What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-07-09 14:05:00 | Unmasking Android Malware: A Deep Dive into a New Rootnik Variant, Part I (lien direct) | Part I: How to Unpack the Malware App This past January I performed a deep analysis of an Android rootnik malware variant and posted them to this blog. Since then, I have continued to monitor this Android malware family. In early June, FortiGuard Labs found a new variant of the Android rootnik malware that disguises itself as a legal app. It then uses open-sourced Android root exploit tools to gain root access on an Android device. To be clear, this malware was NOT found in Google Play. The developer of the malware app repackaged a legal app... | |||
|
2017-07-07 12:58:00 | Network Security in the Era of the Millennials (lien direct) | One of the toughest gigs in IT is the job of keeping an organization's network safe. It is also one that is getting tougher with the rise of the millennial generation. Millennials - those in their 20s to mid-30s - are starting to dominate workplaces around the world. More than one-in-three workers in the US are millennials, a 2015 study by Pew Research Center found. And this demographic group will account for half of the global workforce by 2020, according to PwC. The term “millennial†has many connotations. Among them: They... | |||
|
2017-07-07 12:58:00 | Google Chromebook Security: At The Forefront of Education Discussions (lien direct) | During a 2015 event at the Northwestern Institute for Policy Research, participating panelists discussed the digital revolution and the classroom's exposure to it. At the time, school districts had begun to adopt 1:1 policies, where each student would have access to laptops or tablets. Google was at the forefront of this surge, gaining a healthy chunk of new users each year across the education industry. Today, the formidable duo of the Google Chromebook and the G Suite for Education has changed the way education is approached. In this... | |||
|
2017-07-06 20:00:00 | WannaCry and Petya: The Circus Comes to Town (lien direct) | By now, you will have all heard about the rampant spread of ransomware through countless press pieces, blog articles, and far too often, the outrageous claims of some security vendors. But let's stop and think for a minute or two. How did these attacks happen? Are companies focusing on valid threats, fixing the right problems, or developing correct processes? Have so-called disruptive technologies disrupted our thinking? Let's not go tactical. Instead, we need to consider, “what is our best strategy?†Ever since the... | Wannacry | ||
|
2017-07-05 17:00:00 | Visit Fortinet at Microsoft Inspire 2017 (lien direct) | Fortinet is proud to be a Sponsor at Microsoft Inspire 2017. This year's worldwide partner conference is being held July 9-13 at the Walter E. Washington Convention Center in Washington, D.C. Visit us at Booth #1015, or Table #SC3-11 in the Connect meeting area We will be providing security demos, including cloud-based solutions designed for Microsoft Azure, at Fortinet Booth #1015. Attendees can also schedule a meeting with the Fortinet team at table SC3-11 in the Connect meeting area through their personal MyInspire page.... | |||
|
2017-07-05 15:00:00 | Fortinet in ETSI Security Week (lien direct) | Fortinet participated as a sponsor and panellist at the NFV (Network Function Virtualization) tracks at ETSI Security Week, held on June 14th at ETSI's headquarters in Sophia Antipolis, in the South of France. Fortinet is a participant in the ETSI NFV ISG group, focusing on NFV security, and earlier this year, Fortinet also participated in the ETSI plug-test to ensure VNF's interoperability with different NFV stacks in real-world environments. | |||
|
2017-07-04 12:58:00 | SSTIC 2017 in a Nutshell (lien direct) | This blog post is a summary of SSTIC, a major infosec conference held in France. As usual, this year's conference came with excellent presentations. The sessions have been recorded, and the papers are available on the website, although most of the content is in French. For a detailed wrap-up of SSTIC, please read @xme: Day 1 Day 2 Day 3 SSTIC is one of the few IT conferences which (1) ask authors to submit full papers, (2) from which you return with information or tools to work on, and (3) whose presentations are mostly... | |||
|
2017-07-03 12:58:00 | Byline: Petya, Wannacry, and Mirai - Is This the New Normal? (lien direct) | This past year, cybercriminals have upped the stakes once again with the high profile, global attacks of Mirai, Wannacry, and Petya, launched one after the other. Of course, large-scale attacks aren't new. Attacks like the ILOVEYOU worm and Code Red and Nimda were massive attacks, some of which affected exponentially more devices and organizations that this latest round of attacks. The spread of WannaCry and Petya were quickly curbed unlike these worms of the past. But this isn't just about scale. Unlike in years past, the new digital... | Wannacry | ||
