Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](|AS14618) to the bottom mailbox to add to the whitelist


2022-05-24 07:42   New Nokoyawa Variant Catching Up to Peers with Blatant Code Reuse    #fortinet #威胁情报 FortiGuardLabs discovered a new variant of the Nokoyawa ransomware and observed it's evolution by reusing code from publicly available sources. Read more to learn more about the behavior and new features which maximize the number of files that can be encrypted.

2022-05-24 05:37   Spoofed Saudi Purchase Order Drops GuLoader: Part 1    #fortinet #威胁情报 FortiGuard Labs recently discovered a social engineering email lure with a message delivered to a company in Ukraine. In part I of our blog, we will analyze the phishing email and provide an analysis of the embedded malware which contains an executable for GuLoader.

2022-05-18 08:56   Chaos Ransomware Variant Sides with Russia    #fortinet #威胁情报 FortiGuard Labs recently came across a variant of Chaos ransomware that appears to side with Russia. Read to find out more about the destructive outcome the variant beings to a compromised machine.

2022-05-13 04:23   Phishing Campaign Delivering Three Fileless Malware: AveMariaRAT / BitRAT / PandoraHVNC – Part I    #fortinet #威胁情报 FortiGuard Labs discovered a phishing campaign delivering fileless malware to steal sensitive information from a victim’s device. Read our analysis to find out more about how the campaign executes and maintains persistence on the victim’s device.

2022-05-12 00:26   Please Confirm You Received Our APT    #fortinet #威胁情报 FortiGuard Labs researchers recently examined a spearphishing attack targeting a Jordanian diplomat. This blog analyzes the attack chain associated with this email and the traits that set it apart from average malware. Read more.

2022-05-03 23:50   Unpacking Python Executables on Windows and Linux    #fortinet #威胁情报 FortiGuard Labs provides a deep dive on unpacking Python executables on Windows and Linux. Read to learn more about packing, unpacking, and decompiling on these operating systems.

2022-04-29 15:00   Using EPSS to Predict Threats and Secure Your Network    #fortinet #威胁情报 In our latest blog, FortiGuard Labs reviews valuable tools to help understand what threats organizations might face next including the Common Vulnerability Scoring System (CVSS) and the Exploit Prediction Scoring System (EPSS). We also recap some of the unique benefits of each for better vulnerabili

2022-04-28 23:35   Warning: GRIM and Magnus Android Botnets are Underground    #fortinet #威胁情报 Since the beginning of 2022, there are more Android botnet newcomers. FortiGuard Labs has seen two new banking botnets: GRIM and Magnus. Read our blog to find out more.

2022-04-26 15:00   An Overview of the Increasing Wiper Malware Threat    #fortinet #威胁情报 With wiper malware becoming popular in cyberattacks, FortiGuard Labs provides a deep dive on the threat technique to help organizations understand it and implement better protections. Read our blog about wiper malware including tactics, techniques, and procedures (TTPs).

2022-04-19 15:00   Using Emulation Against Anti-Reverse Engineering Techniques    #fortinet #威胁情报 In this blog post, the FortiGuard Labs team reviews how to use emulation against anti-reverse engineering techniques using the Pandora ransomware as an example. Learn more.

2022-04-18 15:00   Trends in the Recent Emotet Maldoc Outbreak    #fortinet #威胁情报 FortiGuard Labs observed that a recent Emotet outbreak is being spread through a variety of malicious Microsoft Office files, or maldocs, attached to phishing emails. Read our blog to learn how the malware spreads, what the malicious documents look like, and how to avoid this scam.

2022-04-12 15:00   Enemybot: A Look into Keksec's Latest DDoS Botnet    #fortinet #威胁情报 FortiGuard Labs observed a new DDoS botnet calling itself “Enemybot” and attributing itself to the Keksec threat group. Read our blog to learn how this malware leverages vulnerabilities and executes commands once inside an infected device.

2022-04-07 15:00   Looking Inside Pandora’s Box    #fortinet #威胁情报 FortiGuard Labs analyzes the emerging state-of-the-art Pandora ransomware targeting corporate networks for financial gain. Read our blog to see how it evades detection, anti-analysis, and more. Read to learn more about this ransomware.

2022-04-07 15:00   Fortinet Security Researchers Discover Multiple Vulnerabilities in AutoDesk Products: DWG TrueView, Navisworks & Design Review    #fortinet #威胁情报 FortiGuard Labs discovered and reported zero-day vulnerabilities in AutoDesk products: DWG TrueView, Design Review and Navisworks. AutoDesk already released several security patches which fixed them. Read our blog to learn more about patching these vulnerabilities.

2022-04-06 15:00   The Latest Remcos RAT Driven By Phishing Campaign    #fortinet #威胁情报 FortiGuard Labs analyzes how a phishing campaign delivers the Remcos RAT onto a victim’s device, how it executes on the device, the sensitive information it steals from the victim, as well as the commands this Remcos RAT uses to control the victim's device. Read to learn more.