What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-02-13 20:18:43 | Fortinet Hits the Road with IDC and VMware to Help Enterprises with Agile Cloud Security
 (lien direct) | Fortinet, VMware, and International Data Corporation (IDC) are hitting the road with the Agile Cloud Security series of events across EMEA, with the aim of increasing awareness of the security challenges digital transformation and cloud present, along with the solutions available to address these challenges.  From February to June, this road show will visit seven countries across the Middle East, Europe, and Africa. | |||
|
2017-02-13 07:53:27 | Effectively Using Threat Intelligence (lien direct) | If we want to get ahead of cybercrime, we must share information. A collection of companies working together to collect and share intelligence will always have better visibility into the threat landscape than one organization on its own. Seeing new threats as soon as they emerge increases our ability to respond and protect valuable resources. There is a lot of raw data for organizations to use, from both global sources and within their own networks. Unfortunately, most security infrastructures were not designed to effectively consume, correlate,... | |||
|
2017-02-10 17:47:47 | Information Sharing in Cybersecurity Today Q&A with Derek Manky (lien direct) | Information sharing continues to be a topic that remains timely and vital in global cybersecurity. As an industry, it is well understood that turning the tide on cybercrime requires actionable information sharing across networks, borders, and vendors. Fortinet's Derek Manky offers some perspective ahead of RSA 2017 in San Francisco. Why is information sharing so important today? Sharing information proactively across all verticals and public or private organizations is essential moving forward. Organizations continue to struggle against... | |||
|
2017-02-09 09:49:47 | (Déjà vu) Byline: Solving IoT Security - Pursuing Distributed Security Enforcement (lien direct) | For many of us in the Security Industry, the possibility of using Internet of Things (IoT) devices as a launchpad for an attack has been mostly theoretical. However, information obtained after the massive distributed denial-of-service (DDoS) attack against the services offered by DYN.com appears to show that the threat is real and immediate. The definition of IoT is often a little vague. Generally speaking, I consider any device with an IP address associated with it to be some sort of an IoT device, though not all of them are problems. The ones... | |||
|
2017-02-08 08:27:19 | Fortinet at RSA 2017 (lien direct) | We are proud to be a Gold Sponsor at this year's RSA event. We are located at Booth# 3627 in the North Hall. This year we will have an in-booth theater featuring Fortinet experts presenting on such topics as enterprise FW, cloud security, FortiGuard, Advanced Threat Protection, and our Security Operations Center solution. The theater will also feature presentations from a number of our Fabric-Ready Partners showcasing the unique interoperability, scope, and flexibility of the Fortinet Security Fabric. | |||
|
2017-02-07 11:53:16 | Cloud is the New Normal: The Challenge of Securing Workloads in the Cloud – Are You Ready? (lien direct) | Microsoft Ignite – Australia – Gold Coast Convention and Exhibition February 14-17th https://msftignite.com.au/ Is cloud the new normal for your enterprise? Are you moving more and more applications into the cloud? Have you asked yourself how you are securing your data in this new world of cloud? Scalability and flexibility are the key drivers of Cloud networking and computing. With more and more business transitioning to public cloud environments, the cloud is becoming an increasingly attractive target for hackers... | |||
|
2017-02-06 15:07:32 | Byline: Protecting Connected Cars (lien direct) | I recently bought a new car with all the bells and whistles. It warns me if I stray out of my lane. It warns me if there is a car in my blind spot. It has adaptive cruise control that slows down if a car pulls in front of me. When I back up, it alerts me of cross traffic, even pedestrians and dogs. It monitors road conditions and automatically enables all-wheel drive if roads are wet or conditions are cold or icy. And that's just the start. It has collision detection, and automatic braking, and a fully connected entertainment and communications... | |||
|
2017-02-06 13:36:10 | The Analysis of ISC BIND Response Authority Section RRSIG Missing DoS (CVE-2016-9444) (lien direct) | Domain Name System Security Extensions (DNSSEC) secures the Domain Name System (DNS), right? Yes, but that's not the whole story. DNSSEC can also introduce troubles into your DNS server. Recently, a BIND bug caused by a missing RRSIG record, which is a part of DNSSEC, was fixed by a patch from the Internet Systems Consortium (ISC). This bug affects all versions of BIND recursive servers, and can cause a denial of service (DoS.) This potential DoS vulnerability is caused by a RUNTIME CHECK error in Resolver.c when handling the DNS... | |||
