What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-08-31 08:54:48 | Fake-Game: The Emergence of a Phishing-as-a-Service Platform (lien direct) | Malware-as-a-Service (MaaS) business models continue to thrive in the cyber underground. It has allowed cyber crooks to generate renewable income through renting malware rather than selling their tool for a one-time payment. As a result, the business model has been adopted in various underground commodities such as exploit kits and remote access trojans. Recently, we saw the emergence of Ransomware-as-a-Service (RaaS) platforms. During our monitoring, we discovered that this same business model is also being used in phishing schemes in the form... | |||
|
2016-08-30 08:05:01 | Q&A: Protecting Businesses while Migrating to Clouds and Software-Defined Data Centers with Fortinet (lien direct) | As businesses require more speed and flexibility in delivering applications and services, cloud computing has emerged as the model best aligned to meet the needs of many organizations. Data centers especially are evolving rapidly into both private and public clouds, along with customer demands for fast and secure cloud infrastructure and services. Fortinet’s Warren Wu shares more perspective on the intersection of cloud computing and security technology. At a high level can you talk about the intersection of cloud and security today? Over... | ★★★ | ||
|
2016-08-29 11:01:38 | German Speakers Targeted by SPAM Leading to Ozone RAT (lien direct) | Remote Administration Tools (RAT) have been around for a long time. They provide users and administrators with the convenience of being able to take full control of their systems without needing to be physically in front of a device. In this age of global operations, that's a huge deal. From troubleshooting machines across countries to observing employees across rooms, RAT solutions have become widely used tools for remote maintenance and monitoring. Unfortunately, malware authors often utilize these same capabilities to compromise systems.... | |||
|
2016-08-29 10:26:42 | The Best of Both Worlds - How Fortinet is Securing Your Data Center (lien direct) | With each passing day, enterprise networks are evolving. It started with the advent of virtualization, when companies realized that they don't need a single server per application. Ever since, there has been a consistent march towards the purely virtual data center. While networks are evolving, so are the threats they face on a day-to-day basis. Building a defense using a perimeter firewall is as futile as defending a castle today using a moat. While it can prevent the causal hacker or trespasser, it does little to nothing to protect against... | |||
|
2016-08-29 06:09:09 | Filling IoT Connectivity and Security Gaps (lien direct) | We've all heard about the growing proliferation of IoT devices. They are a critical component of the new digital economy, collecting and sharing information about a myriad of things - from smart appliances, irrigation systems, and shipping containers, to wireless energy meters, and mobile healthcare devices. The information they collect allows for more efficient inventory and manufacturing management, and can be mined for competitive advantages for everything like knowing that you need to immediately produce more green, left-handed widgets,... | |||
|
2016-08-26 22:14:06 | FortiGuard Threat Intelligence Roundup (lien direct) | For those of you who don't know, Fortinet publishes a threat intelligence roundup every Friday, the Fortinet Threat Intelligence Brief, that reviews new threats and trends. It is a treasure trove of analysis and information that ought to be part of your regimen every Friday. This week is no exception. Here are a couple of teasers and takeaways: 1. Ransomware isn't going away any time soon. Every time organizations think they have a handle on this, ransomware developers come up with a new variant designed to evade detection.... | |||
|
2016-08-25 07:00:54 | Q&A: Fortinet Advances Virtual Security Controls for VMware Integrated OpenStack (lien direct) | Fortinet is once again excited to be at VMworld 2016 next week. At our booth we will be showing off new integration with VMware Integrated OpenStack. Fortinet's Warren Wu shares more detail on the significance of this and our ongoing integration with VMware. Can you talk about Fortinet's latest tech advancements with VMware? What is new? To further demonstrate Fortinet's commitment to help organizations securely benefit from the agility, scale and cost efficiencies of the cloud, Fortinet is announcing that it is the... | |||