|
2017-06-30 16:34:52 | Questions to Ask When Navigating the E-Rate Program (lien direct) | As reliance on technology continues to grow, and students inevitably require greater access to web assets, schools have been keeping up by incorporating programs that allow for more devices and a more web-focused curriculum. While it's important to provide these services, between paying for internet access and securing the network, they typically come at a great cost. To mitigate these costs, the Federal Communications Commission (FCC) and its subsidiary, the Universal Services Administrative Committee (USAC), implemented the E-rate program,... | |||
|
2017-06-29 12:59:00 | Preventing Cloud Blindness (lien direct) | For many organizations, embracing the potential of the new digital economy involves migrating services, data, and infrastructure to the cloud. The cloud is a powerfully disruptive technology. It allows businesses to be more agile, responsive, and available than ever before by transforming traditional compute architectures and best practices that have been in place for decades. Most organizations today have some sort of a cloud strategy. Nearly all of them are adopting a hybrid cloud infrastructure that combines their private cloud with one or... | |||
|
2017-06-28 18:05:00 | A Technical Analysis of the Petya Ransomworm (lien direct) | Yesterday, a new ransomware wreaked havoc across the world. This new malware variant, which combines the functionality of ransomware with the behaviors of a worm, is being called Petya, Petrwrap, and even NotPetya, since researchers are still investigating as to whether its ability to modify the Master Boot Record of a targeted machine is based on the Petya family of malware. Fortinet has designated this new hybrid form of malware as a ransomworm, and this outbreak was reported to use the same worm mechanism to spread across the Internet as WannaCry,... | NotPetya Wannacry | ||
|
2017-06-28 16:15:52 | In-Depth Analysis of .NET Malware JavaUpdtr (lien direct) | FortiGuard Labs recently captured some malware which was developed with the Microsoft .Net framework. I analyzed one of them, and in this blog, I'm going to show you how it is able to steal information from a victim's machine. The malware was spread via a Microsoft Word document that contained an auto-executable malicious VBA Macro. Figure 1 below shows how it looks when it's opened. Figure 1. When the malicious Word document is opened What the VBA code does Once you click the “Enable Contentâ€... | |||
|
2017-06-28 12:55:00 | Fortinet UTM: A Gartner\'s Magic Quadrant Leader 8 Times in a Row (lien direct) | Fortinet's UTM solutions have been positioned in the leader's quadrant of Gartner's annual Magic Quadrant for Unified Threat Management report for the 8th year in a row. In this year's report, Gartner recognized the 'completeness' of our solution, which includes the Security Fabric vision, and we also achieved the highest placement for our ability to execute on that vision. Unified Threat Management, or UTM, solutions consolidate security and networking functions into a single device to simplify business infrastructures... | Guideline | ||
|
2017-06-27 17:00:00 | New Ransomworm Follows WannaCry Exploits (lien direct) | We are currently tracking a new ransomware variant sweeping across the globe known as Petya. It is currently having an impact on a wide range of industries and organizations, including critical infrastructure such as energy, banking, and transportation systems. This is a new generation of ransomware designed to take advantage of timely exploits. This current version is targeting the same vulnerabilities that we exploited during the recent Wannacry attack this past May. This latest attack, known as Petya, is something we are referring to as... | Wannacry | ||
|
2017-06-27 12:59:00 | The Need for Situational Awareness (lien direct) | As human beings, we are continually looking for knowledge or information to help improve any situation. If we live or work in a crowded city, for example, we want to know which routes are best to avoid getting stuck in traffic. When we enter a restaurant or movie theater we look for the exits. And when suspicious looking person enters the room, part of our mind automatically keeps track of him. This behavior is known as situational awareness, and it's second nature to most of us. But while such behavior often occurs in our everyday... | |||
|
2017-06-26 12:50:00 | Fortinet FortiWeb Advanced Application Security Integrates with Microsoft Azure Security Center (lien direct) | The emerging trend towards security automation is becoming essential for cloud deployment. Traditionally, businesses configure a Web Application Firewall with static policies to address unchanging, known-bad threats. Unfortunately, it can be tricky to get them all right in Public Cloud environment. With a growing number of attack variants, more rules you add the more potential there is to run into false positives. FortiWeb's integration with the Azure Security Center now allows customers to take a reactive policy approach to web security... | |||
