Newly Discovered Infostealer Attack Uses LokiBot

The FortiGuard Labs SE team identified a new malicious spam campaign on August 21st,, which we discovered after an analysis of information initially found on VirusTotal. It targeted a large US manufacturing company utilizing the well documented infostealer LokiBot. Interestingly enough, this also has a compilation date of August 21st, Continue Reading

Zegost from Within – New Campaign Targeting Internal Interests

Adversary Playbook: The FortiGuard SE Team is releasing this new playbook on the threat actor group named Yet Another Panda as part of our role in the Cyber Threat Alliance. For more information regarding this series of adversary playbooks being created by CTA members, please visit the Cyber Threat Alliance Continue Reading

MySQL InnoDB Cluster – Automatic Node Provisioning

The MySQL Development Team is very excited and proud of what was achieved in this 8.0.17 GA release! The spotlight is on… A game-changer feature – Automatic Node provisioning! This has been an extremely desired and important feature, and it has been accomplished, once again, with tight integration and cooperation of Continue Reading

New Spam Attack Targets Romanian Corporation

A FortiGuard SE Team Threat Analysis Report The FortiGuard SE team has discovered an ongoing malicious spam campaign targeting a critical infrastructure energy provider in Romania over the past few weeks. It uses a combination of a variant of the Fareit/Pony downloader together with the Formbook infostealer malware. While we Continue Reading

Ubuntu News

Web and Design team summary – 7 May 2019

This was a fairly busy two weeks for the Web & design team at Canonical.  Here are some of the highlights of our completed work. Web Web is the squad that develop and maintain most of the brochure websites across the Canonical. Supported the 19.04 release We updated the websites Continue Reading

Silence Group Playbook

Adversary Playbook: The FortiGuard SE Team is releasing this new playbook on the threat actor group known as Silence Group as part of our role in the Cyber Threat Alliance. For more information regarding this series of adversary playbooks being created by CTA members, please visit the Cyber Threat Alliance Playbook Continue Reading

Design and Web team summary – 15 March 2019

This was a fairly busy two weeks for the Web & design team at Canonical. Here are some of the highlights of our completed work. Web team Homepage takeovers This iteration we designed and built four takeovers for our home pages including: The German version of compliance webinar The German Continue Reading

3CX V16 Release Candidate adds the ability to copy extensions and more!

The 3CX development team is now in “code-freeze” mode, which means 3CX v16 has reached Release Candidate (RC) status and is now close to launch! We will be holding a live Q&A session and live stream when the final is ready so make sure to watch this space. Management Console Continue Reading

WordPress WooCommerce XSS Vulnerability – Hijacking a Customer Account with a Crafted Image

Overview The FortiGuard Labs team recently discovered a Cross-Site Scripting (XSS) vulnerability in WooCommerce. WooCommerce is an open-source eCommerce platform built on WordPress. According to BuiltWith statistics, WooCommerce is the No. 1 eCommerce platform, owning 22% of global market share in 2018. This XSS vulnerability (CVE-2019-9168) exists in the zoom Continue Reading

>