Threat Research

Threat Research

The Swan Song for Driver Signature Enforcement Tampering

FortiGuard Labs examines the state of Driver Signature Enforcement (DSE) tampering attacks given the increase in attacks leveraging this tampering method. Read more about how defenders can protect against these types of attacks.

By Omri Misgav August 12, 2022

Threat Research

Life After Death—SmokeLoader Continues to Haunt Using Old Vulnerabilities

FortiGuard Labs examines SmokeLoader, a malware variant that exploits CVE-2017-0199 and CVE-2017-11882 in its deployment chain. Read our analysis blog to learn about the latest sample.

By James Slaughter August 08, 2022

Threat Research

Ransomware Roundup: Redeemer, Beamed, and More

The latest edition of the Ransomware Roundup from FortiGuard Labs covers the Redeemer, Beamed, and Araicrypt ransomware. Read to learn more about protections against these variants.

By Shunichi Imano and James Slaughter August 04, 2022

Threat Research

A Journey to Network Protocol Fuzzing – Dissecting Microsoft IMAP Client Protocol

Hardening network applications by performing a source code audit or fuzzing is a mission-critical task to minimize attack vectors from evolving threats. FortiGuard Labs provides some takeaways and learnings from the fuzzer development perspective. Read more.

By Wayne Chin Yick Low August 03, 2022

Threat Research

So RapperBot, What Ya Bruting For?

FortiGuard Labs is tracking a rapidly evolving IoT malware family known as RapperBot. Read to learn how this threat infects and persists on a victim’s device.

By Joie Salvio and Roy Tay August 03, 2022

Threat Research

Fileless Malware: What It Is and How It Works

Read about the what fileless malware is along with the stages of an attack, the common techniques used by cybercriminals, and tips for detecting these types of threats.

By Aamir Lakhani August 01, 2022

Threat Research

New Variant of QakBot Being Spread by HTML File Attached to Phishing Emails

FortiGuard Labs discovered a phishing campaign spreading a new variant of the information stealer and banking Trojan QakBot. Read our blog to learn how the QakBot variant operates.

By Xiaopeng Zhang July 19, 2022

Threat Research

Ransomware Roundup: LockBit, BlueSky, and More

The latest edition of the Ransomware Roundup from FortiGuard Labs covers the LockBit, BlueSky, Deno, RedAlert, Dark Web Hacker, Hive, and Again ransomware. Read to learn more about protections.

By FortiGuard Labs July 18, 2022

Threat Research

FortiGuard Labs Discovers Three Vulnerabilities in Siemens’ Teamcenter Solutions

FortiGuard Labs discovered and reported three zero-day vulnerabilities in Siemens JT2Go and Teamcenter Visualization. Siemens and Open Design Alliance released security patches that addressed these vulnerabilities. Learn more.

By Yonghui Han July 18, 2022

Threat Research

Fortinet Researcher Discover Vulnerabilities in Siemens Solutions: PADS Standard Layout Viewer and PADS Standard Plus Layout Viewer

FortiGuard Labs discovered and reported multiple zero-day vulnerabilities in the Siemens PADS Layout Viewer solutions, which Siemens published advisories for. Read to find out more.

By Kushal Arvind Shah July 15, 2022