What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-08-18 13:00:00 | Gartner Peer Insights for Enterprise Firewalls: See What Healthcare Leaders Are Saying About Fortinet (lien direct) | The healthcare industry requires technology that can keep pace with the speed at which medicine is evolving in order to provide patients with the best possible care. Additionally, this technology must meet HIPAA compliance standards to secure protected health information (PHI) from the growing number cyberattacks targeting the healthcare industry. This comes at a time when more devices than ever are accessing healthcare providers' networks, including the proliferation of connected medical devices in the Internet of Medical Things (IoMT), and... | |||
|
2017-08-18 12:58:00 | The Role of E-Rate in Protecting the Digital K-12 Learning Environment (lien direct) | The K-12 learning environment has moved beyond the physical walls of the classroom thanks to behavioral shifts and digital connectivity. However, robust and speedy network services that are designed to keep student and faculty data secure come with a price tag. The cost of ongoing connectivity and keeping networks secure is a constant barrier for most school districts, but thankfully, the E-rate program gives them an opportunity to do just that. Take a look at the graphic below to see how the classroom environment has evolved, the threats... | |||
|
2017-08-17 21:37:00 | Locky Launches a More Massive Spam Campaign with New “Lukitus†Variant (lien direct) | It has just been a week since the variation of Locky named Diablo6 appeared. Now it has launched another campaign more massive than the previous. This time, it uses “.lukitusâ€, which means “locking†in Finnish, as the extension for the encrypted files. The FortiGuard Lion Team was the first to discover this variant with the help of Fortinet's advanced  Kadena Threat Intelligence System [1](KTIS) Fig. 1 Encrypted files with .lukitus extension Fig. 2 Familiar Locky ransom note Same Locky, More Spam This... | |||
|
2017-08-17 13:00:00 | Analyzing Android malware using a FortiSandbox (lien direct) | In this blog post we will analyze a couple of Android malware samples in the Android VM of the FortiSandbox. We'll also share a few interesting and useful tricks. Running a sample in the VM To run a given sample in the Android VM, you should log into the FortiSandbox, make sure an Android VM is available, and then "Scan Input" / Submit a New File. Next, if the objective is to run the malware in the sandbox, you must make sure to skip "static scan," "AV scan," and "Cloud Query"... | |||
|
2017-08-16 12:55:00 | Securing Critical Infrastructure Takes a Village…and Automation (lien direct) | Malicious cyber activity targeted at the nation's critical infrastructure – including water systems, transportation, energy, finance, and emergency services – are particularly worrisome because the interruption of those services can have devastating effects on our economy, impact the well being of our citizens, and even cause the loss of life. | |||
|
2017-08-15 14:38:00 | FortiManager 5.6: Centralized Control for Today\'s Networks (lien direct) | The Fortinet Security Fabric now allows organizations to deploy security tools across their entire distributed network, including deep into the data center and core and out to remote devices and the cloud, and then tie them together through a common, management strategy. FortiManager 5.6 provides a single pane of glass management dashboard to present consolidated monitors and controls across a wide range of network and endpoint security products, as well as critical network devices, through an intuitive and customizable dashboard. | |||
|
2017-08-15 14:35:00 | A Quick Look at a New KONNI RAT Variant (lien direct) | Â Â Â KONNI is a remote access Trojan (RAT) that was first reported in May of 2017, but is believed to have been in use for over 3 years. As Part of our daily threat monitoring, FortiGuard Labs came across a new variant of the KONNI RAT and decided to take a deeper look. KONNI is known to be distributed via campaigns that are believed to be targeting North Korea. This new variant isn't different from previous variants, as it is dropped by a DOC file containing text that was drawn from a CNN article entitled 12 things... | |||
|
2017-08-15 00:22:00 | Locky Strikes Another Blow, Diablo6 Variant Starts Spreading Through Spam (lien direct) | A few days ago, while scouring through Fortinet's Kadena Threat Intelligence System (KTIS), we found an emerging spam campaign. Initially, it was the scale that caught our attention, and then it got a lot more interesting when the payload was found out to be a new variant of the infamous Locky. | |||
|
2017-08-14 17:00:00 | The Problem With Performance Testing (lien direct) | Performance testing is used throughout our industry. It helps make decisions. It helps build infrastructure. It helps make sales. But where do we get the data for this performance testing? Should we trust it? How can we use it best? | |||
