Archived Threat Briefs

On this page you will find an archive of our weekly Threat Intelligence Briefs, as well as the ability to sign up to receive these briefs every Friday. Join the thousands of other security-minded professionals who receive these weekly briefs!

FortiGuard Threat Intelligence Brief - January 11, 2019

FortiGuard Labs researchers recently discovered a Cross-Site Scripting vulnerability in Magento that could allow a remote attacker to execute arbitrary code on a victim's browser, granting them access to sensitive data, or take control of the vulnerable website. This XSS vulnerability affects Magent...

FortiGuard Threat Intelligence Brief - January 04, 2019

The Ryuk ransomware caused a major disruption for some high-profile print media organizations in the United States. This malware is typically used in targeted attacks carried out via phishing or through planted files on insecure remote desktops. While the code appears to have similarities with Herme...

FortiGuard Threat Intelligence Brief - December 21, 2018

For our last FortiGuard Threat Intelligence Brief of 2018 we are going to take a quick look back at the year. And what a year it has been!

FortiGuard Threat Intelligence Brief - December 14, 2018

Microsoft's Patch Tuesday came with 39 updates, with 9 rated critical and 1 under active attack. Two of this month's patches were vulnerabilities discovered by FortiGuard Labs researchers. Our researchers discovered both vulnerabilities in September this year, and have worked closely with Microsoft...

FortiGuard Threat Intelligence Brief - December 07, 2018

Since first being discovered in 2014, Emotet has become one of the most dangerous advanced, modular banking Trojans that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the costliest and more destructive malware affecting state, local, tribal, an...

FortiGuard Threat Intelligence Brief - November 30, 2018

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) released a joint Technical Alert (TA) this week to provide information about a major online ad fraud operation named '3ve'.

FortiGuard Threat Intelligence Brief - November 16, 2018

This week Fortinet released our latest Quarterly Threat Landscape Report. Every second of every day FortiGuard Labs is collecting data gathered from millions of devices and sensors around the world. The sheer volume of data we analyze gives us a distinct and unparalleled perspective of the global th...The sheer volume of data we analyze gives us a distinct and unparalleled perspective of the global th...

FortiGuard Threat Intelligence Brief - November 09, 2018

The TrickBot malware family has been around for many years, initially focused on stealing victim's online banking credentials. However, FortiGuard Labs has analyzed some new samples where we have found TrickBot, utilizing a new module, has evolved to much more trickery.

FortiGuard Threat Intelligence Brief - November 02, 2018

Cybercrime-as-a Service has created an entry point for novice distributed denial-of-service (DDoS) attackers by offering simple options to anonymously attack nearly any website and forcing it offline. Due to the public release of source code for some popular bots, building a botnet to provide these...

FortiGuard Threat Intelligence Brief - October 26, 2018

Attackers have always been seeking new avenues for exploitation; short of discovering zero days themselves. Many attackers have relied on known vulnerabilities either disclosed responsibly or irresponsibly to a vendor. Also, even if there is a patch available, such as the industry standard Patch Tue...

FortiGuard Threat Intelligence Brief - October 19, 2018

Recognizing and preventing modern cyber scams is difficult. As FortiGuard Sr. Security Strategist, Ladi Adefala, points out in his blog post, cybercriminals use a wide variety of scam tactics to gain access to your devices and networks to steal information or extort money. It is important to underst...

FortiGuard Threat Intelligence Brief - October 12, 2018

A zero-day bug being actively exploited in the wild was patched by Microsoft this week. CVE-2018-8453 addresses an elevation of privilege flaw in the way that Win2K handles drivers, thereby allowing bad actors to run their code with kernel mode access. This would allow the attacker to install progra...

FortiGuard Threat Intelligence Brief - October 05, 2018

FortiGuard Labs recently encountered malicious traffic traveling to a C2 server located in China. The connection was established by a domain using a name that closely resembled one of Japan's most famous express post delivery services. Our analysis showed that the website making this connection is f...

