What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-06-27 17:00:00 | New Ransomworm Follows WannaCry Exploits (lien direct) | We are currently tracking a new ransomware variant sweeping across the globe known as Petya. It is currently having an impact on a wide range of industries and organizations, including critical infrastructure such as energy, banking, and transportation systems. This is a new generation of ransomware designed to take advantage of timely exploits. This current version is targeting the same vulnerabilities that we exploited during the recent Wannacry attack this past May. This latest attack, known as Petya, is something we are referring to as... | Wannacry | ||
|
2017-06-27 12:59:00 | The Need for Situational Awareness (lien direct) | As human beings, we are continually looking for knowledge or information to help improve any situation. If we live or work in a crowded city, for example, we want to know which routes are best to avoid getting stuck in traffic. When we enter a restaurant or movie theater we look for the exits. And when suspicious looking person enters the room, part of our mind automatically keeps track of him. This behavior is known as situational awareness, and it's second nature to most of us. But while such behavior often occurs in our everyday... | |||
|
2017-06-26 12:50:00 | Fortinet FortiWeb Advanced Application Security Integrates with Microsoft Azure Security Center (lien direct) | The emerging trend towards security automation is becoming essential for cloud deployment. Traditionally, businesses configure a Web Application Firewall with static policies to address unchanging, known-bad threats. Unfortunately, it can be tricky to get them all right in Public Cloud environment. With a growing number of attack variants, more rules you add the more potential there is to run into false positives. FortiWeb's integration with the Azure Security Center now allows customers to take a reactive policy approach to web security... | |||
|
2017-06-25 07:00:00 | Google\'s 2017 CTF – The “ASCII Art Client†Challenge (lien direct) |   In our last blog in this series, we discussed FortiGuard Labs' participation in Google's second annual Capture The Flag (CTF) competition. In this blogpost, I want to share how I solved another challenge, called“ASCII Art Clientâ€. ChallengeDescription For this challenge, participants were given two files: a binary file aart_client and a network capture aart_client_capture.pcap. File1: aart_client File2: aart_client_capture.pcap The goal of the challenge was: This client displays nice... | |||
|
2017-06-23 16:00:00 | Hughes-Fortinet Partnership Brings Zero-Touch Simplicity to Distributed Retail Organizations (lien direct) | Hughes Network Systems is a leading managed network service provider for highly distributed enterprises that need to operate and deliver uniform performance across large numbers of branch locations. They have been a long-time Fortinet partner, delivering innovative managed network solutions that leverage Fortinet platforms by combining Fortinet's security capabilities with Hughes' broadband transport, routing, and WAN optimization technologies. We recently sat down with Jeff Bradbury, Senior Director of Marketing at Hughes, to talk... | Guideline | ||
|
2017-06-23 12:59:00 | Byline: Four Tips for a Cyber-Safe Summer (lien direct) | Summer is upon us – a time for family, fun and travel. Whether you're going around the block or around the world, odds are you're taking your work laptop (just in case). And of course, you're taking your smartphone. Maybe you'll want to check email on your phone using the hotel's public WiFi. Maybe the kids want to play an online game on that laptop. If you haven't exercised good cybersecurity hygiene, though, you could be opening yourself up to all kinds of fun-zapping connectivity catastrophe... | |||
|
2017-06-22 15:00:03 | (Déjà vu) Security Research News in Brief - May 2017 Edition (lien direct) | Welcome back to our monthly review of some of the most interesting security research publications. This month, let's do a bit of crypto... Past editions: April 2017 March 2017 P. Carru, Attack TrustZone with Rowhammer Rowhammer is an attack on DRAM, which consists in repeatedly accessing given rows of the DRAM to cause random bit flips in adjacent rows. Until now, the attack hadn't been demonstrated on ARM's TrustZone: but that's what the author implemented. He demonstrated that, using... | |||
|
