Threat Research
Fortinet’s FortiGuard Labs Discovers Multiple dotCMS Vulnerabilities
FortiGuard Labs discovered and reported vulnerabilities in dotCMS versions 22.05 and below. The vendor released security patches that fixed these vulnerabilities. Read for more details.
Meeting the “Ministrer”
FortiGuard Labs discovered an unassuming phishing email that attempts to deploy malware. The actions used to execute this strategy are consistent with Konni, a RAT that has been tied to the group APT 37. Read to learn more about this social engineering lure.
Excel Document Delivers Multiple Malware By Exploiting CVE-2017-11882 – Part I
FortiGuard Labs discovered an Excel document with an embedded file name that is randomized, which exploits CVE-2017-11882 to deliver and execute malware on a victim’s device. Read our blog to learn what malware families it can download and what malicious actions it can conduct.
Ransomware Roundup: Ragnar Locker Ransomware
The latest edition of the Ransomware Roundup from FortiGuard Labs covers the Ragnar Locker ransomware. Read to learn more about protections.
FortiGuard Labs Researcher Discovers 12 Zero-Day Vulnerabilities in Adobe InDesign
FortiGuard Labs has discovered and reported several zero-day vulnerabilities in Adobe InDesign to Adobe. On September 13, 2022, Adobe released security patches that fixed these vulnerabilities. Read for more details.
More Path Filter Bypass Vulnerabilities on Java Open Source Projects
After performing a code audit on some popular Java open source projects, ApacheShiro and dotCMS, FortiGuard Labs found some interesting bypass vulnerabilities. Read our blog to learn more.
Ransomware Roundup: Snatch, BianLian and Agenda
The latest edition of the Ransomware Roundup from FortiGuard Labs covers the Snatch, BianLian and Agenda ransomware. Read to learn more about protections against these variants.
A Tale of PivNoxy and Chinoxy Puppeteer
FortiGuard Labs discovered an email with a suspicious RTF attachment sent to a telecommunications agency that delivered a PivNoxy malware. Read our blog to learn how the attack works and the techniques used by the attacker.
Ransomware Roundup: Gwisin, Kriptor, Cuba, and More
The latest edition of the Ransomware Roundup from FortiGuard Labs covers the Gwisin, Kriptor, and Cuba ransomware. Read to learn more about protections against these variants.
Key Findings from the 1H 2022 FortiGuard Labs Threat Report
Fortinet released the latest semiannual FortiGuard Labs Global Threat Landscape Report. For a detailed view of the report as well as some important takeaways read our blog.
