Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-11-17CISAFBI, CISA, Australian Cyber Security Centre (ACSC), NCSC UK
@techreport{fbi:20211117:iranian:e4ba10a, author = {FBI and CISA and Australian Cyber Security Centre (ACSC) and NCSC UK}, title = {{Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities}}, date = {2021-11-17}, institution = {CISA}, url = {https://us-cert.cisa.gov/sites/default/files/publications/AA21-321A-Iranian%20Government-Sponsored%20APT%20Actors%20Exploiting%20Microsoft%20Exchange%20and%20Fortinet%20Vulnerabilities.pdf}, language = {English}, urldate = {2021-11-18} } Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
2021-11-11FortinetShunichi Imano, Fred Gutierrez
@online{imano:20211111:to:52e0c90, author = {Shunichi Imano and Fred Gutierrez}, title = {{To Joke or Not to Joke: COVID-22 Brings Disaster to MBR}}, date = {2021-11-11}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/to-joke-or-not-to-joke-covid-22-brings-disaster-to-mbr}, language = {English}, urldate = {2021-11-17} } To Joke or Not to Joke: COVID-22 Brings Disaster to MBR
Covid22
2021-11-04FortinetXiaopeng Zhang
@online{zhang:20211104:deep:edcd241, author = {Xiaopeng Zhang}, title = {{Deep Dive into a Fresh Variant of Snake Keylogger Malware}}, date = {2021-11-04}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/deep-dive-into-a-fresh-variant-of-snake-keylogger-malware}, language = {English}, urldate = {2021-11-08} } Deep Dive into a Fresh Variant of Snake Keylogger Malware
404 Keylogger
2021-10-28FortinetShunichi Imano, Fred Gutierrez
@online{imano:20211028:chaos:7725fa9, author = {Shunichi Imano and Fred Gutierrez}, title = {{Chaos Ransomware Variant in Fake Minecraft Alt List Brings Destruction to Japanese Gamers}}, date = {2021-10-28}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/chaos-ransomware-variant-in-fake-minecraft-alt-list-brings-destruction}, language = {English}, urldate = {2021-11-03} } Chaos Ransomware Variant in Fake Minecraft Alt List Brings Destruction to Japanese Gamers
Chaos
2021-10-22FortinetCara Lin
@online{lin:20211022:recent:248c7d4, author = {Cara Lin}, title = {{Recent Attack Uses Vulnerability on Confluence Server}}, date = {2021-10-22}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/recent-attack-uses-vulnerability-on-confluence-server}, language = {English}, urldate = {2021-10-26} } Recent Attack Uses Vulnerability on Confluence Server
Tsunami BillGates
2021-09-30FortinetShunichi Imano, Fred Gutierrez
@online{imano:20210930:ranion:f6137ac, author = {Shunichi Imano and Fred Gutierrez}, title = {{Ranion Ransomware - Quiet and Persistent RaaS}}, date = {2021-09-30}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ranion-ransomware-quiet-and-persistent-raas}, language = {English}, urldate = {2021-10-24} } Ranion Ransomware - Quiet and Persistent RaaS
Ranion
2021-09-14FortinetJohn Simmons
@online{simmons:20210914:more:f8ade2c, author = {John Simmons}, title = {{More ProxyShell? Web Shells Lead to ZeroLogon and Application Impersonation Attacks}}, date = {2021-09-14}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/more-proxyshell-web-shells-lead-to-zerologon-and-application-impersonation-attacks}, language = {English}, urldate = {2021-09-19} } More ProxyShell? Web Shells Lead to ZeroLogon and Application Impersonation Attacks
2021-09-10FortinetXiaopeng Zhang
@online{zhang:20210910:new:25d8475, author = {Xiaopeng Zhang}, title = {{New Dridex Variant Being Spread By Crafted Excel Document}}, date = {2021-09-10}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-dridex-variant-being-spread-by-crafted-excel-document?&web_view=true}, language = {English}, urldate = {2021-09-12} } New Dridex Variant Being Spread By Crafted Excel Document
DoppelDridex
2021-07-19FortinetXiaopeng Zhang
@online{zhang:20210719:fresh:13c1c56, author = {Xiaopeng Zhang}, title = {{Fresh Malware Hunts for Crypto Wallet and Credentials}}, date = {2021-07-19}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/fresh-malware-hunts-for-crypto-wallet-and-credentials}, language = {English}, urldate = {2021-07-26} } Fresh Malware Hunts for Crypto Wallet and Credentials
2021-07-19FortinetVal Saengphaibul, Fred Gutierrez
@online{saengphaibul:20210719:signed:d9f809c, author = {Val Saengphaibul and Fred Gutierrez}, title = {{Signed, Sealed, and Delivered – Signed XLL File Delivers Buer Loader}}, date = {2021-07-19}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/signed-sealed-and-delivered-signed-xll-file-delivers-buer-loader}, language = {English}, urldate = {2021-07-26} } Signed, Sealed, and Delivered – Signed XLL File Delivers Buer Loader
Buer
2021-07-01FortinetDor Neeamni, Asaf Rubinfeld
@online{neeamni:20210701:diavol:d1ed746, author = {Dor Neeamni and Asaf Rubinfeld}, title = {{Diavol - A New Ransomware Used By Wizard Spider?}}, date = {2021-07-01}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/diavol-new-ransomware-used-by-wizard-spider}, language = {English}, urldate = {2021-07-02} } Diavol - A New Ransomware Used By Wizard Spider?
