LiveZilla Live Chat Technical Advisory

Breaking Threat Research from FortiGuard Labs Introduction In June 2019, Fortinet’s FortiGuard Labs discovered and reported 7 vulnerabilities in Live Chat, the Next Generation Live Help and Live Support System from LiveZilla that connects organizations to their website visitors. LiveZilla is a software company trusted by Fortune 500 companies and Continue Reading

Zegost from Within – New Campaign Targeting Internal Interests

Adversary Playbook: The FortiGuard SE Team is releasing this new playbook on the threat actor group named Yet Another Panda as part of our role in the Cyber Threat Alliance. For more information regarding this series of adversary playbooks being created by CTA members, please visit the Cyber Threat Alliance Continue Reading

A Deep Dive Into IcedID Malware: Part III – Analysis of Child Processes

FortiGuard Labs Threat Analysis Report Series In Part II of this blog series, we identified three child processes that were created by the IcedID malware. In Part III below, we’ll provide a deep analysis of those child processes. Let’s get started! 0x01 Child process A (entry offset: 0x168E) This first Continue Reading

BianLian: A New Wave Emerges

FortiGuard Labs Breaking Threat Research Recently, during our daily malware analysis routine, members of the FortiGuard Labs team encountered an Android sample that did not look familiar.  Analysis At a first look, it seemed clear that the APK was heavily obfuscated, and was possibly packed using some technique we had Continue Reading

Inter: Skimmer For All

A FortiGuard Labs Threat Analysis Report  Using web skimmers to steal payment card details has become a good business for cybercriminals. In fact, just last month, FortiGuard Labs discovered a campaign that has stolen the data from over 185,000 payment cards in a one year operation. MageCart, the collective name Continue Reading

GandCrab Threat Actors Retire…Maybe

In a surprising announcement two weeks ago, the threat group behind the malware operation GandCrab announced that they had shut down their operations. Until that point, GandCrab had been one of the most active malware campaigns of the past year, both in terms of distribution and rapid development. FortiGuard Labs Continue Reading

Analysis of a New HawkEye Variant

Threat Analysis by FortiGuard Labs Background FortiGuard Labs recently captured a malware being spread by a phishing email. After a quick analysis, I discovered that it was a new variant of the HawkEye malware. HawkEye is known as a keylogger and an application credential stealing malware. Over past few years, Continue Reading

Critical Strategies for Staying Ahead of Emerging Cyberthreats

Over the past couple of decades, changes in the threat landscape have driven changes in how we design, implement, and manage security. Organizations have spent the last two decades updating their security gear to keep up with the latest threats and attack vectors. In the late 1990s, the creation of Continue Reading

Threat Intelligence and the Evolving Threat Landscape

As organizations continue to adopt and drive digital transformation (DX), staying ahead of the threat landscape and attack chain curves is becoming increasingly difficult to achieve. Today, rather than having a single network to secure, most organizations now own and manage a variety of environments, including physical networks, private cloud Continue Reading

New Rocke Variant Ready to Box Any Mining Challengers

FortiGuard Labs Breaking Threat Research FortiGuard Labs has been monitoring a Linux coin mining campaign from “Rocke” – a malware threat group specializing in cryptomining. Over the past month we have seen new features constantly being added to the malware. For instance, in their latest major update, they have added Continue Reading