Threat Research

A Look into XPC Internals: Reverse Engineering the XPC Objects

We have recently been engaged in deep security research on macOS for FortiGuard Labs focused on the discovery and analysis of IPC vulnerabilities. In this blog, we uncover the XPC internals data types to help researchers not only quickly analyze the root causes of XPC vulnerabilities, but to also assist with deep analysis of exploits targeted at those vulnerabilities.

By Kai LuDecember 14, 2018

Business and Technology

What Holiday Shopping Reminded Me About Email Security

This week, SE Labs released results for its new 2018 Email Security Services group test and Fortinet’s FortiMail Secure Email Gateway solution was given a top AAA rating.

By David FingerDecember 14, 2018

Industry Trends

Preparing for Tomorrow's Threats

Organizations can start today to protect against 2019's threats. Look out for crooks using AI "fuzzing" techniques, machine learning, and swarms.

By Derek MankyDecember 13, 2018

Industry Trends

The Shifting AI-Driven Threat Landscape

As the modern threat landscape continues to expand, adding artificial intelligence (AI) to a security strategy has become paramount to establishing and maintaining an effective security posture.

By Aamir LakhaniDecember 11, 2018

Business and Technology | Partners

Fortinet and Symantec Join Forces to Help Organizations Move their Security to the Cloud

Bringing two global industry leaders together to provide enterprise-class capabilities across cloud, network, and endpoint security is a remarkable event and reflects a deep commitment to the security of our mutual customers.

By John MaddisonDecember 11, 2018

Industry Trends

More Encrypted Traffic Than Ever

Over 72% of all network traffic is encrypted, and that figure is expected to grow. Very few security devices can inspect encrypted data without severely impacting network performance.

By John MaddisonDecember 10, 2018

Threat Research

The Weaponization of PUAs

In this FortiGuard Labs article we will define what a PUA is, describe its inherent risks, and how malware makes use of them by showcasing a malware sample.

By Chris Navarrete December 06, 2018

Threat Research

RPC Bug Hunting Case Studies – Part 1

FortiGuard Labs believes that understanding how this attack works will significantly help other researchers find vulnerabilities similar to the bug that SandboxEscaper found in the Windows Task Scheduler. In this blog post, we will discuss our approach to finding privilege escalation by abusing a symbolic link on an RPC server.

By Wayne Chin Yick LowDecember 05, 2018

Partners

Providing Improved Security Posture for Your Customers

Effective cybersecurity relies on active threat and vulnerability awareness. Partners can help provide that awareness using a comprehensive cyber threat assessment program.

By Neil MatzDecember 05, 2018

Business and Technology

Helping Exponential-e Navigate the Changing Threat Landscape

To meet the challenges of the constantly evolving cybersecurity threat landscape, service providers require a robust and flexible infrastructure that enables them to adapt to new lines of attack.

By FortinetDecember 05, 2018