Latest Posts


All users of vulnerable versions of the Microsoft Windows Server are encouraged to upgrade to the latest version of this software. Additionally, organizations that have deployed Fortinet IPS solutions are already protected from this vulnerability. [Read More]
by RSS Honggang Ren  |  Mar 23, 2017  |  Filed in: Security Research
On March 16, FortiGuard Labs captured a new Word file that spreads malware by executing malicious VBA (Visual Basic for Applications) code. The sample targeted both Apple Mac OS X and Microsoft Windows systems. We then analyzed the sample, and in this blog we are going to explain how it works, step by step. When the Word file is opened, it shows notifies victims to enable the Macro security option, which allows the malicious VBA code to be executed. Malicious Word File is Opened Figure 1. Asks victim to enable Macro security option Once... [Read More]
by RSS Xiaopeng Zhang & Chris Navarrete  |  Mar 22, 2017  |  Filed in: Security Research
Fortinet spoke with Fabric-Ready Partner, Versa Networks to learn what’s top of mind for its customers, the key IT challenges they are facing and how Versa Networks’ approach to integrated security is helping drive business and customer success. [Read More]
by RSS Darlene Gannon  |  Mar 22, 2017  |  Filed in: Industry Trends & News
Over the last few months we discovered and reported multiple vulnerabilities found in different versions of Microsoft Word. These vulnerabilities were patched in the January (MS17-002) and March (MS17-014) security updates. These patches are rated as important, and as always, we suggest users update Microsoft Office as soon as possible. [Read More]
by RSS Tony Loi and Wayne Chin Yick Low  |  Mar 21, 2017  |  Filed in: Security Research
More than any other database containing sensitive information for a large quantity of people, electronic health records (EHRs) are an especially attractive target for hackers. The patient data they hold can be used for financial gain, as recent reports show that stolen healthcare databases are being sold on the deep web for as much as US$500,000. But we’ve also seen a number of instances where large data breaches have occurred at the hands of state actors looking to collect data for espionage purposes. No matter the reasoning behind... [Read More]
by RSS Susan Biddle  |  Mar 21, 2017  |  Filed in: Industry Trends & News
IP cameras were the second most attacked devices in 2015, at around 363,000 hits. But in 2016 the number dropped to approximately 36,000 hits [Read More]
by RSS Gavin Chow  |  Mar 20, 2017  |  Filed in: Security Research
Fortinet is participating in IBM’s premier industry event, the IBM InterConnect 2017 conference, this week, from March 19-23 in Las Vegas [Read More]
by RSS Neil Prasad  |  Mar 20, 2017  |  Filed in: Industry Trends & News
Tags: IBM cloud
Introduction Fortinet recently discovered a new botnet capable of stealing large amounts of user information, as well as remotely manipulating compromised machines. The malware appears to be based on an older botnet known as Grabbot, which was first discovered back in November of 2014[1]. This new variant improves on that existing functionality while adding several dangerous new features. This blog aims to offer a quick insight into how Grabbot functions. Replication The bot can be found hosted on a number of compromised websites with a... [Read More]
by RSS David Wang and He Xu  |  Mar 17, 2017  |  Filed in: Security Research
Blockchain is a technology that basically distributes a ledger. For those of you in the financial management world, you know a ledger as the trusted source of transactions or facts. The same is true with blockchain. But instead of existing in a large leather bound tome or in a financial management application, blockchains are managed by a distributed set of computing resources working together to maintain that ledger. Each transaction, or block within it, is linked together in an indisputable manner using public/private key encryption and internal... [Read More]
by RSS Keith Rayle  |  Mar 17, 2017  |  Filed in: Industry Trends & News
The financial services industry was a primary target for cybercriminals in 2016, and due to the value of its data, it will remain in the crosshairs as we embark on 2017. As a result, financial services CIOs will be faced with security decisions and challenges that will likely keep them up at night. While this isn’t an exhaustive list of challenges CIOs will face in the coming year, we’ve outlined several challenges we believe nearly all financial services organizations will have to face in 2017. Let’s take a closer look. 1.... [Read More]
by RSS Brian Forster  |  Mar 16, 2017  |  Filed in: Industry Trends & News