Fortra

Record Microsoft Patch Tuesday, fresh zero-day

AI, Don't miss, Fortra, Hot stuff, Microsoft, Microsoft Defender, News, Patch Tuesday, patching, security update, Tenable, Trend Micro, Windows /

Record Microsoft Patch Tuesday, fresh zero-day 2026-06-10 at 14:23 By Zeljka Zorz Microsoft marked its largest-ever Patch Tuesday this month, by shipping fixes for nearly 200 vulnerabilities. Within hours, “Nightmare Eclipse”, the researcher behind weeks of escalating Windows exploit releases, dropped a proof-of-concept exploit for a new zero-day: “RoguePlanet”, which abuses a race condition in […]

Record Microsoft Patch Tuesday, fresh zero-day Read More »

What security teams miss in email attacks

Abnormal AI, Barracuda Networks, email security, Fortra, Hornetsecurity, News, Paubox, report, VIPRE Security /

What security teams miss in email attacks 2026-01-06 at 07:10 By Anamarija Pogorelec Email remains the most common entry point for attackers. This article examines how phishing, impersonation, and account takeover continue to drive email breaches and expose growing security gaps across industries. Email blind spots are back to bite security teams Email remains the

What security teams miss in email attacks Read More »

Clipping Scripted Sparrow’s wings: Tracking a global phishing ring

BEC scams, cybersecurity, Don't miss, Email, Expert analysis, Expert corner, Fortra, News, opinion, phishing /

Clipping Scripted Sparrow’s wings: Tracking a global phishing ring 2025-12-18 at 16:12 By Help Net Security Between June 2024 and December 2025, Fortra analysts tracked a persistent business email compromise (BEC) operation that we have now classified as Scripted Sparrow. The group carries out well-crafted highly targeted phishing campaigns that masquerade as professional services firms

Clipping Scripted Sparrow’s wings: Tracking a global phishing ring Read More »

Fortra DSPM helps organizations protect sensitive data across hybrid cloud

Fortra, Industry news /

Fortra DSPM helps organizations protect sensitive data across hybrid cloud 2025-10-29 at 16:31 By Industry News Fortra announced the launch of its new Data Security Posture Management (DSPM) solution to enable organizations to discover, classify, and protect sensitive data across their hybrid cloud. Fortra DSPM strengthens the company’s security portfolio by helping enterprises maintain visibility

Fortra DSPM helps organizations protect sensitive data across hybrid cloud Read More »

Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks

exploited, Fortra, GoAnywhere, Ransomware, Vulnerabilities, vulnerability, Zero-Day /

Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks 2025-10-07 at 12:40 By Ionut Arghire The Medusa ransomware operators exploited the GoAnywhere MFT vulnerability one week before patches were released. The post Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks Read More »

Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035)

0-day, Don't miss, enterprise, Fortra, Hot stuff, News, Rapid7, WatchTowr /

Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035) 2025-09-26 at 17:50 By Zeljka Zorz CVE-2025-10035, a perfect CVSS 10.0 vulnerability in the Fortra GoAnywhere managed file transfer solution, has apparently been exploited in zero-day attacks before the patch was released on September 15, 2025. Evidence of in-the-wild exploitation revealed On September 18, Fortra

Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035) Read More »

Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day

exploited, Fortra, GoAnywhere, MFT, Vulnerabilities /

Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day 2025-09-26 at 14:50 By Ionut Arghire Eight days before patches, a threat actor exploited CVE-2025-10035 as a zero-day to create a backdoor admin account. The post Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day Read More »

Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035)

Don't miss, enterprise, Fortra, News, security update, SMBs, VulnCheck, vulnerability /

Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035) 2025-09-22 at 14:20 By Zeljka Zorz If you’re running Fortra’s GoAnywhere managed file transfer solution and you haven’t updated to the latest available version for a while, do so now or risk getting your instance compromised via CVE-2025-10035. About CVE-2025-10035 CVE-2025-10035 is a critical deserialization

Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035) Read More »

Fortra Patches Critical GoAnywhere MFT Vulnerability

Fortra, MFT, Vulnerabilities, vulnerability /

Fortra Patches Critical GoAnywhere MFT Vulnerability 2025-09-22 at 10:54 By Ionut Arghire Tracked as CVE-2025-10035 (CVSS score of 10), the critical deserialization vulnerability could be exploited for command injection. The post Fortra Patches Critical GoAnywhere MFT Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortra Patches Critical GoAnywhere MFT Vulnerability Read More »

The state of DMARC adoption: What 10M domains reveal

cybersecurity, DMARC, Don't miss, email security, Fortra, News, Video /

The state of DMARC adoption: What 10M domains reveal 2025-09-11 at 07:43 By Help Net Security In this Help Net Security video, John Wilson, Senior Fellow, Threat Research at Fortra, explores the state of DMARC adoption across the top 10 million internet domains. He explains how SPF, DKIM, and DMARC work together to prevent email

The state of DMARC adoption: What 10M domains reveal Read More »

How cybercriminals exploit psychological triggers in social engineering attacks

Avast, cybercrime, cybersecurity, Don't miss, Fortra, News, Proofpoint, Reality Defender, Secure Yeti, social engineering, tips, Zscaler /

How cybercriminals exploit psychological triggers in social engineering attacks 2025-05-06 at 08:03 By Sinisa Markovic Most attacks don’t start with malware; they begin with a message that seems completely normal, whether it comes through email, a phone call, or a chat, and that is exactly what makes them so effective. These threats rely on psychological