|
2017-02-06 13:34:17 | Watch Out For Fake Online Gaming Sites And Their Malicious Executables (lien direct) | Every year during holiday seasons, the number of phishing websites increases. This is particularly true for online gaming distribution platforms. In some cases, users not only have their login credentials stolen, but they also end up downloading and executing malicious executables. As expected, the more popular a platform is, the more targeted it will be, which is why this research blog focuses on two malware samples obtained from fake Origin and Steam websites. Figure 1. Fake Origin phishing website Origin Malware Sample In addition... | |||
|
2017-02-06 09:45:43 | Q&A: Predicted Threats to the Healthcare Industry in 2017 (lien direct) | Fortinet recently sat down with Derek Manky, Global Security Strategist at Fortinet, to learn about the biggest cybersecurity threats to healthcare in 2017. | |||
|
2017-02-03 08:30:59 | Fortinet\'s Partnership with the NHS Alliance in the UK – a Q&A (lien direct) | At a time when the UK's National Health Service (NHS) faces increasing cyber threats, Fortinet has partnered with the new NHS Alliance to help raise awareness of these threats and better protect our health service moving forwards. Launched in 1948, the NHS has provided free health care, at the point of need, to residents of England, Northern Ireland, Scotland, and Wales for more than 65 years. Over the years, the NHS has faced many challenges and adversities, with cyber crime being one of the latest and most topical. Like most healthcare... | |||
|
2017-02-02 01:53:09 | A Closer Look at Sage 2.0 Ransomware along with Wise Mitigations (lien direct) | Sage 2.0 is the new kid on an already crowded block of ransomware, demanding hefty ransom of 2.22188 bitcoins (roughly 2000 USD) per infection. We have recently begun seeing this malware being distributed by the same malicious spam campaigns that serve better-known ransomware families, such as Cerber and Locky. In this article we will take a closer look at some notable characteristics of this new threat, and provide some simple ways to mitigate it. Spam Campaign Sage ransomware has been seen spreading through the usual spam email channels... | |||
|
2017-02-01 16:59:45 | Ransomware And The Boot Process (lien direct) | Since its discovery in early 2016, we have tracked a number variations of Petya, a ransomware variant famous for multi-stage encryption that not only locks your computer, but also overwrites the Master Boot Record. Petya continues to persist, and in this blog we will take a deeper look at its more complex second stage of attack. Petya overwrites the Master Boot Record (MBR), along with its neighboring sectors using its boot code and a small kernel code. The MBR contains the master boot code, the partition table,... | |||
|
2017-01-31 07:23:06 | Innovation Insights: Defining and Securing IoT (lien direct) | Sometimes it's helpful to characterize the IoT with some more precision; I like to place them in three categories. The first, Consumer IoT, which includes the connected devices we are most familiar with, such as smart phones, watches, and connected appliances and entertainment systems. The other two, Commercial IoT and Industrial IoT, are made up of things many of us never see. Commercial IoT includes things like inventory controls, device trackers, and connected medical devices, and the Industrial IoT covers... | |||
|
2017-01-30 18:58:30 | Saudi Organizations Targeted by Resurfaced Shamoon Disk-Wiping Malware (lien direct) | FortiGuard is currently investigating a new wave of attacks targeting kingdom of Saudi Arabia organizations that use an updated version of the Shamoon malware (also known as DistTrack.) We described this malware in detail a few months ago in a previous article. The key features of that version remain the same, yet some voluntary changes are taking place: Images used. Shamoon still overwrites files with an image of the drowned Syrian toddler Alan Kurdi, but this time the picture size is different. In November 2016 it was using a picture... | |||
|
2017-01-30 08:54:25 | Not Concerned About Web Application Attacks in Financial Services? Well, You Should Be (lien direct) | IT teams in the financial services industry have historically invested in, and deployed, web application firewalls (WAFs) to comply with Payment Card Industry Data Security Standards (PCI DSS). However, many of today's data security professionals recognize that unprotected web applications have become attractive targets for cybercriminals looking for easy entry points into their networks. In fact, according to recent data, 83 percent of enterprise IT executives believe application security is critical to their IT strategy. Additionally,... | |||
