Latest Posts | Page 157

Keith Shaw, programming director at Network World and Derek Manky, senior security strategist at Fortinet discuss the rise of mobile malware that is being seen as more mobile devices and operating systems penetrate the enterprise. The 12 minute podcast also talks about a new form of the Zitmo and SpyEye botnets that the FortiGuard Labs have been studying. [Read More]
by RSS Rick Popko  |  Feb 28, 2011  |  Filed in: Security Research
Zitmo is a mobile malware Fortinet has particularly been focusing on since the beginning (see our first blog post and my presentation at ShmooCon 2011) as it is one of the first palpable signs organized criminals show interest in infecting mobile phones. As you may know (see F-Secure and Kaspersky's blog posts), it is unfortunately back, with a new version. So, technically speaking, what's new? it now supports Windows Mobile phones too. Not only Symbian (there was rumors concerning a BlackBerry version - never confirmed). the default phone number... [Read More]
by RSS Axelle Apvrille  |  Feb 23, 2011  |  Filed in: Security Research
In the past month changes in the SpyEye botnet kit have more or less stopped, after a very busy year in which many new versions were released. I was recently looking at all of the information I have from testing and analysis of these versions, when it occured to me that this lull in activity would be a good time to put some organized results together. Then when SpyEye returns, in some mutant, Zbot like form, we will have something like a guide to its workings, which should be useful. A good place to start this process is with the SpyEye botnet... [Read More]
by RSS Doug Macdonald  |  Feb 15, 2011  |  Filed in: Security Research
I got back from ShmooCon 2011, in Washington D.C., and would like to share with you a few insights. First, just like in BlackHat DC 2011, this year's conference had several talks on smart phones. Good news! I was however slightly surprised they all concerned Android (apart from mine, on Symbian). It is true Android platforms are predominant in hacker communities. I feel it is nonetheless important to remind the latest statistics on the matter: In the U.S., Android phones come third (19%) after BlackBerry (31%) and iPhones (28%) (source: Nielsen... [Read More]
by RSS Axelle Apvrille  |  Feb 09, 2011  |  Filed in: Security Research
Today is the eighth annual Safer Internet Day, a global initiative that promotes safe and responsible use of online technology and mobile phones, especially among children and young people around the world. This year’s theme is “Virtual lives: It’s more than a game, it’s your life.” The topic of 'virtual lives' encompasses online gaming – from simple games to MMOGs (Massively Multiplayer Online Game) – and social networking, the two most popular online activities with today’s youth. In recognition of Safer Internet Day, we thought... [Read More]
by RSS Guillaume Lovet  |  Feb 08, 2011  |  Filed in: Security Research
Tomorrow starts the quite famous - and ever sold-out - security conference Shmoocon, held in Washington DC until Sunday. The keynote this year will be filled by Peiter Mudge Zatko, inventor of L0phtcrack and early pioneer of buffer overflows. Among the talks filling the tri-tracks program (Build it / Break it / Bring it on), we're glad to find our Crypto Girl, Axelle, who will present a paper she co-wrote with Kyle Yang (another regular poster on this blog) on the infamous mobile phone malware Zitmo, that we discovered (simultaneously with Spanish... [Read More]
by RSS Guillaume Lovet  |  Jan 27, 2011  |  Filed in: Security Research
The first threat report of 2011 is up, you can find the full report on our FortiGuard Center. Below is a recap of events: There was a sharp incline in exploit activity for new vulnerabilities this period: we detected attempted exploit activity on 61% of new vulnerabilities covered by FortiGuard Labs. Typically this rate falls between 30-40%. Nearly 1/2 of those vulnerabilities rated as 'Critical' (remote code execution) were attacked. As an ongoing reminder, it is imperative to help secure systems against such exploitation by keeping all software... [Read More]
by RSS Derek Manky  |  Jan 26, 2011  |  Filed in: Security Research
It's the beginning of 2011, which means network security vendors’ threat predictions for the year to come have mysteriously appeared in their crystal balls by now. Making informed security predictions can be an easy or difficult task depending on the approach taken. The easy way out is to look back at the biggest trends of the last year and talk about how they will continue into the next. The idea is to keep the prediction vague and difficult to verify in case the prediction ultimately turned out to be off the mark. Writing useful and verifiable... [Read More]
by RSS Guillaume Lovet  |  Jan 17, 2011  |  Filed in: Security Research
Our analyst, Ruchna Nigam, had been analyzing a sample of SymbOS/InSpirit.A!tr. SMS dropped in the victim's inbox by SymbOS/InSpirit.A!tr A couple of months ago, this malware received some attention in China (for example see here - use translation if you do not speak Chinese) because it was phishing an area bank. The malware simply added a new SMS in the victim's inbox, apparently coming from the bank's service hotline phone number, and telling the victim he/she had entered a bad password and needed to follow a given (malicious) link to guarantee... [Read More]
by RSS Axelle Apvrille  |  Jan 12, 2011  |  Filed in: Security Research
On this episode of Network World’s Security Threat Landscape, Derek Manky, a threat researcher at Fortinet’s FortiGuard Labs and Network World reporter Keith Shaw discuss the year in threats from 2010 and what companies and users can expect in the world of security threats for 2011. (25:40) December’s discussion topics include: Money mule recruitment strategies Botnets hiding through legitimate means Crime as a Service The evolution of ransomware New platforms criminals are targeting beyond Windows [Read More]
by RSS Rick Popko  |  Jan 06, 2011  |  Filed in: Security Research