Threat Research
COVID Omicron Variant Lure Used to Distribute RedLine Stealer
Threat actors continue to maximize pandemic related social engineering lures. Read about a COVID Omicron variant related lure FortiGuard Labs discovered used to distribute RedLine Stealer malware.
From User to Domain Admin in (less than) 60 seconds: CVE-2021-42278/CVE-2021-42287
FortiGuard Labs analyzes vulnerabilities in Microsoft Active-Directory (CVE-2021-42278 and CVE-2021-42287). Analysis shows that by combining them, it is possible for a regular user to easily impersonate a domain admin. Learn more about the exploitation of these vulnerabilities.
Critical Apache Log4j Vulnerability Updates
FortiGuard Labs provides important updates about the Apache Log4j vulnerabilities, including details, campaigns associated with Log4j, and an alleged “wormable” Mirai malware variant. Read to learn more.
Phishing Campaign Targeting Korean to Deliver Agent Tesla New Variant
FortiGuard Labs recently caught a phishing campaign that delivers a malicious PowerPoint file spreading a new variant of Agent Tesla. Read to learn more about the malicious macro, payload, and how the malware maintains persistence as well as how it exfiltrates stolen data and credentials.
MANGA aka Dark Mirai-based Campaign Targets New TP-Link Router RCE Vulnerability
FortiGuard Labs encountered a malware sample that’s currently being distributed in the wild targeting TP-link wireless routers. Learn more on MANGA aka Dark Mirai-based Campaign.
Mirai-based Botnet - Moobot Targets Hikvision Vulnerability
FortiGuard Labs analyzes how an attacker can leverage CVE-2021-36260 to create targets for Moobot which is a DDoS botnet based on Mirai. In this blog we explain how an attacker delivers this payload along with details of the botnet.
Predictions for 2022: Tomorrow’s Threats Will Target the Expanding Attack Surface
FortiGuard Labs predicts cyberattacks aimed at everything from crypto wallets to satellite internet in 2022 and beyond. Read more in our threat landscape predictions report.
To Joke or Not to Joke: COVID-22 Brings Disaster to MBR
FortiGuard Labs discovered a destructive malware that looks to be a joke program posing as a mysterious COVID-related installer. This new destructive malware variant is designed to simply render affected systems inoperable. Learn more about how it brings disaster to MBR.
Deep Dive into a Fresh Variant of Snake Keylogger Malware
FortiGuard Labs recently discovered a fresh variant of the Snake Keylogger malware. Learn how it is downloaded and executed through a captured Excel sample, what techniques this variant uses to protect it from being analyzed, and what sensitive information it steals from a victim’s machine.
Black Friday and the Proliferation of Fake Ecommerce Sites
FortiGuard Labs has observed more scams involving counterfeit websites that appear to be legitimate ecommerce sites posing a risk to online shoppers. Read our analysis to find out more about what to avoid while shopping online.
