Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-11-15FortinetJoie Salvio, Roy Tay
@online{salvio:20221115:new:b7c34bb, author = {Joie Salvio and Roy Tay}, title = {{New RapperBot Campaign – We Know What You Bruting for this Time}}, date = {2022-11-15}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-rapperbot-campaign-ddos-attacks}, language = {English}, urldate = {2022-11-21} } New RapperBot Campaign – We Know What You Bruting for this Time
RapperBot
2022-11-10FortinetShunichi Imano, James Slaughter
@online{imano:20221110:ransomware:f3245bf, author = {Shunichi Imano and James Slaughter}, title = {{Ransomware Roundup: New Inlock and Xorist Variants}}, date = {2022-11-10}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/Ransomware-Roundup-New-Inlock-and-Xorist-Variants}, language = {English}, urldate = {2022-11-21} } Ransomware Roundup: New Inlock and Xorist Variants
Inlock Xorist
2022-10-20FortinetCara Lin
@online{lin:20221020:mirai:6945658, author = {Cara Lin}, title = {{Mirai, RAR1Ransom, and GuardMiner – Multiple Malware Campaigns Target VMware Vulnerability}}, date = {2022-10-20}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/multiple-malware-campaigns-target-vmware-vulnerability}, language = {English}, urldate = {2022-11-21} } Mirai, RAR1Ransom, and GuardMiner – Multiple Malware Campaigns Target VMware Vulnerability
Mirai
2022-10-13FortinetShunichi Imano, James Slaughter
@online{imano:20221013:ransomware:d68098e, author = {Shunichi Imano and James Slaughter}, title = {{Ransomware Roundup: Royal Ransomware}}, date = {2022-10-13}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ransomware-roundup-royal-ransomware}, language = {English}, urldate = {2022-10-25} } Ransomware Roundup: Royal Ransomware
Royal Ransom
2022-10-05FortinetXiaopeng Zhang
@online{zhang:20221005:excel:ac2668c, author = {Xiaopeng Zhang}, title = {{Excel Document Delivers Multiple Malware by Exploiting CVE-2017-11882 – Part II}}, date = {2022-10-05}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/excel-document-delivers-multiple-malware-exploiting-cve-2017-11882-part-two}, language = {English}, urldate = {2022-11-15} } Excel Document Delivers Multiple Malware by Exploiting CVE-2017-11882 – Part II
Formbook RedLine Stealer
2022-09-19FortinetXiaopeng Zhang
@online{zhang:20220919:excel:0e222e2, author = {Xiaopeng Zhang}, title = {{Excel Document Delivers Multiple Malware By Exploiting CVE-2017-11882 – Part I}}, date = {2022-09-19}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/excel-document-delivers-malware-by-exploiting-cve-2017-11882}, language = {English}, urldate = {2022-11-15} } Excel Document Delivers Multiple Malware By Exploiting CVE-2017-11882 – Part I
Formbook RedLine Stealer
2022-08-22FortinetShunichi Imano, Fred Gutierrez
@online{imano:20220822:tale:9a74924, author = {Shunichi Imano and Fred Gutierrez}, title = {{A Tale of PivNoxy and Chinoxy Puppeteer}}, date = {2022-08-22}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/pivnoxy-and-chinoxy-puppeteer-analysis}, language = {English}, urldate = {2022-08-28} } A Tale of PivNoxy and Chinoxy Puppeteer
Chinoxy Poison Ivy
2022-08-18FortinetShunichi Imano, James Slaughter
@online{imano:20220818:ransomware:a073b3f, author = {Shunichi Imano and James Slaughter}, title = {{Ransomware Roundup: Gwisin, Kriptor, Cuba, and More}}, date = {2022-08-18}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ransomware-roundup-gwisin-kriptor-cuba-and-more}, language = {English}, urldate = {2022-08-28} } Ransomware Roundup: Gwisin, Kriptor, Cuba, and More
Cuba
2022-08-12FortinetOmri Misgav
@online{misgav:20220812:swan:8691537, author = {Omri Misgav}, title = {{The Swan Song for Driver Signature Enforcement Tampering}}, date = {2022-08-12}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/driver-signature-enforcement-tampering}, language = {English}, urldate = {2022-08-28} } The Swan Song for Driver Signature Enforcement Tampering
2022-08-08FortinetJames Slaughter
@online{slaughter:20220808:life:5db63b6, author = {James Slaughter}, title = {{Life After Death - SmokeLoader Continues to Haunt Using Old Vulnerabilities}}, date = {2022-08-08}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/smokeloader-using-old-vulnerabilities}, language = {English}, urldate = {2022-08-11} } Life After Death - SmokeLoader Continues to Haunt Using Old Vulnerabilities
SmokeLoader
2022-08-04FortinetShunichi Imano, James Slaughter
@online{imano:20220804:ransomware:64610c9, author = {Shunichi Imano and James Slaughter}, title = {{Ransomware Roundup: Redeemer, Beamed, and More}}, date = {2022-08-04}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ransomware-roundup-redeemer-beamed-and-more}, language = {English}, urldate = {2022-08-11} } Ransomware Roundup: Redeemer, Beamed, and More
2022-08-03FortinetJoie Salvio, Roy Tay
@online{salvio:20220803:so:de64b7a, author = {Joie Salvio and Roy Tay}, title = {{So RapperBot, What Ya Bruting For?}}, date = {2022-08-03}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/rapperbot-malware-discovery}, language = {English}, urldate = {2022-08-08} } So RapperBot, What Ya Bruting For?
