Threat Signal

The Threat Signal created by the FortiGuard Labs is intended to provide you with insight on emerging issues that are trending within the cyber threat landscape. The Threat Signal will provide concise technical details about the issue, mitigation recommendations and a perspective from the FortiGuard Labs team in an FAQ style format.

Whether it’s significant vulnerability disclosures including high profile zero days, coordinated announcements with Cyber Threat Alliance partners, malware of significance, or any threat making the news cycle, FortiGuard Threat Signals are there for you.

FortiGuard Labs is aware of a recent joint advisory released by the U.S. Cybersecurity and Infrastructure Security Agency ...

Dec 06, 2021 TLP Level: Threat Level: MED ID: 77
FortiGuard Labs is aware of reports relating to NICKEL, a state sponsored group targeting varying interests in Europe, Nor...

Dec 06, 2021 TLP Level: Threat Level: HIGH ID: 78
FortiGuard Labs is aware of a report that Yanluowang ransomware was recently used by a threat actor who previously emplo...

Dec 02, 2021 TLP Level: Threat Level: MED ID: 76
FortiGuard Labs is aware of a report that a reply-chain email attack is using compromised Microsoft Exchange servers to ta...

Dec 01, 2021 TLP Level: Threat Level: MED ID: 75
FortiGuard Labs is aware that a new variant of Phobos ransomware is hitting the wild. Phobos ransomware is thought to have...

Nov 30, 2021 TLP Level: Threat Level: HIGH ID: 74
FortiGuard Labs is aware of reports of recent activity from APT37. APT37 is a nation-state threat actor attributed to Nort...

Nov 29, 2021 TLP Level: Threat Level: MED ID: 73
FortiGuard Labs is aware of a new proof of concept that is leveraging CVE-2021-42321, a Microsoft Exchange Server Remote C...

Nov 23, 2021 TLP Level: Threat Level: MED ID: 72
FortiGuard Labs is aware of a report that a new adversary carried out an attack using a Python-based ransomware called "...

Nov 19, 2021 TLP Level: Threat Level: MED ID: 71
FortiGuard Labs is aware of a report that the Magniber ransomware gang is now exploiting a couple of Internet Explorer vul...

Nov 15, 2021 TLP Level: Threat Level: MED ID: 70
FortiGuard Labs is aware of reports that the Emotet botnet is making a comeback. Researchers @Cryptolaemus, GData and Adva...

Nov 15, 2021 TLP Level: Threat Level: HIGH ID: 69
FortiGuard Labs is aware of another Node Package Manager (NPM) library hijack affecting the coa library. Coa is a parser t...

Nov 04, 2021 TLP Level: Threat Level: HIGH ID: 68
FortiGuard Labs is aware that a BlackMatter ransomware affiliate started to use a new custom data exfiltration tool called...

Nov 02, 2021 TLP Level: Threat Level: MED ID: 67
FortiGuard Labs is aware of a report that a few versions of the popular Node Package Manager (NPM) library UAParser.js wer...

Oct 25, 2021 TLP Level: Threat Level: HIGH ID: 66
FortiGuard Labs is aware of a report that a variant of UpdateAgent disguised as legitimate software was distributed in the...

Oct 22, 2021 TLP Level: Threat Level: MED ID: 65
FortiGuard Labs has discovered a destructive file encrypter that poses as a Windows 11 Upgrade Assistant Program, taking ...

Oct 20, 2021 TLP Level: Threat Level: HIGH ID: 64