What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-06-07 14:15:04 | Threat Insights: The Future of Smart and Automated Threats (lien direct) | Threat report data is only as useful as the analysis and context that goes along with it. We asked Derek Manky, global security strategist with our FortiGuard Labs team, to share his thoughts on what some of the data in our recent Threat Landscape Report means going forward. What at a high level did you find interesting in the report? What did the data tell you from your global point of view? A few things stood out to me based on my years of working with the FortiGuard Labs team. At a high level, visibility and control over today's... | |||
|
2017-06-06 18:20:15 | Research Report: Visibility and Control of Distributed Infrastructures Diminishing as Attack Vectors Grow (lien direct) | There are a couple of important takeaways from our Threat Landscape report. First, while the more high profile attacks have dominated the headlines, the reality is that the majority of threats faced by most organizations are opportunistic in nature. Criminals tend to target low hanging fruit, so it is critical that you minimize your visible and accessible attack surface. | |||
|
2017-06-05 15:22:22 | Join Fortinet at HPE Discover 2017! (lien direct) | Fortinet is a Gold sponsor at Discover 2017, and will showcase several important security innovations to help you stay ahead of cyber threats. Join Fortinet at booth 231 while you're at Discover 2017 to see a demo of the Fortinet Security Fabric in action! We'll also have technical experts on hand to discuss any security needs you ma A key focus area for many attendees will be cybersecurity, given the challenges they face from today's sophisticated and rapidly evolving threats. The isolated, proprietary security devices most organizations... | |||
|
2017-06-05 15:20:49 | Governmental Entities Bringing Financial Cybersecurity to Center Stage (lien direct) | By now, it's no secret that cybercriminals have targeted, and continue to target, the financial services industry with advanced attacks that are designed to steal or otherwise jeopardize valuable data. As a result, many organizations have taken at least some initial steps to better secure their networks and the information that lives within them. In fact, according to Duff & Phelps' “Global Regulatory Outlook,†86 percent of professionals in the financial services industry say their companies have plans to put more... | |||
|
2017-06-04 18:52:30 | An Inside Look at CVE-2017-0199 – HTA and Scriptlet File Handler Vulnerability (lien direct) | FortiGuard Labs recently came across a new strain of samples exploiting the CVE-2017-0199 vulnerability. This vulnerability was fixed by Microsoft and the patch was released in April 2017. Due to its simplicity, it can be easily exploited by attackers. It has also been found in-the-wild by other vendors. We have also blogged about some samples recently found in spear phishing attack. While there are plenty of articles discussing this vulnerability, most of them are intended for technical readers and primarily focus on how to create proof-of-concept... | |||
|
2017-06-02 22:01:41 | Infographic: Protecting Today\'s Financial Services Industry in a Digital Environment (lien direct) | Read this post and view the embedded infographic to learn how financial services organizations can protect their data in the digital age. | |||
|
2017-06-01 06:24:03 | Digital Transformation in Healthcare and How Fabric Security Solutions Can Assist (lien direct) | Whether it's healthcare, or any of the other 16 sectors of critical national infrastructure, enterprises responsible for some of our most important cyber assets are undergoing some sort of digital transformation. At its core, digital transformation in business is really about moving from intuitive to data-driven decision making to gain new insights, provide essential services, and drive exponential growth. Over the past few years, the healthcare sector and other industries have been focused on four major objectives related to digital transformation: Move... | |||
|
2017-06-01 06:22:23 | Byline: Healthcare in the Crosshairs (lien direct) | Healthcare systems are consistently a preferred target of cybercriminals. Today, whenever a cyberattack occurs, healthcare networks seem to be right in the crosshairs. There are reasons for this. Historically, healthcare networks have been reasonablely easy to break into. Despite the implementation of new EHR systems and critical infrastructure for healthcare data exchanges, healthcare generally hasn't kept up with other vertical markets in terms of security, creating “low-hanging fruit†for would-be attackers. These networks... | |||
|