2017-06-22 13:00:03 | The Role of the Healthcare CIO Yesterday, Today, and Tomorrow (lien direct) | Today's healthcare networks are intricate ecosystems of different networks comprised of a wide variety of connected devices and moving data, but they weren't always this open. The industry as a whole has had to rapidly shift gears. Healthcare data now flows faster than ever, and it isn't slowing down. As a result, the role of the healthcare chief information officer (CIO) has had to expand and adapt. As networks expand and connected devices permeate the healthcare landscape, the CIO will continue to play an increasingly important... | |||
|
2017-06-22 01:00:00 | Google\'s 2017 CTF Challenge: Mindreader (lien direct) | This past June 17th and 18th, 2017, Google hosted their second annual Capture The Flag (CTF) competition. The Google team created security challenges and puzzles that contestants were able to earn points for solving. It's a clever way to leverage the security community to help protect Google users, and the web as a whole. Last year, over 2,400 teams competed, and this year the number was even higher. FortiGuard Labs decided to pull together a team and then write up a report on the experience. So, first things first, this challenge was... | |||
|
2017-06-20 12:56:00 | Strengthening the Security Fabric of Blockchain (lien direct) | Blockchain is a shared and continuously reconciled database used to maintain a list of digital records, called blocks. It is quickly becoming an important tool not just for financial information, but also for managing and recording virtually all types of data, such as medical and other records, identity management, and transaction processing. Because a blockchain database is distributed and interconnected, it provides several essential services. The first is transparency. Because data is embedded within the network as a whole, it is by definition... | |||
|
2017-06-19 12:56:00 | Executive Insights: Managing Risk through Digital Trust (lien direct) | In the context of digital trust, effective cybersecurity can become an essential enabler of digital transformation. In other words, if organizations and users can't trust their data, and trust that it is safe, they will not engage, and the Digital Economy will fail. | |||
|
2017-06-16 13:04:00 | Why SIEM Solutions Are Essential to Securing Healthcare Networks (lien direct) | Nine out of ten healthcare organizations have suffered a breach in the past two years, according to a new Ponemon study, and the data shows that these breaches could be costing the industry upwards of $6 billion. When analyzing the sources of these breaches, it should come as no surprise that criminal attacks represent more than half of the total as healthcare records provide a treasure trove of valuable data. The remainder of the breaches tends to result from internal issues like employee mistakes, third-party snags, and stolen connected devices. While... | |||
|
2017-06-15 13:29:00 | Higher Education: Critical Infrastructure and the Dark Cloud of Cyber Threats (lien direct) | The Department of Homeland Security (DHS) has identified 16 sectors that have been determined to be designated as critical infrastructure due to the debilitating effect on security, national economic security, national public health or safety, or any combination that would result from any of these sectors being compromised. Included in this list of 16 is the Government Facilities Sector, which covers, “a wide variety of buildings, located in the United States and overseas, that are owned or leased by federal, state, local, and tribal governments.â€... | |||
|
2017-06-14 16:19:29 | WINS Server Remote Memory Corruption Vulnerability in Microsoft Windows Server (lien direct) | Summary In December 2016, FortiGuard Labs discovered and reported a WINS Server remote memory corruption vulnerability in Microsoft Windows Server. In June of 2017, Microsoft replied to FortiGuard Labs, saying, "a fix would require a complete overhaul of the code to be considered comprehensive. The functionality provided by WINS was replaced by DNS and Microsoft has advised customers to migrate away from it." That is, Microsoft will not be patching this vulnerability due to the amount of work that would be required. Instead, Microsoft... | |||
|
2017-06-14 13:02:02 | Evolving towards a Homogenous Society: The Risk of the New Digital Economy (lien direct) | The recent WannaCry attack was interesting for a couple of reasons. First, the speed and scale of the attack was impressive. Over the course of a couple of days, hundreds of thousands of systems were affected and disrupted. Second, it also unveiled a disturbing trend. The attack malware exploited a known vulnerability that not only had been revealed through the highly public release of stolen cyber tools, but Microsoft had also released a patch for the targeted vulnerability over two months before. Which means that the scale of the attack was... | Wannacry | ||
