What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-04-04 15:00:00 | Byakugan & # 8211;Le malware derrière une attaque de phishing Byakugan – The Malware Behind a Phishing Attack (lien direct) |
Fortiguard Labs a découvert les logiciels malveillants Byakugan derrière une récente campagne de logiciels malveillants distribué par des fichiers PDF malveillants.Apprendre encore plus.
FortiGuard Labs has uncovered the Byakugan malware behind a recent malware campaign distributed by malicious PDF files. Learn more. |
Malware | ★★ | |
|
2024-02-15 18:24:00 | Android / Spynote se déplace vers les crypto-monnaies Android/SpyNote Moves to Crypto Currencies (lien direct) |
Fortiguard étudie un nouvel échantillon chaud d'Android / Spynote, qui montre les auteurs de logiciels malveillants qui volent les crypto-monnaies des portefeuilles cryptographiques.
FortiGuard investigates a hot new sample of Android/SpyNote, which shows the malware authors stealing crypto currencies from crypto wallets. |
Malware Mobile | ★★ | |
|
2024-02-14 16:00:00 | Tictactoe Troper TicTacToe Dropper (lien direct) |
Fortiguard a identifié un regroupement de gouttes de logiciels malveillants utilisés pour livrer diverses charges utiles à un stade final tout au long de 2023. En savoir plus.
FortiGuard has identified a grouping of malware droppers used to deliver various final-stage payloads throughout 2023. Learn more. |
Malware | ★★ | |
|
2024-02-05 16:00:00 | Python Info-voleur distribué par un document malveillant Excel Python Info-stealer Distributed by Malicious Excel Document (lien direct) |
Fortiguard Labs a découvert une campagne de logiciels malveillants impliquant un voleur d'informations Python distribué par Excel Document.Apprendre encore plus.
FortiGuard Labs has uncovered a malware campaign involving a python info-stealer distributed by Excel document. Learn more. |
Malware | ★★★ | |
|
2024-01-22 16:00:00 | Packages de vol d'informations cachés dans PYPI Info Stealing Packages Hidden in PyPI (lien direct) |
Un auteur de malware PYPI de vol d'informations a été identifié de téléchargement discrètement des packages malveillants.Apprendre encore plus.
An info-stealing PyPI malware author was identified discreetly uploading malicious packages. Learn more. |
Malware | ★★★ | |
|
2023-12-13 15:00:00 | TeamCity Intrusion Saga: APT29 suspecté parmi les attaquants exploitant CVE-2023-42793 TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793 (lien direct) |
FortiGuardLabs a découvert une nouvelle campagne APT29 qui comprend l'équipe d'exploitation de TeamCity et GraphicalProton malware.Apprendre encore plus.
FortiGuardLabs discovered a new APT29 campaign which includes TeamCity exploitation and GraphicalProton malware. Learn more. |
Malware | APT 29 | ★★★ |
|
2023-11-17 16:00:00 | Gestion des risques OT: détection proactive de la menace OT et prévention des logiciels malveillants OT Risk Management: Proactive OT Threat Detection and Malware Prevention (lien direct) |
Comprenez comment la gestion des risques OT et la détection des menaces OT sont des éléments clés à mettre en œuvre dans votre cyber-défense.
Understand how OT risk management and OT threat detection are key components to implement in your cyber defense. |
Malware Threat Industrial | ★★★ | |
|
2023-09-27 19:12:00 | Les acteurs de la menace exploitent les tensions entre l'Azerbaïdjan et l'Arménie Threat Actors Exploit the Tensions Between Azerbaijan and Armenia (lien direct) |
Les acteurs de la menace utilisent des problèmes géopolitiques entre l'Azerbaïdjan et l'Arménie pour offrir des logiciels malveillants furtifs
Threat actors are using geopolitical issues between Azerbaijan and Armenia to deliver stealth malware |
Malware Threat | ★★★ | |
|
2023-09-12 22:08:00 | Nouvelle variante de pondémie New MidgeDropper Variant (lien direct) |
Une analyse de logiciels malveillants sur une nouvelle variante compte-gouttes qui a une chaîne d'infection complexe qui comprend l'obscurcissement du code et l'élevage.Apprendre encore plus.