2017-05-31 08:48:31 | Byline: WannaCry is Part of a Bigger Problem (lien direct) | The most important question related to the recent WannaCry attacks isn't who the attackers were, or how big the attack was. The question is, “How did this happen in the first place?†The vulnerability exploited by this attack had been patched by Microsoft months before. That patch was part of a widely publicized update that was issued in response to the massive set of NSA cyberespionage tools leaked by the secretive group known as Shadow Brokers. Everyone knew about it. Yet, apparently, few did anything about it. Failure... | Wannacry | ||
|
2017-05-30 16:53:19 | Spear Phishing Fileless Attack with CVE-2017-0199 (lien direct) | Introduction CVE-2017-0199 is a remote code execution vulnerability that exists in the way that Microsoft Office and WordPad parse specially crafted files. An attacker who successfully exploits this vulnerability can take control of an affected system and then install programs, view, change, or delete data, or create new accounts with full user rights. Microsoft issued a patch for this vulnerability April, and most security vendors have published alarms for it. Unfortunately, attacks targeting this vulnerability are still widely being used... | |||
|
2017-05-30 10:32:57 | The Power of Virtual Cell Wi-Fi (lien direct) | Wireless access has not only revolutionized networks. It has profoundly changed our culture. It has transformed how and where we work, how we interact through social media, and how we stay connected with family and friends. The challenge we are now facing is Wi-Fi saturation. Given the number of connected devices online now, and the predictions for exponential growth over just the next few years, we need to ensure that we are building wireless networks that can accommodate both the volume of connections and connected devices coming, the increase... | |||
|
2017-05-29 21:22:20 | Byline: What is Next for Cloud Services in the Federal Space? (lien direct) | Historically, federal agencies have been wary of using public cloud due to security concerns. Yet the agility and cost savings offered by cloud infrastructure is proving to be a major incentive, leading to a recent big push for agencies to re-engage with public cloud providers. Security is still a central issue, and many agencies are looking at cloud service providers whose products adopt a cloud-first strategy, viewing them either as a firewall in the cloud or as a way to outsource security to the cloud.  However, no one... | Guideline | ||
|
2017-05-26 09:19:10 | FortiVets: Remembering – and Hiring – our Veterans (lien direct) | Many Americans see Memorial Day in the US as the holiday that kicks off summer. Stores are loaded with shiny new grills, bags of charcoal, and rows of filled propane tanks. Patio furniture is being dusted off while refrigerators are stuffed with marinating steaks, bowls of potato salad, and chilled beer waiting for friends and family for the traditional weekend barbeque. But Memorial Day is about much more than grilling a burger with a cold beverage in your hand. Memorial Day in the United States, observed every year on the last Monday of May,... | |||
|
2017-05-25 09:06:35 | Trends Affecting Managed Security Service Providers (lien direct) | Given the very public explosion of ransomware, and an ever-growing list of other cyber threats, IT services providers are increasingly looking for ways to meet the insatiable demand for cybersecurity. In this article we will look at some of the trends and challenges facing the MSSP community. How has the cost and shortage of security talent empowered the MSS domain? There are two forces driving the growth of MSS - complexity and cost. The complexity of threats and regulations continues to grow, with no change in sight. On the cost side, there... | |||
|
2017-05-23 15:37:42 | Automating Security Operations: What It Takes to Defend Against Something Like WannaCry (lien direct) | A major challenge facing security vendors today is that most solutions and products are developed based on knowledge of previous threats that already exist. This makes many security solutions reactive by their very design, which is not a tenable strategy for facing the volume of new attacks and strategies arising today. This arms race of identifying new threats, then reacting has been the primary strategy since the dawn of malware: A new virus is identified and then security vendors write the antivirus signature to block it; a polymorphic virus... | Wannacry | ||
|
2017-05-23 09:37:21 | Executive Insights: An Interview with Phil Quade (lien direct) | We regularly do deep dive Q&A pieces with our executives to share the leadership perspectives at Fortinet. Read below for an interview with Phil Quade, Fortinet's CISO. | Guideline | ||
|
2017-05-22 09:01:21 | Byline: Artificial Intelligence: Cybersecurity Friend or Foe? (lien direct) | ​​​​​​​Security strategies need to undergo a radical evolution. Tomorrow's security devices will need to see and interoperate with each other to recognize changes in the networked environment, anticipate new risks and automatically update and enforce policies. The devices must be able to monitor and share critical information and synchronize responses to detected threats. | |||
