A Layered Approach to Cybersecurity: People, Processes, and Technology

A Layered Approach to Cybersecurity Many think of a layered approach to cybersecurity in terms of technology and tools. This means having various security controls in place to protect separate entryways. For example, deploying a web application firewall, endpoint protections, and secure email gateways, rather than relying only on traditional perimeter Continue Reading

Fighting the Evolution of Malware

Malware is becoming increasingly destructive. Below is a short history of this trend, along with steps organizations can take to combat it. (This byline originally appeared in SC Media as a bylined article.) We begin with Mirai that, in the summer of 2016, was responsible for the largest DDoS attack Continue Reading

.Net RAT Malware Being Spread by MS Word Documents

Breaking Threat Research from FortiGuard Labs Just days ago, Fortinet’s FortiGuard Labs captured a malicious MS Word document from the wild that contains auto-executable malicious VBA code that can spread and install NanoCore RAT software on a victim’s Windows system. NanoCore RAT was developed in the .Net framework, and the latest Continue Reading

Will Emerging Threats Tip the Scales?

This is a summary of an article that first appeared in SecurityWeek on December 07, 2018. Digital devices and infrastructures continue to be woven deeper into every aspect of our lives, whether through connected homes, cars, and mobile devices, or by expanding their role in business, government, and even critical Continue Reading

Microsoft Windows JET Engine Msrd3x Code Execution Vulnerability

Threat Analysis from FortiGuard Labs In September 2018, Fortinet’s FortiGuard Labs researcher Honggang Ren discovered a code execution vulnerability in Windows JET Engine Msrd3x40 and reported it to Microsoft by following Fortinet’s responsible disclosure process. On patch Tuesday of January 2019, Microsoft released a Security Bulletin that contains the fix Continue Reading

>