In conjunction with the Cyber Threat Alliance, Symantec today released their blog post on an APT (advanced persistent threat) group codenamed "Thrip.” As part of our membership with the Cyber Threat Alliance (CTA), we have received these indicators ahead of publication to ensure that FortiGuard customers are protected from this latest disclosure.
At the end of January 2018, the FortiGuard Labs team discovered a remote kernel crash vulnerability in Microsoft Windows and reported it to Microsoft by following Fortinet’s responsible disclosure process. On June 12, Microsoft released an advisory that contains the fix for this vulnerability and identifies it as CVE-2018-1040.
In this article, we will discuss the changes made to PyRoMine, as well as how the ETERNALROMANCE exploit was used to distribute yet another Monero miner we have dubbed PyRoMineIoT.
With the help of FortiGuard’s in-house Threat Intelligence Platform (Kadena), FortiGuard Labs discovered a series of attacks targeted at service centers in Russia. These service centers provide maintenance and support for a variety of electronic goods.
As a member of the Cyber Threat Alliance (CTA), FortiGuard Labs received critical information and additional findings showing the VPNFilter campaign is targeting significantly more devices than initially thought, and contains additional capabilities, including the ability to deliver exploits to endpoints.
A new vulnerability affects Joomla! CMS versions 3.0.0 through 3.8.7. In this blog, I’ll share my analysis of this vulnerability.
In September 2016, the Mirai source code was leaked on Hack Forums. Ever since, there has been an explosion of malware targeting IoT devices, each bearing the name of a protagonist found in Japanese anime. FortiGuard Labs has been tracking these IoT botnets in order to provide the best possible protection for our customers.