|
2017-05-19 09:23:01 | Internet2: A Collaborative Power That Needs to be Secured (lien direct) | For what started as a research network that was largely owned and operated by top universities, the Internet as we know it today has become much more. In 1969, ARPANET carried the first data packets between two separate nodes. During its genesis, ARPANET included the University of California, Los Angeles and the Stanford Research Institute before adding the University of Utah and University of California, Santa Barbara. What began as a 4-node network in 1969 had swelled to include 213 hosts by 1981. From there, it took off. The Internet's... | |||
|
2017-05-18 15:01:24 | Perspective: The Aftermath of the WannaCry Attack (lien direct) | A perspective blog with Derek Manky, Global Security Strategist, Fortinet. We asked Derek to put WannaCry into context. Is this just the eye of the storm? | Wannacry | ||
|
2017-05-17 21:14:16 | Spring Parade for Refreshed Android Marcher (lien direct) | Android malware continues to grow exponentially now that it has overtaken the top position as the most popular OS (across all platforms), making it the target of choice for malware authors. Android Marcher is an Android banker malware that has been on the FortiGuard Labs radar since late 2013. Since that time it has been seen in a number of campaigns targeting many different banks and countries. And now, Marcher has once again resurfaced with a new campaign. Over the past few months we have observed it masking itself in a variety of ways... | |||
|
2017-05-17 19:15:57 | WannaCry FAQ - Take-aways and Learnings (lien direct) | WannaCry FAQ: How does WannaCry spread? WannaCry has multiple ways of spreading. Its primary method is to use the Backdoor.Double.Pulsar backdoor exploit tool released last March by the hacker group known as Shadow Brokers, and managed to infect thousands of Microsoft Windows computers in only a few weeks. Because DoublePulsar runs in kernel mode, it grants hackers a high level of control over the compromised computer system. | Wannacry | ||
|
2017-05-17 18:24:02 | New Loki Variant Being Spread via PDF File (lien direct) | The Loki Bot has been observed for years. As you may know, it is designed to steal credentials from installed software on a victim's machine, such as email clients, browsers, FTP clients, file management clients, and so on. FortiGuard Labs recently captured a PDF sample that is used to spread a new Loki variant. In this blog, we will analyze how this new variant works and what it steals. The PDF sample Figure 1. Content of the PDF sample The PDF sample only contains one page, shown above, which includes some... | |||
|
2017-05-17 09:28:10 | Zero Patch IoT Environment (lien direct) | Over the last few months or years I have reported vulnerabilities on several IoT devices. None have been patched so far, and I think it is time to discuss the situation openly. One of the issues I have faced several times is the zero-security-culture phenomenon. Some of those IoT companies were typically very small and young, with sadly neither the skills nor the resources to fix security issues. For example, I remember sending several vulnerabilities to a given company. I got an automated response for the first email (ok),... | |||
|
2017-05-15 19:22:50 | Critical Update: WannaCry Ransomware (lien direct) | On May 12th, 2017 the ransomware WannaCry disrupted hundreds of organizations in dozens of countries. The ransomware encrypts personal and critical documents and files and demands approximately $300 USD in BitCoin currency for the victim to unlock their files. | Wannacry | ||
|
2017-05-15 15:33:01 | No Tears for WannaCry: Five Steps Every CISO Should Consider for Protecting Your Organization from Ransomware (lien direct) | Â Over the past few days WannaCry malicious malware variants affect hundreds of organizations across the world. This cyberattack spread primarily by exploiting a vulnerability whose manufacturer had issued a critical security update for over two months ago. While there are certainly reasons why it may take an organization some time to patch vulnerable systems, including the risk of updating live systems, two months should be plenty of time for any organization to take appropriate steps to secure their environment. With the recent malware... | Wannacry | ||
|
2017-05-15 11:31:45 | WannaCry: Evolving History from Beta to 2.0 (lien direct) | The WannaCry malware was responsible for a massive infection beginning that affected organizations and systems around the world. FortiGuard Labs has been monitoring this malware carefully. We have provided an analysis of this attack, along with how to protect your organization here. Â In this blog post I'll briefly describe some of the distinct characteristics of each version of this malware, from beta to the latest 2.0 version, and share some interesting findings. Beta Version: We discovered this beta version around Feb 9th,... | Wannacry | ||
