Fortinet

Every year during holiday seasons, the number of phishing websites increases. This is particularly true for online gaming distribution platforms. In some cases, users not only have their login credentials stolen, but they also end up downloading and executing malicious executables. As expected, the more popular a platform is, the more targeted it will be, which is why this research blog focuses on two malware samples obtained from fake Origin and Steam websites. Figure 1. Fake Origin phishing website Origin Malware Sample In addition…

Domain Name System Security Extensions (DNSSEC) secures the Domain Name System (DNS), right? Yes, but that’s not the whole story. DNSSEC can also introduce troubles into your DNS server. Recently, a BIND bug caused by a missing RRSIG record, which is a part of DNSSEC, was fixed by a patch from the Internet Systems Consortium (ISC). This bug affects all versions of BIND recursive servers, and can cause a denial of service (DoS.) This potential DoS vulnerability is caused by a RUNTIME CHECK error in Resolver.c when handling the DNS…

Fortinet recently sat down with Derek Manky, Global Security Strategist at Fortinet, to learn about the biggest cybersecurity threats to healthcare in 2017.

At a time when the UK’s National Health Service (NHS) faces increasing cyber threats, Fortinet has partnered with the new NHS Alliance to help raise awareness of these threats and better protect our health service moving forwards. Launched in 1948, the NHS has provided free health care, at the point of need, to residents of England, Northern Ireland, Scotland, and Wales for more than 65 years. Over the years, the NHS has faced many challenges and adversities, with cyber crime being one of the latest and most topical. Like most healthcare…

At a time when the UK’s National Health Service (NHS) faces increasing cyber threats, Fortinet has partnered with the new NHS Alliance to help raise awareness of these threats and better protect our health service moving forwards. Launched in 1948, the NHS has provided free health care, at the point of need, to residents of England, Northern Ireland, Scotland, and Wales for more than 65 years. Over the years, the NHS has faced many challenges and adversities, with cyber crime being one of the latest and most topical. Like most healthcare…

Sage 2.0 is the new kid on an already crowded block of ransomware, demanding hefty ransom of 2.22188 bitcoins (roughly 2000 USD) per infection. We have recently begun seeing this malware being distributed by the same malicious spam campaigns that serve better-known ransomware families, such as Cerber and Locky. In this article we will take a closer look at some notable characteristics of this new threat, and provide some simple ways to mitigate it. Spam Campaign Sage ransomware has been seen spreading through the usual spam email channels…

Since its discovery in early 2016, we have tracked a number variations of Petya, a ransomware variant famous for multi-stage encryption that not only locks your computer, but also overwrites the Master Boot Record. Petya continues to persist, and in this blog we will take a deeper look at its more complex second stage of attack. Petya overwrites the Master Boot Record (MBR), along with its neighboring sectors using its boot code and a small kernel code. The MBR contains the master boot code, the partition table,…

Sometimes it’s helpful to characterize the IoT with some more precision; I like to place them in three categories. The first, Consumer IoT, which includes the connected devices we are most familiar with, such as smart phones, watches, and connected appliances and entertainment systems. The other two, Commercial IoT and Industrial IoT, are made up of things many of us never see. Commercial IoT includes things like inventory controls, device trackers, and connected medical devices, and the Industrial IoT covers…