Conti Diavol
2021-06-27FortinetGayathri Thirugnanasambandam
@online{thirugnanasambandam:20210627:spear:86cdf6a, author = {Gayathri Thirugnanasambandam}, title = {{Spear Phishing Campaign with New Techniques Aimed at Aviation Companies}}, date = {2021-06-27}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/spear-phishing-campaign-with-new-techniques-aimed-at-aviation-companies}, language = {English}, urldate = {2021-06-29} } Spear Phishing Campaign with New Techniques Aimed at Aviation Companies
AsyncRAT
2021-06-24FortinetDavid Maciejak, Joie Salvio
@online{maciejak:20210624:ghosts:75b5f92, author = {David Maciejak and Joie Salvio}, title = {{The Ghosts of Mirai}}, date = {2021-06-24}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/the-ghosts-of-mirai}, language = {English}, urldate = {2021-06-29} } The Ghosts of Mirai
Mirai
2021-06-04FortinetXiaopeng Zhang
@online{zhang:20210604:phishing:20bdfa5, author = {Xiaopeng Zhang}, title = {{Phishing Malware Hijacks Bitcoin Addresses and Delivers New Agent Tesla Variant}}, date = {2021-06-04}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/phishing-malware-hijacks-bitcoin-addresses-delivers-new-agent-tesla-variant}, language = {English}, urldate = {2021-06-16} } Phishing Malware Hijacks Bitcoin Addresses and Delivers New Agent Tesla Variant
Agent Tesla
2021-05-17FortinetFred Gutierrez, Gayathri Thirugnanasambandam, Val Saengphaibul
@online{gutierrez:20210517:newly:65d872f, author = {Fred Gutierrez and Gayathri Thirugnanasambandam and Val Saengphaibul}, title = {{Newly Discovered Function in DarkSide Ransomware Variant Targets Disk Partitions}}, date = {2021-05-17}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/newly-discovered-function-in-darkside-ransomware-variant-targets-disk-partitions}, language = {English}, urldate = {2021-05-19} } Newly Discovered Function in DarkSide Ransomware Variant Targets Disk Partitions
DarkSide
2021-05-03FortinetFred Gutierrez, Val Saengphaibul
@online{gutierrez:20210503:spearphishing:4dced65, author = {Fred Gutierrez and Val Saengphaibul}, title = {{Spearphishing Attack Uses COVID-21 Lure to Target Ukrainian Government}}, date = {2021-05-03}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/spearphishing-attack-uses-covid-21-lure-to-target-ukrainian-government}, language = {English}, urldate = {2021-05-04} } Spearphishing Attack Uses COVID-21 Lure to Target Ukrainian Government
2021-04-22FortinetXiaopeng Zhang
@online{zhang:20210422:deep:44cd560, author = {Xiaopeng Zhang}, title = {{Deep Analysis: FormBook New Variant Delivered in Phishing Campaign – Part II}}, date = {2021-04-22}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/deep-analysis-formbook-new-variant-delivered-phishing-campaign-part-ii}, language = {English}, urldate = {2021-04-28} } Deep Analysis: FormBook New Variant Delivered in Phishing Campaign – Part II
Formbook
2021-04-12FortinetXiaopeng Zhang
@online{zhang:20210412:deep:dc35f85, author = {Xiaopeng Zhang}, title = {{Deep Analysis: New FormBook Variant Delivered in Phishing Campaign – Part I}}, date = {2021-04-12}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/deep-analysis-new-formbook-variant-delivered-phishing-campaign-part-I}, language = {English}, urldate = {2021-04-14} } Deep Analysis: New FormBook Variant Delivered in Phishing Campaign – Part I
Formbook
2021-03-11FortinetRotem Kerner
@online{kerner:20210311:whitelist:840f503, author = {Rotem Kerner}, title = {{Whitelist Me, Maybe? “Netbounce” Threat Actor Tries A Bold Approach To Evade Detection}}, date = {2021-03-11}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/netbounce-threat-actor-tries-bold-approach-to-evade-detection}, language = {English}, urldate = {2021-03-16} } Whitelist Me, Maybe? “Netbounce” Threat Actor Tries A Bold Approach To Evade Detection
2021-02-12FortinetXiaopeng Zhang
@online{zhang:20210212:new:0be729d, author = {Xiaopeng Zhang}, title = {{New Bazar Trojan Variant is Being Spread in Recent Phishing Campaign – Part II}}, date = {2021-02-12}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-bazar-trojan-variant-is-being-spread-in-recent-phishing-campaign-part-II}, language = {English}, urldate = {2021-02-20} } New Bazar Trojan Variant is Being Spread in Recent Phishing Campaign – Part II
BazarBackdoor