Live Webinar
All day
Antonio Sanchez |
Josh Davies
Blog
Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)
By Ricardo Narvaja on Mon, 09/09/2024
In this blog post, I will explain a vulnerability in the Microsoft Windows Desktop Windows Manager (DWM) Core library that I analyzed when the exploit for Core Impact was being developed. This vulnerability allows an unprivileged attacker to execute code as a DWM user with Integrity System privileges (CVE-2024-30051).Since there was not enough public information at the time to develop the exploit,...
News Article
How to Fortify Defenses Before Threats Materialize
By Chris Reffkin on Mon, 09/09/2024
Cyber threats are becoming more sophisticated and frequent, yet many organizations still face challenges due to limited resources. In ITSecurityWire, Fortra's Chris Reffkin highlights prioritizing remediation, closing the skills gap, and ongoing improvement.
News Article
Amazon Press Center: AWS Launches Global Passport Program to Accelerate Software Companies’ Growth and International Expansion
Fri, 09/06/2024
Amazon Web Services (AWS) announced the launch of its AWS Global Passport Program to help independent software vendor customers grow their businesses internationally. Fortra is one of the first participants in the program.
Live Webinar
10:00 - 10:45am CDT
Tom Huntington |
Chuck Losinski
Guide
Avoid These Common Ransomware Prevention Oversights
Most breaches and data losses are caused by simple "honest" mistakes that inadvertently create security weaknesses for attackers to target. In fact 68% of data breaches originate from some type of non-malicious human element*. When it comes to ransomware prevention, if you focus too intently on your defensive cybersecurity tactics, you may be overlooking some fundamental security measures, like...
Blog
Malware, Ransomware, and Viruses vs Your IBM i Server
By Sandi Moore on Tue, 09/03/2024
Many of us have heard that you can’t get a virus on this platform, but the reality is that the integrated file system (IFS) is a tree-like structure. This structure can house Word documents, PDFs, MP3s, JPEG images, and these files can be just as infected on the IBM i server as they can on any Windows work station or server.
News Article
Hosting Advice: Leading Cybersecurity Provider Empowers Businesses to Bolster Infrastructure Protection
By Rohit Dhamankar on Fri, 08/30/2024
Hackers are constantly changing their tactics and using new technologies to infiltrate systems, leaving companies in a constant battle to protect their security. In a recent Hosting Advice article, Rohit Dhamankar dives into how cyber threats keep evolving and why businesses need to tweak their security game.
Blog
Is Your Data REALLY Safe on the IBM i (AS/400)?
By Tom Huntington on Thu, 08/29/2024
Discover the three things you can do, starting today, to ensure your data is properly secured on your IBM i (AS/400).
Blog
Troubleshooting Advanced Web UI Automation Issues
By Darrell Walker on Thu, 08/29/2024
When web browser automation challenges arise, use these helpful Automate tips and tricks for troubleshooting issues and building stronger automation.
Security Configuration Management
Security configuration management (SCM) is essential for the success of an organization’s overall security posture. This integral function of a holistic cybersecurity program targets the configurations of elements in the IT environment such as operating systems, applications, network devices, cloud assets, databases, servers, directory services, POS terminals, and workstations. Configuration...
Blog
Introduction to Advanced Web UI Automation
By Darrell Walker on Thu, 08/29/2024
Learn web browser automation best practices using Fortra's Automate. Easily build out automations for web processes involving browsers and portals to eliminate manual tasks.
News Article
Anti-Phishing Working Group (APWG): Phishing Activity Trends Report for Q2 2024
By John Wilson on Wed, 08/28/2024
The Anti-Phishing Working Group (APWG) has released its Phishing Activity Trends Report for Q2 2024, offering an in-depth analysis of recent phishing attacks and identity theft techniques. Fortra contributed to this report, with John Wilson providing insights on business email compromise (BEC).
Security Advisory
Insecure Default in FileCatalyst Workflow 5.1.6 Build 139 (and earlier)
Tue, 08/27/2024
The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are published in a vendor knowledgebase article. Misuse of these credentials could lead to a compromise of confidentiality, integrity, or availability of the software.The HSQLDB is only included to facilitate installation, has been deprecated, and is not intended for production use per vendor guides. However,...
Security Advisory
SQL Injection in FileCatalyst Workflow 5.1.6 Build 139 (and earlier)
Tue, 08/27/2024
A vulnerability exists in FileCatalyst Workflow whereby a field accessible to the super admin can be used to perform an SQL injection attack which can lead to a loss of confidentiality, integrity, and availability.
Blog
The Password Atmosphere – Problem, or Progress?
By Lisa Lombardo on Mon, 08/26/2024
Password security has evolved from simple physical protections to complex, multi-factor authentication systems. Experts suggest that while traditional passwords are becoming outdated, combining them with new technologies like biometrics and passkeys offers stronger security. Future trends point towards more user-friendly yet robust methods to safeguard digital access.
Blog
What Is the NIST Risk Management Framework (RMF)?
By Antonio Sanchez on Mon, 08/26/2024
The NIST Risk Management Framework, or RMF, is a voluntary 7-step process used to manage information security and privacy risks. By following the NIST RMF, organizations can successfully implement their own risk management programs, maintain compliance, and address the weaknesses that present the greatest danger to their enterprise.
Surveyor/400 Downloads
Surveyor/400 RequirementsWorkstation requirements:TCP/IP connection to the IBM i Windows or a graphical operating system with Java installed.IBM i requirements:V7R1 or greater of the IBM i Operating System.The QUSER user profile must be enabled and have a valid password. QUSER is used by the servers at startup time.The IBM i host servers must be running. Launch the IBM i command 'STRHOSTSVR *ALL'...