Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-07-12FortinetCara Lin
@online{lin:20230712:lokibot:f77d705, author = {Cara Lin}, title = {{LokiBot Campaign Targets Microsoft Office Document Using Vulnerabilities and Macros}}, date = {2023-07-12}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/lokibot-targets-microsoft-office-document-using-vulnerabilities-and-macros}, language = {English}, urldate = {2023-07-19} } LokiBot Campaign Targets Microsoft Office Document Using Vulnerabilities and Macros
Loki Password Stealer (PWS)
2023-06-21FortinetAxelle Apvrille
@online{apvrille:20230621:fortinet:d3403aa, author = {Axelle Apvrille}, title = {{Fortinet Reverses Flutter-based Android Malware “Fluhorse”}}, date = {2023-06-21}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/fortinet-reverses-flutter-based-android-malware-fluhorse}, language = {English}, urldate = {2023-06-26} } Fortinet Reverses Flutter-based Android Malware “Fluhorse”
FluHorse
2023-04-20FortinetCara Lin
@online{lin:20230420:evilextractor:eacfdcb, author = {Cara Lin}, title = {{EvilExtractor – All-in-One Stealer}}, date = {2023-04-20}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/evil-extractor-all-in-one-stealer}, language = {English}, urldate = {2023-04-25} } EvilExtractor – All-in-One Stealer
EvilExtractor
2023-03-16MandiantAlexander Marvi, BRAD SLAYBAUGH, DAN EBREO, Tufail Ahmed, Muhammad Umair, TINA JOHNSON
@online{marvi:20230316:fortinet:d6ae40c, author = {Alexander Marvi and BRAD SLAYBAUGH and DAN EBREO and Tufail Ahmed and Muhammad Umair and TINA JOHNSON}, title = {{Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation}}, date = {2023-03-16}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/blog/fortinet-malware-ecosystem}, language = {English}, urldate = {2023-04-22} } Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation
2023-02-28FortinetEliran Voronovitch
@online{voronovitch:20230228:can:c257837, author = {Eliran Voronovitch}, title = {{Can You See It Now? An Emerging LockBit Campaign}}, date = {2023-02-28}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/emerging-lockbit-campaign}, language = {English}, urldate = {2023-03-04} } Can You See It Now? An Emerging LockBit Campaign
LockBit
2023-02-02FortinetShunichi Imano
@online{imano:20230202:ransomware:f06b57a, author = {Shunichi Imano}, title = {{Ransomware Roundup – Trigona Ransomware}}, date = {2023-02-02}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ransomware-roundup-trigona-ransomware}, language = {English}, urldate = {2023-02-06} } Ransomware Roundup – Trigona Ransomware
Trigona
2023-01-24FortinetGeri Revay
@online{revay:20230124:year:00a1450, author = {Geri Revay}, title = {{The Year of the Wiper}}, date = {2023-01-24}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/the-year-of-the-wiper}, language = {English}, urldate = {2023-01-25} } The Year of the Wiper
Azov Wiper Bruh Wiper CaddyWiper Cobalt Strike Vidar
2023-01-20The Hacker NewsRavie Lakshmanan
@online{lakshmanan:20230120:chinese:4df7900, author = {Ravie Lakshmanan}, title = {{Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware}}, date = {2023-01-20}, organization = {The Hacker News}, url = {https://thehackernews.com/2023/01/new-chinese-malware-spotted-exploiting.html}, language = {English}, urldate = {2023-01-20} } Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware
BOLDMOVE BOLDMOVE
2022-12-22FortinetShunichi Imano, James Slaughter
@online{imano:20221222:ransomware:87594cb, author = {Shunichi Imano and James Slaughter}, title = {{Ransomware Roundup – Play Ransomware}}, date = {2022-12-22}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ransomware-roundup-play-ransomware}, language = {English}, urldate = {2022-12-24} } Ransomware Roundup – Play Ransomware
PLAY
2022-12-08FortinetShunichi Imano, Fred Gutierrez
@online{imano:20221208:ransomware:b3584f6, author = {Shunichi Imano and Fred Gutierrez}, title = {{Ransomware Roundup – New Vohuk, ScareCrow, and AERST Variants}}, date = {2022-12-08}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ransomware-roundup-new-vohuk-scarecrow-and-aerst-variants}, language = {English}, urldate = {2022-12-19} } Ransomware Roundup – New Vohuk, ScareCrow, and AERST Variants
AESRT ScareCrow Vohuk
2022-11-15FortinetJoie Salvio, Roy Tay
