What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-04-05 08:58:18 | In-Depth Look at New Variant of MONSOON APT Backdoor, Part 2 (lien direct) | In part 1 of FortiGuard Labs' analysis of a new variant of the BADNEWS backdoor, which is actively being used in the MONSOON APT campaign, we did a deep technical analysis of what this backdoor of capable of and how the bad guys control it using the command and control server. In this part of the analysis, we will try to discover who might be behind the distribution of these files. | |||
|
2017-04-05 08:58:03 | In-Depth Look at New Variant of MONSOON APT Backdoor, Part 1 (lien direct) | Three weeks ago, FortiGuard Labs, along with @_ddoxer (Roland de la Paz), using VirusTotal Intelligence queries, spotted a document with the politically themed file name (Senate_panel.doc). This malicious RTF file takes advantage of the vulnerability CVE-2015-1641. | |||
|
2017-04-05 05:50:26 | Video Gallery: Ladi Adefala and Hussein Syed Discuss Healthcare Security Following HIMSS17 (lien direct) | On February 21, Hussein Syed, Chief Information Security Officer at Barnabas Health System, and Ladi Adefala, Senior Security Strategist at Fortinet, led a roundtable discussion at HIMSS17 about the evolving challenges of securing the next-generation healthcare enterprise. The session was geared toward providing attendees with information around the current threats targeting the healthcare industry, how organizations can align security to the progressive business model, and the emerging trends in security practices that are protecting organizations... | |||
|
2017-04-05 03:33:38 | How to repair a DEX file, in which some key methods are erased with NOPs (lien direct) | During the process of analyzing android malware, we usually meet some APK samples which hide or encrypt their main logic code. Only at some point does the actual code exist in the memory, so we need to find the right time to extract it. In this blog, I present a case study on how to repair a DEX file in which some key methods are erased with NOPs and decrypted dynamically when ready to be executed. Note: All the following analysis is based on android-4.4.2_r1(KOT49H). Let's start our journey! First, I open the classes.dex... | |||
|
2017-04-04 08:51:21 | Empowering Distributed Enterprises with Secured SD-WAN (lien direct) | Fortinet expands the Security Fabric with enhanced Software-Defined Wide Area Networking capabilities | |||
|
2017-04-03 11:47:51 | When Choosing a Security Solution, Start with the Market Leader (lien direct) | Fortinet is proud to announce today the results from International Data Corporation's (IDC) latest Worldwide Quarterly Security Appliance Tracker. The 2016Q4 and historical report data reinforces Fortinet's continued leadership within the security industry by once again shipping the most security appliances, which also further strengthens our industry-leading global network of threat intelligence sensors. | Guideline | ||
|
2017-04-03 05:35:36 | Fortinet Security Fabric: Protecting the Unique Environment of Industrial Control Systems (lien direct) | Fortinet solutions have been designed to support ICS protocols and manufacturers, allowing them to provide the same level of actionable security in an industrial network as it does in an enterprise network while adapting to the unique ICS environment. | |||
|
2017-04-02 05:32:06 | Insomni\'hack 2017 (lien direct) | code{white-space: pre;} div.sourceCode { overflow-x: auto; } table.sourceCode, tr.sourceCode, td.lineNumbers, td.sourceCode { margin: 0; padding: 0; vertical-align: baseline; border: none; } table.sourceCode { width: 100%; line-height: 100%; } td.lineNumbers { text-align: right; padding-right: 4px; padding-left: 4px; color: #aaaaaa; border-right: 1px solid #aaaaaa; } td.sourceCode { padding-left: 5px; } code > span.kw { color: #007020; font-weight: bold; } /* Keyword */ code > span.dt { color: #902000; } /* DataType */ code > span.dv... | |||
|
2017-03-31 14:16:26 | Data Driven Security – James Cabe\'s Interview with Intel Chip Chat (lien direct) | The following is an excerpt from an Intel Chip Chat interview with James Cabe, Global Alliances Manager at Fortinet. Chip Chat is a podcast series of informal interviews with some of the brightest minds in the industry, hosted by Intel employee Allyson Klein. | |||
|
2017-03-31 14:14:13 | Channel Focus: Solving Security\'s Growing Pains with Scalability (lien direct) | Going wireless with a customer's network and cloud was once a leap. Now it's simply the next step. According to Cisco's latest Global Cloud Index, 92% of workloads will be processed in cloud data centers by 2020, and research from IDG shows worldwide spending on public cloud service will grow to more than $141B by 2019. As the use of the cloud grows, however, the potential attack surface becomes substantially larger and organizations are exposed to new risks. But that's not all. While technology is evolving, so are customer... | |||
|