|
2017-08-14 12:58:00 | How the Healthcare Cloud is Revolutionizing Patient Care (lien direct) | There have been countless ideas about how the cloud could transform the healthcare space and patient care. As healthcare cloud adoption has grown, however, the initial focus has largely been on its ability to store massive amounts of data and expedite the exchange of patient health information. These two capabilities have primarily been harnessed through medical research and electronic medical records (EMRs). The big data analysis and storage capacity that cloud computing provides has made new forms of medical research possible, while EMRs have... | |||
|
2017-08-11 12:58:00 | The Primary Factors Driving Cybersecurity Investments in Education (lien direct) | Today’s schools are technology-rich environments. For example, they have long used internal systems to keep and track a variety of records, including the personal data of their students and faculty. Today, however, that tech infrastructure must be optimized to accommodate the shift to a new digital education model. Teachers are increasingly adopting new digital learning tools, with $9 billion being spent on K-12 digital curriculum tools in 2016. While schools often provide some devices for faculty and students, bring your own device (BYOD)... | |||
|
2017-08-10 16:00:00 | Delivering Fortinet Security to AWS GovCloud Customers (lien direct) | Fortinet and Amazon Web Services are committed to delivering world-class security to new AWS GovCloud workloads. With the continuation of our partnership in the new release of AWS GovCloud, we are now able to further protect mission-critical government workloads with six virtual security products optimized for AWS. | |||
|
2017-08-10 12:58:00 | How Your Own People Pose a Threat to Financial Services Cybersecurity (lien direct) | Because financial services organizations are at an inherently greater risk due to the sensitive nature of the data they store, and the often-monetary motivations of cybercriminals, they are keenly aware of the damage that can result from a data breach. Data shows that the financial services sector was the most frequently targeted industry in 2016, with attacks increasing 29 percent year-over-year. In light of these attacks, along with increased government regulations, financial services firms are ramping up their security measures. In fact, a... | |||
|
2017-08-09 15:06:00 | Fireside Chat with Panasonic Avionics: Talking Security for In-flight Infotainment (lien direct) | Fortinet recently talked with Michael Dierickx, director of security engineering and information security officer, about Panasonic Avionics' security priorities and the tools they use to keep customers' information safe on today's connected aircraft. | |||
|
2017-08-08 15:42:00 | Adding Web Application Firewalls to your Security Strategy (lien direct) | We are pleased to announce that our FortiWeb appliance has once again placed in the “Challenger†quadrant in Gartner's recent Magic Quadrant for Web Application Firewalls 2017 report, as well as improving our position up and to the right over 2016. | |||
|
2017-08-08 12:55:00 | Mid-year 2017 Predictions Update (lien direct) | A look back and forward for our 2017 Cybersecurity Predictions. Threats are compounding at digital speeds, while resolutions, like manufacturers building security safeguards into their products, are proceeding at a snail's pace. We need to start building security into tools and systems on day zero. We need alignment on ways to effectively see and combat new cybercrime. And we need to adopt integrated, collaborative, and automated procedures and technologies end to end to help us see and protect resources. | |||
|
2017-08-07 12:52:00 | Tornado warning: Commingling of public and IoT clouds? (lien direct) | Clouds are tricky things. It's hard to tell where the foundations of a cloud reside. You could point at the physical infrastructure. Some of the best side-channel attacks target hardware. There is the operating system that runs everything. And there is the middleware, billing, hypervisors, drivers and web front ends. The potential attack surface of a cloud service provider (CSP) or consumption market platform is gigantic. | |||
|
2017-08-07 12:50:00 | Rise of the funnel cloud: When good clouds go bad (lien direct) | In the simplest terms, the cloud allows users to store and access data and programs on someone else's hardware, usually over the internet, rather than using their local device or network resources. But it is much more than simply offsite storage. It also includes services that allow users to replicate some or all of their local environment, from running applications to designing complex infrastructures. And it needs to be able to scale to lots of users. Simply put, you do not have a “cloud†unless... | ★★★★ | ||
