What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-01-04 07:54:51 | A Multitude of IoT Operating Systems Is Bad News for the Safety of the Internet (lien direct) | Unfortunately, many IoT devices are headless, meaning that they literally cannot be patched, so other security measures will have to be developed. Until then, the Internet will face the havoc resulting from IoT-based shadownets for hire, and major DDoS attacks and Cybersecurity wars will be launched by exploiting IoT vulnerabilities. | |||
|
2017-01-03 10:56:20 | A Guide to Security for Today\'s Cloud Environment (lien direct) | Enterprises have rapidly incorporated cloud computing over the last decade, and that trend only seems to be accelerating. Private cloud infrastructure, including virtualization and software-defined networking (SDN), is in the process of transforming on-premise data centers, which host the majority of enterprise server workloads around the world. Enterprises are also embracing public clouds at an unprecedented rate, with most connecting back to on-premise environments to create a true hybrid cloud environment. For all their advantages, these accelerated... | |||
|
2016-12-29 10:56:58 | The Evolution of the Financial Services CIO Since Y2K (lien direct) | The role of the chief information officer (CIO) has undergone substantial changes in less than two decades, progressing from a rare position within an organization to the heart of the executive boardroom. The pace at which technology has evolved has driven much of this growth, and today's financial organizations now lean on their CIO to keep data safe while also keeping pace with industry advances. Let's take a look back at the evolution of security within the financial services CIO's role and some of changes that have brought... | |||
|
2016-12-28 08:07:34 | (Déjà vu) Byline: Is it Finally Time for Open Security? (lien direct) | One of the distinct advantages of working in the IT industry for over 35 years is all of the direct and indirect experience that brings, as well as the hindsight that comes with that. One of the more personally interesting experiences for me has been watching the growth and ultimate success of the Open Source Software (OSS) movement from a fringe effort (what business would ever run on OSS?) to what has now become a significant component behind the overall success of the Internet. I was initially reminded of the significance of the Open Source... | |||
|
2016-12-27 10:17:59 | Byline: Meeting The Challenge of Securing the Cloud (lien direct) | What if the data and security elements across an organization's various cloud environments were well integrated, cohesive and coherent, like a seamlessly woven fabric? Such an approach would allow companies to see, control, integrate and manage the security of their data across the hybrid cloud, thereby enabling them to take better advantage of the economics and elasticity provided by a highly distributed cloud environment. | |||
|
2016-12-22 09:31:16 | Byline: Four Things To Look For When Choosing A Financial Services Cloud Security Provider (lien direct) | Financial services organizations are shifting applications to the cloud, seeking the efficiencies and cost reductions this move holds. However, with cybercriminals eager to get their hands on financial data, security is paramount – making it more important than ever to vet cloud security providers. | |||
|
2016-12-21 10:45:46 | Byline: 4 Key Areas to Consider When Solving the Cybersecurity Talent Gap (lien direct) | Attack methods and breaching techniques are constantly evolving. Which means that finding the elusive talent to overcome present challenges is only part of the solution. Sure, we know the tried and true breach methods. But what about the attacks we don't yet know? If the method is unknown, then so is the required response. The talent shortfall, therefore, is about much more than just a limited technical pool. | |||
|
2016-12-20 09:09:30 | Making Smart Cities Safe (lien direct) | For years now, we've been hearing about “smart cities.†Cities with the ability to leverage innovative technology, and automation to optimize resources and improve services for their citizens, with the ultimate goal of making our lives better. These smart cities are no longer a distant dream of the future – they are happening now. Unfortunately, without sufficient cybersecurity, their ultra-connected nature can make these dream cities a nightmare, as the recent hack of San Francisco's Municipal Transportation Agency... | |||
|
