The Gamaredon Group: A TTP Profile Analysis

A FortiGuard Labs Threat Analysis FortiGuard Labs recently discovered a fresh malicious campaign being run by the Gamaredon Group possibly targeting Ukrainian law enforcement and government agencies. We decided to provide an analysis of the current campaign, particularly focusing on the tools and methods used by these malicious actors to Continue Reading

Cybersecurity Integration: A Q&A with Fortinet’s Phil Quade

Fortinet’s CISO, Phil Quade, recently sat down for an interview with Dan Woods from Early Adopter Research to discuss top of mind trends for CISOs today. Here are a few brief edited excerpts. Click here to read or listen to the entire interview. You have next generation firewalls, which is Continue Reading

Analysis of a New HawkEye Variant

Threat Analysis by FortiGuard Labs Background FortiGuard Labs recently captured a malware being spread by a phishing email. After a quick analysis, I discovered that it was a new variant of the HawkEye malware. HawkEye is known as a keylogger and an application credential stealing malware. Over past few years, Continue Reading

Security-Driven Networking, SD-WAN, and the New Edge: A Q&A with John Maddison

Fortinet’s John Maddison, EVP of Products and Solutions, recently sat down for an interview with Dan Woods from Early Adopter Research to discuss what is top of mind for CISOs and security leaders. They discussed three topics: SD-WAN, security-driven networking, and the arrival of the edge. Here are a few Continue Reading

New Stealth Worker Campaign Creates a Multi-platform Army of Brute Forcers

A Threat Analysis Report from FortiGuard Labs FortiGuard Labs recently discovered a new campaign of StealthWorker malware, also called GoBrut, that was first reported by Malwarebytes just a few days ago. This malware is written in Golang. Although uncommonly seen being used by malware, it is the same programming language Continue Reading

WordPress WooCommerce XSS Vulnerability – Hijacking a Customer Account with a Crafted Image

Overview The FortiGuard Labs team recently discovered a Cross-Site Scripting (XSS) vulnerability in WooCommerce. WooCommerce is an open-source eCommerce platform built on WordPress. According to BuiltWith statistics, WooCommerce is the No. 1 eCommerce platform, owning 22% of global market share in 2018. This XSS vulnerability (CVE-2019-9168) exists in the zoom Continue Reading

Block Incoming Connections by Country with MDaemon’s New Location Screening Feature

Block connections by country with Location Screening As I announced recently in this post, MDaemon 17.5 has been released, with new security and collaboration features. One feature that our users will find particularly useful is the new Location Screening feature, which allows administrators to block incoming connections from specific countries. Continue Reading

Rehashed RAT Used in APT Campaign Against Vietnamese Organizations

Recently, FortiGuard Labs came across several malicious documents that exploit the vulnerability CVE-2012-0158. To evade suspicion from the victim, these RTF files drop decoy documents containing politically themed texts about a variety of Vietnamese government-related information. It was believed in a recent report that the hacking campaign where these documents Continue Reading

>