|
2017-01-27 12:29:28 | CISO Customer Panel - Accelerate 2017 (lien direct) | I recently wrote about the general sessions held on the first day of Fortinet's Accelerate 2017. There was so much great information presented that I couldn't do justice to it in the general overview I posted of the morning's events. So I wanted to take a few minutes and provide some deeper information around one of the best sessions of the day – the customer panel. | |||
|
2017-01-27 09:47:24 | Multiple XSS Vulnerabilities Discovered In IBM Infosphere BigInsights (lien direct) | Summary Last year, I discovered and reported two Cross-Site Scripting (XSS) vulnerabilities in IBM's Infosphere BigInsights. This week, IBM released a security bulletin which contains the fix for these vulnerabilities. CVE numbers CVE-2016-2924 and CVE-2016-2992 are assigned to them respectively. InfoSphere BigInsights is an analytics platform for analyzing massive volumes of unconventional data in its native format. The software enables advanced analysis and modeling of diverse data, and supports structured, semi-structured, and unstructured... | |||
|
2017-01-27 08:58:22 | Fortinet at HIMSS 2017: Two Sessions to Attend (lien direct) | HIMSS 2017 will be held in Orlando from February 19-23. Read this post to learn about Fortinet's involvement in the convention. | |||
|
2017-01-26 11:17:31 | Deep Analysis of Android Rootnik Malware Using Advanced Anti-Debug and Anti-Hook, Part II: Analysis of The Scope of Java (lien direct) | Deep Analysis of Android Rootnik Malware Using Advanced Anti-Debug and Anti-Hook, Part II: Analysis of The Scope of Java By Kai Lu  In part I of this blog, we have finished the analysis of native layer and gotten the decrypted secondary dex file. Next, we continue to analysis it. For the sake of continuity, we keep continuous section number and figure number with part I of the blog.   The secondary dex file The following is the decrypted file, which is a jar format file. It is loaded... | |||
|
2017-01-26 10:41:31 | Deep Analysis of Android Rootnik Malware Using Advanced Anti-Debug and Anti-Hook, Part I: Debugging in The Scope of Native Layer (lien direct) | Recently, we found a new Android rootnik malware which uses open-sourced Android root exploit tools and the MTK root scheme from the dashi root tool to gain root access on an Android device. The malware disguises itself as a file helper app and then uses very advanced anti-debug and anti-hook techniques to prevent it from being reverse engineered. It also uses a multidex scheme to load a secondary dex file. After successfully gaining root privileges on the device, the rootnik malware can perform several malicious behaviors, including app and ad... | |||
|
2017-01-26 10:21:07 | 2017 Cybersecurity Predictions for Financial Services: What to Watch For (lien direct) | As technology within the financial services industry continues to evolve, so too does the threat landscape. Fortinet offers cybersecurity predictions for 2017. | |||
|
2017-01-25 09:49:32 | The Analysis of ISC BIND NSEC Record Handling DoS (CVE-2016-9147) (lien direct) | The latest patch for BIND from the Internet Systems Consortium (ISC) fixes a NESC record-related bug. Remote BIND recursive servers may crash when attempting to handle the specifically-crafted query response with NESC record sent by attackers, thereby causing a denial of service (DoS). This potential DoS vulnerability is caused by a RUNTIME CHECK error in Resolver.c when caching the DNS response with NSEC Record. In this post we will examine the BIND source codes and expose the root cause of this vulnerability. The NSEC record (record type... | |||
|
2017-01-23 08:13:52 | The Move to Consolidation and Integration: Simplifying Security in Financial Services (lien direct) | In meeting with large financial institutions, the single biggest thing we keep hearing about is the need to simplify and consolidate their security infrastructure. As Financial Services has evolved from person-to-person transactions to a fully digital business model, the industry's networks have evolved as well, become increasingly complex and more difficult to defend. During this evolution, as new threats have emerged, financial organizations have gone out and purchased a host of different security products, often from different vendors,... | |||
|
2017-01-20 10:04:06 | Linux Gafgyt.B!tr Exploits Netcore Vulnerability (lien direct) | Over the past few months we have seen a lot of malware activity around the Netcore vulnerability, so we decided to take closer look at its exploitation. The following screen shot shows attack traffic captured through Wireshark. Figure 1 Figure 2 shows a quick enumeration of the sample. (There are different versions of the sample for several architectures. We chose to analyze the MIPS one) Figure 2 My analysis shows that this sample is a variant of the Gafgyt family, with some changes which I will discuss in detail later in this... | |||