|
2017-08-05 12:20:00 | Analysis of New GlobeImposter Ransomware Variant (lien direct) | Over the past few days, FortiGuard Labs captured a number of JS (JavaScript) scripts. Based on my analysis, they were being used to spread the new GlobeImposter ransomware variants. | |||
|
2017-08-04 18:31:00 | How the World Wide Web Has Revolutionized Key Industries While Creating a Land of Opportunity for Adversaries (lien direct) | On the anniversary of the World Wide Web release to the public this week, we are taking a closer look at how web use has irrevocably changed and modernized some of the key industries shaping our lives today, and what this change means for our global cybersecurity. | |||
|
2017-08-04 12:58:00 | Partnering with an MSSP for a More Secure Digital Business (lien direct) | In just the past few years, network architectures have begun to evolve from traditional, point-to-point connections between controlled network devices to a highly meshed ecosystem of interconnected networks. This hyper-connected architecture of traditional, private, public cloud, and remote networks and devices is being driven by the need to leverage data as both a competitive advantage and a new profit center. It is both supported by and driving the explosive growth of mobile devices, Internet of Things (IoT) and the cloud. Data... | |||
|
2017-08-03 12:55:00 | How Financial Services Network Security Strategies Have Recently Evolved (lien direct) | Network security has become increasingly complicated for financial services providers due to the popularity of the Internet of Things (IoT) and consumer desire to access valuable data on various mobile devices. | |||
|
2017-08-02 12:58:00 | (Déjà vu) Securing the Internet of Medical Things: What to Do Now (lien direct) | Due to the sensitive information housed within medical records (Social Security numbers, addresses, medical claim data etc.), healthcare has always been one of the most frequently targeted industries by cybercriminals. Hackers who successfully steal this data can profit in a big way, as it has high value in the cybercrime black market. As digital capabilities grow within healthcare, so too do the number of vulnerabilities. This upsurge in capabilities and targets can largely be credited to the rise of the Internet of Medical Things (IoMT),... | |||
|
2017-08-01 12:57:00 | FortiCloud Now Manages FortiGate UTM Appliances (lien direct) | We are proud to announce that full cloud-based management is now available for our FortiGate UTM products through the FortiCloud services. We have seen impressive growth in the adoption of our FortiCloud solution over the past several years that has validated the value of a cloud management model for Fortinet customers. FortiCloud started 10 years ago as a cloud-based solution for log storage and analytics. Over the years, we've improved those analytics and added the ability to mass deploy devices (FortiDeploy), independently... | |||
|
2017-07-31 12:58:00 | Bringing Your Cloud Visibility Back Into Focus (lien direct) | Like data center sprawl, virtualization sprawl occurs when the numbers, locations, and functions of virtual machines distributed across a network grow to the point that they can no longer be managed effectively. As organizations continue to move applications and other core workloads into the cloud, virtualization sprawl can give way to “security sprawl†if not architected properly. In order to achieve the scale, elasticity, and efficiency benefits of the cloud, the data and security elements across all environments must be integrated,... | |||
|
2017-07-30 21:00:00 | NSE Experts Academy CTF (lien direct) | At the end of this past June, Fortinet ran the NSE Experts Academy which featured for the first time a Capture The Flag (CTF) session. We welcomed close to 60 participants, and feedback was extremely positive. We congratulate the top 2 winners, with very close scores, teams YouMayNotWannaCry and ACSN. Our CTF had two specifications: While it included challenges on Fortinet products it was not limited to them - this was not a sales session but a technical one! For instance, while we had challenges on FortiSandbox, FortiCam, and FortiGate,... | Wannacry | ||
|
2017-07-28 12:58:00 | How FortiSIEM Works to Keep Schools Safe (lien direct) | Networks used by educational institutions benefit from being open and promoting a limitless flow of information and ideas. However, much like the student-teacher relationship, the user-network relationship is one that must be built on trust. The extent of personal information and intellectual data that is often housed on these networks requires a reliable cyber security platform. That's where FortiSIEM enters the discussion. As an all-in-one platform, FortiSIEM provides networks with the opportunity to rapidly find and fix security threats,... | |||
