Fortinet

2012 dubbed 'Year of the Smartphone Hacker' (video segment)

Holly — Fri, 18 May 2012 07:00:00 +0000

Language English

Region:

North America

Link:

http://www.ctvbc.ctv.ca/servlet/an/local/CTVNews/20120515/bc_steele_cell_safety_120515/20120515/?hub=BritishColumbiaHome

Source:

CTV News

Facebook IPO: CEOs See Silicon Valley Upside

Holly — Fri, 18 May 2012 07:00:00 +0000

Language English

Region:

North America

Link:

http://www.thestreet.com/story/11541583/1/facebook-ipo-ceos-see-silicon-valley-upside.html

Source:

The Street

Partnerships Vital In Cybercrime Crackdowns

Thu, 17 May 2012 23:59:46 +0000

For most organizations, regardless of industry, forming strategic partnerships are critical in achieving objectives.

In the case of security organizations, partnerships are vital for better sharing and disseminating threat information, disrupting malware and tracking down cybercriminals and handing them over to appropriate law enforcement channels for prosecution.

The FortiGuard team at Fortinet, for example, has partnerships with organizations such as VirusTotal, an independent online service that analyzes files and URLs in an effort to aid the security and antivirus industries–an alliance that regularly allows members of the team to both acquire and share information regarding detected threats such as viruses, worms, Trojans and other malware.

“The goal is to make the world a safer place. That’s what we’re trying to do through partnerships and collaboration and working with law enforcement as well,” says Derek Manky, senior security strategist for Fortinet.

However, one of the most strategic partnerships is with the Forum of Incident Response and Security Teams, or FIRST, an international organization comprised of a wide array of computer incident response organizations from government, commercial and academic sectors to share information and track threats.

Among other things, the organization aims to develop and share information, tools, processes and best practices regarding security and related threats while promoting the creation and expansion of incident response teams around the world to handle cybercrime and threat investigations.

And subsequently, partnerships with FIRST, and similar organizations, turn out to be crucial in sourcing threats, tracking cybercrime and disseminating information publicly. More often than not, one of the biggest challenges in tracking cybercriminals and threat origins is dealing with other nations and jurisdictions where law enforcement might be impeded by lack of resources, staff and inclination, which often brings cybercrime investigations to a grinding halt.

Organizations such as FIRST serve as a kind of international liaison that allocate the intelligence gathered from the respective organization to the appropriate law enforcement channels.

“The idea is to work with our intelligence and then share that with proper authorities,” Manky says. “If we get protections and intelligence, we can only take it so far. Cybercrimianls are always hiding their tracks by using proxies, using a different computer terminal, those sorts of things. We’re not law enforcement, so that’s where we pass the torch.”

If FortiGuard researchers ultimately track a cybercriminal to the Netherlands or Turkey, for example, FIRST can step in to work with and hand over any necessary information to the investigating authorities that would assist with the investigation or lead to an arrest.

“That helps with some of the jurisdictional issues,” Manky adds. “Cybercrime has no borders.”

Manky contended that the challenge of overcoming jurisdictional hurdles, while still prevalent, has become a bit easier in recent years, in part because several international collaborations between security companies, government and law enforcement agencies have led to successful takedowns of cybercrime rings and botnets. The positive results from the joint efforts have thus encouraged similar endeavors, despite challenges such as bureaucracy, disparate or nebulous cybercrime laws and insufficient investigation resources, which often stymie progress.

Two successes that have stemmed from such partnerships have included the takedowns of the Bredolab and Zeus botnets. Bredolab, a spam-spewing botnet often used by its authors for soliciting fake drugs, was taken offline in October of 2010 in a collaborative effort between the Dutch National High Tech Crime Team, the Dutch National Crime Squad’s High Tech Crime Team (THTC) the Dutch Forensic Institute, Internet security company Fox-IT and the Dutch Computer Emergency Response Team (CERT). The operation came to a head when authorities seized control of 143 malicious servers tied to the botnet and effectively crippled its command-and-control server structure.

Following the Bredolab takedown, Manky and members of the FortiGuard research team noted a 12 percent drop in spam, highlighted in the company’s Threat Landscape Report for November 2010 on December 1, 2010.

Meanwhile, the infamous takedown of the renowned Zeus banking Trojan in March of this year, noted by Microsoft as “an unprecedented, pro-active cross-industry operation,” involved the effective collaboration between Microsoft’s Digital Crimes Unit, Financial Services– Information Sharing and Analysis Center (FS-ISAC), NACHA–the Electronic Payments Association and Kyrus Tech Inc., and ultimately brought the Zeus family of malware to its knees.

“Those are success stories that give encouragement,” Manky says. “And because of that, we’re starting to see more success stories.”