|
2017-01-18 09:39:55 | Analysis of ISC BIND TKEY Query Response Handling DoS (CVE-2016-9131) (lien direct) | Another TKEY record-related bug in BIND has been fixed with a patch from the Internet Systems Consortium (ISC) that was released just after the New Year. This bug may take down BIND recursive servers by sending a simple query response with TKEY record, thereby causing a denial of service (DoS). This potential DoS vulnerability is caused by an assertion failure in Resolver.c when caching the DNS response with TKEY Record. In this post we will analyze the BIND source codes and expose the root cause of this vulnerability. The TKEY record... | |||
|
2017-01-17 15:01:48 | Fortinet Security Researcher Discovers Two Critical Vulnerabilities in Adobe Flash Player (lien direct) | Fortinet security researcher Kai Lu discovered and reported two critical zero-day vulnerabilities in Adobe Flash Player in November 2016. Adobe identified them as CVE-2017-2926 and CVE-2017-2927 and released a patch to fix them on January 10, 2017. Here is a brief summary of each of these detected vulnerabilities. CVE-2017-2926 This is a memory corruption vulnerability found in Flash Player's engine when processing MP4 files. Specifically, the vulnerability is caused by a MP4 file with a crafted sample size in the MP4 atom... | |||
|
2017-01-16 16:06:46 | Android Locker Malware uses Google Cloud Messaging Service (lien direct) | Last month, we found a new android locker malware that launches ransomware, displays a locker screen on the device, and extorts the user to submit their bankcard info to unblock the device. The interesting twist on this ransomware variant is that it leverages the Google Cloud Messaging (GCM) platform, a push notification service for sending messages to registered clients, as part of its C2 infrastructure. It also uses AES encryption in the communication between the infected device and the C2 server. In this blog we provide a detailed analysis... | |||
|
2017-01-16 11:09:11 | Accelerate 2017 Update General Sessions Overview – Day Two (lien direct) | The second day of Accelerate continued to raise the bar on both content and vision. Here is a quick overview of the general sessions: Opportunities – Phil Quade, Fortinet CISO Phil Quade recently joined Fortinet after three decades of service in the intelligence community, where he most recently served as the head of the Cyber Task Force at the National Security Agency. After examining key trends in the growth of cyber technologies, Phil provided the Accelerate audience with a unique view into where the accelerating transformation of... | |||
|
2017-01-12 09:13:31 | Recognizing Fortinet\'s Partner of the Year Winners (lien direct) | Fortinet just announced the winners of their annual Partner of the Year awards. 2016 continued Fortinet's growth in both revenue and market share, and saw us capture the attention of the security market with our debut of the Fortinet Security Fabric. Our thousands of dedicated partners, who work tirelessly to provide security solutions and services to their customers, has fueled this success. Which is why each year we take the opportunity to thank our entire partner community at our Accelerate conference, and to single out a handful of... | ★★ | ||
|
2017-01-11 09:08:09 | Accelerate 2017 Update General Sessions Overview – Day One (lien direct) | If anyone was unsure of Fortinet's vision for the future of the digital world, or the impact they plan to have on the cybersecurity industry, the first day of Accelerate 2017 left no doubt in anyone's mind. Network Security Evolution– Ken Xie, Fortinet Founder and CEO The morning kicked off with the primary Keynote from Ken Xie, founder and CEO of Fortinet. He started by walking everyone through the transformation of the Internet and networking over the past 40 years, and drove home a couple of critical points: 1. The... | |||
|
2017-01-10 11:57:49 | Innovation Insights: Protecting A Hyperconnected World (lien direct) | People, things, and ideas, connected together by IoT and the cloud, are driving the new digital economy. This new hyperconnected world is not only changing how companies do business, but also how people work, live, and learn. It is changing the world at an unprecedented rate. What does this hyperconnected world look like? It is estimated that by 2020 we will have deployed over 50 billion networked devices and over 20 billion connected IoT endpoints. That is about 4.3 connected devices for every person on the planet. And each of these devices... | |||
|
