Blog
Four Key Cybersecurity Highlights from Infosecurity Europe
By Steve Audsley on Thu, 06/27/2024
Infosecurity Europe 2024 saw a tightened focus on this year’s real security agenda: a holistic approach to data protection, scrutiny on the supply chain, and the ever-wary eye toward AI and its many uses. Fortra’s Steve Audsley, EMEA Solution Engineering Manager for Data Protection, shares his experience.
Product Video
Sequel Data Warehouse ETL (Extract, Transform, Load) Overview and Demonstration
Wed, 06/26/2024
When data comes from all over your IT environment and is accessed in different ways by different users, your organization faces a lot of issues. Not only is the data inconsistent, but each database formats and delivers data differently. And there's no single filter through which all data goes to make sure it is high quality. That's where Sequel Data Warehouse can help. By accessing any data and...
Emerging Threats
Check Point VPN Vulnerability
Wed, 06/26/2024
Fortra is investigating a vulnerability in the Check Point VPN – CVE-2024-24919. This information disclosure vulnerability could allow an attacker to access sensitive information on internet-exposed Check Point Security Gateways with IPsec VPN in the Remote Access VPN community and the Mobile Access software blade. Security updates are available to mitigate this vulnerability.
Emerging Threats
MOVEit Transfer Improper Authentication
Wed, 06/26/2024
Fortra is actively researching an improper authentication vulnerability in MOVEit Transfer – CVE-2024-5806. This vulnerability in the SFTP Module of Progress MOVEit Transfer can lead to authentication bypass. Customers can upgrade to a patched release to mitigate this vulnerability.
Security Advisory
SQL Injection Vulnerability in FileCatalyst Workflow 5.1.6 Build 135 (and earlier)
Tue, 06/25/2024
A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this vulnerability. Successful unauthenticated exploitation requires a Workflow system with anonymous access...
Article
How to Implement the CIS Controls and Benchmarks on IBM i
By Amy Williams on Mon, 06/24/2024
Discover what the CIS Benchmarks and Controls are, why IBM i organizations should implement them, and how Powertech can help.
Demo
Watch a Demo of Fortra Vulnerability Management
Fortra Vulnerability Management (formerly Frontline VM) is more than a scan. This risk-based, scalable VM solution streamlines vulnerability identification and prioritization, producing accurate, actionable reports that empower quick remediation. Whether your team is just beginning network security assessments or establishing on-going, automated assessments and reporting, our feature-rich VM is...
News Article
Tech Newsday: More Snowflake Storage Victims Found, Microsoft Issues New Windows Patches
By Tyler Reguly on Thu, 06/20/2024
In its latest Patch Tuesday update, Microsoft issued a critical bug in Microsoft Message Queuing (MSMQ) technology.
News Article
Redmond Magazine: Microsoft Releases Light Security Update for June
By Tyler Reguly on Thu, 06/20/2024
Tyler Reguly spoke with Redmond Magazine about the vulnerabilities Microsoft revealed in its security update for June.
News Article
Dark Reading: Microsoft, Late to the Game on Dangerous DNSSEC Zero-Day Flaw
By Tyler Reguly on Wed, 06/19/2024
Tyler Reguly spoke with Dark Reading about the CVE-2023-50868 vulnerability, one of the more dangerous flaws for which Microsoft released a patch on June Patch Tuesday.
News Article
ComputerWeekly: RCE Flaw and DNS Zero-Day Top List of Patch Tuesday Bugs
By Tyler Reguly on Wed, 06/19/2024
An RCE vulnerability in Microsoft Message Queuing (MSMQ) technology is the most critical issue revealed in the Patch Tuesday update for June. Tyler Reguly shared his take on the CVE-2024-30080 vulnerability.
On-Demand Webinar
How to Maximize Your BI Technology with a Data Warehouse
Watch this webinar to learn why Sequel Data Warehouse is the trusted tool for IBM i organizations to overcome the many types of data integration challenges.
Security Advisory
Hard-coded password in FileCatalyst Direct 3.8.10 Build 138 TransferAgent (and earlier) and FileCatalyst Workflow 5.1.6 Build 130 (and earlier)
Tue, 06/18/2024
A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock the keystore from which contents may be read out, for example, the private key for certificates. Exploit of this vulnerability could lead to a machine-in-the-middle (MiTM) attack against users of the agent. This issue affects all versions of FileCatalyst Direct from 3.8.10 Build 138 and earlier and all...
News Article
Spiceworks: Microsoft’s June Patchload Features Fixes for 51 Bugs, Including a Zero-Day One
By Tyler Reguly on Tue, 06/18/2024
Tyler Reguly spoke with Spiceworks News & Insights and discussed Microsoft’s Patch Tuesday security update for June.
News Article
Infosecurity Magazine: Microsoft Patches One Critical and One Zero-Day Vulnerability
By Tyler Reguly on Mon, 06/17/2024
In his discussion with Infosecurity Magazine, Tyler Reguly analyzed the vulnerabilities revealed in the June Patch Tuesday update.
News Article
The Hacker News: Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability
By Tyler Reguly on Mon, 06/17/2024
What vulnerabilities were issued in Microsoft’s latest Patch Tuesday update? Tyler Reguly spoke with The Hacker News and shared details about the June security update.
News Article
Dark Reading: Critical MSMQ RCE Bug Opens Microsoft Servers to Complete Takeover
By Tyler Reguly on Mon, 06/17/2024
Tyler Reguly spoke with Dark Reading about the critical bug in Microsoft Message Queuing (MSMQ) technology issued in Microsoft’s June Patch Tuesday security update.
News Article
Best Life: How to Identify Phishing Emails
Fri, 06/14/2024
Struggling to identify phishing emails? Theo Zafirakos shared valuable tips on how to spot email scams and stay safe.