Results for apt
A Deep-Dive Analysis of the NukeSped RATs
FortiGuard Labs has been actively monitoring various APT groups such as HIDDEN COBRA. Recently, we noticed some new interesting samples from this group, so we decided to take a further look. Learn more.
FortiGuard Labs Weekly Threat Update – October 18, 2019
Learn about the cyber threats uncovered during the week of October 14, 2019.
Hussarini – Targeted Cyber Attack in the Philippines
FortiGuard Labs spotted a malicious document with the politically themed file name “Draft PH-US Dialogue on Cyber Security.doc”. This document takes advantage of the vulnerability CVE-2017-11882. Upon successful exploitation, it drops a malware in the victim’s %temp% directory.
A Deep Dive Analysis of the FALLCHILL Remote Administration Tool
FortiGuard Labs has been actively monitoring FALLCHILL, validating all its IOCs (indicators of compromise), and providing protection for our customers. In a previous post we provided a high level overview of FALLCHILL. In this research report we dig even further, providing a deep dive analysis of the FALLCHILL Remote Administration Tool (RAT) in order to shed additional light on this threat, and thereby help our customer and the security community at large defend against this threat and similar threats.
You Don’t Need a Weatherman to Know Which Way the Wind Blows
Over the past month, we have all watched with dismay as the islands of the Caribbean and coasts of Texas and Florida were hit with devastating rains and high-speed winds. In the days leading up to the storms’ landfalls, some of the most talented scientific minds deployed astounding levels of technology to assess and communicate the severity of the approaching threats—despite the fact that severe weather is notoriously unpredictable, with inherent uncertainty that makes truly accurate assessment of the threat nearly impossible. In...
Today’s Best Practices for Protecting the Distributed Network
In the new digital economy, businesses that are able to adapt will be the most competitive and successful. This will require adopting new technologies, networking systems, and strategies. But many of the emerging technologies and strategies that are being deployed across our networks come with a set of unknowns that are having a huge impact on security. The reason is that traditional approaches to security were never really designed to protect dynamic, borderless, and hyper-connected environments. Many Factors Are in Play For example,...
New Ransomworm Follows WannaCry Exploits
We are currently tracking a new ransomware variant sweeping across the globe known as Petya. It is currently having an impact on a wide range of industries and organizations, including critical infrastructure such as energy, banking, and transportation systems. This is a new generation of ransomware designed to take advantage of timely exploits. This current version is targeting the same vulnerabilities that we exploited during the recent Wannacry attack this past May. This latest attack, known as Petya, is something we are referring to as...
New Era in Anti-Virus Detection Evasions
In the last couple of months, we wrote about the discoveries we found in Dridex, the long-lived banking Trojan that is still quite active in-the-wild. In the blog post, TL;DR, we mentioned the Trojan has equipped with new module that could be used to evade one of the anti-virus products, however, the affected vendor has now released a fix, so we decided to share the details. In this post, we will briefly discuss some of the novel techniques used by the Trojan to evade detection by anti-virus. The Evolution of Anti-Virus Detection Evasions I’m...
ICSA Labs Certifies Fortinet’s Advanced Threat Protection Framework
Fortinet’s Advanced Threat Protection (ATP) Framework has once again achieved Advanced Threat Defense (ATD) Certification from ICSA Labs for Q1 of 2016. We remain one of the four vendors in the entire industry who have achieved this independent certification.Advanced threats represent some of the most difficult security challenges faced by organizations – as well as by the vendors who build tools to detect and stop them. Fortinet has developed the Fortinet Advanced Threat Protection (ATP) Framework to do just that. It is built around the seamless...
BDS? Sandbox? Call It What You Will, But the Market Is Growing Fast
NSS Labs released their second annual breach detection system (BDS) test results this week, highlighting a market that is growing at a CAGR of 32%, more than double that of next gen firewalls. Gartner cites 20 vendors in this competitive space – 9 of them participated in the NSS Labs comparison, giving IT and security decision makers robust, objective data on which to base their purchases. Let’s take a step back, though, and clearly define breach detection systems. Many vendors simply refer to them as sandboxes, but NSS Labs...
