Tag: Fortinet Threat Research Blog

ForitGuard Lab reveals a modified Havoc deployed by a ClickFix phishing campaign. The threat actor hides each stage behind SharePoint and also uses it as a C2. Learn more.        This article has been indexed from Fortinet Threat Research Blog…

Read more →

FortiGuard Labs uncovers an attack targeting companies in Taiwan with WinOS4.0 that spreads via official email impersonation. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Winos 4.0 Spreads via Impersonation of…

Read more →

Explore how FortiSandbox 5.0 detected this malware, the behavioral indicators it leveraged for identification, and Snake Keylogger’s technique to evade detection and analysis.        This article has been indexed from Fortinet Threat Research Blog Read the original article: FortiSandbox 5.0…

Read more →

Explore how FortiSandbox 5.0 detected this malware, the behavioral indicators it leveraged for identification, and Snake Keylogger’s technique to evade detection and analysis.        This article has been indexed from Fortinet Threat Research Blog Read the original article: FortiSandbox 5.0…

Read more →

Get insights into the Lynx ransomware, which is considered the successor to the INC ransomware. This double-extortion ransomware has threatened more than 90 organizations worldwide, including those in the healthcare and energy sectors. Learn more.        This article has been…

Read more →

FortiGuard Labs reverse engineers a malware’s binaries to look into what the malware is actually doing.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Analyzing ELF/Sshdinjector.A!tr with a Human and Artificial Analyst

Read more →

FortiGuard Labs reverse engineers a malware’s binaries to look into what the malware is actually doing.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Analyzing ELF/Sshdinjector.A!tr with a Human and Artificial Analyst

Read more →

FortiGuard Labs observes a threat actor using a LNK file to deploy Coyote attacks, unleashing malicious payloads and escalating the risk to financial cybersecurity.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Coyote…

Read more →

An in-depth analysis of how a remote attacker deployed a rootkit and a user-space binary file by executing a shell script.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Deep Dive Into a…

Read more →

An example of a recent phishing attempt and how to spot the obvious phishing tell-tales.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Phish-free PayPal Phishing

Read more →

Get detailed tactics associated with EC2 Grouper and how Lacework FortiCNAPP can be leveraged to detect this threat.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Catching “EC2 Grouper”- no indicators required!

Read more →

FortiGuard Labs recently noticed that attackers still use and deliver two different botnets via D-Link exposing a HNAP interface weakness. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Botnets Continue to…

Read more →

In this FortiGuard analysis, we examine the Python scripts behind two malicious packages, outline their behaviors, and provide insights into their potential impact.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Analyzing Malicious…

Read more →

FortiGuard Labs has uncovered an attack targeting companies in Taiwan with SmokeLoader, which performs its attack with plugins this time. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: SmokeLoader Attack Targets…

Read more →

Fortinet contributes to major INTERPOL and AFRIPOL cybercrime operations arrests of members of cybercrime groups operating across Africa. These individuals specialize in ransomware, digital extortion, online scams, and Business Email Compromise (BEC) attacks.        This article has been indexed from…

Read more →

See how threat actors have abused Remcos to collect sensitive information from victims and remotely control their computers to perform further malicious acts.        This article has been indexed from Fortinet Threat Research Blog Read the original article: New Campaign…

Read more →

FortiGuard Labs reveals a threat actor spreads Winos4.0, infiltrating gaming apps and targeting the education sector. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Threat Campaign Spreads Winos4.0 Through Game Application

Read more →

A case where an advanced adversary was observed exploiting three vulnerabilities affecting the Ivanti Cloud Services Appliance (CSA). This incident is a prime example of how threat actors chain zero-day vulnerabilities to gain initial access to a victim’s network. Learn…

Read more →

When the GeoServer vulnerability CVE-2024-36401 emerged, the FortiGuard Labs gathered related intelligence. This blog highlights the threat actors and how they exploit and use the vulnerability.        This article has been indexed from Fortinet Threat Research Blog Read the original…

Read more →

FortiGuard Labs has uncovered a fresh threat – Emansrepo stealer, which is distributed via multiple attack chains for months. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Emansrepo Stealer: Multi-Vector Attack…

Read more →