Latest Posts | Page 2


OpenSSL is a widely used library for SSL and TLS protocol implementation that secures data using encryption and decryption based on cryptographic functions. However, a Security Bypass vulnerability – recently addressed in a patch by the OpenSSL Project –can be exploited to make vulnerable SSL clients or remote SSL servers send clean application data without encryption. This Security Bypass vulnerability (CVE-2017-3737) is caused by an error when the SSL_read or SSL_write function handles an "error state" during an SSL handshake.... [Read More]
by RSS Dehui Yin  |  Jan 12, 2018  |  Filed in: Security Research
As network leaders assess their SD-WAN options, however, what is often missing from their deliberations is how to adequately address security risks. SD-WAN vendors are increasingly embedding security features into their offerings, but these tend to be basic, Layer 3 network controls and not the robust security functions that these environments require. [Read More]
by RSS Nirav Shah  |  Jan 11, 2018  |  Filed in: Business and Technology
While organizations are adopting new technologies and services, cybercriminals are developing sophisticated methods of attack to target new attack vectors, exploit unforeseen vulnerabilities, and gain access to user data and other network resources. With this increased threat landscape and growing sophistication of cyberattacks, visibility into existing security measures, and identifying those places where there may be gaps is especially important. [Read More]
by RSS Carl Cayton  |  Jan 10, 2018  |  Filed in: Business and Technology, Industry Trends
Hyperconverged systems are on the horizon, connecting new and existing environments in ways we may have never imagined. But careful planning can ensure that we make this transition smoothly and securely. It starts with insisting on open standards and integrated and interactive security systems designed to talk to each other, share information, identify and adapt to changes, and respond to events in a coordinated and collaborative fashion. [Read More]
by RSS Jonathan Nguyen-Duy  |  Jan 09, 2018  |  Filed in: Industry Trends
FortiSandbox has already proven itself effective in the 2017 BDS test with a 99% Breach Detection rate, earning a Recommended rating four out of four years. And now, integrated with other Security Fabric components – namely, FortiGate, FortiMail, and FortiClient – it has achieved another NSS Recommended award with this latest 2017 BPS test. [Read More]
by RSS Damien Lim  |  Jan 08, 2018  |  Filed in: Business and Technology
With GDPR scheduled to come into full effect this May, private and public-sector organizations across the world have no time to waste in taking actions to ensure they are ready to comply with these new requirements. The best way forward is through a comprehensive and integrated strategy that is able to see and track personal data, as well as prevent, detect, and remediate data breaches anywhere they may occur.  This is a strategic approach that not only enables regulatory compliance, but will allow you to differentiate security as a value-add. [Read More]
by RSS Drew Del Matto  |  Jan 08, 2018  |  Filed in: Industry Trends
HIMSS 2018 will be held this year on March 5-9th at the Sands Expo Center in Las Vegas. Fortinet is excited to be attending this event yet again to meet with healthcare IT professionals standing on the front lines of digital transformation initiatives at their organizations, and to attend the various workshops, roundtables, and keynotes presented by thought leaders. [Read More]
by RSS Susan Biddle  |  Jan 05, 2018  |  Filed in: Business and Technology
Earlier this week, it was announced that researchers uncovered two new side channel attacks that exploit newly discovered vulnerabilities found in most CPU processors, including those from Intel, AMD, and ARM. These vulnerabilities allow malicious userspace processes to read kernel memory, thereby potentially causing sensitive kernel information to leak. These vulnerabilities are known as Meltdown and Spectre. [Read More]
by RSS Fortinet  |  Jan 04, 2018  |  Filed in: Business and Technology, Security Research
Distributed denial-of-service (DDoS) attacks are becoming increasingly common across the financial services industry. DDoS attacks occur when a portion of the network is targeted, typically at the networking, transport, or application layer, with a flood of requests that overwhelm network bandwidth, causing it to slow or crash completely.  [Read More]
by RSS Brian Forster  |  Jan 04, 2018  |  Filed in: Industry Trends
In this blog post, we will discuss the history of sandbox detection. We will then unveil the malware families that KTIS has observed from spear-phishing emails that attempt to bypass the user-mode API hook in order to evade sandbox detection. And finally, we will share the mitigation method we use to harden the Cuckoo sandbox against this bypass technique. [Read More]
by RSS Floser Bacurio and Wayne Low  |  Jan 03, 2018  |  Filed in: Security Research