Latest Posts


The healthcare industry continues to ride the digital wave to improve patient care and organizational efficiency in addition to reducing costs. Hospitals and health systems are relying on electronic health records (EHRs), the cloud, and the Internet of Things (IoT) more than ever. While these technologies are convenient, efficient, and enable a higher degree of patient-centric care, they can be jeopardized by cybercriminals. Stolen patient data can easily be sold on the dark web to criminals looking to extort money, commit identify fraud, spearphish,... [Read More]
by RSS Susan Biddle  |  Feb 20, 2017  |  Filed in: Industry Trends & News
I discovered and reported multiple critical zero-day vulnerabilities in Adobe Flash Player last November. This Tuesday, Adobe released a security patch which fixed them. [Read More]
by RSS Kai Lu  |  Feb 19, 2017  |  Filed in: Security Research
At the end of last year, a critical vulnerability in PHPMailer that affected millions of websites – CVE-2016-10033 -  was discovered by Polish security researcher Dawid. This vulnerability allows an attacker to compromise the target’s web application by executing remote code on the vulnerable web server. There are numerous open source web applications that use PHPMailer as their main library for sending emails, including WordPress, Joomla, Yii, SugarCRM… More than a month after PHPMailer released a patch for this critical... [Read More]
by RSS Tien Phan   |  Feb 16, 2017  |  Filed in: Security Research
RSA 2017 is a wrap. The final sessions are being recorded, the coat check area is filled with luggage, and the smell of propane is filling the show floors as forklifts begin to deliver packing crates to this year’s crop of security vendors. As expected, the hottest security topics and offerings were related to IoT and the cloud. Threat intelligence and SOCs were also top of mind as companies try to get a handle on the deluge of data and devices flooding their networks. In spite of the veneer of innovation, however, for far too many vendors... [Read More]
by RSS Bill McGee  |  Feb 16, 2017  |  Filed in: Industry Trends & News
Given the popularity and success of ransomware, it is no surprise that malware authors have been developing more ransomware than ever before. Last year’s cost of ransomware attacks reached $1 billion, which not only shows how this affects businesses, but for cybercriminals the potential pay-out for cyber-extortion can be very lucrative. The rise of ransomware infections may also be attributed to the attractiveness growing availability of Ransomware-as-a-Service (Raas). Ransomware authors posts are now developing user-friendly... [Read More]
by RSS Rommel Joven  |  Feb 16, 2017  |  Filed in: Security Research
By now, everyone has heard the numbers. IoT is part of a networking revolution that is transforming the world. Experts predict that by 2020 there will be over 33 billion IoT devices deployed, or 4.3 Internet-connected devices for every man, woman, and child on the planet. Of course, IoT is more than just one thing. There are a variety of IoT devices and categories, each with their own implications. Consumer IoT includes the connected devices we are most familiar with, such as smart cars, phones, watches, laptops, connected appliances, and... [Read More]
by RSS John Maddison  |  Feb 15, 2017  |  Filed in: Industry Trends & News
Remcos is another RAT (Remote Administration Tool) that was first discovered being sold in hacking forums in the second half of 2016. Since then, it has been updated with more features, and just recently, we’ve seen its payload being distributed in the wild for the first time. This article demonstrates how this commercialized RAT is being used in an attack, and what its latest version (v1.7.3) is capable of doing. Remcos is currently being sold from $58 to $389, depending on the license period and the maximum number of masters or clients... [Read More]
by RSS Floser Bacurio and Joie Salvio  |  Feb 14, 2017  |  Filed in: Security Research
Fortinet, VMware, and International Data Corporation (IDC) are hitting the road with the Agile Cloud Security series of events across EMEA, with the aim of increasing awareness of the security challenges digital transformation and cloud present, along with the solutions available to address these challenges.  From February to June, this road show will visit seven countries across the Middle East, Europe, and Africa. [Read More]
by RSS Annabelle Sou  |  Feb 13, 2017  |  Filed in: Industry Trends & News
Tags:
If we want to get ahead of cybercrime, we must share information. A collection of companies working together to collect and share intelligence will always have better visibility into the threat landscape than one organization on its own. Seeing new threats as soon as they emerge increases our ability to respond and protect valuable resources. There is a lot of raw data for organizations to use, from both global sources and within their own networks. Unfortunately, most security infrastructures were not designed to effectively consume, correlate,... [Read More]
by RSS Ken Xie  |  Feb 13, 2017  |  Filed in: Industry Trends & News
Information sharing continues to be a topic that remains timely and vital in global cybersecurity. As an industry, it is well understood that turning the tide on cybercrime requires actionable information sharing across networks, borders, and vendors. Fortinet’s Derek Manky offers some perspective ahead of RSA 2017 in San Francisco. Why is information sharing so important today? Sharing information proactively across all verticals and public or private organizations is essential moving forward. Organizations continue to struggle against... [Read More]
by RSS John Welton  |  Feb 10, 2017  |  Filed in: Industry Trends & News