A Look into XPC Internals: Reverse Engineering the XPC Objects
We have recently been engaged in deep security research on macOS for FortiGuard Labs focused on the discovery and analysis of IPC vulnerabilities. In this blog, we uncover the XPC internals data types to help researchers not only quickly analyze the root causes of XPC vulnerabilities, but to also assist with deep analysis of exploits targeted at those vulnerabilities.
What Holiday Shopping Reminded Me About Email Security
This week, SE Labs released results for its new 2018 Email Security Services group test and Fortinet’s FortiMail Secure Email Gateway solution was given a top AAA rating.
Preparing for Tomorrow's Threats
Organizations can start today to protect against 2019's threats. Look out for crooks using AI "fuzzing" techniques, machine learning, and swarms.
The Shifting AI-Driven Threat Landscape
As the modern threat landscape continues to expand, adding artificial intelligence (AI) to a security strategy has become paramount to establishing and maintaining an effective security posture.
Business and Technology | Partners
Fortinet and Symantec Join Forces to Help Organizations Move their Security to the Cloud
Bringing two global industry leaders together to provide enterprise-class capabilities across cloud, network, and endpoint security is a remarkable event and reflects a deep commitment to the security of our mutual customers.
More Encrypted Traffic Than Ever
Over 72% of all network traffic is encrypted, and that figure is expected to grow. Very few security devices can inspect encrypted data without severely impacting network performance.
The Weaponization of PUAs
In this FortiGuard Labs article we will define what a PUA is, describe its inherent risks, and how malware makes use of them by showcasing a malware sample.
RPC Bug Hunting Case Studies – Part 1
FortiGuard Labs believes that understanding how this attack works will significantly help other researchers find vulnerabilities similar to the bug that SandboxEscaper found in the Windows Task Scheduler. In this blog post, we will discuss our approach to finding privilege escalation by abusing a symbolic link on an RPC server.
Providing Improved Security Posture for Your Customers
Effective cybersecurity relies on active threat and vulnerability awareness. Partners can help provide that awareness using a comprehensive cyber threat assessment program.
Helping Exponential-e Navigate the Changing Threat Landscape
To meet the challenges of the constantly evolving cybersecurity threat landscape, service providers require a robust and flexible infrastructure that enables them to adapt to new lines of attack.
