Filter by Date
- 2022
  - 2 August
  - 5 July
  - 5 June
  - 6 May
  - 8 April
  - 10 March
  - 6 February
  - 5 January
- 2021
  - 10 December
  - 5 November
  - 6 October
  - 2 September
  - 9 August
  - 7 July
  - 2 June
  - 2 May
  - 1 February
  - 1 January
- 2020
  - 1 December
  - 1 November
  - 3 October
  - 4 September
  - 2 August
  - 3 June
  - 1 April
  - 3 March
  - 2 February
  - 1 January
- 2019
  - 1 November

Refine Search

Threat Signal

The Threat Signal created by the FortiGuard Labs is intended to provide you with insight on emerging issues that are trending within the cyber threat landscape. The Threat Signal will provide concise technical details about the issue, mitigation recommendations and a perspective from the FortiGuard Labs team in an FAQ style format.

Whether it’s significant vulnerability disclosures including high profile zero days, coordinated announcements with Cyber Threat Alliance partners, malware of significance, or any threat making the news cycle, FortiGuard Threat Signals are there for you.

DeadRinger: Prolonged Cyber Espionage Campaign on ASEAN Telecommunications Industry

FortiGuard Labs is aware of a recent report that the telecommunications industry in the Southeast Asian region was the tar...

Aug 05, 2021 TLP Level: Threat Level: MED ID: 39

New Remote Access Trojan FatalRAT distributed through Telegram and forums

FortiGuard Labs is aware of a report that FatalRAT is being distributed through forums and Telegram channels. FatalRAT is ...

Aug 03, 2021 TLP Level: Threat Level: MED ID: 37

VBA-based RAT Distributed via Double Attack Vectors

FortiGuard Labs is aware of a report that a VBA-based Remote Access Trojan (RAT) was distributed in a fake statement docum...

Aug 02, 2021 TLP Level: Threat Level: MED ID: 36

Praying Mantis: An advanced and persistent threat actor attacked prominent targets in the United States

FortiGuard Labs is aware of a report that an advanced and persistent threat actor "Praying Mantis" targeted several high-p...

Aug 01, 2021 TLP Level: Threat Level: MED ID: 40

Attack on the Iranian train system by Meteor Wiper

FortiGuard Labs is aware of multiple reports that the Iranian train system was attacked using a previously unknown wiper m...

Jul 30, 2021 TLP Level: Threat Level: MED ID: 35

LockBit 2.0 Ransomware as a Service (RaaS) Incorporates Enhanced Delivery Mechanism via Group Policy

FortiGuard Labs is aware of a new variant of the LockBit ransomware, specifically version 2.0. LockBit 2.0 is ransomware a...

Jul 28, 2021 TLP Level: Threat Level: MED ID: 34

Unpatched Windows Elevation of Privilege Vulnerability (CVE-2021-36934) Disclosed to the Public

On July 20th, 2021, Carnegie Mellon University's CERT Coordination Center publicly disclosed information on an un-patched ...

Jul 21, 2021 TLP Level: Threat Level: MED ID: 31

Joint CyberSecurity Advisory on APT40 Attacks Targeting Organizations Worldwide (CISA-FBI)

On July 19th, a joint cybersecurity advisory was issued by the United States Federal Bureau of Investigation (FBI) and the...

Jul 20, 2021 TLP Level: Threat Level: MED ID: 30

Joint Cybersecurity Advisory on Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013 (AA21-201A)

Today, the United States Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (...

Jul 20, 2021 TLP Level: Threat Level: MED ID: 29

More than 100 Victims Infected with DevilsTongue Spyware using Microsoft 0-day Vulnerabilities

FortiGuard Labs is aware of a report that a commercially sold spyware "DevilsTongue" infected more than 100 victims by lev...

Jul 15, 2021 TLP Level: Threat Level: MED ID: 28

SolarWinds Serv-U Zero Day Remote Code Execution Vulnerability (CVE-2021-35211)

Update as of July 14, 2021 - Microsoft has published a blog post on the attack that took advantage of the vulnerability an...

Jul 13, 2021 TLP Level: Threat Level: MED ID: 26

Reports of Active in the Wild Exploitation of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) XSS Vulnerability (CVE-2020-3580)

FortiGuard Labs is aware of reports of new active in-the-wild exploitation of CVE-2020-3580, which is a cross site scripti...

Jun 25, 2021 TLP Level: Threat Level: MED ID: 22

NetFilter - Rootkit Signed with a Valid Digital Certificate

FortiGuard Labs is aware of reports of a recently discovered rootkit named NetFilter. Netfilter, discovered by security r...

Jun 18, 2021 TLP Level: Threat Level: MED ID: 21

FiveHands Ransomware - New Malware Analysis Report from CISA

The United States Cybersecurity and Infrastructure Security Agency (CISA) published a malware analysis report (MAR) on the...

May 06, 2021 TLP Level: Threat Level: MED ID: 17

N3TW0RM Ransomware Targeting Israeli Organizations

FortiGuard Labs is aware of recent reports of the N3TW0RM ransomware surfacing in attacks targeting organizations in Israe...

May 04, 2021 TLP Level: Threat Level: MED ID: 15

Network

Content and Endpoint

Application

Response

FortiNDR

FortiSandbox

FortiTester

Threat Signal

News / Research

Network

Content and Endpoint

Application

Response

FortiGate

FortiDeceptor

FortiClient

FortiMail

FortiEDR

FortiADC WAF Security

FortiAnalyzer/FortiSIEM

FortiCWP

FortiWeb

FortiNDR

FortiSandbox

FortiTester

Threat Lookup

PSIRT

Resources

Threat Signal