Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-01FortinetShunichi Imano, James Slaughter, Fred Gutierrez
@online{imano:20220601:cve202230190:e43f2d3, author = {Shunichi Imano and James Slaughter and Fred Gutierrez}, title = {{CVE-2022-30190: Microsoft Support Diagnostic Tool (MSDT) RCE Vulnerability “Follina”}}, date = {2022-06-01}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/analysis-of-follina-zero-day}, language = {English}, urldate = {2022-06-07} } CVE-2022-30190: Microsoft Support Diagnostic Tool (MSDT) RCE Vulnerability “Follina”
turian
2022-05-17FortinetGergely Revay, Shunichi Imano
@online{revay:20220517:chaos:9ff6ed3, author = {Gergely Revay and Shunichi Imano}, title = {{Chaos Ransomware Variant Sides with Russia}}, date = {2022-05-17}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/chaos-ransomware-variant-sides-with-russia}, language = {English}, urldate = {2022-05-25} } Chaos Ransomware Variant Sides with Russia
Chaos
2022-05-11FortinetFred Gutierrez
@online{gutierrez:20220511:please:f67f45c, author = {Fred Gutierrez}, title = {{Please Confirm You Received Our APT}}, date = {2022-05-11}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/please-confirm-you-received-our-apt}, language = {English}, urldate = {2022-05-17} } Please Confirm You Received Our APT
Saitama Backdoor
2022-05-03FortinetGergely Revay
@online{revay:20220503:unpacking:954f1d2, author = {Gergely Revay}, title = {{Unpacking Python Executables on Windows and Linux}}, date = {2022-05-03}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/unpacking-python-executables-windows-linux}, language = {English}, urldate = {2022-05-09} } Unpacking Python Executables on Windows and Linux
2022-04-29FortinetPaolo Di Prodi
@online{prodi:20220429:using:731242b, author = {Paolo Di Prodi}, title = {{Using EPSS to Predict Threats and Secure Your Network}}, date = {2022-04-29}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/predict-threats-and-secure-networks-with-epss}, language = {English}, urldate = {2022-05-09} } Using EPSS to Predict Threats and Secure Your Network
2022-04-29FortinetAxelle Apvrille
@online{apvrille:20220429:warning:a17311e, author = {Axelle Apvrille}, title = {{Warning: GRIM and Magnus Android Botnets are Underground}}, date = {2022-04-29}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/grim-magnus-android-botnets}, language = {English}, urldate = {2022-05-09} } Warning: GRIM and Magnus Android Botnets are Underground
2022-04-28FortinetGergely Revay
@online{revay:20220428:overview:0ac963f, author = {Gergely Revay}, title = {{An Overview of the Increasing Wiper Malware Threat}}, date = {2022-04-28}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/the-increasing-wiper-malware-threat}, language = {English}, urldate = {2022-04-29} } An Overview of the Increasing Wiper Malware Threat
AcidRain CaddyWiper DistTrack DoubleZero EternalPetya HermeticWiper IsaacWiper Olympic Destroyer Ordinypt WhisperGate ZeroCleare
2022-04-19FortinetGergely Revay
@online{revay:20220419:using:51d31d5, author = {Gergely Revay}, title = {{Using Emulation Against Anti-Reverse Engineering Techniques}}, date = {2022-04-19}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/Using-emulation-against-anti-reverse-engineering-techniques}, language = {English}, urldate = {2022-04-25} } Using Emulation Against Anti-Reverse Engineering Techniques
Pandora
2022-04-18FortinetErin Lin
@online{lin:20220418:trends:fab9950, author = {Erin Lin}, title = {{Trends in the Recent Emotet Maldoc Outbreak}}, date = {2022-04-18}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/Trends-in-the-recent-emotet-maldoc-outbreak}, language = {English}, urldate = {2022-04-20} } Trends in the Recent Emotet Maldoc Outbreak
Emotet
2022-04-12FortinetJoie Salvio, Roy Tay
@online{salvio:20220412:enemybot:a538c47, author = {Joie Salvio and Roy Tay}, title = {{Enemybot: A Look into Keksec's Latest DDoS Botnet}}, date = {2022-04-12}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/enemybot-a-look-into-keksecs-latest-ddos-botnet}, language = {English}, urldate = {2022-04-29} } Enemybot: A Look into Keksec's Latest DDoS Botnet
EnemyBot
2022-04-07FortinetGergely Revay, Shunichi Imano
