sandbox


There have been numerous cases where advanced malware has been linked to significant data breaches. Malware authors employ a variety of techniques to hide their malicious intent, including the use of packing utilities to create “packed malware.” Ladi Adefala, Senior Security Strategist at Fortinet, explains how a real time sandbox can change the game with regard to defending against these sophisticated attacks. What is Packed Malware? Packed malware is one of the most common types of advanced malware, carefully designed to evade... [Read More]
by RSS Ladi Adefala  |  Dec 07, 2016  |  Filed in: Security Q & A
On September 26th, Fortinet announced our new Fortinet Fabric Ready Program, which delivers on the “Open” attribute of the Fortinet Security Fabric by providing threat intelligence visibility across multi-vendor cybersecurity solutions. Cross-product  coordination (regardless of vendor) is a critical capability for today’s enterprises, as it is rare for an organization to completely source all IT security components from a single vendor across the entirety of their network and covering all attack vectors.  Leaving... [Read More]
by RSS David Finger  |  Oct 18, 2016  |  Filed in: Industry Trends & News
The Internet of Things (networks of uniquely identifiable endpoints, or "things," that communicate without human interaction using embedded IP connectivity) is the next industrial revolution. Estimates say there will be 24 Billion IoT devices installed by 2020, and $6 Trillion will be invested in IoT devices over the next 5 years. With that kind of growth and investment, protecting each of these “things” and their corresponding interactions with other components, including our networks, will be critical. So where is this... [Read More]
by RSS Daniel Cole  |  Sep 14, 2016  |  Filed in: Industry Trends & News
Sandbox technology and the ongoing effort to defend and protect against cyber threats continues. Independent testing offers organizations valuable insight into what solutions are best for their use case. Below we discuss this maturing technology and the role of testing with Fortinet’s David Finger. I saw the announcement from NSS Labs about their recent Breach Detection Group Test results. What is the significance? Cyberattacks and breaches continue to be top of mind across organizations, and because of that, sandbox technology (or Breach... [Read More]
by RSS Bill McGee  |  Aug 02, 2016  |  Filed in: Industry Trends & News
Overview Over the last few months, the Shifu banking Trojan has become more common in the wild prevalent and the malware family has been getting a fair amount of attention both from researchers and the mainstream media. there have been a number of discussions surrounding the malware family. We also became aware that this malware attempts to bypass our sandbox technology, FortiSandbox. In this post, we will share some of our findings on this new banking Trojan and also talk about how our technologies can support and address Shifu. Prevalence While... [Read More]
by RSS Floser Bacurio  |  Nov 03, 2015  |  Filed in: Industry Trends & News
Are we losing the fight against malware and the hackers who are making every day a zero day? ***** MAY CONTAIN SPOILERS ***** Few authors are as skilled as GRRM when it comes to killing off important characters. Clearly, that oft-uttered phrase from the eastern continent, “valar morghulis”, is not just an empty bit of High Valyrian for the Game of Thrones author. For the two or three of you out there who haven’t heard of fierce tween, Arya Stark, utter the phrase valar morghulis, it literally translates to “All... [Read More]
by RSS Chris Dawson  |  Apr 10, 2015  |  Filed in: Industry Trends & News
Protection from advanced cyber threats requires a holistic approach to security - Including powerful sandboxing technologies. When we talk about sandboxes, we’re not talking about that big pile of dirt and germs you played in as a kid, although the name is certainly apt given the sorts of threats and infections that get bounced around in sandbox appliances. Sandboxes are either physical or virtual appliances that actually allow potentially malicious code to run in a safe environment where their behavior can be observed directly. Sandboxing... [Read More]
by RSS Chris Dawson  |  Mar 04, 2015  |  Filed in: Industry Trends & News
The main issue with Hack.Lu this year was that there were too many interesting things in parallel: interesting talks, workshops, CTF... :) Talks 19 year old Filippo Valsorda talked about the setup of https://filippo.io/Heartbleed/ (heartbleed testing website) and his surprise at how many requests the website got. Several end-users also misunderstood the site and thought he would fix the issue, not just say if vulnerable. Attila Marosi presented his reverse engineering of some leaked Android FinSpy spyware. His tools to run a fake FinFisher server... [Read More]
by RSS Axelle Apvrille  |  Nov 10, 2014  |  Filed in: Security Research
Let's face it, Advanced Persistent Threatsare becoming smarter, and well, more advanced. It's no secret that cybercriminals are developing more sophisticated and subtle attacks equipped with a slew of highbrow features such as self-awareness and the ability to stealthily dodge countless security systems. With intelligence as the weapon of choice, attacks are more dangerous than they ever have been. As such, advanced threats require an equally robust security system to effectively stop them in their tracks. Signature-based solutions often won't... [Read More]
by RSS Stefanie Hoffman  |  Dec 05, 2013  |  Filed in: Industry Trends & News
A psychologist might tell you that the way a child plays in the sandbox is a reflection of how they will act in their adult life. The same is true for malicious software, though we aren't speaking about the same sandbox. There is a growing concern among security professionals about advanced persistent threats (APTs). The problem is not new, but it is of growing importance. Now, more than ever, highly targeted attacks (often specifically crafted to beat traditional defenses) pose a significant risk to enterprise level organizations. Despite advances... [Read More]
by RSS David Finger  |  Nov 19, 2013  |  Filed in: Security 101