The DNSChanger virus: At the outset it appears to be on par with doomsday Y2K or Conficker worm hysteria. But it’s not. The Internet itself is not going to implode. In fact, the explanation is pretty simple and the fix can be applied in a matter of minutes. That said, come Monday, many users with the DNSChanger virus plaguing their computers will be kicked offline until the nasty bug is removed. The problem reared its ugly head over the last several years when Estonian malware authors created DNSChanger, which—true to its name—rerouted... [Read More]
by RSS Stefanie Hoffman  |  Jul 06, 2012  |  Filed in: Industry Trends
Today, I feel like telling you a true story that happened at Fortinet, the story of Jane Doe. Jane Doe works for Human Resources at the reception desk, so she is used to receiving lots of mail, UPS or DHL parcels for the company. Some time ago, Jane received an e-mail from DHL, notifying her they had been unable to deliver a parcel (see figure below). She does handle plenty of DHL parcels every day, consequently, she did not give this e-mail any particular attention and, quite absent-mindedly, tried to open the attachment. Fortunately, she did... [Read More]
by RSS Axelle Apvrille  |  Nov 05, 2009  |  Filed in: Security Research
I don't know if you encounter the same problem as I, but I keep on receiving spam from people I however do like (friends, family, etc). You know, the kind of awfully nice people that nonetheless strangely feels compelled to forward their own rubbish: hoaxes, chain letters, petitions, jokes and, of course, a full load of lengthy attachments. This is a real nuisance, yet I cannot report them to online spam fighting websites, nor simply black list them: from time to time, among other mails, they do send interesting stuff (personal news, cool invitations),... [Read More]
by RSS Axelle Apvrille  |  Jun 25, 2009  |  Filed in: Security Research
Our sensors (i.e. our digital media person, a rabid fan of Facebook) caught today some interesting Facebook private messages. One of such, sent by a "Friend" to about 100 contacts of hers, merely consisted in a domain name, as can be seen below: Fortunately for Daniel, he did not know what to do with it (or he knew, but did not want to); yet other recipients may have recognized a domain name, and entered it in their browser's address bar, out of curiosity. After all, that's from Martha, and she usually sends rather funny links. Of course, the... [Read More]
by RSS Guillaume Lovet  |  May 04, 2009  |  Filed in: Security Research
With February's Threat Landscape Report out, it's time to highlight some of the most interesting movement happening from late January 2009 to now: New vulnerabilities (NVC) were up nearly three fold, with 117 posted in comparison to 43 from January's edition; 25.6% of these new vulnerabilities were detected to be actively exploited. Two new high-profile zero-day exploits (CVE-2009-0238 and CVE-2009-0658) affecting MS Excel (XLS) and Adobe Reader (PDF) have since been disclosed. Given these facts, and Conficker's success, there is no better time... [Read More]
by RSS Derek Manky  |  Feb 27, 2009  |  Filed in: Security Research