Blog
Abusing Data to Avoid Detection: Cybercriminal Adoption of Browser Fingerprinting
Mon, 04/08/2024
Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. While browser fingerprinting has been used by legitimate organizations to uniquely identify web browsers for nearly 15 years, it is now commonly exploited by cybercriminals.
Blog
Cybercriminal Focus in the New Year – Top 2024 Threat Trends
By Jessica Ryan on Fri, 03/29/2024
Blog
Going Phishing Isn't Seasonal–Get the Latest Results from 2023's Tournament
By Monica Delyani on Fri, 02/23/2024
Preview the latest global phishing benchmarking results and expert security awareness recommendations from Fortra's Terranova Security 2023 Gone Phishing Tournament.
Blog
How to Recover After Failing a Cybersecurity Audit
Tue, 12/12/2023
While it’s important to adhere to compliance regulations, blunders do happen. What does it mean when these blunders lead to you failing a cybersecurity audit, and how can you recover?
Consequences of Failing a Cybersecurity Audit
Failing a cybersecurity audit can mean several things.
First, there’s the up-front legal fines that come with falling on the wrong side of compliance. Here are a few...
Blog
The Changing Role of Government in Cybersecurity
By Antonio Sanchez on Wed, 11/29/2023
Governments are responsible for carrying out their duties to defend the rights and safety of their citizens. Find out their role in the cyber landscape and how Fortra plays a part.
Blog
Common Email Threats and How to Combat Them
By Antonio Sanchez on Wed, 11/29/2023
We let email threats slip by us every day. Discover what popular ploys your team might be missing and how Fortra’s advanced security solutions can help.
Blog
Top Takeaways from Fortra’s 2023 Domain Impersonation Report
By Antonio Sanchez on Fri, 10/20/2023
Discover domain impersonation trends in Fortra’s 2023 Domain Impersonation Report to find out how cybercriminals are spoofing employees. Fortra’s Antonio Sanchez shares insights from Fortra’s latest report.
Blog
Threat Actor Profile: Strox Phishing-as-a-Service
Fri, 10/20/2023
Strox phishing-as-a-service has become one of the most complete phishing solutions for fraud actors available, offering advanced phishing kits, hosting services, mail spam scripts, and an automated market for selling stolen credentials. Uncover the origins, evolution, and impact of Strox, a prominent player in the world of online fraud.
Blog
Financial Services Cybersecurity: What You Need to Know
By Antonio Sanchez on Wed, 10/11/2023
Today’s financial threat landscape is evolving, and firms are facing record high risk. Learn what’s causing the uptick and which essential cybersecurity practices will ke.ep you safe
Blog
Guardians of the Digital Realm: How Managed Security Services Keep Your Business Safe
By Antonio Sanchez on Mon, 10/09/2023
In the world of cybersecurity, it's not just about keeping the bad guys out — it’s about staying one step ahead of their next move. The managed security services team at Fortra is dedicated to working with you to understand your organization’s unique security challenges and provide solutions to keep you protected against even the most sophisticated global threats. Get ready to exceed your expectations and fortify your environment like never before with Fortra.
Blog
Generative AI in Cybersecurity
By Antonio Sanchez on Tue, 09/12/2023
Understand the challenges and benefits of generative AI on today’s cybersecurity landscape and learn how Fortra’s advanced cybersecurity solutions can help.
Blog
Accelerating Security Maturity with Fortra Bundles
Tue, 08/29/2023
In The Importance of Layering Offensive Security Solutions, Fortra experts underscore the advantage of developing a single source offensive security tooling portfolio. Read on to find out the necessary ingredients for a proactive strategy and why Fortra’s ability to combine and maximize solutions optimizes security and produces the most effective outcomes.
The Five Elements of an Offensive...
Blog
99% of User-Related Threats Are Email Impersonation Attempts
Wed, 06/21/2023
Threats in corporate inboxes hit new highs with a quarter of all reported emails classified as malicious or untrustworthy. 99% of these threats were email impersonation threats, such as BEC and credential theft lures, that lack attachments or URLs delivering malware payloads. Cybercriminals continue to bypass traditional email security tools and reach end users by impersonating individuals,...
Blog
Untrustworthy Email in Inboxes Reaches All-Time High
Thu, 06/01/2023
In Q1, the volume of emails classified as malicious or do not engage reached nearly a quarter of all reported emails. This is the highest combined volume of these categories since Fortra’s PhishLabs has documented this data point. Of those classified as malicious, threats considered email impersonation or, those lacking known signatures, made up a significant 98.7%.
Every quarter, PhishLabs...
Blog
An IBM i Hacking Tale
By Pablo Zurro on Thu, 04/06/2023
Discover how penetration testing can be used on IBM i systems to find hidden vulnerabilities in your security. This post breaks down Core Impact's IBM i pen testing process from discovery to privilege escalation.
Blog
Preparing for the Impact of PCI DSS 4.0
Thu, 11/10/2022
Stealing credit card data is a perennial favorite of cybercriminals everywhere, whose aggressive tactics to score sensitive accountholder details result in breach after breach for organizations small and large. In its most recent research on payment card fraud, The Nilson Report found $28.6 billion in losses for 2020 (nearly 36% in the U.S. alone), with...
Blog
What is a Vulnerability Management Program?
Mon, 07/25/2022
The Equifax breach was caused by a vulnerability. The WannaCry virus exploited a vulnerability. The stories don’t seem to end but it seems like no one is talking about how to solve this problem which is: start a vulnerability management program.
“Manage the vulnerabilities in my network? Sounds easy” well, not so much, but not so difficult that you shouldn’t be spending time and resources on it....
Blog
6 Ways to Defend Yourself Against Password Attacks
Thu, 07/14/2022
Ever since Ali Baba uttered “open sesame,” thieves have been using stolen passwords to access hidden riches. In the digital world, password attacks have been and continue to be a common way for threat actors to gain access to an organization’s treasure trove of data. No matter how many emails we get from IT explaining what makes a good password, many of us still use the same basic password in...