FortiGuard Labs Threat Research
Botnets Continue Exploiting CVE-2023-1389 for Wide-Scale Spread
FortiGuard Labs unveils Moobot, Miori, AGoent, Gafgyt and more exploiting TP-Link Archer AX21 vulnerability CVE-2023-1389. Learn more.
FortiGuard Labs Threat Research
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793
FortiGuardLabs discovered a new APT29 campaign which includes TeamCity exploitation and GraphicalProton malware. Learn more.
FortiGuard Labs Threat Research
DDoS Botnets Target Zyxel Vulnerability CVE-2023-28771
Get a detailed explanation of the payload delivered through CVE-2023-28771 and associated botnets. Lean more.
FortiGuard Labs Threat Research
Exploring a Recent Microsoft Outlook Vulnerability: CVE-2023-23397
FortiGuard Labs highlights an Elevation of Privilege Vulnerability in Microsoft Outlook that can be exploited by sending a crafted email to a vulnerable version of the software. Read more.
Perspectives: FortiNAC and CVE-2022-39952
Fortinet published a Critical Advisory (FG-IR-22-300 / CVE-2022-39952) for FortiNAC on February 16, 2023. This article adds perspective to that Advisory to provide customers with additional and accurate details.
FortiGuard Labs Threat Research
Fortinet Researcher Discover Vulnerabilities in Siemens Solutions: PADS Standard Layout Viewer and PADS Standard Plus Layout Viewer
FortiGuard Labs discovered and reported multiple zero-day vulnerabilities in the Siemens PADS Layout Viewer solutions, which Siemens published advisories for. Read to find out more.
FortiGuard Labs Threat Research
CVE-2022-30190: Microsoft Support Diagnostic Tool (MSDT) RCE Vulnerability “Follina”
FortiGuard Labs researchers provide an analysis of CVE-2022-30190: Microsoft Support Diagnostic Tool (MSDT) RCE vulnerability “Follina.” Read to learn more about this critical vulnerability and how to take corrective action until Microsoft releases a patch.
FortiGuard Labs Threat Research
Analysis of Microsoft CVE-2022-21907
Microsoft released a patch for CVE-2022-21907 as part of Microsoft’s Patch Tuesday. In this blog, FortiGuard Labs researchers analyze the cause of the vulnerability and how attackers can exploit it.
FortiGuard Labs Threat Research
Incomplete Patch: Another Joomla! Core XSS Vulnerability Is Discovered
A new vulnerability affects Joomla! CMS versions 3.0.0 through 3.8.7. In this blog, I’ll share my analysis of this vulnerability.
FortiGuard Labs Threat Research
A root cause analysis of CVE-2018-0797 - Rich Text Format Stylesheet Use-After-Free vulnerability
Over the last few months, the Microsoft Security Response Centre (MSRC) has released a number of Windows updates to fix multiple Use-After-Free (UAF) vulnerabilities discovered by FortiGuard Labs. As stated in our previous blog post, we will provide a technical write-up for one of the UAF issues that was rated as critical by MSRC. The issue is assigned to CVE-2018-0797. In this blog post we will share our methodologies in identifying the root cause of the issue, as well as an analysis of the mitigation deployed by Microsoft to address the UAF vulnerability.
