Threat Signal

The Threat Signal created by the FortiGuard Labs is intended to provide you with insight on emerging issues that are trending within the cyber threat landscape. The Threat Signal will provide concise technical details about the issue, mitigation recommendations and a perspective from the FortiGuard Labs team in an FAQ style format.

Whether it’s significant vulnerability disclosures including high profile zero days, coordinated announcements with Cyber Threat Alliance partners, malware of significance, or any threat making the news cycle, FortiGuard Threat Signals are there for you.

Possible New Microsoft Exchange RCE 0-day Being Exploited in the Wild
UPDATE September 30th 2022: Updated for CVE numbers assigned to the vulnerabilities and a blog Microsoft published on the ...
Sep 29, 2022 Threat Level: HIGH ID: 75
BlackCat Uses Updated Infostealer Tools with File Corruption Capability
FortiGuard Labs is aware of a report the infamous BlackCat ransomware group has updated their infostealer tools. Dubbed Ex...
Sep 28, 2022 Threat Level: HIGH ID: 73
Joint CyberSecurity Alert (AA22-264A) Iranian Threat Actors Targeting Albania
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) today released a...
Sep 21, 2022 Threat Level: MED ID: 72
Microsoft Patch Tuesday Fixed Vulnerability (CVE-2022-34718) More Likely To Be Exploited
Microsoft has released 63 security patches for this month's September 2022 release. One of the fixes is for CVE-2022-34718...
Sep 14, 2022 Threat Level: HIGH ID: 71
New Shikitega Malware Targets Linux Machines
FortiGuard Labs is aware of a new report of a new malware for Linux observed in the wild. Dubbed Shikitega, its attack flo...
Sep 08, 2022 Threat Level: MED ID: 69
Joint CyberSecurity Advisory on Vice Society (AA22-249A)
On September 6th, a joint cybersecurity advisory was issued by the Cybersecurity and Infrastructure Security Agency (CISA)...
Sep 07, 2022 Threat Level: HIGH ID: 67
New Conti Ransomware Campaign Observed in the Wild
FortiGuard Labs has observed a new wave of ransomware threats belonging to the Conti malware family, active in Mexico. The...
Sep 07, 2022 Threat Level: MED ID: 68
Widespread Redlnk Malware Hides Its Code In .NET Metadata
FortiGuard Labs has found an active and widespread attack campaign that distributes a malware it dubs "RedInk", using the ...
Aug 22, 2022 Threat Level: MED ID: 66
SEABORGIUM APT Group Targets NATO Members and European Countries
FortiGuard Labs is aware of a report published by Microsoft of a threat actor named "SEABORGIUM", which the vendor attribu...
Aug 18, 2022 Threat Level: MED ID: 65
Joint CyberSecurity Advisory on Vulnerabilities in Zimbra Collaboration (CISA-MS-ISAC)
On August 16th, a joint cybersecurity advisory was issued by the Cybersecurity and Infrastructure Security Agency (CISA) a...
Aug 17, 2022 Threat Level: HIGH ID: 64
Joint Cybersecurity Advisory on Zeppelin Ransomware (AA22-223A)
On August 11, 2022, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CI...
Aug 12, 2022 Threat Level: MED ID: 62
Microsoft Patch Tuesday Fixed 0-day Arbitrary Code Execution Vulnerability (CVE-2022-34713)
Microsoft has released 141 security fixes for this month's August 2022 release. Besides the usual security fixes, there wa...
Aug 09, 2022 Threat Level: MED ID: 61
New Ransomware "Roadsweep" Used Against Albania
FortiGuard Labs is aware of a report that Roadsweep ransomware was used against the Albanian government. Other malware Chi...
Aug 05, 2022 Threat Level: MED ID: 61
Meet Woody the New Remote Access Trojan
FortiGuard Labs is aware of a report that a new Remote Access Trojan (RAT) called "Woody" has been lurking in the wild for...
Aug 04, 2022 Threat Level: MED ID: 59
Newly Identified Green Stone Malware Leveraging Malicious Macros in Global Campaign
FortiGuard Labs is aware of a campaign targeting Iranian interests, specifically in the energy sector. Dubbed Green Stone,...
Aug 04, 2022 Threat Level: MED ID: 60