Results for fortiguard

Business and Technology | Industry Trends

Threat Bars Lowered, Danger Raised: Using FortiClient to Address This New Security Dynamic

Fortinet is not standing still in the face of the rapidly changing threat environment. Recently, we added some significant new technologies to the latest iteration of FortiClient, our endpoint protection product. For example, FortiClient now includes an Anti-Exploit Engine that delivers a next-generation approach to endpoint protection. It also includes auto-patching capabilities that streamline patch management for known vulnerabilities. Automation of patching drives efficiencies while enabling organizations to address vulnerabilities faster.

By Damien LimDecember 11, 2017

Threat Research

Multiple Plone Cross-Site Scripting Vulnerabilities

Plone is a free and open source content management system, and is ranked among the top 2% of all open source projects worldwide. More than 350 solution providers in more than 100 countries currently support it. The project has been actively developed since 2001, is available in more than 40 languages, and has the best security track record of any major CMS. The users (https://plone.com/about/they-use-plone) include the Federal Bureau of Investigation (FBI), the Central Intelligence Agency (CIA), the Intellectual Property Rights Center, and so on. Earlier...

By Zhouyuan YangDecember 05, 2017

Threat Research

A Deep Dive Analysis of the FALLCHILL Remote Administration Tool

FortiGuard Labs has been actively monitoring FALLCHILL, validating all its IOCs (indicators of compromise), and providing protection for our customers. In a previous post we provided a high level overview of FALLCHILL. In this research report we dig even further, providing a deep dive analysis of the FALLCHILL Remote Administration Tool (RAT) in order to shed additional light on this threat, and thereby help our customer and the security community at large defend against this threat and similar threats.

By Minh TranNovember 28, 2017

Threat Research

Cobalt Malware Strikes Using CVE-2017-11882 RTF Vulnerability

Only a few days after FortiGuard Labs published an article about a spam campaign exploiting an RTF document, we found another spam campaign using an even more recent document vulnerability, CVE-2017-11882.

By Jasper Manual and Joie SalvioNovember 27, 2017

Threat Research

CVE-2017-11826 Exploited in the Wild with Politically Themed RTF Document

Recently, FortiGuard Labs found an interesting malware campaign using the recently documented vulnerability CVE-2017-11826 that was patched by Microsoft in October of this year. A detailed analysis of this exploit is also included in this article.

Threat Research

Tax Refund Phishing In Malaysia – How They Bypass The Two Factor Authentication Security System

FortiGuard Labs has been tracking a tax refund phishing scam in Malaysia. Let’s get into the details of how this works.

By Nelson NguNovember 12, 2017

Threat Research

Potential Malware Campaign Targeting JustSystems Ichitaro Users

Recently, we came across some interesting samples in jtd format, which is the file format used by JustSystems Ichitaro. The following is a quick primer for readers who are unfamiliar with the Japanese market.

By Minh TranNovember 09, 2017

Threat Research

The Strange Case of Play Policy for Copyright and Security

Recently, the FortiGuard Labs team noticed that one of the most successful applications on the market, “WhatsApp Messenger” developed by “WhatsApp Inc.”, has been the target of a lot of attention by scammers and criminals alike.

By Dario DurandoNovember 08, 2017

Business and Technology

Getting a Firsthand Understanding of Healthcare Cybersecurity Challenges

Fortinet recently hosted nine information security and healthcare IT leaders at its Healthcare Advisory Board Meeting in Miami. Over the course of the two-day event, leaders from Fortinet met and collaborated with these members of the healthcare information security community to get a full understanding of the cybersecurity challenges they face every day on the frontlines of protecting critical patient information and proprietary medical research. This is an exciting and challenging time in the healthcare technology industry. Technical innovations...

By Susan BiddleNovember 02, 2017

Threat Research

Security Research News in Brief - August 2017 Edition

Welcome back to our monthly review of some of the most interesting security research publications.

By Axelle ApvrilleOctober 19, 2017