Weekly Threat Briefs

FortiGuard Labs uses its industry leading global infrastructure of threat sensors, honeypots, and collectors to provide you with the largest source of data of any pure play network security vendor. Data is collected from all of these sources on a continual basis and analyzed by Fortinet’s world-wide team of analysts to provide you with a weekly recap of the incidents and threats you care the most about.

On this page you will find an archive of our weekly Threat Intelligence Briefs, as well as the ability to sign up to receive these briefs every Friday. Join the thousands of other security-minded professionals who receive these weekly briefs!

Global Malicious Spam Campaign Using Black Lives Matter as a Lure - On June 10, 2020, FortiGuard Labs came across a global malicious spam campaign that is targeting users who may be sympathetic to the Black Lives Matter movement that began in the United States. With all of the calamity of 2020, such...

Jun 19, 2020
On Tuesday of this week, Microsoft released this month's patch covering 129 vulnerabilities, 11 of them categorized as critical and leading to remote code execution. The most significant vulnerabilities include ones tied to SMBv3, SharePoint VBScripts, .LNK files, and Adobe Flash Player. The full li...

Jun 12, 2020
Researchers discovered an updated version of the ComRAT malware by Turla, a Russian state-sponsored threat actor. It leverages Gmail's web interface to receive commands and exfiltrate data. ComRAT leverages cookies in the configuration file to connect to an inbox on Gmail's web interface and downloa...

May 29, 2020
Researchers found a new espionage framework, called Ramsay, developed for the collection and exfiltration of sensitive files within air-gapped networks. Analysts found a sample from Japan on VirusTotal, which led to the discovery of different components and versions of the framework. Currently, it i...

May 22, 2020
Two U.S. cybersecurity agencies, the FBI and CISA, published a report of the top 10 most commonly exploited software vulnerabilities (CVEs) between 2016 and 2019. The cybersecurity agencies recommend applying patches to degrade the possibilities for malicious actors targeting corporations and enterp...

May 15, 2020