RapperBot
2022-08-03FortinetWayne Chin Yick Low
@online{low:20220803:journey:7d7b2ae, author = {Wayne Chin Yick Low}, title = {{Journey to Network Protocol Fuzzing – Dissecting Microsoft IMAP Client Protocol}}, date = {2022-08-03}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/analyzing-microsoft-imap-client-protocol}, language = {English}, urldate = {2022-08-11} } Journey to Network Protocol Fuzzing – Dissecting Microsoft IMAP Client Protocol
2022-07-19FortinetXiaopeng Zhang
@online{zhang:20220719:new:a3b1085, author = {Xiaopeng Zhang}, title = {{New Variant of QakBot Being Spread by HTML File Attached to Phishing Emails}}, date = {2022-07-19}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-variant-of-qakbot-spread-by-phishing-emails}, language = {English}, urldate = {2022-07-25} } New Variant of QakBot Being Spread by HTML File Attached to Phishing Emails
QakBot
2022-07-18FortinetTom Hegel
@online{hegel:20220718:from:21160ee, author = {Tom Hegel}, title = {{From the Front Lines | 8220 Gang Massively Expands Cloud Botnet to 30,000 Infected Hosts}}, date = {2022-07-18}, organization = {Fortinet}, url = {https://www.sentinelone.com/blog/from-the-front-lines-8220-gang-massively-expands-cloud-botnet-to-30000-infected-hosts}, language = {English}, urldate = {2022-07-25} } From the Front Lines | 8220 Gang Massively Expands Cloud Botnet to 30,000 Infected Hosts
2022-07-18FortinetFortiGuard Labs
@online{labs:20220718:ransomware:69b4e95, author = {FortiGuard Labs}, title = {{Ransomware Roundup: Protecting Against New Variants}}, date = {2022-07-18}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ransomware-roundup-new-variants}, language = {English}, urldate = {2022-07-25} } Ransomware Roundup: Protecting Against New Variants
LockBit LockBit
2022-07-12FortinetJames Slaughter
@online{slaughter:20220712:spoofed:5c3ce2f, author = {James Slaughter}, title = {{Spoofed Saudi Purchase Order Drops GuLoader – Part 2}}, date = {2022-07-12}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/spoofed-saudi-purchase-order-drops-guloader-part-two}, language = {English}, urldate = {2022-07-15} } Spoofed Saudi Purchase Order Drops GuLoader – Part 2
CloudEyE
2022-07-07FortinetErin Lin
@online{lin:20220707:notable:71d2df3, author = {Erin Lin}, title = {{Notable Droppers Emerge in Recent Threat Campaigns}}, date = {2022-07-07}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/notable-droppers-emerge-in-recent-threat-campaigns}, language = {English}, urldate = {2022-07-15} } Notable Droppers Emerge in Recent Threat Campaigns
BumbleBee Emotet PhotoLoader QakBot
2022-07-06FortinetCara Lin
@online{lin:20220706:from:1196ee3, author = {Cara Lin}, title = {{From Follina to Rozena - Leveraging Discord to Distribute a Backdoor}}, date = {2022-07-06}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/follina-rozena-leveraging-discord-to-distribute-a-backdoor}, language = {English}, urldate = {2022-07-12} } From Follina to Rozena - Leveraging Discord to Distribute a Backdoor
Rozena
2022-06-01FortinetShunichi Imano, James Slaughter, Fred Gutierrez
@online{imano:20220601:cve202230190:e43f2d3, author = {Shunichi Imano and James Slaughter and Fred Gutierrez}, title = {{CVE-2022-30190: Microsoft Support Diagnostic Tool (MSDT) RCE Vulnerability “Follina”}}, date = {2022-06-01}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/analysis-of-follina-zero-day}, language = {English}, urldate = {2022-06-07} } CVE-2022-30190: Microsoft Support Diagnostic Tool (MSDT) RCE Vulnerability “Follina”
turian