|
2016-08-24 08:29:21 | Pokémon Go Accounts Targeted by Bogus Pokémon Go Bot (lien direct) | Pokémon Go’s rapid rise in popularity has attracted cybercriminals to leverage its hype for their malicious intents. So far, we have seen backdoored Pokémon Go apps, lockscreen apps, scareware apps, SMS spam,s as well as Windows ransomware. This time we have seen a new attack that takes aim at Pokémon Go users themselves, in the form of a fake Windows-based Pokémon Go Bot. A Pokémon Go Bot is an application that works as a fake Pokémon trainer in order to level up a user’s account without... | |||
|
2016-08-23 09:36:15 | The First Step Towards Change is Awareness. The Second is Acting on it. (lien direct) | In our everyday lives we all seem to be continually looking for knowledge or information to help improve a situation, or at least make sure we don't end up in a bad one. Let's take for example, traffic. If we live or work in a crowded city with lots of traffic, we are always looking to understand where the traffic jams and accidents are, and discover where the best routes are before we drive home from work so we can avoid getting stuck in traffic. This behavior seems second nature to us. Most of the time, we do it without... | ★★ | ||
|
2016-08-22 09:11:47 | CryptXXX Ransomware Emerges For a Slice of the Pie (lien direct) | CryptXXX Ransomware Emerges For a Slice of the Pie  Donna Wang, He Xu - Advanced Research Team, Fortinet Canada August, 17th, 2016   Introduction Recently, a new variant of the ransomware family named CryptXXX has begun circulating around the web. Fortiguard Research Lab has discovered several new variants during the life of this family of attacks. In this blog we will discuss a particular variant, which arrived in the form of an executable (.exe), as opposed to previous variants that were based around dynamic-link... | |||
|
2016-08-22 09:04:10 | Looking Back at our 2016 Predictions (lien direct) | Last year, Fortinet's FortiGuard Labs team made a series of predictions about cyberthreats in 2016. We are now halfway through the year, and thought this might be a good time to give an update on what we have seen so far for some of these predictions.  Prediction #1: The Rise of Machine-to-Machine Attacks The Threat: The exponential increase of unmanaged, “headless devices†driven by the Internet of Things will make these types of devices a tempting target for hackers looking to secure a beachhead into more traditional... | |||
|
2016-08-17 22:45:09 | Deep Analysis of CVE-2016-3820 - Remote Code Execution Vulnerability in Android Mediaserver (lien direct) | Google patched some Android security vulnerabilities in early August. One of them was a remote code execution vulnerability in Mediaserver (CVE-2016-3820), which was discovered by me. This vulnerability could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue was rated as Critical by Google due to the possibility of remote code execution within the context of the Mediaserver process. The Mediaserver process has access to audio and video streams, as well as access to privileges... | |||
|
2016-08-17 06:55:22 | Q&A with Andy Travers on the Unique Security Requirements of Government Agencies (lien direct) | The Government of Canada selected Fortinet to secure its IT infrastructure. Fortinet's Andy Travers shares some perspective on the unique security requirements of government agencies.  Fortinet has a longstanding history of working with the Canadian market. What is unique about Fortinet's approach that has made it become a security partner of choice for businesses and agencies across the country? First of all, Fortinet has a proud Canadian heritage. Significant elements of our product development, our... | Heritage | ||
|
2016-08-17 00:27:33 | Root Cause Analysis of Windows Kernel UAF Vulnerability lead to CVE-2016-3310 (lien direct) | Â In the first quarter of 2016, we realized that there were tons of windows kernel use-after-free (UAF) vulnerability patches in Microsoft bulletins where most of the vulnerabilities came from Google Project Zero, which is favourable to us because we can easily access those proof-of-concepts (POC). While doing a root cause analysis of one of the UAF vulnerabilities stated in CVE-2015-6100, we discovered that there is an alternative way to trigger the same UAF vulnerability, even after the specified patch has been applied due to weak security... | |||
|
