Fortinet Threat Research

Explore how FortiSandbox 5.0 detected this malware, the behavioral indicators it leveraged for identification, and Snake Keylogger’s technique to evade detection and analysis.      

Get insights into the Lynx ransomware, which is considered the successor to the INC ransomware. This double-extortion ransomware has threatened more than 90 organizations worldwide, including those in the healthcare and energy sectors. Learn more.      

FortiGuard Labs reverse engineers a malware’s binaries to look into what the malware is actually doing.      

FortiGuard Labs observes a threat actor using a LNK file to deploy Coyote attacks, unleashing malicious payloads and escalating the risk to financial cybersecurity.      

An in-depth analysis of how a remote attacker deployed a rootkit and a user-space binary file by executing a shell script.      

An example of a recent phishing attempt and how to spot the obvious phishing tell-tales.      

Get detailed tactics associated with EC2 Grouper and how Lacework FortiCNAPP can be leveraged to detect this threat.      

FortiGuard Labs recently noticed that attackers still use and deliver two different botnets via D-Link exposing a HNAP interface weakness. Learn more.      

In this FortiGuard analysis, we examine the Python scripts behind two malicious packages, outline their behaviors, and provide insights into their potential impact.      

Fortinet contributes to major INTERPOL and AFRIPOL cybercrime operations arrests of members of cybercrime groups operating across Africa. These individuals specialize in ransomware, digital extortion, online scams, and Business Email Compromise (BEC) attacks.