2016-12-19 09:23:47 | Protect Your Patients with Internal Segmentation Firewalls (lien direct) | Read this post to learn more about internal segmentation firewalls and how they assist the healthcare industry in keeping patient data safe. Â This new reality is largely responsible for driving the development of a new class of security tools, known as internal segmentation firewalls (ISFWs.) ISFWs extend the functionality... | |||
|
2016-12-16 09:58:47 | WooCommerce Tax Rates Cross-Site Scripting Vulnerability (lien direct) | WooCommerce is a free eCommerce plugin for WordPress. It has been downloaded over 1 million times and over 30% of all online stores are now powered by WooCommerce. I recently discovered that WooCommerce is vulnerable to a cross-site scripting (XSS) attack. This XSS vulnerability is caused because the WooCommerce tax rates setting incorrectly processes user-supplied data. Remote attackers are tricking WooCommerce administrators into uploading a malicious CSV file that claims to provide required tax rate data for a particular country or region.. | |||
|
2016-12-16 09:54:02 | Malicious Macro Bypasses UAC to Elevate Privilege for Fareit Malware (lien direct) | To survive, Macro downloaders have to constantly develop new techniques for evading sandbox environments and anti-virus applications. Recently, Fortinet spotted a malicious document macro designed to bypass Microsoft Windows' UAC security and execute Fareit, an information stealing malware, with high system privilege. SPAM This malicious document is distributed by a SPAM email. As part of its social engineering strategy, it is presented in the context of someone being interested in a product. Fig.1 SPAM with the malicious... | |||
|
2016-12-15 08:23:29 | Public and Private Cloud Adoption - What Financial Services Need to Know (lien direct) | Read this post to learn about the benefits and challenges, as well as ways financial organizations can keep their operations secure in the cloud. | |||
|
2016-12-14 08:13:00 | Why Employees Could Be the Biggest Threat to Healthcare Data Security (lien direct) | Read this post to find out why your employees might just be today's biggest threat to healthcare data security. | |||
|
2016-12-13 09:08:10 | Byline: Enhancing Security Through Information Sharing (lien direct) | Internal opportunities for information sharing might seem obvious, but are easily overlooked. Information sharing is essential if we want to get ahead of the escalating cyberthreats today's organizations are facing. We are just beginning to learn that we can no longer afford to build network security solutions based on isolated devices that cannot share threat intelligence or coordinate a response. As networks becomes more complex and distributed, the ability to consistently secure a workload as it moves across the network from an endpoint... | |||
|
2016-12-12 08:09:51 | Byline: Don\'t Neglect Security in M&A Due Diligence (lien direct) | Look at any M&A due diligence checklist and you'll see the same things: financials, customer information, sales, real estate, intellectual property, contracts-and the list goes on. One thing you may not see is information security, and that can be a crucial mistake. Like any other critical component of running a business, security needs to be right at the top of the list for M&A due diligence. When combining two companies, they often have different and sometimes even incompatible systems and data. That can create opportunities... | |||
|
2016-12-09 09:12:30 | Research: A New Christmas Decorated Cerber Ransomware Has Arrived (lien direct) | Introduction A new unversioned Cerber has surfaced! It appears that the author(s) of Cerber is working hard to make more money during Christmas season. This latest version has relatively more changes as compared to the previous versions. The version number has now been removed from the desktop wallpapers of the infected machines, and this new Cerber release no longer has an apparent version number, which might make the tracking of the Cerber family more difficult than before. Another noticeable change is that the modified wallpaper now comes... | |||
|
2016-12-09 07:12:35 | Reading Your Tracker\'s Battery Level With a Standard Bluetooth 4.0 USB Dongle (lien direct) | Quite strangely, there is no easy way to check the battery level of your Fitbit tracker. You can configure your profile to send you notifications when the battery is low, but that's about all. As I was researching Bluetooth Low Energy (BLE), I noticed however that Fitbit trackers do offer the standard Battery Service (0x180f) along with the (standard) Battery Level characteristic (0x2a19). | |||
|
2016-12-08 09:50:08 | Research: Disassembling Linux/Mirai.B!worm (lien direct) | A few days ago, a variant of Mirai hit a German telco, forcing 900,000 customers off the Internet. The FortiGuard team has issued an AV signature for it, named Linux/Mirai.B!worm. Several binaries were found in the wild for different architectures. I'll examine the one for ARM here, as that's the architecture I'm the most familiar with. A look at the strings in the binary reveals the following: | |||