2016-08-16 20:55:18 | JBifrost: Yet Another Incarnation of the Adwind RAT (lien direct) | The Adwind Remote Access Trojan (RAT) is a popular Java-based backdoor capable of infecting Windows, Linux, Mac OS and Android operating systems. Its cross-platform nature, elaborate backdoor features, and relatively cheap price makes it a favourite choice for many cybercriminals today. Earlier this year, it was reported that Adwind was used in at least 443,000 attacks. Adwind has rebranded itself multiple times in the past, using the names “Frutas,†“AlienSpy,†and “Unrecom,†to name a few. The most recent... | |||
|
2016-08-16 20:45:43 | Black Hat US 2016 Wraps Up (lien direct) | Black Hat US 2016 Wraps Up   Once again, Black Hat US 2016 was held in Las Vegas in the huge Mandalay Bay resort conference center. This is the biggest Black Hat event of the year, and for sure the largest computer security conference as well. In fact, this year it broke its attendance record as its largest USA show in Black Hat's 19-year history. To give you a better picture, we are talking about more than 15,000 of the most security savvy professionals gathering from all over the world. I spent some time wandering... | |||
|
2016-08-15 13:52:50 | FortiHypervisor: Another Fortinet Innovation Milestone (lien direct) | Most organizations face challenges with deploying new networking services on traditional CPE. They need to adapt quickly to changing business conditions, but their CPE infrastructure gets in the way of quickly deploying or customizing a service.  The impact to business is real. For one, it takes too long to deploy new services. Traditional on-premises equipment is function-specific, resulting in multiple boxes being deployed for multiple services. You need to add a new service? This requires a new box,... | |||
|
2016-08-11 12:35:46 | Four Things to Look for When Evaluating a Financial Services Security Vendor (lien direct) | The need for cybersecurity vendors in the financial services marketplace has amplified as the threats have increased exponentially due to IOT, BYOD, and state-sponsored cyberterrorism, to name just a few factors. When looking for proof of the financial sector's concern with security, we need to look no further than a recent meeting the Treasury Department held to discuss the current threats presented by the cyberthreat landscape. As a result of the damage that can be done due to data breaches in financial services, many organizations... | |||
|
2016-08-11 09:37:21 | Pokémon Go Plus Preview (Through Reverse Engineering) (lien direct) | While inspecting the Pokémon Go application, I incidentally found information on ... http://www.pokemongo.com/en-us/pokemon-go-plus/[Pokémon Go Plus]. Basically, this is the Pokémon IoT: a connected wristband with a button (to throw a pokéball, for instance), a RGB LED, and vibration capability (e.g to notify of nearby Pokémon).The device is not yet released, and the software is still under development: as you can see below, versions 0.29.x corresponds to "BETA4".Implementation in version... | |||
|
2016-08-11 09:36:13 | Risks - or not - BehindPokémon Go (lien direct) | At FortiGuard, we wouldn't let you down without an analysis of Pokémon Go. Is it safe to install? Can you go and hunt for Pokémon, or stay by a pokestop longing for pokeballs? While this article won't assist you in game strategy, I'll give you my first impressions analyzing the game.VersionsThere are two sorts of Pokémon applications:1. The official versions, issued by Niantic.We will talk more about these later, but in brief, they are not malicious.2. The hacked versions. These are... | |||
|
2016-08-10 09:33:55 | Analysis of PHP's CVE-2016-6289 and CVE-2016-6297 (lien direct) | PHP is a programming language that was created in 1995 by Rasmus Lerdorf. And according to W3Techs, it's dynamically generating content on more than 82% of all websites worldwide. That means hundreds of millions of web servers are vulnerable to the flaws we are describing below.Last month, FortiGuard discovered two security issues in PHP's core (CVE-2016-6189) and in PHP's zip (CVE-2016-6197). These issues affect both the current PHP version 5 and its upcoming version 7. These bugs are located in different part of the code,... | |||
|
2016-08-09 13:27:58 | Fortinet Signs Important Cybersecurity Information Sharing Agreement with KISA (lien direct) | Fortinet's Derek Manky offers some perspective on Fortinet's most recent cooperative information sharing agreement and what this means for the future of global cyber threat intelligence. What did Fortinet announce with KISA today?Fortinet took another important step in an effort to bolster the future of cybersecurity. We signed an agreement with KISA to formalize cybersecurity information sharing, in particular on cyber threats. This partnership is an excellent example of a call to action for intelligence collaboration... | |||
