All news with #fortinet tag

Fortinet Named Gartner Customers’ Choice for WAAP 2025

🔒 Fortinet has been named a Gartner Peer Insights Customers’ Choice for Cloud WAAP in 2025, reflecting verified customer satisfaction with a 4.8/5 rating and a 99% recommendation rate across 79 reviews. The accolade highlights FortiAppSec Cloud, a unified WAAP platform that integrates WAF, API protection, bot management, DDoS mitigation, CDN acceleration, and AI-driven automation. Customers emphasize rapid onboarding, reliable performance, and strong vendor support.

Chaos Ransomware Evolves: Faster, Smarter, More Destructive

⚠️ Chaos-C++ is a resurfaced C++ ransomware strain identified in 2025 that combines fast AES encryption, deliberate deletion of very large files, and a clipboard-hijacking capability to steal cryptocurrency payments. It employs a stealthy downloader that masquerades as a system optimizer, uses Windows CryptoAPI where available and a weaker XOR fallback otherwise, and appends a .chaos extension to affected files. Victims also see destructive post-infection commands that remove shadow copies and hinder recovery, and ForsGuard detections are available for protection.

AI-Powered Cloud Alert Investigation with FortiCNAPP

🔎 FortiCNAPP consolidates related cloud signals into composite alerts, reducing noise and prioritizing high-confidence incidents so SOC teams can focus on what matters. Its Observation Timeline sequences logins, API calls, commands, and network traffic into a single, evidence-backed storyline. An AI Alert Assistant supports natural-language queries and returns structured answers, visual relationships, and prioritized remediation steps to accelerate containment and help junior analysts act confidently.

AI and Cybersecurity: Fortinet and NTT DATA Webinar

🔒 In a joint webinar, Fortinet and NTT DATA outlined practical approaches to deploying and securing AI across enterprise environments. Fortinet described its three AI pillars—FortiAI‑Protect, FortiAI‑Assist, and FortiAI‑SecureAI—focused on detection, operational assistance, and protecting AI assets. NTT DATA emphasized governance, runtime protections, and an "agentic factory" to scale pilots into production. The presenters stressed the need for visibility into shadow AI and controls such as DLP and zero‑trust access to prevent data leakage.

Phishing and Patching: Cyber Basics Still Critical

🔐 Fortinet’s 2025 Global Threat Landscape Report underscores that two fundamentals — protecting against phishing and keeping software up to date — remain the most effective defenses. Attackers are scaling campaigns with automation and generative AI to produce more convincing messages, and they combine email, SMS, and voice techniques to raise success rates. Organizations should strengthen employee training, deploy MFA, and adopt centralized or automated patch management to reduce exposure and limit lateral movement.

Accelerating Customers' Journey from SD-WAN to SASE

🔒 Fortinet explains how partners can guide customers from secure SD-WAN to a full Unified SASE platform to address hybrid work, multi-cloud adoption, and rising cyberthreats. The article emphasizes that Secure SD-WAN is an on-ramp to SASE because it is natively integrated into Fortinet's SASE architecture, enabling expansion without replacing existing deployments. It outlines operational benefits, market growth projections, and partner opportunities around differentiated services, consolidated policy management, and simplified licensing.

Researchers Expose SVG and PureRAT Phishing Threats

📧 Fortinet FortiGuard Labs and other researchers detailed phishing campaigns that weaponize malicious SVG attachments to initiate downloads of password-protected ZIP archives and Compiled HTML Help (CHM) files. Those CHM files activate loader chains that deliver CountLoader as a distribution stage for Amatera Stealer and the stealthy .NET miner PureMiner, both run filelessly via .NET AOT and memory-loading techniques. Separately, Huntress attributes a Vietnamese-speaking operator using copyright-themed lures that escalate from PXA Stealer to the modular backdoor PureRAT.

Chinese State-Linked RedNovember Targets Global Org

🛰️ Recorded Future has attributed a widespread cyber-espionage cluster to a Chinese state-sponsored actor it has named RedNovember, which overlaps with Microsoft's Storm-2077. From June 2024 to July 2025 the group targeted internet-facing perimeter appliances and used a mix of open-source and commercial tooling — notably Pantegana, Spark RAT and Cobalt Strike — to gain persistent access across government and private-sector networks worldwide. Attacks exploited known CVEs in VPNs, firewalls and other security appliances and leveraged a Go-based loader derived from LESLIELOADER, while administration infrastructure relied on VPN services such as ExpressVPN and Warp.

Fortinet Veterans Program Enables Cybersecurity Careers

🔐 Fortinet’s Veterans Program, in partnership with VetSec, provides veterans and spouses free access to training, hands-on labs, and certification vouchers to accelerate entry into cybersecurity. Participants progress from foundational courses through associate-level credentials, including structured offerings such as the Networking Fundamentals Bootcamp. Graduates like Jeramiah Poff and Derek Zobler reported direct job placements—roles ranging from security architect to cyberthreat hunter—demonstrating measurable workforce impact.

Fortinet Highlights Unified SASE at 4th Annual Summit

🔒 Fortinet’s 4th Annual SASE Summit reinforced that unifying networking and security is now a strategic requirement for cloud and hybrid work environments. Analysts from Gartner, Fortinet executives, and customers shared lessons on consolidation, AI-driven operations, and sovereign SASE. Demos highlighted FortiAI-Assist for automated remediation and DEM for end-to-end experience monitoring. Attendees saw real-world results from customers who replaced fragile VPNs with a single-platform Unified SASE approach.