@online{revay:20220407:looking:d148b0f, author = {Gergely Revay and Shunichi Imano}, title = {{Looking Inside Pandora’s Box}}, date = {2022-04-07}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/looking-inside-pandoras-box}, language = {English}, urldate = {2022-04-08} } Looking Inside Pandora’s Box
Pandora
2022-04-01FortinetJoie Salvio, Roy Tay
@online{salvio:20220401:fresh:1ba500a, author = {Joie Salvio and Roy Tay}, title = {{Fresh TOTOLINK Vulnerabilities Picked Up by Beastmode Mirai Campaign}}, date = {2022-04-01}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/totolink-vulnerabilities-beastmode-mirai-campaign}, language = {English}, urldate = {2022-04-05} } Fresh TOTOLINK Vulnerabilities Picked Up by Beastmode Mirai Campaign
Mirai
2022-03-30FortinetRotem Sde-Or, Eliran Voronovitch
@online{sdeor:20220330:new:8eeff0d, author = {Rotem Sde-Or and Eliran Voronovitch}, title = {{New Milestones for Deep Panda: Log4Shell and Digitally Signed Fire Chili Rootkits}}, date = {2022-03-30}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/deep-panda-log4shell-fire-chili-rootkits}, language = {English}, urldate = {2022-03-31} } New Milestones for Deep Panda: Log4Shell and Digitally Signed Fire Chili Rootkits
Fire Chili Ghost RAT
2022-03-28FortinetJames Slaughter, Val Saengphaibul, Fred Gutierrez
@online{slaughter:20220328:spoofed:0cd6f0e, author = {James Slaughter and Val Saengphaibul and Fred Gutierrez}, title = {{Spoofed Invoice Used to Drop IcedID}}, date = {2022-03-28}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/spoofed-invoice-drops-iced-id}, language = {English}, urldate = {2022-03-31} } Spoofed Invoice Used to Drop IcedID
IcedID
2022-03-23FortinetShunichi Imano, Val Saengphaibul
@online{imano:20220323:bad:06c3501, author = {Shunichi Imano and Val Saengphaibul}, title = {{Bad Actors Trying to Capitalize on Current Events via Shameless Email Scams}}, date = {2022-03-23}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/bad-actors-capitalize-current-events-email-scams}, language = {English}, urldate = {2022-03-25} } Bad Actors Trying to Capitalize on Current Events via Shameless Email Scams
Emotet
2022-03-23FortinetXiaopeng Zhang
@online{zhang:20220323:ms:946096e, author = {Xiaopeng Zhang}, title = {{MS Office Files Involved Again in Recent Emotet Trojan Campaign – Part II}}, date = {2022-03-23}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ms-office-files-involved-again-in-recent-emotet-trojan-campaign-part-ii}, language = {English}, urldate = {2022-03-25} } MS Office Files Involved Again in Recent Emotet Trojan Campaign – Part II
Emotet
2022-03-07FortinetXiaopeng Zhang
@online{zhang:20220307:ms:b388372, author = {Xiaopeng Zhang}, title = {{MS Office Files Involved Again in Recent Emotet Trojan Campaign – Part I}}, date = {2022-03-07}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/ms-office-files-involved-in-emotet-trojan-campaign-pt-one}, language = {English}, urldate = {2022-03-08} } MS Office Files Involved Again in Recent Emotet Trojan Campaign – Part I
Emotet
2022-03-07FortinetJames Slaughter, Fred Gutierrez, Val Saengphaibul
@online{slaughter:20220307:fake:8999835, author = {James Slaughter and Fred Gutierrez and Val Saengphaibul}, title = {{Fake Purchase Order Used to Deliver Agent Tesla}}, date = {2022-03-07}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/fake-purchase-order-used-to-deliver-agent-tesla}, language = {English}, urldate = {2022-03-08} } Fake Purchase Order Used to Deliver Agent Tesla
Agent Tesla
2022-02-25FortinetRotem Sde-Or
@online{sdeor:20220225:hunt:7022dcc, author = {Rotem Sde-Or}, title = {{The Hunt for the Lost Soul: Unraveling the Evolution of the SoulSearcher Malware}}, date = {2022-02-25}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/unraveling-the-evolution-of-the-soul-searcher-malware}, language = {English}, urldate = {2022-03-02} } The Hunt for the Lost Soul: Unraveling the Evolution of the SoulSearcher Malware
Soul
2022-02-24FortinetFred Gutierrez
@online{gutierrez:20220224:nobelium:46d943e, author = {Fred Gutierrez}, title = {{Nobelium Returns to the Political World Stage}}, date = {2022-02-24}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/nobelium-returns-to-the-political-world-stage}, language = {English}, urldate = {2022-03-02} } Nobelium Returns to the Political World Stage
Cobalt Strike