Security Research | Page 2


Recently, FortiGuard Labs found an interesting malware campaign using the recently documented vulnerability CVE-2017-11826 that was patched by Microsoft in October of this year. A detailed analysis of this exploit is also included in this article. [Read More]
by RSS Jasper Manuel, Joie Salvio, Wayne Low  |  Nov 22, 2017  |  Filed in: Security Research
Visa Payment Systems Intelligence recently announced that cybercriminals are threatening the payments ecosystem by leveraging a vulnerable Microsoft Dynamic Data Exchange protocol in phishing campaigns. This phishing attack relies on the Dynamic Data Exchange (DDE) protocol for infection instead of the usual malicious macros or an exploit kit. FortiGuard Labs has issued three IPS signatures that defend our customers against these attacks. [Read More]
by RSS FortiGuard SE Team  |  Nov 17, 2017  |  Filed in: Security Research
FortiGuard Labs has been actively monitoring FALLCHILL and validating all IOCs, whether we discovered them ourselves through one of our millions of sensors deployed around the world, or collected from the hundreds of threat sharing feeds we subscribe to. Our comprehensive threat information-sharing program includes Governments, Certs, and Strategic Partners from around the world. [Read More]
by RSS FortiGuard SE Team  |  Nov 17, 2017  |  Filed in: Security Research
By now, everyone should be aware of two things related to IoT devices. The first is that these devices are being deployed everywhere, with no sign of slowing down. The second is that many of these devices are notoriously insecure. [Read More]
by RSS FortiGuard SE Team  |  Nov 16, 2017  |  Filed in: Security Research
The cybercriminal marketplace is adept at adopting the latest advances in areas such as artificial intelligence to create more effective attacks. We anticipate this trend to accelerate into 2018, enabling the destructive trends mentioned in this blog. [Read More]
by RSS Derek Manky  |  Nov 14, 2017  |  Filed in: Business and Technology, Industry Trends, Security Research
FortiGuard Labs has been tracking a tax refund phishing scam in Malaysia. Let’s get into the details of how this works. [Read More]
by RSS Nelson Ngu  |  Nov 12, 2017  |  Filed in: Security Research
Recently, we came across some interesting samples in jtd format, which is the file format used by JustSystems Ichitaro. The following is a quick primer for readers who are unfamiliar with the Japanese market. [Read More]
by RSS Minh Tran  |  Nov 09, 2017  |  Filed in: Security Research
Welcome back to our monthly review of some of the most interesting security research publications. [Read More]
by RSS Axelle Apvrille  |  Nov 09, 2017  |  Filed in: Security Research
Recently, the FortiGuard Labs team noticed that one of the most successful applications on the market, “WhatsApp Messenger” developed by “WhatsApp Inc.”, has been the target of a lot of attention by scammers and criminals alike. [Read More]
by RSS Dario Durando  |  Nov 08, 2017  |  Filed in: Security Research
The T2 2017 conference took place on October 26 and 27, 2017 at the Radisson Blu seaside hotel in Helsinki, Finland. As in every edition, a CTF (Capture The Flag) competition is organized prior the conference, with the winner receiving a free ticket. This year, a private bug bounty was held by LähiTapiola, a well-known insurance company in Finland, under the supervision of T2 organizers through the HackerOne platform. As there were zero submissions, it was decided to reward Harri Kuosmanen, who was the LähiTapiola HackDay CTF winner. The... [Read More]
by RSS Francois Ropert    |  Nov 06, 2017  |  Filed in: Security Research