FortiGuard Threat Report
Supplemental data is available for all categories shown in the report. Simply click on any detection link to display corresponding regional and daily detections. You may view rankings for the supported regions below by clicking on the region of choice. For further information on ranking, please refer to the notes section.Threat Recap - The Past 2 WeeksGo to 6-Hour Threat MonitorReport Archive
Below is a summary of security related events that occurred between December 14, 2011 and December 28, 2011.
2012 Threat Predictions
Android/Foncy emanating and propagating in France
Looking back on 2011, FortiGuard Labs saw a number of landmark developments in the world of network security. Huge botnets such as DNS Changer and Coreflood were permanently taken off line, 64-bit rootkits advanced (TDSS), source code was leaked for the Zeus and SpyEye botnets , and Anonymous hacktivists raised their profile by taking down major banks offline and threatening to go after a critical infrastructure. [..more]
It doesn’t happen that often altogether that mobile malware specifically come from France and propagate in France. It however seems to be the case this time for an Android malware named Foncy – not that there should be any national pride in creating malware. [..more]
Threat Quadrant 1
Spammer Data (Vol.)Spam Rate (%)Spam & Web Report 2
FortiGuard Summary3
Coverage
Microsoft & Adobe Coverage by CVE Severity 4
| Vendor Name | Total | Critical | Important | Moderate | Low |
|---|---|---|---|---|---|
| Adobe | 2 | 1 | 1 | 0 | 0 |
Coverage - AntiVirus / Intrusion Prevention
| Service | # Added | # Modified | # Service Updates | DB Range |
|---|---|---|---|---|
| Antivirus | 131979 | 138348 | 53 | 14.974 - 15.026 |
| Applications & Botnets | 15 | 50 | 5 | 3.122 - 3.126 |
| IPS | 100 | 330 | 5 | 3.122 - 3.126 |
Coverage - AntiSpam / Web Filtering
| Service | # Added | # Modified | # Service Updates | DB Range |
|---|---|---|---|---|
| AS Checksums | 26734 | 11777 | 1959 | 69.43505 - 69.45463 |
| AS IP Reputation | 3269729 | 57340536 | 1275 | 95.38440 - 95.39714 |
| AS URI's | 134629 | 170010 | 1986 | 82.43347 - 82.45332 |
| Webfiltering | 912338 | 24458253 | 652 | 13.56221 - 13.56872 |
Zero-Day Vulnerability Research
There are 32 outstanding vulnerabilities discovered by FortiGuard Labs which still remain in a zero-day state as of this report. Below is a break-down by age of these vulnerabilities since discovery.
Show All
Show All
Solutions
Customers who use Fortinet's FortiGuard Subscription Services should already be protected against the threats outlined in this report with the appropriate configuration parameters in place. Threat activity is compiled by Fortinet's FortiGuard Labs using data gathered from its intelligence systems and FortiGate™ multi-threat security appliances in production worldwide. FortiGuard Subscription Services offer comprehensive security solutions including antivirus, intrusion prevention, Web content filtering and antispam capabilities.
These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats.These updates are delivered to all FortiGate, FortiMail and FortiClient products.