|
2016-12-08 07:37:31 | Fortifying the Smart Cities (lien direct) | San Francisco's muni fare system was recently hacked, and it turns out that intruders installed ransomware on the system, and demanded money to undo the hack. Some might ask why, despite being located amid a hub of the best brains in cyberspace, didn't San Francisco muni foresee this coming? But as the saying goes, hindsight is 20/20. A better question to ask is, why are smart cities around the world so prone to such smart attacks? And, what risks can they reasonably foresee, and how do they plan for them? Global Growth and... | |||
|
2016-12-07 18:21:25 | Research: Furtive Malware Rises Again (lien direct) | Shamoon Timeline The Shamoon virus, also known as Disttrack, surfaced for the first time back in 2012 targeting Middle East Oil companies. It leveraged stolen credentials to gain access, and then exhibited worm-like behavior to spread throughout the entire targeted network. All Shamoon attacks were clearly very carefully planned beforehand, as the attackers had to gain access to legitimate credentials before launching the attack. While most modern malware are focused on monetizing through any way possible, from bitcoin mining to the current... | |||
|
2016-12-07 08:06:47 | Q&A on Using a Real Time Sandbox to Thwart Packed Malware (lien direct) | There have been numerous cases where advanced malware has been linked to significant data breaches. Malware authors employ a variety of techniques to hide their malicious intent, including the use of packing utilities to create “packed malware.†Ladi Adefala, Senior Security Strategist at Fortinet, explains how a real time sandbox can change the game with regard to defending against these sophisticated attacks. What is Packed Malware? Packed malware is one of the most common types of advanced malware, carefully designed to evade... | |||
|
2016-12-06 18:17:16 | Deep Analysis of the Online Banking Botnet TrickBot (lien direct) | Â One month ago we captured a Word document infected with malicious VBA code, which was detected as WM/Agent!tr by the Fortinet AntiVirus service. Its file name is InternalFax.doc, and its MD5 is 4F2139E3961202B1DFEAE288AED5CB8F. Â By our analysis, the Word document was used to download and spread the botnet TrickBot. TrickBot aims at stealing online banking information from browsers when victims are visiting online banks. The targeted banks are from Australia, New Zealand, Germany, United Kingdom, Canada, United States, Israel, and... | |||
|
2016-12-06 08:54:23 | LinkedIn and Baidu Redirecting to Fat-Loss and Brain Improvement Scam (lien direct) | We recently received a URL through Skype that caught our attention. It was a link belonging to LinkedIn, with our Skype ID as a parameter at the end of the URL. https://www.linkedin.com/slink?code=e2nsPHa#jpulusiv=victimskypeid  Usually, people would be wary when they receive links that look somewhat suspicious. But this link is from LinkedIn, the world's largest networking site, so it would easy for anyone receiving this to quickly dismiss any thought of it being harmful. And the convincing personalized Skype ID at the... | |||
|
2016-12-05 18:54:15 | A Closer Look at the Mamba Ransomware that Struck San Francisco Rail System (lien direct) |  Recently, the San Francisco Municipal Transportation Agency, also known as MUNI, was attacked by a new variant of Mamba (a.k.a HDDCryptor) – a disk-encypting ransomware. The incident left their ticketing services with inoperational systems and a note that read, “You Hacked,ALL Data Encrypted,Contact For Key(cryptom27@yandex.com)†Fortinet first discovered Mamba two months ago. Since then, it has been under the radar – until this big attack. We will now take a look at a few irregularities and some new developments... | |||
|
2016-12-05 07:47:26 | Q&A: How Fortinet\'s Security Fabric Creates New Opportunity for Channel Partners (lien direct) | Joe Sykora, Fortinet Vice President of Americas Channels and Sales Operations, gives his perspective on how an integrated security architecture like Fortinet's Security Fabric creates new opportunities for solution providers. Why is the idea of a security fabric so important to network security in this current environment? These days, companies have to deal with a growing list of issues that put tremendous strain on their security capabilities, including the Internet of Things, virtualization, SDN, a growing portfolio of interactive... | |||
|
