In this monthly video series focusing on the latest digital security threats, Keith Shaw and Fortinet’s Derek Manky discuss the recent Twitter hack on the Associated Press, the Spamhaus arrests and DNS amplification, and the latest Android hacks.
Cyberattack Tracker Zeroes in on Firewall Vulnerabilities
Deutsche Telekom’s interactive, real-time map of global cyberattacks reveals the bulk of recent attacks – 27.3 million in February alone – were against the Server Message Block (SMB), aka the Common Internet File System (CIFS). Reuven Harrison, CTO and co-founder of Tufin, a security and lifecycle management company and Fortinet solution partner, wrote in a blog that the map’s revelations are significant.
W32/Kryptik.AX!tr – A Masterful FTP Trojan
A few days ago I received an interesting email message: Just your typical phishing email. Normally, I would just dump it into our signature automation processors and move on to the next piece of malicious code.
Bitcoin and the ZeroAccess Botnet
Botnets for years have been leveraged as a cybercrime tool to commit any variety of nefarious activity ranging from Website defacement and DDoS to the proliferation of malware and theft of sensitive information. Lately, the cyber community can add one more to the list mining the digital currency Bitcoin.
UTM 9.006 Up2Date Released
Up2Date 9.006 is now available. In this update we have included a number of fixes and improvements.
Spamhaus, Cyberbunker and the largest DDoS attack on Record
Botnet owners took a page out of Chef Emeril Legasse’s cookbook and ‘kicked it up a notch’ last week when they launched a massive Distributed Denial of Service (DDoS) attack on Internet spam fighter Spamhaus, content delivery provider CloudFlare and other Internet infrastructure providers. The Spamhaus Project provides blacklisting services to many ISPs and email servers around the world with the intent of stopping the billions of spam emails sent daily
Sandboxing Technologies, Techniques Get Another Look
Neil MacDonald, a vice president at Gartner, wrote in a blog last week the idea of sandboxing potentially malicious content and applications isn’t new, but interest in this type of approach – particularly on Windows desktops – is on the rise. A growing number of virtualization and abstraction techniques available on Windows, he wrote, create isolation to provide security separation. FortiGuard Labs describes sandboxing as a practice employed by security technology to separate running progra…
Insomni’hack 2013
Insomni’hack 2013 took place last week at Geneva and I had the opportunity to attend. Insomni’hack DAY 1 consisted of one day workshops on subjects ranging from “Linux exploitation” to “How to make sure your Pentest Report is never empty”. I had the chance to attend a workshop on “Practical ARM exploitation” given by black Steve (@s7ephen) and white Steve (Stephen Lawler)
DDoS: A Brief History
Distributed-denial-of-service (DDoS) attacks have been the tool of choice for cybercriminals since the dawn of the Internet. Why
One Brand of Firewall is a Best Practice
In case you haven’t seen it, there’s an interesting research note authored by Greg Young of Gartner that posits “one brand of firewall is a best practice for most enterprises.” And, in particular we have to agree. Why? Let’s go back to 1999 and see. Taking a quote from Bruce Schneier’s, A Plea for Simplicity, “the worst enemy of security is complexity.” Thirteen years later, Gartner also seems to agree; saying basically that having different firewall platforms increases configuration and m…