Results for fortiguard

Threat Research

Troopers - Day 2

This is the first conference where I have heard so much about hacking robots! Between yesterday and today, we've had: • Robotnikoff at Troopers: robots, security, and privacy - Brittany Postnikoff • Hacking Robots Before Skynet - Lucas Apa • Breaking the Laws of Robotics: Attacking Industrial Robots - Davide Quarta

By Axelle ApvrilleMarch 16, 2018

Threat Research

GandCrab: Honor among Thieves?

GandCrab is the first ransomware to hit the spotlight this year. Known as the first ransom malware to use DASH cryptocurrency as a payment, it has hit more than 50,000 victims according to a report from Europol.

Threat Research

Troopers - Day 1

I am currently at Troopers, a well-known German hacking conference in Heidelberg. I had heard many positive reports on about this conference, especially their awesome hardware badge, and am glad I finally got to speak there. My talk was on hacking a smart toothbrush, and why it's important to secure any connected device, even those - like toothbrushes - that seem harmless. If you missed my talk, my slides will soon be online:, check the Fortiguard Research Centre. Now, let's focus on some of today's talks.

By Axelle ApvrilleMarch 14, 2018


Using Security-as-a-Service to Help Customers Combat Threats

As cyberattacks become more sophisticated, customers need more robust cybersecurity resources than they have in their toolkit. Learn how providing security services can meet these needs with real-time threat intelligence and more.

By Jeannette JarvisMarch 12, 2018

Business and Technology | Industry Trends

Threat Bars Lowered, Danger Raised: Using FortiClient to Address This New Security Dynamic

Fortinet is not standing still in the face of the rapidly changing threat environment. Recently, we added some significant new technologies to the latest iteration of FortiClient, our endpoint protection product. For example, FortiClient now includes an Anti-Exploit Engine that delivers a next-generation approach to endpoint protection. It also includes auto-patching capabilities that streamline patch management for known vulnerabilities. Automation of patching drives efficiencies while enabling organizations to address vulnerabilities faster.

By Damien LimDecember 11, 2017

Threat Research

Multiple Plone Cross-Site Scripting Vulnerabilities

Plone is a free and open source content management system, and is ranked among the top 2% of all open source projects worldwide. More than 350 solution providers in more than 100 countries currently support it. The project has been actively developed since 2001, is available in more than 40 languages, and has the best security track record of any major CMS. The users ( include the Federal Bureau of Investigation (FBI), the Central Intelligence Agency (CIA), the Intellectual Property Rights Center, and so on. Earlier...

By Zhouyuan YangDecember 05, 2017

Threat Research

A Deep Dive Analysis of the FALLCHILL Remote Administration Tool

FortiGuard Labs has been actively monitoring FALLCHILL, validating all its IOCs (indicators of compromise), and providing protection for our customers. In a previous post we provided a high level overview of FALLCHILL. In this research report we dig even further, providing a deep dive analysis of the FALLCHILL Remote Administration Tool (RAT) in order to shed additional light on this threat, and thereby help our customer and the security community at large defend against this threat and similar threats.

By Minh TranNovember 28, 2017

Threat Research

Cobalt Malware Strikes Using CVE-2017-11882 RTF Vulnerability

Only a few days after FortiGuard Labs published an article about a spam campaign exploiting an RTF document, we found another spam campaign using an even more recent document vulnerability, CVE-2017-11882.

By Jasper Manual and Joie SalvioNovember 27, 2017

Threat Research

CVE-2017-11826 Exploited in the Wild with Politically Themed RTF Document

Recently, FortiGuard Labs found an interesting malware campaign using the recently documented vulnerability CVE-2017-11826 that was patched by Microsoft in October of this year. A detailed analysis of this exploit is also included in this article.

Threat Research

Tax Refund Phishing In Malaysia – How They Bypass The Two Factor Authentication Security System

FortiGuard Labs has been tracking a tax refund phishing scam in Malaysia. Let’s get into the details of how this works.

By Nelson NguNovember 12, 2017