2016-12-02 14:09:38 | Cerber 5.0.1 Arrives with New Multithreading Method (lien direct) | Introduction A new update of Cerber Ransomware, Cerber 5.0.1, has just arrived, appearing shortly after Cerber 5.0.0. had been released. Cerber 5.0.1 handles multithreading differently when it comes to encrypting files, probably aiming for better performance. It also changes the instruction file name from “README.hta†to “_README_.htaâ€. The intention of this might be to avoid simple AV detection, such as checking instruction file names. The major updates in the new version are described in the following sections. New... | |||
|
2016-12-02 08:38:20 | 3 Ways Recent DDoS and Ransomware Attacks Have Put Healthcare Institutions on Alert (lien direct) | Recent DDoS and ransomware attacks have grabbed the attention of healthcare organizations around the globe. Read more to find out how. | |||
|
2016-12-01 14:21:48 | Manage Your Reputation - Ensure Data Security in Financial Services (lien direct) | Ensuring data security in financial services is critical to maintaining a positive reputation. Read this post to find out more. | |||
|
2016-11-30 16:43:14 | Bladabindi Remains A Constant Threat By Using Dynamic DNS Services (lien direct) | The Fortinet research team has been developing a industrial-grade analysis system that allows us to concentrate information from samples collected from a variety of sources. Using this tool, we recently started to see the recurrence of URLs from the domains hopto.org and myftp.biz. In most cases, each sample was connected to a unique URL in one of the domains, although we also found some samples that connected to the same URL. Figure 1. Examples of the domains and samples collected by the team's FortiGuard analysis system This... | |||
|
2016-11-30 09:39:13 | Security Leads the Way for MSO Evolution to MSP (lien direct) | Like every other service provider segment, MSOs are looking for ways to leverage recent changes in technology and customer buying patterns in order to expand their addressable market and service offerings. MSOs now have an opportunity to claim a larger share of this growing business market by providing a new set of commercial services built on a number of new technologies. With the commercial availability of SD-WAN technology, for example, MSO's now have a path to create competitive offerings that were previously confined to telecommunications... | |||
|
2016-11-29 13:33:23 | Hackathon Sophia Antipolis 2016 (lien direct) | Last Saturday evening I had the honour to chair the selection committee for a Hackathon on Security...and many connected objects. While the meaning of "security" here was very broad (it included physical security for women and for elderly people, health, computer security, etc), it was a captivating experience. The participants came up with many different ideas - with first drafts listed here - especially around social networks, collaboration, and IoT. Let me provide my insight from the perspective of a security... | |||
|
2016-11-29 12:01:52 | Fortinet Joins AWS Public Sector Partner Program to Accelerate Cloud Security for Government and SLED Organizations (lien direct) |  With the breadth of sensitive data and highly regulated workloads that government and state and local education (SLED) institutions manage comes the critical need for a cybersecurity strategy that can adapt and scale with the data, from IoT to the cloud, while adhering to regulations and compliance requirements. To meet these evolving public sector security needs, Fortinet today announced an expansion of its  relationship with AWS through its membership in the AWS Public Sector... | |||
|
2016-11-28 17:46:40 | A New All-in-One Botnet : Proteus (lien direct) | Â Introduction The ART team at Fortinet has discovered a new malware named Proteus, a multifunctional botnet written in .NET that appears to be a proxy, coin miner, e-commerce merchant account checker, and keylogger. This particular botnet is downloaded by the Andromeda botnet. The handful of malicious features densely packed in this new malware also includes the ability to drop other malware. We have compiled its main features in this brief analysis. Data Encryption All C&C communication is encrypted with a symmetrical algorithm.... | |||
|
2016-11-28 08:51:26 | Q&A: Defining a Holistic Strategy for Customers (lien direct) | Fortinet's John Maddison offers some perspective following our Security Fabric and Fabric Ready announcements earlier this year. Can you talk about why “open†is such a critical element of our GTM selling strategy? An “open†strategy demonstrates the maturity of a vendor in their evolution towards developing a complete ecosystem of partnerships. This... | |||
|
