Latest Posts


    In our last blog in this series, we discussed FortiGuard Labs’ participation in Google’s second annual Capture The Flag (CTF) competition. In this blogpost, I want to share how I solved another challenge, called“ASCII Art Client”. ChallengeDescription For this challenge, participants were given two files: a binary file aart_client and a network capture aart_client_capture.pcap. File1: aart_client File2: aart_client_capture.pcap The goal of the challenge was: This client displays nice... [Read More]
by RSS Honggang Ren  |  Jun 25, 2017  |  Filed in: Security Research
Hughes Network Systems is a leading managed network service provider for highly distributed enterprises that need to operate and deliver uniform performance across large numbers of branch locations. They have been a long-time Fortinet partner, delivering innovative managed network solutions that leverage Fortinet platforms by combining Fortinet’s security capabilities with Hughes’ broadband transport, routing, and WAN optimization technologies. We recently sat down with Jeff Bradbury, Senior Director of Marketing at Hughes, to talk... [Read More]
by RSS Daniel Mellinger  |  Jun 23, 2017  |  Filed in: Industry Trends
Summer is upon us – a time for family, fun and travel. Whether you’re going around the block or around the world, odds are you’re taking your work laptop (just in case). And of course, you’re taking your smartphone. Maybe you’ll want to check email on your phone using the hotel’s public WiFi. Maybe the kids want to play an online game on that laptop.  If you haven’t exercised good cybersecurity hygiene, though, you could be opening yourself up to all kinds of fun-zapping connectivity catastrophe... [Read More]
by RSS Anthony Giandomenico  |  Jun 23, 2017  |  Filed in: Industry Trends
Welcome back to our monthly review of some of the most interesting security research publications. This month, let's do a bit of crypto... Past editions: April 2017 March 2017 P. Carru, Attack TrustZone with Rowhammer Rowhammer is an attack on DRAM, which consists in repeatedly accessing given rows of the DRAM to cause random bit flips in adjacent rows. Until now, the attack hadn't been demonstrated on ARM's TrustZone: but that's what the author implemented. He demonstrated that, using... [Read More]
by RSS Axelle Apvrille  |  Jun 22, 2017  |  Filed in: Industry Trends
Today’s healthcare networks are intricate ecosystems of different networks comprised of a wide variety of connected devices and moving data, but they weren’t always this open. The industry as a whole has had to rapidly shift gears. Healthcare data now flows faster than ever, and it isn’t slowing down. As a result, the role of the healthcare chief information officer (CIO) has had to expand and adapt. As networks expand and connected devices permeate the healthcare landscape, the CIO will continue to play an increasingly important... [Read More]
by RSS Susan Biddle  |  Jun 22, 2017  |  Filed in: Industry Trends
This past June 17th and 18th, 2017, Google hosted their second annual Capture The Flag (CTF) competition. The Google team created security challenges and puzzles that contestants were able to earn points for solving. It’s a clever way to leverage the security community to help protect Google users, and the web as a whole. Last year, over 2,400 teams competed, and this year the number was even higher. FortiGuard Labs decided to pull together a team and then write up a report on the experience. So, first things first, this challenge was... [Read More]
by RSS Kushal Arvind Shah  |  Jun 21, 2017  |  Filed in: Security Research
Blockchain is a shared and continuously reconciled database used to maintain a list of digital records, called blocks. It is quickly becoming an important tool not just for financial information, but also for managing and recording virtually all types of data, such as medical and other records, identity management, and transaction processing. Because a blockchain database is distributed and interconnected, it provides several essential services. The first is transparency. Because data is embedded within the network as a whole, it is by definition... [Read More]
by RSS Hemant Jain  |  Jun 20, 2017  |  Filed in: Industry Trends
In the context of digital trust, effective cybersecurity can become an essential enabler of digital transformation. In other words, if organizations and users can’t trust their data, and trust that it is safe, they will not engage, and the Digital Economy will fail. [Read More]
by RSS Drew Del Matto  |  Jun 19, 2017  |  Filed in: Industry Trends
Nine out of ten healthcare organizations have suffered a breach in the past two years, according to a new Ponemon study, and the data shows that these breaches could be costing the industry upwards of $6 billion. When analyzing the sources of these breaches, it should come as no surprise that criminal attacks represent more than half of the total as healthcare records provide a treasure trove of valuable data. The remainder of the breaches tends to result from internal issues like employee mistakes, third-party snags, and stolen connected devices. While... [Read More]
by RSS Susan Biddle  |  Jun 16, 2017  |  Filed in: Industry Trends
The Department of Homeland Security (DHS) has identified 16 sectors that have been determined to be designated as critical infrastructure due to the debilitating effect on security, national economic security, national public health or safety, or any combination that would result from any of these sectors being compromised. Included in this list of 16 is the Government Facilities Sector, which covers, “a wide variety of buildings, located in the United States and overseas, that are owned or leased by federal, state, local, and tribal governments.”... [Read More]
by RSS Susan Biddle  |  Jun 15, 2017  |  Filed in: Industry Trends