Threat Research

Threat Research

FortiGuard Labs Discovers Multiple Use-After-Free Vulnerabilities in Microsoft Word

During the last few months, FortiGuard Labs discovered and reported multiple use-after-free (UAF) vulnerabilities found in different versions of Microsoft Word. These vulnerabilities were patched in the January and March security updates, respectively. These patches are rated as critical/important, and as always, we urge users update Microsoft Office as soon as possible.

By Wayne Chin Yick LowMarch 22, 2018

Threat Research

Dreambot 2017 vs. ISFB 2013

We recently received a malware sample recently that had been packed and compiled on Tue Feb 06 2018. After unpacking it, we found that it contained a version of the Dreambot/Ursnif trojan, which had a compilation date of Tue Oct 10 2017, suggesting that existing versions of Dreambot are now being packaged with brand-new droppers.

By Jerome CruzMarch 16, 2018

Threat Research

Troopers - Day 2

This is the first conference where I have heard so much about hacking robots! Between yesterday and today, we've had: • Robotnikoff at Troopers: robots, security, and privacy - Brittany Postnikoff • Hacking Robots Before Skynet - Lucas Apa • Breaking the Laws of Robotics: Attacking Industrial Robots - Davide Quarta

By Axelle ApvrilleMarch 16, 2018

Threat Research

RootedCon Wrap Up

RootedCon is a security conference held from the 1st to the 3rd of March in Madrid, Spain. This year’s conference was the ninth iteration, and one could see the results of those years of experience in the flawless organization at the event.

By Dario DurandoMarch 16, 2018

Threat Research

GandCrab: Honor among Thieves?

GandCrab is the first ransomware to hit the spotlight this year. Known as the first ransom malware to use DASH cryptocurrency as a payment, it has hit more than 50,000 victims according to a report from Europol.

Threat Research

Troopers - Day 1

I am currently at Troopers, a well-known German hacking conference in Heidelberg. I had heard many positive reports on about this conference, especially their awesome hardware badge, and am glad I finally got to speak there. My talk was on hacking a smart toothbrush, and why it's important to secure any connected device, even those - like toothbrushes - that seem harmless. If you missed my talk, my slides will soon be online:, check the Fortiguard Research Centre. Now, let's focus on some of today's talks.

By Axelle ApvrilleMarch 14, 2018

Threat Research

Circle of the Fraud: New Waves Of Attacks

FortiGuard continues to investigate a series of attacks targeted at Bitcoin users. In our previous article, we discovered a numbers of fake websites registered by the perpetrators of these attacks in late 2017. We assumed at the time that these websites would soon be used for another series of attacks. And now, we have found proof of such attacks. During our new investigation we also discovered a number of tools used by the criminals for malicious documents crafting.

By Artem SemenchenkoFebruary 28, 2018

Threat Research

Steganography: Combatting Threats Hiding in Plain Sight

Wikipedia defines steganography as “the practice of concealing a file, message, image, or video within another file, message, image, or video.” At this point, security professionals will immediately recognize the potential for steganography to act as vehicle for surreptitiously delivering malicious code into systems targeted for cybersecurity exploit, and subsequently exfiltrating purloined data from compromised devices. Given the ingenuity of the adversary community, it will be no surprise that the frequency of steganographically-based attacks has increased over the last couple of years.

By Jeannette JarvisFebruary 21, 2018

Threat Research

OMG: Mirai-based Bot Turns IoT Devices into Proxy Servers

In preparation for our talk entitled “IoT: Battle of Bots” at the RootedCon Security conference that will be held in Madrid, Spain this March 2018, the FortiGuard Labs team encountered yet another new Mirai variant.

Threat Research | Industry Trends

Swarming IoT Attacks, Cryptojacking, and Ransomware Drive Dramatic Spike in Malware

FortiGuard Labs just released our latest Quarterly Threat Landscape report for Q4 of 2017. As usual, there are a lot of take-aways for CISOs, but a few items stood out. In particular, attacks were up per firm by 82% and swarm cyber attacks targeted the Internet of Things (IoT) with growing intensity.

By FortiGuard SE TeamFebruary 20, 2018