FortiGuard Labs analysis of a zEus batch stealer distributed via a crafted Minecraft source pack. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: zEus Stealer Distributed via Crafted Minecraft Source Pack
Category: Fortinet Threat Research Blog
Key Findings from the 2H 2023 FortiGuard Labs Threat Report
In this report, we examine the cyberthreat landscape in 2H 2023 to identify trends and offer insights on what security professionals should know. This article has been indexed from Fortinet Threat Research Blog Read the original article: Key Findings…
New “Goldoon” Botnet Targeting D-Link Devices
FortiGuard Labs discovered the new botnet “Goldoon” targeting D-Link devices through related vulnerability CVE-2015-2051. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: New “Goldoon” Botnet Targeting D-Link Devices
Ransomware Roundup – KageNoHitobito and DoNex
The KageNoHitobito and DoNex are recent ransomware that are financially motivated, demanding payment from victims to decrypt files. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: Ransomware Roundup – KageNoHitobito and…
Unraveling Cyber Threats: Insights from Code Analysis
FortiGuard Labs unearthed a malicious PyPi package that aims to extract sensitive information from unsuspecting victims. Get an analysis of its origins and propagation methods. This article has been indexed from Fortinet Threat Research Blog Read the original article:…
Botnets Continue Exploiting CVE-2023-1389 for Wide-Scale Spread
FortiGuard Labs unveils Moobot, Miroi, AGoent, Gafgyt and more exploiting TP-Link Archer AX21 vulnerability CVE-2023-1389. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: Botnets Continue Exploiting CVE-2023-1389 for Wide-Scale Spread
ScrubCrypt Deploys VenomRAT with an Arsenal of Plugins
Byakugan – The Malware Behind a Phishing Attack
FortiGuard Labs has uncovered the Byakugan malware behind a recent malware campaign distributed by malicious PDF files. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: Byakugan – The Malware Behind a…
Ransomware Roundup – RA World
The RA World ransomware, which debuted late last year, claims to be holding more than 20 organizations worldwide hostage for financial gain. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: Ransomware…
VCURMS: A Simple and Functional Weapon
ForitGuard Labs uncovers a rat VCURMS weapon and STRRAT in a phishing campaign. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: VCURMS: A Simple and Functional Weapon
New Banking Trojan “CHAVECLOAK” Targets Brazil
FortiGuard Labs discovered a new banking Trojan targeting users in Brazil with stealthy tactics. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: New Banking Trojan “CHAVECLOAK” Targets Brazil
FortiGuard Labs Outbreak Alerts Annual Report 2023: A Glimpse into the Evolving Threat Landscape
FortiGuard Labs annual report reviews critical Outbreak Alerts impacting organizations worldwide. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: FortiGuard Labs Outbreak Alerts Annual Report 2023: A Glimpse into the Evolving…
Ransomware Roundup – Abyss Locker
FortiGuard Labs highlights the Abyss Locker ransomware group that steals information from victims and encrypts files for financial gain. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: Ransomware Roundup – Abyss…
Android/SpyNote Moves to Crypto Currencies
FortiGuard investigates a hot new sample of Android/SpyNote, which shows the malware authors stealing crypto currencies from crypto wallets. This article has been indexed from Fortinet Threat Research Blog Read the original article: Android/SpyNote Moves to Crypto Currencies
TicTacToe Dropper
FortiGuard has identified a grouping of malware droppers used to deliver various final-stage payloads throughout 2023. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: TicTacToe Dropper
Python Info-stealer Distributed by Malicious Excel Document
FortiGuard Labs has uncovered a malware campaign involving a python info-stealer distributed by Excel document. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: Python Info-stealer Distributed by Malicious Excel Document
Ransomware Roundup – Albabat
The financially motivated Albabat ransomware began distributing as a rogue program in late 2023, and has since evolved. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: Ransomware Roundup – Albabat
Another Phobos Ransomware Variant Launches Attack – FAUST
Fortiguard Labs unveils a recent FAUST ransomware attack, a variant of the Phobos family that exploits an Office document and deploys on Windows systems. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original…
Info Stealing Packages Hidden in PyPI