2016-11-25 09:29:58 | Ready for Cyber Monday? Maybe Not? (lien direct) | Your 2017 Safe Holiday Shopping Guide: We will soon be in the throes of the holiday gift-buying season. A whole set of must-have connected devices have hit the stores, from smart accessories and appliances, to game consoles and online games, to web-enabled toys. And we will be buying many of them online, especially on cyber Monday. Are you ready? You are scouting online shopping websites, loading apps that automatically scan sites and compare prices to make sure you are getting the best deal, building your shopping lists, and checking your... | |||
|
2016-11-24 08:52:44 | Managing the Attack Surface of a Smart City (lien direct) | Smart cities are being planned the world over. Technology development always goes through two phases for any new discipline: first – tools are developed, and infrastructure is built and enabled. And second – the technology is scaled up. In the case of smart cities, we are in the first phase, where many of the kinks and challenges are still being ironed out. Here are some examples of services a smart city might provide: Coordinated energy control of air conditioners at homes during hot summer days to manage and preserve city... | |||
|
2016-11-23 11:42:32 | Analysis of OpenSSL ChaCha20-Poly1305 Heap Buffer Overflow (CVE-2016-7054) (lien direct) | A High-Severity Heap Buffer Overflow vulnerability was recently fixed in a patch  by Openssl Project.  This vulnerability affects the remote SSL servers that support the ChaCha20-Poly1305 cipher suite, and can be exploited to crash the SSL service. This High-Severity Heap Buffer Overflow vulnerability (CVE-2016-7054) is caused by an error when the ChaCha20-Poly1305 cipher suite is decrypting large amounts of application data. We will examine the root cause of this vulnerability in this post. The ChaCha20-Poly1305 cipher suite is... | |||
|
2016-11-23 07:22:51 | Ready for the Holidays? Maybe Not? (lien direct) | Your 2017 Safe Holiday Shopping Guide: Starting the Friday after Thanksgiving, millions of Americans will be braving the crowds and heading out to malls, big-box stores, and local merchants looking to take advantage of seasonal discounts. Are you ready? You are building your shopping lists, checking your credit card balances, scanning for can't miss deals, and planning your shopping itineraries. You may have even installed new apps that can automatically scan and compare prices to make sure you are getting the best deal. But what about... | |||
|
2016-11-22 08:04:08 | FortiCast: The New Podcast about Fortinet Technology (lien direct) | FortiCast, the new podcast about Fortinet technology, available now on iTunes, SoundCloud, and YouTube, as well as the podcast app of your choice. | |||
|
2016-11-22 08:03:24 | With More Than 340 Patents and Counting, Fortinet\'s Visionary Innovation is Driving the Evolution of Security (lien direct) | Our patent reward program open to all employees is a huge part of why Fortinet has reached another innovation milestone - more than 343 patents issued worldwide, with more pending. | |||
|
2016-11-21 10:53:59 | Fortinet 2017 Cybersecurity Predictions: Accountability Takes the Stage (lien direct) | With the growth and pervasiveness of online devices and digital tools, we reached a critical tipping point in 2016. The need for accountability at multiple levels is urgent and real and affects us all. If something isn't done, there is a real risk of disrupting the emerging Digital Economy. Â Even in recent weeks, IoT devices were hijacked to shut down a huge section of the Internet. Stolen documents were used in an attempt to influence the US presidential election. Ransomware began to reach epidemic proportions, including high... | |||
|
2016-11-18 17:44:17 | Android Malware Masquerades as Banking App, Part II (lien direct) | New variants of android banking malware target even more German banks, popular social media apps, and more Summary In my previous blog I provided a detailed analysis of a new android banking malware that spoofed the mobile applications of several large German banks to trick users into revealing their banking credentials. This week I found several new variants of this growing malware, and in this update I am sharing these new findings. Install the malware One of these variants masquerades as another German mobile banking app. Once installed,... | |||
|
2016-11-18 16:29:40 | DefCamp 2016 (lien direct) | This was my first time at DefCamp in Romania, and it was definitely a good experience. DefCamp was an interesting mixture of not so technical talks (but with acute insights) and technical ones. Among the "not so technical" ones, I liked the following: Do Tinder bots dream of electric toys? Tinder is a match-making/dating application. Inbar Raz decided to test it. He created a profile according to online guidelines (images with animals, images looking official, etc.) and quickly got many matches. But...it turned out that they... | |||
