What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-03-10 06:40:43 | Four Ramifications of Cyber Attacks on Healthcare Systems (lien direct) | Recent cyber attacks on the NHS and other healthcare systems have brought potential ramifications into the limelight. Read this post to find out more. | |||
|
2017-03-09 09:30:43 | Byline: IoT is Everywhere - Your Security Should Be Too (lien direct) | IoT security challenges include weak authentication and authorization protocols, insecure software, firmware with hard-coded backdoors, poorly designed connectivity and communications, and little to no configurability. Many devices were developed around chunks of commonly available and largely untested code, compounding security vulnerabilities across thousands of devices sold through dozens of manufacturers. And to make matters worse, IoT devices are often “headless,†with limited power and processing capabilities. This not only means they can | |||
|
2017-03-08 15:27:03 | Microsoft Excel Files Increasingly Used To Spread Malware (lien direct) | Over the last few years we have received a number of emails with attached Word files that spread malware. Now it seems that it is becoming more and more popular to spread malware using malicious Excel files. Lately, Fortinet has collected a number of email samples with Excel files attached (.xls, .xlsm) that spread malware by executing malicious VBA (Visual Basic for Applications) code. VBA is a programming language used by Microsoft Office suite. Normally, VBA is used to develop programs for Excel to perform some tasks. I'll use... | |||
|
2017-03-08 07:17:56 | Byline: The Move to Standardization and Open Architectures Enables Cybersecurity Automation For the Government Sector (lien direct) | In order to remain responsive, resilient, and agile, government organizations must adopt open, integrated, and automated security architectures that enable the collection and sharing of threat intelligence and the ability to coordinate a response to detected threats. | |||
|
2017-03-07 07:24:45 | Byline: Companies Are Taking the Cyber Skills Gap Into Their Own Hands (lien direct) | Businesses are expanding investments in infrastructure security but struggling to source the increasingly rare talent needed to implement and operate their solutions. As an industry-leader, Fortinet believes it is our responsibility to foster the development and continuing education of cybersecurity talent and close the cybersecurity skills gap | Guideline | ||
|
2017-03-06 10:20:38 | FortiGuard Labs Telemetry – Roundup and Comparison of 2015 and 2016 IoT Threats (lien direct) | Attacks targeting and originating from IoT devices began grabbing news headlines toward the last quarter of 2016. Insecure IoT devices became the low-hanging fruit for threat actors to easily exploit. Some were even notoriously used as botnets to launch DDoS attacks against selected targets. For example, the infamous Mirai botnet exploited weak login vulnerabilities in insecure IoT devices such as IP cameras and home routers, and was responsible for one of the largest known DDoS attacks to date. Besides being used in DDoS attacks, exploited IoT... | |||
|
2017-03-05 15:59:07 | Improving Australia\'s Cybersecurity Through Integration and Automation (lien direct) | How do government agencies protect their networks and data from cyber attacks in the face of the growing cyber skills shortage? Integration and automation are the keys. | |||
|
2017-03-03 09:33:24 | Using a Security Fabric to Meet New York\'s (and Other) Financial Cybersecurity Regulations (lien direct) | New York has introduced a cybersecurity regulation to protect the financial services industry. Fortinet explains how network security fabric can assist. | |||
|
2017-03-03 09:32:43 | Byline: Is Your Healthcare Data Safe? Three Questions to Ask (lien direct) | In the all-out war for data, the healthcare industry is getting hit the hardest. Experian's fourth annual 2017 Data Breach Industry Forecast states that healthcare organizations will be the most targeted sector for attack, with new and sophisticated attacks emerging. If healthcare organizations and their IT teams aim to keep data safe, they need to take a step back to assess the overall security landscape and the security processes currently in place on a macro level. | |||
|
2017-03-02 08:43:42 | Byline: Securing Your Growing Home Network (lien direct) | For the enterprise, we recommend a three phase approach to security based around learning what is on your network, dividing the network into separated segments, and then implementing appropriate security that provides critical protections without compromising functionality and interoperability. | |||
|
