security research | Page 2


This was my first time at DefCamp in Romania, and it was definitely a good experience. DefCamp was an interesting mixture of not so technical talks (but with acute insights) and technical ones. Among the "not so technical" ones, I liked the following: Do Tinder bots dream of electric toys? Tinder is a match-making/dating application. Inbar Raz decided to test it. He created a profile according to online guidelines (images with animals, images looking official, etc.) and quickly got many matches. But...it turned out that they... [Read More]
by RSS Axelle Apvrille  |  Nov 18, 2016  |  Filed in: Security Research
VB 2016 Conference was held this year at the Hyatt Regency Hotel in Denver, CO, USA. This conference is an annual event where IT security researchers from around world gather to share their knowledge, learn, and discuss trends in the global threat landscape. This year we had the privilege to attend as well as meet, hang out with, and share ideas with some of the field’s top researchers. The conference scheduled a great lineup of speakers and presentations, so it was tough to pick which topic to attend. We are going to share some here some... [Read More]
by RSS Floser Bacurio Jr. and Rommel Joven  |  Oct 18, 2016  |  Filed in: Industry Trends
We’re into the final quarter of the year, and the cyberthreat landscape continues to be interesting. This week in the Fortinet Threat Intelligence Brief we looked at a number of interesting trends around IoT botnets, continued ransomware problems – both through directed attacks and infected websites, and the spoofing of the Navy Federal US Credit Union. One interesting thing to note is how attacks tend to move from target to target and region to region in waves. This week, for example, we saw a 4X spike in attempts to deliver... [Read More]
by RSS Bill McGee  |  Oct 07, 2016  |  Filed in: Industry Trends
The news is inescapable. Hackers and their nefarious counterparts have been thrust into popular culture, not just in the form of fictional characters like Mr. Robot (see our thoughts on season 1), but in the form of very real individuals and organizations that are responsible for everything from the sophisticated take down of nuclear enrichment facilities to the humiliation of major media organizations. It all sounds terrifying, I know. Which is why I asked some of our very own researchers and analysts to help us separate fact from fiction. In this... [Read More]
by RSS Michael Chalmandrier-Perna  |  Oct 04, 2016  |  Filed in: Industry Trends
Fortinet has developed a talented group of security experts and veterans that work together to design, execute, and administer every conceivable type of networking and security infrastructure. These infrastructures serve the largest enterprises, university campuses, and industry conferences, to small and mid-sized businesses, inter-connected retail locations, and even storm-battered cargo ships. Designing and building any network infrastructure poses unique challenges, and requires extreme diligence in the planning, implementation, and administration.... [Read More]
by RSS Aamir Lakhani  |  Oct 03, 2016  |  Filed in: Industry Trends
For those of you who don’t know, Fortinet publishes a threat intelligence roundup every Friday, the Fortinet Threat Intelligence Brief, that reviews new threats and trends. It is a treasure trove of analysis and information that ought to be part of your regimen every Friday. This week is no exception. Here are a couple of teasers and takeaways: 1. Ransomware isn’t going away any time soon. Every time organizations think they have a handle on this, ransomware developers come up with a new variant designed to evade detection.... [Read More]
by RSS Bill McGee  |  Aug 26, 2016  |  Filed in: Industry Trends, Security Research
Last year, Fortinet’s FortiGuard Labs team made a series of predictions about cyberthreats in 2016. We are now halfway through the year, and thought this might be a good time to give an update on what we have seen so far for some of these predictions.   Prediction #1: The Rise of Machine-to-Machine Attacks The Threat: The exponential increase of unmanaged, “headless devices” driven by the Internet of Things will make these types of devices a tempting target for hackers looking to secure a beachhead into more traditional... [Read More]
by RSS Derek Manky  |  Aug 22, 2016  |  Filed in: Industry Trends
Google patched some Android security vulnerabilities in early August. One of them was a remote code execution vulnerability in Mediaserver (CVE-2016-3820), which was discovered by me. This vulnerability could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue was rated as Critical by Google due to the possibility of remote code execution within the context of the Mediaserver process. The Mediaserver process has access to audio and video streams, as well as access to privileges... [Read More]
by RSS Kai Lu  |  Aug 17, 2016  |  Filed in: Security Research
  In the first quarter of 2016, we realized that there were tons of windows kernel use-after-free (UAF) vulnerability patches in Microsoft bulletins where most of the vulnerabilities came from Google Project Zero, which is favourable to us because we can easily access those proof-of-concepts (POC). While doing a root cause analysis of one of the UAF vulnerabilities stated in CVE-2015-6100, we discovered that there is an alternative way to trigger the same UAF vulnerability, even after the specified patch has been applied due to weak security... [Read More]
by RSS Wayne Chin Yick Low  |  Aug 17, 2016  |  Filed in: Security Research
The Adwind Remote Access Trojan (RAT) is a popular Java-based backdoor capable of infecting Windows, Linux, Mac OS and Android operating systems. Its cross-platform nature, elaborate backdoor features, and relatively cheap price makes it a favourite choice for many cybercriminals today. Earlier this year, it was reported that Adwind was used in at least 443,000 attacks. Adwind has rebranded itself multiple times in the past, using the names “Frutas,” “AlienSpy,” and “Unrecom,” to name a few. The most recent... [Read More]
by RSS Rommel Joven and Roland Dela Paz  |  Aug 16, 2016  |  Filed in: Security Research