Tag: Fortinet Threat Research Blog

See how threat actors have abused Remcos to collect sensitive information from victims and remotely control their computers to perform further malicious acts.        This article has been indexed from Fortinet Threat Research Blog Read the original article: New Campaign…

Read more →

FortiGuard Labs reveals a threat actor spreads Winos4.0, infiltrating gaming apps and targeting the education sector. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Threat Campaign Spreads Winos4.0 Through Game Application

Read more →

A case where an advanced adversary was observed exploiting three vulnerabilities affecting the Ivanti Cloud Services Appliance (CSA). This incident is a prime example of how threat actors chain zero-day vulnerabilities to gain initial access to a victim’s network. Learn…

Read more →

When the GeoServer vulnerability CVE-2024-36401 emerged, the FortiGuard Labs gathered related intelligence. This blog highlights the threat actors and how they exploit and use the vulnerability.        This article has been indexed from Fortinet Threat Research Blog Read the original…

Read more →

FortiGuard Labs has uncovered a fresh threat – Emansrepo stealer, which is distributed via multiple attack chains for months. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Emansrepo Stealer: Multi-Vector Attack…

Read more →

The Underground ransomware has victimized companies in various industries since July 2023. It encrypts files without changing the original file extension. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Ransomware Roundup…

Read more →

Fortinet’s FortiGuard Labs caught a phishing campaign in the wild with a malicious Excel document attached to the phishing email. Get a deep analysis of the campaign and how it delivers a new variant of Snake Keylogger.        This article…

Read more →

A technical analysis of the ongoing ValleyRat multi-stage malware campaign’s diverse techniques and characteristics.        This article has been indexed from Fortinet Threat Research Blog Read the original article: A Deep Dive into a New ValleyRAT Campaign Targeting Chinese Speakers

Read more →

Incident response preparation is not optional. Here are ten activities every organization should consider implementing. Read more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Preparation Is Not Optional: 10 Incident Response Readiness…

Read more →

FortiGuard Lab reveals a malware “PureHVNC”, sold on the cybercrime forum, is spreading through a phishing campaign targeting employees via a python multi-stage loader. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original…

Read more →

The FortiGuard Labs team has identified a malicious PyPI package affecting all platforms where PyPI packages can be installed. This report discusses its potential impacts and emphasizes the importance of diligent security practices in managing software dependencies. Read more.       …

Read more →

The FortiGuard Labs Threat Research team recently observed a number of social media posts commenting on a fraud campaign targeting India Post users. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article:…

Read more →

According to new FortiGuard Labs analysis, this year’s Olympics has been a target for a growing number of cybercriminals. This report provides a comprehensive view of planned attacks, such as third-party breaches, infostealers, phishing, and malware. Read more.        This…

Read more →

According to new FortiGuard Labs analysis, this year’s Olympics has been a target for a growing number of cybercriminals. This report provides a comprehensive view of planned attacks, such as third-party breaches, infostealers, phishing, and malware. Read more.        This…

Read more →

FortiGuard Labs uncovers MerkSpy, a new spyware exploiting CVE-2021-40444 to steal keystrokes and sensitive data. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: MerkSpy: Exploiting CVE-2021-40444 to Infiltrate Systems

Read more →

Cybersecurity threats are increasingly leveraging cloud services to store, distribute, and establish command and control (C2) servers. Over the past month, FortiGuard Labs has been monitoring botnets that have adopted this strategy. Learn more.        This article has been indexed…

Read more →

FortiGuard Labs has uncovered a fresh threat, Fickle stealer, which is distributed via various strategies. Read more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Fickle Stealer Distributed via Multiple Attack Chain

Read more →

Shinra and Limpopo are recent ransomware designed to encrypt files in Windows and VMWare ESXi environments respectively, and they demand payment from victims to decrypt the files.        This article has been indexed from Fortinet Threat Research Blog Read the…

Read more →

A new phishing campaign was recently captured by our FortiGuard Labs that spreads a new Agent Tesla variant targeting Spanish-speaking people. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: New Agent…

Read more →

FortiGuard Labs has recently identified a sophisticated cyberattack involving an Excel file embedded with a VBA macro designed to deploy a DLL file. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article:…

Read more →

FortiGuard Labs analysis of a zEus batch stealer distributed via a crafted Minecraft source pack. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: zEus Stealer Distributed via Crafted Minecraft Source Pack

Read more →

In this report, we examine the cyberthreat landscape in 2H 2023 to identify trends and offer insights on what security professionals should know.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Key Findings…

Read more →

FortiGuard Labs discovered the new botnet “Goldoon” targeting D-Link devices through related vulnerability CVE-2015-2051. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: New “Goldoon” Botnet Targeting D-Link Devices

Read more →

The KageNoHitobito and DoNex are recent ransomware that are financially motivated, demanding payment from victims to decrypt files. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Ransomware Roundup – KageNoHitobito and…