2017-01-10 07:12:49 | Extending the Security Fabric: FortiOS 5.6 and Intent-Based Network Security (lien direct) | The financial potential of the new digital economy is driving the rapid evolution of today's networks. For decades, the substructure of the network remained relatively unchanged: data traffic was routed from point A to point B over a predictable array of devices, cables, and ports using well established protocols and commands. Over the past couple of years, however, things have begun to change dramatically. Virtualization, Software Defined Networks (SDN), and the cloud have fundamentally changed where data is stored and how it is accessed.... | |||
|
2017-01-10 07:09:44 | Extending the Security Fabric: Refining the Security Operations Center (lien direct) | Monitoring, managing, and protecting the formless scope and scale of today's highly distributed and dynamically changing digital enterprise network is a daunting task for IT and Security Operations Teams. The proliferation of IoT and mobile devices, the convergence of IT and OT, and adoption of cloud-based networking and services is making detection and response to threats increasingly difficult, if not impossible with today's tools. When the network around you is constantly adapting to shifting demands, how do you effectively track... | |||
|
2017-01-08 07:45:54 | Welcome to Accelerate 2017 (lien direct) | Happy New Year! And for those of you heading to Las Vegas, welcome to Accelerate 2017! Every year Fortinet brings together thought leaders, technical experts, and IT professionals to share and learn the latest in network security technology. We're looking forward to welcoming over 1500 partners, users, Fortinet experts, and executives to the Accelerate conference. And for the first time, Fortinet end users have been invited to participate in this annual event. Accelerate always provides a unique opportunity to gain hands-on technical... | Guideline | ||
|
2017-01-06 10:54:59 | The Role of Endpoint Security in Today\'s Healthcare IT Environment (lien direct) | The shift towards deploying and managing a more patient-friendly healthcare environment that includes the myriad of devices being accessed by patients and employees can be very challenging, especially when it comes to endpoint security. | |||
|
2017-01-05 13:12:04 | Analysis of PHPMailer Remote Code Execution Vulnerability (CVE-2016-10033 (lien direct) | PHP is an open source, general-purpose scripting language used for web development that can also be embedded into HTML. It has over 9 million users, and is used by many popular tools, such as WordPress, Drupal, Joomla!, and so on. This week, a high-level security update was released to fix a remote code execution vulnerability (CVE-2016-10033) in PHPMailer, which is an open source PHP library for sending emails from PHP websites. This critical vulnerability is caused by class.phpmailer.php incorrectly processing user requests. As a result, remote... | |||
|
2017-01-05 08:09:42 | IoT is the Weakest Link for Attacking the Cloud (lien direct) | The cloud has seen immense growth over the last couple of years. But the security risks that arise from such a profound change are not to be taken lightly. | |||
|
2017-01-04 07:54:51 | A Multitude of IoT Operating Systems Is Bad News for the Safety of the Internet (lien direct) | Unfortunately, many IoT devices are headless, meaning that they literally cannot be patched, so other security measures will have to be developed. Until then, the Internet will face the havoc resulting from IoT-based shadownets for hire, and major DDoS attacks and Cybersecurity wars will be launched by exploiting IoT vulnerabilities. | |||
|
2017-01-03 10:56:20 | A Guide to Security for Today\'s Cloud Environment (lien direct) | Enterprises have rapidly incorporated cloud computing over the last decade, and that trend only seems to be accelerating. Private cloud infrastructure, including virtualization and software-defined networking (SDN), is in the process of transforming on-premise data centers, which host the majority of enterprise server workloads around the world. Enterprises are also embracing public clouds at an unprecedented rate, with most connecting back to on-premise environments to create a true hybrid cloud environment. For all their advantages, these accelerated... | |||
|
2016-12-29 10:56:58 | The Evolution of the Financial Services CIO Since Y2K (lien direct) | The role of the chief information officer (CIO) has undergone substantial changes in less than two decades, progressing from a rare position within an organization to the heart of the executive boardroom. The pace at which technology has evolved has driven much of this growth, and today's financial organizations now lean on their CIO to keep data safe while also keeping pace with industry advances. Let's take a look back at the evolution of security within the financial services CIO's role and some of changes that have brought... | |||