2017-03-30 09:03:39 | It Is Tax (and Fraud) Time Again. Are You Ready? (lien direct) | One of the main reasons for the rapid growth in tax refund fraud is that it takes little effort to file a false return. A valid name, date of birth, and Social Security number are all one needs to file a return. Given the unprecedented number of data thefts last year, it is obvious this information is readily available. A quick trip to the Dark Web can provide criminals with the ability to purchase millions of files with this data. | |||
|
2017-03-29 12:29:47 | Microsoft Word File Spreads Malware Targeting Both Mac OS X and Windows (Part II) (lien direct) | In the blog we posted on March 22, FortiGuard Labs introduced a new Word Macro malware sample that targets both Apple Mac OS X and Microsoft Windows. After deeper investigation of this malware sample, we can confirm that after a successful infection the post-exploitation agent Meterpreter is run on the infected Mac OS X or Windows system. Meterpreter is part of the Metasploit framework. More information about Meterpreter can be found here. For this to work, the attacker's server must be running Metasploit as the controller to control the... | |||
|
2017-03-28 17:47:19 | Fortinet Secures Workloads on AWS (lien direct) | Fortinet is proud to be a Silver Sponsor of the 2017 Amazon Web Services (AWS) Summit being held April 5th and 6th in Sydney, Australia at the Hordern Pavilion & Royal Hall of Industries. Security is a high priority for Amazon Web Services. AWS customers benefit from a cloud-based network architecture designed to meet the requirements of the most security-sensitive organizations. However, many organizations also require additional advanced security solutions. Fortinet in cooperation with AWS provides a full suite of carrier-class security... | |||
|
2017-03-28 05:53:20 | Cybercriminals Are Building an Army of Things Creating a Tipping Point for Cybersecurity (lien direct) | Today, Fortinet released our quarterly Threat Landscape Report for Q4 of 2016. The data in it was drawn from millions of security devices located around the world that analyze up to 50 billion threats a day. Which means that the conclusions and trends detailed in this report are based on over a trillion security events that occurred between Oct 1 and Dec 31, 2016. | |||
|
2017-03-27 15:24:26 | The Essential 8: ASD\'s strategies to mitigate cyber security incidents (lien direct) | The Australian Signals Directorate's (ASD) 'Essential 8' strategies to mitigate cyber security incidents represent a set of cyber security best practices that, when implemented successfully, will provide your agency with a baseline cyber security posture. The Essential 8 expand upon the 'Top 4' mitigation strategies, part of the government's Protective Security Policy Framework, which have been mandatory for federal agencies since 2014. ASD has stated that implementing the Top 4 mitigation strategies will... | |||
|
2017-03-27 07:11:12 | Threat Perspective: Risky Business, A Look Inside the Threat Actor Studio (lien direct) | We recently talked with Ladi Adefala to get a better understanding of how the dark, mysterious underground of cyber crime is helping to fuel this growth, and how it impacts businesses and individuals. | |||
|
2017-03-24 07:30:22 | Security Research News in Brief March 2017 Edition (lien direct) | A monthly review of some of the previous month's most interesting security research publications | |||
|
2017-03-24 07:21:45 | FortiGuard Labs Telemetry – Round up of 2015 and 2016 IoT Threats (Part 4) – DVR/NVR devices (lien direct) | Digital Video Recorders / Network Video Recorders (DVR/NVR) Back in 2015, our telemetry detected a relatively small number of IPS signature hits on known vulnerabilities targeting DVR/NVR devices (~ 749 hits). In 2016, however, we saw this number increase alarmingly to around 1.5 million hits. By using a size comparison chart again, we can see the huge increase more clearly when we compare both years, as shown below: The question, of course, is what contributed to this huge increase in detected hits? Once again, let's look at the... | |||
|
2017-03-23 23:12:28 | iSNS Server Memory Corruption Vulnerability in Microsoft Windows Server (lien direct) | All users of vulnerable versions of the Microsoft Windows Server are encouraged to upgrade to the latest version of this software. Additionally, organizations that have deployed Fortinet IPS solutions are already protected from this vulnerability. | |||
|
2017-03-22 10:43:43 | Microsoft Word File Spreads Malware Targeting Both Apple Mac OS X and Microsoft Windows (lien direct) | On March 16, FortiGuard Labs captured a new Word file that spreads malware by executing malicious VBA (Visual Basic for Applications) code. The sample targeted both Apple Mac OS X and Microsoft Windows systems. We then analyzed the sample, and in this blog we are going to explain how it works, step by step. When the Word file is opened, it shows notifies victims to enable the Macro security option, which allows the malicious VBA code to be executed. Malicious Word File is Opened Figure 1. Asks victim to enable Macro security option Once... | |||
|
