Fortinet

This week Fortinet released its latest Threat Landscape Report - a collection of threats, attacks, and data collected from live production environments of all sizes and types. As part of our Cyber Threat Assessment Program (CTAP), enterprises and or...

What do you get when you combine the world’s most widely deployed NGFW with the largest scalable infrastructure and then add-in unmatched granular visibility, control, threat prevention and a whole lot of other DevOps capabilities?  You ge...

Our threat landscape is constantly evolving. As known vectors are exposed and neutralized, new methods emerge to take their places. And the current wave of advanced threats are getting increasingly better at slipping past perimeter security to reac...

Over the past year or so we’ve heard lots about segmentation and micro-segmentation as new ways to build effective cyber defences in enterprise networks and data centres… but is it enough? Can we delve even deeper? I believe there...

Summary This month Microsoft patched two vulnerabilities which were discovered and reported by me, one is an information disclosure vulnerability in Internet Explorer (IE) (CVE-2016-0059 in MS16-009), the other is a memory corruption vulnerabil...

A new ransomware named “Locky” is currently circulating in the wild and making the headlines. There are some good reports regarding Locky ransomware already available over the Internet. This blog intends to focus on some technical areas t...

Valentine’s day is just around the corner and it would not be fair to let the occasion pass us by without reflecting on the colorful, charming, amorous, sometimes exotic world of malware. In this blog we explore some of the milestone threats th...

A few days ago, Oracle announced on their blog that they plan to kill the Java browser plugin in their next major version of JDK, scheduled for release in Q1 2017. What does this mean? Should we worry about our browsing experience? This really ju...

Two months ago, a Java zero day vulnerability (CVE-2015-4852) that targeted Apache commons collections library was disclosed. This vulnerability is caused by an error when Java applications, which use Apache commons collections library, deserialize o...