|
2017-06-25 07:00:00 | Google\'s 2017 CTF – The “ASCII Art Client†Challenge (lien direct) |   In our last blog in this series, we discussed FortiGuard Labs' participation in Google's second annual Capture The Flag (CTF) competition. In this blogpost, I want to share how I solved another challenge, called“ASCII Art Clientâ€. ChallengeDescription For this challenge, participants were given two files: a binary file aart_client and a network capture aart_client_capture.pcap. File1: aart_client File2: aart_client_capture.pcap The goal of the challenge was: This client displays nice... | |||
|
2017-06-23 16:00:00 | Hughes-Fortinet Partnership Brings Zero-Touch Simplicity to Distributed Retail Organizations (lien direct) | Hughes Network Systems is a leading managed network service provider for highly distributed enterprises that need to operate and deliver uniform performance across large numbers of branch locations. They have been a long-time Fortinet partner, delivering innovative managed network solutions that leverage Fortinet platforms by combining Fortinet's security capabilities with Hughes' broadband transport, routing, and WAN optimization technologies. We recently sat down with Jeff Bradbury, Senior Director of Marketing at Hughes, to talk... | Guideline | ||
|
2017-06-23 12:59:00 | Byline: Four Tips for a Cyber-Safe Summer (lien direct) | Summer is upon us – a time for family, fun and travel. Whether you're going around the block or around the world, odds are you're taking your work laptop (just in case). And of course, you're taking your smartphone. Maybe you'll want to check email on your phone using the hotel's public WiFi. Maybe the kids want to play an online game on that laptop. If you haven't exercised good cybersecurity hygiene, though, you could be opening yourself up to all kinds of fun-zapping connectivity catastrophe... | |||
|
2017-06-22 15:00:03 | (Déjà vu) Security Research News in Brief - May 2017 Edition (lien direct) | Welcome back to our monthly review of some of the most interesting security research publications. This month, let's do a bit of crypto... Past editions: April 2017 March 2017 P. Carru, Attack TrustZone with Rowhammer Rowhammer is an attack on DRAM, which consists in repeatedly accessing given rows of the DRAM to cause random bit flips in adjacent rows. Until now, the attack hadn't been demonstrated on ARM's TrustZone: but that's what the author implemented. He demonstrated that, using... | |||
|
2017-06-22 13:00:03 | The Role of the Healthcare CIO Yesterday, Today, and Tomorrow (lien direct) | Today's healthcare networks are intricate ecosystems of different networks comprised of a wide variety of connected devices and moving data, but they weren't always this open. The industry as a whole has had to rapidly shift gears. Healthcare data now flows faster than ever, and it isn't slowing down. As a result, the role of the healthcare chief information officer (CIO) has had to expand and adapt. As networks expand and connected devices permeate the healthcare landscape, the CIO will continue to play an increasingly important... | |||
|
2017-06-22 01:00:00 | Google\'s 2017 CTF Challenge: Mindreader (lien direct) | This past June 17th and 18th, 2017, Google hosted their second annual Capture The Flag (CTF) competition. The Google team created security challenges and puzzles that contestants were able to earn points for solving. It's a clever way to leverage the security community to help protect Google users, and the web as a whole. Last year, over 2,400 teams competed, and this year the number was even higher. FortiGuard Labs decided to pull together a team and then write up a report on the experience. So, first things first, this challenge was... | |||
|
2017-06-20 12:56:00 | Strengthening the Security Fabric of Blockchain (lien direct) | Blockchain is a shared and continuously reconciled database used to maintain a list of digital records, called blocks. It is quickly becoming an important tool not just for financial information, but also for managing and recording virtually all types of data, such as medical and other records, identity management, and transaction processing. Because a blockchain database is distributed and interconnected, it provides several essential services. The first is transparency. Because data is embedded within the network as a whole, it is by definition... | |||
|
2017-06-19 12:56:00 | Executive Insights: Managing Risk through Digital Trust (lien direct) | In the context of digital trust, effective cybersecurity can become an essential enabler of digital transformation. In other words, if organizations and users can't trust their data, and trust that it is safe, they will not engage, and the Digital Economy will fail. | |||
