Latest Posts


Given the very public explosion of ransomware, and an ever-growing list of other cyber threats, IT services providers are increasingly looking for ways to meet the insatiable demand for cybersecurity. In this article we will look at some of the trends and challenges facing the MSSP community. How has the cost and shortage of security talent empowered the MSS domain? There are two forces driving the growth of MSS - complexity and cost. The complexity of threats and regulations continues to grow, with no change in sight. On the cost side, there... [Read More]
by RSS Bill McGee  |  May 25, 2017  |  Filed in: Industry Trends & News
A major challenge facing security vendors today is that most solutions and products are developed based on knowledge of previous threats that already exist. This makes many security solutions reactive by their very design, which is not a tenable strategy for facing the volume of new attacks and strategies arising today. This arms race of identifying new threats, then reacting has been the primary strategy since the dawn of malware: A new virus is identified and then security vendors write the antivirus signature to block it; a polymorphic virus... [Read More]
by RSS Douglas Jose Pereira  |  May 23, 2017  |  Filed in: Security Research
We regularly do deep dive Q&A pieces with our executives to share the leadership perspectives at Fortinet. Read below for an interview with Phil Quade, Fortinet's CISO.  [Read More]
by RSS John Welton  |  May 23, 2017  |  Filed in: Industry Trends & News
​​​​​​​Security strategies need to undergo a radical evolution. Tomorrow’s security devices will need to see and interoperate with each other to recognize changes in the networked environment, anticipate new risks and automatically update and enforce policies. The devices must be able to monitor and share critical information and synchronize responses to detected threats. [Read More]
by RSS Derek Manky  |  May 22, 2017  |  Filed in: Industry Trends & News
For what started as a research network that was largely owned and operated by top universities, the Internet as we know it today has become much more. In 1969, ARPANET carried the first data packets between two separate nodes. During its genesis, ARPANET included the University of California, Los Angeles and the Stanford Research Institute before adding the University of Utah and University of California, Santa Barbara. What began as a 4-node network in 1969 had swelled to include 213 hosts by 1981. From there, it took off.  The Internet’s... [Read More]
by RSS Susan Biddle  |  May 19, 2017  |  Filed in: Industry Trends & News
A perspective blog with Derek Manky, Global Security Strategist, Fortinet. We asked Derek to put WannaCry into context. Is this just the eye of the storm? [Read More]
by RSS Bill McGee  |  May 18, 2017  |  Filed in: Industry Trends & News, Security Research
Android malware continues to grow exponentially now that it has overtaken the top position as the most popular OS (across all platforms), making it the target of choice for malware authors. Android Marcher is an Android banker malware that has been on the FortiGuard Labs radar since late 2013. Since that time it has been seen in a number of campaigns targeting many different banks and countries. And now, Marcher has once again resurfaced with a new campaign. Over the past few months we have observed it masking itself in a variety of ways... [Read More]
by RSS Dario Durando, Kenny Yang, David Maciejak  |  May 17, 2017  |  Filed in: Security Research
The Loki Bot has been observed for years. As you may know, it is designed to steal credentials from installed software on a victim’s machine, such as email clients, browsers, FTP clients, file management clients, and so on. FortiGuard Labs recently captured a PDF sample that is used to spread a new Loki variant. In this blog, we will analyze how this new variant works and what it steals. The PDF sample Figure 1. Content of the PDF sample The PDF sample only contains one page, shown above, which includes some... [Read More]
by RSS Xiaopeng Zhang and Hua Liu  |  May 17, 2017  |  Filed in: Security Research
Tags:
WannaCry FAQ: How does WannaCry spread? WannaCry has multiple ways of spreading. Its primary method is to use the Backdoor.Double.Pulsar backdoor exploit tool released last March by the hacker group known as Shadow Brokers, and managed to infect thousands of Microsoft Windows computers in only a few weeks. Because DoublePulsar runs in kernel mode, it grants hackers a high level of control over the compromised computer system. [Read More]
by RSS Aamir Lakhani  |  May 17, 2017  |  Filed in: Security Research
Over the last few months or years I have reported vulnerabilities on several IoT devices. None have been patched so far, and I think it is time to discuss the situation openly. One of the issues I have faced several times is the zero-security-culture phenomenon. Some of those IoT companies were typically very small and young, with sadly neither the skills nor the resources to fix security issues. For example, I remember sending several vulnerabilities to a given company. I got an automated response for the first email (ok),... [Read More]
by RSS Axelle Apvrille  |  May 17, 2017  |  Filed in: Security Research