Data Loss Rises Despite Increased Security Spending

🔒 The 2025 Data Security Report from Fortinet and Cybersecurity Insiders finds that data loss is increasing even as organizations shift to programmatic approaches and boost budgets for insider risk and data protection. Legacy DLP tools, designed for perimeter-era environments, lack visibility into employee interactions across SaaS, cloud, and generative AI, and they fail to provide the context needed to separate accidents from real threats. The report urges adoption of behavior-aware, unified platforms—such as FortiDLP integrated with identity and activity telemetry—to turn alerts into actionable risk narratives and reduce costly insider incidents.

FortiCNAPP Named Leader in Three KuppingerCole Categories

🚀 FortiCNAPP has been named a Leader in three categories in the 2025 KuppingerCole Compass for CNAPP: Overall Leadership, Market Leadership, and Innovation Leadership. The recognition emphasizes FortiCNAPP’s ability to reduce tool sprawl, improve visibility into cloud risk, and accelerate remediation. Customers cite rapid, intuitive deployment, agentless scanning, AI-driven analytics, and tight integration with the Fortinet Security Fabric as key benefits.

Why Hybrid Mesh Firewalls Are the Future — Fortinet

🛡️ Fortinet argues that hybrid mesh firewalls (HMF) are now the baseline for modern enterprise security, unifying hardware, virtual, cloud-native and FWaaS instances under a centralized management plane. The post highlights FortiGate appliances running a single OS (FortiOS) and custom ASICs as the foundation for consistent policy, high-performance inspection, and fabric-wide telemetry. It frames HMF as essential for SASE integration and scalable, consistent enforcement across clouds, branches and data centers.

Partner-built AI Security Innovations on Google Cloud

🔒 Google Cloud and its partners announced a range of partner-built AI security solutions now available in the Google Cloud Marketplace. These integrations embed Gemini and Vertex AI into partner products — including CrowdStrike, Palo Alto Networks, Fortinet, and others — to protect models, data, applications, and agents. The collaborations emphasize automated detection, incident response, DLP, identity protection, and agent monitoring to reduce mean time to detect and respond, helping customers adopt AI securely.

Fortinet Adds AI Assistant and Client-Side WAAP Protection

🤖 Fortinet has integrated its virtual AI assistant, FortiAI-Assist, into its web application security offerings, including appliance and virtual FortiWeb and the FortiAppSec Cloud WAAP service. The update also adds integrated client-side protection to monitor payment-page scripts for PCI DSS 4.0 compliance. These features aim to simplify operations, speed threat triage and remediation, and reduce false positives and analyst workload. FortiAppSec Cloud is available through major public cloud marketplaces.

Fortinet + AI: Next‑Gen Cloud Security and Protection

🔐 AI adoption in the cloud is accelerating, reshaping workloads and expanding attack surfaces while introducing new risks such as prompt injection, model manipulation, and data exfiltration. Fortinet recommends a layered defense built into the Fortinet Security Fabric, combining zero trust, segmentation, web/API protection, and cloud-native posture controls to secure AI infrastructure. Complementing those controls, AI-driven operations and correlation — exemplified by Gemini 2.5 Pro integrations — filter noise, correlate cross-platform logs, and surface prioritized, actionable recommendations. Together these measures reduce mean time to detect and respond and help contain threats before they spread.

New Malware Campaigns: MostereRAT and ClickFix Risks

🔒 Researchers disclosed linked phishing campaigns delivering a banking malware-turned-RAT called MostereRAT and a ClickFix-style chain distributing MetaStealer. Attackers use an obscure Easy Programming Language (EPL), mutual TLS for C2, and techniques to disable Windows security and run as TrustedInstaller to evade detection. One campaign drops remote-access tools like AnyDesk and VNC variants; another uses fake Cloudflare Turnstile pages, LNK tricks, and a prompt overdose method to manipulate AI summarizers.

MostereRAT Targets Windows with Layered Stealth Tactics

🔒 FortiGuard Labs has uncovered MostereRAT, a Remote Access Trojan targeting Microsoft Windows that uses layered evasion and persistence techniques. Written in Easy Programming Language, the malware deploys a multi-stage chain, uses mutual TLS for C2 communication, and can disable Windows Update and antivirus processes. The campaign, aimed largely at Japanese users, begins with phishing emails that lead to a malicious Word download and installs services running at SYSTEM-level, while deploying remote access tools such as AnyDesk and TightVNC.

MostereRAT Campaign Uses EPL, mTLS, and Legitimate RATs

🛡️ FortiGuard Labs identified a sophisticated phishing campaign that chains an Easy Programming Language (EPL) runtime with multi-stage payloads to deploy MostereRAT. The initial dropper, based on a wxWidgets sample, creates SYSTEM services and decrypts modules that run in memory while presenting social‑engineering prompts. Operators use mTLS‑protected C2 channels, disable and block security tooling via WFP filters, and install legitimate remote access tools such as AnyDesk and TightVNC to secure covert, persistent full access.

Architecture Advantage: Fortinet's Hybrid Security Platform

🔒 Fortinet argues its long-standing, architecture-first approach uniquely positions it to address hybrid enterprise security without the operational overhead of cobbled-together point products. The company highlights early investments in AI, purpose-built ASICs, and a unified FortiOS to deliver integrated networking, SASE, SOC automation, and OT protection. Customers and Gartner Peer Insights recognition are cited as validation of lower total cost of ownership and simpler, high-performance operations.