Results for apt

Threat Research

A Deep-Dive Analysis of the NukeSped RATs

FortiGuard Labs has been actively monitoring various APT groups such as HIDDEN COBRA. Recently, we noticed some new interesting samples from this group, so we decided to take a further look. Learn more.

By Minh Tran October 23, 2019

Threat Research

FortiGuard Labs Weekly Threat Update – October 18, 2019

Learn about the cyber threats uncovered during the week of October 14, 2019.

By Jeannette Jarvis October 18, 2019

Threat Research

Hussarini – Targeted Cyber Attack in the Philippines

FortiGuard Labs spotted a malicious document with the politically themed file name “Draft PH-US Dialogue on Cyber Security.doc”. This document takes advantage of the vulnerability CVE-2017-11882. Upon successful exploitation, it drops a malware in the victim’s %temp% directory.

By Jasper Manuel and Rommel Joven July 08, 2018

Threat Research

A Deep Dive Analysis of the FALLCHILL Remote Administration Tool

FortiGuard Labs has been actively monitoring FALLCHILL, validating all its IOCs (indicators of compromise), and providing protection for our customers. In a previous post we provided a high level overview of FALLCHILL. In this research report we dig even further, providing a deep dive analysis of the FALLCHILL Remote Administration Tool (RAT) in order to shed additional light on this threat, and thereby help our customer and the security community at large defend against this threat and similar threats.

By Minh Tran November 28, 2017

Industry Trends

You Don’t Need a Weatherman to Know Which Way the Wind Blows

Over the past month, we have all watched with dismay as the islands of the Caribbean and coasts of Texas and Florida were hit with devastating rains and high-speed winds. In the days leading up to the storms’ landfalls, some of the most talented scientific minds deployed astounding levels of technology to assess and communicate the severity of the approaching threats—despite the fact that severe weather is notoriously unpredictable, with inherent uncertainty that makes truly accurate assessment of the threat nearly impossible. In...

By Phil Quade October 20, 2017

Industry Trends

Today’s Best Practices for Protecting the Distributed Network

In the new digital economy, businesses that are able to adapt will be the most competitive and successful. This will require adopting new technologies, networking systems, and strategies. But many of the emerging technologies and strategies that are being deployed across our networks come with a set of unknowns that are having a huge impact on security. The reason is that traditional approaches to security were never really designed to protect dynamic, borderless, and hyper-connected environments. Many Factors Are in Play For example,...

By Matthew Pley September 27, 2017

Threat Research

New Ransomworm Follows WannaCry Exploits

We are currently tracking a new ransomware variant sweeping across the globe known as Petya. It is currently having an impact on a wide range of industries and organizations, including critical infrastructure such as energy, banking, and transportation systems. This is a new generation of ransomware designed to take advantage of timely exploits. This current version is targeting the same vulnerabilities that we exploited during the recent Wannacry attack this past May. This latest attack, known as Petya, is something we are referring to as...

By Aamir Lakhani June 27, 2017

Threat Research

New Era in Anti-Virus Detection Evasions

In the last couple of months, we wrote about the discoveries we found in Dridex, the long-lived banking Trojan that is still quite active in-the-wild. In the blog post, TL;DR, we mentioned the Trojan has equipped with new module that could be used to evade one of the anti-virus products, however, the affected vendor has now released a fix, so we decided to share the details. In this post, we will briefly discuss some of the novel techniques used by the Trojan to evade detection by anti-virus. The Evolution of Anti-Virus Detection Evasions I’m...

By Wayne Chin Yick Low August 04, 2016

Industry Trends

ICSA Labs Certifies Fortinet’s Advanced Threat Protection Framework

Fortinet’s Advanced Threat Protection (ATP) Framework has once again achieved Advanced Threat Defense (ATD) Certification from ICSA Labs for Q1 of 2016.  We remain one of the four vendors in the entire industry who have achieved this independent certification.Advanced threats represent some of the most difficult security challenges faced by organizations – as well as by the vendors who build tools to detect and stop them. Fortinet has developed the Fortinet Advanced Threat Protection (ATP) Framework to do just that. It is built around the seamless...

By Bill McGee June 14, 2016

Industry Trends

BDS? Sandbox? Call It What You Will, But the Market Is Growing Fast

NSS Labs released their second annual breach detection system (BDS) test results this week, highlighting a market that is growing at a CAGR of 32%, more than double that of next gen firewalls.  Gartner cites 20 vendors in this competitive space – 9 of them participated in the NSS Labs comparison, giving IT and security decision makers robust, objective data on which to base their purchases. Let’s take a step back, though, and clearly define breach detection systems. Many vendors simply refer to them as sandboxes, but NSS Labs...

By Chris Dawson August 06, 2015