Weekly Threat Briefs

FortiGuard Labs uses its industry leading global infrastructure of threat sensors, honeypots, and collectors to provide you with the largest source of data of any pure play network security vendor. Data is collected from all of these sources on a continual basis and analyzed by Fortinet’s world-wide team of analysts to provide you with a weekly recap of the incidents and threats you care the most about.

On this page you will find an archive of our weekly Threat Intelligence Briefs, as well as the ability to sign up to receive these briefs every Friday. Join the thousands of other security-minded professionals who receive these weekly briefs!

Last week, the United States Cyber National Mission Force (CNMF), aka USCYBERCOM, tweeted a notification for samples seen in the wild actively exploiting CVE-2017-11774, which is a security bypass vulnerability in Microsoft Outlook. These samples were provided to us in advance via our partnership wi...

Jul 12, 2019
Quit While You Are Ahead --Two weeks ago, the GandCrab authors announced their abrupt retirement from the ransomware industry, specifically the ransomware-as-a-service (RaaS) vertical (if one exists). GandCrab, if you recall, was the most prolific ransomware of 2018, and it appeared that the trend w...

Jun 28, 2019
HawkEye -- FortiGuard Labs researchers recently discovered a new HawkEye malware variant being distributed via a phishing email. HawkEye is known as a keylogger and application credential stealing malware. Past variants spread through email using common Microsoft Office documents (Word, Excel, etc.)...

Jun 21, 2019
Activity Summary - Week Ending June 14, 2019 Get Patching -- Microsoft recently released a patch for a critical Remote Desktop Protocol (RDP) vulnerability (CVE-2019-0708). This vulnerability, codenamed BlueKeep, if exploited, could be turned into a self-replicating worm that could impact computers...

Jun 14, 2019
MageCart Analysis -- FortiGuard Labs has been monitoring the development on the e-commerce threat landscape. Recently, we delved into deeper analysis of MageCart, a name given to numerous cybercriminal groups that embed digital skimmers on compromised e-commerce sites in order to steal payment card...

Jun 07, 2019