Welcome!

Cloud Security Authors: Pat Romanski, Liz McMillan, Elizabeth White, Zakia Bouachraoui, Yeshim Deniz

News Feed Item

Fortinet's February Threatscape Report Shows Rise in Ransomware, Spam Nears Record Numbers

Spam Distributes Ransomware to the Masses and Up-Levels Profitability for Cyber Criminals

SUNNYVALE, CA -- (Marketwire) -- 03/09/10 -- Fortinet® (NASDAQ: FTNT) -- a leading network security provider and worldwide leader of unified threat management (UTM) solutions -- today announced its February 2010 Threatscape report showed strong spam activity, with one particular campaign accounting for more than half of the total volume of malware detected this period. In just a two-day run, HTML/Goldun.AXT, dominated spam and overall threat levels, nearing record numbers, and contributed to the explosion of ransomware. A number of other varying spam campaigns helped to elevate ransomware on the radar this period, distributing a variant known as 'Security Tool.' Apart from these high spam rates, overall active exploits of new vulnerabilities also remained high with 39 percent of new vulnerabilities detected in the wild.

Key threat activities for the month of February include:

--  Ransomware's Reality: Turning Fortinet's 2010 prediction into fact, the
    spread of ransomware became a reality this period with high activity
    through a variety of spam campaigns. Most notable was the number one
    chart-topping malware variant, HTML/Goldun.AXT, which works by
    disseminating a binary malware file that downloads the ransomware
    "Security Tool" and, once executed, locks up applications until a
    cleansing tool is purchased to restore the computer. While this example
    accounts for the majority of activity detected this period, the Security
    Tool ransomware was also distributed through SEO attacks as well. The
    HTML/Goldun campaign brings a new ransomware tactic to the table and ups
    the ante for monetary gains, but the campaign in and of itself isn't new
    as the first waves were seen in late 2008, alongside the first flood of
    scareware that hit cyberspace.
--  Job Vacancies -- Cutwail Hired: Spam this period came in different
    shapes and sizes, but one thing is for sure: it came in record numbers.
    The culprit behind the mass distribution came from an old friend
    Cutwail, a botnet spam engine whose most prevalent campaigns sent
    scareware and ransomware through social engineering schemes. While
    Cutwail continues to grow with the success of its components, in this
    period, additional botnet binaries were linked to Cutwail, indicating
    Cutwail is being used as a spamming service, which ultimately multiplies
    the number of cybercriminals pushing out these spam campaigns.
--  Buzus and Botnets Go Berserk: While ransomware took the prize in this
    period's Threatscape report, the Buzus spam Trojan and various botnets,
    including the infamous Bredolab, Gumbler and Sasfis, still created a
    stir across Fortinet's Top 10 Malware list. One new-comer to the top 10
    attack list was the Sun Java vulnerability (CVE-2009-3867), which is
    triggered through a malicious Java Applet by visiting a malicious
    website, proving that the platform is, once again, a quick and easy
    target for such campaigns.

"What we observed this month is that while spamming campaigns may change over time and methods of execution reworked a bit, the tried and true techniques that have proven successful in the past continue to thrive," said Derek Manky, project manager, cyber security and threat research, Fortinet. "Spam will continue to come in new flavors, with either old binaries under a different package or a new binary code under a similar guise; and new tools, like crime-as-a-service, will continue to support the growing distribution. This gives us another reason to support a layered security approach as an imperative for getting in front of the next wave."

FortiGuard Labs compiled threat statistics and trends for February based on data collected from FortiGate® network security appliances and intelligence systems in production worldwide. Customers who use Fortinet's FortiGuard Subscription Services should already be protected against the threats outlined in this report.

To read the full February Threatscape report which includes the top threat rankings in each category, please visit: http://www.fortiguard.com/report/roundup_february_2010.html. For ongoing threat research, bookmark the FortiGuard Center (http://www.fortiguardcenter.com/) or add it to your RSS feed by going to http://www.fortinet.com/FortiGuardCenter/rss/index.html. Additional discussion on security technologies and threat analysis can be found at the FortiGuard Blog at http://blog.fortinet.com. To learn more about FortiGuard Subscription Services, visit http://www.fortinet.com/products/fortiguard.html.

FortiGuard Subscription Services offer broad security solutions including antivirus, intrusion prevention, Web content filtering and anti-spam capabilities. These services help enable protection against threats on both application and network layers. FortiGuard Services are updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and zero-day protection from new and emerging threats. For customers with a subscription to FortiGuard, these updates are delivered to all FortiGate, FortiMail™ and FortiClient™ products.