2017-03-02 06:54:42 | Dot Ransomware: Yet another Commission-based Ransomware-as-a-Service (lien direct) | Dot ransomware is a new Ransomware-as-a-service(RaaS) that is openly available in hacking forums. And following the current trend in malware services, it uses web portals hosted in the TOR network for anonymity. Commission-based Profit While lurking in hacking forums, we came across a post for this new ransomware service. RaaS services are now switching from a one-time fee or subscription payment model to a commission based strategy. One advantage of this scheme is that the up front price for the ransomware is free, and any profits realized... | |||
|
2017-03-01 10:37:38 | Managed Security Service Providers, Choosing the Right Security Vendor (lien direct) | Fortinet covers critical aspects of an MSSP's business model like no other security manufacturer-offering the best in multi- tenancy, the most hardware flexibility, the highest performance through hardware acceleration, and the lowest total cost of ownership of any security vendor. | |||
|
2017-02-27 08:55:47 | Five Areas for Cybersecurity Innovation in 2017 (lien direct) | The world never stands still. In the technology space, this means that constant innovation and discovery is the key to a solution provider's survival and growth. In the cybersecurity arena, this creed is even more vital. Many hackers are brilliant people. There's only one way to get the better of them – be even more brilliant. And faster and more creative. Which is why R&D is crucial in the security technology business. Cybersecurity solution providers must deliver open, integrated security and networking technologies... | |||
|
2017-02-27 08:54:12 | You don\'t need to break my heart... (lien direct) | X-ray image of installed pacemaker showing wire routing - Image from Wikipedia A few days ago, journalists reported a man had been charged with arson using data retrieved from his own pacemaker (see here). One article showed a "funny" image of a man's chest with stitches to insert or access the pacemaker. This, and the comments, led me to some research on pacemakers. No, you don't need to open the patient to retrieve data from the pacemaker Pacemakers transmit data over radio frequencies. They typically use the 402-405... | |||
|
2017-02-24 08:10:15 | FortiClient Scores High in the Latest Advanced Endpoint Protection Report from NSS Labs (lien direct) | As part of this commitment to third-party testing, Fortinet recently participated in the NSS Labs 2017 Advanced Endpoint Protection (AEP) test by submitting our FortiClient solution for public analysis. And on February 14th, 2017, NSS published their test results. | |||
|
2017-02-23 13:21:15 | How Advanced Threat Protection Can Help Protect Financial Data (lien direct) | Technology integration in the financial services industry has opened opportunities that could only be dreamed of a few decades back. Around the turn of the millennium, we began seeing banks set up websites for internet-based banking, and about a decade later, mobile banking customers began tapping their smartphones to make payments at retail stores. Inside the walls of financial institutions themselves, employees are leveraging technology such as email and mobile devices to streamline processes and provide a better overall customer experience. Industry... | |||
|
2017-02-23 08:41:17 | Q&A: Securing IoT in the World of Healthcare (lien direct) | According to IBM's 2016 Cyber Security Intelligence Index report, cyber criminals attacked healthcare more than any other industry last year, with more than 100 million healthcare records being compromised. As the use of IoT devices continues to grow in hospitals, we talked to Roger Bailey about the risks, and how to secure these increasingly distributed healthcare environments. Q&A with Roger Bailey, Sales Engineer at Fortinet How is IoT growing in the world of healthcare? There are two sides to IoT in hospitals – the customer... | |||
|
2017-02-23 08:37:16 | Did you order those iTunes movies? Nope, it\'s just phishing for Canadian Apple users (lien direct) | Over the weekend, we encountered an interesting variation of a phishing email targeting Apple users. The email contained an alleged receipt for five movies purchased from the iTunes Store that was so detailed that the user who received it, and who knows better, still almost fell for the scam. Figure 1. Phishing Apple email Similar cases were reported in 2015 by users in the UK and Australia, except in those cases the fake receipt contained songs and books, respectively. Last year, similar emails targeting users in the US were also reported,... | |||
|