|
2017-07-27 21:00:00 | For Cybercrime, Innovation is the Land of Opportunity (lien direct) | The first day here at Black Hat is over. On the expo floor, a number of vendors are promoting that they now provide critical threat intelligence along with the other technologies they provide. Of course, in general, this is a good thing. The biggest challenge organizations have historically faced has been a lack of visibility into their networks, especially cloud and virtualized environments. The challenge, however, is how are organizations supposed to consume, correlate, and make use of all of this information? Dozens of intelligence feeds from... | |||
|
2017-07-27 12:58:00 | Thoughts from Black Hat on Threat Intelligence and Automation (lien direct) | The biggest trend in security today seems to be information sharing. Everyone agrees that sharing threat intelligence is key to detecting and stopping attacks. The challenge isn't that there aren't enough sources for threat intelligence, but that there is simply too much information being generated, and that includes far too much redundancy. What we need an ecosystem to vet and process the information first – an information exchange and clearing house – like the cyber threat alliance (CTA) that Fortinet helped establish back... | |||
|
2017-07-26 12:58:00 | Evolving Towards Intent-Based Security (lien direct) | In this second installment, begun with â€The Evolution of the Firewall,†we will take a look at the direction security is headed. From its humble beginnings, the firewall has evolved through several stages of development. Its latest incarnation, built on the legacy of its first two generations, implements the strategic pillars of Segmentation, Access Control, and Real-time analytics/action to realize intent-based network security. The Three Generations of the Firewall With the advantage of looking backwards in time, it's now... | |||
|
2017-07-26 12:58:00 | NSS Labs NGFW Report: Fortinet Receives 4th Consecutive Recommended Rating (lien direct) | One of the biggest security challenges organizations face is sorting through solutions from literally hundreds of vendors in the IT market to find the one that is going to provide them with the best protection at a cost they can afford. Each of these vendors claims to solve critical security issues, and they use volumes of white papers and marketing campaigns to promote their solutions. Of course, proper security is essential. As networks continue to expand and become more complex, organizations are increasingly reliant on effective... | |||
|
2017-07-24 12:58:00 | The Need for Threat Intelligence (lien direct) | These are challenging times for security leaders. Business pressures require faster processing of more data, and support for more devices than ever before. Critical data that used to be housed in a secured datacenter now moves across an increasingly complex ecosystem of networked environments, including IoT, cloud, mobile devices and workers, and virtualized networks. The rate of change in some environments is so rapid that many organizations simply can't keep up. A recent Forrester survey of 342 security leaders found that the largest... | Guideline | ★★★★★ | |
|
2017-07-21 19:06:05 | The Evolution of the Firewall (lien direct) | As the Internet and Digital Economy have grown up, the humble Firewall has continued to serve as their go-to security appliance. In this first of a two-part series, we will examine how, in spite of the evolution of the Firewall through a number of shapes, functions, and roles, it remains the security foundation for implementing the strategic pillars of Segmentation, Access Control, and Real-time analytics/action now and into the future. Change is a fact of life; what doesn't change usually withers and dies. This is true for both the biological... | |||
|
2017-07-20 12:58:00 | Byline: It\'s Time to Get Serious About Web Application Security (lien direct) | As application-focused threats continue to evolve, both in number and sophistication, a single web application security device is typically not enough to defend the entire, distributed network. Instead, organizations need to consider investing in a multi-pronged web application security approach that can tie different devices together, and leverage and share intelligence across a variety of other security and network devices. It's also increasingly important to have a centralized, unified console, such as a FortiWeb Web Application Firewall. | |||
|
2017-07-19 12:58:00 | Why Top Healthcare Institutions are Moving Toward Integrated Security Solutions (lien direct) | According to a report posted by the Office of the National Coordinator for Health Information Technology, 87 percent of office-based physicians had adopted some form of electronic health record (EHR) as of 2015. This is more than double the 42 percent that had done so when data was collected in 2008. Along with an increase in EHR adoption, we have also witnessed a global healthcare revolution in data collection and research. Access to such data improves the care and quality of life of those individuals these institutions serve. The challenge... | |||
