Latest Posts


Earlier this month, FortiGuard Labs researchers published findings about a malware campaign exploiting a PowerPoint vulnerability. Cybercriminals, however, are equal opportunity exploiters, so just recently an interesting targeted malware campaign was found to be using another document vulnerability. Only this time, it’s a Hangul Word Processor (HWP) document leveraging the already known CVE-2015-2545 Encapsulated PostScript (EPS) vulnerability. [Read More]
by RSS Joie Salvio and Jasper Manuel  |  Sep 20, 2017  |  Filed in: Security Research
When people think of cybercrime, they tend to think of geeks in dark rooms staring into computer monitors trying to figure out some new way to infiltrate a network. And historically, that was a pretty accurate assessment. Today, however, cybercrime is a business. Cybercriminals tend to keep business hours (attack surges very often follow standard work hours), attacks are designed to generate revenue, and cost/benefit ratios are often considered when deciding who and how to attack a target. Hacker tools and malware can be custom built and... [Read More]
by RSS Anthony Giandomenico  |  Sep 20, 2017  |  Filed in: Industry Trends
In part one of this article, Anthony Giandomenico described how cybercrime has become not only a business, but a big business, designed to generate revenue with predesigned attacks focused on attack vectors that are easy to exploit: IoT devices. Opportunity is also the land of innovation Because cybercriminals are focusing more on attacks that target critical infrastructure based on new, interconnected technologies, they don’t have to spend enormous resources and development cycles on figuring out how to break into these systems... [Read More]
by RSS Anthony Giandomenico  |  Sep 20, 2017  |  Filed in: Industry Trends
Network security is a complex subject that requires those in charge to stay on the lookout for the latest industry news and events. Here, you, our channel partners, will find all of the information you need to answer your current and prospective customers’ questions moving into the fall. [Read More]
by RSS Amy Thompson  |  Sep 20, 2017  |  Filed in: Business and Technology
Fortinet recently identified five factors that are driving these changes in the cyberthreat landscape. Each of them makes it increasingly difficult for organizations to protect their networks, data, and communications from malicious actors. [Read More]
by RSS John Maddison  |  Sep 20, 2017  |  Filed in: Industry Trends
Security researchers have identified more and more Mac OS malware attacks over the past two years. In June 2017, Rommel Joven and Wayne Chin Yick Low from Fortinet’s Fortiguard Labs found and analyzed a new ransomware targeted at Mac OS.  Most malware for Mac OS was developed in the Objective-C programming language. A good introduction to reverse engineering Cocoa applications can be found here. In that blog post, the researcher released an IDAPython script named objc2_xrefs_helper.py  that can only be executed in IDA Pro. As you... [Read More]
by RSS Kai Lu  |  Sep 19, 2017  |  Filed in: Security Research
BankBot is a family of Trojan malware targeting Android devices that surfaced in the second half of 2016. The main goal of this malware is to steal banking credentials from the victim’s device. It usually impersonates flash player updaters, android system tools, or other legitimate applications. Once installed, it hides itself and then tricks the user into typing his or her credentials into fake bank web pages that have been injected onto the device’s screen. [Read More]
by RSS Dario Durando  |  Sep 19, 2017  |  Filed in: Security Research
ToorCon 19 San Diego was held Monday August 28th to Sunday September 3rd, 2017 at The Westin San Diego. It included three parts. The first was training workshops focused on various aspects of computer security. These took place on Aug 28-31. The second was a Seminar held on Sep 1. The third part was the formal Conference that ran from Sep 1-3. I was honored to be able to present my research, Dig Deep into FlexiSpy for Android at ToorCon 19. FlexiSpy for Android is a spy app with full IM tracking, VoIP call recording, and live call interception.... [Read More]
by RSS Kai Lu  |  Sep 18, 2017  |  Filed in: Security Research
Fortinet is proud to be a Gold Sponsor of this year’s Microsoft Ignite conference, being held September 25-29, 2017 at the Orange County Convention Center in Orlando, Florida. This year’s event is completely sold out, with over 23,000 attendees from around the world expected to participate. This year’s Fortinet booth (#1907) is situated directly adjacent to the main Central Square showcase that will be featuring many of Microsoft’s latest technologies. At this year’s Ignite event we are featuring several demo... [Read More]
by RSS Mike Morgan  |  Sep 18, 2017  |  Filed in: Business and Technology
It now appears that this crime was enabled through an exploit that targeted a Java vulnerability in Apache Struts 2, which is an open-source web application framework for developing Java web applications that extends the Java Servlet API to assist, encourage, and promote developers to adopt a model–view–controller (MVC) architecture. [Read More]
by RSS Aamir Lakhani  |  Sep 18, 2017  |  Filed in: Security Research