Key Considerations for a Secure Cloud Migration

This is a summary of an article, “6 Considerations for Secure Cloud Migration,” written by Fortinet’s Lior Cohen that appeared on the DevOps website on April 11, 2019. According to a 2018 Cloud Computing Survey by IDG, 73% of organizations already have at least one application or some portion of their Continue Reading

New Attacks and Old Attacks Made New

This blog is a summary of an article written by Fortinet’s Derek Manky that appeared on the Dark Reading website on April 16, 2019, entitled “New Attacks (and Old Attacks Made New).” Although cybercriminals depend on innovation in order to stay ahead of security safeguards, they are still subject to Continue Reading

AI-based Fuzzing Could Change Security

This blog is a summary of an article written by Fortinet’s Derek Manky that appeared as a byline article on the Threatpost website on December 7, 2018. Many developers, along with professional threat researchers, employ a technique known as fuzzing that is designed to discover vulnerabilities in hardware and software interfaces Continue Reading

Getting Ready for Swarm-as-a-Service

This blog is a summary of an article written by Fortinet’s Derek Manky that appeared on the ThreatPost website on January 31, 2019. The digital world has created unprecedented opportunities – both for good and for ill. Advances in swarm technology, for example, have powerful implications in the fields of Continue Reading

So you want to expose Go on the Internet

This piece was originally written for the Gopher Academy advent series. We are grateful to them for allowing us to republish it here. Back when crypto/tls was slow and net/http young, the general wisdom was to always put Go servers behind a reverse proxy like NGINX. That’s not necessary anymore! Continue Reading

A New All-in-One Botnet : Proteus

  Introduction The ART team at Fortinet has discovered a new malware named Proteus, a multifunctional botnet written in .NET that appears to be a proxy, coin miner, e-commerce merchant account checker, and keylogger. This particular botnet is downloaded by the Andromeda botnet. The handful of malicious features densely packed Continue Reading

RIoT Control – What Are the “Things” in the IoT?

This is the second in a series of blogs written as a companion to my forthcoming book, RIoT Control – Understanding and Managing Risk and the Internet of Things What Are the “Things” in The Internet of Things? User-based devices that communicate, consume content, and create and publish content for Continue Reading

How Healthcare Can Build their Cyber Threat Defenses

Articles, blogs, and whitepapers written about the rise in cybercrime targeting healthcare have become routine even as they reflect a mounting threat to one of our most critical industries. Virtually anyone who has access to a computer and has a propensity toward criminal activity is now able to enter the Continue Reading

Security news – Zimbra ransomware written in python

Lawrence Abrams of Bleeping Computer has reported that there is a new ransomware variant, written in Python, that is targeting ZCS server data under /opt/zimbra/store/. How can you protect your Server/s from this, or other, ransomware? At this point, no details have been provided about how any servers were compromised. Without any details, the best advice we Continue Reading

>