Threat Research

Threat Research

Recent Attack Uses Vulnerability on Confluence Server

FortiGuard Labs analyzes attack payloads leveraging the Atlassian Confluence Server vulnerability, deep dives into the attack and provides IOCs to help determine if a network was affected by CVE-2021-26084. Read more.

By Cara Lin October 21, 2021

Threat Research

Ransomware Impact on the Education Sector

FortiGuard Labs examined cyberthreats targeting education in 2021. Learn about the important takeaways various threat education organizations face, including ransomware.

By Shunichi Imano October 05, 2021

Threat Research

Ranion Ransomware - Quiet and Persistent RaaS

FortiGuard Labs analyzes Ranion ransomware, it’s origins, longevity, and explains why it’s unlike any other RaaS. Learn more.

By Shunichi Imano and Fred Gutierrez September 30, 2021

Threat Research

Fortinet Security Researcher Discovers Multiple Vulnerabilities Across Multiple Corel Products

FortiGuard Labs has reported multiple zero-day vulnerabilities related to several Corel products. Learn about the vulnerabilities and the recommendations users should take when opening files from unknown sources.

By Kushal Arvind Shah September 30, 2021

Threat Research

Vaccine Passports for Sale on the Dark Web

FortiGuard Labs threat research uncovered email scammers and black market criminals offering fake vaccine passports. Read our threat blog to find out more about these fake lures.

By Fred Gutierrez September 20, 2021

Threat Research

More ProxyShell? Web Shells Lead to ZeroLogon and Application Impersonation Attacks

FortiGuard Labs recently discovered a threat actor leveraging ProxyShell exploits using unreported techniques. Learn about the malicious DLLs in memory by recreating incidents in a lab environment.

By John Simmons September 14, 2021

Threat Research

New Dridex Variant Being Spread By Crafted Excel Document

FortiGuardLabs discovered new phishing email campaigns, which use an Excel attachment to attempt to trigger the download of a new variant of Dridex malware. Learn how it runs and what sensitive information it collects.

By Xiaopeng Zhang September 10, 2021

Threat Research

Microsoft MSHTML Remote Code Execution Vulnerability Exploited in the Wild (CVE-2021-40444)

FortiGuard Labs takes a look into Microsoft MSHTML remote code execution vulnerability. Learn how the attack works and the Fortinet product protections in place to address this vulnerability.

By Val Saengphaibul September 09, 2021

Industry Trends | Threat Research

FortiGuard Labs Threat Landscape Report Highlights Tenfold Increase in Ransomware

Fortinet's FortiGuard Labs 2021 mid-year Global Threat Landscape Report provides valuable takeaways about the cyberthreat landscape and ransomware. Read more.

By FortiGuard Labs August 23, 2021

Threat Research

The Affiliate’s Cookbook - A Firsthand Peek into the Operations and Tradecraft of Conti

FortiGuard Labs takes a detailed look into recently leaked documentation provided to criminal affiliates of Ransomware-as-a-Service outfit - Conti, including support provided by this group. Learn about the operations and tradecraft of Conti.

By Val Saengphaibul August 10, 2021