Are Endpoints Integrated Into Your Network Security Strategy?
Endpoint security is the responsibility of far more than the endpoint or desktop IT team. In fact, it is required to be understood and leveraged by anyone who is responsible for the organization’s network security. These groups need better visibility, compliance, controls and response across the entire distributed network, including on and off network endpoints. More than simply protecting individual devices, a true endpoint security solution continually assesses and ensures the integrity, confidentiality, and availability of enterprise data, network resources, and information systems.
Searching for the Reuse of Mirai Code: Hide ‘N Seek Bot
At FortiGuard Labs we were interested in searching out other malware that leverages Mirai code modules. Interestingly, one of the families that showed up in our search was the Hide ‘N Seek (HNS) bot, which was discovered in January of 2018. HNS is a complex botnet that uses P2P to communicate with peers/other infected devices to receive commands. In this article, I will discuss how the Mirai bot code was used in this HNS bot.
Recent Healthcare Regulations and Guidelines Providers Should Be Aware Of
Healthcare has long been a regulated space due to the sensitive personal information collected and stored. Top of mind when thinking of healthcare regulations is HIPAA, which provides comprehensive and mandatory standards for ensuring the security and privacy of protected health information (PHI). Noncompliance can result in heavy fines, as well reputational damage.
Cloud-Based Malware Weather Forecast for Financial Firms
The explosion of new applications and connected IoT devices has created a wealth of data that, when analyzed, provides businesses with critical insights into consumer behaviors and interests, allowing them to create more customized offerings. Combined with the accelerated adoption of solutions across IaaS, PaaS and SaaS, the cloud is here to stay. However, this also means that cybercriminals will continue to attack the cloud.
Looking Back to Look Ahead: Cyber Threat Trends to Watch
Organizations today face an unprecedented volume of increasingly sophisticated threats as they conduct online operations. As the potential attack surface expands and attack volumes increase, it is imperative to track the most popular and successful strategies of cybercriminals to stay ahead of their malicious intentions.
Microsoft Windows JET Database Engine Heap Overflow Vulnerability
At the end of 2017, the FortiGuard Labs team discovered a heap overflow vulnerability in Microsoft Windows JET Database Engine and reported it to Microsoft following Fortinet’s responsible disclosure process. On April 10, 2018, Microsoft released an advisory that contains the fix for this vulnerability and identifies it as CVE-2018-1003.
The Opportunity to Create Safer Schools and Campuses with Physical and Cybersecurity Solutions
Educators across the country are challenged to ensure students have access to safe and productive environments where they can advance their education and careers. In 2018, achieving this goal is becoming increasingly difficult. Maintaining efficient security means schools and universities need a combination of physical and cybersecurity solutions that work together to keep students and faculty safe without causing the environments to become less conducive to student success.
The Darkweb and Tax Season
It seems like every season has an angle that hackers and scammers use to prey on unsuspecting individuals. We just managed to make it through the holiday season and now we are besieged with people trying to take advantage of us during tax season.
You Will Fall For This One Day...
A couple of days ago, a friend of mine, James, was the victim of a scam and gave away his credit card number and CVC. The interesting part is that he is not the "standard" victim, but a very security aware person: he's a researcher on the security of embedded systems, a CTF player, and he cares for his privacy. Nevertheless, he fell into the trap of a phishing scam, and the story tends to prove that we will all likely fall for one of these one day. The only difference between James and the ordinary online shopper is that, the next day, he was uneasy with the situation and decided to investigate more.
Trickbot’s New Reconnaissance Plugin
Fortinet FortiGuard Labs has found a new plugin named networkDLL that is being distributed to the victims of the Trickbot Trojan. This new plugin is similar to the old DomainGrabber plugin discovered late last year in that they both try to collect information about the victim’s network. In fact, we have observed the same functions being used by both plugins.