|
2017-05-15 08:13:46 | Service Provider Security in the Age of Digital Transformation (lien direct) | Digital Transformation is Happening Now Digital Transformation is a subject on the minds of CEOs everywhere as they seek to improve business results and align more closely with the needs and the expectations of their customers. And why not? Businesses large and small are adopting digital practices that a recent McKinsey study shows delivers, on average, five times more revenue and eight times more profitability than peer companies. The appeal of improved revenues, greater profitability, and higher levels of customer engagement underpins a shift... | |||
|
2017-05-12 18:59:56 | Protecting Your Organization from the WCry Ransomware (lien direct) | Ransomware has become the fastest growing malware threat, targeting everyone from home users to healthcare systems to corporate networks. Tracking analysis shows that there has been an average of more than 4,000 ransomware attacks every day since January 1, 2016. | |||
|
2017-05-11 15:53:48 | White House Announces New Cybersecurity Executive Order (lien direct) | President Trump just signed a new cybersecurity Executive Order that has important implications, not only for federal agencies, but for Critical Infrastructures as well. | |||
|
2017-05-11 12:13:08 | Deep Analysis of Esteemaudit (lien direct) | A Windows 2003 RDP Zero Day Exploit In this blog, the FortiGuard team takes a look at Esteemaudit, which is an exploit that was included in the set of cybertools leaked by the hacker group known as "Shadow Brokers." They claim that they collected this set of cybertools from the compromised data of "Equation Group," a threat actor alleged to be tied to the United States National Security Agency (NSA). Esteemaudit is a Remote Desktop Protocol (RDP) exploit that targets Microsoft Windows Server 2003 / Windows XP. The vulnerability... | |||
|
2017-05-11 06:42:08 | Byline: Security Platform vs. Security Fabric (lien direct) | Far too often, security tools are wrapped in marketing language that doesn't always effectively communicate-or sometimes, even intentionally obscures-what a device or tool is able to do. Visit any security trade show and you are going to be overwhelmed by devices claiming to be “cloud enabled†or that offer “advanced threat intelligence.†But what do those terms mean? The same is true for entire classes of products. | |||
|
2017-05-10 09:08:47 | (Déjà vu) Security Research News in Brief - April 2017 Edition (lien direct) | Welcome back to our monthly review of some of the most interesting security research publications. Previous edition: March 2017 Â What happened to your home? IoT Hacking and Forensic with 0-day from TROOPERS 17, by Park and Jin Figure 1: Hacking a vacuum cleaner The authors hacked a vacuum cleaner, which, besides cleaning, also includes an embedded camera and microphone. The hack wasn't easy because the vacuum wasn't too badly secured. The authors however found 2 vectors: 1. They connected on the... | |||
|
2017-05-09 11:11:59 | Deep Analysis of New Emotet Variant – Part 2 (lien direct) | This is the second part of FortiGuard Labs' deep analysis of the new Emotet variant. In the first part of the analysis we demonstrated that by bypassing the server-side Anti-Debug or Anti-Analysis technique we could download three or four modules (.dll files) from the C&C server. In that first blog we only analyzed one module (I named it 'module2'). In this blog, we'll review how the other modules work. Here we go. | |||
|
2017-05-08 12:46:12 | The Open Security Requirement in the Age of the Cloud (lien direct) | In a 2015 article posted by Forbes, it was reported that 87 percent of people hadn't heard of the term “Internet of Things†(IoT). At that time, Gartner Inc. estimated that there were 4.9 billion connected devices in use. Fast forward to 2017, and Gartner now reports that number has grown  to 8.4 billion, with a look ahead to 2020 predicting that 20.4 billion connected devices will be in use. The IoT has gained traction in day-to-day life by adding new applications and capabilities at a rapid rate, and as this technology begins... | |||
|
2017-05-08 10:52:53 | Software, Software all Around but Not a Tool to Use (lien direct) | For the past 3-4 years, there has been a lot of buzz in the Information Technology market around the Software Defined delivery of applications. In terms of meta-technology evolution, software is being used to create and deliver software. Yes, it is as confusing as it sounds. The Software Defined revolution has caught on in three distinct areas: data center and cloud, connectivity to applications, and the agile deployment or creation of services. Amazon Web Services has recently redefined the new SDDC, or Software Defined Datacenter space,... | |||
