Fake Indian Income Tax Calculator Delivers xRAT Variant

A FortiGuard Labs Breaking Threat Report Tax-themed phishing and malware attacks rise during the tax filing season. FortiGuard Labs recently came upon an interesting Excel file claiming to provide an income tax calculator that purports to be from India’s Income Tax Department. It’s not. Instead, it’s a malicious file containing Continue Reading

New Ursnif Variant Spreading by Word Document

Breaking FortiGuard Labs Threat Research  NOTE: This threat is actively spreading. During my analysis, which started with just a few samples, the volume of captured samples and the number of triggers this new variant set off in our global network of sensors kept growing. Because of this, we highly recommend Continue Reading

BianLian: A New Wave Emerges

FortiGuard Labs Breaking Threat Research Recently, during our daily malware analysis routine, members of the FortiGuard Labs team encountered an Android sample that did not look familiar.  Analysis At a first look, it seemed clear that the APK was heavily obfuscated, and was possibly packed using some technique we had Continue Reading

A Deep Dive into the Emotet Malware

Emotet is a trojan that is primarily spread through spam emails. During its lifecycle, it has gone through a few iterations. Early versions were delivered as a malicious JavaScript file. Later versions evolved to use macro-enabled Office documents to retrieve a malicious payload from a C2 server. FortiGuard Labs has Continue Reading

Fresh KDE snaps for February 2019

During February 2019 we celebrated another fine Plasma release with our friends at KDE by showcasing a month of KDE snaps on the Snapcraft Twitter and other social accounts. The KDE developers have done amazing work to create an SDK that simplifies making snaps of KDE applications and they also Continue Reading

Securing the Widening Attack Surface of Healthcare Today

During the week of February 11, Fortinet will be at the HIMSS19 Global Event in Orlando, a large gathering focused on healthcare. The security challenges within this industry are certainly unique, and I have some thoughts I would like to share.    The Problem of Data Medical patient records are at Continue Reading

cPanel TSR-2017-0004 Full Disclosure

cPanel TSR-2017-0004 Full Disclosure SEC-263 Summary Stored XSS during WHM cPAddons install. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 3.9 CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N Description It was possible for an attacker to actively inject HTML into the WHM cPAddons screen during a moderated install. Credits This issue was discovered Continue Reading

Google Chromebook Security: At The Forefront of Education Discussions

During a 2015 event at the Northwestern Institute for Policy Research, participating panelists discussed the digital revolution and the classroom’s exposure to it. At the time, school districts had begun to adopt 1:1 policies, where each student would have access to laptops or tablets. Google was at the forefront of Continue Reading

Zimbra Universal UI – Public Beta

During our first COMMIT, a Zimbra tech and developer event, we presented the new Universal UI: a re-designed user interface for Zimbra Collaboration that includes modern standards and improves the user experience. Try the new Universal UI – Cloud Based You can try it today without install anything! Click the Continue Reading

Watch Out For Fake Online Gaming Sites And Their Malicious Executables

Every year during holiday seasons, the number of phishing websites increases. This is particularly true for online gaming distribution platforms. In some cases, users not only have their login credentials stolen, but they also end up downloading and executing malicious executables. As expected, the more popular a platform is, the Continue Reading

>