Threat Research
Vaccine Passports for Sale on the Dark Web
FortiGuard Labs threat research uncovered email scammers and black market criminals offering fake vaccine passports. Read our threat blog to find out more about these fake lures.
More ProxyShell? Web Shells Lead to ZeroLogon and Application Impersonation Attacks
FortiGuard Labs recently discovered a threat actor leveraging ProxyShell exploits using unreported techniques. Learn about the malicious DLLs in memory by recreating incidents in a lab environment.
New Dridex Variant Being Spread By Crafted Excel Document
FortiGuardLabs discovered new phishing email campaigns, which use an Excel attachment to attempt to trigger the download of a new variant of Dridex malware. Learn how it runs and what sensitive information it collects.
Microsoft MSHTML Remote Code Execution Vulnerability Exploited in the Wild (CVE-2021-40444)
FortiGuard Labs takes a look into Microsoft MSHTML remote code execution vulnerability. Learn how the attack works and the Fortinet product protections in place to address this vulnerability.
Industry Trends | Threat Research
FortiGuard Labs Threat Landscape Report Highlights Tenfold Increase in Ransomware
Fortinet's FortiGuard Labs 2021 mid-year Global Threat Landscape Report provides valuable takeaways about the cyberthreat landscape and ransomware. Read more.
The Affiliate’s Cookbook - A Firsthand Peek into the Operations and Tradecraft of Conti
FortiGuard Labs takes a detailed look into recently leaked documentation provided to criminal affiliates of Ransomware-as-a-Service outfit - Conti, including support provided by this group. Learn about the operations and tradecraft of Conti.
Wiper Malware Riding the 2021 Tokyo Olympic Games
FortiGuard Labs has observed a new wiper malware targeting the 2021 Tokyo Olympic games. Read our blog for initial updates on this threat.
Signed, Sealed, and Delivered – Signed XLL File Delivers Buer Loader
The FortiGuard Labs team discovered a malicious spam campaign using a social engineering lure to trick targets into opening a malicious Excel document which then contacts a remote server that downloads a malicious payload. Learn more in our analysis of the attack and infrastructure used.
Fresh Malware Hunts for Crypto Wallet and Credentials
The FortiGuard Labs team recently discovered a new phishing campaign with a fresh malware delivered by a Word document which is designed to steal crypto wallet information and credentials from victims’ infected devices. Learn more in our analysis.
DLL Side-Loading Technique Used in the Recent Kaseya Ransomware Attack
FortiGuard Labs examines the ransomware used in the recent Kaseya attack and seeing what happens when a machine is infected by this ransomware by looking at some of the visible Indicators of Compromise. Learn more.