An info-stealing PyPI malware author was identified discreetly uploading malicious packages. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: Info Stealing Packages Hidden in PyPI
Deceptive Cracked Software Spreads Lumma Variant on YouTube
FortiGuard Labs uncovered a threat group using YouTube channels to spread Private .NET loader for Lumma Stealer 4.0. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: Deceptive Cracked Software Spreads Lumma…
Three New Malicious PyPI Packages Deploy CoinMiner on Linux Devices
FortiGuard Labs cover the attack phases of three new PyPI packages that bear a resemblance to the culturestreak PyPI package discovered earlier this year. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original…
Ransomware Roundup – 8base
The 8base ransomware, a variant of Phobos, emerged in May 2023 and has been targeting organizations across various industries globally for financial gain. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article:…
Bandook – A Persistent Threat That Keeps Evolving
FortiGuard Labs has uncovered a fresh threat – the latest generation of Bandook is being distributed via a Spanish PDF file. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: Bandook –…
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793
FortiGuardLabs discovered a new APT29 campaign which includes TeamCity exploitation and GraphicalProton malware. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793
MrAnon Stealer Spreads via Email with Fake Hotel Booking PDF
FortiGuard Labs uncovers a sophisticated phishing campaign deploying MrAnon Stealer via fake booking PDF. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: MrAnon Stealer Spreads via Email with Fake Hotel Booking…
GoTitan Botnet – Ongoing Exploitation on Apache ActiveMQ
FortiGuardLabs uncovers the ongoing exploits targeting CVE-2023-46604, with the emergence of a new Golang botnet “GoTitan”. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: GoTitan Botnet – Ongoing Exploitation on Apache…
Konni Campaign Distributed Via Malicious Document
FortiGuard Labs exposes the KONNI campaign’s distribution of using a counterfeit Russian military operation document. Read more on the details of the attack chain. This article has been indexed from Fortinet Threat Research Blog Read the original article: Konni…
Investigating the New Rhysida Ransomware
FortiGuard Labs sheds insights into the operations, tactics, and impact, including a novel technique involving ESXi-based ransomware of an incident involving the Rhysida ransomware group. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the…
Ransomware Roundup – NoEscape
Learn more about the NoEscape ransomware group, a potential successor to Avaddon, which emerged in May 2023, targeting organizations in various industries for financial gain. This article has been indexed from Fortinet Threat Research Blog Read the original article:…
Threat Predictions for 2024: Chained AI and CaaS Operations Give Attackers More “Easy” Buttons Than Ever
Read FortiGuard Labs’ latest threat predictions look at the latest attack tactics and techniques organizations might see in 2024 and beyond. This article has been indexed from Fortinet Threat Research Blog Read the original article: Threat Predictions for 2024:…
Ransomware Roundup – Knight
The Knight ransomware, a successor to the Cyclops ransomware, has been active since August 2023 and employs double-extortion tactics to extort money from victims. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original…
Another InfoStealer Enters the Field, ExelaStealer
< div> FortiGuard Labs analyzes ExelaStealer, a relatively new, open-source InfoStealer. Written in Python, and capable of stealing sensitive information from users.
Ransomware Roundup – Akira
< div> Akira is a relatively new multi-OS ransomware that encrypts and exfiltrates victims’ files and demands ransom for file decryption. Learn more.
IZ1H9 Campaign Enhances Its Arsenal with Scores of Exploits
FortiGuard Labs unmasks IZ1H9 and explores the aggressive exploits in the Mirai-Based DDoS Campaign. Learn more.
Malicious Packages Hidden in NPM
FortiGuard Labs investigates several malicious packages hidden in NPM and provides an overview of these packages, grouping them on similar styles of code or functions. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the…
Threat Actors Exploit the Tensions Between Azerbaijan and Armenia
Threat actors are using geopolitical issues between Azerbaijan and Armenia to deliver stealth malware This article has been indexed from Fortinet Threat Research Blog Read the original article: Threat Actors Exploit the Tensions Between Azerbaijan and Armenia