A malware analysis on a new dropper variant that has a complex infection chain that includes code obfuscation and sideloading. Learn more. |
Malware | ★★★ | |
|
2023-08-30 15:00:00 | Plusieurs menaces ciblent les vulnérabilités d’Adobe ColdFusion Multiple Threats Target Adobe ColdFusion Vulnerabilities (lien direct) |
Une analyse détaillée de la manière dont un groupe de menaces continue d'exploiter la vulnérabilité d'Adobe ColdFusion par le biais d'attaques comprenant des sondages, l'établissement de shells inversés et le déploiement de logiciels malveillants pour des actions ultérieures.Apprendre encore plus.
A detailed analysis of how a threat group continues to exploit the Adobe ColdFusion vulnerability through attacks including probing, establishing reverse shells, and deploying malware for subsequent actions. Learn more. |
Malware Vulnerability Threat | ★★ | |
|
2023-08-09 14:47:00 | Les attaquants distribuent des logiciels malveillants via Freeze.R et Syk Cryter Attackers Distribute Malware via Freeze.rs And SYK Crypter (lien direct) |
FortiGuardLabs découvre la méthode d'attaque à l'aide du protocole "Search-MS" répartir XWorm et REMCOS et explore également les fonctionnalités de Freeze.R Rust et des fonctionnalités de Syk Cryter \\.Apprendre encore plus.
FortiGuardLabs uncovers the attack method using "search-ms" protocol spreading XWorm and Remcos and also explores Freeze.rs Rust injector and SYK Crypter\'s functionalities. Learn more. |
Malware | ★★ | |
|
2023-07-12 11:28:00 | La campagne Lokibot cible le document Microsoft Office utilisant des vulnérabilités et des macros LokiBot Campaign Targets Microsoft Office Document Using Vulnerabilities and Macros (lien direct) |
Fortiguard Labs enquête sur des documents malveillants de Microsoft Office qui ont laissé tomber les logiciels malveillants de Lokibot sur un système de victime.Obtenez une analyse des subtilités de cette menace et de cette conscience de ses méthodes opérationnelles.
FortiGuard Labs investigates malicious Microsoft Office documents that dropped the LokiBot malware onto a victim\'s system. Get an analysis of the intricacies of this threat and awareness of its operational methods. |
Malware Threat | ★★★ | |
|
2023-06-21 12:23:00 | Fortinet inverse le malware Android malveillant " Fortinet Reverses Flutter-based Android Malware “Fluhorse” (lien direct) |
Gardez un aperçu de la campagne de logiciels malveillants Fluhorse car nous avons réussi à insensé entièrement les applications de Flutter malveillant.Apprendre encore plus.
Gain insights into the Fluhorse malware campaign as we\'ve managed to fully reverse engineer the malicious Flutter applications. Learn more. |
Malware | ★★★★ | |
|
2023-05-23 08:37:00 | Les vidéos de logiciels piratés YouTube fournissent une triple menace: Vidar Stealer, Laplas Clipper, XMRIG Miner YouTube Pirated Software Videos Deliver Triple Threat: Vidar Stealer, Laplas Clipper, XMRig Miner (lien direct) |
L'équipe Fortiguard Labs enquête sur une campagne de menaces ciblant les téléspectateurs de YouTube.Profitez de toute sa chaîne d'attaque avec les composants malveillants qui composent cette campagne.
The FortiGuard Labs team investigates a threat campaign targeting YouTube viewers. Get a view of its entire attack chain along with the malware components that make up this campaign. |
Malware Threat | ★★ | |
|
2023-04-11 08:36:00 | Le malware déguisé en document de l'Ukraine \\'s Energoatom offre une porte dérobée Demon Havoc Malware Disguised as Document from Ukraine\\'s Energoatom Delivers Havoc Demon Backdoor (lien direct) |
Fortiguard Labs met en évidence les détails techniques d'une cyberattaque à plusieurs étages utilisé dans le conflit russe-ukrainien, ainsi que des artefacts étranges qui pourraient être en cours en cours ou une partie d'un exercice en équipe rouge.
