Fortra Insights: November 2024
Welcome to our monthly Fortra Insights enewsletter! Subscribe to join us here for cybersecurity industry highlights and Fortra news each month.
Heading into the end of this year, we as security practitioners ought to take stock of where the past twelve months have brought us and what we can anticipate in the year ahead. ?
Thanks to the widespread adoption of new technologies, a host of new threat vectors, and the ever-present pinch of cybersecurity budgets, it looks like organizations are going to have to be more strategic than ever when configuring their security strategies in 2025. In our recent blog, Fortra Insights: Customer Cybersecurity Challenges and Plans for 2025 , our experts run down evolving issues —?from deepfakes to adaptive malware to remote and hybrid work models, AI-armed insiders, and more —?and talk about how next year’s SOCs are going to have to deal with them. Hint: As human bandwidth gets stretched to capacity, the average security stack may look different next year than it did this. ?
But why stop there? In such rapidly changing technological weather, it isn’t enough to write down thoughts alone. Next week, our panelists will be hosting a webinar to talk face-to-face about these challenges firsthand. Register for Cybersecurity Predictions for 2025 from Fortra and walk away with insights on vulnerable information supply chains, increased security scrutiny on service providers, the shifting focus towards human-centric attacks, and more. ?
Just over six months after we entered the extended detection and response market, Fortra XDR was named “XDR Solution Provider of the Year ” at the 2024 CyberSecurity Breakthrough Awards . By combining Fortra’s extensive native controls with Fortra’s Alert Logic open integrations, we offer customers a uniquely powerful platform. Plus, it comes with another particularly notable advantage that sets it apart from other offerings: it is fully managed, 24/7, across all attack vectors. ?
As organizations solidify security plans for 2025, keeping the growing trends in mind —?as well as the technologies and teams at their disposal —?will be key for crafting a strategy customized to the landscape to come. And as always, Fortra will be here ready to help.
Why We Can’t Take Supply Chain Attacks Seriously Enough?
The average organization does business with at least 11 supply chain partners. When recent supply chain attacks have cost their industries up to $1 billion in damages, organizations need to take third-party security as seriously as their own cybersecurity stance. ?
Read more here .
The Cybersecurity Gap: Why Even the Best-Trained Teams Still Vulnerable to Attacks
90% of cyberattacks start with a simple click. Despite all our fancy tech and training, human error remains the biggest cybersecurity threat. In his latest must-read article for CyberTech - Cyber Technology Insights? , Fortra’s Chief Strategy Officer, John P. Grancarich , reveals the truth behind phishing, cyber extortion, and why mindset matters more than ever. John’s personal story highlights how one busy moment can lead to disaster—and why continuous practice is the only way to strengthen our defenses.
Read more here .
Fortra on Phishing, AI, and LOTS Tactics: Protecting Against Trusted Service Abuse? ?
Cybercriminals are exploiting trusted platforms, and Yousign’s e-signature service was the latest victim. In The Tech Talks Daily Podcast, Fortra's Michael Tyler, CISSP explains how attackers bypassed email security by using Yousign’s domain in a phishing campaign. He discusses the “living off trusted services” (LOTS) tactic, where bad actors leverage legitimate services to carry out attacks. Michael offers practical advice on strengthening email defenses and collaborating with service providers to mitigate platform abuse. ?
Listen to the full episode here .?
Fortra Discovers Sophisticated QR Code Phishing Campaign Targeting Office 365 Users? ?
Fortra has uncovered a new QR code phishing campaign targeting Office 365 users, and ITNerd has the details. This sophisticated attack impacts over 290,000 email addresses and uses personalized phishing pages that mimic company login portals. Are your employees prepared to spot these threats? Read the full breakdown and learn how to protect your organization
Read more here .