Threat Signal

The Threat Signal created by the FortiGuard Labs is intended to provide you with insight on emerging issues that are trending within the cyber threat landscape. The Threat Signal will provide concise technical details about the issue, mitigation recommendations and a perspective from the FortiGuard Labs team in an FAQ style format.

Whether it’s significant vulnerability disclosures including high profile zero days, coordinated announcements with Cyber Threat Alliance partners, malware of significance, or any threat making the news cycle, FortiGuard Threat Signals are there for you.

FortiGuard Labs is aware of a recent joint advisory released by the U.S. Cybersecurity and Infrastructure Security Agency ...

Dec 06, 2021 TLP Level: Threat Level: MED ID: 77
FortiGuard Labs is aware of a report that Yanluowang ransomware was recently used by a threat actor who previously emplo...

Dec 02, 2021 TLP Level: Threat Level: MED ID: 76
FortiGuard Labs is aware of a report that a reply-chain email attack is using compromised Microsoft Exchange servers to ta...

Dec 01, 2021 TLP Level: Threat Level: MED ID: 75
FortiGuard Labs is aware of reports of recent activity from APT37. APT37 is a nation-state threat actor attributed to Nort...

Nov 29, 2021 TLP Level: Threat Level: MED ID: 73
FortiGuard Labs is aware of a new proof of concept that is leveraging CVE-2021-42321, a Microsoft Exchange Server Remote C...

Nov 23, 2021 TLP Level: Threat Level: MED ID: 72
FortiGuard Labs is aware of a report that a new adversary carried out an attack using a Python-based ransomware called "...

Nov 19, 2021 TLP Level: Threat Level: MED ID: 71
FortiGuard Labs is aware of a report that the Magniber ransomware gang is now exploiting a couple of Internet Explorer vul...

Nov 15, 2021 TLP Level: Threat Level: MED ID: 70
FortiGuard Labs is aware that a BlackMatter ransomware affiliate started to use a new custom data exfiltration tool called...

Nov 02, 2021 TLP Level: Threat Level: MED ID: 67
FortiGuard Labs is aware of a report that a variant of UpdateAgent disguised as legitimate software was distributed in the...

Oct 22, 2021 TLP Level: Threat Level: MED ID: 65
FortiGuard Labs is aware of a report that a new threat actor, "Harvester," attacked targets in South Asia with previously ...

Oct 20, 2021 TLP Level: Threat Level: MED ID: 63
FortiGuard Labs is aware of a report that a new threat actor, "Tortillas," is leveraging the ProxyShell exploit to deliver...

Oct 15, 2021 TLP Level: Threat Level: MED ID: 61
FortiGuard Labs is aware of a report that a new Windows 0-day vulnerability (CVE-2021-40449) was used to download and laun...

Oct 13, 2021 TLP Level: Threat Level: MED ID: 60
FortiGuard Labs is aware of a new, Linux malware family named "FontOnLake." FontOnLake is a very sophisticated malware fam...

Oct 08, 2021 TLP Level: Threat Level: MED ID: 59
Update 10/8 - IPS section appended with newly available IPS signature.Update 10/7 - APPENDIX section updated with announc...

Oct 05, 2021 TLP Level: Threat Level: MED ID: 58
FortiGuard Labs is aware of a report that the FamousSparrow APT group has attacked hotels, governments and businesses worl...

Sep 24, 2021 TLP Level: Threat Level: MED ID: 54