As cyber threats continue to grow and evolve, so does the need for innovative solutions and reliable threat intelligence. Using millions of global network sensors, FortiGuard Labs monitors the worldwide attack surface and employs artificial intelligence (AI) to mine that data for new threats, ensuring you are prepared for what’s coming.
When a cybersecurity attack with large ramifications affects numerous organizations, FortiGuard Outbreak Alerts are here to help you understand what happened, learn the technical details of the attack, and how you can protect yourself now and in the future.
What is the C-DATA Web Management System RCE Attack?
FortiGuard Labs observed a critical level of attack attempts in the wild targeting a 2-year-old vulnerability found on C-DATA Web Management System. The vulnerability CVE-2022-4257 allows a remote attacker to execute arbitrary commands on the target system. Read more
FortiGuard Labs telemetry shows attack attempts on over 40,000+ unique IPS devices in the week of the release of this outbreak. The majority of the blocked attacks are from IPS devices located in Japan, the United States, and Australia. The exploit has been available publicly, and as of now, we are not aware of any patches available from the vendor.
An Outbreak Alert report is posted on the FortiGuard Labs website, it provides details on all the FortiGuard services that provide detection, and protection, as well as how to respond, recover, and identify the attack. Read less
What is the Akira Ransomware?
First detected in March/April of 2023, this ransomware group primarily focuses on small to medium-sized businesses, driven by financial motives. Like other notorious ransomware, Akira utilizes familiar tactics such as Ransomware-as-a-Service and double extortion to maximize their profits. The ransomware uses virtual private network (VPN) service without multifactor authentication (MFA)- mostly using known Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269, external-facing services such as Remote Desktop Protocol, spear phishing, and the abuse of valid credentials. Read more
FortiGuard Labs continues to observe detections in the wild related to the Akira ransomware group. According to the new report by CISA, it has targeted over 250 organizations since early 2023, affecting numerous businesses and critical infrastructure entities across North America, Europe, and Australia. The gang has made over $42 million from the attacks as ransom payments.
An Outbreak Alert report is posted on the FortiGuard Labs website, it provides details on all the FortiGuard services that provide detection and protection, as well as how to respond, recover, and identify the attack. Read less
What is the PAN-OS GlobalProtect Command Injection Attack?
The attack identified as CVE-2024-3400 allows a malicious actor to exploit an unauthenticated OS Command Injection vulnerability on PAN-OS GlobalProtect devices. The vulnerability has a CVSS score of 10.0. CISA has issued an alert adding the vulnerability to the Known Exploited Vulnerability catalog. Read more
The command injection vulnerability exists in the GlobalProtect of the PAN-OS devices. Once connection is established, the attacker can install a custom Python backdoor, pivot into the internal networks and exfiltrate data.
An Outbreak Alert report is posted on the FortiGuard Labs website, it provides details on all the FortiGuard services that provide detection and protection, as well as how to respond, recover, and identify the attack. Read less
Cyberattacks can occur at any time. The number of outbreak alerts you receive can vary anywhere from once per month to several times per week.
Join Fortinet's top threat experts as they delve into today's critical cybersecurity topics and the ever-evolving cyber threat landscape.
|
Join us for another episode of the FortiGuard Labs Threat Intelligence Podcast as Jonas Walker and Aamir Lakhani join forces to discuss the recent MOVEit vulnerability and how the Cl0p ransomware groups have orchestrated an extensive campaign around it, making over $100M in revenue.
Listen Now
In this report, we examine the cyberthreat landscape in 2H 2023 to identify trends and offer insights on what security professionals should know.
FortiGuard Labs discovered the new botnet “Goldoon” targeting D-Link devices through related vulnerability CVE-2015-2051. Learn more.
The KageNoHitobito and DoNex are recent ransomware that are financially motivated, demanding payment from victims to decrypt files. Learn more.
FortiGuard Labs unearthed a malicious PyPi package that aims to extract sensitive information from unsuspecting victims. Get an analysis of its origins and propagation methods.
FortiGuard Labs unveils Moobot, Miori, AGoent, Gafgyt and more exploiting TP-Link Archer AX21 vulnerability CVE-2023-1389. Learn more.
FortiGuard Labs uncovered a threat actor using ScrubCrypt to spread VenomRAT along with multiple RATs. Learn more.
FortiGuard Labs has uncovered the Byakugan malware behind a recent malware campaign distributed by malicious PDF files. Learn more.
The RA World ransomware, which debuted late last year, claims to be holding more than 20 organizations worldwide hostage for financial gain. Learn more.
FBI Warns against public phone charging stations
To address the talent shortage facing SOC teams Fortinet's enhanced services help SOC teams reduce their cyber risk concerns and allowing more time for higher-priority projects. View the details in the press release.
New research underscores the importance of effective cyber awareness training for employees to decrease cyber risks, with more than 50% of leaders indicating their employees lack proper knowledge
“Fortinet is honored to become a member of JCDC to build on our existing collaboration and trusted relationship with the U.S. government to help improve our nation’s cybersecurity.” - Ken Xie, Founder, Chairman of the Board, and Chief Executive Officer at Fortinet
By integrating current threat intelligence into defense strategies, cybersecurity staff can effectively anticipate, prevent, and respond to cyberattacks. This webinar will walk through the concept of Threat Informed Defense, the MITRE CTID, two recently published projects, and current projects in the works.
The threat landscape is changing faster than ever. Over the past six months, FortiGuard Labs identified 10,666 new ransomware variants—twice as many as in the previous 6 months. See what our experts had to say.
Our FortiGuard Labs experts discuss the cyber threat activity we saw in the second half of 2022, predictions for 2023, and smart strategies you can implement today.
FortiGuard Labs Global Threat Landscape Report offers a snapshot of the active threat landscape and highlights the latest industry trends.
Gain an in-depth understanding of various threat categories, including vulnerabilities, targeted attacks, ransomware campaigns, and OT- and IoT-related threats.
FortiGuard Labs’ threat predictions report examines a new era of advanced persistent cybercrime, discusses how AI is changing the attack game, and shares fresh trends to watch for in 2024.
The FortiGuard Incident Response team provides both proactive and reactive incident response services, which are platform-agnostic and available to all organizations across the globe. Incident response teams like ours get unique exposure to attacks and threat vectors compared to many teams working in the cybersecurity field as we are often involved in investigating incidents where the victim’s defenses have failed.
FortiGuard Labs 1H 2023 Global Threat Landscape Report provides valuable intelligence and early warning for potential threat activity.
An Annual Perspective by FortiGuard Labs
New vulnerabilities are on the rise, but don’t count out the old. Don’t become a statistic - get the latest Global Threat Landscape report.
FortiGuard Labs Global Threat Landscape Report offers a snapshot of the active threat landscape and highlights the latest industry trends.
FortiGuard Labs 1H 2023 Global Threat Landscape Report provides valuable intelligence and early warning for potential threat activity.
New vulnerabilities are on the rise, but don’t count out the old. Don’t become a statistic - get the latest Global Threat Landscape report.
FortiGuard Labs believes that sharing intelligence and working with other threat intelligence organizations improves protections for customers and enhances the effectiveness of the entire cybersecurity industry. Our leadership helps take the fight to our adversaries and produces a more successful disruption model by leveraging these relationships.
For decades we have been faced with the classic ‘last mile’ challenge when it comes to information sharing and threat intelligence.
Watch Now
Fortinet is now an official Research Partner with MITRE Engenuity’s Center for Threat-Informed Defense (Center).
Read Blog
FortiGuard application security services protect, monitor, and optimize application performance and usage.
Find solution guides, eBooks, data sheets, analyst reports, and more.
