Gartner: The Future of AI & Its Impact on Your Organization (April 7th)
Fortinet News

March 8th is International Women's Day and the organization UN Women and the United Nations are celebrating it under the theme of 'DigitALL: Innovation and technology for gender equality.'

Fortinet takes this call to action very seriously and is committed to advancing gender equality in cybersecurity. We're doing this in part by creating more opportunities for women in the industry through our corporate social responsibility efforts and Training Institute by increasing access to cyber training and professional development opportunities for women and underserved populations.

On this day dedicated to women, we want to spotlight two of our female employees: Pratyusha Paul Chowdhury, Senior Principal Engineer at Fortinet, and Maria Jose Albarran, Channel Account Director. Pratyusha and Maria spoke about their background, the opportunities they've had within Fortinet to advance in their careers, and what knowledge they would impart to other women.

New updates to FortiSASE expand the industry's most integrated single-vendor SASE solution to further converge networking and security across a unified operating system and agent

Fortinet announced several enhancements to FortiSASE, Fortinet's single-vendor SASE solution, to enable additional deployment flexibility and new secure access capabilities for digital resources across private applications, SaaS, and the internet.

Single-Vendor SASE Secures Today's Hybrid Workforce

Today, the majority of organizations-55% of respondents to a recent Fortinet work-from-anywhere survey-support hybrid workforces, which means most CIOs are tasked with the challenge of securing users as they move from home to office and during travel.

Even if you have extensive security in place, unknown and suspicious code and files continue to present serious threats. Until recently, no vendor has been able to deliver in-line sandboxing on the network because of the astronomical performance demands.

Fortinet's dedication to innovation had led to the industry's first inline sandbox on a next-generation firewall (NGFW), which holds suspicious files and analyzes them in near real-time without impacting productivity or network performance. Unlike a traditional offline sandbox, known file-based threats such as malware are never allowed to enter the network, reducing risk and time to mitigate significantly. Inline sandboxing is one of many examples of Fortinet's dedication to industry-first cybersecurity innovation to help our customers reduce risk and stay ahead of cyber adversaries.

Security breaches are rising across all industries, with cybercriminals leveling up their playbooks and increasing the volume of attacks. As if trying to stay ahead of adversaries weren't enough, security leaders are also working to manage another risk: a talent shortage.

Organizations are finding it hard to attract and retain security professionals, especially those who work in security operations center (SOC) roles as these teams are strained and facing burnout. In fact, 65% of SOC professionals have considered quitting their jobs. Other security-focused positions that are in demand but difficult to fill include cloud security specialists, network security architects, and penetration testers.

Almost exactly three years ago, the COVID-19 global pandemic arrived, and millions of workers were forced to do their jobs apart from coworkers and away from workplaces.

This resulted in an unprecedented increase in employees who do the majority of their work online from anywhere they can get internet access-more than likely at home. Of course, work-from-home (WFH) employees have been around for years, but they were always a small fraction of an organization's staff.

But, when the tables turned with the coronavirus shutdowns of 2020 and remote workers became the majority, organizations had to quickly adapt-especially IT departments. After employees scattered around the globe, and then months later some returned to on-site workplaces-though many not as regularly as before-the 'hybrid workforce' became an accepted term for describing the phenomenon.

Old Cyber Gang Uses New Crypter - Scrubcrypt
Fortinet News, March 8th, 2023
Between January and February 2023, FortiGuard Labs observed a payload targeting an exploitable Oracle Weblogic Server in a specific URI.

This payload extracts ScrubCrypt, which obfuscates and encrypts applications and makes them able to dodge security programs. It already has an updated version, and the seller's webpage (Figure 1) guarantees that it can bypass Windows Defender and provide anti-debug and some bypass functions.

We analyzed the malware injected into a victim's system and, as part of our analysis, identified the threat actor as 8220 Gang using collected indicators. This mining group first appeared in 2017. The name '8220' comes from its original use of port 8220 for network communications.

See all Archived Fortinet News articles See all articles from this issue