Blog
Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)
By Ricardo Narvaja on Mon, 09/09/2024
In this blog post, I will explain a vulnerability in the Microsoft Windows Desktop Windows Manager (DWM) Core library that I analyzed when the exploit for Core Impact was being developed. This vulnerability allows an unprivileged attacker to execute code as a DWM user with Integrity System privileges (CVE-2024-30051).Since there was not enough public information at the time to develop the exploit,...
Guide
Guide to Creating a Proactive Cybersecurity Strategy
Cyber attacks are common, with 89% of companies experiencing an attack in the last 12 months*. It’s time to stop asking if attacks will occur and start asking if you can stop attacks from being successful. One of the best ways to answer this question is by employing a proactive security program. Using assessment and testing to harden your cybersecurity measures, proactive security: Uncovers...
Quote
Get Custom Penetration Testing Services Pricing
Find Your VulnerabilitiesCore Security's Security Consulting Services (SCS) simulates trending and new cyber threats to uncover security weaknesses, comply with regulatory compliance standards, and strengthen your security landscape. See how affordable pen testing can be, complete the form and get a customized quote from our experts based on your security needs.Get More With Security Consulting...
Guide
How to Use Upskilling and Reskilling to Scale Your Cybersecurity Team
The cybersecurity skills shortage is not just an ongoing inconvenience—it is a serious vulnerability that can be exploited by attackers. But how can organizations go about patching this gap while the talent gap endures? The answer lies in leveraging the resources you already have on hand: your existing workforce. How do you transform your existing personnel to meet today’s cybersecurity demands?...
News Article
The AI Journal: From Criminal Pastime to Cybersecurity Tool
Thu, 03/14/2024
Ethical hacking has become one of the most powerful tools for preventing cyber threats. Kyle Gaertner spoke with The AI Journal about the tool's importance.
Blog
Going Phishing Isn't Seasonal–Get the Latest Results from 2023's Tournament
By Monica Delyani on Fri, 02/23/2024
Preview the latest global phishing benchmarking results and expert security awareness recommendations from Fortra's Terranova Security 2023 Gone Phishing Tournament.
News Article
Help Net Security: Exploring the Impact of Generative AI in the Presidential Election
Mon, 12/25/2023
2024 is a presidential election year in the U.S. and Ryan Maltzen, Cybersecurity Architect at Fortra, predicts an increase in attempts to influence votes through propaganda and social media campaigns, aided by the use of generative AI.
News Article
VM Blog: Braving the Digital Risk & Email Security Landscape
By Eric George on Fri, 12/15/2023
How will the digital risk and email security landscape evolve in 2024? In this VM Blog article, Eric George discusses the industry's future and shares his seven predictions for 2024.
News Article
Solutions Review: Social Media Scams Impacting Businesses and Individuals Today
By John Wilson on Thu, 11/02/2023
In this Solutions Review article, John Wilson highlights common social media scams, their impact on businesses, and ways to safeguard yourself and your organization.
News Article
CFO Dive: AI Linked to New Crop of Business Email Scams
John Wilson spoke to CFO Dive about Fortra’s recent report on business email compromise. He discussed the recent surge in the number of malicious or untrustworthy emails detected in corporate inboxes.
News Article
Digital Journal: FBI’s Warning Around Sextortion Schemes
The FBI has issued a warning about the use of "deepfakes" in a new wave of sextortion schemes. In his interview with Digital Journal, John Wilson examines the techniques used and provides valuable tips to help protect children from such scams.
Blog
Data Classification and Data Loss Prevention (DLP): A Comprehensive Data Protection Strategy
Tue, 05/23/2023
Data is the world’s currency and has been for some time. Protecting data should be at the top of the list for organizations of any size, and the heart of any security strategy. Think about it: the purpose of any firewall, email solution, compliance regulation, or XDR platform is to keep data safe. Why not cut to the heart of it with a dedicated Data Loss Prevention (DLP) solution? And why not...
News Article
Forbes Advisor: Beware Of Loan Scams
In his latest Forbes Advisor article, John Wilson discusses loan scams and shares 7 red flags to help identify and avoid fraudulent loan offers.
Guide
Fortra's Complete Guide to Layered Offensive Security
Most organizations have a decent understanding of the types of defensive security tactics they need to employ to thwart cyberattacks. But offensive security techniques are just as important for detecting existing vulnerabilities that a threat actor has yet to discover and exploit.
Learn how to approach offensive security from the ground up, including the value of using a layered security...
Datasheet
How Fortra Supports the Zero Trust Journey
What Zero Trust means, tips for getting started, and how Fortra solutions support your Zero Trust security journey.