FortiGuard Labs


By now, everyone should be aware of two things related to IoT devices. The first is that these devices are being deployed everywhere, with no sign of slowing down. The second is that many of these devices are notoriously insecure. [Read More]
by RSS FortiGuard SE Team  |  Nov 16, 2017  |  Filed in: Security Research
Prosperous nations sometimes take for granted the safe and reliable critical infrastructures that underpin our economies, governments, and personal well-being.  Similar to how we marvel today at the Roman Empire’s aqueducts, the 3rd millennium will likely do the same with today’s critical infrastructures.  That is, if they don’t lead to our downfall. Our Strength, Our Weakness The common understanding of the phrase ‘all roads lead to Rome’ is that there are many different ways to reach a goal. ... [Read More]
by RSS Phil Quade  |  Sep 29, 2017  |  Filed in: Industry Trends
Security researchers have identified more and more Mac OS malware attacks over the past two years. In June 2017, Rommel Joven and Wayne Chin Yick Low from Fortinet’s Fortiguard Labs found and analyzed a new ransomware targeted at Mac OS.  Most malware for Mac OS was developed in the Objective-C programming language. A good introduction to reverse engineering Cocoa applications can be found here. In that blog post, the researcher released an IDAPython script named objc2_xrefs_helper.py  that can only be executed in IDA Pro. As you... [Read More]
by RSS Kai Lu  |  Sep 19, 2017  |  Filed in: Security Research
FortiGuard Labs recently discovered a new malicious PowerPoint file named ADVANCED DIPLOMATIC PROTOCOL AND ETIQUETTE SUMMIT.ppsx. Taking a look at the four slides of the PowerPoint Open XML Slide Show (PPSX) file, we can tell that it targets people from UN agencies, Foreign Ministries, International Organizations, and those who interact with international governments. [Read More]
by RSS Rommel Joven and Jasper Manuel  |  Sep 01, 2017  |  Filed in: Security Research
      KONNI is a remote access Trojan (RAT) that was first reported in May of 2017, but is believed to have been in use for over 3 years. As Part of our daily threat monitoring, FortiGuard Labs came across a new variant of the KONNI RAT and decided to take a deeper look. KONNI is known to be distributed via campaigns that are believed to be targeting North Korea. This new variant isn’t different from previous variants, as it is dropped by a DOC file containing text that was drawn from a CNN article entitled 12 things... [Read More]
by RSS Jasper Manuel  |  Aug 15, 2017  |  Filed in: Security Research
In this second installment, begun with ”The Evolution of the Firewall,” we will take a look at the direction security is headed. From its humble beginnings, the firewall has evolved through several stages of development. Its latest incarnation, built on the legacy of its first two generations, implements the strategic pillars of Segmentation, Access Control, and Real-time analytics/action to realize intent-based network security. The Three Generations of the Firewall With the advantage of looking backwards in time, it’s now... [Read More]
by RSS Phil Quade  |  Jul 26, 2017  |  Filed in: Industry Trends
As the Internet and Digital Economy have grown up, the humble Firewall has continued to serve as their go-to security appliance. In this first of a two-part series, we will examine how, in spite of the evolution of the Firewall through a number of shapes, functions, and roles, it remains the security foundation for implementing the strategic pillars of Segmentation, Access Control, and Real-time analytics/action now and into the future. Change is a fact of life; what doesn’t change usually withers and dies. This is true for both the biological... [Read More]
by RSS Phil Quade  |  Jul 21, 2017  |  Filed in: Industry Trends
Q: You joined Fortinet recently after three decades in cybersecurity roles in government, including most recently the NSA. What has that experience taught you about the nature and scope of the threats that organizations face these days? Some people say that street cops and detectives see an especially negative view of humanity, because, more often than not, they are called to assist with an unlawful or sad situation.  Similarly, coming from the foreign intelligence business, you get a first-hand view of what foreign adversaries aspire to... [Read More]
by RSS Darlene Gannon  |  Jul 18, 2017  |  Filed in: Business and Technology, Security Q & A
As human beings, we are continually looking for knowledge or information to help improve any situation. If we live or work in a crowded city, for example, we want to know which routes are best to avoid getting stuck in traffic. When we enter a restaurant or movie theater we look for the exits. And when suspicious looking person enters the room, part of our mind automatically keeps track of him. This behavior is known as situational awareness, and it’s second nature to most of us. But while such behavior often occurs in our everyday... [Read More]
by RSS Anthony Giandomenico  |  Jun 27, 2017  |  Filed in: Industry Trends
This past June 17th and 18th, 2017, Google hosted their second annual Capture The Flag (CTF) competition. The Google team created security challenges and puzzles that contestants were able to earn points for solving. It’s a clever way to leverage the security community to help protect Google users, and the web as a whole. Last year, over 2,400 teams competed, and this year the number was even higher. FortiGuard Labs decided to pull together a team and then write up a report on the experience. So, first things first, this challenge was... [Read More]
by RSS Kushal Arvind Shah  |  Jun 21, 2017  |  Filed in: Security Research