Latest Posts


The need for real-time access to critical data is driving today’s digital transformation. The volume of data being generated, the proliferation of data mining applications, and consumer expectations about access to information are all increasing the value of data and making effective data management and orchestration increasingly critical. Which makes securing that data more important than ever. Which is why Fortinet is a Signature Sponsor at this year’s Oracle OpenWorld 2017 conference, being held October 1-5 at the Moscone... [Read More]
by RSS Traci Anderson  |  Sep 25, 2017  |  Filed in: Business and Technology
Government entities provide critical services that ensure stability across the nation for organizations and the population, such as transportation systems, water, energy, and healthcare. In order to provide these services, respond to queries, and react to an ever-changing global landscape effectively and efficiently, government organizations must rely on IT systems and computer networks. However, this technical infrastructure is also under constant attack from cybercriminals who range from amateur hackers and technical hacktivists to hostile... [Read More]
by RSS Trish Borrmann  |  Sep 22, 2017  |  Filed in: Business and Technology
While FortiGuard Labs was preparing for another presentation on our Locky research at the Black Alps cyber security conference this coming November in Switzerland, Fortinet’s Kadena Threat Intelligence System (KTIS)1 caught another Locky variant using a new extension – “ykcol” or “locky” spelled backwards. Locky has been stepping up its game over the past few months after going dark during the first half of 2017. Just like the old days, this new variant is distributed through massive volumes of malicious... [Read More]
by RSS Floser Bacurio, Joie Salvio, Rommel Joven and Jasper Manuel  |  Sep 21, 2017  |  Filed in: Security Research
Earlier this month, FortiGuard Labs researchers published findings about a malware campaign exploiting a PowerPoint vulnerability. Cybercriminals, however, are equal opportunity exploiters, so just recently an interesting targeted malware campaign was found to be using another document vulnerability. Only this time, it’s a Hangul Word Processor (HWP) document leveraging the already known CVE-2015-2545 Encapsulated PostScript (EPS) vulnerability. [Read More]
by RSS Joie Salvio and Jasper Manuel  |  Sep 20, 2017  |  Filed in: Security Research
When people think of cybercrime, they tend to think of geeks in dark rooms staring into computer monitors trying to figure out some new way to infiltrate a network. And historically, that was a pretty accurate assessment. Today, however, cybercrime is a business. Cybercriminals tend to keep business hours (attack surges very often follow standard work hours), attacks are designed to generate revenue, and cost/benefit ratios are often considered when deciding who and how to attack a target. Hacker tools and malware can be custom built and... [Read More]
by RSS Anthony Giandomenico  |  Sep 20, 2017  |  Filed in: Industry Trends
In part one of this article, Anthony Giandomenico described how cybercrime has become not only a business, but a big business, designed to generate revenue with predesigned attacks focused on attack vectors that are easy to exploit: IoT devices. Opportunity is also the land of innovation Because cybercriminals are focusing more on attacks that target critical infrastructure based on new, interconnected technologies, they don’t have to spend enormous resources and development cycles on figuring out how to break into these systems... [Read More]
by RSS Anthony Giandomenico  |  Sep 20, 2017  |  Filed in: Industry Trends
Network security is a complex subject that requires those in charge to stay on the lookout for the latest industry news and events. Here, you, our channel partners, will find all of the information you need to answer your current and prospective customers’ questions moving into the fall. [Read More]
by RSS Amy Thompson  |  Sep 20, 2017  |  Filed in: Business and Technology
Fortinet recently identified five factors that are driving these changes in the cyberthreat landscape. Each of them makes it increasingly difficult for organizations to protect their networks, data, and communications from malicious actors. [Read More]
by RSS John Maddison  |  Sep 20, 2017  |  Filed in: Industry Trends
Security researchers have identified more and more Mac OS malware attacks over the past two years. In June 2017, Rommel Joven and Wayne Chin Yick Low from Fortinet’s Fortiguard Labs found and analyzed a new ransomware targeted at Mac OS.  Most malware for Mac OS was developed in the Objective-C programming language. A good introduction to reverse engineering Cocoa applications can be found here. In that blog post, the researcher released an IDAPython script named objc2_xrefs_helper.py  that can only be executed in IDA Pro. As you... [Read More]
by RSS Kai Lu  |  Sep 19, 2017  |  Filed in: Security Research
BlueBorne affects devices supporting Bluetooth. As such, the PoC they demoed does not spread over Bluetooth: it takes control of a given Bluetooth victim. Apparently, the researchers said they locally created a botnet. But that was clearly a local inside test, and we have no details regarding the botnet's payload. [Read More]
by RSS Axelle Apvrille  |  Sep 19, 2017  |  Filed in: Security Research