Latest news with #Fortinet
Daily News Egypt
2 days ago
- Business
- Daily News Egypt
Mideast infrastructure hit by advanced, 2-year cyber-espionage attack: Fortinet
A state-sponsored hacking group conducted a nearly two-year cyber-espionage campaign targeting critical national infrastructure (CNI) in the Middle East, using novel malware to breach and maintain access across both IT and operational technology (OT) networks, according to a new report. The investigation by Fortinet's FortiGuard Labs Incident Response (FGIR) team detailed a persistent intrusion from 2023 to early 2025, which involved sustained espionage and suspected network prepositioning for potential future attacks. During the multi-phase operation, the threat actor gained initial entry using compromised VPN credentials and deployed multiple custom backdoors, including malware identified as HanifNet, HXLibrary, and NeoExpressRAT. The group then bypassed network segmentation using proxy tools such as Ngrok and ReverseSocks5 to move between the organisation's information technology (IT) and operational technology (OT) environments. While the report confirmed no disruption to OT systems, it noted significant reconnaissance activity within these restricted networks. The attackers also targeted virtualisation infrastructure to deepen their access. Even after being removed from the network, the group made repeated attempts to re-establish a foothold by exploiting third-party software and using phishing attacks, signalling a long-term strategic objective. The findings mirror a broader trend detailed in Fortinet's 2024 State of Operational Technology and Cybersecurity Report. According to that report, 73% of OT organisations globally have now experienced cyber intrusions, a significant increase from 49% in 2023. Attacks targeting OT systems specifically also rose to 24%, up from 17% the previous year. This trend has led to a shift in oversight, with 60% of organisations now reporting that responsibility for OT cybersecurity rests at the executive level with the CISO, CIO, or COO. Fortinet's 2025 Global Threat Landscape Report also noted that state-sponsored groups remain highly active, primarily targeting government, technology, and education sectors. The Middle East remains a high-risk region, with Europe, theMiddle East, and Africa (EMEA) accounting for 26% of all recorded global exploitation attempts. The report also linked over 60% of global hacktivist campaigns to geopolitical causes. To defend against such persistent and well-resourced adversaries, FortiGuard Labs recommends that organisations prioritise several key defensive measures. These include enforcing multi-factor authentication (MFA) and regular credential rotation, deploying a zero-trust architecture with network segmentation, and implementing endpoint detection and response (EDR) with behavioural analytics. The report concluded that this investigation highlights the evolving nature of state-backed cyber threats and underscores the growing need for continuous monitoring and adaptive defence strategies to protect critical infrastructure.
Mid East Info
2 days ago
- Business
- Mid East Info
Report: Advanced Cyberattacks Hit Middle East Critical Infrastructure Over Two Years
FortiGuard Labs Uncovers Advanced Espionage Campaign Targeting IT/OT Systems 73% of OT Firms Targeted as Cyberattacks Escalate Across Critical Sectors The FortiGuard Labs' Incident Response (FGIR) team recently investigated a long-term cyber intrusion targeting critical national infrastructure (CNI) in the Middle East. The intrusion, attributed to a state-sponsored threat actor, involved sustained espionage operations and suspected network prepositioning. Over the course of nearly two years, the threat actor deployed novel malware, bypassed network segmentation, and made repeated attempts to maintain access across segmented IT and OT environments. Advanced Malware and Persistent Access: The multi-phase intrusion detailed by FGIR spanned from 2023 to early 2025. The attacker initially gained entry using compromised VPN credentials, then established footholds using multiple custom backdoors including HanifNet, HXLibrary, and NeoExpressRAT. They bypassed segmentation using proxy tools such as Ngrok, ReverseSocks5, and plink, and targeted virtualization infrastructure to deepen access. While no confirmed disruption to OT systems was observed, the report notes significant reconnaissance activity in restricted environments — emphasizing the need for heightened defense across converged IT/OT networks. The operation unfolded across four stages: initial compromise, consolidation of access, adversary response to containment, and attempted re-entry via exploitation of third-party software and