During the past two months, FortiGuard Labs has been monitoring an onslaught of updates from GandCrab as a result of their agile development method. Some of these updates included major changes, while some only had minimal. In the midst of this, a series of tit-for-tat exchanges were witnessed by many researchers between the ransomware authors and the South Korean-based security company Ahnlab over the vaccine tools that the latter released in mid-July.
It has been over two months since GandCrab has undergone a major update. While this latest version includes an overhaul in terms of the code structure, its major purposes are practically the same.
With the help of FortiGuard’s in-house Threat Intelligence Platform (Kadena), FortiGuard Labs discovered a series of attacks targeted at service centers in Russia. These service centers provide maintenance and support for a variety of electronic goods.
Just a week after publishing our discovery of Trickbot’s networkDLL, the FortiGuard Labs monitoring system has found a new module called squlDll that is being actively distributed to the banking trojan’s victims.
FortiGuard Labs has been actively monitoring FALLCHILL, validating all its IOCs (indicators of compromise), and providing protection for our customers. In a previous post we provided a high level overview of FALLCHILL. In this research report we dig even further, providing a deep dive analysis of the FALLCHILL Remote Administration Tool (RAT) in order to shed additional light on this threat, and thereby help our customer and the security community at large defend against this threat and similar threats.
Organizations have the option of adding the first cloud-based sandbox product in AWS marketplace, FortiSandbox, to their cloud security infrastructure, allowing businesses to operate a complete security practice entirely in the cloud. Fortinet’s Security Fabric solutions for the cloud offer the ability to leverage security controls that are delivered, updated, and managed entirely through the cloud environment.
Although the calendar year is winding down, Fortinet and partners continue to sharpen security practitioner skills through training, along with applying Fortinet products and services to meet current and evolving cyber security challenges. As Fortinet advances on the knowledge and solutions fronts, independent industry observers increasingly recognize Fortinet’s industry leadership credentials. Read more below for the latest news, resources, and events for partners.
The growing complexity of today’s networks and the growing sophistication of today’s threats has outpaced the ability of most traditional security devices to keep up. Until now, the approach of far too many IT teams has been to simply throw more money at the problem by adding yet another device into their security wiring closet. Billions have been spent on this approach every year for decades, and we really don’t have much to show for it. If cybersecurity is an arms race, the good guys aren’t winning. Instead, security...
Fortinet participated in the NSS Labs 2017 Breach Detection System (BDS) group test and was awarded a Recommended rating for its latest FortiSandbox 2000E appliance introduced in the second half of 2017.
On October 16th, the U.S. Department of Homeland Security (DHS) announced its intention to have all federal agencies revamp their email security protocol. The Binding Operational Directive (BOD-18-01) will require all federal agencies to deploy STARTTLS, Secure Policy Framework (SPF), Domain Keys Identified Mail (DKIM), and Domain-based Message Authentication Reporting and Conformance (DMARC) within three months of the directive’s announcement. While having these email security features enabled is generally considered to be a cybersecurity...