|
2016-08-05 09:14:03 | Black Hat Las Vegas 2016 Observations: The Security Conundrum (lien direct) | On Wednesday, Dan Kaminsky delivered the opening keynote address at Black Hat. His talk was entitled, “The Hidden Architecture of our Time: “Why This Internet Worked, How We Could Lose It, and the Role Hackers Play,” and detailed the challenges and risks of the Internet, and what vendors need to do to fix it.Central to his presentation was a discussion of his new hardened browser, IronFrame, and a new firewall technology called Autoclave. Both are built on the premise of hardening and isolating environments in order to reduce... | |||
|
2016-08-04 11:08:28 | New Era in Anti-Virus Detection Evasions (lien direct) | In the last couple of months, we wrote about the discoveries we found in Dridex, the long-lived banking Trojan that is still quite active in-the-wild. In the blog post, TL;DR, we mentioned the Trojan has equipped with new module that could be used to evade one of the anti-virus products, however, the affected vendor has now released a fix, so we decided to share the details. In this post, we will briefly discuss some of the novel techniques used by the Trojan to evade detection by anti-virus.The Evolution of Anti-Virus Detection EvasionsI’m... | |||
|
2016-08-02 16:19:17 | Q&A: Today\'s Cyber Threat Landscape – 3rd Party Testing and Sandboxes (lien direct) | Sandbox technology and the ongoing effort to defend and protect against cyber threats continues. Independent testing offers organizations valuable insight into what solutions are best for their use case. Below we discuss this maturing technology and the role of testing with Fortinet's David Finger.I saw the announcement from NSS Labs about their recent Breach Detection Group Test results. What is the significance?Cyberattacks and breaches continue to be top of mind across organizations, and because of that, sandbox technology (or Breach... | |||
|
2016-08-01 21:48:31 | Fortinet FortiGuard Labs Cites Increased Cyber Threat Activity in Brazil Deserving Special Attention in Coming Weeks (lien direct) | Fortinet's FortiGuard Labs cybersecurity threat report takes a look at the nature of attacks – how attackers get in, how they manage to persist inside networks, what they want, and who they are. It also provides insight into three key areas of concern that our FortiGuard Labs team has identified, and they bear reviewing here.2016 Rio Olympics:Cyberattacks during the Olympic games are not new. We have seen a spike of attacks focused on the Olympics – including targeting vendors and spectators – beginning as far back as the... | |||
|
2016-07-29 15:36:31 | Q&A: Helping Combat Cybercrime with Information Sharing Cooperation: Fortinet and INTERPOL (lien direct) | Cybercrime has no borders and the best way to combat the creativity and negative impact of adversaries is partnership based on actionable intelligence from wide and diverse sources. Derek Manky, Global Security Strategist at Fortinet, talks about the successful information cooperation between Fortinet and INTERPOL and also his thoughts on the importance of cybersecurity information sharing in general today.What did Fortinet announce today?Essentially our threat data helped the authorities effectively catch a global cyber criminal gang. What... | |||
|
2016-07-28 11:05:32 | RIoT Control – What Are the “Things” in the IoT? (lien direct) | This is the second in a series of blogs written as a companion to my forthcoming book, RIoT Control – Understanding and Managing Risk and the Internet of ThingsWhat Are the “Things” in The Internet of Things?User-based devices that communicate, consume content, and create and publish content for other people to consume have dominated our current version of the Internet. The developing Internet of Things is about to change that. While it will include the “old” Internet of user-based devices, it is very different... | |||
|
2016-07-27 08:32:29 | Bayrob - An Ancient Evil Awakens II (lien direct) | Bayrob - An Ancient Evil Awakens IIIn the previous Bayrob blog, we described some of its interesting local features, such as code obfuscation and data encryption, which exist in most Bayrob variants from early versions to the latest ones we found. As you may already know know, early variants of Bayrob mainly perform “clicker” jobs. These jobs drive illegitimate traffic to websites so that they can earn money through Pay per Click or perform DDOS attacks. Compared to that, this latest Bayrob variant is much more dangerous, as it collects... | |||
