Threat Research
FortiGuard Labs Discovers Multiple Critical Vulnerabilities in Adobe InDesign
FortiGuard Labs discovered and reported five critical vulnerabilities in Adobe InDesign. Learn about the details for these vulnerabilities and how to apply the related Adobe patches.
Joint Technical Alert - “FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks”
CISA released a Joint Technical Alert attributing malicious cyber activity to the North Korean government. FortiGuard Labs provides a brief breakdown of the Joint Technical Alert and Malware Analysis Reports (MAR).
Hundreds of URLs Inside Microsoft Excel Spreads New Dridex Trojan Variant
FortiGuard Labs captured a phishing campaign where a malicious Microsoft Excel document delivered as an email attachment spreads a new variant of Dridex. Learn more.
Cyber Adversaries Are Exploiting the Global Pandemic at Enormous Scale
The first half of 2020 witnessed an unprecedented cyber threat landscape. Read key threat trends from the latest FortiGuard Labs Global Threat Landscape Report to learn more.
Latest COVID-19 Variants from the Ridiculous to the Malicious
To keep devices free from malware, and critical information out of the hands of criminals, we must still use effective cyber health practices. Learn how FortiGuard Labs walks through examples of attacks seen related to COVID-19.
Tutorial of ARM Stack Overflow Exploit against SETUID Root Program
FortiGuard labs presents another technique on how to exploit a classic buffer overflow vulnerability against a SETUID root program when ASLR is enabled. Learn more on how to use data from a local file, instead of stdin, to cause a stack overflow.
Offense and Defense – A Tale of Two Sides: Group Policy and Logon Scripts
Learn about the 4th installment in this blog series, focusing on different tactics and techniques malicious actors use to complete their cyber missions—and how organizations can detect and ultimately prevent them.
Tutorial of ARM Stack Overflow Exploit – Defeating ASLR with ret2plt
Understanding ARM platform exploits is crucial for developing protections against the attacks targeting ARM-powered devices. In this blog, FortiGuard Labs will present a tutorial of an ARM stack overflow exploit.
Analysis of .NET Thanos Ransomware Supporting Safeboot with Networking Mode
FortiGuard Labs recently captured a new Thanos ransomware variant advertised on the underground market as a Ransomware-as-a-Service (RaaS) tool. Read our analysis of how it continues to evolve.
How Threat Researchers Leverage the Darknet to Stay Ahead of Cyber Threats
FortiGuard Labs uses threat hunting techniques on the Darknet to track cyberattack methods to enhance threat intelligence. Learn more from the FortiGuard Labs team on how they are tracking threat actors to stay ahead.