|
2017-07-18 12:58:00 | Black Hat Executive Interviews: Q&A with Phil Quade, Fortinet CISO (lien direct) | Q: You joined Fortinet recently after three decades in cybersecurity roles in government, including most recently the NSA. What has that experience taught you about the nature and scope of the threats that organizations face these days? Some people say that street cops and detectives see an especially negative view of humanity, because, more often than not, they are called to assist with an unlawful or sad situation. Similarly, coming from the foreign intelligence business, you get a first-hand view of what foreign adversaries aspire to... | |||
|
2017-07-14 12:58:00 | Securing the Digital World, Part II (lien direct) | Sixteen years ago, Fortinet predicted the emergence of a digital economy where data would be driving business. We understood that this would require scaling the Internet to support hyperconnected network infrastructures. To accomplish this, network infrastructures that hadn't fundamentally changed for decades would have to be radically redesigned. The challenge was that traditional security solutions were never designed to protect this new environment. To meet this challenge, we began engineering security tools around a universal operating... | |||
|
2017-07-14 12:58:00 | Visit Fortinet at Black Hat 2017 (lien direct) | Fortinet is proud to be a Platinum Plus Sponsor at Black Hat's 20th anniversary conference, being held this July 22-27 at the Mandalay Bay Convention Center in Las Vegas, NV. Our booth is #915. This year's booth includes a live theater, and we have lined up great presentations from Fabric-Ready Partners, as well as from some of Fortinet's top solutions experts. The presentation schedule will be posted online before the show, and a schedule will also be available at the booth. In addition, Derek Manky, Fortinet's... | |||
|
2017-07-13 12:58:00 | Byline: Know Your Enemy: Understanding Threat Actors (lien direct) | This is Part II of a series. Read Part I here. Sun Tzu wrote in his famous book, The Art of War, “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.†In my previous article, “Are you Aware of Your Cyber Situation,†I discussed how important it is for you to understand your business as it relates to your digital... | |||
|
2017-07-12 15:50:00 | (Déjà vu) Incomplete Patch: More Joomla! Core XSS Vulnerabilities Are Found (lien direct) | Joomla! is one of the world's most popular content management systems (CMS). It enables users to build Web sites and powerful online applications. More than 3 percent of Web sites are running Joomla!, and it accounts for more than 9 percent of CMS market share. As of July 2017, Joomla! has been downloaded over 82 million times. Over 7,800 free and commercial extensions are available from the official Joomla! Extension Directory, and more are available from other sources. In my last blog, I discovered 2 Cross-Site Scripting (XSS) vulnerabilities... | |||
|
2017-07-12 12:58:00 | Information Governance for Healthcare Institutions (lien direct) | Information governance is nothing new, but for it to be effective, it requires understanding, flexibility, and collaboration between a variety of teams and departments. Fortinet's Susan Biddle offers her insights into the role of information governance in organizational security and how healthcare organizations can adapt. Can solid information governance boost security for an organization? If so, in what ways? Security is all about protecting the critical assets and intellectual property of an organization, while maximizing their value.... | |||
|
2017-07-12 12:58:00 | Securing the Digital World, Part I (lien direct) | Today's digital economy is driving a technology revolution. Networks now include on-demand infrastructure, cloud-based services, software defined perimeters, and the growth of smart devices and IoT. Networks and infrastructures are also increasingly hyperconnected. What's been missing is a security strategy to protect these new environments. The Internet was first begun as a point-to-point networking solution 50 years ago. The first generation of security was connection-oriented because it was primarily a firewall and VPN that... | |||
|
