Resources
Blog

CVE-2024-6769: Poisoning the Activation Cache to Elevate From Medium to High Integrity

By Ricardo Narvaja on Thu, 09/26/2024
This blog is about two chained bugs: Stage one is a DLL Hijacking bug caused by the remapping of ROOT drive and stage two is an Activation Cache Poisoning bug managed by the CSRSS server.The first stage was presented in detail at Ekoparty 2023 in the presentation called "I'm High" by Nicolás Economou from BlueFrost Security. He explained how to exploit the vulnerability which, at the time, had not...
Infrastructure and Data Protection
IT Infrastructure Protection
Offensive Security
Blog

BEC Global Insights Report: August 2024

By John Farina on Thu, 09/26/2024
The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Blog

3 Ways Malware Can Reach Your IFS

Tue, 09/24/2024
It's true that IBM i can't be infected by a PC virus. It's also true that the IFS can act as a host and spread malicious programs throughout your environment.
IBM i Cybersecurity
Guide

Decoding the Attacker Mindset: Pen Testing Revelations

Cybersecurity isn't just about defense—it's about understanding the offense. With penetration testing, organizations can learn to think like an attacker and develop more proactive strategies that anticipate attacks. In this guide, explore 5 scenarios that provide insight into the methods and techniques deployed in real-world pen testing engagements, including: Using a password spray attack to...
Infrastructure and Data Protection
IT Infrastructure Protection
Offensive Security
Cyber Hub
Guide

The Cyber Security Hub

Access free security awareness training content on a variety of important topics, including phishing, social engineering, ransomware, passwords, and much more.
Anti-Phishing
Using RPA Reviews to Choose Software
Blog

Using Reviews to Choose RPA Software

Thu, 09/12/2024
Analyze RPA reviews with a more critical eye to better understand how a robotic process automation vendor can meet your organization’s needs.
Automation
Robotic Process Automation (RPA)
Blog

Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)

By Ricardo Narvaja on Mon, 09/09/2024
In this blog post, I will explain a vulnerability in the Microsoft Windows Desktop Windows Manager (DWM) Core library that I analyzed when the exploit for Core Impact was being developed. This vulnerability allows an unprivileged attacker to execute code as a DWM user with Integrity System privileges (CVE-2024-30051).Since there was not enough public information at the time to develop the exploit,...
Infrastructure and Data Protection
IT Infrastructure Protection
Guide

Avoid These Common Ransomware Prevention Oversights

Most breaches and data losses are caused by simple "honest" mistakes that inadvertently create security weaknesses for attackers to target. In fact 68% of data breaches originate from some type of non-malicious human element*. When it comes to ransomware prevention, if you focus too intently on your defensive cybersecurity tactics, you may be overlooking some fundamental security measures, like...
ransomware on IBM i
Blog

Malware, Ransomware, and Viruses vs Your IBM i Server

By Sandi Moore on Tue, 09/03/2024
Many of us have heard that you can’t get a virus on this platform, but the reality is that the integrated file system (IFS) is a tree-like structure. This structure can house Word documents, PDFs, MP3s, JPEG images, and these files can be just as infected on the IBM i server as they can on any Windows work station or server.
IBM i Cybersecurity
Blog

Introduction to Advanced Web UI Automation

By Darrell Walker on Thu, 08/29/2024
Learn web browser automation best practices using Fortra's Automate. Easily build out automations for web processes involving browsers and portals to eliminate manual tasks.
Automation
Robotic Process Automation (RPA)
fortra-what-is-nist-rmf
Blog

The Password Atmosphere – Problem, or Progress?

By Lisa Lombardo on Mon, 08/26/2024
Password security has evolved from simple physical protections to complex, multi-factor authentication systems. Experts suggest that while traditional passwords are becoming outdated, combining them with new technologies like biometrics and passkeys offers stronger security. Future trends point towards more user-friendly yet robust methods to safeguard digital access.
fortra-what-is-nist-rmf
Blog

What Is the NIST Risk Management Framework (RMF)?

By Antonio Sanchez on Mon, 08/26/2024
The NIST Risk Management Framework, or RMF, is a voluntary 7-step process used to manage information security and privacy risks. By following the NIST RMF, organizations can successfully implement their own risk management programs, maintain compliance, and address the weaknesses that present the greatest danger to their enterprise.