Threat Research

Threat Research

COVID Omicron Variant Lure Used to Distribute RedLine Stealer

Threat actors continue to maximize pandemic related social engineering lures. Read about a COVID Omicron variant related lure FortiGuard Labs discovered used to distribute RedLine Stealer malware.

By Shunichi Imano and Fred Gutierrez January 10, 2022

Threat Research

From User to Domain Admin in (less than) 60 seconds: CVE-2021-42278/CVE-2021-42287

FortiGuard Labs analyzes vulnerabilities in Microsoft Active-Directory (CVE-2021-42278 and CVE-2021-42287). Analysis shows that by combining them, it is possible for a regular user to easily impersonate a domain admin. Learn more about the exploitation of these vulnerabilities.

By Udi Yavo January 05, 2022

Threat Research

Critical Apache Log4j Vulnerability Updates

FortiGuard Labs provides important updates about the Apache Log4j vulnerabilities, including details, campaigns associated with Log4j, and an alleged “wormable” Mirai malware variant. Read to learn more.

Threat Research

Phishing Campaign Targeting Korean to Deliver Agent Tesla New Variant

FortiGuard Labs recently caught a phishing campaign that delivers a malicious PowerPoint file spreading a new variant of Agent Tesla. Read to learn more about the malicious macro, payload, and how the malware maintains persistence as well as how it exfiltrates stolen data and credentials.

By Xiaopeng Zhang December 10, 2021

Threat Research

MANGA aka Dark Mirai-based Campaign Targets New TP-Link Router RCE Vulnerability

FortiGuard Labs encountered a malware sample that’s currently being distributed in the wild targeting TP-link wireless routers. Learn more on MANGA aka Dark Mirai-based Campaign.

By Joie Salvio December 08, 2021

Threat Research

Mirai-based Botnet - Moobot Targets Hikvision Vulnerability

FortiGuard Labs analyzes how an attacker can leverage CVE-2021-36260 to create targets for Moobot which is a DDoS botnet based on Mirai. In this blog we explain how an attacker delivers this payload along with details of the botnet.

By Cara Lin December 06, 2021

Threat Research

Predictions for 2022: Tomorrow’s Threats Will Target the Expanding Attack Surface

FortiGuard Labs predicts cyberattacks aimed at everything from crypto wallets to satellite internet in 2022 and beyond. Read more in our threat landscape predictions report.

By Derek Manky November 16, 2021

Threat Research

To Joke or Not to Joke: COVID-22 Brings Disaster to MBR

FortiGuard Labs discovered a destructive malware that looks to be a joke program posing as a mysterious COVID-related installer. This new destructive malware variant is designed to simply render affected systems inoperable. Learn more about how it brings disaster to MBR.

By Shunichi Imano and Fred Gutierrez November 11, 2021

Threat Research

Deep Dive into a Fresh Variant of Snake Keylogger Malware

FortiGuard Labs recently discovered a fresh variant of the Snake Keylogger malware. Learn how it is downloaded and executed through a captured Excel sample, what techniques this variant uses to protect it from being analyzed, and what sensitive information it steals from a victim’s machine.

By Xiaopeng Zhang November 04, 2021

Threat Research

Black Friday and the Proliferation of Fake Ecommerce Sites

FortiGuard Labs has observed more scams involving counterfeit websites that appear to be legitimate ecommerce sites posing a risk to online shoppers. Read our analysis to find out more about what to avoid while shopping online.

By Val Saengphaibul October 29, 2021