2017-07-12 12:58:00 | Don\'t Take It from Us – FortiGate Enterprise Network Firewall Customer Reviews (lien direct) | Last year, Gartner launched a new website and service called Peer Insights. Its goal is to provide organizations looking at adopting new technologies or solutions with access to the collective knowledge and experience of IT professionals that have already evaluated and adopted similar technology. Their posted reviews offer detailed perspectives and firsthand experience with a wide range of solutions for every phase of the IT lifecycle - from evaluation and implementation to service and support. In the Enterprise Firewall category, for example,... | |||
|
2017-07-11 14:30:00 | FortiGate Moves to the Leader\'s Quadrant (lien direct) | Fortinet's FortiGate solution has just shifted into the leader's quadrant in the 2017 Gartner Magic Quadrant for Enterprise Network Firewalls report. This report acknowledges the 'completeness' of our Security Fabric vision, along with our ability to execute, as factors for our advanced placement. We believe the Magic Quadrant results provide a great opportunity to highlight key innovations that are driving our vision for the future of enterprise firewalls. FortiGate is the most patented security solution in the world.... | Guideline | ||
|
2017-07-11 12:58:00 | Outsmarting the Next Ransomware with Advanced Threat Protections (lien direct) | Ransomware has recently reasserted itself into the public eye in a big way. The May cyberattack carried out by the malware WannaCry was one of the worst ransomware attacks ever, affecting over 300,000 computers operating MS Windows around the world. Unfortunately, the attack has once again demonstrated that far too many organizations do not have an effective security protocol in place, or do not take it seriously until after disaster strikes. In this case, the Microsoft vulnerability exploited by WannaCry had been patched in March, but many users... | Wannacry | ||
|
2017-07-10 12:58:00 | Considering the Cloud? Five Questions to Ask (lien direct) | The cloud is an increasingly attractive prospect for federal agencies, but many still have unanswered questions about how public cloud security stacks up. With the president's recent cybersecurity executive order emphasizing the shift to the cloud, agencies will have to move quickly to comply. Below are five questions that federal technology buyers should ask public cloud providers to see if they have what it takes to store and manage federal data securely. 1. Do you allow auditing or pen testing in your environment? Many customers are... | |||
|
2017-07-09 16:05:00 | Key Differences Between Petya and NotPetya (lien direct) | There have already been a lot of write-ups for the NotPetya malware. This article is just a supplement for what is already out there. Our focus is to highlight some key differences between a previous strain of the Petya ransomware and the malware that scared everyone a few weeks ago, which is now sometimes being referred to as NotPetya. I posted a blog post a couple of months ago about the MBR (Master Boot Record) infected by Petya. I explained how the ransomware infected the boot process and how it executed its own kernel code. In this post,... | NotPetya | ||
|
2017-07-09 16:00:00 | Petya\'s Master Boot Record Infection (lien direct) | Last week we started our technical analysis on Petya (also called NotPetya) and its so-called “killswitch.†In that blog post we mentioned that Petya looks for a file in the Windows folder that has the same filename (no extension) as itself (for example: C:\Windows\Petya). If it exists, it terminates by calling ExitProcess. If it doesn't exist, it creates a file with the attribute DELETE_ON_CLOSE. This seems to imply that instead of a killswitch, this file is meant to be a marker to check and see if the system has already been infected. After... | NotPetya | ||
|
2017-07-09 14:08:00 | Unmasking Android Malware: A Deep Dive into a New Rootnik Variant, Part III (lien direct) | In this final blog in the Rootnik series we will finish our analysis of this new variant. Let's start by looking into the script shell rsh. Analysis of the script shell Through our investigation we are able to see how the script shell works: First, it writes the content of the file .ir into /system/etc/install-recovery.sh. The file install-recovery.sh is a startup script. When the android device is booted, the script can be executed. The following is the content of the file .ir. Next, it writes some files... | |||
|
2017-07-09 14:06:00 | Unmasking Android Malware: A Deep Dive into a New Rootnik Variant, Part II (lien direct) | In part I of this blog, I finished the analysis of the native layer of a newly discovered Rootnik malware variant, and got the decrypted real DEX file. Here in part II, we will continue our analysis. A look into the decrypted real DEX file The entry of the decrypted DEX file is the class demo.outerappshell.OuterShellApp. The definition of the class OuterShellApp is shown below. Figure 1. The class demo.outerappshell.OuterShellApp We will first analyze the function attachBaseContext(). The following is the function aBC() in the class... |
To see everything:
Our RSS (filtrered)
