Threat Research

FortiGuard Labs Discovers Multiple Use-After-Free Vulnerabilities in Microsoft Word

During the last few months, FortiGuard Labs discovered and reported multiple use-after-free (UAF) vulnerabilities found in different versions of Microsoft Word. These vulnerabilities were patched in the January and March security updates, respectively. These patches are rated as critical/important, and as always, we urge users update Microsoft Office as soon as possible.

By Wayne Chin Yick LowMarch 22, 2018

Industry Trends

The Challenges of Securing the Multi-Cloud Network

Organizations today are not only aggressively moving many of their workloads to the cloud, but many of them are doing so using a multi-cloud model. They leverage one provider for specific functionality and another for location or for cost. At the same time, critical data is being distributed and processed across a variety of additional cloud-based applications and services. Nearly all of them have some sort of a private cloud as well, with nearly half using multiple hypervisors to manage those environments.

By Matthew PleyMarch 21, 2018

Industry Trends

Combatting the Transformation of Cybercrime

The volume of cyberattacks is growing at an unprecedented rate, increasing as much as nearly 80% for some organizations during the final quarter of 2017. One reason for this acceleration in the attack cycle is that in order for malware to succeed today it needs to spread further and faster than even before. This allows cybercriminals to stay a step ahead of new efforts by vendors to improve their delivery of updated signatures and patches.

By John MaddisonMarch 20, 2018

Business and Technology

IoT Exploit Activity has Quadrupled - Are You Prepared?

The evolution of malware is being fueled largely by the proliferation of IoT. According to Gartner data, there were about 8 billion connected “things” in 2017. But that number is expected to nearly triple to more than 20 billion in just the next two years, which averages out to roughly three connected devices per person on Earth. Simply put, the opportunity for cybercriminals to enter networks and steal data or hold segments (or the entirety) of the network hostage is growing at an exponential rate, with no signs of slowing down.

By Anthony GiandomenicoMarch 19, 2018

Industry Trends

Securing the Federal Hybrid Cloud

Federal agencies are under pressure to make a timely, secure shift to the cloud with minimal disruption. For many, however, this is easier said than done. With a wide array of data that falls under a variety of privacy and protection regulations, "how?" is a complicated question.

By Bob FortnaMarch 16, 2018

Threat Research

Dreambot 2017 vs. ISFB 2013

We recently received a malware sample recently that had been packed and compiled on Tue Feb 06 2018. After unpacking it, we found that it contained a version of the Dreambot/Ursnif trojan, which had a compilation date of Tue Oct 10 2017, suggesting that existing versions of Dreambot are now being packaged with brand-new droppers.

By Jerome CruzMarch 16, 2018

Threat Research

Troopers - Day 2

This is the first conference where I have heard so much about hacking robots! Between yesterday and today, we've had: • Robotnikoff at Troopers: robots, security, and privacy - Brittany Postnikoff • Hacking Robots Before Skynet - Lucas Apa • Breaking the Laws of Robotics: Attacking Industrial Robots - Davide Quarta

By Axelle ApvrilleMarch 16, 2018

Threat Research

RootedCon Wrap Up

RootedCon is a security conference held from the 1st to the 3rd of March in Madrid, Spain. This year’s conference was the ninth iteration, and one could see the results of those years of experience in the flawless organization at the event.

By Dario DurandoMarch 16, 2018

Threat Research

GandCrab: Honor among Thieves?

GandCrab is the first ransomware to hit the spotlight this year. Known as the first ransom malware to use DASH cryptocurrency as a payment, it has hit more than 50,000 victims according to a report from Europol.

Business and Technology

Fortinet at HIMSS 2018: Troy Roberts Discusses the Healthcare Security Landscape

Watch the video in this post to hear from Fortinet’s Troy Roberts, VP of Enhanced Technologies, as he discusses the challenges facing healthcare organizations in 2018 and how to overcome them.

By Susan BiddleMarch 16, 2018