FortiGuard IR uncovers forensic insights in Windows AutoLogger-Diagtrack-Listener.etl, a telemetry artefact with untapped investigative value. This article has been indexed from FortiGuard Labs Threat Research Read the original article: Uncovering Hidden Forensic Evidence in Windows: The Mystery of AutoLogger-Diagtrack-Listener.etl
Category: FortiGuard Labs Threat Research
UDPGangster Campaigns Target Multiple Countries
FortiGuard Labs uncovers UDPGangster campaigns linked to MuddyWater, using macro-laden phishing lures, evasion techniques, and UDP backdoors to target multiple countries This article has been indexed from FortiGuard Labs Threat Research Read the original article: UDPGangster Campaigns Target Multiple…
New eBPF Filters for Symbiote and BPFdoor Malware
FortiGuard Labs discovered new Symbiote and BPFDoor variants exploiting eBPF filters to enhance stealth through IPv6 support, UDP traffic, and dynamic port hopping for covert C2 communication. This article has been indexed from FortiGuard Labs Threat Research Read the…
ShadowV2 Casts a Shadow Over IoT Devices | FortiGuard Lab
ShadowV2, a new Mirai-based botnet targeting IoT devices, surfaced during the recent AWS outage. FortiGuard Labs examines its propagation, DDoS capabilities, and global footprint. This article has been indexed from FortiGuard Labs Threat Research Read the original article: ShadowV2…
Cyberthreats Targeting the 2025 Holiday Season: What CISOs Need to Know
Cybercriminal activity is surging ahead of the 2025 holiday season. Deceptive domains, stolen accounts, and e-commerce attacks are accelerating. Here’s what leaders need to know. This article has been indexed from FortiGuard Labs Threat Research Read the original article:…
Cloud Abuse at Scale
FortiGuard Labs analyzes TruffleNet, a large-scale campaign abusing AWS SES with stolen credentials and linked to Business Email Compromise (BEC). This article has been indexed from FortiGuard Labs Threat Research Read the original article: Cloud Abuse at Scale
Stolen Credentials and Valid Account Abuse Remain Integral to Financially Motivated Intrusions
FortiGuard IR analysis of H1 2025 shows financially motivated actors increasingly abusing valid accounts and legitimate remote access tools to bypass detection, emphasizing the need for identity-centric defenses. This article has been indexed from FortiGuard Labs Threat Research Read…