2017-02-22 16:58:28 | Keep Your Account Safe by Avoiding Dyzap Malware (lien direct) | Introduction Dyzap belongs to a family of malware designed to steal confidential information from enormous target applications by installing a “man in the browser†attack into common browsers. FortiGuard Researchers recently discovered a new variant of this Trojan virus. Stolen information may include, but is not limited to, system information and application credentials stored on infected systems. In this blog, we will explain how the malware steals user accounts, acts as a keylogger, and communicates with its C&C server. Stealing... | |||
|
2017-02-22 16:57:16 | Healthcare Digital Transformation & HIMSS17 (lien direct) | Healthcare systems spanning the globe are recognizing the potential of digital technologies and looking to leverage them to develop new business models, new revenue streams, and a better customer experience across the industry.  When speaking about “digital†technologies impacting the industry in 2017, we at Fortinet are focused on four principal technologies that are most responsible for change:  Cloud IoT Ubiquitous Broadband Data Analytics  We recently sat down at HIMSS17 in Orlando,... | |||
|
2017-02-21 15:55:32 | Looking Back at Fortinet\'s Security Research and Vulnerability Discoveries (lien direct) | In an effort to provide more proactive protections in Fortinet products and to more effectively identify and defeat network threats, the Fortinet security research team works on discovering potential threats in popular products. As a result, over the past year we have discovered 84 vulnerabilities that have been reported to their respective vendors as part of our responsible vulnerability disclosure process. Fortinet protections against these discoveries were released to Fortinet products at the same time these vulnerabilities were reported to their... | |||
|
2017-02-21 08:49:01 | FortiGuard Labs - Global Healthcare Threat Telemetry for Q4 2016 (lien direct) | This Global Healthcare Threat Telemetry report examines the threat landscape of the global healthcare industry in Q4 2016. It is based on threat telemetry obtained by FortiGuard Labs' research group from sensors located at 454 healthcare companies located in 50 countries around the globe. FortiGuard Labs, and its more than 200 researchers and analysts located around the world, logs over 400,000 hours of threat research every year by monitoring and analyzing threat telemetry gathered from over two million sensors. The resulting threat intelligence... | |||
|
2017-02-20 21:32:15 | Infographic: Protecting Patient Data in Today\'s Digital World (lien direct) | The healthcare industry continues to ride the digital wave to improve patient care and organizational efficiency in addition to reducing costs. Hospitals and health systems are relying on electronic health records (EHRs), the cloud, and the Internet of Things (IoT) more than ever. While these technologies are convenient, efficient, and enable a higher degree of patient-centric care, they can be jeopardized by cybercriminals. Stolen patient data can easily be sold on the dark web to criminals looking to extort money, commit identify fraud, spearphish,... | |||
|
2017-02-19 21:23:12 | Fortinet Security Researcher Discovers Multiple Critical Vulnerabilities in Adobe Flash Player (lien direct) | I discovered and reported multiple critical zero-day vulnerabilities in Adobe Flash Player last November. This Tuesday, Adobe released a security patch which fixed them. | ★★ | ||
|
2017-02-16 20:24:59 | RSA 2017 Roundup (lien direct) | RSA 2017 is a wrap. The final sessions are being recorded, the coat check area is filled with luggage, and the smell of propane is filling the show floors as forklifts begin to deliver packing crates to this year's crop of security vendors. As expected, the hottest security topics and offerings were related to IoT and the cloud. Threat intelligence and SOCs were also top of mind as companies try to get a handle on the deluge of data and devices flooding their networks. In spite of the veneer of innovation, however, for far too many vendors... | |||
|
2017-02-16 18:32:03 | Ransomware-as-a-Service: Rampant in the Underground Black Market (lien direct) | Given the popularity and success of ransomware, it is no surprise that malware authors have been developing more ransomware than ever before. Last year's cost of ransomware attacks reached $1 billion, which not only shows how this affects businesses, but for cybercriminals the potential pay-out for cyber-extortion can be very lucrative. The rise of ransomware infections may also be attributed to the attractiveness growing availability of Ransomware-as-a-Service (Raas). Ransomware authors posts are now developing user-friendly... | |||
|
