threat intelligence


Providing holistic, actionable security intelligence across the entire IT infrastructure is critical for the future of cybersecurity. Fortinet’s Matti Blecher offers his perspective here. Can you give us a glimpse into the threat landscape from a threat intelligence point of view? What are customers facing today? One of the biggest security challenges organizations face is being able to see enough of the network to identify today’s most advanced, multi-vector threats. Ideally, you need to be able to see across the distributed network,... [Read More]
by RSS John Welton  |  Sep 29, 2016  |  Filed in: Industry Trends & News
As I wrote previously, there is an increasing interest by a wide range of organizations to acquire access to external threat intelligence or feeds.  While this is potentially a good thing, it needs to be seen within the context of what an organization can actually do with such information once acquired.  There are a number of challenges organizations need to address to make effective use of threat intelligence data. One major challenge is simply working around existing internal separations of roles or responsibilities (i.e. the network... [Read More]
by RSS Ken McAlpine  |  Sep 16, 2016  |  Filed in: Industry Trends & News
This week’s FortiGuard Threat Intelligence Brief reports on a spike in an Android advertising library, a fake series of banking sites used to phish credentials, as well as a campaign using the old faithful “we couldn’t deliver your package” courier scam. While hackers weren’t quite as active as they were over the past couple of weeks, our top five identified malware variants still generated over 3 million attack attempts. Grab the latest Security Brief here for more details (add link to subscription site.) 1.... [Read More]
by RSS Bill McGee  |  Sep 16, 2016  |  Filed in: Industry Trends & News
This is our third week of the roundup, and things in the cyberthreat world continue to be interesting, including the return of several attacks we have seen for years. Here’s a quick summary of what happened this week. 1. It’s Still About Ransomware. While last week’s spike seems to have calmed down, we are still seeing an alarming amount of ransomware. This week our top 10 detections were all Javascript-based variants of Nemucod, with nearly 7 million attempts logged. It seems like attackers are producing a new Nemucod variant... [Read More]
by RSS Bill McGee  |  Sep 09, 2016  |  Filed in: Industry Trends & News
For those of you who don’t know, Fortinet publishes a threat intelligence roundup every Friday, the Fortinet Threat Intelligence Brief, that reviews new threats and trends. It is a treasure trove of analysis and information that ought to be part of your regimen every Friday. This week is no exception. Here are a couple of teasers and takeaways: 1. Ransomware isn’t going away any time soon. Every time organizations think they have a handle on this, ransomware developers come up with a new variant designed to evade detection.... [Read More]
by RSS Bill McGee  |  Aug 26, 2016  |  Filed in: Industry Trends & News, Security Research
Fortinet’s Derek Manky offers some perspective on Fortinet’s most recent cooperative information sharing agreement and what this means for the future of global cyber threat intelligence.   What did Fortinet announce with KISA today? Fortinet took another important step in an effort to bolster the future of cybersecurity. We signed an agreement with KISA to formalize cybersecurity information sharing, in particular on cyber threats. This partnership is an excellent example of a call to action for intelligence collaboration... [Read More]
by RSS John Welton  |  Aug 09, 2016  |  Filed in: Industry Trends & News, Security Q & A
On Wednesday, Dan Kaminsky delivered the opening keynote address at Black Hat. His talk was entitled, “The Hidden Architecture of our Time: “Why This Internet Worked, How We Could Lose It, and the Role Hackers Play,” and detailed the challenges and risks of the Internet, and what vendors need to do to fix it. Central to his presentation was a discussion of his new hardened browser, IronFrame, and a new firewall technology called Autoclave. Both are built on the premise of hardening and isolating environments in order to reduce... [Read More]
by RSS Bill McGee  |  Aug 05, 2016  |  Filed in: Industry Trends & News
The Show Floor I’m always interested to walk the show floor the first day of a conference to get a sense of what the vendor community has decided is important. The show floor at Black Hat is especially interesting, because while most of the vendors are responding to the security demands of their customers, just upstairs researchers are demonstrating the next generation of threats that haven’t yet, for the most part, been addressed. A quick walk around the floor shows two major trends. The big bets vendors are making are cloud security... [Read More]
by RSS Bill McGee  |  Aug 04, 2016  |  Filed in: Industry Trends & News
Sandbox technology and the ongoing effort to defend and protect against cyber threats continues. Independent testing offers organizations valuable insight into what solutions are best for their use case. Below we discuss this maturing technology and the role of testing with Fortinet’s David Finger. I saw the announcement from NSS Labs about their recent Breach Detection Group Test results. What is the significance? Cyberattacks and breaches continue to be top of mind across organizations, and because of that, sandbox technology (or Breach... [Read More]
by RSS Bill McGee  |  Aug 02, 2016  |  Filed in: Industry Trends & News
The vast majority of security strategies are reactive. The goal is to close the gap between the time to compromise and time to discover. According to the 2016 DBIR report, this compromise time is minutes for a majority (over 80%) of breaches. Solving this problem is complicated because threats are always changing. They have increased in frequency and volume, and they are becoming increasingly sophisticated. This is due, in part, to the dramatic expansion of the available attack surface that cybercriminals can target. Networks are adding end user... [Read More]
by RSS Ladi Adefala and Bill McGee  |  Jun 27, 2016  |  Filed in: Industry Trends & News