Threat Signal

The Threat Signal created by the FortiGuard Labs is intended to provide you with insight on emerging issues that are trending within the cyber threat landscape. The Threat Signal will provide concise technical details about the issue, mitigation recommendations and a perspective from the FortiGuard Labs team in an FAQ style format.

Whether it’s significant vulnerability disclosures including high profile zero days, coordinated announcements with Cyber Threat Alliance partners, malware of significance, or any threat making the news cycle, FortiGuard Threat Signals are there for you.

TP-Link Archer AX-21 Command Injection Vulnerability (CVE-2023-1389) Exploited in the Wild
What is TP-Link Archer AX21 (AX1800)? TP-Link Archer AX21 (AX1800) is a line of consumer-oriented Wi-Fi routers....
May 09, 2023 Threat Level: MED ID: 38
Detection Spike Observed for DVR Authentication Bypass Vulnerability (CVE-2018-9995)
FortiGuard Labs has recently observed a detection spike in DVR Authentication Bypass Vulnerability (CVE-2018-9995). This i...
May 01, 2023 Threat Level: MED ID: 36
Realtek Jungle SDK Vulnerability (CVE-2021-35394) Still Actively being Exploited in the Wild
FortiGuard Labs has observed threat actors continuing to exploit an arbitrary command injection vulnerability in Realtek J...
Mar 21, 2023 Threat Level: MED ID: 28
AndroxGh0st Malware Actively Used in the Wild
FortiGuard Labs is aware that AndroxGh0st malware is actively used in the field to primarily target .env files that contai...
Mar 17, 2023 Threat Level: MED ID: 27
Multiple Progress Telerik UI Vulnerabilities Exploited in the Wild
FortiGuard Labs recently observed that multiple vulnerabilities (CVE-2019-18935, CVE-2017-11317 and CVE-2017-11357) in Pro...
Mar 15, 2023 Threat Level: MED ID: 24
Microsoft March Patch Tuesday Release Contains Two New Zero Days and 80 Security Updates
Editors Note - 3/21. IPS signature for CVE-2023-23397 (MS.Outlook.CVE-2023-23397.Elevation.Of.Privilege) added to "What is...
Mar 14, 2023 Threat Level: MED ID: 23
New WhiteSnake Infostealer Sold in Underground
FortiGuard Labs is aware of a report that a new infostealer malware dubbed "WhiteSnake" is being sold in underground forum...
Feb 28, 2023 Threat Level: MED ID: 16
ESXiArgs Ransomware Globally Targets Unpatched ESXi Servers Worldwide
UPDATE 2023/02/07: Added CISA ESXiArgs-Recover Tool in Q&A and APPENDIX section.FortiGuard Labs is aware of reports that E...
Feb 06, 2023 Threat Level: MED ID: 10
New HeadCrab Malware Targets Redis Servers
FortiGuard Labs is aware of a report that a new malware "HeadCrab" was deployed to over 1,000 Redis servers around the glo...
Feb 03, 2023 Threat Level: MED ID: 9
HIDDENCOBRA (APT38) Responsible for 100M USD Cyberheist Against Blockchain Provider
Earlier the FBI announced that HIDDEN COBRA (also known as APT38/LAZARUS) is behind the latest cyberheist of 100M against ...
Jan 24, 2023 Threat Level: MED ID: 7
Proof-of-Concept Released for Zoho ManageEngine RCE vulnerability (CVE-2022-47966)
UPDATE 04/22/2023: Updated Appendix for Outbreak Alert. Added reference to CVE-2022-47966 being leveraged by a subgroup of...
Jan 20, 2023 Threat Level: MED ID: 6
Command Injection Vulnerability (CVE-2022-46169) in Cacti Being Exploited in the Wild
FortiGuard Labs is aware of a report that a recently patched vulnerability in the Cacti network monitoring and management ...
Jan 16, 2023 Threat Level: MED ID: 4
IcedID Abuses Google Search for Distribution
FortiGuard Labs is aware of a report that the IcedID threat actor started to abuse Google pay per click (PPC) to distribut...
Dec 26, 2022 Threat Level: MED ID: 105
Cobalt Mirage Affiliate Deployed Drokbk Malware
FortiGuard Labs is aware of a report that the "Cluster B" group who is an alleged affiliate to the Iranian threat actor "C...
Dec 12, 2022 Threat Level: MED ID: 99
IPS Spike Observed in “TP-Link.Tapo.C200.IP.Camera.Command.Injection”
On December 11th, 2022, FortiGuard Labs observed a significant spike in IPS signature "TP-Link.Tapo.C200.IP.Camera.Command...
Dec 12, 2022 Threat Level: MED ID: 100