phishing attacks. Even after being removed from the network, the threat actor made repeated efforts to re-establish access — signalling a long-term strategic objective. OT Security Faces Escalating Threats: According to Fortinet's 2024 State of Operational Technology and Cybersecurity Report, 73% of OT organizations globally have now experienced cyber intrusions — up from 49% in 2023 — with targeted OT-only attacks also rising from 17% to 24%. This trend mirrors the patterns observed in the latest investigation, where state-linked actors deployed advanced malware, evaded detection, and used phishing and software exploitation to reestablish access after remediation efforts. For this reason, we are seeing responsibility for OT cybersecurity increasingly shifting to the CISO, CIO, and COO, with 60% of organizations reporting executive-level oversight. Regional Threat Activity on the Rise: Fortinet's 2025 Global Threat Landscape Report also confirms that state-sponsored groups remain highly active, targeting government, technology, and education sectors. Interestingly, over 60% of hacktivist campaigns globally were linked to geopolitical causes. The Middle East also remains a high-risk region for cyber activity, with the EMEA region accounting for 26% of recorded global exploitation attempts. Defensive Recommendations: To defend against such persistent and well-resourced adversaries, the FortiGuard team recommends that organizations prioritize the following defensive measures: Enforcing multi-factor authentication (MFA) and regular credential rotation Deploying zero-trust architecture and network segmentation Implementing endpoint detection and response (EDR) and behavioural analytics Conducting regular penetration testing and incident response readiness exercises This investigation highlights the persistent and evolving nature of state-backed cyber threats targeting Middle Eastern CNIs, and a growing need for continuous monitoring, adaptive defense strategies, and coordinated threat intelligence to protect critical infrastructure in the face of sophisticated cyber threats.
Business Insider
3 days ago
- Business
- Business Insider
Rosenblatt Securities Sticks to Their Buy Rating for Fortinet (FTNT)
Rosenblatt Securities analyst Catharine Trebnick maintained a Buy rating on Fortinet (FTNT – Research Report) yesterday and set a price target of $125.00. The company's shares closed yesterday at $102.88. Confident Investing Starts Here: Easily unpack a company's performance with TipRanks' new KPI Data for smart investment decisions Receive undervalued, market resilient stocks right to your inbox with TipRanks' Smart Value Newsletter According to TipRanks, Trebnick is an analyst with an average return of -4.2% and a 44.00% success rate. Trebnick covers the Technology sector, focusing on stocks such as Zoom Video Communications, Zscaler, and NICE. Fortinet has an analyst consensus of Hold, with a price target consensus of $107.41. The company has a one-year high of $114.82 and a one-year low of $54.57. Currently, Fortinet has an average volume of 5.11M.
Techday NZ
3 days ago
- Business
- Techday NZ
Fortinet expands AWS Marketplace suite to boost cloud security
Fortinet has introduced updates to Lacework FortiCNAPP and expanded the availability of several security solutions in the AWS Marketplace, aimed at improving cloud security for organisations operating across hybrid and multi-cloud environments. The latest releases are intended to make it easier for customers to protect their applications, workloads, and data as businesses accelerate their adoption of cloud technologies. Fortinet's expanded presence in AWS Marketplace extends options for procurement and management of its products for Amazon Web Services (AWS) users. Enhanced protection features Fortinet's enhancements to Lacework FortiCNAPP offer reinforced security for cloud-native applications throughout their development and operational lifecycles. Key improvements include real-time CloudTrail alerting, which can now detect critical activities such as compromised credentials or anomalous API behaviour much more quickly by reducing AWS CloudTrail alert latency from 24 hours to under 15 minutes. Other new features include an Explorer (Security Graph) tool, which allows for an interactive visualisation of attack paths and asset relationships, making it more straightforward to identify and investigate threats such as internet-facing vulnerabilities. FortiCNAPP also now supports agentless scanning for Windows workloads across any cloud environment, enabling vulnerability and secret detection without the need to install software. Additional fleet management capabilities provide greater visibility over large-scale deployments including