FortiGuard Labs uncovers ToolShell, a sophisticated exploit chain targeting Microsoft SharePoint servers using a mix of patched and zero-day CVEs. Learn how attackers deploy GhostWebShell and KeySiphon for stealthy remote code execution and credential theft. This article has been…
Category: Fortinet Threat Research Blog
In-Depth Analysis of an Obfuscated Web Shell Script
Detailed analysis of an obfuscated web shell used in a CNI attack. Explores its structure, traffic patterns, and Fortinet’s detection and protection. This article has been indexed from Fortinet Threat Research Blog Read the original article: In-Depth Analysis of…
A Special Mission to Nowhere
Following the Israel-Iran ceasefire, FortiGuard Labs uncovered a phishing campaign posing as a private jet evacuation service from Tel Aviv to New York. Learn how attackers used crisis-driven fear to steal personal and financial data. This article has been…
NailaoLocker Ransomware’s “Cheese”
FortiGuard Labs analyzes NailaoLocker ransomware, a unique variant using SM2 encryption and a built-in decryption function. Learn how it works, why it matters, and how Fortinet protects against it. This article has been indexed from Fortinet Threat Research Blog…
Improving Cloud Intrusion Detection and Triage with FortiCNAPP Composite Alerts
FortiCNAPP Composite Alerts link weak signals into clear timelines—helping security teams detect cloud-native threats earlier and triage them faster. This article has been indexed from Fortinet Threat Research Blog Read the original article: Improving Cloud Intrusion Detection and Triage…
Old Miner, New Tricks
FortiCNAPP Labs uncovers Lcrypt0rx, a likely AI-generated ransomware variant used in updated H2Miner campaigns targeting cloud resources for Monero mining. This article has been indexed from Fortinet Threat Research Blog Read the original article: Old Miner, New Tricks
How FortiSandbox 5.0 Detects Dark 101 Ransomware Despite Evasion Techniques
Discover how FortiSandbox 5.0 detects Dark 101 ransomware, even with sandbox evasion tactics. Learn how advanced behavioral analysis blocks file encryption, system tampering, and ransom note deployment. This article has been indexed from Fortinet Threat Research Blog Read the…
Catching Smarter Mice with Even Smarter Cats
Explore how AI is changing the cat-and-mouse dynamic of cybersecurity, from cracking obfuscation and legacy languages to challenging new malware built with Flutter, Rust, and Delphi. This article has been indexed from Fortinet Threat Research Blog Read the original…
NordDragonScan: Quiet Data-Harvester on Windows
FortiGuard Labs explores how NordDragonScan utilizes an effective distribution network for dissemination. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: NordDragonScan: Quiet Data-Harvester on Windows
DCRAT Impersonating the Colombian Government
Threat actor impersonates Colombian government to deliver DCRAT via phishing email, using obfuscation, steganography, and PowerShell payload chains. This article has been indexed from Fortinet Threat Research Blog Read the original article: DCRAT Impersonating the Colombian Government