Threat Bars Lowered, Danger Raised: Using FortiClient to Address This New Security Dynamic

Credit to Author: Damien Lim| Date: Mon, 11 Dec 2017 13:45:59 +0000

Fortinet is not standing still in the face of the rapidly changing threat environment. Recently, we added some significant new technologies to the latest iteration of FortiClient, our endpoint protection product. For example, FortiClient now includes an Anti-Exploit Engine that delivers a next-generation approach to endpoint protection. It also includes auto-patching capabilities that streamline patch management for known vulnerabilities. Automation of patching drives efficiencies while enabling organizations to address vulnerabilities faster.

Read more

Market Segments Feel the Impact of GDPR

Credit to Author: Patrick Grillo| Date: Fri, 08 Dec 2017 13:45:59 +0000

At the end of the day, complying with GDPR may very well simply turn out to be the right thing to do to protect the privacy and interests of all of an organization’s stakeholder communities. As a society, we simply can’t go on shrugging off data breaches that harm millions of people, often on multiple occasions in their lifetime.

Read more

A Peculiar Case of Orcus RAT Targeting Bitcoin Investors

Credit to Author: Floser Bacurio and Joie Salvio| Date: Thu, 07 Dec 2017 16:45:59 +0000

FortiGuards Labs has spotted a new phishing campaign that targets bitcoin investors by offering Gunbot, a relatively new bitcoin trading bot application. However, instead of being a tool designed to ensure more profit, it serves an Orcus RAT malware that result in the loss of investments and more.

Read more

Ph0wn: The 1st CTF of Smart Devices is Over!

Credit to Author: Axelle Apvrille| Date: Thu, 07 Dec 2017 12:45:59 +0000

Ph0wn, a CTF dedicated to smart devices, is over! It was a real success, with ~70 participants for this first editions. 16 teams of (a max of) 5 lined up for the competition. 11 teams managed to score in at least one challenge – we are sorry for the 5 remaining teams, but hope they had fun nevertheless. Of course, we congratulate the top 3 teams, who deserved their drone & raspberry pi gaming kits as prizes. We would also like to extend congratulations to all participants. We enjoyed the team spirit as well as…

Read more

Executive Insights: The Evolution of Threat Intelligence

Credit to Author: Michael Xie| Date: Thu, 07 Dec 2017 13:45:59 +0000

The entire security arms race between IT professionals and cybercriminals is really about one side constantly trying to outsmart the other. Security isn’t just about tools. It’s also about the intelligence that powers them. Which is why when we started Fortinet 16 years ago we were every bit as committed to developing security intelligence and research solutions that were as innovative as the technology we were developing.

Read more

The Importance of Operational Technology (OT) Systems to Maintain a Secure Standard of Living in Today’s Modern Society

Credit to Author: Ronald Jules Hebert, Jr.| Date: Wed, 06 Dec 2017 13:45:59 +0000

The Operational Technology (OT) networks (such as industrial control and supervisory control and data acquisition systems [ICS/SCADA]) that run today’s modern society are a collection of devices designed to work together as an integrated and homogenous system. If one of these systems fails, it can have a catastrophic domino effect. For example, electricity requires telecommunications to transfer information on wheeling power from the electrical grid.

Read more

Securing Customers’ Physical and Virtual Networks with a SIEM Platform

Credit to Author: Lief Koepsel| Date: Wed, 06 Dec 2017 13:45:59 +0000

To keep up with this threat landscape, your customers’ IT teams require security solutions that can provide real-time visibility into network activity and regulatory compliance, as well as automatically initiate a response to security events, to increase the overall efficiency of IT management teams. In order to effectively manage network security, compliance, and performance, your customers should consider implementing a SIEM (security information and event management) solution that features automation, scalability, and actionable intelligence

Read more

Executive Insights: Changing Cybersecurity Regulations that Global Financial Services Firms Need to Know About

Credit to Author: Drew Del Matto| Date: Tue, 05 Dec 2017 13:45:59 +0000

Globally operating financial services firms have to be aware of new cybersecurity regulations and how they affect their business in order to navigate data rules and remain compliant, especially as they conduct business across borders. Compliance is especially crucial as the punishments for noncompliance typically include large fines. Below are some of the most recent implemented or proposed cybersecurity regulations that will affect financial services firms.

Read more

Multiple Plone Cross-Site Scripting Vulnerabilities

Credit to Author: Zhouyuan Yang| Date: Tue, 05 Dec 2017 13:30:59 +0000

Plone is a free and open source content management system, and is ranked among the top 2% of all open source projects worldwide. More than 350 solution providers in more than 100 countries currently support it. The project has been actively developed since 2001, is available in more than 40 languages, and has the best security track record of any major CMS. The users ( include the Federal Bureau of Investigation (FBI), the Central Intelligence Agency (CIA), the Intellectual Property Rights Center, and so on. Earlier…

Read more

Public Cloud Security: Making It a Business Enabler

Credit to Author: Jeannette Jarvis| Date: Mon, 04 Dec 2017 13:50:59 +0000

In general, if a cybercriminal is able to successfully launch an attack at an owner-operated IT infrastructure, they can also launch one at a cloud service provider. In fact, public cloud services have become highly attractive targets for cybercriminals. For them, breaking into a cloud service is like merging onto a superhighway that can deliver their little bundles of evil far and wide, potentially impacting hundreds or thousands of organizations with a single strike.

Read more