Blog
Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)
By Ricardo Narvaja on Mon, 09/09/2024
In this blog post, I will explain a vulnerability in the Microsoft Windows Desktop Windows Manager (DWM) Core library that I analyzed when the exploit for Core Impact was being developed. This vulnerability allows an unprivileged attacker to execute code as a DWM user with Integrity System privileges (CVE-2024-30051).Since there was not enough public information at the time to develop the exploit,...
News Article
How to Fortify Defenses Before Threats Materialize
By Chris Reffkin on Mon, 09/09/2024
Cyber threats are becoming more sophisticated and frequent, yet many organizations still face challenges due to limited resources. In ITSecurityWire, Fortra's Chris Reffkin highlights prioritizing remediation, closing the skills gap, and ongoing improvement.
Blog
Malware, Ransomware, and Viruses vs Your IBM i Server
By Sandi Moore on Tue, 09/03/2024
Many of us have heard that you can’t get a virus on this platform, but the reality is that the integrated file system (IFS) is a tree-like structure. This structure can house Word documents, PDFs, MP3s, JPEG images, and these files can be just as infected on the IBM i server as they can on any Windows work station or server.
Blog
Is Your Data REALLY Safe on the IBM i (AS/400)?
By Tom Huntington on Thu, 08/29/2024
Discover the three things you can do, starting today, to ensure your data is properly secured on your IBM i (AS/400).
Blog
What Is the NIST Risk Management Framework (RMF)?
By Antonio Sanchez on Mon, 08/26/2024
The NIST Risk Management Framework, or RMF, is a voluntary 7-step process used to manage information security and privacy risks. By following the NIST RMF, organizations can successfully implement their own risk management programs, maintain compliance, and address the weaknesses that present the greatest danger to their enterprise.
Guide
How Fortra Supports the MAS TRM Notice and Guidelines
Download this guide to learn how Fortra's solutions can help your organization comply with the MAS TRM notice and guidelines.
Blog
3 Components of a Proactive Security Strategy
By Mieng Lim on Mon, 07/22/2024
Your organization might have many cybersecurity defenses in place, but defenses alone are not enough to protect you from today’s multi-faceted cyberattacks. Proactively adding a layer of offensive security assessment and testing helps you pinpoint your system weaknesses before they are exploited. Proactive security measures help you stay ahead of attackers by:Identifying vulnerabilities and...
Guide
Guide to Creating a Proactive Cybersecurity Strategy
Cyber attacks are common, with 89% of companies experiencing an attack in the last 12 months*. It’s time to stop asking if attacks will occur and start asking if you can stop attacks from being successful. One of the best ways to answer this question is by employing a proactive security program. Using assessment and testing to harden your cybersecurity measures, proactive security: Uncovers...
Quote
Get Custom Penetration Testing Services Pricing
Find Your VulnerabilitiesCore Security's Security Consulting Services (SCS) simulates trending and new cyber threats to uncover security weaknesses, comply with regulatory compliance standards, and strengthen your security landscape. See how affordable pen testing can be, complete the form and get a customized quote from our experts based on your security needs.Get More With Security Consulting...
News Article
IT Nerd: Exclusive Insights from Fortra’s 2024 Penetration Testing Report
By Chris Reffkin on Fri, 06/28/2024
Fortra CISO Chris Reffkin spoke with IT Nerd and shared valuable insights from Fortra’s 2024 Penetration Testing Report.
Article
How to Implement the CIS Controls and Benchmarks on IBM i
By Amy Williams on Mon, 06/24/2024
Discover what the CIS Benchmarks and Controls are, why IBM i organizations should implement them, and how Powertech can help.
On-Demand Webinar
How to Securely Deploy ACS and Use Encrypted Sessions
By Steve Sisk
Watch IBM i pros Steve Sisk and Amy Williams to discover how to securely deploy ACS, how to use IBM i as a Certificate Authority (CA), how to configure ACS to use TLS, and other ACS security best practices.
On-Demand Webinar
Making the Most of the Audit Journal
By Amy Williams
Watch IBM i pros Steve Sisk and Amy Williams to discover how to securely deploy ACS, how to use IBM i as a Certificate Authority (CA), how to configure ACS to use TLS, and other ACS security best practices.
News Article
Healthcare IT News: HHS Offers $50M to Help Providers Patch Ransomware Vulnerabilities
By Tyler Reguly on Fri, 06/07/2024
Is AI enough to help organizations keep up with constantly changing vulnerabilities? Tyler Reguly spoke with Healthcare IT News and shared his take on it.
News Article
ComputerWeekly: Critical Sharepoint, Qakbot-Linked Flaws Focus of May Patch Tuesday
By Tyler Reguly on Fri, 06/07/2024
Tyler Reguly spoke with ComputerWeekly about the elevation of privilege (EoP) vulnerability in Windows DWM Core Library.
Guide
How to Use Upskilling and Reskilling to Scale Your Cybersecurity Team
The cybersecurity skills shortage is not just an ongoing inconvenience—it is a serious vulnerability that can be exploited by attackers. But how can organizations go about patching this gap while the talent gap endures? The answer lies in leveraging the resources you already have on hand: your existing workforce. How do you transform your existing personnel to meet today’s cybersecurity demands?...