2017-03-22 08:25:06 | (Déjà vu) Fortinet Fabric-Ready Partner Spotlight: Versa Networks (lien direct) | Fortinet spoke with Fabric-Ready Partner, Versa Networks to learn what's top of mind for its customers, the key IT challenges they are facing and how Versa Networks' approach to integrated security is helping drive business and customer success. | |||
|
2017-03-21 18:47:46 | FortiGuard Labs Discovers Multiple Vulnerabilities in Microsoft Word (lien direct) | Over the last few months we discovered and reported multiple vulnerabilities found in different versions of Microsoft Word. These vulnerabilities were patched in the January (MS17-002) and March (MS17-014) security updates. These patches are rated as important, and as always, we suggest users update Microsoft Office as soon as possible. | |||
|
2017-03-21 08:21:27 | A Closer Look at the Rapid Evolution of EHR Security (lien direct) | More than any other database containing sensitive information for a large quantity of people, electronic health records (EHRs) are an especially attractive target for hackers. The patient data they hold can be used for financial gain, as recent reports show that stolen healthcare databases are being sold on the deep web for as much as US$500,000. But we've also seen a number of instances where large data breaches have occurred at the hands of state actors looking to collect data for espionage purposes. No matter the reasoning behind... | |||
|
2017-03-20 21:54:42 | FortiGuard Labs Telemetry – Round up of 2016 IoT Threats (Part 3) – IP Cameras (lien direct) | IP cameras were the second most attacked devices in 2015, at around 363,000 hits. But in 2016 the number dropped to approximately 36,000 hits | |||
|
2017-03-20 08:24:38 | Join Fortinet at IBM InterConnect 2017 (lien direct) | Fortinet is participating in IBM's premier industry event, the IBM InterConnect 2017 conference, this week, from March 19-23 in Las Vegas | |||
|
2017-03-17 10:59:31 | Grabbot is Back to Nab Your Data (lien direct) | Introduction Fortinet recently discovered a new botnet capable of stealing large amounts of user information, as well as remotely manipulating compromised machines. The malware appears to be based on an older botnet known as Grabbot, which was first discovered back in November of 2014[1]. This new variant improves on that existing functionality while adding several dangerous new features. This blog aims to offer a quick insight into how Grabbot functions. Replication The bot can be found hosted on a number of compromised websites with a... | |||
|
2017-03-17 07:50:01 | Blockchain and Financial System Impact (lien direct) | Blockchain is a technology that basically distributes a ledger. For those of you in the financial management world, you know a ledger as the trusted source of transactions or facts. The same is true with blockchain. But instead of existing in a large leather bound tome or in a financial management application, blockchains are managed by a distributed set of computing resources working together to maintain that ledger. Each transaction, or block within it, is linked together in an indisputable manner using public/private key encryption and internal... | |||
|
2017-03-16 09:04:50 | 5 Network Security Challenges That Will Keep Financial Services CIOs On Alert in 2017 (lien direct) | The financial services industry was a primary target for cybercriminals in 2016, and due to the value of its data, it will remain in the crosshairs as we embark on 2017. As a result, financial services CIOs will be faced with security decisions and challenges that will likely keep them up at night. While this isn't an exhaustive list of challenges CIOs will face in the coming year, we've outlined several challenges we believe nearly all financial services organizations will have to face in 2017. Let's take a closer look. 1.... | |||
|
2017-03-15 11:05:56 | FortiMail named IDC Email Security Leader (lien direct) | As a product manager, the start of the year is a time to take a few breaths and reflect on the successes or failures of the past year and plan for future projects. When we have invested so much effort into our products, we know their strengths, but spending so much time in such close proximity to a solution can also make one a bit blinkered. Which is why it is always important to get outside opinions on your progress as a sanity check. Of course, customer feedback is essential, and always very welcome, but it was particularly satisfying to... | |||
|
2017-03-15 08:21:55 | Teardown of Android/Ztorg (Part 2) (lien direct) | In the part 1 of this blog, we saw that Android/Ztorg.AM!tr silently downloads a remote encrypted APK, then installs it and launches a method named c() in the n.a.c.q class. In this blog post, we'll investigate what this does. This is the method c() of n.a.c.q: This prints "world," then waits for 200 seconds before starting a thread named n.a.c.a. I'll spare you a few hops, but among the first things we notice is that the sample uses the same string obfuscation routine, except this time it is not... | |||
|
