fortiguard | Page 2


These are challenging times for security leaders. Business pressures require faster processing of more data, and support for more devices than ever before. Critical data that used to be housed in a secured datacenter now moves across an increasingly complex ecosystem of networked environments, including IoT, cloud, mobile devices and workers, and virtualized networks. The rate of change in some environments is so rapid that many organizations simply can’t keep up. A recent Forrester survey of 342 security leaders found that the largest... [Read More]
by RSS Neil Matz  |  Jul 24, 2017  |  Filed in: Business and Technology
According to a report posted by the Office of the National Coordinator for Health Information Technology, 87 percent of office-based physicians had adopted some form of electronic health record (EHR) as of 2015. This is more than double the 42 percent that had done so when data was collected in 2008. Along with an increase in EHR adoption, we have also witnessed a global healthcare revolution in data collection and research. Access to such data improves the care and quality of life of those individuals these institutions serve. The challenge... [Read More]
by RSS Susan Biddle  |  Jul 19, 2017  |  Filed in: Industry Trends
Fortinet is proud to be a Platinum Plus Sponsor at Black Hat’s 20th anniversary conference, being held this July 22-27 at the Mandalay Bay Convention Center in Las Vegas, NV. Our booth is #915. This year’s booth includes a live theater, and we have lined up great presentations from Fabric-Ready Partners, as well as from some of Fortinet’s top solutions experts.  The presentation schedule will be posted online before the show, and a schedule will also be available at the booth. In addition, Derek Manky, Fortinet’s... [Read More]
by RSS Mike Morgan  |  Jul 14, 2017  |  Filed in: Business and Technology
Joomla! is one of the world's most popular content management systems (CMS). It enables users to build Web sites and powerful online applications. More than 3 percent of Web sites are running Joomla!, and it accounts for more than 9 percent of CMS market share. As of July 2017, Joomla! has been downloaded over 82 million times. Over 7,800 free and commercial extensions are available from the official Joomla! Extension Directory, and more are available from other sources. In my last blog, I discovered 2 Cross-Site Scripting (XSS) vulnerabilities... [Read More]
by RSS Zhouyuan Yang  |  Jul 12, 2017  |  Filed in: Security Research
Information governance is nothing new, but for it to be effective, it requires understanding, flexibility, and collaboration between a variety of teams and departments. Fortinet’s Susan Biddle offers her insights into the role of information governance in organizational security and how healthcare organizations can adapt. Can solid information governance boost security for an organization? If so, in what ways? Security is all about protecting the critical assets and intellectual property of an organization, while maximizing their value.... [Read More]
by RSS Darlene Gannon  |  Jul 12, 2017  |  Filed in: Industry Trends
By now, you will have all heard about the rampant spread of ransomware through countless press pieces, blog articles, and far too often, the outrageous claims of some security vendors. But let’s stop and think for a minute or two. How did these attacks happen? Are companies focusing on valid threats, fixing the right problems, or developing correct processes? Have so-called disruptive technologies disrupted our thinking? Let’s not go tactical. Instead, we need to consider, “what is our best strategy?” Ever since the... [Read More]
by RSS Michael Xie  |  Jul 06, 2017  |  Filed in: Industry Trends
We are currently tracking a new ransomware variant sweeping across the globe known as Petya. It is currently having an impact on a wide range of industries and organizations, including critical infrastructure such as energy, banking, and transportation systems. This is a new generation of ransomware designed to take advantage of timely exploits. This current version is targeting the same vulnerabilities that we exploited during the recent Wannacry attack this past May. This latest attack, known as Petya, is something we are referring to as... [Read More]
by RSS Aamir Lakhani  |  Jun 27, 2017  |  Filed in: Security Research
Summer is upon us – a time for family, fun and travel. Whether you’re going around the block or around the world, odds are you’re taking your work laptop (just in case). And of course, you’re taking your smartphone. Maybe you’ll want to check email on your phone using the hotel’s public WiFi. Maybe the kids want to play an online game on that laptop.  If you haven’t exercised good cybersecurity hygiene, though, you could be opening yourself up to all kinds of fun-zapping connectivity catastrophe... [Read More]
by RSS Anthony Giandomenico  |  Jun 23, 2017  |  Filed in: Industry Trends
Welcome back to our monthly review of some of the most interesting security research publications. This month, let's do a bit of crypto... Past editions: April 2017 March 2017 P. Carru, Attack TrustZone with Rowhammer Rowhammer is an attack on DRAM, which consists in repeatedly accessing given rows of the DRAM to cause random bit flips in adjacent rows. Until now, the attack hadn't been demonstrated on ARM's TrustZone: but that's what the author implemented. He demonstrated that, using... [Read More]
by RSS Axelle Apvrille  |  Jun 22, 2017  |  Filed in: Industry Trends
This past June 17th and 18th, 2017, Google hosted their second annual Capture The Flag (CTF) competition. The Google team created security challenges and puzzles that contestants were able to earn points for solving. It’s a clever way to leverage the security community to help protect Google users, and the web as a whole. Last year, over 2,400 teams competed, and this year the number was even higher. FortiGuard Labs decided to pull together a team and then write up a report on the experience. So, first things first, this challenge was... [Read More]
by RSS Kushal Arvind Shah  |  Jun 21, 2017  |  Filed in: Security Research