|
2017-06-13 17:38:16 | FortiSIEM for AWS (lien direct) | Fortinet is proud to announce that our FortiSIEM solution is now available for the AWS Marketplace. Fortinet's auto scaling security solution provides the resources needed to help with deployment in order to optimize AWS networks. FortiSIEM for AWS provides essential security services for cloud environments | |||
|
2017-06-13 13:02:05 | Who\'s Afraid of the Big, Bad Robot? (lien direct) | Tired of hearing about IoT? Me too. I am also tired of AI and the constant specter of intelligent robots and computers that are smarter than us, and that for some reason want to harm us. I prefer the movie Her because I believe that is more likely to represent the future of an AI. They wouldn't want to compete with us and rule the world. Instead, it seems more likely that they would find us to be a curiosity. And they would probably eventually just lose interest in us and leave. We (and the Earth) would not be able to evolve as fast... | |||
|
2017-06-13 05:11:59 | Cybercrime At Your Service, Mac (lien direct) | We aren't talking about some potential future threat. Our FortiGuard Labs team just reported on a new ransomware variant targeting Mac devices. Which means it's time to get serious about protecting these (Mac) devices. | |||
|
2017-06-12 12:53:21 | Byline: Securing Your Enterprise\'s Expansion into the Cloud (lien direct) | For enterprises, the very real benefits of moving applications to the cloud also come with significant challenges. Whether their using the public cloud, a private cloud or, as is often the case, a hybrid of the two, it's necessary to optimize application performance to get the full benefits of cloud technology and enable a better business model. Just as importantly, though, you must be able to secure your people and your information as they traverse your network, from on-premises to the cloud and back, and you must be able to secure... | |||
|
2017-06-09 20:38:39 | MacRansom: Offered as Ransomware as a Service (lien direct) | Just recently, we discovered a Ransomware-as-a-service (Raas) that uses a web portal hosted in TOR network which has become a trend nowadays. It is rather interesting to see cybercriminals attack a different operating system other than Windows. And this could be the first time to see Raas that target Mac OS. | |||
|
2017-06-08 14:44:52 | Executive Insights: Innovating for Business Success (lien direct) | Innovation, at its core, is about creating an environment where creativity is encouraged, resourced, and rewarded. We saw that point illustrated in the news recently. | |||
|
2017-06-07 14:15:04 | Threat Insights: The Future of Smart and Automated Threats (lien direct) | Threat report data is only as useful as the analysis and context that goes along with it. We asked Derek Manky, global security strategist with our FortiGuard Labs team, to share his thoughts on what some of the data in our recent Threat Landscape Report means going forward. What at a high level did you find interesting in the report? What did the data tell you from your global point of view? A few things stood out to me based on my years of working with the FortiGuard Labs team. At a high level, visibility and control over today's... | |||
|
2017-06-06 18:20:15 | Research Report: Visibility and Control of Distributed Infrastructures Diminishing as Attack Vectors Grow (lien direct) | There are a couple of important takeaways from our Threat Landscape report. First, while the more high profile attacks have dominated the headlines, the reality is that the majority of threats faced by most organizations are opportunistic in nature. Criminals tend to target low hanging fruit, so it is critical that you minimize your visible and accessible attack surface. | |||
|
2017-06-05 15:22:22 | Join Fortinet at HPE Discover 2017! (lien direct) | Fortinet is a Gold sponsor at Discover 2017, and will showcase several important security innovations to help you stay ahead of cyber threats. Join Fortinet at booth 231 while you're at Discover 2017 to see a demo of the Fortinet Security Fabric in action! We'll also have technical experts on hand to discuss any security needs you ma A key focus area for many attendees will be cybersecurity, given the challenges they face from today's sophisticated and rapidly evolving threats. The isolated, proprietary security devices most organizations... | |||
|