2017-03-15 08:20:51 | Teardown of a Recent Variant of Android/Ztorg (Part 1) (lien direct) | Ztorg, also known as Qysly, is one of those big families of Android malware. It first appeared in April 2015, and now has over 25 variants, some of which are still active in 2017. Yet, there aren't many technical descriptions for it - except for the initial Ztorg.A sample - so I decided to have a look at one of the newer variants, Android/Ztorg.AM!tr, that we detected on January 20, 2017. The sample poses a "Cool Video Player" and its malicious activity was so well hidden I initially thought I had run into... | |||
|
2017-03-14 07:22:34 | Fortinet Welcomes New Industry-Leading Technology Partners to Our Security Fabric Ecosystem (lien direct) | Today we announced the addition of eight industry-leading information technology providers to our Fortinet Fabric-Ready Partner Program. These new partners further extend the Fortinet Security Fabric across traditional, cloud, virtual, and software-defined environments, while simplifying multi-vendor security deployments for enterprises. | Guideline | ||
|
2017-03-13 08:43:16 | FortiGuard Labs Telemetry: Round up of 2015 and 2016 IoT Threats (Part 2 Home Routers) (lien direct) | In our last post [Round up of 2016 IoT Threats] we compared 2015 and 2016 global threat telemetry for IoT devices collected by our FortiGuard Labs. In this post, we will examine why home routers had a such a huge increase in IPS signature hits in 2016, when compared to 2015. Home Routers In 2015, home routers had the most IPS signature hits at around 821,000. But this number exploded exponentially in 2016, to more than 25 billion hits. We can see the exponential increase more clearly when we compare both years using a size comparison chart... | |||
|
2017-03-10 06:40:43 | Four Ramifications of Cyber Attacks on Healthcare Systems (lien direct) | Recent cyber attacks on the NHS and other healthcare systems have brought potential ramifications into the limelight. Read this post to find out more. | |||
|
2017-03-09 09:30:43 | Byline: IoT is Everywhere - Your Security Should Be Too (lien direct) | IoT security challenges include weak authentication and authorization protocols, insecure software, firmware with hard-coded backdoors, poorly designed connectivity and communications, and little to no configurability. Many devices were developed around chunks of commonly available and largely untested code, compounding security vulnerabilities across thousands of devices sold through dozens of manufacturers. And to make matters worse, IoT devices are often “headless,†with limited power and processing capabilities. This not only means they can | |||
|
2017-03-08 15:27:03 | Microsoft Excel Files Increasingly Used To Spread Malware (lien direct) | Over the last few years we have received a number of emails with attached Word files that spread malware. Now it seems that it is becoming more and more popular to spread malware using malicious Excel files. Lately, Fortinet has collected a number of email samples with Excel files attached (.xls, .xlsm) that spread malware by executing malicious VBA (Visual Basic for Applications) code. VBA is a programming language used by Microsoft Office suite. Normally, VBA is used to develop programs for Excel to perform some tasks. I'll use... | |||
|
2017-03-08 07:17:56 | Byline: The Move to Standardization and Open Architectures Enables Cybersecurity Automation For the Government Sector (lien direct) | In order to remain responsive, resilient, and agile, government organizations must adopt open, integrated, and automated security architectures that enable the collection and sharing of threat intelligence and the ability to coordinate a response to detected threats. | |||
|
2017-03-07 07:24:45 | Byline: Companies Are Taking the Cyber Skills Gap Into Their Own Hands (lien direct) | Businesses are expanding investments in infrastructure security but struggling to source the increasingly rare talent needed to implement and operate their solutions. As an industry-leader, Fortinet believes it is our responsibility to foster the development and continuing education of cybersecurity talent and close the cybersecurity skills gap | Guideline | ||
|
2017-03-06 10:20:38 | FortiGuard Labs Telemetry – Roundup and Comparison of 2015 and 2016 IoT Threats (lien direct) | Attacks targeting and originating from IoT devices began grabbing news headlines toward the last quarter of 2016. Insecure IoT devices became the low-hanging fruit for threat actors to easily exploit. Some were even notoriously used as botnets to launch DDoS attacks against selected targets. For example, the infamous Mirai botnet exploited weak login vulnerabilities in insecure IoT devices such as IP cameras and home routers, and was responsible for one of the largest known DDoS attacks to date. Besides being used in DDoS attacks, exploited IoT... | |||
|
2017-03-05 15:59:07 | Improving Australia\'s Cybersecurity Through Integration and Automation (lien direct) | How do government agencies protect their networks and data from cyber attacks in the face of the growing cyber skills shortage? Integration and automation are the keys. | |||
|
