Latest Posts


The healthcare industry requires technology that can keep pace with the speed at which medicine is evolving in order to provide patients with the best possible care. Additionally, this technology must meet HIPAA compliance standards to secure protected health information (PHI) from the growing number cyberattacks targeting the healthcare industry. This comes at a time when more devices than ever are accessing healthcare providers’ networks, including the proliferation of connected medical devices in the Internet of Medical Things (IoMT), and... [Read More]
by RSS Trish Borrmann  |  Aug 18, 2017  |  Filed in: Industry Trends
The K-12 learning environment has moved beyond the physical walls of the classroom thanks to behavioral shifts and digital connectivity. However, robust and speedy network services that are designed to keep student and faculty data secure come with a price tag. The cost of ongoing connectivity and keeping networks secure is a constant barrier for most school districts, but thankfully, the E-rate program gives them an opportunity to do just that. Take a look at the graphic below to see how the classroom environment has evolved, the threats... [Read More]
by RSS Susan Biddle  |  Aug 18, 2017  |  Filed in: Industry Trends
It has just been a week since the variation of Locky named Diablo6 appeared. Now it has launched another campaign more massive than the previous. This time, it uses “.lukitus”, which means “locking” in Finnish, as the extension for the encrypted files. The FortiGuard Lion Team was the first to discover this variant with the help of Fortinet’s advanced  Kadena Threat Intelligence System [1](KTIS) Fig. 1 Encrypted files with .lukitus extension Fig. 2 Familiar Locky ransom note Same Locky, More Spam This... [Read More]
by RSS Joie Salvio, Rommel Joven and Floser Bacurio  |  Aug 17, 2017  |  Filed in: Security Research
In this blog post we will analyze a couple of Android malware samples in the Android VM of the FortiSandbox. We'll also share a few interesting and useful tricks. Running a sample in the VM To run a given sample in the Android VM, you should log into the FortiSandbox, make sure an Android VM is available, and then "Scan Input" / Submit a New File. Next, if the objective is to run the malware in the sandbox, you must make sure to skip "static scan," "AV scan," and "Cloud Query"... [Read More]
by RSS Axelle Apvrille  |  Aug 17, 2017  |  Filed in: Security Research
Fighting Automation with Automation: A manual approach just won't cut it anymore. Here's a toolset to defeat automation and unify control across all attack vectors to stop automated attacks. [Read More]
by RSS Derek Manky  |  Aug 17, 2017  |  Filed in: Industry Trends
Malicious cyber activity targeted at the nation’s critical infrastructure – including water systems, transportation, energy, finance, and emergency services – are particularly worrisome because the interruption of those services can have devastating effects on our economy, impact the well being of our citizens, and even cause the loss of life. [Read More]
by RSS Phil Quade  |  Aug 16, 2017  |  Filed in: Industry Trends
The Fortinet Security Fabric now allows organizations to deploy security tools across their entire distributed network, including deep into the data center and core and out to remote devices and the cloud, and then tie them together through a common, management strategy. FortiManager 5.6 provides a single pane of glass management dashboard to present consolidated monitors and controls across a wide range of network and endpoint security products, as well as critical network devices, through an intuitive and customizable dashboard. [Read More]
by RSS Justin Lei  |  Aug 15, 2017  |  Filed in: Industry Trends
      KONNI is a remote access Trojan (RAT) that was first reported in May of 2017, but is believed to have been in use for over 3 years. As Part of our daily threat monitoring, FortiGuard Labs came across a new variant of the KONNI RAT and decided to take a deeper look. KONNI is known to be distributed via campaigns that are believed to be targeting North Korea. This new variant isn’t different from previous variants, as it is dropped by a DOC file containing text that was drawn from a CNN article entitled 12 things... [Read More]
by RSS Jasper Manuel  |  Aug 15, 2017  |  Filed in: Security Research
A few days ago, while scouring through Fortinet’s Kadena Threat Intelligence System (KTIS), we found an emerging spam campaign. Initially, it was the scale that caught our attention, and then it got a lot more interesting when the payload was found out to be a new variant of the infamous Locky. [Read More]
by RSS Floser Bacurio, Joie Salvio, Rommel Joven  |  Aug 14, 2017  |  Filed in: Security Research
Performance testing is used throughout our industry. It helps make decisions. It helps build infrastructure. It helps make sales. But where do we get the data for this performance testing? Should we trust it? How can we use it best? [Read More]
by RSS Alex Samonte  |  Aug 14, 2017  |  Filed in: Business and Technology