Fortinet® FortiClient™ Earns 25th Virus Bulletin VB100 Award

Holly — Tue, 15 May 2012 07:00:00 +0000

Endpoint Security Solution Earns Comparative VB100 Certification Based on Detection Rates and Stability

SUNNYVALE, Calif., May 15, 2011 - Fortinet® (NASDAQ: FTNT) - a leader in high-performance network security – today announced the company’s FortiClient™ endpoint security solution has been awarded its 25th Virus Bulletin certification in the Antivirus Awards.

Virus Bulletin staff tested FortiClient along with 59 other endpoint security solutions from multiple countries for malware catch rates and false positive rates.

“FortiClient’s interface is efficient and businesslike, providing an excellent set of controls in a lucid and logical manner, and testing was a pleasant process, free from shocks or surprises,” said John Hawes, test team director at Virus Bulletin. “The software’s detection rates were impressive and stability was excellent.”

FortiClient is an enterprise-grade endpoint security suite that features the same antivirus technology found in the company’s FortiGate®, FortiWeb®, and FortiMail® product lines. When used in connection with a FortiGate appliance, FortiClient provides a range of security features to help protect a network and ensure policy compliance. Customers have a choice of deploying FortiClient for secure remote connectivity or FortiClient Premium for broad endpoint security. And, unlike other security clients that are either connection- or antimalware-focused, Fortinet’s FortiClient combines the best of both approaches for more complete protection.

The critical technology in Fortinet’s antivirus engine is its ability to help decode and track behaviors of polymorphic, encrypted and packed malware in real-time. Fortinet developed a propriety binary emulation engine that allows its antivirus engine to detect new malware and variants, regardless of whether a detection signature exists. This enables FortiClient to detect today’s robust malware threats, even those that use sophisticated evasion techniques like polymorphism and encryption to avoid detection from other antimalware products.

“It’s great to see FortiClient performing so well in the Virus Bulletin tests against so many other contenders,” said Patrick Bedwell, vice president of product marketing for Fortinet. “Thanks to the unique malware detection technology found in FortiClient, FortiGate, FortiWeb and FortiMail product lines, our customers are better protected against many of today’s most sophisticated attacks. What’s more, they can continue to rely on our threat research team to help keep them protected from emerging threats in the future.”

Follow Fortinet Online: Subscribe to threat landscape reports: http://blog.fortinet.com/feed/; Twitter at: www.twitter.com/fortinet; Facebook at: www.facebook.com/fortinet; YouTube at: http://www.youtube.com/user/SecureNetworks.

About Fortinet (www.fortinet.com)

Fortinet (NASDAQ: FTNT) is a worldwide provider of network security appliances and the market leader in unified threat management (UTM). Our products and subscription services provide broad, integrated and high-performance protection against dynamic security threats while simplifying the IT security infrastructure. Our customers include enterprises, service providers and government entities worldwide, including the majority of the 2011 Fortune Global 100. Fortinet's flagship FortiGate product delivers ASIC-accelerated performance and integrates multiple layers of security designed to help protect against application and network threats. Fortinet's broad product line goes beyond UTM to help secure the extended enterprise - from endpoints, to the perimeter and the core, including databases and applications. Fortinet is headquartered in Sunnyvale, Calif., with offices around the world.

Copyright © 2012 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and unregistered trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiManager, FortiMail, FortiClient, FortiCare, FortiAnalyzer, FortiReporter, FortiOS, FortiASIC, FortiWiFi, FortiSwitch, FortiVoIP, FortiBIOS, FortiLog, FortiResponse, FortiCarrier, FortiScan, FortiAP, FortiDB and FortiWeb. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties including, Virus Bulletin, and Fortinet does not independently endorse such statements. Nothing in the news release constitutes a warranty, guaranty, or contractually binding commitment. This news release may contain forward-looking statements that involve uncertainties and assumptions. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Fortinet assumes no obligation to update any forward-looking statements, and does not intend to update these forward-looking statements.

VMware leak highlights holes in virtual environments

Holly — Tue, 15 May 2012 07:00:00 +0000

Language English

Region:

North America

Link:

http://www.scmagazineuk.com/vmware-leak-highlights-holes-in-virtual-environments/article/241194/?DCMP=EMC-SCUK_Newswire

Source:

SC Magazine

Re-Thinking Network Architectures in the Cloud

Holly — Tue, 15 May 2012 07:00:00 +0000

Language English

Region:

North America

Link:

http://www.enterprisenetworkingplanet.com/datacenter/datacenter-blog/re-thinking-network-architectures-in-the-cloud.html

Source:

EnterpriseNetworkingPlanet

Security Week In Review, May 7-11

Tue, 15 May 2012 01:37:48 +0000

Updates, upgrades and patches, oh my. The week of May 7-11 was indeed a week of major patches from some of the biggest players. The good news is, many of the most popular OSes, Web browsers and applications are now a tad more secure. Here is a look at last week’s security news.