|
2016-11-18 09:39:41 | Android Banking Malware Masquerading as Email App Targets German Banks (lien direct) | Summary We recently found an Android banking malware masquerading as an email app that targets several large German banks. This banking malware is designed to steal login credentials from 15 different mobile banking apps for German banks. It also has the ability to resist anti-virus mobile apps, as well as hinder 30 different anti-virus programs and prevent them from launching. Install the malware The malware masquerades as an email app. Once installed, its icon appears in the launcher, as shown below. Figure 1. Malware App Icon  Figure... | |||
|
2016-11-17 12:36:14 | Where I (Nearly) Won a Connected Coffee Machine at DefCamp 2016 (lien direct) | Besides conference sessions, DefCamp 2016 also ran various competitions in the hacking village. I wandered about the critical infrastructure area - an amazing model kit of a train, station, and solar panels all controlled by Siemens and Schneider PLCs - but mostly, of course, at the _IoT village_. Critical Infrastructure village with model kit, PLCs, and SCADA supervision monitor  At the IoT village, several connected devices were available to be hacked: web cameras, a water sensor, a coffee maker...I lost some time on the Foscam... | |||
|
2016-11-15 12:07:42 | Q&A: Securing the Move to the Cloud (lien direct) | In the past decade, cloud computing has become increasingly popular among enterprises, with Gartner Research projecting IT spending on public cloud-based infrastructure services to surpass $24 billion in 2016, and associated management and security to surpass $8 billion. This evolution of our IT infrastructure brings with it concerns about the safety of our data, applications and end users. We talked to Chad Whalen about the move to the cloud, the related security concerns, and how Fortinet is protecting this rapidly-evolving IT infrastructure. How... | |||
|
2016-11-15 10:49:24 | Wrap-up: US Campaign-themed Malware and Trolls (lien direct) | The US political season is over and a new President has been elected. This election has arguably been one of the most colorful (some might say entertaining) and controversial presidential election cycles in the country’s history. For cyber crooks, this has been just the right environment to target victims with their attacks and trolls. In this post we take a look at some of the more notable US campaign-themed malware and scams. While some may induce false fears and a few laughs, others represent serious threats. “Donald... | |||
|
2016-11-14 15:27:25 | PC Locker - A New Survey Locker in the Wild (lien direct) | A lot of people, located around the world, have been infected with ransomware - a type of malware that encrypts computer files and demands payment to have them unlocked. Some professionally written ransomware has been so financially successful for their authors, such as Locky and Cerber, that many others have begun to emerge to take a piece of the pie. The researchers of the ART team at Fortinet have recently discovered a new malware. While it still locks the user's computer and demands they follow instructions to have it unlocked, this time... | |||
|
2016-11-14 12:18:56 | Black Nurse DDoS Attack: Power of Granular Packet Inspection of FortiDDoS with Unpredictable DDoS Attacks (lien direct) | A well-known aspect of criminals in any space is that they are unpredictable. They look for holes and vulnerabilities in systems and try to use them to their advantage. Security systems, therefore, have to be architected in a way that assumes attack unpredictability. A new threat emerging on the horizon is called BlackNurse DDoS attack. Fortinet protects organizations against this content based protection, with the IPS signature "BlackNurse.ICMP.Type.3.Code.3.Flood.DoS", as well as with behavior-based protection through our FortiDDoS... | |||
|
2016-11-14 10:11:13 | Cybersecurity In this New Political Era (lien direct) | The next President of the United States will begin their term in the midst of dramatic transitions happening across the world. This isn't about the deficit or foreign policy or climate change. Advisors well versed in strategies related to those issues surround the President. What needs to be addressed is the global transition to a digital economy. This change is affecting every aspect of our society, from how businesses generate profit to how individuals live their lives and interact socially. The digital economy and society combine technolo |
To see everything:
Our RSS (filtrered)