@online{salvio:20221115:new:b7c34bb, author = {Joie Salvio and Roy Tay}, title = {{New RapperBot Campaign – We Know What You Bruting for this Time}}, date = {2022-11-15}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/new-rapperbot-campaign-ddos-attacks}, language = {English}, urldate = {2022-11-21} } New RapperBot Campaign – We Know What You Bruting for this Time
RapperBot
2022-11-10FortinetShunichi Imano, James Slaughter
@online{imano:20221110:ransomware:f3245bf, author = {Shunichi Imano and James Slaughter}, title = {{Ransomware Roundup: New Inlock and Xorist Variants}}, date = {2022-11-10}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/Ransomware-Roundup-New-Inlock-and-Xorist-Variants}, language = {English}, urldate = {2022-11-21} } Ransomware Roundup: New Inlock and Xorist Variants
Inlock Xorist
2022-10-20FortinetCara Lin
@online{lin:20221020:mirai:6945658, author = {Cara Lin}, title = {{Mirai, RAR1Ransom, and GuardMiner – Multiple Malware Campaigns Target VMware Vulnerability}}, date = {2022-10-20}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/multiple-malware-campaigns-target-vmware-vulnerability}, language = {English}, urldate = {2022-11-21} } Mirai, RAR1Ransom, and GuardMiner – Multiple Malware Campaigns Target VMware Vulnerability
Mirai
2022-10-13FortinetShunichi Imano, James Slaughter
@online{imano:20221013:ransomware:d68098e, author = {Shunichi Imano and James Slaughter}, title = {{Ransomware Roundup: Royal Ransomware}}, date = {2022-10-13}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ransomware-roundup-royal-ransomware}, language = {English}, urldate = {2022-10-25} } Ransomware Roundup: Royal Ransomware
Royal Ransom
2022-10-05FortinetXiaopeng Zhang
@online{zhang:20221005:excel:ac2668c, author = {Xiaopeng Zhang}, title = {{Excel Document Delivers Multiple Malware by Exploiting CVE-2017-11882 – Part II}}, date = {2022-10-05}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/excel-document-delivers-multiple-malware-exploiting-cve-2017-11882-part-two}, language = {English}, urldate = {2022-11-15} } Excel Document Delivers Multiple Malware by Exploiting CVE-2017-11882 – Part II
Formbook RedLine Stealer
2022-09-19FortinetXiaopeng Zhang
@online{zhang:20220919:excel:0e222e2, author = {Xiaopeng Zhang}, title = {{Excel Document Delivers Multiple Malware By Exploiting CVE-2017-11882 – Part I}}, date = {2022-09-19}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/excel-document-delivers-malware-by-exploiting-cve-2017-11882}, language = {English}, urldate = {2022-11-15} } Excel Document Delivers Multiple Malware By Exploiting CVE-2017-11882 – Part I
Formbook RedLine Stealer
2022-08-22FortinetShunichi Imano, Fred Gutierrez
@online{imano:20220822:tale:9a74924, author = {Shunichi Imano and Fred Gutierrez}, title = {{A Tale of PivNoxy and Chinoxy Puppeteer}}, date = {2022-08-22}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/pivnoxy-and-chinoxy-puppeteer-analysis}, language = {English}, urldate = {2022-08-28} } A Tale of PivNoxy and Chinoxy Puppeteer
Chinoxy Poison Ivy
2022-08-18FortinetShunichi Imano, James Slaughter
@online{imano:20220818:ransomware:a073b3f, author = {Shunichi Imano and James Slaughter}, title = {{Ransomware Roundup: Gwisin, Kriptor, Cuba, and More}}, date = {2022-08-18}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ransomware-roundup-gwisin-kriptor-cuba-and-more}, language = {English}, urldate = {2022-08-28} } Ransomware Roundup: Gwisin, Kriptor, Cuba, and More
Cuba
2022-08-12FortinetOmri Misgav
@online{misgav:20220812:swan:8691537, author = {Omri Misgav}, title = {{The Swan Song for Driver Signature Enforcement Tampering}}, date = {2022-08-12}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/driver-signature-enforcement-tampering}, language = {English}, urldate = {2022-08-28} } The Swan Song for Driver Signature Enforcement Tampering
2022-08-08FortinetJames Slaughter
@online{slaughter:20220808:life:5db63b6, author = {James Slaughter}, title = {{Life After Death - SmokeLoader Continues to Haunt Using Old Vulnerabilities}}, date = {2022-08-08}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/smokeloader-using-old-vulnerabilities}, language = {English}, urldate = {2023-09-18} } Life After Death - SmokeLoader Continues to Haunt Using Old Vulnerabilities
SmokeLoader zgRAT