Threat Signal

The Threat Signal created by the FortiGuard Labs is intended to provide you with insight on emerging issues that are trending within the cyber threat landscape. The Threat Signal will provide concise technical details about the issue, mitigation recommendations and a perspective from the FortiGuard Labs team in an FAQ style format.

Whether it’s significant vulnerability disclosures including high profile zero days, coordinated announcements with Cyber Threat Alliance partners, malware of significance, or any threat making the news cycle, FortiGuard Threat Signals are there for you.

FortiGuard Labs is aware of a report that a reply-chain email attack is using compromised Microsoft Exchange servers to ta...

Dec 01, 2021 TLP Level: Threat Level: MED ID: 75
FortiGuard Labs is aware that a new variant of Phobos ransomware is hitting the wild. Phobos ransomware is thought to have...

Nov 30, 2021 TLP Level: Threat Level: HIGH ID: 74
FortiGuard Labs is aware of reports of recent activity from APT37. APT37 is a nation-state threat actor attributed to Nort...

Nov 29, 2021 TLP Level: Threat Level: MED ID: 73
FortiGuard Labs is aware of a new proof of concept that is leveraging CVE-2021-42321, a Microsoft Exchange Server Remote C...

Nov 23, 2021 TLP Level: Threat Level: MED ID: 72
FortiGuard Labs is aware of a report that a new adversary carried out an attack using a Python-based ransomware called "...

Nov 19, 2021 TLP Level: Threat Level: MED ID: 71
FortiGuard Labs is aware of a report that the Magniber ransomware gang is now exploiting a couple of Internet Explorer vul...

Nov 15, 2021 TLP Level: Threat Level: MED ID: 70
FortiGuard Labs is aware of reports that the Emotet botnet is making a comeback. Researchers @Cryptolaemus, GData and Adva...

Nov 15, 2021 TLP Level: Threat Level: HIGH ID: 69
FortiGuard Labs is aware of another Node Package Manager (NPM) library hijack affecting the coa library. Coa is a parser t...

Nov 04, 2021 TLP Level: Threat Level: HIGH ID: 68
FortiGuard Labs is aware that a BlackMatter ransomware affiliate started to use a new custom data exfiltration tool called...

Nov 02, 2021 TLP Level: Threat Level: MED ID: 67
FortiGuard Labs is aware of a report that a few versions of the popular Node Package Manager (NPM) library UAParser.js wer...

Oct 25, 2021 TLP Level: Threat Level: HIGH ID: 66
FortiGuard Labs is aware of a report that a variant of UpdateAgent disguised as legitimate software was distributed in the...

Oct 22, 2021 TLP Level: Threat Level: MED ID: 65
FortiGuard Labs has discovered a destructive file encrypter that poses as a Windows 11 Upgrade Assistant Program, taking ...

Oct 20, 2021 TLP Level: Threat Level: HIGH ID: 64
FortiGuard Labs is aware of a report that a new threat actor, "Harvester," attacked targets in South Asia with previously ...

Oct 20, 2021 TLP Level: Threat Level: MED ID: 63
Today, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and th...

Oct 18, 2021 TLP Level: Threat Level: HIGH ID: 62
FortiGuard Labs is aware of a report that a new threat actor, "Tortillas," is leveraging the ProxyShell exploit to deliver...

Oct 15, 2021 TLP Level: Threat Level: MED ID: 61