Threat Research

Threat Research

Vaccine Passports for Sale on the Dark Web

FortiGuard Labs threat research uncovered email scammers and black market criminals offering fake vaccine passports. Read our threat blog to find out more about these fake lures.

By Fred Gutierrez September 20, 2021

Threat Research

More ProxyShell? Web Shells Lead to ZeroLogon and Application Impersonation Attacks

FortiGuard Labs recently discovered a threat actor leveraging ProxyShell exploits using unreported techniques. Learn about the malicious DLLs in memory by recreating incidents in a lab environment.

By John Simmons September 14, 2021

Threat Research

New Dridex Variant Being Spread By Crafted Excel Document

FortiGuardLabs discovered new phishing email campaigns, which use an Excel attachment to attempt to trigger the download of a new variant of Dridex malware. Learn how it runs and what sensitive information it collects.

By Xiaopeng Zhang September 10, 2021

Threat Research

Microsoft MSHTML Remote Code Execution Vulnerability Exploited in the Wild (CVE-2021-40444)

FortiGuard Labs takes a look into Microsoft MSHTML remote code execution vulnerability. Learn how the attack works and the Fortinet product protections in place to address this vulnerability.

By Val Saengphaibul September 09, 2021

Industry Trends | Threat Research

FortiGuard Labs Threat Landscape Report Highlights Tenfold Increase in Ransomware

Fortinet's FortiGuard Labs 2021 mid-year Global Threat Landscape Report provides valuable takeaways about the cyberthreat landscape and ransomware. Read more.

By FortiGuard Labs August 23, 2021

Threat Research

The Affiliate’s Cookbook - A Firsthand Peek into the Operations and Tradecraft of Conti

FortiGuard Labs takes a detailed look into recently leaked documentation provided to criminal affiliates of Ransomware-as-a-Service outfit - Conti, including support provided by this group. Learn about the operations and tradecraft of Conti.

By Val Saengphaibul August 10, 2021

Threat Research

Wiper Malware Riding the 2021 Tokyo Olympic Games

FortiGuard Labs has observed a new wiper malware targeting the 2021 Tokyo Olympic games. Read our blog for initial updates on this threat.

By Shunichi Imano and Fred Gutierrez July 26, 2021

Threat Research

Signed, Sealed, and Delivered – Signed XLL File Delivers Buer Loader

The FortiGuard Labs team discovered a malicious spam campaign using a social engineering lure to trick targets into opening a malicious Excel document which then contacts a remote server that downloads a malicious payload. Learn more in our analysis of the attack and infrastructure used.

By Val Saengphaibul and Fred Gutierrez July 19, 2021

Threat Research

Fresh Malware Hunts for Crypto Wallet and Credentials

The FortiGuard Labs team recently discovered a new phishing campaign with a fresh malware delivered by a Word document which is designed to steal crypto wallet information and credentials from victims’ infected devices. Learn more in our analysis.

By Xiaopeng Zhang July 19, 2021

Threat Research

DLL Side-Loading Technique Used in the Recent Kaseya Ransomware Attack

FortiGuard Labs examines the ransomware used in the recent Kaseya attack and seeing what happens when a machine is infected by this ransomware by looking at some of the visible Indicators of Compromise. Learn more.

By Raul Alvarez July 13, 2021