Threat Research
Offense and Defense – A Tale of Two Sides: (Windows) OS Credential Dumping
Learn about the 3rd installment of the “Offense and Defense – A Tale of Two Sides” blog series, where FortiGuard Labs focuses on different tactics and techniques malicious actors use to complete their cyber missions—and how organizations can detect and prevent them.
The Use – and Abuse – of DotNet Files, and the Value of FortiResponder Automation in the Threat Analysis Process
Learn about the manual analysis of two DotNET use cases and how leveraging automated analysis technology can drastically reduce analysis time, and ultimately, response time.
FortiGuard Labs Discovers Multiple Critical Vulnerabilities in Adobe Illustrator CC 2020
Following best practices of Responsible Disclosure, FortiGuard Labs discovered and reported multiple critical vulnerabilities in Adobe Illustrator CC 2020. Adobe Inc. released several urgent out-of-band patches to fix these issues. Learn more.
Scammers Using COVID-19/Coronavirus Lure to Target Medical Suppliers
Learn about a new malicious spearphishing campaign using the COVID-19/Coronavirus pandemic as a lure, recently discovered by FortiGuard Labs researchers.
Stomping Shadow Copies - A Second Look Into Deletion Methods
FortiGuard Labs reviews existing methods used by various ransomware to delete shadow copies as well as some new methods that can potentially be used by some ransomware.
Deconstructing an Evasive Formbook Campaign Leveraging COVID-19 Themes
Learn more about an evasive Formbook campaign FortiGuard Labs discovered that leverages current global events to exploit companies that engage with biomedical firms.
NetWire RAT Targeting Taxpayers is Spreading via Legacy Microsoft Excel 4.0 Macro
A few days ago, FortiGuard Labs harvested a fresh Excel sample and found that it was spreading a new NetWire RAT variant. In this post, we will look at how this Excel 4.0 Macro executes in an Excel file, how the NetWire RAT is installed on the victim’s system, as well as what this NetWire RAT variant actually does once it is installed.
Preparing for the Surge in Attacks Targeting Remote Workers
The FortiGuard Labs team has been monitoring a significant spike in attacks targeting remote workers. Learn more about these cyber threats and how organizations can protect against them.
Latest Global COVID-19/Coronavirus Spearphishing Campaign Drops Infostealer
FortiGuard Labs recently discovered a new COVID-19/Coronavirus-themed spearphishing scam. Learn more.
New Agent Tesla Variant Spreading by Phishing
Read this threat analysis from FortiGuard Labs to learn more about a new version of Agent Tesla. It examines how this variant spreads in the victim’s system, what data it steals from the victim’s device, as well as how it submits that stolen data back to its command and control server.