|
2017-05-05 09:21:31 | Why Today\'s Financial Organizations Should Deploy Internal Segmentation Firewalls (lien direct) | As is the case across most of today's industries, the latest IT technological advances like the cloud, Internet of Things (IoT), and mobility have all blurred the lines between traditional network boundaries, making them harder to secure by the day. Security challenges are escalating in part because there are an increasing number of network access points that can open doors to sensitive financial data. For example, many devices inside of today's financial networks, such as routers and switches, are not security aware. Once these devices... | |||
|
2017-05-04 17:05:00 | Multiple Joomla! Core XSS Vulnerabilities Are Discovered (lien direct) | Joomla! is one of the world's most popular content management system (CMS) solutions. It enables users to build custom Web sites and powerful online applications. More than 3 percent of Web sites are running Joomla!, and it accounts for more than 9 percent of CMS market share. As of November 2016, Joomla! had been downloaded over 78 million times. Over 7,800 free and commercial extensions are also currently available from the official Joomla! Extension Directory, and more are available from other sources. This year, as a FortiGuard researcher... | |||
|
2017-05-04 08:49:44 | Video Gallery: Fortinet Employees Spotlight SIEM and Secure Access at HIMSS17 (lien direct) | This past February, thousands of healthcare IT professionals gathered in Orlando for the 2017 HIMSS conference to get an expansive view of the current healthcare landscape. Fortinet was also in attendance, presenting as well as walking the floors of the conference to connect with other vendors and discuss how their solutions can help clinicians and IT professionals keep their organization's network secure. During our time at HIMSS, we spoke with customers, prospects, and of course, Fortinet employees. In this video gallery we will hear... | |||
|
2017-05-03 10:50:33 | Deep Analysis of New Emotet Variant (lien direct) | Background Last week, FortiGuard Labs captured a JS file that functions as a malware downloader to spread a new variant of the Emotet Trojan. Its original file name is Invoice__779__Apr___25___2017___lang___gb___GB779.js. A JS file, as you may be aware, is a JavaScript file that can be executed by a Window Script Host (wscript.exe) simply by double-clicking on it. In this blog we will analyze how this new malware works by walking through it step by step in chronological order. A JS file used to spread malware The original JS code... | |||
|
2017-05-03 08:22:17 | Byline: Will Automated Next Gen Cybersecurity be Based on Intent? (lien direct) | Over the last few months I've written about a number of technologies impacting cybersecurity and how in a perhaps idealistic world these security systems can all interact with each other, share information about the devices in our networks, and take mitigating actions, as required. So where does that leave us for improving our overall approach to information security as it relates to rapidly evolving networked systems? | |||
|
2017-05-02 13:33:56 | Bricker Bot – A Silver Lining to Force Accountability for IoT Security? (lien direct) | The Bricker bot made the news a couple of weeks ago as being responsible for knocking unsecured IoT devices offline, rather than hijacking them into other botnets and using them for a DDoS attack like the massive event we saw last year against DYN. This is the third botnet that targets insecure IoT devices, but the only one that is destructive. The second, dubbed Hajime, breaks the into IoT devices, but instead of bricking them, it makes them more secure by disabling remote access to the device from the internet. Of course, Mirai was the first,... | |||
|
2017-05-01 07:46:45 | FortiGuard Labs Telemetry – Cloud Application Usage Observations (lien direct) | Cloud storage has increasingly become mainstream for storing, computing, and sharing data, while also combining accessibility and reliability into the mix. With larger internet bandwidth capacities connecting homes and businesses, syncing files across the internet is now a reality, and it can be done without needing to brew a couple of pots of coffee. Based on FortiGuard Lab's application telemetry, cloud storage applications have grown by more than 21% between Q4 2016 and Q1 2017. | |||
|
