This is the first conference where I have heard so much about hacking robots! Between yesterday and today, we've had: • Robotnikoff at Troopers: robots, security, and privacy - Brittany Postnikoff • Hacking Robots Before Skynet - Lucas Apa • Breaking the Laws of Robotics: Attacking Industrial Robots - Davide Quarta
I am currently at Troopers, a well-known German hacking conference in Heidelberg. I had heard many positive reports on about this conference, especially their awesome hardware badge, and am glad I finally got to speak there. My talk was on hacking a smart toothbrush, and why it's important to secure any connected device, even those - like toothbrushes - that seem harmless. If you missed my talk, my slides will soon be online:, check the Fortiguard Research Centre. Now, let's focus on some of today's talks.
As cyberattacks become more sophisticated, customers need more robust cybersecurity resources than they have in their toolkit. Learn how providing security services can meet these needs with real-time threat intelligence and more.
Fortinet is not standing still in the face of the rapidly changing threat environment. Recently, we added some significant new technologies to the latest iteration of FortiClient, our endpoint protection product. For example, FortiClient now includes an Anti-Exploit Engine that delivers a next-generation approach to endpoint protection. It also includes auto-patching capabilities that streamline patch management for known vulnerabilities. Automation of patching drives efficiencies while enabling organizations to address vulnerabilities faster.
Plone is a free and open source content management system, and is ranked among the top 2% of all open source projects worldwide. More than 350 solution providers in more than 100 countries currently support it. The project has been actively developed since 2001, is available in more than 40 languages, and has the best security track record of any major CMS. The users (https://plone.com/about/they-use-plone) include the Federal Bureau of Investigation (FBI), the Central Intelligence Agency (CIA), the Intellectual Property Rights Center, and so on. Earlier...
FortiGuard Labs has been actively monitoring FALLCHILL, validating all its IOCs (indicators of compromise), and providing protection for our customers. In a previous post we provided a high level overview of FALLCHILL. In this research report we dig even further, providing a deep dive analysis of the FALLCHILL Remote Administration Tool (RAT) in order to shed additional light on this threat, and thereby help our customer and the security community at large defend against this threat and similar threats.
Only a few days after FortiGuard Labs published an article about a spam campaign exploiting an RTF document, we found another spam campaign using an even more recent document vulnerability, CVE-2017-11882.
Recently, FortiGuard Labs found an interesting malware campaign using the recently documented vulnerability CVE-2017-11826 that was patched by Microsoft in October of this year. A detailed analysis of this exploit is also included in this article.
FortiGuard Labs has been tracking a tax refund phishing scam in Malaysia. Let’s get into the details of how this works.