Welcome!

Cloud Security Authors: Yeshim Deniz, Zakia Bouachraoui, Liz McMillan, Elizabeth White, Ravi Rajamiyer

News Feed Item

Fortinet's February Threatscape Report Shows Rise in Ransomware, Spam Nears Record Numbers

Spam Distributes Ransomware to the Masses and Up-Levels Profitability for Cyber Criminals

SUNNYVALE, CA -- (Marketwire) -- 03/09/10 -- Fortinet® (NASDAQ: FTNT) -- a leading network security provider and worldwide leader of unified threat management (UTM) solutions -- today announced its February 2010 Threatscape report showed strong spam activity, with one particular campaign accounting for more than half of the total volume of malware detected this period. In just a two-day run, HTML/Goldun.AXT, dominated spam and overall threat levels, nearing record numbers, and contributed to the explosion of ransomware. A number of other varying spam campaigns helped to elevate ransomware on the radar this period, distributing a variant known as 'Security Tool.' Apart from these high spam rates, overall active exploits of new vulnerabilities also remained high with 39 percent of new vulnerabilities detected in the wild.

Key threat activities for the month of February include:

--  Ransomware's Reality: Turning Fortinet's 2010 prediction into fact, the
    spread of ransomware became a reality this period with high activity
    through a variety of spam campaigns. Most notable was the number one
    chart-topping malware variant, HTML/Goldun.AXT, which works by
    disseminating a binary malware file that downloads the ransomware
    "Security Tool" and, once executed, locks up applications until a
    cleansing tool is purchased to restore the computer. While this example
    accounts for the majority of activity detected this period, the Security
    Tool ransomware was also distributed through SEO attacks as well. The
    HTML/Goldun campaign brings a new ransomware tactic to the table and ups
    the ante for monetary gains, but the campaign in and of itself isn't new
    as the first waves were seen in late 2008, alongside the first flood of
    scareware that hit cyberspace.
--  Job Vacancies -- Cutwail Hired: Spam this period came in different
    shapes and sizes, but one thing is for sure: it came in record numbers.
    The culprit behind the mass distribution came from an old friend
    Cutwail, a botnet spam engine whose most prevalent campaigns sent
    scareware and ransomware through social engineering schemes. While
    Cutwail continues to grow with the success of its components, in this
    period, additional botnet binaries were linked to Cutwail, indicating
    Cutwail is being used as a spamming service, which ultimately multiplies
    the number of cybercriminals pushing out these spam campaigns.
--  Buzus and Botnets Go Berserk: While ransomware took the prize in this
    period's Threatscape report, the Buzus spam Trojan and various botnets,
    including the infamous Bredolab, Gumbler and Sasfis, still created a
    stir across Fortinet's Top 10 Malware list. One new-comer to the top 10
    attack list was the Sun Java vulnerability (CVE-2009-3867), which is
    triggered through a malicious Java Applet by visiting a malicious
    website, proving that the platform is, once again, a quick and easy
    target for such campaigns.

"What we observed this month is that while spamming campaigns may change over time and methods of execution reworked a bit, the tried and true techniques that have proven successful in the past continue to thrive," said Derek Manky, project manager, cyber security and threat research, Fortinet. "Spam will continue to come in new flavors, with either old binaries under a different package or a new binary code under a similar guise; and new tools, like crime-as-a-service, will continue to support the growing distribution. This gives us another reason to support a layered security approach as an imperative for getting in front of the next wave."

FortiGuard Labs compiled threat statistics and trends for February based on data collected from FortiGate® network security appliances and intelligence systems in production worldwide. Customers who use Fortinet's FortiGuard Subscription Services should already be protected against the threats outlined in this report.

To read the full February Threatscape report which includes the top threat rankings in each category, please visit: http://www.fortiguard.com/report/roundup_february_2010.html. For ongoing threat research, bookmark the FortiGuard Center (http://www.fortiguardcenter.com/) or add it to your RSS feed by going to http://www.fortinet.com/FortiGuardCenter/rss/index.html. Additional discussion on security technologies and threat analysis can be found at the FortiGuard Blog at http://blog.fortinet.com. To learn more about FortiGuard Subscription Services, visit http://www.fortinet.com/products/fortiguard.html.

