Fortinet

The second day of Accelerate continued to raise the bar on both content and vision. Here is a quick overview of the general sessions: Opportunities – Phil Quade, Fortinet CISO Phil Quade recently joined Fortinet after three decades of service in the intelligence community, where he most recently served as the head of the Cyber Task Force at the National Security Agency. After examining key trends in the growth of cyber technologies, Phil provided the Accelerate audience with a unique view into where the accelerating transformation of…

Fortinet just announced the winners of their annual Partner of the Year awards. 2016 continued Fortinet’s growth in both revenue and market share, and saw us capture the attention of the security market with our debut of the Fortinet Security Fabric. Our thousands of dedicated partners, who work tirelessly to provide security solutions and services to their customers, has fueled this success. Which is why each year we take the opportunity to thank our entire partner community at our Accelerate conference, and to single out a handful of…

Fortinet security researcher Kai Lu discovered and reported two critical zero-day vulnerabilities in Adobe Flash Player in November 2016. Adobe identified them as CVE-2017-2926 and CVE-2017-2927 and released a patch to fix them on January 10, 2017. Here is a brief summary of each of these detected vulnerabilities. CVE-2017-2926 This is a memory corruption vulnerability found in Flash Player’s engine when processing MP4 files. Specifically, the vulnerability is caused by a MP4 file with a crafted sample size in the MP4 atom…

Another TKEY record-related bug in BIND has been fixed with a patch from the Internet Systems Consortium (ISC) that was released just after the New Year. This bug may take down BIND recursive servers by sending a simple query response with TKEY record, thereby causing a denial of service (DoS). This potential DoS vulnerability is caused by an assertion failure in Resolver.c when caching the DNS response with TKEY Record. In this post we will analyze the BIND source codes and expose the root cause of this vulnerability. The TKEY record…