Month: January 2017

FortinetSecurity

Malicious Macro Bypasses UAC to Elevate Privilege for Fareit Malware


To survive, Macro downloaders have to constantly develop new techniques for evading sandbox environments and anti-virus applications. Recently, Fortinet spotted a malicious document macro designed to bypass Microsoft Windows’ UAC security and execute Fareit, an information stealing malware, with high system privilege. SPAM This malicious document is distributed by a SPAM email.  As part of its social engineering strategy, it is presented in the context of someone being interested in a product. Fig.1 SPAM with the malicious…

Read More
FortinetSecurity

Making Smart Cities Safe


For years now, we’ve been hearing about “smart cities.” Cities with the ability to leverage innovative technology, and automation to optimize resources and improve services for their citizens, with the ultimate goal of making our lives better. These smart cities are no longer a distant dream of the future – they are happening now. Unfortunately, without sufficient cybersecurity, their ultra-connected nature can make these dream cities a nightmare, as the recent hack of San Francisco’s Municipal Transportation Agency…

Read More
FortinetSecurity

Byline: 4 Key Areas to Consider When Solving the Cybersecurity Talent Gap

Attack methods and breaching techniques are constantly evolving. Which means that finding the elusive talent to overcome present challenges is only part of the solution. Sure, we know the tried and true breach methods. But what about the attacks we don’t yet know? If the method is unknown, then so is the required response. The talent shortfall, therefore, is about much more than just a limited technical pool.

Read More
FortinetSecurity

Byline: Meeting The Challenge of Securing the Cloud


What if the data and security elements across an organization’s various cloud environments were well integrated, cohesive and coherent, like a seamlessly woven fabric? Such an approach would allow companies to see, control, integrate and manage the security of their data across the hybrid cloud, thereby enabling them to take better advantage of the economics and elasticity provided by a highly distributed cloud environment.

Read More
FortinetSecurity

Byline: Is it Finally Time for Open Security?


One of the distinct advantages of working in the IT industry for over 35 years is all of the direct and indirect experience that brings, as well as the hindsight that comes with that. One of the more personally interesting experiences for me has been watching the growth and ultimate success of the Open Source Software (OSS) movement from a fringe effort (what business would ever run on OSS?) to what has now become a significant component behind the overall success of the Internet. I was initially reminded of the significance of the Open Source…

Read More
FortinetSecurity

The Evolution of the Financial Services CIO Since Y2K


The role of the chief information officer (CIO) has undergone substantial changes in less than two decades, progressing from a rare position within an organization to the heart of the executive boardroom. The pace at which technology has evolved has driven much of this growth, and today’s financial organizations now lean on their CIO to keep data safe while also keeping pace with industry advances. Let’s take a look back at the evolution of security within the financial services CIO’s role and some of changes that have brought…

Read More