FortiGuard Labs highlights the technical details of a multi-staged cyberattack used in the Russian-Ukrainian conflict, as well as some strange artifacts that could be work-in-progress or part of a red-team exercise. |
Malware | ★★ | |
|
2023-03-23 14:18:00 | Le dernier Intel sur les essuie-glaces [The Latest Intel on Wipers] (lien direct) | La recherche Fortiguard Labs a révélé que les logiciels malveillants d'essuie-glace ont décollé dans la seconde moitié de 2022. Dans cet article, découvrez la croissance des logiciels malveillants d'essuie-glace et comment éviter un essuie.
FortiGuard Labs research found wiper malware took off in the second half of 2022. In this article learn about the growth of wiper malware and how to avoid a wipeout. |
Malware Studies | ★★★ | |
|
2023-03-16 13:03:00 | Microsoft OneNote File Being Leveraged by Phishing Campaigns to Spread Malware (lien direct) | An in-depth analysis of a phishing campaign utilizing a Microsoft OneNote file. Learn about the contents of this malicious attack from how it executes, to evading detection, and fully controlling the victim's device. | Malware | ★★ | |
|
2023-03-08 07:41:00 | Old Cyber Gang Uses New Crypter – ScrubCrypt (lien direct) | FortiGuard Labs elaborates on the details of ScrubCrypt malware that obfuscates and encrypts applications and makes them able to dodge to security programs. Read more. | Malware | ★★ | |
|
2023-03-01 10:30:00 | Just Because It\'s Old Doesn\'t Mean You Throw It Away (Including Malware!) (lien direct) | There are still fresh infections of MyDoom (also known as Novarg and Mimail) occurring along with corresponding phishing events. Learn how this malware is continuing to operate in 2023. | Malware | ★★★ | |
|
2023-02-20 23:26:00 | More Supply Chain Attacks via New Malicious Python Packages in PyPi (lien direct) | Read how the FortiGuard Labs team discovered another 0-day attack in the PyPI packages (Python Package Index) by the malware authors 'Portgual' and 'Brazil'. | Malware | ★★★ | |
|
2023-02-08 12:41:00 | Supply Chain Attack via New Malicious Python Packages by Malware Author Core1337 (lien direct) | The FortiGuard Labs team recently discovered various new 0-day attacks in PyPI packages by malware author, "Core1337". Read to learn more about these malicious supply chain attacks. | Malware | ★★ | |
|
2023-02-02 15:47:00 | Supply Chain Attack by New Malicious Python Package, “web3-essential” (lien direct) | FortiGuard Labs team discovers another 0-day attack in a malicious PyPI package called “web3-essential”. See how this malware avoids suspicion and other observations. | Malware | ★★★ | |
|
2023-01-31 12:20:00 | Analyzing Malware Code that Cryptojacks System to Mine for Monero Crypto (lien direct) | FortiGuard Labs analyzes malicious code found in captured excel documents that cryptojacks a victim's system to mine for Monero cryptocurrency. See how the malicious software is delivered, executed, and the techniques it uses to gain persistence on a device. | Malware | ★★★ | |
|
2023-01-24 13:13:00 | The Year of the Wiper (lien direct) | FortiGuard Labs has been tracking wiper malware since the start of the 2022 Russia-Ukraine conflict. Read our latest blog to find out recent updates about the trends in wiper malware and how attack scenarios have changed. | Malware | ★★ | |
|
2023-01-13 14:43:00 | 2022 IoT Threat Review (lien direct) | FortiGuard Labs continuously monitors the IoT botnet threat landscape for new and emerging campaigns. Read our blog with insights into malware campaigns that have been actively targeting IoT devices for infection. | Malware Threat | ★★★★ | |
|
2023-01-11 07:17:00 | Analysis of FG-IR-22-398 – FortiOS - heap-based buffer overflow in SSLVPNd (lien direct) | Fortinet published CVSS: Critical advisory FG-IR-22-398 / CVE-2022-42475 on Dec 12, 2022. This blog details our initial investigation into this malware and additional IoCs identified during our ongoing analysis. Read more. | Malware | ★★ | |
|
2022-12-22 12:37:00 | Trying to Steal Christmas (Again!) (lien direct) | FortiGuard Labs discovered some holiday-themed phishing examples that exploit excitement and interest in the holidays created by an AgentTesla affiliate. Read our blog to learn more about how malware operators are attempting to maximize the holiday to compromise the systems of users. | Malware | ★★ | |
