacking bug caused by the remapping of ROOT drive and stage two is an Activation Cache Poisoning bug managed by the CSRSS server.The first stage was presented in detail at Ekoparty 2023 in the presentation called "I'm High" by Nicolás Economou from BlueFrost Security. He explained how to exploit the vulnerability which, at the time, had not...
Guide

Decoding the Attacker Mindset: Pen Testing Revelations

Cybersecurity isn't just about defense—it's about understanding the offense. With penetration testing, organizations can learn to think like an attacker and develop more proactive strategies that anticipate attacks. In this guide, explore 5 scenarios that provide insight into the methods and techniques deployed in real-world pen testing engagements, including: Using a password spray attack to...
News Article

IT Brew: More Than Half of IT Professionals Aren’t Familiar With the Shared Responsibility Model

A recent IT Brew article highlights a major cloud security gap: only 49% of surveyed IT and cybersecurity professionals are familiar with the "shared responsibility model," which defines the division of security duties between cloud providers and customers. Nick Franklin emphasized the common misunderstanding around these responsibilities, urging customers to ask their providers directly about what they are responsible for.
Blog

Using Reviews to Choose RPA Software

Analyze RPA reviews with a more critical eye to better understand how a robotic process automation vendor can meet your organization’s needs.
Blog

Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)

In this blog post, I will explain a vulnerability in the Microsoft Windows Desktop Windows Manager (DWM) Core library that I analyzed when the exploit for Core Impact was being developed. This vulnerability allows an unprivileged attacker to execute code as a DWM user with Integrity System privileges (CVE-2024-30051).Since there was not enough public information at the time to develop the exploit,...