FortiGuard Subscription Services offer broad security solutions including antivirus, intrusion prevention, Web content filtering and anti-spam capabilities. These services help enable protection against threats on both application and network layers. FortiGuard Services are updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and zero-day protection from new and emerging threats. For customers with a subscription to FortiGuard, these updates are delivered to all FortiGate, FortiMail™ and FortiClient™ products.

About Fortinet (www.fortinet.com)
Fortinet (NASDAQ: FTNT) is a worldwide provider of network security appliances and the market leader in unified threat management (UTM). Our products and subscription services provide broad, integrated and high-performance protection against dynamic security threats while simplifying the IT security infrastructure. Our customers include enterprises, service providers and government entities worldwide, including the majority of the 2009 Fortune Global 100. Fortinet's flagship FortiGate product delivers ASIC-accelerated performance and integrates multiple layers of security designed to help protect against application and network threats. Fortinet's broad product line goes beyond UTM to help secure the extended enterprise -- from endpoints, to the perimeter and the core, including databases and applications. Fortinet is headquartered in Sunnyvale, Calif., with offices around the world.

Copyright © 2010 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and unregistered trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiManager, FortiMail, FortiClient, FortiCare, FortiAnalyzer, FortiReporter, FortiOS, FortiASIC, FortiWiFi, FortiSwitch, FortiVoIP, FortiBIOS, FortiLog, FortiResponse, FortiCarrier, FortiScan, FortiDB and FortiWeb. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. This news release contains forward-looking statements that involve uncertainties and assumptions. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements, including but not limited to any statements related to expected trends in cybercriminal activity. These trends are difficult to predict and any stated expectations regarding these trends may not ultimately be correct. Fortinet assumes no obligation to update any forward-looking statements, and does not intend to update these forward-looking statements.

Add to Digg Bookmark with del.icio.us Add to Newsvine

Media Contact:
Kim Nguyen
Fortinet, Inc.
408-486-5458
[email protected]

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

IoT & Smart Cities Stories
The hierarchical architecture that distributes "compute" within the network specially at the edge can enable new services by harnessing emerging technologies. But Edge-Compute comes at increased cost that needs to be managed and potentially augmented by creative architecture solutions as there will always a catching-up with the capacity demands. Processing power in smartphones has enhanced YoY and there is increasingly spare compute capacity that can be potentially pooled. Uber has successfully ...
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across private and public clouds. Manual security compliance is slow, prone to human error, and represents over 50% of the cost of managing cloud applications. Determining how to automate cloud security compliance is critical...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
Disruption, Innovation, Artificial Intelligence and Machine Learning, Leadership and Management hear these words all day every day... lofty goals but how do we make it real? Add to that, that simply put, people don't like change. But what if we could implement and utilize these enterprise tools in a fast and "Non-Disruptive" way, enabling us to glean insights about our business, identify and reduce exposure, risk and liability, and secure business continuity?
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound e...
Chris Matthieu is the President & CEO of Computes, inc. He brings 30 years of experience in development and launches of disruptive technologies to create new market opportunities as well as enhance enterprise product portfolios with emerging technologies. His most recent venture was Octoblu, a cross-protocol Internet of Things (IoT) mesh network platform, acquired by Citrix. Prior to co-founding Octoblu, Chris was founder of Nodester, an open-source Node.JS PaaS which was acquired by AppFog and ...
In today's enterprise, digital transformation represents organizational change even more so than technology change, as customer preferences and behavior drive end-to-end transformation across lines of business as well as IT. To capitalize on the ubiquitous disruption driving this transformation, companies must be able to innovate at an increasingly rapid pace.
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
"MobiDev is a Ukraine-based software development company. We do mobile development, and we're specialists in that. But we do full stack software development for entrepreneurs, for emerging companies, and for enterprise ventures," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...