Threat Research

Threat Research

FortiGuard Labs Discovers Multiple Critical Vulnerabilities in Adobe InDesign

FortiGuard Labs discovered and reported five critical vulnerabilities in Adobe InDesign. Learn about the details for these vulnerabilities and how to apply the related Adobe patches.

By Kexu Wang September 09, 2020

Threat Research

Joint Technical Alert - “FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks”

CISA released a Joint Technical Alert attributing malicious cyber activity to the North Korean government. FortiGuard Labs provides a brief breakdown of the Joint Technical Alert and Malware Analysis Reports (MAR).

By Val Saengphaibul August 27, 2020

Threat Research

Hundreds of URLs Inside Microsoft Excel Spreads New Dridex Trojan Variant

FortiGuard Labs captured a phishing campaign where a malicious Microsoft Excel document delivered as an email attachment spreads a new variant of Dridex. Learn more.

By Xiaopeng Zhang August 19, 2020

Threat Research

Cyber Adversaries Are Exploiting the Global Pandemic at Enormous Scale

The first half of 2020 witnessed an unprecedented cyber threat landscape. Read key threat trends from the latest FortiGuard Labs Global Threat Landscape Report to learn more.

By Derek Manky August 12, 2020

Threat Research

Latest COVID-19 Variants from the Ridiculous to the Malicious

To keep devices free from malware, and critical information out of the hands of criminals, we must still use effective cyber health practices. Learn how FortiGuard Labs walks through examples of attacks seen related to COVID-19.

By Val Saengphaibul August 10, 2020

Threat Research

Tutorial of ARM Stack Overflow Exploit against SETUID Root Program

FortiGuard labs presents another technique on how to exploit a classic buffer overflow vulnerability against a SETUID root program when ASLR is enabled. Learn more on how to use data from a local file, instead of stdin, to cause a stack overflow.

By Kai Lu July 31, 2020

Threat Research

Offense and Defense – A Tale of Two Sides: Group Policy and Logon Scripts

Learn about the 4th installment in this blog series, focusing on different tactics and techniques malicious actors use to complete their cyber missions—and how organizations can detect and ultimately prevent them.

By Anthony Giandomenico July 31, 2020

Threat Research

Tutorial of ARM Stack Overflow Exploit – Defeating ASLR with ret2plt

Understanding ARM platform exploits is crucial for developing protections against the attacks targeting ARM-powered devices. In this blog, FortiGuard Labs will present a tutorial of an ARM stack overflow exploit.

By Kai Lu July 17, 2020

Threat Research

Analysis of .NET Thanos Ransomware Supporting Safeboot with Networking Mode

FortiGuard Labs recently captured a new Thanos ransomware variant advertised on the underground market as a Ransomware-as-a-Service (RaaS) tool. Read our analysis of how it continues to evolve.

By Kai Lu July 16, 2020

Threat Research

How Threat Researchers Leverage the Darknet to Stay Ahead of Cyber Threats

FortiGuard Labs uses threat hunting techniques on the Darknet to track cyberattack methods to enhance threat intelligence. Learn more from the FortiGuard Labs team on how they are tracking threat actors to stay ahead.

By Aamir Lakhani July 16, 2020