Fortinet Threat Research

See how threat actors have abused Remcos to collect sensitive information from victims and remotely control their computers to perform further malicious acts.      

FortiGuard Labs reveals a threat actor spreads Winos4.0, infiltrating gaming apps and targeting the education sector. Learn more.      

A case where an advanced adversary was observed exploiting three vulnerabilities affecting the Ivanti Cloud Services Appliance (CSA). This incident is a prime example of how threat actors chain zero-day vulnerabilities to gain initial access to a victim’s network. Learn more.      

When the GeoServer vulnerability CVE-2024-36401 emerged, the FortiGuard Labs gathered related intelligence. This blog highlights the threat actors and how they exploit and use the vulnerability.      

FortiGuard Labs has uncovered a fresh threat – Emansrepo stealer, which is distributed via multiple attack chains for months. Learn more.      

The Underground ransomware has victimized companies in various industries since July 2023. It encrypts files without changing the original file extension. Learn more.      

Fortinet’s FortiGuard Labs caught a phishing campaign in the wild with a malicious Excel document attached to the phishing email. Get a deep analysis of the campaign and how it delivers a new variant of Snake Keylogger.      

A technical analysis of the ongoing ValleyRat multi-stage malware campaign’s diverse techniques and characteristics.      

Incident response preparation is not optional. Here are ten activities every organization should consider implementing. Read more.      

FortiGuard Lab reveals a malware “PureHVNC”, sold on the cybercrime forum, is spreading through a phishing campaign targeting employees via a python multi-stage loader. Learn more.