encryption


When considering security solutions for your hybrid cloud environment, here are some critical areas to look at in terms of security performance. [Read More]
by RSS John Maddison  |  Sep 14, 2017  |  Filed in: Industry Trends
Welcome back to our monthly review of some of the most interesting security research publications. This month, let's do a bit of crypto... Past editions: April 2017 March 2017 P. Carru, Attack TrustZone with Rowhammer Rowhammer is an attack on DRAM, which consists in repeatedly accessing given rows of the DRAM to cause random bit flips in adjacent rows. Until now, the attack hadn't been demonstrated on ARM's TrustZone: but that's what the author implemented. He demonstrated that, using... [Read More]
by RSS Axelle Apvrille  |  Jun 22, 2017  |  Filed in: Industry Trends
We aren’t talking about some potential future threat. Our FortiGuard Labs team just reported on a new ransomware variant targeting Mac devices. Which means it’s time to get serious about protecting these (Mac) devices. [Read More]
by RSS Aamir Lakhani  |  Jun 12, 2017  |  Filed in: Security Research
Just recently, we discovered a Ransomware-as-a-service (Raas) that uses a web portal hosted in TOR network which has become a trend nowadays. It is rather interesting to see cybercriminals attack a different operating system other than Windows. And this could be the first time to see Raas that target Mac OS. [Read More]
by RSS Rommel Joven and Wayne Chin Yick Low  |  Jun 09, 2017  |  Filed in: Security Research
Fortinet has discovered a new open-source PHP ransom malware that has been targeting web sites using a simple encryption algorithm that is effective enough to really frighten web server owners. What is more interesting, however, is the information we have uncovered regarding the possible roots of the attacks/attackers. Basing only on the email address that it uses for ransom negotiations, “japanlocker@hotmail.com”, victims and researchers alike may make an obvious guess where the attacks may have come from. However, our investigation... [Read More]
by RSS Artem Semenchenko and Joie Salvio  |  Oct 19, 2016  |  Filed in: Security Research
  Another new ransomware has joined the file-encrypting bandwagon. Only this time, instead of choosing what types of files to encrypt, it has decided to join the league of a few others and encrypt the entire disk directly using an open-source tool called DiskCryptor. This is not the first time that disk-encrypting ransomware has hit the spotlight. Earlier this year, Petya ransomware wreaked havoc by encrypting disks through the master file table (MFT), denying access to user files. Unlike that former attack, however, this new ransomware... [Read More]
by RSS Joie Salvio  |  Sep 27, 2016  |  Filed in: Security Research
It’s been just less than a month since the Shark Ransomware was discovered, and there is already an upgrade from the same authors, along with a new Ransomware-as-a-Service (RaaS) website,a new name, and new features. While this site follows the standard RaaS business model being commonly used by other ransomware developers, it has a new twist.  Besides the usual offer to let users customize and build their own ransomware, Atom is being promoted as a “Ransomware Affiliate Program.” The twist is that it offers the soon-to-be... [Read More]
by RSS Rommel Joven  |  Sep 12, 2016  |  Filed in: Security Research
Q&A on Encryption with Aamir Lakhani Encryption remains a hotly debated topic of discussion in cybersecurity. Fortinet’s Aamir Lakhani offers some perspective on what customers think about encryption today and going forward. Why is encryption currently such a hot topic? Privacy is a major concern right now. The Edward Snowden leaks in 2013 made people more aware than ever about their lack of privacy. They have also raised such questions as: Do we have a fundamental right to privacy? How far do we protect privacy? In the past,... [Read More]
by RSS John Welton  |  Jul 07, 2016  |  Filed in: Industry Trends
On April 25, 2016, Blue Coat published an article on a new Android Ransomware, called "Dogspectus.” On May 12, 2016, Dell SonicWALL published a separate report on the Android Lockscreen malware campaign with similar characteristics to Dogspectus. These similarities are not a coincidence. We began our own extensive investigation into this ransomware some time ago, and will share additional technical details of this malware here that have not been previously discussed. Technical Details The main Android Application Package (APK) of... [Read More]
by RSS Homing Tay  |  May 19, 2016  |  Filed in: Security Research
The competition for the most secure instant messaging tool has been running for years. It re-surfaced this month when WhatsApp announced it has completed implementing end-to-end encryption. Curiously, in security research circles, this has resulted in endless debates between WhatsApp and Telegram. Very much like Emacs vs Vi, everybody has a (strong) opinion, but there is no general consensus. ;) I think we can agree that Signal, WhatsApp, and Telegram stand out as the most secure messaging solutions - thanks to end-to-end encryption or Perfect... [Read More]
by RSS Axelle Apvrille  |  Apr 15, 2016  |  Filed in: Industry Trends