|
2016-12-28 08:07:34 | (Déjà vu) Byline: Is it Finally Time for Open Security? (lien direct) | One of the distinct advantages of working in the IT industry for over 35 years is all of the direct and indirect experience that brings, as well as the hindsight that comes with that. One of the more personally interesting experiences for me has been watching the growth and ultimate success of the Open Source Software (OSS) movement from a fringe effort (what business would ever run on OSS?) to what has now become a significant component behind the overall success of the Internet. I was initially reminded of the significance of the Open Source... | |||
|
2016-12-27 10:17:59 | Byline: Meeting The Challenge of Securing the Cloud (lien direct) | What if the data and security elements across an organization's various cloud environments were well integrated, cohesive and coherent, like a seamlessly woven fabric? Such an approach would allow companies to see, control, integrate and manage the security of their data across the hybrid cloud, thereby enabling them to take better advantage of the economics and elasticity provided by a highly distributed cloud environment. | |||
|
2016-12-22 09:31:16 | Byline: Four Things To Look For When Choosing A Financial Services Cloud Security Provider (lien direct) | Financial services organizations are shifting applications to the cloud, seeking the efficiencies and cost reductions this move holds. However, with cybercriminals eager to get their hands on financial data, security is paramount – making it more important than ever to vet cloud security providers. | |||
|
2016-12-21 10:45:46 | Byline: 4 Key Areas to Consider When Solving the Cybersecurity Talent Gap (lien direct) | Attack methods and breaching techniques are constantly evolving. Which means that finding the elusive talent to overcome present challenges is only part of the solution. Sure, we know the tried and true breach methods. But what about the attacks we don't yet know? If the method is unknown, then so is the required response. The talent shortfall, therefore, is about much more than just a limited technical pool. | |||
|
2016-12-20 09:09:30 | Making Smart Cities Safe (lien direct) | For years now, we've been hearing about “smart cities.†Cities with the ability to leverage innovative technology, and automation to optimize resources and improve services for their citizens, with the ultimate goal of making our lives better. These smart cities are no longer a distant dream of the future – they are happening now. Unfortunately, without sufficient cybersecurity, their ultra-connected nature can make these dream cities a nightmare, as the recent hack of San Francisco's Municipal Transportation Agency... | |||
|
2016-12-19 09:23:47 | Protect Your Patients with Internal Segmentation Firewalls (lien direct) | Read this post to learn more about internal segmentation firewalls and how they assist the healthcare industry in keeping patient data safe. Â This new reality is largely responsible for driving the development of a new class of security tools, known as internal segmentation firewalls (ISFWs.) ISFWs extend the functionality... | |||
|
2016-12-16 09:58:47 | WooCommerce Tax Rates Cross-Site Scripting Vulnerability (lien direct) | WooCommerce is a free eCommerce plugin for WordPress. It has been downloaded over 1 million times and over 30% of all online stores are now powered by WooCommerce. I recently discovered that WooCommerce is vulnerable to a cross-site scripting (XSS) attack. This XSS vulnerability is caused because the WooCommerce tax rates setting incorrectly processes user-supplied data. Remote attackers are tricking WooCommerce administrators into uploading a malicious CSV file that claims to provide required tax rate data for a particular country or region.. | |||
|
2016-12-16 09:54:02 | Malicious Macro Bypasses UAC to Elevate Privilege for Fareit Malware (lien direct) | To survive, Macro downloaders have to constantly develop new techniques for evading sandbox environments and anti-virus applications. Recently, Fortinet spotted a malicious document macro designed to bypass Microsoft Windows' UAC security and execute Fareit, an information stealing malware, with high system privilege. SPAM This malicious document is distributed by a SPAM email. As part of its social engineering strategy, it is presented in the context of someone being interested in a product. Fig.1 SPAM with the malicious... | |||
|
2016-12-15 08:23:29 | Public and Private Cloud Adoption - What Financial Services Need to Know (lien direct) | Read this post to learn about the benefits and challenges, as well as ways financial organizations can keep their operations secure in the cloud. |
To see everything:
Our RSS (filtrered)
