Activity Summary – Week Ending November 16, 2018

This week Fortinet released our latest Quarterly Threat Landscape Report. Every second of every day FortiGuard Labs is collecting data gathered from millions of devices and sensors around the world. The sheer volume of data we analyze gives us a distinct and unparalleled perspective of the global threat landscape. This data cumulates into our quarterly …

Activity Summary – Week Ending November 9, 2018

The TrickBot malware family has been around for many years, initially focused on stealing victim’s online banking credentials. However, FortiGuard Labs has analyzed some new samples where we have found TrickBot, utilizing a new module, has evolved to much more trickery.

Activity Summary – Week Ending November 2, 2018

Cybercrime-as-a Service has created an entry point for novice distributed denial-of-service (DDoS) attackers by offering simple options to anonymously attack nearly any website and forcing it offline. Due to the public release of source code for some popular bots, building a botnet to provide these sort of services is easier than ever. Minor modifications to …

Activity Summary – Week Ending October 26, 2018

Attackers have always been seeking new avenues for exploitation; short of discovering zero days themselves. Many attackers have relied on known vulnerabilities either disclosed responsibly or irresponsibly to a vendor. Also, even if there is a patch available, such as the industry standard Patch Tuesday cycle by Microsoft/Adobe, attackers have taken said patches from vendors …

Activity Summary – Week Ending October 5, 2018

FortiGuard Labs recently encountered malicious traffic traveling to a C2 server located in China. The connection was established by a domain using a name that closely resembled one of Japan’s most famous express post delivery services. Our analysis showed that the website making this connection is fake, there is no SSL certificate, and the page …

Activity Summary – Week Ending September 28, 2018

VPNFilter, a multi-stage modular framework that has infected hundreds of thousands of network devices around the world, has been discovered to have even greater capabilities than originally profiled. Announcing their findings through the Cyber Threat Alliance, Cisco’s Talos provided early awareness and early sharing of IOCs with the CTA members. Seven additional third-stage modules that …

Activity Summary – Week Ending September 21, 2018

Once again the Cyber Threat Alliance (CTA) members have collaborated on research. This week the CTA members released a collaborative report on illicit cryptomining (aka cryptojacking). Fortinet is a founding member of the CTA and believe that working together with other cybersecurity organizations, we can improve cybersecurity across our global digital ecosystem. Below is a …

Activity Summary – Week Ending September 14, 2018

Get patching! For September Patch Tuesday Microsoft released updates addressing 61 vulnerabilities! Severity breakdown is: 17 rated critical, 43 rated important, and only one is rated as moderate. There were several Adobe updates as well.

Activity Summary – Week Ending September 7, 2018

A new banking Trojan has been identified targeting major Brazilian banking customers, as well as public sector organizations. This malware, code-named CamuBot, uses interesting new tactics with social engineering and malware techniques to bypass security controls, including strong authentication.

Activity Summary – Week Ending August 31, 2018

FortiGuard Labs researchers have been monitoring an invasion of GandCrab malware updates of late. You can read our full blog to get all the chronology details. Below is a synopsis of what we discovered and has transpired lately.

Activity Summary – Week Ending August 24, 2018

For years there have been tools developed for malware research with a primary focus on the Windows platform, whereas tools for alternative operating systems, such as Linux and macOS, were few and far between. This made sense given the enormous adoption rate and market share that Windows operating systems had over the past several decades. …

Activity Summary – Week Ending August 10, 2018

Fortinet has a culture of innovation. It isn’t more evident than at the BlackHat conference held this week in Las Vegas, where FortiGuard Labs researcher Kai Lu presented his application behavior monitoring tool called FortiAppMonitor for macOS.

Activity Summary – Week Ending August 3, 2018

Once again, Fortinet’s membership in the Cyber Threat Alliance (CTA) continues to pay dividends. Sophos, also a CTA member, published their comprehensive research into the SamSam ransomware this week. As part of their CTA membership, Sophos shared all the indicators of compromise (IOCs) with other members before they published their findings. This allows CTA members …

Activity Summary – Week Ending
July 27, 2018

Experts have been warning consumers for years about vulnerabilities in home automation solutions, and Hide ‘N Seek (HNS) might be the first in-the-wild malware to actively target these vulnerabilities. It is expected that the growth of Internet of Things (IoT) devices will reach 20.4 billion by 2020, and a growing segment of these devices are …

Activity Summary – Week Ending December 15, 2017

Cybercriminals are always looking for the easy route to exploit their targets. And why try too hard anyway when poor security hygiene and weak password management make it nearly effortless for them to accomplish their nefarious deeds.