threat research | Page 3


Ransomware is a category of malware that scrambles your files or lock your computer while asking for ransom.  We have encountered different versions of ransomware, and seen their effects.  We also have seen a different kind of ransomware that not only holds your computer for ransom, but also infects your files for persistency. Virlock is a ransomware that locks your screen for ransom, while infecting your files with its malicious code. Virlock is an interesting malware not only because it is a ransomware and file infector in one, but... [Read More]
by RSS Raul Alvarez  |  Jan 26, 2016  |  Filed in: Security Research
Phishing works. Not all the time, not every time, but enough of the time. Either because users are in a hurry, are careless, or simply aren’t well-trained enough to recognize an attack, phishing emails catch enough employees and consumers that cybercriminals continue to fire them off by the millions and use them to deliver all manner of malware, lure users to fake or compromised sites and steal personal information. It doesn’t help that phishing emails are becoming increasingly sophisticated. While some are still quite easily recognized... [Read More]
by RSS Chris Dawson  |  Nov 11, 2015  |  Filed in: Industry Trends & News
Fortinet, like most members of the security community, understands that we’re entering uncharted territory as the Internet of Things becomes a mainstream phenomenon. To that end, Fortinet invests significant resources into threat intelligence and researchers who work every day to discover new vectors of attack and strategies for cyber infection before they can be deployed maliciously. One such vector, discovered by Fortinet senior threat researcher, Axelle Apvrille, allows an attacker to inject unauthorized code onto a Fitbit band over... [Read More]
by RSS Derek Manky  |  Oct 23, 2015  |  Filed in: Industry Trends & News
Computer crime has long since gone pro. It’s been years since the computer hacker was a solo act, working out of their basement and defacing web sites for glory. These days it’s all about the money or an agenda, and adversary groups operate like businesses with division of labor and diversification. Criminals are buying up intellectual property, selling personal information and credit card numbers, and even selling their tech support to other hackers. The best way to combat organization is to become organized, and the security community... [Read More]
by RSS Jeannie Warner  |  Jul 16, 2015  |  Filed in: Industry Trends & News
Security has typically fallen under the purview of IT, but it’s time to elevate it to a C-suite level discussion. Seemingly every time we turn around there’s something in the news or on social media about high-profile companies like Target, Sony Pictures, Home Depot and JP Morgan Chase experiencing data breaches -- making them almost commonplace and lowering their shock value as a result. Yet, that’s a compelling reason why organizations need to come together and discuss how to protect their network infrastructure. It’s no... [Read More]
by RSS Esther Shein  |  Jun 10, 2015  |  Filed in: Industry Trends & News
Vawtrak, also known as Neverquest, is a banking trojan that is capable of bypassing 2FA (two factor authentication) on some financial institutions. It is also one of your typical information stealer. One of the main strengths of Vawtrak is its use of layering techniques within its code. Within its layers, Vawtrak employs different armoring strategies such as Anti-Emulator, Anti-Debugger, Anti-Analysis, Encryption/Decryption/Hashing, Compression/Decompression, Garbage collection, and Code injection. TOR 101 The Onion Router, or simply known... [Read More]
by RSS Raul Alvarez  |  Jun 05, 2015  |  Filed in: Industry Trends & News
Tucked deep in the Pacific Northwest, there is a global battle being faught. The battle is over the world’s data and no company is safe. But as Digital Strategy Director, Jonas Tichenor shows us, there is a team of hackers and analysts detecting, analyzing, and stopping attacks, sometimes before they start! [Read More]
by RSS Jonas Tichenor  |  Apr 20, 2015  |  Filed in: Behind the Firewall
Last month, researchers in Fortinet’s threat research division, FortiGuard Labs, discovered a vulnerability in MongoDB that would allow hackers to remotely crash the database application. Characterizing the vulnerability as “widespread”, the researchers successfully demonstrated a denial of service attack against legacy versions of the database that users could initiate remotely. MongoDB has quickly become the most popular NoSQL database in use today. NoSQL was developed to address the need to store and process unstructured... [Read More]
by RSS Chris Dawson  |  Mar 28, 2015  |  Filed in: Security Research
Fortinet recently sponsored an expert panel on cybersecurity at the Denver Biz Tech Expo - One takeaway? Security talks aren’t just for hackers anymore. Fortinet researchers participate in a lot of conferences. Many, like this year’s Hack.Lu in Luxembourg, are very much “for the cybersecurity community, by the cybersecurity community.” I loved one of the lines from Axelle Apvrille, a Fortinet senior antivirus analyst, in her writeup from the conference: This year's edition was quite classical - Windows/Linux reverse engineering/exploitation,... [Read More]
by RSS Chris Dawson  |  Nov 20, 2014  |  Filed in: Industry Trends & News