|
2017-06-16 13:04:00 | Why SIEM Solutions Are Essential to Securing Healthcare Networks (lien direct) | Nine out of ten healthcare organizations have suffered a breach in the past two years, according to a new Ponemon study, and the data shows that these breaches could be costing the industry upwards of $6 billion. When analyzing the sources of these breaches, it should come as no surprise that criminal attacks represent more than half of the total as healthcare records provide a treasure trove of valuable data. The remainder of the breaches tends to result from internal issues like employee mistakes, third-party snags, and stolen connected devices. While... | |||
|
2017-06-15 13:29:00 | Higher Education: Critical Infrastructure and the Dark Cloud of Cyber Threats (lien direct) | The Department of Homeland Security (DHS) has identified 16 sectors that have been determined to be designated as critical infrastructure due to the debilitating effect on security, national economic security, national public health or safety, or any combination that would result from any of these sectors being compromised. Included in this list of 16 is the Government Facilities Sector, which covers, “a wide variety of buildings, located in the United States and overseas, that are owned or leased by federal, state, local, and tribal governments.â€... | |||
|
2017-06-14 16:19:29 | WINS Server Remote Memory Corruption Vulnerability in Microsoft Windows Server (lien direct) | Summary In December 2016, FortiGuard Labs discovered and reported a WINS Server remote memory corruption vulnerability in Microsoft Windows Server. In June of 2017, Microsoft replied to FortiGuard Labs, saying, "a fix would require a complete overhaul of the code to be considered comprehensive. The functionality provided by WINS was replaced by DNS and Microsoft has advised customers to migrate away from it." That is, Microsoft will not be patching this vulnerability due to the amount of work that would be required. Instead, Microsoft... | |||
|
2017-06-14 13:02:02 | Evolving towards a Homogenous Society: The Risk of the New Digital Economy (lien direct) | The recent WannaCry attack was interesting for a couple of reasons. First, the speed and scale of the attack was impressive. Over the course of a couple of days, hundreds of thousands of systems were affected and disrupted. Second, it also unveiled a disturbing trend. The attack malware exploited a known vulnerability that not only had been revealed through the highly public release of stolen cyber tools, but Microsoft had also released a patch for the targeted vulnerability over two months before. Which means that the scale of the attack was... | Wannacry | ||
|
2017-06-13 17:38:16 | FortiSIEM for AWS (lien direct) | Fortinet is proud to announce that our FortiSIEM solution is now available for the AWS Marketplace. Fortinet's auto scaling security solution provides the resources needed to help with deployment in order to optimize AWS networks. FortiSIEM for AWS provides essential security services for cloud environments | |||
|
2017-06-13 13:02:05 | Who\'s Afraid of the Big, Bad Robot? (lien direct) | Tired of hearing about IoT? Me too. I am also tired of AI and the constant specter of intelligent robots and computers that are smarter than us, and that for some reason want to harm us. I prefer the movie Her because I believe that is more likely to represent the future of an AI. They wouldn't want to compete with us and rule the world. Instead, it seems more likely that they would find us to be a curiosity. And they would probably eventually just lose interest in us and leave. We (and the Earth) would not be able to evolve as fast... | |||
|
2017-06-13 05:11:59 | Cybercrime At Your Service, Mac (lien direct) | We aren't talking about some potential future threat. Our FortiGuard Labs team just reported on a new ransomware variant targeting Mac devices. Which means it's time to get serious about protecting these (Mac) devices. | |||
|
2017-06-12 12:53:21 | Byline: Securing Your Enterprise\'s Expansion into the Cloud (lien direct) | For enterprises, the very real benefits of moving applications to the cloud also come with significant challenges. Whether their using the public cloud, a private cloud or, as is often the case, a hybrid of the two, it's necessary to optimize application performance to get the full benefits of cloud technology and enable a better business model. Just as importantly, though, you must be able to secure your people and your information as they traverse your network, from on-premises to the cloud and back, and you must be able to secure... | |||
|
2017-06-09 20:38:39 | MacRansom: Offered as Ransomware as a Service (lien direct) | Just recently, we discovered a Ransomware-as-a-service (Raas) that uses a web portal hosted in TOR network which has become a trend nowadays. It is rather interesting to see cybercriminals attack a different operating system other than Windows. And this could be the first time to see Raas that target Mac OS. | |||
