Activity Summary – Week Ending November 16, 2018
This week Fortinet released our latest Quarterly Threat Landscape Report. Every second of every day FortiGuard Labs is collecting data gathered from millions of devices and sensors around the world. The sheer volume of data we analyze gives us a distinct and unparalleled perspective of the global threat landscape. This data cumulates into our quarterly …
Continue reading “Activity Summary – Week Ending November 16, 2018”

Activity Summary – Week Ending November 9, 2018
The TrickBot malware family has been around for many years, initially focused on stealing victim’s online banking credentials. However, FortiGuard Labs has analyzed some new samples where we have found TrickBot, utilizing a new module, has evolved to much more trickery.

Activity Summary – Week Ending November 2, 2018
Cybercrime-as-a Service has created an entry point for novice distributed denial-of-service (DDoS) attackers by offering simple options to anonymously attack nearly any website and forcing it offline. Due to the public release of source code for some popular bots, building a botnet to provide these sort of services is easier than ever. Minor modifications to …
Continue reading “Activity Summary – Week Ending November 2, 2018”

Activity Summary – Week Ending October 26, 2018
Attackers have always been seeking new avenues for exploitation; short of discovering zero days themselves. Many attackers have relied on known vulnerabilities either disclosed responsibly or irresponsibly to a vendor. Also, even if there is a patch available, such as the industry standard Patch Tuesday cycle by Microsoft/Adobe, attackers have taken said patches from vendors …
Continue reading “Activity Summary – Week Ending October 26, 2018”

Activity Summary – Week Ending October 5, 2018
FortiGuard Labs recently encountered malicious traffic traveling to a C2 server located in China. The connection was established by a domain using a name that closely resembled one of Japan’s most famous express post delivery services. Our analysis showed that the website making this connection is fake, there is no SSL certificate, and the page …
Continue reading “Activity Summary – Week Ending October 5, 2018”

Activity Summary – Week Ending September 28, 2018
VPNFilter, a multi-stage modular framework that has infected hundreds of thousands of network devices around the world, has been discovered to have even greater capabilities than originally profiled. Announcing their findings through the Cyber Threat Alliance, Cisco’s Talos provided early awareness and early sharing of IOCs with the CTA members. Seven additional third-stage modules that …
Continue reading “Activity Summary – Week Ending September 28, 2018”

Activity Summary – Week Ending September 21, 2018
Once again the Cyber Threat Alliance (CTA) members have collaborated on research. This week the CTA members released a collaborative report on illicit cryptomining (aka cryptojacking). Fortinet is a founding member of the CTA and believe that working together with other cybersecurity organizations, we can improve cybersecurity across our global digital ecosystem. Below is a …
Continue reading “Activity Summary – Week Ending September 21, 2018”

Activity Summary – Week Ending September 7, 2018
A new banking Trojan has been identified targeting major Brazilian banking customers, as well as public sector organizations. This malware, code-named CamuBot, uses interesting new tactics with social engineering and malware techniques to bypass security controls, including strong authentication.

Activity Summary – Week Ending August 24, 2018
For years there have been tools developed for malware research with a primary focus on the Windows platform, whereas tools for alternative operating systems, such as Linux and macOS, were few and far between. This made sense given the enormous adoption rate and market share that Windows operating systems had over the past several decades. …
Continue reading “Activity Summary – Week Ending August 24, 2018”

Activity Summary – Week Ending August 3, 2018
Once again, Fortinet’s membership in the Cyber Threat Alliance (CTA) continues to pay dividends. Sophos, also a CTA member, published their comprehensive research into the SamSam ransomware this week. As part of their CTA membership, Sophos shared all the indicators of compromise (IOCs) with other members before they published their findings. This allows CTA members …
Continue reading “Activity Summary – Week Ending August 3, 2018”

Activity Summary – Week Ending
July 27, 2018
Experts have been warning consumers for years about vulnerabilities in home automation solutions, and Hide ‘N Seek (HNS) might be the first in-the-wild malware to actively target these vulnerabilities. It is expected that the growth of Internet of Things (IoT) devices will reach 20.4 billion by 2020, and a growing segment of these devices are …
Continue reading “Activity Summary – Week Ending
July 27, 2018″
