fortiguard


Recently, the FortiGuard Labs research team observed that a new variant of Poison Ivy was being spread through a compromised PowerPoint file. We captured a PowerPoint file named Payment_Advice.ppsx, which is in OOXML format. Once the victim opens this file using the MS PowerPoint program, the malicious code contained in the file is executed. It downloads the Poison Ivy malware onto the victim’s computer and then launches it. In this blog, I’ll show the details of how this happens, what techniques are used by this malware, as well as... [Read More]
by RSS Xiaopeng Zhang  |  Aug 23, 2017  |  Filed in: Security Research
It has just been a week since the variation of Locky named Diablo6 appeared. Now it has launched another campaign more massive than the previous. This time, it uses “.lukitus”, which means “locking” in Finnish, as the extension for the encrypted files. The FortiGuard Lion Team was the first to discover this variant with the help of Fortinet’s advanced  Kadena Threat Intelligence System [1](KTIS) Fig. 1 Encrypted files with .lukitus extension Fig. 2 Familiar Locky ransom note Same Locky, More Spam This... [Read More]
by RSS Joie Salvio, Rommel Joven and Floser Bacurio  |  Aug 17, 2017  |  Filed in: Security Research
Due to the sensitive information housed within medical records (Social Security numbers, addresses, medical claim data etc.), healthcare has always been one of the most frequently targeted industries by cybercriminals. Hackers who successfully steal this data can profit in a big way, as it has high value in the cybercrime black market. As digital capabilities grow within healthcare, so too do the number of vulnerabilities. This upsurge in capabilities and targets can largely be credited to the rise of the Internet of Medical Things (IoMT),... [Read More]
by RSS Susan Biddle  |  Aug 02, 2017  |  Filed in: Industry Trends
The first day here at Black Hat is over. On the expo floor, a number of vendors are promoting that they now provide critical threat intelligence along with the other technologies they provide. Of course, in general, this is a good thing. The biggest challenge organizations have historically faced has been a lack of visibility into their networks, especially cloud and virtualized environments. The challenge, however, is how are organizations supposed to consume, correlate, and make use of all of this information? Dozens of intelligence feeds from... [Read More]
by RSS Anthony Giandomenico  |  Jul 27, 2017  |  Filed in: Industry Trends
The biggest trend in security today seems to be information sharing. Everyone agrees that sharing threat intelligence is key to detecting and stopping attacks. The challenge isn’t that there aren’t enough sources for threat intelligence, but that there is simply too much information being generated, and that includes far too much redundancy. What we need an ecosystem to vet and process the information first – an information exchange and clearing house – like the cyber threat alliance (CTA) that Fortinet helped establish back... [Read More]
by RSS Derek Manky  |  Jul 27, 2017  |  Filed in: Industry Trends
These are challenging times for security leaders. Business pressures require faster processing of more data, and support for more devices than ever before. Critical data that used to be housed in a secured datacenter now moves across an increasingly complex ecosystem of networked environments, including IoT, cloud, mobile devices and workers, and virtualized networks. The rate of change in some environments is so rapid that many organizations simply can’t keep up. A recent Forrester survey of 342 security leaders found that the largest... [Read More]
by RSS Neil Matz  |  Jul 24, 2017  |  Filed in: Industry Trends
According to a report posted by the Office of the National Coordinator for Health Information Technology, 87 percent of office-based physicians had adopted some form of electronic health record (EHR) as of 2015. This is more than double the 42 percent that had done so when data was collected in 2008. Along with an increase in EHR adoption, we have also witnessed a global healthcare revolution in data collection and research. Access to such data improves the care and quality of life of those individuals these institutions serve. The challenge... [Read More]
by RSS Susan Biddle  |  Jul 19, 2017  |  Filed in: Industry Trends
Fortinet is proud to be a Platinum Plus Sponsor at Black Hat’s 20th anniversary conference, being held this July 22-27 at the Mandalay Bay Convention Center in Las Vegas, NV. Our booth is #915. This year’s booth includes a live theater, and we have lined up great presentations from Fabric-Ready Partners, as well as from some of Fortinet’s top solutions experts.  The presentation schedule will be posted online before the show, and a schedule will also be available at the booth. In addition, Derek Manky, Fortinet’s... [Read More]
by RSS Mike Morgan  |  Jul 14, 2017  |  Filed in: Industry Trends
Joomla! is one of the world's most popular content management systems (CMS). It enables users to build Web sites and powerful online applications. More than 3 percent of Web sites are running Joomla!, and it accounts for more than 9 percent of CMS market share. As of July 2017, Joomla! has been downloaded over 82 million times. Over 7,800 free and commercial extensions are available from the official Joomla! Extension Directory, and more are available from other sources. In my last blog, I discovered 2 Cross-Site Scripting (XSS) vulnerabilities... [Read More]
by RSS Zhouyuan Yang  |  Jul 12, 2017  |  Filed in: Security Research
Information governance is nothing new, but for it to be effective, it requires understanding, flexibility, and collaboration between a variety of teams and departments. Fortinet’s Susan Biddle offers her insights into the role of information governance in organizational security and how healthcare organizations can adapt. Can solid information governance boost security for an organization? If so, in what ways? Security is all about protecting the critical assets and intellectual property of an organization, while maximizing their value.... [Read More]
by RSS Darlene Gannon  |  Jul 12, 2017  |  Filed in: Industry Trends