Threat Research

Threat Research

Delivery of Malware: A Look at Phishing Campaigns in Q3 2022

FortiGuard Labs continues to track many malware families, including Emotet, Qbot, and Icedid. Read more about some of the most common details and techniques used by these malicious campaigns for malware deployment.

By Erin Lin October 04, 2022

Threat Research

Leveraging Microsoft Office Documents to Deliver Agent Tesla and njRat

FortiGuard Labs discovered malicious Microsoft Office documents attempting to leverage legitimate websites to execute a shell script and drop malware variants of Agent Tesla and njRat. Read more for details.

By Cara Lin October 03, 2022

Threat Research

Microsoft Exchange 0-Day Vulnerability Updates

FortiGuard Labs is aware of reports that an unpatched Microsoft Exchange Remote Command Execution (RCE) vulnerability is being exploited in the wild. Learn what organizations need to know about these vulnerabilities.

By James Slaughter September 30, 2022

Threat Research

Ransomware Roundup: Bisamware and Chile Locker

The latest FortiGuard Labs Threat Signal Ransomware Roundup covers Bisamware and Chile Locker ransomware, along with protection recommendations. Read more.

By Shunichi Imano and James Slaughter September 29, 2022

Threat Research

Fortinet’s FortiGuard Labs Discovers Multiple dotCMS Vulnerabilities

FortiGuard Labs discovered and reported vulnerabilities in dotCMS versions 22.05 and below. The vendor released security patches that fixed these vulnerabilities. Read for more details.

By Thanh Nguyen Nguyen September 22, 2022

Threat Research

Meeting the “Ministrer”

FortiGuard Labs discovered an unassuming phishing email that attempts to deploy malware. The actions used to execute this strategy are consistent with Konni, a RAT that has been tied to the group APT 37. Read to learn more about this social engineering lure.

By James Slaughter September 19, 2022

Threat Research

Excel Document Delivers Multiple Malware By Exploiting CVE-2017-11882 – Part I

FortiGuard Labs discovered an Excel document with an embedded file name that is randomized, which exploits CVE-2017-11882 to deliver and execute malware on a victim’s device. Read our blog to learn what malware families it can download and what malicious actions it can conduct.

By Xiaopeng Zhang September 19, 2022

Threat Research

Ransomware Roundup: Ragnar Locker Ransomware

The latest edition of the Ransomware Roundup from FortiGuard Labs covers the Ragnar Locker ransomware. Read to learn more about protections.

By Shunichi Imano and James Slaughter September 17, 2022

Threat Research

FortiGuard Labs Researcher Discovers 12 Zero-Day Vulnerabilities in Adobe InDesign

FortiGuard Labs has discovered and reported several zero-day vulnerabilities in Adobe InDesign to Adobe. On September 13, 2022, Adobe released security patches that fixed these vulnerabilities. Read for more details.

By Yonghui Han September 16, 2022

Threat Research

More Path Filter Bypass Vulnerabilities on Java Open Source Projects

After performing a code audit on some popular Java open source projects, ApacheShiro and dotCMS, FortiGuard Labs found some interesting bypass vulnerabilities. Read our blog to learn more.

By Thanh Nguyen Nguyen September 09, 2022