|
2017-06-08 14:44:52 | Executive Insights: Innovating for Business Success (lien direct) | Innovation, at its core, is about creating an environment where creativity is encouraged, resourced, and rewarded. We saw that point illustrated in the news recently. | |||
|
2017-06-07 14:15:04 | Threat Insights: The Future of Smart and Automated Threats (lien direct) | Threat report data is only as useful as the analysis and context that goes along with it. We asked Derek Manky, global security strategist with our FortiGuard Labs team, to share his thoughts on what some of the data in our recent Threat Landscape Report means going forward. What at a high level did you find interesting in the report? What did the data tell you from your global point of view? A few things stood out to me based on my years of working with the FortiGuard Labs team. At a high level, visibility and control over today's... | |||
|
2017-06-06 18:20:15 | Research Report: Visibility and Control of Distributed Infrastructures Diminishing as Attack Vectors Grow (lien direct) | There are a couple of important takeaways from our Threat Landscape report. First, while the more high profile attacks have dominated the headlines, the reality is that the majority of threats faced by most organizations are opportunistic in nature. Criminals tend to target low hanging fruit, so it is critical that you minimize your visible and accessible attack surface. | |||
|
2017-06-05 15:22:22 | Join Fortinet at HPE Discover 2017! (lien direct) | Fortinet is a Gold sponsor at Discover 2017, and will showcase several important security innovations to help you stay ahead of cyber threats. Join Fortinet at booth 231 while you're at Discover 2017 to see a demo of the Fortinet Security Fabric in action! We'll also have technical experts on hand to discuss any security needs you ma A key focus area for many attendees will be cybersecurity, given the challenges they face from today's sophisticated and rapidly evolving threats. The isolated, proprietary security devices most organizations... | |||
|
2017-06-05 15:20:49 | Governmental Entities Bringing Financial Cybersecurity to Center Stage (lien direct) | By now, it's no secret that cybercriminals have targeted, and continue to target, the financial services industry with advanced attacks that are designed to steal or otherwise jeopardize valuable data. As a result, many organizations have taken at least some initial steps to better secure their networks and the information that lives within them. In fact, according to Duff & Phelps' “Global Regulatory Outlook,†86 percent of professionals in the financial services industry say their companies have plans to put more... | |||
|
2017-06-04 18:52:30 | An Inside Look at CVE-2017-0199 – HTA and Scriptlet File Handler Vulnerability (lien direct) | FortiGuard Labs recently came across a new strain of samples exploiting the CVE-2017-0199 vulnerability. This vulnerability was fixed by Microsoft and the patch was released in April 2017. Due to its simplicity, it can be easily exploited by attackers. It has also been found in-the-wild by other vendors. We have also blogged about some samples recently found in spear phishing attack. While there are plenty of articles discussing this vulnerability, most of them are intended for technical readers and primarily focus on how to create proof-of-concept... | |||
|
2017-06-02 22:01:41 | Infographic: Protecting Today\'s Financial Services Industry in a Digital Environment (lien direct) | Read this post and view the embedded infographic to learn how financial services organizations can protect their data in the digital age. | |||
|
2017-06-01 06:24:03 | Digital Transformation in Healthcare and How Fabric Security Solutions Can Assist (lien direct) | Whether it's healthcare, or any of the other 16 sectors of critical national infrastructure, enterprises responsible for some of our most important cyber assets are undergoing some sort of digital transformation. At its core, digital transformation in business is really about moving from intuitive to data-driven decision making to gain new insights, provide essential services, and drive exponential growth. Over the past few years, the healthcare sector and other industries have been focused on four major objectives related to digital transformation: Move... | |||
|
2017-06-01 06:22:23 | Byline: Healthcare in the Crosshairs (lien direct) | Healthcare systems are consistently a preferred target of cybercriminals. Today, whenever a cyberattack occurs, healthcare networks seem to be right in the crosshairs. There are reasons for this. Historically, healthcare networks have been reasonablely easy to break into. Despite the implementation of new EHR systems and critical infrastructure for healthcare data exchanges, healthcare generally hasn't kept up with other vertical markets in terms of security, creating “low-hanging fruit†for would-be attackers. These networks... | |||