2017-04-28 08:26:27 | Executive Insights: Achieving Digital Trust in a World of Data (lien direct) | Cybersecurity is at a critical tipping point.  With massive volumes of data being generated and analyzed across the globe every day from a variety of sources and devices, an entirely new approach to network security is required. From both a business and technology perspective, traditional security paradigms are struggling to be agile and fast enough to move at the speed required in this new world. The linchpin to success going forward will be a business' ability to flexibly secure its sensitive data and create digital trust with its customers. | |||
|
2017-04-27 07:30:46 | Staying Compliant in Financial Services and How Cybersecurity Solutions Can Help (lien direct) | Today's cybersecurity threats target all parts of the network and nearly every device attached to it, making the potential threat landscape virtually boundless. When you pair technically skilled criminals with the attractiveness of financial data, trying to keep information safe is a constant battle. With this in mind, organizations like the SEC and FINRA have developed initiatives to help guide the financial services industry towards success, and at the same time, to also hold breached organizations accountable if they were inadequately prepared. SEC... | |||
|
2017-04-26 12:08:43 | BankBot, the Prequel (lien direct) | For us at FortiGuard, it always sounds like a bad idea for people to share malware source code, even if it is for academic or educational purposes. For example, on GitHub we can currently find more than 300 distinct repositories of ransomware, which gives you some idea about the attention that this form of malware receives. Although ransomware has the highest profile in the threat landscape at the moment, that does not mean that other threats have disappeared. Android is the most wide spread OS on mobile devices, covering around 80% of the... | |||
|
2017-04-26 07:48:48 | Video Gallery: Fortinet Systems Engineers Discuss Healthcare Security Trends at HIMSS17 (lien direct) | A number of Fortinet employees recently joined with thousands of attendees at the 2017 HIMSS conference in Orlando, Florida. These individuals were on hand to discuss the latest healthcare innovations, and to share information about Fortinet's products and services with HIMSS17 attendees. We had a chance to sit down with several Fortinet Health IT and Security experts to hear what they had to say about the current healthcare security landscape and the products that Fortinet offers to combat evolving threats. Watch the videos (below)... | |||
|
2017-04-25 15:52:53 | The Critical Need for MSSPs (lien direct) | Congratulations, you built a company worth breaking into! Seriously – there are, right now, Criminal Enterprises that are executing deliberate and methodical plans of attack in order to breach your company and strip it of its most valuable assets. Cybercrime is a multi-billion dollar business, and cybercriminals capitalize on finding new ways to exploit increasingly complex network environments like yours. To stay ahead of detection technologies, cybercriminals are continually developing new techniques and resources to bypass security and... | |||
|
2017-04-24 01:18:20 | Fortinet Supports INTERPOL-led Cybercrime Operation across the Association of Southeast Asian Nations (ASEAN) (lien direct) | Fortinet has partnered with INTERPOL over the past two years to assist in identifying and thwarting cybercrime. Today, INTERPOL announced that a new operation across the ASEAN region, built around threat intelligence provided by Fortinet and other public and private sector security organizations, has resulted in the identification of nearly 9,000 Command and Control (C2) servers and hundreds of compromised websites, including government portals. | |||
|
2017-04-21 08:10:25 | Protecting Higher Education Data in Today\'s Digital World (lien direct) | The proliferation of global network connectivity thanks to technological advances and a growing number of connected devices has had a number of positive impacts on today's higher education institutions. From cloud services to the Internet of Things (IoT), students and faculty are now able to stay connected while outside the classroom or laboratories to improve learning and research. However, all of this private information sharing has also opened the doors to increased cybercriminal activity targeting higher ed. Any exchanged information,... | |||
|
2017-04-20 13:30:06 | Remote Password Change Vulnerability in HPE Vertica Analytic Database (lien direct) | Summary On March 24 2017, I discovered and reported on a remote password change vulnerability in Hewlett-Packard Enterprise's (HPE) Vertica Analytic Database. This week, HPE released Security Bulletin HPESBGN03734, which contains the fix for this vulnerability and identifies it as CVE-2017-5802. Fueled by ever-growing volumes of Big Data found in many corporations and government agencies, HPE's Vertica Analytics Platform provides an SQL analytics solution built from the ground up to handle massive volumes of data and delivers blazingly... |
To see everything:
Our RSS (filtrered)