inventory, health, and coverage. Product bundles newly available include options with Dynamic Application Security Testing (DAST), content delivery network (CDN) functionality, and Security Operations Centre as a Service (SoC-as-a-Service), alongside AI-powered zero-day threat detection and remediation. These elements are designed to improve web application and API security. Expanded AWS Marketplace portfolio The company has increased the number of its solutions accessible via AWS Marketplace, allowing customers to acquire and manage Fortinet offerings within their existing cloud procurement workflows and apply AWS Enterprise Discount Program (EDP) commitments. Among the services that are now available are FortiAppSec Cloud, which provides unified web application and API protection (WAAP), FortiMail Workspace Security, which delivers protection across platforms like Microsoft 365 and Google Workspace, FortiNDR Cloud for AI-based threat detection, and FortiSIEM for scalable incident response. Fortinet Incident Response Services have also been added to AWS Marketplace. The services are designed to deliver expert support for AWS customers, integrating with both AWS-native tools and FortiGuard threat intelligence to support a comprehensive approach to incident management and response. Fortinet has achieved the AWS Security Incident Response Specialisation, which recognises the company's ability to deliver streamlined incident response solutions that are supported by AWS security response experts. This reflects Fortinet's strategic emphasis on offering end-to-end security expertise managed through a single vendor and deployment model. "Fortinet is committed to accelerating secure cloud transformation for our customers. By making more of our services available in AWS Marketplace and enhancing leading cloud-native solutions like Lacework FortiCNAPP and FortiAppSec Cloud, we're making it easier than ever for organisations to protect every cloud workload, application, and network edge." That statement was provided by Nirav Shah, Senior Vice President, Products and Solutions, Fortinet. All-in-one approach These launches are part of Fortinet's strategic data to help organisations reduce reliance on isolated point products by offering integrated security capabilities across application, network, and user layers. Consolidating various services—including WAAP, network detection and response (NDR), security information and event management (SIEM), cloud-native application protection platform (CNAPP), and workspace security—aims to give businesses full-stack protection with simplified management, better scalability, and reduced cost. For customers with significant cloud spend commitments seeking investment optimisation, Fortinet's FortiFlex licensing model provides a flexible, daily usage-based approach, supporting rapid deployment and elastic scaling, and allowing customers to only pay for the services that they use. The Fortinet Security Fabric and consulting teams offer proactive risk assessment and incident response, aiming to help AWS customers strengthen their security postures as cloud usage continues to grow.
Hamilton Spectator
3 days ago
- Business
- Hamilton Spectator
Fortinet Strengthens Code-to-Cloud Security with CNAPP Enhancements and Launches Expanded Solution Availability in AWS Marketplace
SUNNYVALE, Calif., June 17, 2025 (GLOBE NEWSWIRE) — News Summary Fortinet ® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced powerful updates to Lacework FortiCNAPP, making it easier than ever for customers to secure applications and workloads across hybrid and multi-cloud environments. The company also announced that the FortiAppSec Cloud service, FortiMail Workspace Security, FortiNDR Cloud, FortiSIEM, and Fortinet Incident Response services are now available in AWS Marketplace, a digital catalog that helps you find, buy, deploy, and manage software, data products, and professional services from thousands of vendors. 'Fortinet is committed to accelerating secure cloud transformation for our customers,' said Nirav Shah, Senior Vice President, Products and Solutions at Fortinet. 