2017-02-16 17:55:21 | PHPMailer Powered – Use It, But Also Remember to Update It (lien direct) | At the end of last year, a critical vulnerability in PHPMailer that affected millions of websites – CVE-2016-10033 - was discovered by Polish security researcher Dawid. This vulnerability allows an attacker to compromise the target's web application by executing remote code on the vulnerable web server. There are numerous open source web applications that use PHPMailer as their main library for sending emails, including WordPress, Joomla, Yii, SugarCRM… More than a month after PHPMailer released a patch for this critical... | |||
|
2017-02-15 09:16:00 | The Challenge of Securing IoT (lien direct) | By now, everyone has heard the numbers. IoT is part of a networking revolution that is transforming the world. Experts predict that by 2020 there will be over 33 billion IoT devices deployed, or 4.3 Internet-connected devices for every man, woman, and child on the planet. Of course, IoT is more than just one thing. There are a variety of IoT devices and categories, each with their own implications. Consumer IoT includes the connected devices we are most familiar with, such as smart cars, phones, watches, laptops, connected appliances, and... | |||
|
2017-02-14 21:35:02 | REMCOS: A New RAT In The Wild (lien direct) | Remcos is another RAT (Remote Administration Tool) that was first discovered being sold in hacking forums in the second half of 2016. Since then, it has been updated with more features, and just recently, we've seen its payload being distributed in the wild for the first time. This article demonstrates how this commercialized RAT is being used in an attack, and what its latest version (v1.7.3) is capable of doing. Remcos is currently being sold from $58 to $389, depending on the license period and the maximum number of masters or clients... | |||
|
2017-02-13 20:18:43 | Fortinet Hits the Road with IDC and VMware to Help Enterprises with Agile Cloud Security
 (lien direct) | Fortinet, VMware, and International Data Corporation (IDC) are hitting the road with the Agile Cloud Security series of events across EMEA, with the aim of increasing awareness of the security challenges digital transformation and cloud present, along with the solutions available to address these challenges.  From February to June, this road show will visit seven countries across the Middle East, Europe, and Africa. | |||
|
2017-02-13 07:53:27 | Effectively Using Threat Intelligence (lien direct) | If we want to get ahead of cybercrime, we must share information. A collection of companies working together to collect and share intelligence will always have better visibility into the threat landscape than one organization on its own. Seeing new threats as soon as they emerge increases our ability to respond and protect valuable resources. There is a lot of raw data for organizations to use, from both global sources and within their own networks. Unfortunately, most security infrastructures were not designed to effectively consume, correlate,... | |||
|
2017-02-10 17:47:47 | Information Sharing in Cybersecurity Today Q&A with Derek Manky (lien direct) | Information sharing continues to be a topic that remains timely and vital in global cybersecurity. As an industry, it is well understood that turning the tide on cybercrime requires actionable information sharing across networks, borders, and vendors. Fortinet's Derek Manky offers some perspective ahead of RSA 2017 in San Francisco. Why is information sharing so important today? Sharing information proactively across all verticals and public or private organizations is essential moving forward. Organizations continue to struggle against... | |||
|
2017-02-09 09:49:47 | (Déjà vu) Byline: Solving IoT Security - Pursuing Distributed Security Enforcement (lien direct) | For many of us in the Security Industry, the possibility of using Internet of Things (IoT) devices as a launchpad for an attack has been mostly theoretical. However, information obtained after the massive distributed denial-of-service (DDoS) attack against the services offered by DYN.com appears to show that the threat is real and immediate. The definition of IoT is often a little vague. Generally speaking, I consider any device with an IP address associated with it to be some sort of an IoT device, though not all of them are problems. The ones... | |||
|
2017-02-08 08:27:19 | Fortinet at RSA 2017 (lien direct) | We are proud to be a Gold Sponsor at this year's RSA event. We are located at Booth# 3627 in the North Hall. This year we will have an in-booth theater featuring Fortinet experts presenting on such topics as enterprise FW, cloud security, FortiGuard, Advanced Threat Protection, and our Security Operations Center solution. The theater will also feature presentations from a number of our Fabric-Ready Partners showcasing the unique interoperability, scope, and flexibility of the Fortinet Security Fabric. | |||