|
2022-12-12 06:49:00 | GoTrim: Go-based Botnet Actively Brute Forces WordPress Websites (lien direct) | FortiGuard Labs encountered an unreported CMS scanner and brute forcer written in the Go programming language. Read our analysis of the malware and how this active botnet scans and compromises websites. | Malware | ★★ | |
|
2022-11-15 20:08:00 | Tips and Tricks: Debugging .NET Malware in a Multi-Stage Malware Deployment (lien direct) | FortiGuard Labs recently analyzed a fake phishing email that drops the Warzone RAT. Read a deeper analysis in our blog that provides more detail on technical challenges we faced during the analysis. | Malware | ||
|
2022-10-20 20:23:00 | Mirai, RAR1Ransom, and GuardMiner – Multiple Malware Campaigns Target VMware Vulnerability (lien direct) | In April, VMware patched a vulnerability CVE-2022-22954, which causes server-side template injection. Read our blog to learn more about how malware is attempting to leverage the vulnerability and the behavior after exploitation in more detail. | Malware Vulnerability | ||
|
2022-10-11 14:49:00 | Ukrainian Military-Themed Excel File Delivers Multi-Stage Cobalt Strike Loader (lien direct) | FortiGuard Labs discovered a malicious document masquerading as a salary calculator tool. Read to learn more about the document which if triggered executes evasive multi-stage loaders, eventually leading to Cobalt Strike Beacon malware being loaded onto a device. | Malware Guideline | ||
|
2022-10-05 12:43:00 | Excel Document Delivers Multiple Malware by Exploiting CVE-2017-11882 – Part II (lien direct) | FortiGuard Labs discovered an Excel document, which exploits CVE-2017-11882 to execute malicious code to deliver and execute malware. Part two of this series reveals more about the Redline payload and the information it steals from victims. | Malware | ||
|
2022-10-04 11:56:00 | Delivery of Malware: A Look at Phishing Campaigns in Q3 2022 (lien direct) | FortiGuard Labs continues to track many malware families, including Emotet, Qbot, and Icedid. Read more about some of the most common details and techniques used by these malicious campaigns for malware deployment. | Malware | ||
|
2022-10-03 14:50:00 | Leveraging Microsoft Office Documents to Deliver Agent Tesla and njRat (lien direct) | FortiGuard Labs discovered malicious Microsoft Office documents attempting to leverage legitimate websites to execute a shell script and drop malware variants of Agent Tesla and njRat. Read more for details. | Malware | ||
|
2022-09-19 11:32:00 | Excel Document Delivers Multiple Malware By Exploiting CVE-2017-11882 – Part I (lien direct) | FortiGuard Labs discovered an Excel document with an embedded file name that is randomized, which exploits CVE-2017-11882 to deliver and execute malware on a victim's device. Read our blog to learn what malware families it can download and what malicious actions it can conduct. | Malware | ||
|
2022-08-08 18:00:00 | Life After Death-SmokeLoader Continues to Haunt Using Old Vulnerabilities (lien direct) | FortiGuard Labs examines SmokeLoader, a malware variant that exploits CVE-2017-0199 and CVE-2017-11882 in its deployment chain. Read our analysis blog to learn about the latest sample. | Malware | ||
|
2022-08-03 16:16:00 | So RapperBot, What Ya Bruting For? (lien direct) | FortiGuard Labs is tracking a rapidly evolving IoT malware family known as RapperBot. Read to learn how this threat infects and persists on a victim's device. | Malware Threat | ||
|
2022-08-01 12:50:00 | Fileless Malware: What It Is and How It Works (lien direct) | Read about the what fileless malware is along with the stages of an attack, the common techniques used by cybercriminals, and tips for detecting these types of threats. | Malware | ||
|
2022-07-07 11:27:00 | Notable Droppers Emerge in Recent Threat Campaigns (lien direct) | FortiGuard Labs recently observed active droppers resulting from social engineered phishing emails involving Microsoft files. Read more about how they are delivered to the victim's device and how they drop malware payloads onto the victim's local disk.
