New Spam Attack Targets Romanian Corporation

A FortiGuard SE Team Threat Analysis Report The FortiGuard SE team has discovered an ongoing malicious spam campaign targeting a critical infrastructure energy provider in Romania over the past few weeks. It uses a combination of a variant of the Fareit/Pony downloader together with the Formbook infostealer malware. While we Continue Reading

Securing the Network Edge

A New Joint Analysis from the Cyber Threat Alliance Outlines the Growing Threat to the Devices Deployed at the Boundaries, or Edges, of Interconnected Networks     Digital transformation continues to generate new networking environments, from multi-cloud networks to SD-Branches to the emerging 5G-enabled remote edge, comprised of a growing number of Continue Reading

Quick Analysis of New Method for Spreading TrickBot

Breaking Threat Research from FortiGuard Labs On Friday, April 26, 2019, FortiGuard Labs captured a suspicious email. After a quick analysis, I discovered that it was spreading the malware TrickBot. This piece of malware is a kind of component loader, which can download other malicious components and execute them in Continue Reading

Detailed Analysis of macOS Vulnerability CVE-2019-8507

FortiGuard Labs Threat Analysis Report on an Memory Corruption Vulnerability in QuartzCore while Handling Shape Object. On March 25, 2019, Apple released macOS Mojave 10.14.4 and iOS 12.2. These two updates fixed a number of security vulnerabilities, including CVE-2019-8507 in QuartzCore (aka CoreAnimation), which I reported to Apple on January 3, Continue Reading

Predator the Thief: New Routes of Delivery

A FortiGuard Labs Threat Analysis Paper Introduction In March 2019, FortiGuard Labs discovered a running campaign against Russian-speakers using a new version of “Predator the Thief” stealer malware. The same actor was using one set of dummy files to deliver the stealer via different forms of phishing, including Zipped files, Continue Reading

Silence Group Playbook

Adversary Playbook: The FortiGuard SE Team is releasing this new playbook on the threat actor group known as Silence Group as part of our role in the Cyber Threat Alliance. For more information regarding this series of adversary playbooks being created by CTA members, please visit the Cyber Threat Alliance Playbook Continue Reading

LockerGoga: Ransomware Targeting Critical Infrastructure

A FortiGuard Labs Threat Analysis Report Since the discovery of Stuxnet, more and more attacks are being discovered targeting critical infrastructures. While some attacks are sophisticated and some are not, both can cause significant damage with far-reaching impact.   Figure 1. Critical infrastructure attacks since Stuxnet discovery In the early age Continue Reading

Looking Into Anatova Ransomware

FortiGuard Labs Threat Analysis This blog is part of a series that is looking into new and older ransomwares to provide in-depth technical analysis details not mentioned in previous sources. For example, in this piece on the Anatova ransomware I include a wide range of technical information unavailable elsewhere. This Continue Reading

Patch Your Adobe Shockwave Player: Fortinet Discovers Seven Zero-Day Remote Code Execution Vulnerabilities

A FortiGuard Labs Breaking Threat Research Report On the April 9, 2019, Adobe released security bulletin APSB19-20, which patches seven Adobe Shockwave Player vulnerabilities. All of them were discovered by FortiGuard Labs researcher Honggang Ren and reported to Adobe by following Fortinet’s responsible disclosure process. The CVE numbers assigned to Continue Reading

Patch Your Microsoft Windows and Office: Fortinet Discovers Three Zero-Day Remote Code Execution Vulnerabilities

A FortiGuard Labs Breaking Threat Research Report On the April 9, 2019 Patch Tuesday, Microsoft released patches for several vulnerabilities in Windows and Office. Three of them were discovered and reported by FortiGuard Labs researcher Honggang Ren by following Fortinet’s responsible disclosure process. The CVE numbers assigned to them are Continue Reading

>