Threat Signal

The Threat Signal created by the FortiGuard Labs is intended to provide you with insight on emerging issues that are trending within the cyber threat landscape. The Threat Signal will provide concise technical details about the issue, mitigation recommendations and a perspective from the FortiGuard Labs team in an FAQ style format.

Whether it’s significant vulnerability disclosures including high profile zero days, coordinated announcements with Cyber Threat Alliance partners, malware of significance, or any threat making the news cycle, FortiGuard Threat Signals are there for you.

FortiGuard Labs is aware of a report that a variant of UpdateAgent disguised as legitimate software was distributed in the...

Oct 22, 2021 TLP Level: Threat Level: MED ID: 65
FortiGuard Labs is aware of a report that a new threat actor, "Harvester," attacked targets in South Asia with previously ...

Oct 20, 2021 TLP Level: Threat Level: MED ID: 63
FortiGuard Labs is aware of a report that a new threat actor, "Tortillas," is leveraging the ProxyShell exploit to deliver...

Oct 15, 2021 TLP Level: Threat Level: MED ID: 61
FortiGuard Labs is aware of a report that a new Windows 0-day vulnerability (CVE-2021-40449) was used to download and laun...

Oct 13, 2021 TLP Level: Threat Level: MED ID: 60
FortiGuard Labs is aware of a new, Linux malware family named "FontOnLake." FontOnLake is a very sophisticated malware fam...

Oct 08, 2021 TLP Level: Threat Level: MED ID: 59
Update 10/8 - IPS section appended with newly available IPS signature.Update 10/7 - APPENDIX section updated with announc...

Oct 05, 2021 TLP Level: Threat Level: MED ID: 58
FortiGuard Labs is aware of a report that the FamousSparrow APT group has attacked hotels, governments and businesses worl...

Sep 24, 2021 TLP Level: Threat Level: MED ID: 54
Update: 10/5/21 - The "What is the Status of Coverage" section has been updated to reflect the latest IPS signature.FortiG...

Sep 21, 2021 TLP Level: Threat Level: MED ID: 53
Update 9/17 - An IPS signature has been released in definitions (18.160) as "MS.Exchange.Server.SecurityToken.Authenticati...

Aug 30, 2021 TLP Level: Threat Level: MED ID: 48
FortiGuard Labs is aware of a report that the Magniber ransomware is delivered to the victims in South Korea by exploiting...

Aug 15, 2021 TLP Level: Threat Level: MED ID: 45
FortiGuard Labs is aware of a report that a new ransomware, "Grief," was recently rebranded from DoppelPaymer ransomware. ...

Aug 11, 2021 TLP Level: Threat Level: MED ID: 44
FortiGuard Labs is aware that a brand new ransomware "BlackMatter" was found in the wild. BlackMatter is yet another Ranso...

Aug 11, 2021 TLP Level: Threat Level: MED ID: 43
FortiGuard Labs is aware of reports of the disclosure of operational documents and procedures relating to the Conti ransom...

Aug 06, 2021 TLP Level: Threat Level: MED ID: 40
FortiGuard Labs is aware of a recent report that the telecommunications industry in the Southeast Asian region was the tar...

Aug 05, 2021 TLP Level: Threat Level: MED ID: 39
FortiGuard Labs is aware of a report that FatalRAT is being distributed through forums and Telegram channels. FatalRAT is ...

Aug 03, 2021 TLP Level: Threat Level: MED ID: 37