About Fortinet (www.fortinet.com)
Fortinet (NASDAQ: FTNT) is a worldwide provider of network security appliances and the market leader in unified threat management (UTM). Our products and subscription services provide broad, integrated and high-performance protection against dynamic security threats while simplifying the IT security infrastructure. Our customers include enterprises, service providers and government entities worldwide, including the majority of the 2009 Fortune Global 100. Fortinet's flagship FortiGate product delivers ASIC-accelerated performance and integrates multiple layers of security designed to help protect against application and network threats. Fortinet's broad product line goes beyond UTM to help secure the extended enterprise -- from endpoints, to the perimeter and the core, including databases and applications. Fortinet is headquartered in Sunnyvale, Calif., with offices around the world.

Copyright © 2010 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and unregistered trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiManager, FortiMail, FortiClient, FortiCare, FortiAnalyzer, FortiReporter, FortiOS, FortiASIC, FortiWiFi, FortiSwitch, FortiVoIP, FortiBIOS, FortiLog, FortiResponse, FortiCarrier, FortiScan, FortiDB and FortiWeb. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. This news release contains forward-looking statements that involve uncertainties and assumptions. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements, including but not limited to any statements related to expected trends in cybercriminal activity. These trends are difficult to predict and any stated expectations regarding these trends may not ultimately be correct. Fortinet assumes no obligation to update any forward-looking statements, and does not intend to update these forward-looking statements.

Add to Digg Bookmark with del.icio.us Add to Newsvine

Media Contact:
Kim Nguyen
Fortinet, Inc.
408-486-5458
[email protected]

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

IoT & Smart Cities Stories
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
The platform combines the strengths of Singtel's extensive, intelligent network capabilities with Microsoft's cloud expertise to create a unique solution that sets new standards for IoT applications," said Mr Diomedes Kastanis, Head of IoT at Singtel. "Our solution provides speed, transparency and flexibility, paving the way for a more pervasive use of IoT to accelerate enterprises' digitalisation efforts. AI-powered intelligent connectivity over Microsoft Azure will be the fastest connected pat...
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embr...
CloudEXPO has been the M&A capital for Cloud companies for more than a decade with memorable acquisition news stories which came out of CloudEXPO expo floor. DevOpsSUMMIT New York faculty member Greg Bledsoe shared his views on IBM's Red Hat acquisition live from NASDAQ floor. Acquisition news was announced during CloudEXPO New York which took place November 12-13, 2019 in New York City.
In an age of borderless networks, security for the cloud and security for the corporate network can no longer be separated. Security teams are now presented with the challenge of monitoring and controlling access to these cloud environments, at the same time that developers quickly spin up new cloud instances and executives push forwards new initiatives. The vulnerabilities created by migration to the cloud, such as misconfigurations and compromised credentials, require that security teams t...
The graph represents a network of 1,329 Twitter users whose recent tweets contained "#DevOps", or who were replied to or mentioned in those tweets, taken from a data set limited to a maximum of 18,000 tweets. The network was obtained from Twitter on Thursday, 10 January 2019 at 23:50 UTC. The tweets in the network were tweeted over the 7-hour, 6-minute period from Thursday, 10 January 2019 at 16:29 UTC to Thursday, 10 January 2019 at 23:36 UTC. Additional tweets that were mentioned in this...
The term "digital transformation" (DX) is being used by everyone for just about any company initiative that involves technology, the web, ecommerce, software, or even customer experience. While the term has certainly turned into a buzzword with a lot of hype, the transition to a more connected, digital world is real and comes with real challenges. In his opening keynote, Four Essentials To Become DX Hero Status Now, Jonathan Hoppe, Co-Founder and CTO of Total Uptime Technologies, shared that ...
After years of investments and acquisitions, CloudBlue was created with the goal of building the world's only hyperscale digital platform with an increasingly infinite ecosystem and proven go-to-market services. The result? An unmatched platform that helps customers streamline cloud operations, save time and money, and revolutionize their businesses overnight. Today, the platform operates in more than 45 countries and powers more than 200 of the world's largest cloud marketplaces, managing mo...
When Enterprises started adopting Hadoop-based Big Data environments over the last ten years, they were mainly on-premise deployments. Organizations would spin up and manage large Hadoop clusters, where they would funnel exabytes or petabytes of unstructured data.However, over the last few years the economics of maintaining this enormous infrastructure compared with the elastic scalability of viable cloud options has changed this equation. The growth of cloud storage, cloud-managed big data e...
Your applications have evolved, your computing needs are changing, and your servers have become more and more dense. But your data center hasn't changed so you can't get the benefits of cheaper, better, smaller, faster... until now. Colovore is Silicon Valley's premier provider of high-density colocation solutions that are a perfect fit for companies operating modern, high-performance hardware. No other Bay Area colo provider can match our density, operating efficiency, and ease of scalability.