'By making more of our services available in AWS Marketplace and enhancing leading cloud-native solutions like Lacework FortiCNAPP and FortiAppSec Cloud, we're making it easier than ever for organizations to protect every cloud workload, application, and network edge.' Delivering Smarter Protection, Faster Response and Remediation Fortinet has enhanced Lacework FortiCNAPP to deliver even stronger protection for cloud-native applications across their entire life cycle. These updates reinforce FortiCNAPP as an industry-leading, cloud-native security platform designed to deliver faster detection, deeper insights, and simplified operations at scale. In addition, Fortinet expands its cloud services for web applications and APIs by introducing new service bundles that include Dynamic Application Security Testing (DAST), CDN, and SoC-as-a-Service, in addition to its AI-powered zero-day threat detection, analysis, and remediation to protect web applications and APIs. Full-Stack Protection Now Available in AWS Marketplace Fortinet has expanded the availability of its cloud security portfolio in AWS Marketplace . This provides Amazon Web Services (AWS) customers with the ability to streamline the purchase and management of more Fortinet offerings within their AWS Marketplace account. By deploying solutions on AWS, Fortinet makes it easier for customers to deploy protection, streamline procurement, and apply AWS Enterprise Discount Program (EDP) commitments. Services now available in AWS Marketplace include: Fortinet has achieved the AWS Security Incident Response Specialization , which recognizes that Fortinet provides a streamlined incident response solution backed by AWS security response experts through AWS Security Incident Response. The capabilities of Fortinet's specialized cloud consulting and FortiGuard Incident Response Services teams help AWS customers strengthen their cloud security posture. Fortinet Incident Response Services are now available in AWS Marketplace, offering expert support backed by deep integration with AWS and the Fortinet Security Fabric. This underscores Fortinet's commitment to supporting customers with end-to-end security expertise—from proactive risk assessments to prompt incident handling—backed by deep integration with AWS-native tools and FortiGuard threat intelligence. A Strategic Shift toward Unified Cloud-Native Security This launch reinforces Fortinet's commitment to simplifying cloud security by consolidating fragmented, non-integrated solutions into a unified cloud security platform. Rather than relying on isolated point products, Fortinet delivers integrated solutions across application, network, and user layers designed to streamline management and scale efficiently in any environment. By unifying capabilities like WAAP, network detection and response (NDR), security information and event management (SIEM), cloud-native application protection platform (CNAPP), and workspace security under a single vendor and deployment model, organizations gain comprehensive cloud protection along with greater speed, cost-efficiency, and operational clarity. For those with cloud spend commitments and desire to optimize their cloud security investments, particularly in dynamic environments, Fortinet FortiFlex offers a flexible, daily usage-based licensing model that supports rapid deployment, elastic scaling, and seamless drawdown of existing cloud commitments, helping organizations protect what they need, when they need it, while only paying for what they use. Additional Resources About Fortinet Fortinet (Nasdaq: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere our customers need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute , one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. Collaboration with esteemed organizations from both the public and private sectors, including Computer Emergency Response Teams ('CERTS'), government entities, and academia, is a fundamental aspect of Fortinet's commitment to enhance cyber resilience globally. FortiGuard Labs , Fortinet's elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at , the Fortinet Blog , and FortiGuard Labs . Copyright © 2025 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, the Fortinet logo, FortiGate, FortiOS, FortiGuard, FortiCare, FortiAnalyzer, FortiManager, FortiASIC, FortiClient, FortiCloud, FortiMail, FortiSandbox, FortiADC, FortiAI, FortiAIOps, FortiAgent, FortiAntenna, FortiAP, FortiAPCam, FortiAuthenticator, FortiCache, FortiCall, FortiCam, FortiCamera, FortiCarrier, FortiCASB, FortiCentral, FortiCNP, FortiConnect, FortiController, FortiConverter, FortiCSPM, FortiCWP, FortiDAST, FortiDB, FortiDDoS, FortiDeceptor, FortiDeploy, FortiDevSec, FortiDLP, FortiEdge, FortiEDR, FortiExplorer, FortiExtender, FortiFirewall, FortiFlex FortiFone, FortiGSLB, FortiGuest, FortiHypervisor, FortiInsight, FortiIsolator, FortiLAN, FortiLink, FortiMonitor, FortiNAC, FortiNDR, FortiPAM, FortiPenTest, FortiPhish, FortiPoint, FortiPolicy, FortiPortal, FortiPresence, FortiProxy, FortiRecon, FortiRecorder, FortiSASE, FortiScanner, FortiSDNConnector, FortiSIEM, FortiSMS, FortiSOAR, FortiSRA, FortiStack, FortiSwitch, FortiTester, FortiToken, FortiTrust, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLM, FortiXDR and Lacework FortiCNAPP. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments.
