Threat Signal

The Threat Signal created by the FortiGuard Labs is intended to provide you with insight on emerging issues that are trending within the cyber threat landscape. The Threat Signal will provide concise technical details about the issue, mitigation recommendations and a perspective from the FortiGuard Labs team in an FAQ style format.

Whether it’s significant vulnerability disclosures including high profile zero days, coordinated announcements with Cyber Threat Alliance partners, malware of significance, or any threat making the news cycle, FortiGuard Threat Signals are there for you.

FortiGuard Labs is aware of a report that a new threat actor, "Tortillas," is leveraging the ProxyShell exploit to deliver...

Oct 15, 2021 TLP Level: Threat Level: MED ID: 61
FortiGuard Labs is aware of a report that a new Windows 0-day vulnerability (CVE-2021-40449) was used to download and laun...

Oct 13, 2021 TLP Level: Threat Level: MED ID: 60
FortiGuard Labs is aware of a new, Linux malware family named "FontOnLake." FontOnLake is a very sophisticated malware fam...

Oct 08, 2021 TLP Level: Threat Level: MED ID: 59
FortiGuard Labs is aware of a report that the ransomware threat actor Atom Silo targeted vulnerable Confluence servers to ...

Oct 05, 2021 TLP Level: Threat Level: HIGH ID: 57
Update 10/8 - IPS section appended with newly available IPS signature.Update 10/7 - APPENDIX section updated with announc...

Oct 05, 2021 TLP Level: Threat Level: MED ID: 58
FortiGuard Labs is aware of a report that a Linux variant of RansomExx ransomware's encryption process has a bug leading t...

Oct 01, 2021 TLP Level: Threat Level: HIGH ID: 56
FortiGuard Labs is aware that VMware disclosed a critical vulnerability (CVE-2021-22005) on September 21st, 2021 that affe...

Sep 29, 2021 TLP Level: Threat Level: HIGH ID: 55
FortiGuard Labs is aware of a report that the FamousSparrow APT group has attacked hotels, governments and businesses worl...

Sep 24, 2021 TLP Level: Threat Level: MED ID: 54
Update: 10/5/21 - The "What is the Status of Coverage" section has been updated to reflect the latest IPS signature.FortiG...

Sep 21, 2021 TLP Level: Threat Level: MED ID: 53
Last week, researchers discovered the #OMIGOD vulnerability targeting Windows Azure containers. Disclosed to Microsoft by...

Sep 20, 2021 TLP Level: Threat Level: HIGH ID: 52
On September 16th, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI),...

Sep 16, 2021 TLP Level: Threat Level: HIGH ID: 51
Update as of September 14th: Microsoft has officially released patches for affected products. Please refer to the APPENDI...

Sep 07, 2021 TLP Level: Threat Level: HIGH ID: 50
Update as of September 8th: FortiGuard Labs released the following IPS signature:Atlassian.Confluence.CVE-2021-26084.Remot...

Aug 31, 2021 TLP Level: Threat Level: HIGH ID: 49
Update 9/17 - An IPS signature has been released in definitions (18.160) as "MS.Exchange.Server.SecurityToken.Authenticati...

Aug 30, 2021 TLP Level: Threat Level: MED ID: 48
FortiGuard Labs is aware that F5 released a security advisory on August 24th about vulnerabilities affecting multiple vers...

Aug 25, 2021 TLP Level: Threat Level: HIGH ID: 47