Fortra® Security & Trust Center

Blog

BEC Global Insights Report: January 2025

By John Farina on Mon, 02/10/2025
The monthly Global BEC Insights Report from Fortra presents a comprehensive analysis of the latest tactics, techniques, and procedures (TTP) employed by BEC threat actors. This report draws on extensive intelligence gathered from hundreds of active defense engagements conducted throughout the month. Key insights include geolocation data, attack volume, and the variety of scams, such as payroll diversion and advance fee fraud. The report also highlights the use of gift cards in scams, the requested amounts in wire transfer fraud, and the banks and webmail providers frequently targeted by attackers. These findings provide a critical understanding of the evolving BEC threat landscape.
Emerging Threats

Multiple Vulnerabilities Impacting rsync

Fri, 01/17/2025
Fortra is actively researching multiple vulnerabilities impacting rsync: CVE-2024-12084: CVSS 3.1: 9.8, CVE-2024-12085: CVSS 3.1: 7.5, CVE-2024-12086: CVSS 3.1: 6.1, CVE-2024-12087: CVSS 3.1: 6.5, CVE-2024-12088: CVSS 3.1: 6.5, CVE-2024-12747: CVSS 3.1: 5.6.
Patch Tuesday
Blog

Patch Tuesday Update January 2025

By Tyler Reguly on Thu, 01/16/2025
Microsoft definitely didn’t want to waste any time jumping into 2025 patching 161 CVEs with the January Patch Tuesday. There are 159 CVEs issued by Microsoft, 1 by CERT CC, and 1 by GitHub.
Emerging Threats

FortiOS & FortiProxy: Authentication Bypass in Node.js Websocket Module

Wed, 01/15/2025
Fortra is actively researching a critical authentication bypass vulnerability CVE-2024-55591 in the Node.js websocket module affecting FortiOS firewalls and FortiProxy web gateways. This vulnerability affects FortiOS firewalls and FortiProxy web gateways and has been exploited as a zero-day by attackers to compromise publicly-exposed FortiGate firewalls.
Tripwire VERT Security Update
Blog

VERT Threat Alert: January 2025 Patch Tuesday Analysis

By Tyler Reguly on Tue, 01/14/2025
Today’s VERT Alert addresses Microsoft’s January 2025 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1139 as soon as coverage is completed.In-The-Wild & Disclosed CVEsCVE-2025-21333The first of three Hyper-V vulnerabilities this month is a heap-based buffer overflow that leads to privilege escalation to SYSTEM. Microsoft has reported this...
Automation
Threat Research & Intelligence
Emerging Threats

Ivanti Unauthenticated Remote Code Execution

Thu, 01/09/2025
Fortra is actively researching vulnerabilities in Ivanti Connect Secure, Policy Secure, and ZTA Gateways – CVE-2025-0282 and CVE-2025-0283. Successful exploitation of CVE-2025-0282 could lead to unauthenticated remote code execution, while CVE-2025-0283 could allow a local authenticated attacker to escalate privileges. Ivanti has begun to release patches for these vulnerabilities, and customers should upgrade as soon as relevant patches are released.