FortiGuard Threat Intelligence Brief - September 28, 2018

VPNFilter, a multi-stage modular framework that has infected hundreds of thousands of network devices around the world, has been discovered to have even greater capabilities than originally profiled. Announcing their findings through the Cyber Threat Alliance, Cisco's Talos provided early awareness...

FortiGuard Threat Intelligence Brief - September 21, 2018

Once again the Cyber Threat Alliance (CTA) members have collaborated on research. This week the CTA members released a collaborative report on illicit cryptomining (aka cryptojacking). Fortinet is a founding member of the CTA and believe that working together with other cybersecurity organizations,...

FortiGuard Threat Intelligence Brief - September 14, 2018

Get patching! For September Patch Tuesday Microsoft released updates addressing 61 vulnerabilities! Severity breakdown is: 17 rated critical, 43 rated important, and only one is rated as moderate. There were several Adobe updates as well.

FortiGuard Threat Intelligence Brief - September 07, 2018

A new banking Trojan has been identified targeting major Brazilian banking customers, as well as public sector organizations. This malware, code-named CamuBot, uses interesting new tactics with social engineering and malware techniques to bypass security controls, including strong authentication

FortiGuard Threat Intelligence Brief - August 31, 2018

FortiGuard Labs researchers have been monitoring an invasion of GandCrab updates of late. You can read our full blog to get all the chronology details. Below is a synopsis of what we discovered and has transpired lately.

FortiGuard Threat Intelligence Brief - August 24, 2018

For years there have been tools developed for malware research with a primary focus on the Windows platform, whereas tools for alternative operating systems, such as Linux and macOS, were few and far between. This made sense given the enormous adoption rate and market share that Windows operating sy...

FortiGuard Threat Intelligence Brief - August 17, 2018

This week, three new speculative execution vulnerabilities were announced, affecting Intel's Software guard Extensions (SGX) technology.  SGX allows programs to establish secure enclaves on Intel processors --- specifically the Kaby Lake and Skylake processors.  SGX is an Intel technology for application.......

FortiGuard Threat Intelligence Brief - August 10, 2018

Fortinet has a culture of innovation. It isn't more evident than at the BlackHat conference held this week in Las Vegas, where FortiGuard Labs researcher Kai Lu presented his application behavior monitoring tool called FortiAppMonitor for macOS.

FortiGuard Threat Intelligence Brief - August 03, 2018

Once again, Fortinet's membership in the Cyber Threat Alliance (CTA) continues to pay dividends. Sophos, also a CTA member, published their comprehensive research into the SamSam ransomware this week. As part of their CTA membership, Sophos shared all the indicators of compromise (IOCs) with other m...

FortiGuard Threat Intelligence Brief - July 27, 2018

Experts have been warning consumers for years about vulnerabilities in home automation solutions, and Hide 'N Seek (HNS) might be the first in-the-wild malware to actively target these vulnerabilities. It is expected that the growth of Internet of Things (IoT) devices will reach 20.4 billion by 2020...

FortiGuard Threat Intelligence Brief - July 20, 2018

SCADA/ICS technologies and related IIoT (Industrial Internet of Things) devices have become high-value targets for hackers looking to disrupt business operations, collect ransom, or compromise a rival nation's critical infrastructure. Nearly 60% of surveyed organizations using SCADA or ICS reported...

FortiGuard Threat Intelligence Brief - July 13, 2018

GandCrab ransomware has been quite active of late. The new 4.0 variant is being distributed through compromised fake software crack websites. When an unsuspecting user visits the infected site, they are redirected to a separate page containing the actual download link that executes the ransomware. I...

FortiGuard Threat Intelligence Brief - July 06, 2018

A new malware was discovered this week causing computers to be infected with something called "All-Radio 4.27 Portable" that does all sorts of nefarious things. It installs rootkits, crypto-miners, information-stealing Trojans and causes your computer to send out spam.