It’s Friday night, tomorrow is Halloween, Daylight Saving Time ends this weekend, and it’s the end of National Cyber Security Awareness Month. This week has seen big breaches, teenagers arrested for hacking TalkTalk, escalating international cyber tensions, and what appears to be even more new vulnerabilities and zero-days announced than usual.
However, it isn’t all doom and gloom, shorter colder days, reduxes of Cold War rhetoric with some cyber buzzwords woven in, and kids running afoul of the law this week. We saw some of the biggest rivals in the security industry come together to do some serious collaborative research, our own researchers at FortiGuard Labs found a boatload of vulnerabilities and promptly implemented protections, Cyber Security Awareness Month actually started some great conversations, and FortiGuard researchers have a present for you. Yes, a present. And we all do get an extra hour of sleep this weekend, so there’s definitely a silver lining in there somewhere.
Let’s start with the present. Because who doesn’t like presents? FortiGuard researchers in our Singapore office have compiled data on some of the biggest social engineering tactics that allow phishing to remain a highly effective attack vector. We’ll be talking more about their findings next week, but for now, check out the report and share it with the users who just haven’t quite figured out how to sort the wheat from the chaff in the inboxes.
National Cyber Security Awareness Month wrapped up this week with several of us talking about the final theme – building the next generation of cyber professionals. It’s actually something we talk about a lot here at Fortinet, both in terms of shifting approaches in K12 education and looking at higher and continuing ed opportunities to address serious shortages in the cyber security labor pool.
Did I mention new vulnerabilities? Yeah, there were a few (OK, a lot) this week, but we’ll just call out the bigger disclosures from FortiGuard Labs:
- Oracle VirtualBox Remote Display Server DoS Vulnerability Disclosed by FortiGuard Labs
- FortiGuard Labs Discloses XSS Vulnerability in MantisBT
- FortiGuard Labs Discloses Another Shockwave Vulnerability
The good news this week, though, came out of the Cyber Threat Alliance. Fortinet is a founding member of the group, which just released a highly detailed report on CryptoWall 3. The good news isn’t the ransomware itself, but the collaborative process that went into the research. Check out our coverage below:
- Threat Intelligence Sharing At Work: Cyber Threat Alliance Tracks CryptoWall Version 3
- Why the Cyber Threat Alliance And Their CryptoWall V3 Report Matter To You
- Collaborating on Threat Research: What We Learned from the Cyber Threat Alliance CryptoWall v3 Research Project
So that’s a wrap! Eat some candy this weekend, set your clocks back, and check back next week for more news and views.