|
2016-07-26 06:56:57 | Introducing the World\'s Fastest and Most Secure Distributed Enterprise Firewall (lien direct) | Distributed enterprises are undergoing a dramatic change, driven by the adoption of mobility, direct Internet access, public cloud applications, and the Internet of Things (IoT). This has resulted in an exponential increase in devices, users, bandwidth, and transactions flooding their networks through the cloud applications. At the same time, the... | |||
|
2016-07-25 10:22:04 | Insights on TorrentLocker (lien direct) | SummaryDuring the last weeks there have been several cases of international brand names being used by malware authors to propagate malware through phishing emails. These emails contain misleading links that download malicious Zip files, which, in turn, contain a JavaScript file that downloads the TorrentLocker ransomware. The malicious files have been detected as JS/Agent.2867!tr or JS/Nemucod.AFA!tr.dldr or JS/Nemucod.AFE!tr.dldr by the Fortinet Antivirus service.Since most of the available reports about this threat cover the encryption... | Guideline | ||
|
2016-07-21 08:12:32 | A Peek into BlackMoon\'s Sustained Attacks against South Korea (lien direct) | A few months ago, we talked about a malicious campaign that targets South Korean users in the form of malware known as BlackMoon. BlackMoon is a banking Trojan that installs a proxy auto-config file (PAC) on an infected system in order to redirect users’ browsers to phishing pages related to South Korean banks.Back then, we noticed an open directory in the C&C that revealed over 100,000 victims. Given this impact, we decided to dig further in order to understand better the scale of this attack. Mainly, we wanted to know if the statistics... | |||
|
2016-07-20 09:52:44 | (Déjà vu) Analysis of CVE-2016-4203 - Adobe Acrobat and Reader CoolType Handling Heap Overflow Vulnerability (lien direct) | SummaryRecently, Adobe patched some security vulnerabilities in Adobe Acrobat and Reader. One of them is a heap buffer overflow vulnerability (CVE-2016-4203) I recently discovered. In this blog, we want to share our analysis of this vulnerability.Proof of ConceptThis vulnerability can be reproduced by opening the PoC file “poc_minimized.pdf” with Adobe Reader DC. When opened, AcroRd32.exe crashes, and the crash information is shown below:(8de0.6bc4): Access violation - code c0000005 (first chance)First chance exceptions... | |||
|
2016-07-15 10:02:30 | Finding the Right Balance Between Security and Patient Care (lien direct) | This is a guest post from Erik Devine, CISO, Riverside Healthcare.Healthcare security requires a delicate balance: IT must secure sensitive patient information across numerous devices, but without compromising the user experience. As soon as care is compromised, any given security program has failed.At Riverside Healthcare, a comprehensive hospital and wellness campus, we understand how difficult it is to maintain that balance. That’s why our preferred approach is to stay in the background – doing our due diligence on the security... | ★★★★ | ||
|
2016-07-14 08:15:35 | Fortinet Network Security Academy Series: Perspectives on Addressing Cybersecurity Skills Gap from Educational Leaders: Interview with Opo Herrera, Associate Director for Social Ventures & Innovation at Per Scholas (lien direct) | Interview with Opo Herrera, Associate Director for Social Ventures & Innovation at Per Scholas Tell us a bit about Per Scholas and the type of courses that drive the greatest student engagement? Per Scholas is a national nonprofit that provides rigorous and tuition-free technology training and professional development to people who are unemployed or in low-wage jobs. We help people launch successful and life-changing careers in technology by creating onramps to businesses in need of their talents. Today, we provide our solutions... | |||
|
2016-07-11 10:01:57 | Hide and Seek Game with Cyperine Author (lien direct) | Cyperine is a VB .NET info stealing malware advertised in hacking forums to retrieve information from victims and sends it to whichever email is entered in the builder. Cyperine version 1.0 was first released in December 2014, and on June 14, 2016 version 2.0 was released. It steals SSFN steam’s authentication files, stored passwords from browsers, Login Users, and software product keys installed in the victim’s computer.Figure 01. Cyperine builder The seller also provides a skype account for convenient means of... | |||
