Threat Signal

The Threat Signal created by the FortiGuard Labs is intended to provide you with insight on emerging issues that are trending within the cyber threat landscape. The Threat Signal will provide concise technical details about the issue, mitigation recommendations and a perspective from the FortiGuard Labs team in an FAQ style format.

Whether it’s significant vulnerability disclosures including high profile zero days, coordinated announcements with Cyber Threat Alliance partners, malware of significance, or any threat making the news cycle, FortiGuard Threat Signals are there for you.

Joint CyberSecurity Advisory on a U.S. Federal Agency Breached by Iranian Threat Actors
FortiGuard Labs is aware of a joint advisory (AA22-320A) issued by Cybersecurity and Infrastructure security Agency (CISA)...
Nov 17, 2022 Threat Level: MED ID: 90
APT Billbug Victimized Asian Certification Authority and Government Agencies
FortiGuard Labs is aware of a report that APT group "Billbug" compromised a certificate authority (CA) as well as multiple...
Nov 15, 2022 Threat Level: MED ID: 89
Path Traversal Vulnerability (CVE-2022-0902) in ABB Flow Computer and Remote Controllers
UPDATE 2022/11/16: Updated the Appendix for a link to Outbreak Alert.FortiGuard Labs is aware a path-traversal vulnerabili...
Nov 14, 2022 Threat Level: HIGH ID: 88
Somnia Ransomware Targets Ukraine
UPDATE 2022/11/16: Updated detection information for Somnia ransomware samples.FortiGuard Labs is aware of a report that a...
Nov 14, 2022 Threat Level: HIGH ID: 87
Emotet Distributed Through U.S. Election Themed Link Files
FortiGuard Labs has discovered that Emotet was recently delivered through an archive file that has a file name targeting t...
Nov 08, 2022 Threat Level: HIGH ID: 86
Azov "Ransomware" Wiper
FortiGuard Labs is aware of a new ransomware variant called "Azov". Reason why this ransomware variant is in quotations i...
Nov 01, 2022 Threat Level: MED ID: 85
OpenSSL Release (3.0.7)
Today, the OpenSSL Project released a new version of OpenSSL (v3.0.7). Last week's early announcement indicated at first t...
Oct 31, 2022 Threat Level: HIGH ID: 84
Newly Disclosed Vulnerability in Apache Commons Text Allows for RCE (CVE-2022-42889)
UPDATE #1 2022/10/20: Updated protection section with IPS coverage.FortiGuard Labs is aware of reports of a recent vulnera...
Oct 19, 2022 Threat Level: MED ID: 83
New Prestige Ransomware Targets Ukraine and Poland
FortiGuard Labs is aware of a report that a new ransomware strain called Prestige was being distributed in an attack campa...
Oct 17, 2022 Threat Level: HIGH ID: 82
Guloader Spam Indiscriminately Sent to State Elections Board
Recently, the United States Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency...
Oct 13, 2022 Threat Level: MED ID: 81
RCE Vulnerability in Zimbra Collaboration Suite (CVE-2022-41352) Being Exploited in the Wild
FortiGuard Labs is aware of reports that a vulnerability affecting Zimbra Collaboration Suite (CVE-2022-41352) is a newly ...
Oct 11, 2022 Threat Level: HIGH ID: 80
CISA Advisory on Vulnerabilities Actively Exploited By Threat Actors Supported by China
On October 6, 2022, the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Feder...
Oct 07, 2022 Threat Level: HIGH ID: 79
LilithBot Sold as Malware-as-a-Service (MaaS)
FortiGuard Labs is aware of a report that the LilithBot malware is being sold as Malware-as-a-Service (MaaS) by a group ca...
Oct 07, 2022 Threat Level: MED ID: 78
Maggie: New Backdoor Targeting Microsoft SQL Servers
FortiGuard Labs is aware of reports that a new backdoor called "Maggie" targets Microsoft SQL servers. Maggie connects to ...
Oct 07, 2022 Threat Level: MED ID: 77
CISA Adds CVE-2022-36804 to the Known Exploited Vulnerabilities Catalog
FortiGuard Labs is aware that the Cybersecurity & Infrastructure Security Agency (CISA) recently added CVE-2022-36804 (Atl...
Oct 04, 2022 Threat Level: HIGH ID: 76