Threat Research
Chaos Ransomware Variant Sides with Russia
FortiGuard Labs recently came across a variant of Chaos ransomware that appears to side with Russia. Read to find out more about the destructive outcome the variant beings to a compromised machine.
Phishing Campaign Delivering Three Fileless Malware: AveMariaRAT / BitRAT / PandoraHVNC – Part I
FortiGuard Labs discovered a phishing campaign delivering fileless malware to steal sensitive information from a victim’s device. Read our analysis to find out more about how the campaign executes and maintains persistence on the victim’s device.
Please Confirm You Received Our APT
FortiGuard Labs researchers recently examined a spearphishing attack targeting a Jordanian diplomat. This blog analyzes the attack chain associated with this email and the traits that set it apart from average malware. Read more.
Unpacking Python Executables on Windows and Linux
FortiGuard Labs provides a deep dive on unpacking Python executables on Windows and Linux. Read to learn more about packing, unpacking, and decompiling on these operating systems.
Warning: GRIM and Magnus Android Botnets are Underground
Since the beginning of 2022, there are more Android botnet newcomers. FortiGuard Labs has seen two new banking botnets: GRIM and Magnus. Read our blog to find out more.
Using EPSS to Predict Threats and Secure Your Network
In our latest blog, FortiGuard Labs reviews valuable tools to help understand what threats organizations might face next including the Common Vulnerability Scoring System (CVSS) and the Exploit Prediction Scoring System (EPSS). We also recap some of the unique benefits of each for better vulnerability prioritization.
An Overview of the Increasing Wiper Malware Threat
With wiper malware becoming popular in cyberattacks, FortiGuard Labs provides a deep dive on the threat technique to help organizations understand it and implement better protections. Read our blog about wiper malware including tactics, techniques, and procedures (TTPs).
Using Emulation Against Anti-Reverse Engineering Techniques
In this blog post, the FortiGuard Labs team reviews how to use emulation against anti-reverse engineering techniques using the Pandora ransomware as an example. Learn more.
Trends in the Recent Emotet Maldoc Outbreak
FortiGuard Labs observed a recent Emotet outbreak being spread through a variety of malicious Microsoft Office files, or maldocs, attached to phishing emails. Read our blog to learn how the malware spreads, what the malicious documents look like, and more.
Android/Bianlian Botnet Trying to Bypass Photo TAN Used for Mobile Banking
FortiGuard Labs has been closely investigating the Android BianLian botnet (also known as Hydra). Although it emerged in 2018, it is still alive in 2022. Our blog provides a brief analysis as well as its new tricks.
