What Makes Local Government an Enticing Cyber Target?

Recent and well publicized cyber attacks are damaging, costly, and have the potential to deprive communities of essential services, but stopping them poses significant challenges. Local government CISOs and IT departments face pressures from all sides: on the one hand, citizens are demanding digital services and frictionless online experiences, but Continue Reading

Fake Indian Income Tax Calculator Delivers xRAT Variant

A FortiGuard Labs Breaking Threat Report Tax-themed phishing and malware attacks rise during the tax filing season. FortiGuard Labs recently came upon an interesting Excel file claiming to provide an income tax calculator that purports to be from India’s Income Tax Department. It’s not. Instead, it’s a malicious file containing Continue Reading

An introduction to AppArmor

Cyber attacks are becoming more sophisticated, attack frequency is on the rise, and the cost of cybercrime damage is projected to reach $6 trillion annually by 2021. Traditional defensive measures such as firewalls and intrusion detection systems that operate at the network perimeter are no longer enough to protect today’s distributed Continue Reading

LockerGoga: Ransomware Targeting Critical Infrastructure

A FortiGuard Labs Threat Analysis Report Since the discovery of Stuxnet, more and more attacks are being discovered targeting critical infrastructures. While some attacks are sophisticated and some are not, both can cause significant damage with far-reaching impact.   Figure 1. Critical infrastructure attacks since Stuxnet discovery In the early age Continue Reading

Rewriting IDAPython Script objc2_xrefs_helper.py for Hopper

Security researchers have identified more and more Mac OS malware attacks over the past two years. In June 2017, Rommel Joven and Wayne Chin Yick Low from Fortinet’s Fortiguard Labs found and analyzed a new ransomware targeted at Mac OS.  Most malware for Mac OS was developed in the Objective-C Continue Reading

ReadySpace Cloud Drive – Petya Security Patch

Hi All, Due to the cyber attacks against Danish companies, we will be performing a priority update of all our Cloud Drive servers today. This patch was released late March 2017 and is considered to cover more than 80% of  Petyas exploits.  We expect no downtime, and smaller disturbances will Continue Reading

Byline: WannaCry is Part of a Bigger Problem

The most important question related to the recent WannaCry attacks isn’t who the attackers were, or how big the attack was. The question is, “How did this happen in the first place?” The vulnerability exploited by this attack had been patched by Microsoft months before. That patch was part of a widely Continue Reading

FortiGuard Labs Telemetry – Roundup and Comparison of 2015 and 2016 IoT Threats

Attacks targeting and originating from IoT devices began grabbing news headlines toward the last quarter of 2016. Insecure IoT devices became the low-hanging fruit for threat actors to easily exploit. Some were even notoriously used as botnets to launch DDoS attacks against selected targets. For example, the infamous Mirai botnet Continue Reading

Saudi Organizations Targeted by Resurfaced Shamoon Disk-Wiping Malware

FortiGuard is currently investigating a new wave of attacks targeting Kingdom of Saudi Arabia organizations that use an updated version of the Shamoon malware (also known as DistTrack.) We described this malware in detail a few months ago in a previous article. The key features of that version remain the Continue Reading

TLD glue sticks around too long

Recent headline grabbing DDoS attacks provoked heated debates in the DNS community. Everyone has strong opinions on how to harden DNS to avoid downtime in the future. Is it better to use a single DNS provider or multiple? What DNS TTL values are best? Does DNSSEC make you more or Continue Reading