|
2017-02-07 11:53:16 | Cloud is the New Normal: The Challenge of Securing Workloads in the Cloud – Are You Ready? (lien direct) | Microsoft Ignite – Australia – Gold Coast Convention and Exhibition February 14-17th https://msftignite.com.au/ Is cloud the new normal for your enterprise? Are you moving more and more applications into the cloud? Have you asked yourself how you are securing your data in this new world of cloud? Scalability and flexibility are the key drivers of Cloud networking and computing. With more and more business transitioning to public cloud environments, the cloud is becoming an increasingly attractive target for hackers... | |||
|
2017-02-06 15:07:32 | Byline: Protecting Connected Cars (lien direct) | I recently bought a new car with all the bells and whistles. It warns me if I stray out of my lane. It warns me if there is a car in my blind spot. It has adaptive cruise control that slows down if a car pulls in front of me. When I back up, it alerts me of cross traffic, even pedestrians and dogs. It monitors road conditions and automatically enables all-wheel drive if roads are wet or conditions are cold or icy. And that's just the start. It has collision detection, and automatic braking, and a fully connected entertainment and communications... | |||
|
2017-02-06 13:36:10 | The Analysis of ISC BIND Response Authority Section RRSIG Missing DoS (CVE-2016-9444) (lien direct) | Domain Name System Security Extensions (DNSSEC) secures the Domain Name System (DNS), right? Yes, but that's not the whole story. DNSSEC can also introduce troubles into your DNS server. Recently, a BIND bug caused by a missing RRSIG record, which is a part of DNSSEC, was fixed by a patch from the Internet Systems Consortium (ISC). This bug affects all versions of BIND recursive servers, and can cause a denial of service (DoS.) This potential DoS vulnerability is caused by a RUNTIME CHECK error in Resolver.c when handling the DNS... | |||
|
2017-02-06 13:34:17 | Watch Out For Fake Online Gaming Sites And Their Malicious Executables (lien direct) | Every year during holiday seasons, the number of phishing websites increases. This is particularly true for online gaming distribution platforms. In some cases, users not only have their login credentials stolen, but they also end up downloading and executing malicious executables. As expected, the more popular a platform is, the more targeted it will be, which is why this research blog focuses on two malware samples obtained from fake Origin and Steam websites. Figure 1. Fake Origin phishing website Origin Malware Sample In addition... | |||
|
2017-02-06 09:45:43 | Q&A: Predicted Threats to the Healthcare Industry in 2017 (lien direct) | Fortinet recently sat down with Derek Manky, Global Security Strategist at Fortinet, to learn about the biggest cybersecurity threats to healthcare in 2017. | |||
|
2017-02-03 08:30:59 | Fortinet\'s Partnership with the NHS Alliance in the UK – a Q&A (lien direct) | At a time when the UK's National Health Service (NHS) faces increasing cyber threats, Fortinet has partnered with the new NHS Alliance to help raise awareness of these threats and better protect our health service moving forwards. Launched in 1948, the NHS has provided free health care, at the point of need, to residents of England, Northern Ireland, Scotland, and Wales for more than 65 years. Over the years, the NHS has faced many challenges and adversities, with cyber crime being one of the latest and most topical. Like most healthcare... | |||
|
2017-02-02 01:53:09 | A Closer Look at Sage 2.0 Ransomware along with Wise Mitigations (lien direct) | Sage 2.0 is the new kid on an already crowded block of ransomware, demanding hefty ransom of 2.22188 bitcoins (roughly 2000 USD) per infection. We have recently begun seeing this malware being distributed by the same malicious spam campaigns that serve better-known ransomware families, such as Cerber and Locky. In this article we will take a closer look at some notable characteristics of this new threat, and provide some simple ways to mitigate it. Spam Campaign Sage ransomware has been seen spreading through the usual spam email channels... | |||
|
2017-02-01 16:59:45 | Ransomware And The Boot Process (lien direct) | Since its discovery in early 2016, we have tracked a number variations of Petya, a ransomware variant famous for multi-stage encryption that not only locks your computer, but also overwrites the Master Boot Record. Petya continues to persist, and in this blog we will take a deeper look at its more complex second stage of attack. Petya overwrites the Master Boot Record (MBR), along with its neighboring sectors using its boot code and a small kernel code. The MBR contains the master boot code, the partition table,... | |||
