Learn about the cyber threats uncovered by FortiGuard Labs during the week of September 27th.
Learn more about the Adobe Photoshop zero-day vulnerabilities discovered by our FortiGuard Labs researchers, and the security patches to fix those as part of their Patch Tuesday Initiative.
Adobe released security bulletin APSB19-20, which patches seven Adobe Shockwave Player vulnerabilities. All of them were discovered by FortiGuard Labs researcher Honggang Ren and reported to Adobe by following Fortinet’s responsible disclosure process.
On the April 9, 2019 Patch Tuesday, Microsoft released patches for several vulnerabilities in Windows and Office. Three of them were discovered and reported by FortiGuard Labs researcher Honggang Ren by following Fortinet’s responsible disclosure process.
Once the purview of defense researchers, advanced fuzzing is poised to fall into the hands of the criminal community. AI-powered fuzzing will change the game for both attacker and target. One effective method of counter-attack is to go after the underlying economic strategies of criminal organizations.
At the end of January 2018, the FortiGuard Labs team discovered a remote kernel crash vulnerability in Microsoft Windows and reported it to Microsoft by following Fortinet’s responsible disclosure process. On June 12, Microsoft released an advisory that contains the fix for this vulnerability and identifies it as CVE-2018-1040.
There are basically two kinds of threats organizations and users face today: the ones that security vendors and threat researchers know about, and those they don’t. The ones we know about get vendor patches, signatures are updated across a variety of security tools in order to detect them, and behaviors are documented in order to detect and disrupt the more sophisticated ones. People who are affected by these sorts of attacks usually either don’t have the right security tools deployed in the right places, or they aren’t practicing adequate cyber hygiene.