Category: FortiGuard Labs Threat Research

An in-depth analysis of an Interlock ransomware intrusion, detailing new malware tooling, defense evasion techniques, and high-ROI detection strategies.        This article has been indexed from FortiGuard Labs Threat Research Read the original article: Interlock Ransomware: New Techniques, Same Old…

Read more →

FortiGuard Labs analyzes EncystPHP, a stealthy web shell exploiting CVE-2025-64328 in FreePBX environments to enable remote command execution, persistence, and long-term system compromise        This article has been indexed from FortiGuard Labs Threat Research Read the original article: Unveiling the…

Read more →

FortiGuard Labs analysis of a multi-stage Windows malware campaign that abuses trusted platforms to disable defenses, deploy RATs, and deliver ransomware.        This article has been indexed from FortiGuard Labs Threat Research Read the original article: Inside a Multi-Stage Windows…

Read more →

FortiGuard Labs analyzes a phishing campaign delivering a fileless Remcos RAT via malicious Word templates, CVE-2017-11882 exploitation, and in-memory execution.        This article has been indexed from FortiGuard Labs Threat Research Read the original article: New Remcos Campaign Distributed Through…

Read more →

FortiGuard IR uncovers forensic insights in Windows AutoLogger-Diagtrack-Listener.etl, a telemetry artefact with untapped investigative value.        This article has been indexed from FortiGuard Labs Threat Research Read the original article: Uncovering Hidden Forensic Evidence in Windows: The Mystery of AutoLogger-Diagtrack-Listener.etl

Read more →

FortiGuard Labs uncovers UDPGangster campaigns linked to MuddyWater, using macro-laden phishing lures, evasion techniques, and UDP backdoors to target multiple countries        This article has been indexed from FortiGuard Labs Threat Research Read the original article: UDPGangster Campaigns Target Multiple…

Read more →

FortiGuard Labs discovered new Symbiote and BPFDoor variants exploiting eBPF filters to enhance stealth through IPv6 support, UDP traffic, and dynamic port hopping for covert C2 communication.        This article has been indexed from FortiGuard Labs Threat Research Read the…

Read more →

ShadowV2, a new Mirai-based botnet targeting IoT devices, surfaced during the recent AWS outage. FortiGuard Labs examines its propagation, DDoS capabilities, and global footprint.        This article has been indexed from FortiGuard Labs Threat Research Read the original article: ShadowV2…

Read more →

Cybercriminal activity is surging ahead of the 2025 holiday season. Deceptive domains, stolen accounts, and e-commerce attacks are accelerating. Here’s what leaders need to know.        This article has been indexed from FortiGuard Labs Threat Research Read the original article:…

Read more →

FortiGuard Labs analyzes TruffleNet, a large-scale campaign abusing AWS SES with stolen credentials and linked to Business Email Compromise (BEC).        This article has been indexed from FortiGuard Labs Threat Research Read the original article: Cloud Abuse at Scale

Read more →

FortiGuard IR analysis of H1 2025 shows financially motivated actors increasingly abusing valid accounts and legitimate remote access tools to bypass detection, emphasizing the need for identity-centric defenses.        This article has been indexed from FortiGuard Labs Threat Research Read…

Read more →