Threat Research
Tutorial of ARM Stack Overflow Exploit against SETUID Root Program
FortiGuard labs presents another technique on how to exploit a classic buffer overflow vulnerability against a SETUID root program when ASLR is enabled. Learn more on how to use data from a local file, instead of stdin, to cause a stack overflow.
Offense and Defense – A Tale of Two Sides: Group Policy and Logon Scripts
Learn about the 4th installment in this blog series, focusing on different tactics and techniques malicious actors use to complete their cyber missions—and how organizations can detect and ultimately prevent them.
Tutorial of ARM Stack Overflow Exploit – Defeating ASLR with ret2plt
Understanding ARM platform exploits is crucial for developing protections against the attacks targeting ARM-powered devices. In this blog, FortiGuard Labs will present a tutorial of an ARM stack overflow exploit.
Analysis of .NET Thanos Ransomware Supporting Safeboot with Networking Mode
FortiGuard Labs recently captured a new Thanos ransomware variant advertised on the underground market as a Ransomware-as-a-Service (RaaS) tool. Read our analysis of how it continues to evolve.
How Threat Researchers Leverage the Darknet to Stay Ahead of Cyber Threats
FortiGuard Labs uses threat hunting techniques on the Darknet to track cyberattack methods to enhance threat intelligence. Learn more from the FortiGuard Labs team on how they are tracking threat actors to stay ahead.
Deep Analysis of a QBot Campaign - Part II
In part two of the analysis of a recently discovered QBot campaign, discover how the core module collects data from a victim’s device, how it extracts submodules, how it injects its injection-module into other processes, and other malicious behaviors.
Into the Rabbit Hole – Offensive DNS Tunneling Rootkits
Learn how DNS tunneling works, how to configure well-known DNS tunneling attack rootkits to test the security and detection capabilities in your environment, and get industry best practices for mitigating this attack.
EKANS Ransomware Targeting OT ICS Systems
FortiGuard Labs analyzes the latest EKANS ransomware. Learn more about it as well as general TTP trends and related protections.
Taking a Big Picture Look at the Cyber Threat Landscape
Read insights from two of our FortiGuard Labs researchers about the evolution of cyberattacks and how organizations can get out ahead of threats as their digital attack surface expands.
Multiple Critical Vulnerabilities in Adobe Illustrator and After Effects Products
Following best practices of responsible disclosure, FortiGuard Labs discovered and reported vulnerabilities in Adobe Illustrator and After Effects, which Adobe addressed with out-of-band security updates. Learn more.