Read more →

FortiGuard Labs unearthed a malicious PyPi package that aims to extract sensitive information from unsuspecting victims. Get an analysis of its origins and propagation methods.        This article has been indexed from Fortinet Threat Research Blog Read the original article:…

Read more →

FortiGuard Labs unveils Moobot, Miroi, AGoent, Gafgyt and more exploiting TP-Link Archer AX21 vulnerability CVE-2023-1389. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Botnets Continue Exploiting CVE-2023-1389 for Wide-Scale Spread

Read more →

FortiGuard Labs has uncovered the Byakugan malware behind a recent malware campaign distributed by malicious PDF files. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Byakugan – The Malware Behind a…

Read more →

The RA World ransomware, which debuted late last year, claims to be holding more than 20 organizations worldwide hostage for financial gain. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Ransomware…

Read more →

ForitGuard Labs uncovers a rat VCURMS weapon and STRRAT in a phishing campaign. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: VCURMS: A Simple and Functional Weapon

Read more →

FortiGuard Labs discovered a new banking Trojan targeting users in Brazil with stealthy tactics. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: New Banking Trojan “CHAVECLOAK” Targets Brazil

Read more →

FortiGuard Labs annual report reviews critical Outbreak Alerts impacting organizations worldwide. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: FortiGuard Labs Outbreak Alerts Annual Report 2023: A Glimpse into the Evolving…

Read more →

FortiGuard Labs highlights the Abyss Locker ransomware group that steals information from victims and encrypts files for financial gain. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Ransomware Roundup – Abyss…

Read more →

FortiGuard investigates a hot new sample of Android/SpyNote, which shows the malware authors stealing crypto currencies from crypto wallets.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Android/SpyNote Moves to Crypto Currencies

Read more →

FortiGuard has identified a grouping of malware droppers used to deliver various final-stage payloads throughout 2023. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: TicTacToe Dropper

Read more →

FortiGuard Labs has uncovered a malware campaign involving a python info-stealer distributed by Excel document. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Python Info-stealer Distributed by Malicious Excel Document

Read more →

The financially motivated Albabat ransomware began distributing as a rogue program in late 2023, and has since evolved. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Ransomware Roundup – Albabat

Read more →

Fortiguard Labs unveils a recent FAUST ransomware attack, a variant of the Phobos family that exploits an Office document and deploys on Windows systems. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original…

Read more →

An info-stealing PyPI malware author was identified discreetly uploading malicious packages. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Info Stealing Packages Hidden in PyPI

Read more →

FortiGuard Labs uncovered a threat group using YouTube channels to spread Private .NET loader for Lumma Stealer 4.0. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Deceptive Cracked Software Spreads Lumma…

Read more →

FortiGuard Labs cover the attack phases of three new PyPI packages that bear a resemblance to the culturestreak PyPI package discovered earlier this year. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original…

Read more →

The 8base ransomware, a variant of Phobos, emerged in May 2023 and has been targeting organizations across various industries globally for financial gain. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article:…

Read more →

FortiGuard Labs has uncovered a fresh threat – the latest generation of Bandook is being distributed via a Spanish PDF file. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Bandook –…

Read more →

FortiGuardLabs discovered a new APT29 campaign which includes TeamCity exploitation and GraphicalProton malware. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793

Read more →

FortiGuard Labs uncovers a sophisticated phishing campaign deploying MrAnon Stealer via fake booking PDF. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: MrAnon Stealer Spreads via Email with Fake Hotel Booking…

Read more →

FortiGuardLabs uncovers the ongoing exploits targeting CVE-2023-46604, with the emergence of a new Golang botnet “GoTitan”. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original article: GoTitan Botnet – Ongoing Exploitation on Apache…

Read more →

FortiGuard Labs exposes the KONNI campaign’s distribution of using a counterfeit Russian military operation document. Read more on the details of the attack chain.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Konni…

Read more →

FortiGuard Labs sheds insights into the operations, tactics, and impact, including a novel technique involving ESXi-based ransomware of an incident involving the Rhysida ransomware group. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the…

Read more →

Learn more about the NoEscape ransomware group, a potential successor to Avaddon, which emerged in May 2023, targeting organizations in various industries for financial gain.        This article has been indexed from Fortinet Threat Research Blog Read the original article:…

Read more →

Read FortiGuard Labs’ latest threat predictions look at the latest attack tactics and techniques organizations might see in 2024 and beyond.        This article has been indexed from Fortinet Threat Research Blog Read the original article: Threat Predictions for 2024:…

Read more →

The Knight ransomware, a successor to the Cyclops ransomware, has been active since August 2023 and employs double-extortion tactics to extort money from victims. Learn more.        This article has been indexed from Fortinet Threat Research Blog Read the original…

Read more →