Threat Research

Threat Research

Chaos Ransomware Variant Sides with Russia

FortiGuard Labs recently came across a variant of Chaos ransomware that appears to side with Russia. Read to find out more about the destructive outcome the variant beings to a compromised machine.

By Gergely Revay and Shunichi Imano May 17, 2022

Threat Research

Phishing Campaign Delivering Three Fileless Malware: AveMariaRAT / BitRAT / PandoraHVNC – Part I

FortiGuard Labs discovered a phishing campaign delivering fileless malware to steal sensitive information from a victim’s device. Read our analysis to find out more about how the campaign executes and maintains persistence on the victim’s device.

By Xiaopeng Zhang May 12, 2022

Threat Research

Please Confirm You Received Our APT

FortiGuard Labs researchers recently examined a spearphishing attack targeting a Jordanian diplomat. This blog analyzes the attack chain associated with this email and the traits that set it apart from average malware. Read more.

By Fred Gutierrez May 11, 2022

Threat Research

Unpacking Python Executables on Windows and Linux

FortiGuard Labs provides a deep dive on unpacking Python executables on Windows and Linux. Read to learn more about packing, unpacking, and decompiling on these operating systems.

By Gergely Revay May 03, 2022

Threat Research

Warning: GRIM and Magnus Android Botnets are Underground

Since the beginning of 2022, there are more Android botnet newcomers. FortiGuard Labs has seen two new banking botnets: GRIM and Magnus. Read our blog to find out more.

By Axelle Apvrille April 29, 2022

Threat Research

Using EPSS to Predict Threats and Secure Your Network

In our latest blog, FortiGuard Labs reviews valuable tools to help understand what threats organizations might face next including the Common Vulnerability Scoring System (CVSS) and the Exploit Prediction Scoring System (EPSS). We also recap some of the unique benefits of each for better vulnerability prioritization.

By Paolo Di Prodi April 29, 2022

Threat Research

An Overview of the Increasing Wiper Malware Threat

With wiper malware becoming popular in cyberattacks, FortiGuard Labs provides a deep dive on the threat technique to help organizations understand it and implement better protections. Read our blog about wiper malware including tactics, techniques, and procedures (TTPs).

By Gergely Revay April 28, 2022

Threat Research

Using Emulation Against Anti-Reverse Engineering Techniques

In this blog post, the FortiGuard Labs team reviews how to use emulation against anti-reverse engineering techniques using the Pandora ransomware as an example. Learn more.

By Gergely Revay April 19, 2022

Threat Research

Trends in the Recent Emotet Maldoc Outbreak

FortiGuard Labs observed a recent Emotet outbreak being spread through a variety of malicious Microsoft Office files, or maldocs, attached to phishing emails. Read our blog to learn how the malware spreads, what the malicious documents look like, and more.

By Erin Lin April 18, 2022

Threat Research

Android/Bianlian Botnet Trying to Bypass Photo TAN Used for Mobile Banking

FortiGuard Labs has been closely investigating the Android BianLian botnet (also known as Hydra). Although it emerged in 2018, it is still alive in 2022. Our blog provides a brief analysis as well as its new tricks.

By Axelle Apvrille April 13, 2022