Fortinet FortiWeb Advanced Application Security Integrates with Microsoft Azure Security Center

Credit to Author: Cynthia Hseih| Date: Mon, 26 Jun 2017 12:50:00 +0000

The emerging trend towards security automation is becoming essential for cloud deployment. Traditionally, businesses configure a Web Application Firewall with static policies to address unchanging, known-bad threats. Unfortunately, it can be tricky to get them all right in Public Cloud environment. With a growing number of attack variants, more rules you add the more potential there is to run into false positives. FortiWeb’s integration with the Azure Security Center now allows customers to take a reactive policy approach to web security…

Read more

Google’s 2017 CTF – The “ASCII Art Client” Challenge

Credit to Author: Honggang Ren| Date: Sun, 25 Jun 2017 07:00:00 +0000

    In our last blog in this series, we discussed FortiGuard Labs’ participation in Google’s second annual Capture The Flag (CTF) competition. In this blogpost, I want to share how I solved another challenge, called“ASCII Art Client”. ChallengeDescription For this challenge, participants were given two files: a binary file aart_client and a network capture aart_client_capture.pcap. File1: aart_client File2: aart_client_capture.pcap The goal of the challenge was: This client displays nice…

Read more

Hughes-Fortinet Partnership Brings Zero-Touch Simplicity to Distributed Retail Organizations

Credit to Author: Daniel Mellinger| Date: Fri, 23 Jun 2017 16:00:00 +0000

Hughes Network Systems is a leading managed network service provider for highly distributed enterprises that need to operate and deliver uniform performance across large numbers of branch locations. They have been a long-time Fortinet partner, delivering innovative managed network solutions that leverage Fortinet platforms by combining Fortinet’s security capabilities with Hughes’ broadband transport, routing, and WAN optimization technologies. We recently sat down with Jeff Bradbury, Senior Director of Marketing at Hughes, to talk…

Read more

Byline: Four Tips for a Cyber-Safe Summer

Credit to Author: Anthony Giandomenico| Date: Fri, 23 Jun 2017 12:59:00 +0000

Summer is upon us – a time for family, fun and travel. Whether you’re going around the block or around the world, odds are you’re taking your work laptop (just in case). And of course, you’re taking your smartphone. Maybe you’ll want to check email on your phone using the hotel’s public WiFi. Maybe the kids want to play an online game on that laptop.  If you haven’t exercised good cybersecurity hygiene, though, you could be opening yourself up to all kinds of fun-zapping connectivity catastrophe…

Read more

Security Research News in Brief – May 2017 Edition

Credit to Author: Axelle Apvrille| Date: Thu, 22 Jun 2017 15:00:03 +0000

Welcome back to our monthly review of some of the most interesting security research publications. This month, let's do a bit of crypto… Past editions: April 2017 March 2017 P. Carru, Attack TrustZone with Rowhammer Rowhammer is an attack on DRAM, which consists in repeatedly accessing given rows of the DRAM to cause random bit flips in adjacent rows. Until now, the attack hadn't been demonstrated on ARM's TrustZone: but that's what the author implemented. He demonstrated that, using…

Read more

The Role of the Healthcare CIO Yesterday, Today, and Tomorrow

Credit to Author: Susan Biddle| Date: Thu, 22 Jun 2017 13:00:03 +0000

Today’s healthcare networks are intricate ecosystems of different networks comprised of a wide variety of connected devices and moving data, but they weren’t always this open. The industry as a whole has had to rapidly shift gears. Healthcare data now flows faster than ever, and it isn’t slowing down. As a result, the role of the healthcare chief information officer (CIO) has had to expand and adapt. As networks expand and connected devices permeate the healthcare landscape, the CIO will continue to play an increasingly important…

Read more

Google’s 2017 CTF Challenge: Mindreader

Credit to Author: Kushal Arvind Shah| Date: Thu, 22 Jun 2017 01:00:00 +0000

This past June 17th and 18th, 2017, Google hosted their second annual Capture The Flag (CTF) competition. The Google team created security challenges and puzzles that contestants were able to earn points for solving. It’s a clever way to leverage the security community to help protect Google users, and the web as a whole. Last year, over 2,400 teams competed, and this year the number was even higher. FortiGuard Labs decided to pull together a team and then write up a report on the experience. So, first things first, this challenge was…

Read more

Strengthening the Security Fabric of Blockchain

Credit to Author: Hemant Jain| Date: Tue, 20 Jun 2017 12:56:00 +0000

Blockchain is a shared and continuously reconciled database used to maintain a list of digital records, called blocks. It is quickly becoming an important tool not just for financial information, but also for managing and recording virtually all types of data, such as medical and other records, identity management, and transaction processing. Because a blockchain database is distributed and interconnected, it provides several essential services. The first is transparency. Because data is embedded within the network as a whole, it is by definition…

Read more

Why SIEM Solutions Are Essential to Securing Healthcare Networks

Credit to Author: Susan Biddle| Date: Fri, 16 Jun 2017 13:04:00 +0000

Nine out of ten healthcare organizations have suffered a breach in the past two years, according to a new Ponemon study, and the data shows that these breaches could be costing the industry upwards of $6 billion. When analyzing the sources of these breaches, it should come as no surprise that criminal attacks represent more than half of the total as healthcare records provide a treasure trove of valuable data. The remainder of the breaches tends to result from internal issues like employee mistakes, third-party snags, and stolen connected devices. While…

Read more

Higher Education: Critical Infrastructure and the Dark Cloud of Cyber Threats

Credit to Author: Susan Biddle| Date: Thu, 15 Jun 2017 13:29:00 +0000

The Department of Homeland Security (DHS) has identified 16 sectors that have been determined to be designated as critical infrastructure due to the debilitating effect on security, national economic security, national public health or safety, or any combination that would result from any of these sectors being compromised. Included in this list of 16 is the Government Facilities Sector, which covers, “a wide variety of buildings, located in the United States and overseas, that are owned or leased by federal, state, local, and tribal governments.”…

Read more