2017-06-05 15:20:49 | Governmental Entities Bringing Financial Cybersecurity to Center Stage (lien direct) | By now, it's no secret that cybercriminals have targeted, and continue to target, the financial services industry with advanced attacks that are designed to steal or otherwise jeopardize valuable data. As a result, many organizations have taken at least some initial steps to better secure their networks and the information that lives within them. In fact, according to Duff & Phelps' “Global Regulatory Outlook,†86 percent of professionals in the financial services industry say their companies have plans to put more... | |||
|
2017-06-04 18:52:30 | An Inside Look at CVE-2017-0199 – HTA and Scriptlet File Handler Vulnerability (lien direct) | FortiGuard Labs recently came across a new strain of samples exploiting the CVE-2017-0199 vulnerability. This vulnerability was fixed by Microsoft and the patch was released in April 2017. Due to its simplicity, it can be easily exploited by attackers. It has also been found in-the-wild by other vendors. We have also blogged about some samples recently found in spear phishing attack. While there are plenty of articles discussing this vulnerability, most of them are intended for technical readers and primarily focus on how to create proof-of-concept... | |||
|
2017-06-02 22:01:41 | Infographic: Protecting Today\'s Financial Services Industry in a Digital Environment (lien direct) | Read this post and view the embedded infographic to learn how financial services organizations can protect their data in the digital age. | |||
|
2017-06-01 06:24:03 | Digital Transformation in Healthcare and How Fabric Security Solutions Can Assist (lien direct) | Whether it's healthcare, or any of the other 16 sectors of critical national infrastructure, enterprises responsible for some of our most important cyber assets are undergoing some sort of digital transformation. At its core, digital transformation in business is really about moving from intuitive to data-driven decision making to gain new insights, provide essential services, and drive exponential growth. Over the past few years, the healthcare sector and other industries have been focused on four major objectives related to digital transformation: Move... | |||
|
2017-06-01 06:22:23 | Byline: Healthcare in the Crosshairs (lien direct) | Healthcare systems are consistently a preferred target of cybercriminals. Today, whenever a cyberattack occurs, healthcare networks seem to be right in the crosshairs. There are reasons for this. Historically, healthcare networks have been reasonablely easy to break into. Despite the implementation of new EHR systems and critical infrastructure for healthcare data exchanges, healthcare generally hasn't kept up with other vertical markets in terms of security, creating “low-hanging fruit†for would-be attackers. These networks... | |||
|
2017-05-31 08:48:31 | Byline: WannaCry is Part of a Bigger Problem (lien direct) | The most important question related to the recent WannaCry attacks isn't who the attackers were, or how big the attack was. The question is, “How did this happen in the first place?†The vulnerability exploited by this attack had been patched by Microsoft months before. That patch was part of a widely publicized update that was issued in response to the massive set of NSA cyberespionage tools leaked by the secretive group known as Shadow Brokers. Everyone knew about it. Yet, apparently, few did anything about it. Failure... | Wannacry | ||
|
2017-05-30 16:53:19 | Spear Phishing Fileless Attack with CVE-2017-0199 (lien direct) | Introduction CVE-2017-0199 is a remote code execution vulnerability that exists in the way that Microsoft Office and WordPad parse specially crafted files. An attacker who successfully exploits this vulnerability can take control of an affected system and then install programs, view, change, or delete data, or create new accounts with full user rights. Microsoft issued a patch for this vulnerability April, and most security vendors have published alarms for it. Unfortunately, attacks targeting this vulnerability are still widely being used... | |||
|
2017-05-30 10:32:57 | The Power of Virtual Cell Wi-Fi (lien direct) | Wireless access has not only revolutionized networks. It has profoundly changed our culture. It has transformed how and where we work, how we interact through social media, and how we stay connected with family and friends. The challenge we are now facing is Wi-Fi saturation. Given the number of connected devices online now, and the predictions for exponential growth over just the next few years, we need to ensure that we are building wireless networks that can accommodate both the volume of connections and connected devices coming, the increase... | |||
|