|
2017-05-31 08:48:31 | Byline: WannaCry is Part of a Bigger Problem (lien direct) | The most important question related to the recent WannaCry attacks isn't who the attackers were, or how big the attack was. The question is, “How did this happen in the first place?†The vulnerability exploited by this attack had been patched by Microsoft months before. That patch was part of a widely publicized update that was issued in response to the massive set of NSA cyberespionage tools leaked by the secretive group known as Shadow Brokers. Everyone knew about it. Yet, apparently, few did anything about it. Failure... | Wannacry | ||
|
2017-05-30 16:53:19 | Spear Phishing Fileless Attack with CVE-2017-0199 (lien direct) | Introduction CVE-2017-0199 is a remote code execution vulnerability that exists in the way that Microsoft Office and WordPad parse specially crafted files. An attacker who successfully exploits this vulnerability can take control of an affected system and then install programs, view, change, or delete data, or create new accounts with full user rights. Microsoft issued a patch for this vulnerability April, and most security vendors have published alarms for it. Unfortunately, attacks targeting this vulnerability are still widely being used... | |||
|
2017-05-30 10:32:57 | The Power of Virtual Cell Wi-Fi (lien direct) | Wireless access has not only revolutionized networks. It has profoundly changed our culture. It has transformed how and where we work, how we interact through social media, and how we stay connected with family and friends. The challenge we are now facing is Wi-Fi saturation. Given the number of connected devices online now, and the predictions for exponential growth over just the next few years, we need to ensure that we are building wireless networks that can accommodate both the volume of connections and connected devices coming, the increase... | |||
|
2017-05-29 21:22:20 | Byline: What is Next for Cloud Services in the Federal Space? (lien direct) | Historically, federal agencies have been wary of using public cloud due to security concerns. Yet the agility and cost savings offered by cloud infrastructure is proving to be a major incentive, leading to a recent big push for agencies to re-engage with public cloud providers. Security is still a central issue, and many agencies are looking at cloud service providers whose products adopt a cloud-first strategy, viewing them either as a firewall in the cloud or as a way to outsource security to the cloud.  However, no one... | Guideline | ||
|
2017-05-26 09:19:10 | FortiVets: Remembering – and Hiring – our Veterans (lien direct) | Many Americans see Memorial Day in the US as the holiday that kicks off summer. Stores are loaded with shiny new grills, bags of charcoal, and rows of filled propane tanks. Patio furniture is being dusted off while refrigerators are stuffed with marinating steaks, bowls of potato salad, and chilled beer waiting for friends and family for the traditional weekend barbeque. But Memorial Day is about much more than grilling a burger with a cold beverage in your hand. Memorial Day in the United States, observed every year on the last Monday of May,... | |||
|
2017-05-25 09:06:35 | Trends Affecting Managed Security Service Providers (lien direct) | Given the very public explosion of ransomware, and an ever-growing list of other cyber threats, IT services providers are increasingly looking for ways to meet the insatiable demand for cybersecurity. In this article we will look at some of the trends and challenges facing the MSSP community. How has the cost and shortage of security talent empowered the MSS domain? There are two forces driving the growth of MSS - complexity and cost. The complexity of threats and regulations continues to grow, with no change in sight. On the cost side, there... | |||
|
2017-05-23 15:37:42 | Automating Security Operations: What It Takes to Defend Against Something Like WannaCry (lien direct) | A major challenge facing security vendors today is that most solutions and products are developed based on knowledge of previous threats that already exist. This makes many security solutions reactive by their very design, which is not a tenable strategy for facing the volume of new attacks and strategies arising today. This arms race of identifying new threats, then reacting has been the primary strategy since the dawn of malware: A new virus is identified and then security vendors write the antivirus signature to block it; a polymorphic virus... | Wannacry | ||
|
2017-05-23 09:37:21 | Executive Insights: An Interview with Phil Quade (lien direct) | We regularly do deep dive Q&A pieces with our executives to share the leadership perspectives at Fortinet. Read below for an interview with Phil Quade, Fortinet's CISO. | Guideline |
To see everything:
Our RSS (filtrered)