|
2016-07-08 08:16:59 | Healthcare Networks Under Hack Attack (lien direct) | Whatever terminology you want to use for the hacking community – bad actors, cybercriminals, thorns in our side – the fact is that they are more sophisticated now than ever. And diligent.Recent years have seen both the proliferation of and gradual sophistication in their methods. They know that medical records are extremely valuable, and that the healthcare industry remains remarkably vulnerable. But where other sectors, such as financial services, have made substantial investments in security, healthcare still lags behind.The... | |||
|
2016-07-07 08:04:54 | Expert Q&A: A Discussion on Encryption (lien direct) | Q&A on Encryption with Aamir LakhaniEncryption remains a hotly debated topic of discussion in cybersecurity. Fortinet’s Aamir Lakhani offers some perspective on what customers think about encryption today and going forward.Why is encryption currently such a hot topic?Privacy is a major concern right now. The Edward Snowden leaks in 2013 made people more aware than ever about their lack of privacy. They have also raised such questions as: Do we have a fundamental right to privacy? How far do we protect privacy? In the past,... | |||
|
2016-07-05 08:39:39 | Fortinet Network Security Academy Series: Perspectives on Addressing Cybersecurity Skills Gap from Educational Leaders (lien direct) | Interview with Rima Aristocrat, President and CEO of Willis CollegeQ: Tell us a bit about Willis College and the type of courses that drive the greatest student engagement?A: Established in 1866, Willis College is Canada’s first regulated Career College. This year, Willis College is celebrating 150 years of excellence in education, an outstanding example of the strength and agility of career colleges in Canada. With over 150,000 graduates and an exceptional faculty, Willis College is proud to be a pipeline for producing some... | |||
|
2016-06-30 08:30:51 | Wrapping Financial Services in a Security Blanket: How the Fortinet Security Fabric enhances the security of Financial Services organizations. (lien direct) | The Enterprise security market has grown extremely complicated over the past decade. This complexity is being compounded as the business of Financial Services moves from person-to-person transactions to automated high-speed machine-to-machine operations and workflows. We originally designed security systems that protect people from other people – vaults, teller cages, guards, armored cars, alarms, and security cameras. These tools allowed us to trust people as business partners. This has all changed. Financial Services is moving to... | |||
|
2016-06-29 12:42:37 | Cybersecurity and Popular Events: What You Should Know (lien direct) | Literally every industry is under cyberattack these days. With summer coming and popular events such as the Olympics, world tennis, and other high profile events scheduled, Fortinet’s Dan Cole offers some perspective on how to keep critical infrastructure safe while balancing high demands and increased user traffic.An interview with Fortinet’s Dan ColeWhat sorts of special security challenges do teams or events arenas face that are unique to them apart from what more traditional businesses may face?I would say that, unlike... | |||
|
2016-06-28 14:36:18 | Navigating the Grey Space of Cloud to Secure Your Enterprise (lien direct) | Managing network connections to hybrid cloud environments is a complex task- notwithstanding the sea of confusion over the hybrid cloud's true definition. Paramount to the problem is securely optimizing transport and managing compute resources in geographically dispersed locations to ensure optimal application delivery and performance.While the industry debates the definition of "hybrid cloud,” IT organizations live in a world of “grey space” between dedicated, private architectures and “cloud” promises. ... | |||
|
2016-06-28 09:00:15 | (Déjà vu) Q&A: How Secure Are Your Company\'s Applications? (lien direct) | Security vendors have been touting the advantages of next-generation firewalls (NGFW) that provide application inspection for several years now. As application traffic became more prevalent, criminals found that hiding malware inside application traffic was an excellent way to bypass traditional security.They still do. But now, application traffic is ubiquitous. The number of devices on our networks is growing exponentially, along with the volume of application and transactional traffic. While much of it is still passing through the traditional... | |||