2017-03-03 09:33:24 | Using a Security Fabric to Meet New York\'s (and Other) Financial Cybersecurity Regulations (lien direct) | New York has introduced a cybersecurity regulation to protect the financial services industry. Fortinet explains how network security fabric can assist. | |||
|
2017-03-03 09:32:43 | Byline: Is Your Healthcare Data Safe? Three Questions to Ask (lien direct) | In the all-out war for data, the healthcare industry is getting hit the hardest. Experian's fourth annual 2017 Data Breach Industry Forecast states that healthcare organizations will be the most targeted sector for attack, with new and sophisticated attacks emerging. If healthcare organizations and their IT teams aim to keep data safe, they need to take a step back to assess the overall security landscape and the security processes currently in place on a macro level. | |||
|
2017-03-02 08:43:42 | Byline: Securing Your Growing Home Network (lien direct) | For the enterprise, we recommend a three phase approach to security based around learning what is on your network, dividing the network into separated segments, and then implementing appropriate security that provides critical protections without compromising functionality and interoperability. | |||
|
2017-03-02 06:54:42 | Dot Ransomware: Yet another Commission-based Ransomware-as-a-Service (lien direct) | Dot ransomware is a new Ransomware-as-a-service(RaaS) that is openly available in hacking forums. And following the current trend in malware services, it uses web portals hosted in the TOR network for anonymity. Commission-based Profit While lurking in hacking forums, we came across a post for this new ransomware service. RaaS services are now switching from a one-time fee or subscription payment model to a commission based strategy. One advantage of this scheme is that the up front price for the ransomware is free, and any profits realized... | |||
|
2017-03-01 10:37:38 | Managed Security Service Providers, Choosing the Right Security Vendor (lien direct) | Fortinet covers critical aspects of an MSSP's business model like no other security manufacturer-offering the best in multi- tenancy, the most hardware flexibility, the highest performance through hardware acceleration, and the lowest total cost of ownership of any security vendor. | |||
|
2017-02-27 08:55:47 | Five Areas for Cybersecurity Innovation in 2017 (lien direct) | The world never stands still. In the technology space, this means that constant innovation and discovery is the key to a solution provider's survival and growth. In the cybersecurity arena, this creed is even more vital. Many hackers are brilliant people. There's only one way to get the better of them – be even more brilliant. And faster and more creative. Which is why R&D is crucial in the security technology business. Cybersecurity solution providers must deliver open, integrated security and networking technologies... | |||
|
2017-02-27 08:54:12 | You don\'t need to break my heart... (lien direct) | X-ray image of installed pacemaker showing wire routing - Image from Wikipedia A few days ago, journalists reported a man had been charged with arson using data retrieved from his own pacemaker (see here). One article showed a "funny" image of a man's chest with stitches to insert or access the pacemaker. This, and the comments, led me to some research on pacemakers. No, you don't need to open the patient to retrieve data from the pacemaker Pacemakers transmit data over radio frequencies. They typically use the 402-405... | |||
|
2017-02-24 08:10:15 | FortiClient Scores High in the Latest Advanced Endpoint Protection Report from NSS Labs (lien direct) | As part of this commitment to third-party testing, Fortinet recently participated in the NSS Labs 2017 Advanced Endpoint Protection (AEP) test by submitting our FortiClient solution for public analysis. And on February 14th, 2017, NSS published their test results. | |||
|
2017-02-23 13:21:15 | How Advanced Threat Protection Can Help Protect Financial Data (lien direct) | Technology integration in the financial services industry has opened opportunities that could only be dreamed of a few decades back. Around the turn of the millennium, we began seeing banks set up websites for internet-based banking, and about a decade later, mobile banking customers began tapping their smartphones to make payments at retail stores. Inside the walls of financial institutions themselves, employees are leveraging technology such as email and mobile devices to streamline processes and provide a better overall customer experience. Industry... | |||
|
2017-02-23 08:41:17 | Q&A: Securing IoT in the World of Healthcare (lien direct) | According to IBM's 2016 Cyber Security Intelligence Index report, cyber criminals attacked healthcare more than any other industry last year, with more than 100 million healthcare records being compromised. As the use of IoT devices continues to grow in hospitals, we talked to Roger Bailey about the risks, and how to secure these increasingly distributed healthcare environments. Q&A with Roger Bailey, Sales Engineer at Fortinet How is IoT growing in the world of healthcare? There are two sides to IoT in hospitals – the customer... |
To see everything:
Our RSS (filtrered)
