FortiGuard Labs


There is an incredible urgency for organizations, especially those undergoing digital transformation, to reprioritize security hygiene and identify emerging risks. However, as the volume, velocity, and automation of attacks continues to increase, it is also becoming increasingly important to align patching prioritization to what is happening in the wild so you can better focus your limited resources on the most critical and emerging risks. [Read More]
by RSS Anthony Giandomenico  |  Jan 17, 2018  |  Filed in: Industry Trends, Security Research
  Introduction 2018 truly is starting off with a bang: fundamental CPU flaws dubbed Meltdown and Spectre were found affecting pretty much all modern processors developed since the Pentium Pro (1995). These flaws root in two critical CPU features: Out of Order Execution and Speculative Execution, which are crucial for performance. Since this is an important feature and not a bug, it is inherently hard to fix. Furthermore, for performance reasons, speculative execution is almost always implemented in hardware, so “fixes”... [Read More]
by RSS Minh Tran  |  Jan 12, 2018  |  Filed in: Security Research
OpenSSL is a widely used library for SSL and TLS protocol implementation that secures data using encryption and decryption based on cryptographic functions. However, a Security Bypass vulnerability – recently addressed in a patch by the OpenSSL Project –can be exploited to make vulnerable SSL clients or remote SSL servers send clean application data without encryption. This Security Bypass vulnerability (CVE-2017-3737) is caused by an error when the SSL_read or SSL_write function handles an "error state" during an SSL handshake.... [Read More]
by RSS Dehui Yin  |  Jan 12, 2018  |  Filed in: Security Research
FortiGuard Labs continues to investigate a series of attacks on Bitcoin users. In our first blog, we provided a deep analysis of malicious samples from the Bitcoin Orcus RAT campaign. In this second part, we recreate the full path of a multistage complex attack, shed some light on some other activities of these criminal actors, and reveal their possible identities. Failed attempt Bitcointalk.org is a popular place to trade for bitcoins. In 2015 there was a simple and straightforward attack on its users. Somebody registered a... [Read More]
by RSS Artem Semenchenko and Evgeny Ananin  |  Dec 22, 2017  |  Filed in: Security Research
There is no doubt that cryptocurrency has been on a steady rise. According to a research paper by the University of Cambridge, the market capitalization of cryptocurrency has increased more than three-fold since early last year and it’s not likely to stop there. With more and more people realizing that cryptocurrency is potentially a significantly profitable investment, this rise is likely to continue for the foreseeable future. And where there is profit, that is where malware attacks will gather. Which is why we have been expecting... [Read More]
by RSS Joie Salvio  |  Dec 20, 2017  |  Filed in: Security Research
We have just announced our annual Fortinet Accelerate global partner and user conference, taking place on February 26 – March 1, 2018 at The Cosmopolitan of Las Vegas. This year we are expecting more than 2,000 customers, partners, industry leaders, and technical experts to come together to share industry trends and discuss the latest advances in technologies and strategies. [Read More]
by RSS Mike Morgan  |  Dec 20, 2017  |  Filed in: Business and Technology
The entire security arms race between IT professionals and cybercriminals is really about one side constantly trying to outsmart the other. Security isn’t just about tools. It’s also about the intelligence that powers them. Which is why when we started Fortinet 16 years ago we were every bit as committed to developing security intelligence and research solutions that were as innovative as the technology we were developing. [Read More]
by RSS Michael Xie  |  Dec 07, 2017  |  Filed in: Business and Technology, Industry Trends
By now, everyone should be aware of two things related to IoT devices. The first is that these devices are being deployed everywhere, with no sign of slowing down. The second is that many of these devices are notoriously insecure. [Read More]
by RSS FortiGuard SE Team  |  Nov 16, 2017  |  Filed in: Security Research
Prosperous nations sometimes take for granted the safe and reliable critical infrastructures that underpin our economies, governments, and personal well-being.  Similar to how we marvel today at the Roman Empire’s aqueducts, the 3rd millennium will likely do the same with today’s critical infrastructures.  That is, if they don’t lead to our downfall. Our Strength, Our Weakness The common understanding of the phrase ‘all roads lead to Rome’ is that there are many different ways to reach a goal. ... [Read More]
by RSS Phil Quade  |  Sep 29, 2017  |  Filed in: Industry Trends
Security researchers have identified more and more Mac OS malware attacks over the past two years. In June 2017, Rommel Joven and Wayne Chin Yick Low from Fortinet’s Fortiguard Labs found and analyzed a new ransomware targeted at Mac OS.  Most malware for Mac OS was developed in the Objective-C programming language. A good introduction to reverse engineering Cocoa applications can be found here. In that blog post, the researcher released an IDAPython script named objc2_xrefs_helper.py  that can only be executed in IDA Pro. As you... [Read More]
by RSS Kai Lu  |  Sep 19, 2017  |  Filed in: Security Research