Threat Research

Threat Research

Deep Analysis of a QBot Campaign - Part II

In part two of the analysis of a recently discovered QBot campaign, discover how the core module collects data from a victim’s device, how it extracts submodules, how it injects its injection-module into other processes, and other malicious behaviors.

By Xiaopeng Zhang July 08, 2020

Threat Research

Into the Rabbit Hole – Offensive DNS Tunneling Rootkits

Learn how DNS tunneling works, how to configure well-known DNS tunneling attack rootkits to test the security and detection capabilities in your environment, and get industry best practices for mitigating this attack.

By Aamir LakhaniJuly 01, 2020

Threat Research

EKANS Ransomware Targeting OT ICS Systems

FortiGuard Labs analyzes the latest EKANS ransomware. Learn more about it as well as general TTP trends and related protections.

Threat Research

Taking a Big Picture Look at the Cyber Threat Landscape

Read insights from two of our FortiGuard Labs researchers about the evolution of cyberattacks and how organizations can get out ahead of threats as their digital attack surface expands.

Threat Research

Multiple Critical Vulnerabilities in Adobe Illustrator and After Effects Products

Following best practices of responsible disclosure, FortiGuard Labs discovered and reported vulnerabilities in Adobe Illustrator and After Effects, which Adobe addressed with out-of-band security updates. Learn more.

By Peixue LiJune 17, 2020

Threat Research

Global Malicious Spam Campaign Using Black Lives Matter as a Lure

Explore how a global malicious spam campaign is targeting users who may be sympathetic to the Black Lives Matter movement.

Threat Research

FortiGuard Labs Discovers Privilege Escalation Vulnerability in Windows 10 Platform

Read more about the details of a privilege escalation vulnerability (CVE-2020-1296) in the Windows 10 platform discovered by FortiGuard Labs, which was recently patched by Microsoft.

By Kushal Arvind ShahJune 11, 2020

Threat Research

Deep Analysis of a QBot Campaign – Part I

FortiGuard Labs recently captured an MS Office Word document in the wild that was spreading a variant of QBot. Learn more about this.

By Xiaopeng Zhang June 11, 2020

Threat Research

Offense and Defense – A Tale of Two Sides: (Windows) OS Credential Dumping

Learn about the 3rd installment in this blog series, focusing on different tactics and techniques malicious actors use to complete their cyber missions and how organizations can prevent them.

By Anthony GiandomenicoMay 21, 2020

Threat Research

The Use – and Abuse – of DotNet Files, and the Value of FortiResponder Automation in the Threat Analysis Process

Learn about the manual analysis of two DotNET use cases and how leveraging automated analysis technology can drastically reduce analysis time, and ultimately, response time.

By Sofi GrabelkovskyMay 18, 2020