fortiguard


Summer is upon us – a time for family, fun and travel. Whether you’re going around the block or around the world, odds are you’re taking your work laptop (just in case). And of course, you’re taking your smartphone. Maybe you’ll want to check email on your phone using the hotel’s public WiFi. Maybe the kids want to play an online game on that laptop.  If you haven’t exercised good cybersecurity hygiene, though, you could be opening yourself up to all kinds of fun-zapping connectivity catastrophe... [Read More]
by RSS Anthony Giandomenico  |  Jun 23, 2017  |  Filed in: Industry Trends
Welcome back to our monthly review of some of the most interesting security research publications. This month, let's do a bit of crypto... Past editions: April 2017 March 2017 P. Carru, Attack TrustZone with Rowhammer Rowhammer is an attack on DRAM, which consists in repeatedly accessing given rows of the DRAM to cause random bit flips in adjacent rows. Until now, the attack hadn't been demonstrated on ARM's TrustZone: but that's what the author implemented. He demonstrated that, using... [Read More]
by RSS Axelle Apvrille  |  Jun 22, 2017  |  Filed in: Industry Trends
This past June 17th and 18th, 2017, Google hosted their second annual Capture The Flag (CTF) competition. The Google team created security challenges and puzzles that contestants were able to earn points for solving. It’s a clever way to leverage the security community to help protect Google users, and the web as a whole. Last year, over 2,400 teams competed, and this year the number was even higher. FortiGuard Labs decided to pull together a team and then write up a report on the experience. So, first things first, this challenge was... [Read More]
by RSS Kushal Arvind Shah  |  Jun 21, 2017  |  Filed in: Security Research
Nine out of ten healthcare organizations have suffered a breach in the past two years, according to a new Ponemon study, and the data shows that these breaches could be costing the industry upwards of $6 billion. When analyzing the sources of these breaches, it should come as no surprise that criminal attacks represent more than half of the total as healthcare records provide a treasure trove of valuable data. The remainder of the breaches tends to result from internal issues like employee mistakes, third-party snags, and stolen connected devices. While... [Read More]
by RSS Susan Biddle  |  Jun 16, 2017  |  Filed in: Industry Trends
FortiGuard Labs recently came across a new strain of samples exploiting the CVE-2017-0199 vulnerability. This vulnerability was fixed by Microsoft and the patch was released in April 2017. Due to its simplicity, it can be easily exploited by attackers. It has also been found in-the-wild by other vendors. We have also blogged about some samples recently found in spear phishing attack. While there are plenty of articles discussing this vulnerability, most of them are intended for technical readers and primarily focus on how to create proof-of-concept... [Read More]
by RSS Wayne Chin Yick Low  |  Jun 04, 2017  |  Filed in: Security Research
A major challenge facing security vendors today is that most solutions and products are developed based on knowledge of previous threats that already exist. This makes many security solutions reactive by their very design, which is not a tenable strategy for facing the volume of new attacks and strategies arising today. This arms race of identifying new threats, then reacting has been the primary strategy since the dawn of malware: A new virus is identified and then security vendors write the antivirus signature to block it; a polymorphic virus... [Read More]
by RSS Douglas Jose Pereira  |  May 23, 2017  |  Filed in: Security Research
Welcome back to our monthly review of some of the most interesting security research publications. Previous edition: March 2017 What happened to your home? IoT Hacking and Forensic with 0-day from TROOPERS 17, by Park and Jin Figure 1: Hacking a vacuum cleaner The authors hacked a vacuum cleaner, which, besides cleaning, also includes an embedded camera and microphone. The hack wasn’t easy because the vacuum wasn’t too badly secured. The authors however found 2 vectors: 1. They connected on the... [Read More]
by RSS Axelle Apvrille  |  May 10, 2017  |  Filed in: Security Research
This is the second part of FortiGuard Labs’ deep analysis of the new Emotet variant. In the first part of the analysis we demonstrated that by bypassing the server-side Anti-Debug or Anti-Analysis technique we could download three or four modules (.dll files) from the C&C server. In that first blog we only analyzed one module (I named it ‘module2’). In this blog, we’ll review how the other modules work. Here we go. [Read More]
by RSS Xiaopeng Zhang  |  May 09, 2017  |  Filed in: Security Research
The Bricker bot made the news a couple of weeks ago as being responsible for knocking unsecured IoT devices offline, rather than hijacking them into other botnets and using them for a DDoS attack like the massive event we saw last year against DYN. This is the third botnet that targets insecure IoT devices, but the only one that is destructive. The second, dubbed Hajime, breaks the into IoT devices, but instead of bricking them, it makes them more secure by disabling remote access to the device from the internet. Of course, Mirai was the first,... [Read More]
by RSS Douglas Jose Pereira dos Santos  |  May 02, 2017  |  Filed in: Security Research
Cloud storage has increasingly become mainstream for storing, computing, and sharing data, while also combining accessibility and reliability into the mix. With larger internet bandwidth capacities connecting homes and businesses, syncing files across the internet is now a reality, and it can be done without needing to brew a couple of pots of coffee. Based on FortiGuard Lab’s application telemetry, cloud storage applications have grown by more than 21% between Q4 2016 and Q1 2017. [Read More]
by RSS Gavin Chow  |  May 01, 2017  |  Filed in: Security Research