Latest Posts | Page 139


This is the topic of an Interop panel featuring Anthony James, Fortinet vice president of products, and folks from Juniper Networks, Palo Alto Networks and Ashton, Metzler & Associates. The panel will be at 11:30 a.m. tomorrow at Mandalay Bay, Breakers E room. Here's the overview: _The traditional wide-area network (WAN) firewall makes two flawed assumptions. One assumption is that the information contained in the first packet in a connection is sufficient to identify the application. The second assumption is that the transmission control... [Read More]
by RSS Rick Popko  |  May 19, 2009  |  Filed in: Security Research
Fortinet delivers a new generation of high-performance security with FortiOS 4.0, extending the scope of consolidated security and networking capabilities within FortiGate® multi-threat network security platforms. In this video Jason Wright of Fortinet’s product group provides a quick introduction to it's top new features, including: WAN Optimization Application Control SSL Inspection Data Leakage Prevention (DLP) [display_podcast] For more information, please visit http://www.fortinet.com/products/fortios/ [Read More]
by RSS Rick Popko  |  May 19, 2009  |  Filed in: Security Research
Tags: video
Our sensors (i.e. our digital media person, a rabid fan of Facebook) caught today some interesting Facebook private messages. One of such, sent by a "Friend" to about 100 contacts of hers, merely consisted in a domain name, as can be seen below: Fortunately for Daniel, he did not know what to do with it (or he knew, but did not want to); yet other recipients may have recognized a domain name, and entered it in their browser's address bar, out of curiosity. After all, that's from Martha, and she usually sends rather funny links. Of course, the... [Read More]
by RSS Guillaume Lovet  |  May 04, 2009  |  Filed in: Security Research
Recently, we stumbled upon a strange Javascript file; at first sight, it looked like a totally legitimate, clean file. The file name is jquery.js and has all the characteristics of a proper jquery file. Even the header was kept: /* * jQuery JavaScript Library v1.3.1 * http://jquery.com/ * * Copyright (c) 2009 John Resig * Dual licensed under the MIT and GPL licenses. * http://docs.jquery.com/License * * Date: 2009-01-21 20:42:16 -0500 (Wed, 21 Jan 2009) * Revision: 6158 */ jquery is a popular javascript library used as said on the homepage (http://jquery.com/)... [Read More]
by RSS David Maciejak  |  Apr 30, 2009  |  Filed in: Security Research
Our April 2009 Threat Landscape Report is now available, recapping a month of threat activity from exploits and malware, to spam. Here are some key movements from the report along with comments: Waledac is one of the most active malware families to be on the lookout for. This period, we saw a fifth campaign hit since the beginning of this year, serving up malicious variants disguised as SMS spying software. With frequent campaigns, heavy server side polymorphism, binaries packed with fluctuating seed lists (portions of its network), and peer to... [Read More]
by RSS Derek Manky  |  Apr 28, 2009  |  Filed in: Security Research
In my last post, I mentioned the use of 2D codes on on-line ready-to-print stamps for the French Post Office. In particular, I was surprised to find out those codes could embed an URL and automatically have the 2D barcode reader follow that link. Far enough to prick my curiosity: I tried it out. 2D codes are really amazing because you do not need any particular equipment to read them, only a mobile phone with a camera (but this is getting quite common) and a barcode reader application. I tried it out on a freeware mobile application download server... [Read More]
by RSS Axelle Apvrille  |  Apr 21, 2009  |  Filed in: Security Research
We are entering (arguably we have already entered) a digitally bound world where business, service and information flow is bountiful. In parallel, threats have been very active: we have seen a constant increase in malicious code even after a heavy spike in 2007. This increasing trend has carried over into 2009. Most of this increase is simply a flood of variants using packing techniques, server side polymorphism, obfuscation, etc. However, there are always new threats coming out to play. Scareware, ransomware, social networking worms, mobile platform... [Read More]
by RSS Derek Manky  |  Apr 16, 2009  |  Filed in: Security Research
The French Post Office now offers a new online Web service for end-users to print their own stamps, on their own printers.* Although I hate lining up for stamps at the post office, I just wonder if they really have thought it through. The stamps are issued for a 60-day period, and they contain a small 2D barcode on the right proving their authenticity. This code probably contains a signature of the expiration date (of course) and the stamp's value (otherwise a given authenticity code could be re-used on a stamp with a greater value). By the way,... [Read More]
by RSS Axelle Apvrille  |  Apr 13, 2009  |  Filed in: Security Research
Well that would be the usual boring answer from the guy down at the pub who isn't really entering in to the spirit of the conversation. How about this one... Be shot out of a cannon - that's pretty dangerous. But with a little thought we can make it safer. For a start, how big is the cannon? Where is it aiming? Can I wear a crash helmet? Can I land in a very large safety net? Can I get someone else to do it for me? Of course, reading email can be a pretty dangerous business to, with all those requests from your bank, or someone else's bank, to... [Read More]
by RSS Darren Turnbull  |  Apr 07, 2009  |  Filed in: Security Research
In today's context, where the majority of Zombie infections occur via victim's browser exploitation (aka "drive-by install"), a Cyber Guerilla is taking place between malware analysts and Web Exploitation Toolkits developers. The latter used to merely resort to counter-measures (such as dynamic obfuscation or code splitting) in order to hinder the analysis of the malicious javascripts embedded in their exploitation toolkits. But it seems they have now entered a genuinely more aggressive phase, which involves booby-trapping the malicious javascripts... [Read More]
by RSS David Maciejak  |  Apr 02, 2009  |  Filed in: Security Research