Tag: Fortinet Threat Research Blog

Discover how FortiSandbox 5.0 detects Dark 101 ransomware, even with sandbox evasion tactics. Learn how advanced behavioral analysis blocks file encryption, system tampering, and ransom note deployment.        This article has been indexed from Fortinet Threat Research Blog Read the…

Read more →

Explore how AI is changing the cat-and-mouse dynamic of cybersecurity, from cracking obfuscation and legacy languages to challenging new malware built with Flutter, Rust, and Delphi.        This article has been indexed from Fortinet Threat Research Blog Read the original…

Read more →

FortiGuard Labs explores how NordDragonScan utilizes an effective distribution network for dissemination. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: NordDragonScan: Quiet Data-Harvester on Windows

Read more →

Threat actor impersonates Colombian government to deliver DCRAT via phishing email, using obfuscation, steganography, and PowerShell payload chains.        This article has been indexed from Fortinet Threat Research Blog Read the original article: DCRAT Impersonating the Colombian Government

Read more →

Explore a detailed technical analysis of a Havoc Remote Access Trojan (RAT) variant used in a targeted cyberattack against Middle East critical national infrastructure. Learn how Fortinet detects and protects against Havoc-based threats.        This article has been indexed from…

Read more →

FortiGuard Labs has uncovered an ongoing cyberattack, targeting companies in Taiwan using phishing emails disguised as tax-related communications. Read more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Threat Group Targets Companies in…

Read more →

Read how a malicious Excel file exploits CVE-2017-0199 to deliver FormBook malware via phishing.        This article has been indexed from Fortinet Threat Research Blog Read the original article: How a Malicious Excel File (CVE-2017-0199) Delivers the FormBook Payload

Read more →

Explore manual deployment of a PE header-corrupted malware in a controlled environment, its C2 communication, and actions performed on a compromised device. Read more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Deep…

Read more →

Learn how the FormBook payload operates on a compromised machine, including the complicated anti-analysis techniques employed by this variant.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Infostealer Malware FormBook Spread via Phishing…

Read more →

The VanHelsing ransomware was first identified in March 2025 and uses TOR sites for ransom negotiations and data leaks. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Ransomware Roundup – VanHelsing

Read more →

FortiGuard Labs observed a phishing campaign “Horabot” resurfacing with a sophisticated multi-stage attack, blending phishing, credential theft, and propagation. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Horabot Unleashed: A Stealthy…

Read more →

FortiGuard Labs observed a phishing campaign “Horabot” resurfacing with a sophisticated multi-stage attack, blending phishing, credential theft, and propagation. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Horabot Unleashed: A Stealthy…

Read more →

FortiGuard Labs highlights a malware campaign’s increasing sophistication of attack methodologies, leveraging the legitimate functionalities of remote administration tools for malicious purposes. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Multilayered…

Read more →

The FortiGuard Incident Response (FGIR) team recently investigated a long-term cyber intrusion targeting critical national infrastructure (CNI) in the Middle East, attributed to an Iranian state-sponsored threat group.        This article has been indexed from Fortinet Threat Research Blog Read…

Read more →

Read into how the adversary advantage is accelerating, which means organizations must change how they measure and manage risk.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Key Takeaways from the 2025 Global…

Read more →

Read into how the adversary advantage is accelerating, which means organizations must change how they measure and manage risk.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Key Takeaways from the 2025 Global…

Read more →

Get an overview on how the CVE-2025-1974 works, a proof-of-concept demo of the exploit, along with outlined mitigations and detection strategies.        This article has been indexed from Fortinet Threat Research Blog Read the original article: IngressNightmare: Understanding CVE‑2025‑1974 in…

Read more →

Get an overview on how the CVE-2025-1974 works, a proof-of-concept demo of the exploit, along with outlined mitigations and detection strategies.        This article has been indexed from Fortinet Threat Research Blog Read the original article: IngressNightmare: Understanding CVE‑2025‑1974 in…

Read more →

FortiGuard Labs observed a phishing campaign in the wild that delivered a malicious Word document as an attachment. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Infostealer Malware FormBook Spread via…

Read more →

FortiGuard Labs recently discovered a new botnet propagating through TOTOLINK devices. Learn more about this malware targeting these devices.        This article has been indexed from Fortinet Threat Research Blog Read the original article: New Rust Botnet “RustoBot” is Routed…

Read more →