Predator the Thief: New Routes of Delivery
FortiGuard Labs discovered a running campaign against Russian-speakers using a new version of “Predator the Thief” stealer malware. The same actor was using one set of dummy files to deliver the stealer via different forms of phishing, including Zipped files, fake documents, fake pdfs, and the WinRAR exploit described in CVE-2018-20250.
Preparing for the Cy-Phy Future
We are entering the era of Cy-Phy — the convergence of cyber space with a plethora of devices and data in our physical spaces. Organizations need to start preparing today by developing security strategies designed around the principles of speed, integration, adaptability, and automation.
Silence Group Playbook
Silence Group is a cybercriminal organization that targets banks, specifically stealing information used in the payment card industry. The aim of this playbook is to provide first responders with relevant, up-to-date analysis, samples, and indicators of compromise which should help security professionals better protect their infrastructures.
Looking Into Anatova Ransomware
Anatova is a fairly new ransomware. It avoids infecting computers that are used in analysis and research labs. It systematically avoids infecting files and folders that are important to the stability of the computer system it is infecting.
LockerGoga: Ransomware Targeting Critical Infrastructure
LockerGoga is not at all exceptional in terms of sophistication, especially when compared to other ransomware families. However, it has a unique way of iterating through the files of the victim.
Patch Your Adobe Shockwave Player: Fortinet Discovers Seven Zero-Day Remote Code Execution Vulnerabilities
Adobe released security bulletin APSB19-20, which patches seven Adobe Shockwave Player vulnerabilities. All of them were discovered by FortiGuard Labs researcher Honggang Ren and reported to Adobe by following Fortinet’s responsible disclosure process.
Celebrating Our Partner of the Year Winners at Accelerate 2019
Fortinet recognized a few of our most dedicated partners of 2018 at this year’s Accelerate conference.
Patch Your Microsoft Windows and Office: Fortinet Discovers Three Zero-Day Remote Code Execution Vulnerabilities
On the April 9, 2019 Patch Tuesday, Microsoft released patches for several vulnerabilities in Windows and Office. Three of them were discovered and reported by FortiGuard Labs researcher Honggang Ren by following Fortinet’s responsible disclosure process.
The Security Vendor’s Role in Closing the Cybersecurity Skills Gap
The cybersecurity skills gap has become a much bigger issue than simply filling open job positions. It has become an enterprise risk and a top priority for security operations. As cybersecurity vendors, our role and responsibility in closing the cybersecurity skills gap goes well beyond providing training on products and solutions and entails becoming trusted advisors for our customers and for society as a whole.
Simplifying Operations with Single-Pane Orchestration, Automation, and Response
Multi-vendor tools for securing your enterprise introduces complexity of operations. Simplifying these network and security operations with FortiManager and FortiAnalyzer leveraging Single-Pane Orchestration, Automation, and Response helps reduce that operational complexity.
