Latest Posts


A monthly review of some of the previous month's most interesting security research publications [Read More]
by RSS Axelle Apvrille  |  Mar 24, 2017  |  Filed in: Security Research
Digital Video Recorders / Network Video Recorders (DVR/NVR) Back in 2015, our telemetry detected a relatively small number of IPS signature hits on known vulnerabilities targeting DVR/NVR devices (~ 749 hits). In 2016, however, we saw this number increase alarmingly to around 1.5 million hits. By using a size comparison chart again, we can see the huge increase more clearly when we compare both years, as shown below: The question, of course, is what contributed to this huge increase in detected hits? Once again, let’s look at the... [Read More]
by RSS Gavin Chow  |  Mar 24, 2017  |  Filed in: Security Research
All users of vulnerable versions of the Microsoft Windows Server are encouraged to upgrade to the latest version of this software. Additionally, organizations that have deployed Fortinet IPS solutions are already protected from this vulnerability. [Read More]
by RSS Honggang Ren  |  Mar 23, 2017  |  Filed in: Security Research
On March 16, FortiGuard Labs captured a new Word file that spreads malware by executing malicious VBA (Visual Basic for Applications) code. The sample targeted both Apple Mac OS X and Microsoft Windows systems. We then analyzed the sample, and in this blog we are going to explain how it works, step by step. When the Word file is opened, it shows notifies victims to enable the Macro security option, which allows the malicious VBA code to be executed. Malicious Word File is Opened Figure 1. Asks victim to enable Macro security option Once... [Read More]
by RSS Xiaopeng Zhang & Chris Navarrete  |  Mar 22, 2017  |  Filed in: Security Research
Fortinet spoke with Fabric-Ready Partner, Versa Networks to learn what’s top of mind for its customers, the key IT challenges they are facing and how Versa Networks’ approach to integrated security is helping drive business and customer success. [Read More]
by RSS Darlene Gannon  |  Mar 22, 2017  |  Filed in: Industry Trends & News
Over the last few months we discovered and reported multiple vulnerabilities found in different versions of Microsoft Word. These vulnerabilities were patched in the January (MS17-002) and March (MS17-014) security updates. These patches are rated as important, and as always, we suggest users update Microsoft Office as soon as possible. [Read More]
by RSS Tony Loi and Wayne Chin Yick Low  |  Mar 21, 2017  |  Filed in: Security Research
More than any other database containing sensitive information for a large quantity of people, electronic health records (EHRs) are an especially attractive target for hackers. The patient data they hold can be used for financial gain, as recent reports show that stolen healthcare databases are being sold on the deep web for as much as US$500,000. But we’ve also seen a number of instances where large data breaches have occurred at the hands of state actors looking to collect data for espionage purposes. No matter the reasoning behind... [Read More]
by RSS Susan Biddle  |  Mar 21, 2017  |  Filed in: Industry Trends & News
IP cameras were the second most attacked devices in 2015, at around 363,000 hits. But in 2016 the number dropped to approximately 36,000 hits [Read More]
by RSS Gavin Chow  |  Mar 20, 2017  |  Filed in: Security Research
Fortinet is participating in IBM’s premier industry event, the IBM InterConnect 2017 conference, this week, from March 19-23 in Las Vegas [Read More]
by RSS Neil Prasad  |  Mar 20, 2017  |  Filed in: Industry Trends & News
Tags: IBM cloud
Introduction Fortinet recently discovered a new botnet capable of stealing large amounts of user information, as well as remotely manipulating compromised machines. The malware appears to be based on an older botnet known as Grabbot, which was first discovered back in November of 2014[1]. This new variant improves on that existing functionality while adding several dangerous new features. This blog aims to offer a quick insight into how Grabbot functions. Replication The bot can be found hosted on a number of compromised websites with a... [Read More]
by RSS David Wang and He Xu  |  Mar 17, 2017  |  Filed in: Security Research