|
Malware Threat | ||
|
2022-06-15 11:00:00 | New IceXLoader 3.0 – Developers Warm Up to Nim (lien direct) | FortiGuard Labs discovered version 3.0 of IceXLoader, a new malware loader. Read our blog for the technical details of how it behaves and the potential malware that it can deliver in an infected system.
|
Malware | ||
|
2022-05-27 14:18:00 | (Déjà vu) Phishing Campaign Delivering Three Fileless Malware: AveMariaRAT / BitRAT / PandoraHVNC – Part II (lien direct) | FortiGuard Labs discovered a phishing campaign delivering fileless malware AveMariaRAT, BitRAT, and PandoraHVNC to steal sensitive information from a victim's device. Read part II of our analysis to find out more about the malware payload details and the control commands.
|
Malware | ||
|
2022-05-23 13:37:00 | Spoofed Saudi Purchase Order Drops GuLoader: Part 1 (lien direct) | FortiGuard Labs recently discovered a social engineering email lure with a message delivered to a company in Ukraine. In part I of our blog, we will analyze the phishing email and provide an analysis of the embedded malware which contains an executable for GuLoader.
|
Malware | ||
|
2022-05-12 13:23:00 | Phishing Campaign Delivering Three Fileless Malware: AveMariaRAT / BitRAT / PandoraHVNC – Part I (lien direct) | FortiGuard Labs discovered a phishing campaign delivering fileless malware to steal sensitive information from a victim's device. Read our analysis to find out more about how the campaign executes and maintains persistence on the victim's device.
|
Malware | ★★★ | |
|
2022-04-28 00:00:00 | An Overview of the Increasing Wiper Malware Threat (lien direct) | With wiper malware becoming popular in cyberattacks, FortiGuard Labs provides a deep dive on the threat technique to help organizations understand it and implement better protections. Read our blog about wiper malware including tactics, techniques, and procedures (TTPs).
|
Malware Threat | ||
|
2022-04-18 00:00:00 | Trends in the Recent Emotet Maldoc Outbreak (lien direct) | FortiGuard Labs observed that a recent Emotet outbreak is being spread through a variety of malicious Microsoft Office files, or maldocs, attached to phishing emails. Read our blog to learn how the malware spreads, what the malicious documents look like, and how to avoid this scam.
|
Malware | ||
|
2022-03-28 00:00:00 | Spoofed Invoice Used to Drop IcedID (lien direct) | FortiGuard Labs discovered a spearphishing email for a Ukrainian fuel company with an attached invoice-seemingly from another fuel provider-that contains the IcedID Trojan. Read to learn more about the infection process and subsequent malware deployment by the threat actors behind IcedID.
|
Malware Threat | ||
|
2022-03-15 00:00:00 | A Brief History of The Evolution of Malware (lien direct) | FortiGuard Labs provides a brief historical insight into the history of computer malware from the pre-internet era to the current world of botnets, ransomware, viruses, worms, etc. Read to learn more.
|
Malware | ||
|
2022-02-25 00:00:00 | The Hunt for the Lost Soul: Unraveling the Evolution of the SoulSearcher Malware (lien direct) | FortiGuard Labs provides a deep analysis of the evolution of SoulSearcher malware focusing on a malicious DLL payload module. With reverse engineering the team analyzes the different components and the progression over time, mapping the evolution of the malware framework. Read more.
|
Malware | ||
|
2022-01-20 00:00:00 | New STRRAT RAT Phishing Campaign (lien direct) | FortiGuard Labs discovered a phishing email used to deliver a variant of the STRRAT malware as an attachment. This blog deconstructs the phishing email and its malicious payload.
|
Malware | ||
|
2021-12-21 00:00:00 | Critical Apache Log4j (Log4Shell) Vulnerability Updates: What You Need to Know (lien direct) | FortiGuard Labs provides important updates about the Apache Log4j vulnerabilities, including details, campaigns associated with Log4j, and an alleged “wormable” Mirai malware variant. Read to learn more.
|
Malware Vulnerability |
To see everything:
Our RSS (filtrered)