2017-05-29 21:22:20 | Byline: What is Next for Cloud Services in the Federal Space? (lien direct) | Historically, federal agencies have been wary of using public cloud due to security concerns. Yet the agility and cost savings offered by cloud infrastructure is proving to be a major incentive, leading to a recent big push for agencies to re-engage with public cloud providers. Security is still a central issue, and many agencies are looking at cloud service providers whose products adopt a cloud-first strategy, viewing them either as a firewall in the cloud or as a way to outsource security to the cloud.  However, no one... | Guideline | ||
|
2017-05-26 09:19:10 | FortiVets: Remembering – and Hiring – our Veterans (lien direct) | Many Americans see Memorial Day in the US as the holiday that kicks off summer. Stores are loaded with shiny new grills, bags of charcoal, and rows of filled propane tanks. Patio furniture is being dusted off while refrigerators are stuffed with marinating steaks, bowls of potato salad, and chilled beer waiting for friends and family for the traditional weekend barbeque. But Memorial Day is about much more than grilling a burger with a cold beverage in your hand. Memorial Day in the United States, observed every year on the last Monday of May,... | |||
|
2017-05-25 09:06:35 | Trends Affecting Managed Security Service Providers (lien direct) | Given the very public explosion of ransomware, and an ever-growing list of other cyber threats, IT services providers are increasingly looking for ways to meet the insatiable demand for cybersecurity. In this article we will look at some of the trends and challenges facing the MSSP community. How has the cost and shortage of security talent empowered the MSS domain? There are two forces driving the growth of MSS - complexity and cost. The complexity of threats and regulations continues to grow, with no change in sight. On the cost side, there... | |||
|
2017-05-23 15:37:42 | Automating Security Operations: What It Takes to Defend Against Something Like WannaCry (lien direct) | A major challenge facing security vendors today is that most solutions and products are developed based on knowledge of previous threats that already exist. This makes many security solutions reactive by their very design, which is not a tenable strategy for facing the volume of new attacks and strategies arising today. This arms race of identifying new threats, then reacting has been the primary strategy since the dawn of malware: A new virus is identified and then security vendors write the antivirus signature to block it; a polymorphic virus... | Wannacry | ||
|
2017-05-23 09:37:21 | Executive Insights: An Interview with Phil Quade (lien direct) | We regularly do deep dive Q&A pieces with our executives to share the leadership perspectives at Fortinet. Read below for an interview with Phil Quade, Fortinet's CISO. | Guideline | ||
|
2017-05-22 09:01:21 | Byline: Artificial Intelligence: Cybersecurity Friend or Foe? (lien direct) | ​​​​​​​Security strategies need to undergo a radical evolution. Tomorrow's security devices will need to see and interoperate with each other to recognize changes in the networked environment, anticipate new risks and automatically update and enforce policies. The devices must be able to monitor and share critical information and synchronize responses to detected threats. | |||
|
2017-05-19 09:23:01 | Internet2: A Collaborative Power That Needs to be Secured (lien direct) | For what started as a research network that was largely owned and operated by top universities, the Internet as we know it today has become much more. In 1969, ARPANET carried the first data packets between two separate nodes. During its genesis, ARPANET included the University of California, Los Angeles and the Stanford Research Institute before adding the University of Utah and University of California, Santa Barbara. What began as a 4-node network in 1969 had swelled to include 213 hosts by 1981. From there, it took off. The Internet's... | |||
|
2017-05-18 15:01:24 | Perspective: The Aftermath of the WannaCry Attack (lien direct) | A perspective blog with Derek Manky, Global Security Strategist, Fortinet. We asked Derek to put WannaCry into context. Is this just the eye of the storm? | Wannacry | ||
|
2017-05-17 21:14:16 | Spring Parade for Refreshed Android Marcher (lien direct) | Android malware continues to grow exponentially now that it has overtaken the top position as the most popular OS (across all platforms), making it the target of choice for malware authors. Android Marcher is an Android banker malware that has been on the FortiGuard Labs radar since late 2013. Since that time it has been seen in a number of campaigns targeting many different banks and countries. And now, Marcher has once again resurfaced with a new campaign. Over the past few months we have observed it masking itself in a variety of ways... | |||
|
