Threat Signal

The Threat Signal created by the FortiGuard Labs is intended to provide you with insight on emerging issues that are trending within the cyber threat landscape. The Threat Signal will provide concise technical details about the issue, mitigation recommendations and a perspective from the FortiGuard Labs team in an FAQ style format.

Whether it’s significant vulnerability disclosures including high profile zero days, coordinated announcements with Cyber Threat Alliance partners, malware of significance, or any threat making the news cycle, FortiGuard Threat Signals are there for you.

NOTE: 12/30 IPS signature information added FortiGuard Labs is aware of a newly disclosed remote code execution vulnerabil...

Dec 28, 2021 TLP Level: Threat Level: MED ID: 85
FortiGuard Labs is aware of a recently reported ransomware "Rook". According to a publicly available report, Rook appears ...

Dec 27, 2021 TLP Level: Threat Level: MED ID: 84
Mortar Loader is a new process hollowing tool that can be leveraged by threat actors. Process Hollowing is a well-known e...

Dec 26, 2021 TLP Level: Threat Level: MED ID: 83
FortiGuard Labs is aware that the Apache Software Foundation released Log4j version 2.17.0 on December 18th 2021 in respon...

Dec 20, 2021 TLP Level: Threat Level: MED ID: 82
FortiGuard Labs is aware of a new Mirai Linux variant that spreads using CVE-2021-44228 (Log4Shell). This is possibly the ...

Dec 20, 2021 TLP Level: Threat Level: HIGH ID: 83
UPDATE December 17 2021: The Apache Software Foundation has changed Denial of Service to Remote Code Execution and has u...

Dec 15, 2021 TLP Level: Threat Level: MED ID: 81
FortiGuard Labs is aware of a report that a newly patched Windows vulnerability (CVE-2021-43890) is being exploited in the...

Dec 15, 2021 TLP Level: Threat Level: MED ID: 81
FortiGuard Labs is aware of reports that a new ransomware called Blackcat, also known as ALPHV, was spotted in the wild. B...

Dec 13, 2021 TLP Level: Threat Level: MED ID: 80
UPDATE 12/22: Updated Mitigation section for a joint advisory released by US-CERT.FortiGuard Labs is aware of a remote co...

Dec 10, 2021 TLP Level: Threat Level: HIGH ID: 79
FortiGuard Labs is aware of a recent joint advisory released by the U.S. Cybersecurity and Infrastructure Security Agency ...

Dec 06, 2021 TLP Level: Threat Level: MED ID: 77
FortiGuard Labs is aware of reports relating to NICKEL, a state sponsored group targeting varying interests in Europe, Nor...

Dec 06, 2021 TLP Level: Threat Level: HIGH ID: 78
FortiGuard Labs is aware of a report that Yanluowang ransomware was recently used by a threat actor who previously emplo...

Dec 02, 2021 TLP Level: Threat Level: MED ID: 76
FortiGuard Labs is aware of a report that a reply-chain email attack is using compromised Microsoft Exchange servers to ta...

Dec 01, 2021 TLP Level: Threat Level: MED ID: 75