|
2017-01-31 07:23:06 | Innovation Insights: Defining and Securing IoT (lien direct) | Sometimes it's helpful to characterize the IoT with some more precision; I like to place them in three categories. The first, Consumer IoT, which includes the connected devices we are most familiar with, such as smart phones, watches, and connected appliances and entertainment systems. The other two, Commercial IoT and Industrial IoT, are made up of things many of us never see. Commercial IoT includes things like inventory controls, device trackers, and connected medical devices, and the Industrial IoT covers... | |||
|
2017-01-30 18:58:30 | Saudi Organizations Targeted by Resurfaced Shamoon Disk-Wiping Malware (lien direct) | FortiGuard is currently investigating a new wave of attacks targeting kingdom of Saudi Arabia organizations that use an updated version of the Shamoon malware (also known as DistTrack.) We described this malware in detail a few months ago in a previous article. The key features of that version remain the same, yet some voluntary changes are taking place: Images used. Shamoon still overwrites files with an image of the drowned Syrian toddler Alan Kurdi, but this time the picture size is different. In November 2016 it was using a picture... | |||
|
2017-01-30 08:54:25 | Not Concerned About Web Application Attacks in Financial Services? Well, You Should Be (lien direct) | IT teams in the financial services industry have historically invested in, and deployed, web application firewalls (WAFs) to comply with Payment Card Industry Data Security Standards (PCI DSS). However, many of today's data security professionals recognize that unprotected web applications have become attractive targets for cybercriminals looking for easy entry points into their networks. In fact, according to recent data, 83 percent of enterprise IT executives believe application security is critical to their IT strategy. Additionally,... | |||
|
2017-01-27 12:29:28 | CISO Customer Panel - Accelerate 2017 (lien direct) | I recently wrote about the general sessions held on the first day of Fortinet's Accelerate 2017. There was so much great information presented that I couldn't do justice to it in the general overview I posted of the morning's events. So I wanted to take a few minutes and provide some deeper information around one of the best sessions of the day – the customer panel. | |||
|
2017-01-27 09:47:24 | Multiple XSS Vulnerabilities Discovered In IBM Infosphere BigInsights (lien direct) | Summary Last year, I discovered and reported two Cross-Site Scripting (XSS) vulnerabilities in IBM's Infosphere BigInsights. This week, IBM released a security bulletin which contains the fix for these vulnerabilities. CVE numbers CVE-2016-2924 and CVE-2016-2992 are assigned to them respectively. InfoSphere BigInsights is an analytics platform for analyzing massive volumes of unconventional data in its native format. The software enables advanced analysis and modeling of diverse data, and supports structured, semi-structured, and unstructured... | |||
|
2017-01-27 08:58:22 | Fortinet at HIMSS 2017: Two Sessions to Attend (lien direct) | HIMSS 2017 will be held in Orlando from February 19-23. Read this post to learn about Fortinet's involvement in the convention. | |||
|
2017-01-26 11:17:31 | Deep Analysis of Android Rootnik Malware Using Advanced Anti-Debug and Anti-Hook, Part II: Analysis of The Scope of Java (lien direct) | Deep Analysis of Android Rootnik Malware Using Advanced Anti-Debug and Anti-Hook, Part II: Analysis of The Scope of Java By Kai Lu  In part I of this blog, we have finished the analysis of native layer and gotten the decrypted secondary dex file. Next, we continue to analysis it. For the sake of continuity, we keep continuous section number and figure number with part I of the blog.   The secondary dex file The following is the decrypted file, which is a jar format file. It is loaded... | |||
|
2017-01-26 10:41:31 | Deep Analysis of Android Rootnik Malware Using Advanced Anti-Debug and Anti-Hook, Part I: Debugging in The Scope of Native Layer (lien direct) | Recently, we found a new Android rootnik malware which uses open-sourced Android root exploit tools and the MTK root scheme from the dashi root tool to gain root access on an Android device. The malware disguises itself as a file helper app and then uses very advanced anti-debug and anti-hook techniques to prevent it from being reverse engineered. It also uses a multidex scheme to load a secondary dex file. After successfully gaining root privileges on the device, the rootnik malware can perform several malicious behaviors, including app and ad... |
To see everything:
Our RSS (filtrered)