How cybercriminals exploit psychological triggers in social engineering attacks Read More »

When confusion becomes a weapon: How cybercriminals exploit economic turmoil

cyber resilience, cybercriminals, cybersecurity, Don't miss, Expert analysis, Expert corner, Fortra, Hot stuff, News, opinion, social engineering /

When confusion becomes a weapon: How cybercriminals exploit economic turmoil 2025-04-23 at 09:02 By Help Net Security It begins with a simple notification: “Markets in Free Fall.” Within moments, the headlines multiply: new tariffs, emergency actions, plummeting consumer confidence. Across boardrooms and break rooms, anxiety ripples at every level. People begin refreshing inboxes and apps

When confusion becomes a weapon: How cybercriminals exploit economic turmoil Read More »

Inside PlugValley: How this AI vishing-as-a-service group operates

cybercrime, cybercriminals, Don't miss, Fortra, News, Video, vishing /

Inside PlugValley: How this AI vishing-as-a-service group operates 2025-04-17 at 07:41 By Help Net Security In this Help Net Security video, Alexis Ober, Threat Intel Analyst at Fortra, discusses the threat actor group PlugValley, which is now offering AI-powered vishing-as-a-service. Rather than requiring technical skills or large budgets, PlugValley’s service lets any cybercriminal launch vishing

Inside PlugValley: How this AI vishing-as-a-service group operates Read More »

Only 1% of malicious emails that reach inboxes deliver malware

cybersecurity, Email, email security, Fortra, News, phishing, report, survey /

Only 1% of malicious emails that reach inboxes deliver malware 2025-04-02 at 07:04 By Help Net Security 99% of email threats reaching corporate user inboxes in 2024 were response-based social engineering attacks or contained phishing links, according to Fortra. Only 1% of malicious emails that reached user inboxes delivered malware. This shows that while common

Only 1% of malicious emails that reach inboxes deliver malware Read More »

AI threats and workforce shortages put pressure on security leaders

Artificial Intelligence, cybersecurity, Don't miss, Fortra, Hot stuff, professional, threats, Video /

AI threats and workforce shortages put pressure on security leaders 2025-03-07 at 07:30 By Help Net Security In this Help Net Security video, John Grancarich, Fortra’s Chief Strategy Officer, discusses the 2025 Fortra State of Cybersecurity Survey and highlights escalating concerns among security professionals about AI-driven threats and a shortage of cybersecurity skills. The survey

AI threats and workforce shortages put pressure on security leaders Read More »

The compliance illusion: Why your company might be at risk despite passing audits

auditing, CISO, Compliance, CXO, cybersecurity, Don't miss, Fortra, Hot stuff, how-to, ISO 27001, News, NIST, PCI DSS, regulation, strategy, tips /

The compliance illusion: Why your company might be at risk despite passing audits 2025-02-26 at 08:20 By Mirko Zorz For many CISOs, compliance can feel like a necessary evil and a false sense of security. While frameworks like ISO 27001, SOC 2, and PCI DSS offer structured guidelines, they don’t automatically equate to strong cybersecurity.

The compliance illusion: Why your company might be at risk despite passing audits Read More »

Scam Yourself attacks: How social engineering is evolving

cybersecurity, Don't miss, Expert analysis, Expert corner, Fortra, Hot stuff, News, opinion, scams, social engineering, threats /

Scam Yourself attacks: How social engineering is evolving 2025-01-21 at 07:30 By Help Net Security We’ve entered a new era where verification must come before trust, and for good reason. Cyber threats are evolving rapidly, and one of the trends getting a fresh reboot in 2025 is the “scam yourself” attacks. These aren’t your run-of-the-mill

Scam Yourself attacks: How social engineering is evolving Read More »

Weekly IT Vulnerability Report: Cyble Researchers Find Nearly 1 Million Exposed Fortinet, SonicWall Devices

darkweb, Fortra, SonicWall, Threat Intelligence, Traccar, vulnerability /

Weekly IT Vulnerability Report: Cyble Researchers Find Nearly 1 Million Exposed Fortinet, SonicWall Devices 2024-08-30 at 16:31 By dakshsharma16 Key Takeaways Overview Cyble’s weekly vulnerability report for August 21-27 found the highest number of exposed vulnerable assets in nearly three months, since a widespread PHP vulnerability was found in early June. Cyble researchers found more

Weekly IT Vulnerability Report: Cyble Researchers Find Nearly 1 Million Exposed Fortinet, SonicWall Devices Read More »

Fortra Patches Critical Vulnerability in FileCatalyst Workflow

Fortra, Vulnerabilities, vulnerability /

Fortra Patches Critical Vulnerability in FileCatalyst Workflow 2024-08-30 at 14:31 By Ionut Arghire Fortra limits access to FileCatalyst Workflow database after vendor knowledgebase article leaks default credentials. The post Fortra Patches Critical Vulnerability in FileCatalyst Workflow appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Fortra Patches Critical Vulnerability in FileCatalyst Workflow Read More »

Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633)

credentials, Don't miss, Dynatrace, enterprise, file-sharing, Fortra, Hot stuff, News, SQL injection, Tenable, vulnerability /

Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) 2024-08-28 at 12:02 By Zeljka Zorz Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting known static credentials (CVE-2024-6633). “Once logged in to the HSQLDB, the attacker can perform malicious operations in the database. For

Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) Read More »

Scroll to Top