Patch Tuesday Delivers Three Critical Updates: For its regularly scheduled Patch Tuesday security update, Microsoft released a total of seven bulletins, three designated with the highest severity rating of “critical,” repairing a total of 23 vulnerabilities in Microsoft Windows, Office, Silverlight and the .NET Framework.

In a blog post, Microsoft emphasized that users install MS12-034, a critical combined update repairing a total of 10 vulnerabilities in Office, Windows, .Net Framework and Silverlight. Of the vulnerabilities addressed by the collective patch, several could subject users to unwanted malware attacks if they open a malicious document or visit an infected Website that embedded TrueType font files.

In addition, Redmond recommended that users prioritize a patch that plugged another security hole in Microsoft Word, also deemed “critical,” which enabled hackers to execute malicious code remotely if users were enticed to open a specially crafted RTF file. In an attack scenario, a miscreant could compromise users via an infected Word file delivered via e-mail and convince them to open it with some kind of social engineering scheme.

Ghost RAT Plagues Amnesty International Site: Last week, human rights organization Amnesty International became the victim of a malicious hack when attackers planted malware on its Website that in turn infected unsuspecting visitors with the Gh0st RAT Trojan.

The malware exploited a common Java flaw, which hackers used to conveniently inject the site with malicious code. According to researchers at Websense, who discovered the attacks, the cyber hoods infused the Amnesty site with Java script designed to deliver Gh0st RAT onto susceptible Windows machines of Website visitors. If successfully downloaded, the malware is fully equipped to monitor and steal victims’ financial, personal and other sensitive information, as well as login credentials and passwords. Amnesty International has since rid it site of the malware.

The Gh0st RAT Trojan, first detected last year, has been incorporated into APTs in numerous sophisticated attacks thought to be initiated by Chinese hackers, making a name for itself, in particular, with the Nitro attacks on energy corporations in 2011.

Adobe Rethinks Making Users Pay For Upgrades: The good news is that Adobe released a major security upgrade last week, which, among other things, repaired a gaping security hole in Photoshop 12 (Creative Suite 5) affecting versions of the software on both Windows and Mac platforms. Trouble was, users would have had to shell out some cash to get it.

Specifically, the vulnerability occurs in the parsing of TIFF images. During a successful attack, cyber hackers could launch remote code execution attacks to enter the network with the same privileges as the user, if they were to entice a user to open a malicious TIFF file. An attacker could typically reel in victims with social engineering schemes, subsequently tricking them into clicking on malicious TIFF files designed to download malware and compromise the user’s machine.

However, instead of developing a separate patch plugging the security hole, Adobe initially said that the fix would be incorporated as a software upgrade to the newest paid version of Photoshop, CS6.

The decision resulted in sharp backlash from users irate that they would be required to pay to update a flaw in Adobe’s software ostensibly attributed to the vendor. Following the outpouring of user sentiment against the security solution, Adobe did an about face, maintaining that it is currently in the process of developing a free patch for the users to install.

Apple Releases Security Fixes: Apple released security updates last week repairing four security vulnerabilities in its Safari Web browser, while blocking old and vulnerable versions of Adobe’s Flash Player from running in its browser.

Altogether, products affected by the update included Safari 5.1.7 for Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion Server v10.7.4, OS X Lion v10.7.4, Windows 7, Vista, XP SP2 or later versions.

Among other things, Apple’s latest update prevented Adobe’s Flash Player from accessing Safari in version 10.1.102.64 and earlier. Since then, Adobe has released Flash Player 11 for the Mac.

In addition to preventing older versions of Flash Player from taking hold in Safari, the update repaired four security vulnerabilities occurring in WebKit–the open-source rendering engine behind both Safari and the Google Chrome Web browser–that left it susceptible to cross-site scripting attacks and memory corruption errors.

One of the vulnerabilities repaired by the update was first revealed by a researcher at Google’s Pwnium hacking contest at the CanSecWest conference in March, according to Computerworld. The researcher received a $60,000 cash prize for successfully exploiting the vulnerability to infiltrate the Chrome browser.

The U.S. Computer Emergency Readiness Team warned in an advisory that, if left unpatched, attackers could exploit the the vulnerabilities “to execute arbitrary code, obtain sensitive information, operate with elevated privileges, cause a denial-of-service condition or perform a cross-site scripting attack.”

FortiSwitch-5003B-Auto

xmlrpc — Mon, 14 May 2012 23:43:00 +0000

( PDF )

FortiSwitch-5203B-Auto

xmlrpc — Mon, 14 May 2012 23:43:00 +0000

( PDF )

FortiGate-5101C-Auto

xmlrpc — Mon, 14 May 2012 23:41:00 +0000

( PDF )