botnets


Today, Fortinet released our quarterly Threat Landscape Report for Q4 of 2016. The data in it was drawn from millions of security devices located around the world that analyze up to 50 billion threats a day. Which means that the conclusions and trends detailed in this report are based on over a trillion security events that occurred between Oct 1 and Dec 31, 2016. [Read More]
by RSS Derek Manky  |  Mar 28, 2017  |  Filed in: Security Research
Until relatively recently, mobile malware wasn't that different from early PC malware - It was annoying, it probably invaded your privacy, and it took a toll on system resources but it wasn't especially dangerous or costly in the way that modern weaponized malware used to attack PCs, servers, and point-of-sale systems was. And just as early malware primarily targeted a single OS (Windows), mobile malware remains almost exclusively a problem for Android. However, it appears that Stagefright has served as something of a wakeup call for the... [Read More]
by RSS Chris Dawson  |  Aug 12, 2015  |  Filed in: Industry Trends
"None of us is as good as all of us." This quote, attributed to Ray Kroc, co-founder of McDonald's, is echoed in many management and leadership success stories. It was the foundation to his business philosophy that not only transformed the fast food industry, but redefined enterprise teamwork and collaboration. And today, it embodies our efforts to stop cybercrime. In the news today, Fortinet and Palo Alto Networks announced the development of a jointly founded, cyber defense consortium (www.cyberconsortium.org), whose mission is to drive a coordinated... [Read More]
by RSS UnAttributed  |  May 30, 2014  |  Filed in: Industry Trends
For most organizations, regardless of industry, forming strategic partnerships are critical in achieving objectives. In the case of security organizations, partnerships are vital for better sharing and disseminating threat information, disrupting malware and tracking down cybercriminals and handing them over to appropriate law enforcement channels for prosecution. The FortiGuard team at Fortinet, for example, has partnerships with organizations such as VirusTotal, an independent online service that analyzes files and URLs in an effort to aid the... [Read More]
by RSS Stefanie Hoffman  |  May 17, 2012  |  Filed in: Industry Trends
In the past month changes in the SpyEye botnet kit have more or less stopped, after a very busy year in which many new versions were released. I was recently looking at all of the information I have from testing and analysis of these versions, when it occured to me that this lull in activity would be a good time to put some organized results together. Then when SpyEye returns, in some mutant, Zbot like form, we will have something like a guide to its workings, which should be useful. A good place to start this process is with the SpyEye botnet... [Read More]
by RSS Doug Macdonald  |  Feb 15, 2011  |  Filed in: Security Research
Recently I've been working on an analysis of Sasfis botnet communications. During the tests I noticed that when the bot installs itself, it adds a registry key named "idid", with some random looking data in it. The data was added under the name "url0", so it seemed like it must be an encrypted URL. Here is an example from one of the bot variants: Key Name: HKEY_CLASSES_ROOT**idid** Name: url0 00000000 1e 9b 6d d8 89 e6 c4 50 7f fd 13 6b fa e2 f4 17 00000010 1a 80 78 cc d6 bb c4 55 73 b5 07 77 a4 81 3a 71 00000020... [Read More]
by RSS Doug Macdonald  |  Mar 10, 2010  |  Filed in: Security Research