Threat Research

Threat Research

Offense and Defense – A Tale of Two Sides: (Windows) OS Credential Dumping

Learn about the 3rd installment of the “Offense and Defense – A Tale of Two Sides” blog series, where FortiGuard Labs focuses on different tactics and techniques malicious actors use to complete their cyber missions—and how organizations can detect and prevent them.

By Anthony GiandomenicoMay 21, 2020

Threat Research

The Use – and Abuse – of DotNet Files, and the Value of FortiResponder Automation in the Threat Analysis Process

Learn about the manual analysis of two DotNET use cases and how leveraging automated analysis technology can drastically reduce analysis time, and ultimately, response time.

By Sofi GrabelkovskyMay 18, 2020

Threat Research

FortiGuard Labs Discovers Multiple Critical Vulnerabilities in Adobe Illustrator CC 2020

Following best practices of Responsible Disclosure, FortiGuard Labs discovered and reported multiple critical vulnerabilities in Adobe Illustrator CC 2020. Adobe Inc. released several urgent out-of-band patches to fix these issues. Learn more.

By Kushal Arvind ShahMay 05, 2020

Threat Research

Scammers Using COVID-19/Coronavirus Lure to Target Medical Suppliers

Learn about a new malicious spearphishing campaign using the COVID-19/Coronavirus pandemic as a lure, recently discovered by FortiGuard Labs researchers.

By Val SaengphaibulMay 01, 2020

Threat Research

Stomping Shadow Copies - A Second Look Into Deletion Methods

FortiGuard Labs reviews existing methods used by various ransomware to delete shadow copies as well as some new methods that can potentially be used by some ransomware.

By Ben HunterApril 27, 2020

Threat Research

Deconstructing an Evasive Formbook Campaign Leveraging COVID-19 Themes

Learn more about an evasive Formbook campaign FortiGuard Labs discovered that leverages current global events to exploit companies that engage with biomedical firms.

Threat Research

NetWire RAT Targeting Taxpayers is Spreading via Legacy Microsoft Excel 4.0 Macro

A few days ago, FortiGuard Labs harvested a fresh Excel sample and found that it was spreading a new NetWire RAT variant. In this post, we will look at how this Excel 4.0 Macro executes in an Excel file, how the NetWire RAT is installed on the victim’s system, as well as what this NetWire RAT variant actually does once it is installed.

By Xiaopeng Zhang April 14, 2020

Threat Research

Preparing for the Surge in Attacks Targeting Remote Workers

The FortiGuard Labs team has been monitoring a significant spike in attacks targeting remote workers. Learn more about these cyber threats and how organizations can protect against them.

Threat Research

Latest Global COVID-19/Coronavirus Spearphishing Campaign Drops Infostealer

FortiGuard Labs recently discovered a new COVID-19/Coronavirus-themed spearphishing scam. Learn more.

By Val Saengphaibul April 02, 2020

Threat Research

New Agent Tesla Variant Spreading by Phishing

Read this threat analysis from FortiGuard Labs to learn more about a new version of Agent Tesla. It examines how this variant spreads in the victim’s system, what data it steals from the victim’s device, as well as how it submits that stolen data back to its command and control server.