Results for malicious javascript

Threat Research

Cobalt Malware Strikes Using CVE-2017-11882 RTF Vulnerability

Only a few days after FortiGuard Labs published an article about a spam campaign exploiting an RTF document, we found another spam campaign using an even more recent document vulnerability, CVE-2017-11882.

By Jasper Manual and Joie Salvio November 27, 2017

Threat Research

PDF Phishing Leads to Nanocore RAT, Targets French Nationals

Recently, FortiGuard Labs found a phishing campaign targeting French Nationals. In this campaign, a PDF file with an embedded javascript is used to download the payload from a Google Drive shared link. As it turns out, the downloaded file is an HTA (HTML Application) file, a format that is becoming more and more common as a malware launch point. It is usually used as a downloader for the actual binary payload. However in this campaign,...

By Joie Salvio and Rommel Joven October 12, 2017