|
2016-06-27 12:17:26 | Using Context to Predict the Future (lien direct) | The vast majority of security strategies are reactive. The goal is to close the gap between the time to compromise and time to discover. According to the 2016 DBIR report, this compromise time is minutes for a majority (over 80%) of breaches. Solving this problem is complicated because threats are always changing. They have increased in frequency and volume, and they are becoming increasingly sophisticated.This is due, in part, to the dramatic expansion of the available attack surface that cybercriminals can target. Networks are adding end user... | |||
|
2016-06-24 10:03:15 | In Healthcare, Data Security Can Be Difficult (lien direct) | This is a guest post from Erik Devine, CISO, Riverside Healthcare.In a complex healthcare system, ensuring data security can be difficult. Today, the threats are numerous and always evolving.From our vantage point at Riverside Healthcare, a 325-bed acute hospital with connected senior care centers and a wellness center, security presents a lot of moving parts. It's difficult to identify our vulnerabilities, much less address them.That's where a partner like Fortinet becomes so crucial. Fortinet understands that healthcare... | |||
|
2016-06-24 09:56:59 | Industries Perspectives: Global Financial Services – Security is Top of Mind (lien direct) | As cyber-attacks continue to challenge the financial industry, security remains the top priority for financial services in an ever-evolving landscape of threats. Last month, Options - a leading provider of financial technology managed services, IT infrastructure, and cybersecurity - sponsored the SALT Conference, which featured cybersecurity and regulation high on the agenda throughout the week. Speaking at the conference, Admiral James Stavridis, (NATO's 16th Supreme Allied Commander Europe & 15th Commander of the U.S. European... | Guideline | ||
|
2016-06-23 19:44:54 | Annual FiRST Conference Wrap-up (lien direct) | The 28th FiRST security event was held in “the land of morning calm's” capital, Seoul this past June 12-17, 2016. This is the yearly conference for all CERT and CSIRT teams to gather to share ideas and feedback of their work.This year the FiRST event again successfully brought together the best speakers to discuss such issues as threat actor hunting, threat intelligence sharing, and incident response.While we can't review all of the talks here, we will go over some that the Fortinet team in attendance found to be... | |||
|
2016-06-23 10:05:38 | Industries Perspective: Should the Internet be Treated Like Water – as a Utility? (lien direct) | Internet use is ubiquitous in the age of IoT. The role of and access to the Internet in our lives is top of mind. Tyson Macaulay shares some thoughts given the recent government ruling around net neutrality.Q: The government's recent ruling on net neutrality affirms that broadband Internet should be treated as a utility, not a luxury. What does this mean for the regulations that will be put on web users and access to online content?The intent is that large media players and service providers cannot buy a competitive advantage from... | |||
|
2016-06-22 08:39:35 | (Déjà vu) How Secure is Your Company\'s Financial Data? (lien direct) | Businesses today face an ever-evolving threatscape with growing pressure to rethink security strategies for long-term sustainability. As a result, corporate finance teams are more actively partnering with IT to ensure the organization’s security strategies protect critical financial data. Fortinet’s Araldo Menegon discusses the issues and trends affecting corporate finance teams today.Q&A with Araldo Menegon, Global Managing Director Financial Services at FortinetIsn’t security managed by corporate IT? Why do finance... | |||
|
2016-06-21 09:32:34 | Securing Critical Infrastructures (lien direct) | A couple of months ago I was discussing data center security with a panel of IT managers from critical infrastructure providers. One representative from a major energy provider said that he had no intention of segmenting his network. When I asked him how he monitors his network looking for attacks that have breached his perimeter, he told me, “That's the FBI's job.”I wish I could say this was unusual.Historically, the security strategy of many critical infrastructure companies was to simply not connect them to the... |
To see everything:
Our RSS (filtrered)