2017-05-17 19:15:57 | WannaCry FAQ - Take-aways and Learnings (lien direct) | WannaCry FAQ: How does WannaCry spread? WannaCry has multiple ways of spreading. Its primary method is to use the Backdoor.Double.Pulsar backdoor exploit tool released last March by the hacker group known as Shadow Brokers, and managed to infect thousands of Microsoft Windows computers in only a few weeks. Because DoublePulsar runs in kernel mode, it grants hackers a high level of control over the compromised computer system. | Wannacry | ||
|
2017-05-17 18:24:02 | New Loki Variant Being Spread via PDF File (lien direct) | The Loki Bot has been observed for years. As you may know, it is designed to steal credentials from installed software on a victim's machine, such as email clients, browsers, FTP clients, file management clients, and so on. FortiGuard Labs recently captured a PDF sample that is used to spread a new Loki variant. In this blog, we will analyze how this new variant works and what it steals. The PDF sample Figure 1. Content of the PDF sample The PDF sample only contains one page, shown above, which includes some... | |||
|
2017-05-17 09:28:10 | Zero Patch IoT Environment (lien direct) | Over the last few months or years I have reported vulnerabilities on several IoT devices. None have been patched so far, and I think it is time to discuss the situation openly. One of the issues I have faced several times is the zero-security-culture phenomenon. Some of those IoT companies were typically very small and young, with sadly neither the skills nor the resources to fix security issues. For example, I remember sending several vulnerabilities to a given company. I got an automated response for the first email (ok),... | |||
|
2017-05-15 19:22:50 | Critical Update: WannaCry Ransomware (lien direct) | On May 12th, 2017 the ransomware WannaCry disrupted hundreds of organizations in dozens of countries. The ransomware encrypts personal and critical documents and files and demands approximately $300 USD in BitCoin currency for the victim to unlock their files. | Wannacry | ||
|
2017-05-15 15:33:01 | No Tears for WannaCry: Five Steps Every CISO Should Consider for Protecting Your Organization from Ransomware (lien direct) | Â Over the past few days WannaCry malicious malware variants affect hundreds of organizations across the world. This cyberattack spread primarily by exploiting a vulnerability whose manufacturer had issued a critical security update for over two months ago. While there are certainly reasons why it may take an organization some time to patch vulnerable systems, including the risk of updating live systems, two months should be plenty of time for any organization to take appropriate steps to secure their environment. With the recent malware... | Wannacry | ||
|
2017-05-15 11:31:45 | WannaCry: Evolving History from Beta to 2.0 (lien direct) | The WannaCry malware was responsible for a massive infection beginning that affected organizations and systems around the world. FortiGuard Labs has been monitoring this malware carefully. We have provided an analysis of this attack, along with how to protect your organization here. Â In this blog post I'll briefly describe some of the distinct characteristics of each version of this malware, from beta to the latest 2.0 version, and share some interesting findings. Beta Version: We discovered this beta version around Feb 9th,... | Wannacry | ||
|
2017-05-15 08:13:46 | Service Provider Security in the Age of Digital Transformation (lien direct) | Digital Transformation is Happening Now Digital Transformation is a subject on the minds of CEOs everywhere as they seek to improve business results and align more closely with the needs and the expectations of their customers. And why not? Businesses large and small are adopting digital practices that a recent McKinsey study shows delivers, on average, five times more revenue and eight times more profitability than peer companies. The appeal of improved revenues, greater profitability, and higher levels of customer engagement underpins a shift... | |||
|
2017-05-12 18:59:56 | Protecting Your Organization from the WCry Ransomware (lien direct) | Ransomware has become the fastest growing malware threat, targeting everyone from home users to healthcare systems to corporate networks. Tracking analysis shows that there has been an average of more than 4,000 ransomware attacks every day since January 1, 2016. | |||
|
2017-05-11 15:53:48 | White House Announces New Cybersecurity Executive Order (lien direct) | President Trump just signed a new cybersecurity Executive Order that has important implications, not only for federal agencies, but for Critical Infrastructures as well. |
To see everything:
Our RSS (filtrered)
