security research | Page 3


For those of you who don’t know, Fortinet publishes a threat intelligence roundup every Friday, the Fortinet Threat Intelligence Brief, that reviews new threats and trends. It is a treasure trove of analysis and information that ought to be part of your regimen every Friday. This week is no exception. Here are a couple of teasers and takeaways: 1. Ransomware isn’t going away any time soon. Every time organizations think they have a handle on this, ransomware developers come up with a new variant designed to evade detection.... [Read More]
by RSS Bill McGee  |  Aug 26, 2016  |  Filed in: Industry Trends, Security Research
Last year, Fortinet’s FortiGuard Labs team made a series of predictions about cyberthreats in 2016. We are now halfway through the year, and thought this might be a good time to give an update on what we have seen so far for some of these predictions.   Prediction #1: The Rise of Machine-to-Machine Attacks The Threat: The exponential increase of unmanaged, “headless devices” driven by the Internet of Things will make these types of devices a tempting target for hackers looking to secure a beachhead into more traditional... [Read More]
by RSS Derek Manky  |  Aug 22, 2016  |  Filed in: Industry Trends
Google patched some Android security vulnerabilities in early August. One of them was a remote code execution vulnerability in Mediaserver (CVE-2016-3820), which was discovered by me. This vulnerability could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue was rated as Critical by Google due to the possibility of remote code execution within the context of the Mediaserver process. The Mediaserver process has access to audio and video streams, as well as access to privileges... [Read More]
by RSS Kai Lu  |  Aug 17, 2016  |  Filed in: Security Research
  In the first quarter of 2016, we realized that there were tons of windows kernel use-after-free (UAF) vulnerability patches in Microsoft bulletins where most of the vulnerabilities came from Google Project Zero, which is favourable to us because we can easily access those proof-of-concepts (POC). While doing a root cause analysis of one of the UAF vulnerabilities stated in CVE-2015-6100, we discovered that there is an alternative way to trigger the same UAF vulnerability, even after the specified patch has been applied due to weak security... [Read More]
by RSS Wayne Chin Yick Low  |  Aug 17, 2016  |  Filed in: Security Research
The Adwind Remote Access Trojan (RAT) is a popular Java-based backdoor capable of infecting Windows, Linux, Mac OS and Android operating systems. Its cross-platform nature, elaborate backdoor features, and relatively cheap price makes it a favourite choice for many cybercriminals today. Earlier this year, it was reported that Adwind was used in at least 443,000 attacks. Adwind has rebranded itself multiple times in the past, using the names “Frutas,” “AlienSpy,” and “Unrecom,” to name a few. The most recent... [Read More]
by RSS Rommel Joven and Roland Dela Paz  |  Aug 16, 2016  |  Filed in: Security Research
PHP is a programming language that was created in 1995 by Rasmus Lerdorf. And according to W3Techs, it’s dynamically generating content on more than 82% of all websites worldwide. That means hundreds of millions of web servers are vulnerable to the flaws we are describing below. Last month, FortiGuard discovered two security issues in PHP’s core (CVE-2016-6189) and in PHP’s zip (CVE-2016-6197). These issues affect both the current PHP version 5 and its upcoming version 7. These bugs are located in different part of the code,... [Read More]
by RSS Tony Loi  |  Aug 10, 2016  |  Filed in: Security Research
IDC is reporting again that Fortinet has the top market share in security appliances - This is great news for Fortinet researchers and customers alike. Here at Fortinet, we’ve been talking a lot about handoffs recently. Handoffs of data between modules in next gen firewalls, handoffs from advanced threat protection/detection tools like sandboxes to traditional firewalls, handoffs of threat intelligence between applications; you get the idea. When the parts of a security ecosystem can communicate intelligently, it’s no surprise that threats... [Read More]
by RSS Jonas Tichenor  |  Dec 29, 2014  |  Filed in: Industry Trends
A couple of days back, a game of Nerd Truth or Dare in the lab led to the shocking revelation that most of us were using our Facebook/Twitter accounts mainly to keep up with security blogs. Personally, being a twitter non-conformist until recently, I even created a twitter account for this sole purpose. And that led to the realization that FortiGuard Labs need to 'get with it' too. So here's introducing our Facebook and Twitter pages for your ease of following us. If you, like us, have tried every RSS aggregator there is under the sun, have been... [Read More]
by RSS Ruchna Nigam  |  Jun 20, 2011  |  Filed in: Security Research
To commemorate the 20th anniversary of the VB conference, the organization set out to honor some of the most influential security researchers of the past decade. The VB2010 Awards included six categories: greatest contribution to the anti-malware industry, greatest contribution to the anti-spam industry, best educator in the anti-malware industry, most innovative idea in the anti-malware/anti-spam industry, lifetime achievement, and, finally, best newcomer. Guillaume Lovet, senior manager, threat response team for FortiGuard Labs and technical... [Read More]
by RSS Rick Popko  |  Nov 05, 2010  |  Filed in: Security Research